Commit a563becb authored by Siarhei Khaletski (EPAM)'s avatar Siarhei Khaletski (EPAM) 🚩
Browse files

Merge branch 'gcp-metadata-use' into 'master'

GCP metadata token

See merge request !261
parents 8c41cd7f eeb938b4
Pipeline #70008 failed with stages
in 79 minutes and 57 seconds
......@@ -41,4 +41,4 @@ secrets/
**/.DS_Store
.vscode
\ No newline at end of file
.vscode
......@@ -32,8 +32,8 @@ variables:
OSDU_GCP_SERVICE: wellbore
OSDU_GCP_VENDOR: gcp
OSDU_GCP_HELM_PACKAGE_CHARTS: "devops/gcp/deploy devops/gcp/configmap"
OSDU_GCP_HELM_CONFIG_SERVICE_VARS: "--set data.os_wellbore_ddms_data_project_id=$OSDU_GCP_PROJECT --set data.service_host_search=$OSDU_GCP_SERVICE_HOST_SEARCH --set data.sa_key=$OSDU_GCP_INTEGRATION_TESTER"
OSDU_GCP_HELM_DEPLOYMENT_SERVICE_VARS: "--set data.image=$CI_REGISTRY_IMAGE/osdu-gcp:$CI_COMMIT_SHORT_SHA"
OSDU_GCP_HELM_CONFIG_SERVICE_VARS: "--set data.os_wellbore_ddms_data_project_id=$OSDU_GCP_PROJECT"
OSDU_GCP_HELM_DEPLOYMENT_SERVICE_VARS: "--set data.image=$CI_REGISTRY_IMAGE/osdu-gcp:$CI_COMMIT_SHORT_SHA --set data.serviceAccountName=workload-identity-wellbore"
OSDU_GCP_HELM_CONFIG_SERVICE: wellbore-config
OSDU_GCP_HELM_DEPLOYMENT_SERVICE: wellbore-deploy
OSDU_GCP_INT_TEST_TYPE: python
......
......@@ -314,9 +314,24 @@ def cloud_provider_additional_environment(config: ConfigurationContainer):
config.add_from_env(attribute_name='default_data_tenant_credentials',
env_var_key='OS_WELLBORE_DDMS_DATA_PROJECT_CREDENTIALS',
description='path to the key file of the SA to access the data tenant',
is_mandatory=True,
is_mandatory=False,
override=True,
validator=validator_path_must_exist,
default=None)
config.add_from_env(attribute_name='service_host_storage',
env_var_key='SERVICE_HOST_STORAGE',
description='Back-end for storage service',
is_mandatory=False,
override=True,
default='http://storage/api/storage')
config.add_from_env(attribute_name='service_host_search',
env_var_key='SERVICE_HOST_SEARCH',
description='Back-end for search service',
is_mandatory=False,
override=True,
validator=validator_path_must_exist)
default='http://search/api/search')
if provider == 'ibm':
config.add_from_env(attribute_name='default_data_tenant_project_id',
......
kind: Secret
apiVersion: v1
metadata:
name: "{{ .Values.conf.secret_name }}"
namespace: "{{ .Release.Namespace }}"
type: Opaque
data:
"key.json": "{{ .Values.data.sa_key }}"
......@@ -8,6 +8,4 @@ metadata:
data:
CLOUD_PROVIDER: "gcp"
OS_WELLBORE_DDMS_DATA_PROJECT_ID: "{{ .Values.data.os_wellbore_ddms_data_project_id }}"
SERVICE_HOST_SEARCH: "{{ .Values.data.service_host_search }}"
SERVICE_HOST_STORAGE: "{{ .Values.data.service_host_storage }}"
OS_WELLBORE_DDMS_DATA_PROJECT_CREDENTIALS : "{{ .Values.data.os_wellbore_ddms_data_project_credentials }}"
......@@ -4,12 +4,7 @@
data:
os_wellbore_ddms_data_project_id: ""
os_wellbore_ddms_data_project_credentials: "/tmp/key/key.json"
service_host_search: "http://search/api/search"
service_host_storage: "http://storage/api/storage"
sa_key: ""
conf:
configmap: "wellbore-config"
app_name: "wellbore"
secret_name: "wellbore-secret"
......@@ -18,15 +18,9 @@ spec:
rollme: {{ randAlphaNum 5 | quote }}
sidecar.istio.io/rewriteAppHTTPProbers: "true"
spec:
volumes:
- name: service-account-key
secret:
secretName: "{{ .Values.conf.secret_name }}"
serviceAccountName: "{{ .Values.data.serviceAccountName }}"
containers:
- name: "{{ .Values.conf.app_name }}"
volumeMounts:
- mountPath: /tmp/key
name: service-account-key
image: "{{ .Values.data.image }}"
imagePullPolicy: Always
envFrom:
......
......@@ -8,8 +8,9 @@ data:
limits_cpu: "1"
limits_memory: "2G"
image: "community.opengroup.org:5555/osdu/platform/domain-data-mgmt-services/wellbore/wellbore-domain-services/osdu-gcp:latest"
serviceAccountName: ""
conf:
configmap: "wellbore-config"
app_name: "wellbore"
secret_name: "wellbore-secret"
......@@ -86,8 +86,7 @@ def test_gcp_configuration_checker(gcp_config_fixture):
assert "default_data_tenant_project_id" in variables_dict.keys()
assert "default_data_tenant_credentials" in variables_dict.keys()
with pytest.raises(RuntimeError, match=".*Incorrect .* env var OS_WELLBORE_DDMS_DATA_PROJECT_CREDENTIALS.*"):
check_environment(gcp_config)
check_environment(gcp_config)
def test_azure_configuration_checker(azure_config_fixture):
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment