Commit e472b738 authored by Oleksandr Kosse (EPAM)'s avatar Oleksandr Kosse (EPAM)
Browse files

Merge branch 'GONRG-4323_bootstrap_job_for_partition' into 'master'

GONRG-4323: bootstrap job for partition

See merge request !276
parents 3fdcae1c dd13c3d6
Pipeline #100721 passed with stage
in 1 minute and 1 second
......@@ -2,7 +2,6 @@
set -ex
IDENTITY_TOKEN=$(gcloud auth print-identity-token --audiences="${AUDIENCES}")
DATA_PARTITION_ID_UPPER=${DATA_PARTITION_ID^^}
generate_post_data()
......@@ -16,7 +15,7 @@ generate_post_data()
},
"serviceAccount": {
"sensitive": false,
"value": "${DATAFIER_SA}@${PROJECT_ID}.iam.gserviceaccount.com"
"value": "${SERVICEACCOUNT}"
},
"complianceRuleSet": {
"sensitive": false,
......@@ -42,13 +41,86 @@ generate_post_data()
"sensitive": false,
"value": "[${DATA_PARTITION_ID},${DATA_PARTITION_ID}]"
},
"elasticsearch.host": {
"osm.postgres.datasource.url": {
"sensitive": true,
"value": "POSTGRES_DATASOURCE_URL_${DATA_PARTITION_ID_UPPER}"
},
"osm.postgres.datasource.username": {
"sensitive": true,
"value": "POSTGRES_DB_USERNAME_${DATA_PARTITION_ID_UPPER}"
},
"osm.postgres.datasource.password": {
"sensitive": true,
"value": "POSTGRES_DB_PASSWORD_${DATA_PARTITION_ID_UPPER}"
},
"obm.minio.endpoint": {
"sensitive": false,
"value": "${ELASTIC_HOST}"
"value": "http://minio:9000"
},
"elasticsearch.port": {
"file.minio.endpoint": {
"sensitive": false,
"value": "https://s3.${DOMAIN}"
},
"obm.minio.accessKey": {
"sensitive": true,
"value": "MINIO_ACCESS_KEY"
},
"obm.minio.secretKey": {
"sensitive": true,
"value": "MINIO_SECRET_KEY"
},
"oqm.rabbitmq.amqp.host": {
"sensitive": false,
"value": "rabbitmq"
},
"oqm.rabbitmq.amqp.port": {
"sensitive": false,
"value": "5672"
},
"oqm.rabbitmq.amqp.path": {
"sensitive": false,
"value": ""
},
"oqm.rabbitmq.amqp.username": {
"sensitive": true,
"value": "RABBITMQ_ADMIN_USERNAME"
},
"oqm.rabbitmq.amqp.password": {
"sensitive": true,
"value": "RABBITMQ_ADMIN_PASSWORD"
},
"oqm.rabbitmq.admin.schema": {
"sensitive": false,
"value": "${ELASTIC_PORT}"
"value": "http"
},
"oqm.rabbitmq.admin.host": {
"sensitive": false,
"value": "rabbitmq"
},
"oqm.rabbitmq.admin.port": {
"sensitive": false,
"value": "15672"
},
"oqm.rabbitmq.admin.path": {
"sensitive": false,
"value": "/api"
},
"oqm.rabbitmq.admin.username": {
"sensitive": true,
"value": "RABBITMQ_ADMIN_USERNAME"
},
"oqm.rabbitmq.admin.password": {
"sensitive": true,
"value": "RABBITMQ_ADMIN_PASSWORD"
},
"elasticsearch.host": {
"sensitive": true,
"value": "ELASTIC_HOST_${DATA_PARTITION_ID_UPPER}"
},
"elasticsearch.port": {
"sensitive": true,
"value": "ELASTIC_PORT_${DATA_PARTITION_ID_UPPER}"
},
"elasticsearch.user": {
"sensitive": true,
......@@ -66,23 +138,55 @@ EOF
echo "sleep to prevent 500 response from the partition service, due to timeout of creation for Workload Identity"
sleep 20
status_code=$(curl -X POST \
--url "http://${PARTITION_NAME}/api/partition/v1/partitions/${DATA_PARTITION_ID}" --write-out "%{http_code}" --silent --output "/dev/null" \
-H "Authorization: Bearer ${IDENTITY_TOKEN}" \
-H "Content-Type: application/json" \
--data-raw "$(generate_post_data)")
if [ "$ENVIRONMENT" == "anthos" ]
then
SERVICEACCOUNT=$CLIENT_ID@service.local
if [ "$status_code" == 201 ]
then
echo "partition bootstrap was OK!"
elif [ "$status_code" == 409 ]
status_code=$(curl -X POST \
--url "http://${PARTITION_NAME}/api/partition/v1/partitions/${DATA_PARTITION_ID}" --write-out "%{http_code}" --silent --output "/dev/null" \
-H "Content-Type: application/json" \
--data-raw "$(generate_post_data)")
if [ "$status_code" == 201 ]
then
echo "partition bootstrap was OK!"
elif [ "$status_code" == 409 ]
then
curl -X PATCH \
--url "http://${PARTITION_NAME}/api/partition/v1/partitions/${DATA_PARTITION_ID}" --write-out "%{http_code}" --silent --output "/dev/null" \
-H "Content-Type: application/json" \
--data-raw "$(generate_post_data)"
echo "partition was patched because datastore has already had some entities!"
else
exit 1
fi
elif [ "$ENVIRONMENT" == "" ]
then
curl -X PATCH \
--url "http://${PARTITION_NAME}/api/partition/v1/partitions/${DATA_PARTITION_ID}" --write-out "%{http_code}" --silent --output "/dev/null" \
-H "Authorization: Bearer ${IDENTITY_TOKEN}" \
-H "Content-Type: application/json" \
--data-raw "$(generate_post_data)"
echo "partition was patched because datastore has already had some entities!"
else
exit 1
IDENTITY_TOKEN="gcloud auth print-identity-token --audiences=${AUDIENCES}"
SERVICEACCOUNT=${DATAFIER_SA}@${PROJECT_ID}.iam.gserviceaccount.com
status_code=$(curl -X POST \
--url "http://${PARTITION_NAME}/api/partition/v1/partitions/${DATA_PARTITION_ID}" --write-out "%{http_code}" --silent --output "/dev/null" \
-H "Authorization: Bearer ${IDENTITY_TOKEN}" \
-H "Content-Type: application/json" \
--data-raw "$(generate_post_data)")
if [ "$status_code" == 201 ]
then
echo "partition bootstrap was OK!"
elif [ "$status_code" == 409 ]
then
curl -X PATCH \
--url "http://${PARTITION_NAME}/api/partition/v1/partitions/${DATA_PARTITION_ID}" --write-out "%{http_code}" --silent --output "/dev/null" \
-H "Authorization: Bearer ${IDENTITY_TOKEN}" \
-H "Content-Type: application/json" \
--data-raw "$(generate_post_data)"
echo "partition was patched because datastore has already had some entities!"
else
exit 1
fi
fi
......@@ -105,3 +105,11 @@ dependencies:
version: 0.1.0
repository: https://community.opengroup.org/api/v4/projects/22/packages/helm/stable
condition: gcp-crs-conversion-deploy.enabled
- name: gcp-partition-deploy
version: 0.1.0
repository: https://community.opengroup.org/api/v4/projects/221/packages/helm/stable
condition: gcp-partition-deploy.enabled
- name: gcp-partition-configmap
version: 0.1.0
repository: https://community.opengroup.org/api/v4/projects/221/packages/helm/stable
condition: gcp-partition-configmap.enabled
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "{{ .Values.partitionBootstrap.conf.app_name }}"
name: "{{ .Values.partitionBootstrap.conf.configmap }}"
namespace: "{{ .Release.Namespace }}"
data:
DOMAIN: "{{ .Values.domain.name }}"
PROJECT_ID: "{{ .Values.partitionBootstrap.data.project_id }}"
DATA_PARTITION_ID: "{{ .Values.bootstrap.infra.secret.dataPartitionId }}"
PARTITION_NAME: "{{ .Values.partitionBootstrap.data.partition_name }}"
ENVIRONMENT: "{{ .Values.partitionBootstrap.data.environment }}"
CLIENT_ID: "{{ .Values.partitionBootstrap.data.client_id }}"
apiVersion: batch/v1
kind: Job
metadata:
name: "{{ .Values.partitionBootstrap.conf.app_name }}-bootstrap-job"
namespace: "{{ .Release.Namespace }}"
annotations:
helm.sh/hook: post-install,post-upgrade
helm.sh/hook-weight: "20"
spec:
template:
spec:
containers:
- name: "{{ .Values.partitionBootstrap.conf.app_name }}-bootstrap-job"
image: "{{ .Values.partitionBootstrap.data.bootstrap_image_partition }}"
envFrom:
- configMapRef:
name: "{{ .Values.partitionBootstrap.conf.app_name }}-bootstrap-config"
restartPolicy: Never
backoffLimit: 3
......@@ -326,3 +326,64 @@ gcp-crs-conversion-deploy:
on_prem_enabled: true
# --- End of Crs-conversion values --- #
# --- Partition values --- #
gcp-partition-deploy:
enabled: true
data:
requests_cpu: "0.1"
requests_memory: "256M"
limits_cpu: "1"
limits_memory: "1G"
serviceAccountName: ""
imagePullPolicy: "IfNotPresent"
image: "community.opengroup.org:5555/osdu/platform/system/partition/osdu-gcp:latest"
conf:
configmap: "partition-config"
secret: "partition-secret"
app_name: "partition"
on_prem_enabled: true
namespacePolicy:
mtlsMode: STRICT
authorizations:
partitionPolicy:
matchLabels:
app: partition
rules:
- bootstrap_namespace: config
gcp-partition-configmap:
enabled: true
data:
log_level: "INFO"
partition_property_kind: ""
partition_namespace: ""
spring_profiles_active: "anthos"
secret:
osm_postgres_password: "" # in base64
osm_postgres_url: "" # in base64
osm_postgres_username: "" # in base64
conf:
configmap: "partition-config"
secret: "partition-secret"
app_name: "partition"
on_prem_enabled: true
# bootstrap values
partitionBootstrap:
enabled: true
data:
client_id: ""
environment: "anthos"
partition_name: "partition.default.svc.cluster.local"
project_id: ""
bootstrap_image_partition: "community.opengroup.org:5555/osdu/platform/deployment-and-operations/infra-gcp-provisioning/osdu-bootstrap-partition"
conf:
configmap: "partition-bootstrap-config"
app_name: "partition"
# --- Partition values --- #
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment