Adding in Azure AKS Support

6b36aeb6 · Daniel Scholl · fa7fefa1 · 6b36aeb6 · 6b36aeb6 · 6b36aeb6
Commit 6b36aeb6 authored Aug 28, 2020 by Daniel Scholl
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -10,6 +10,7 @@ include:
    file: "build/maven.yml"
  - project: "osdu/platform/ci-cd-pipelines"
    file: "cloud-providers/azure.yml"
+    ref: azure-aks
  - project: "osdu/platform/ci-cd-pipelines"
    file: "scanners/fossa.yml"
  - project: "osdu/platform/ci-cd-pipelines"

--- a/devops/azure/README.md
+++ b/devops/azure/README.md
+# Pipeline Support Commands
+
+```bash
+AZURE_SERVICE="entitlements"
+REPO_BRANCH="master"
+TAG="latest"
+PARTIAL=${REPO_BRANCH/\//-}
+BRANCH=${PARTIAL/./-}
+
+echo "--set image.branch=$BRANCH --set image.tag=$TAG"
+
+# Remove the Service
+kubectl delete deployment osdu-gitlab-entitlements-azure
+kubectl delete service osdu-gitlab-entitlements-azure
+
+# Install the Service
+helm upgrade -i osdu-gitlab chart --set image.branch=$BRANCH --set image.tag=$TAG
+pod=$(kubectl get pod |grep $AZURE_SERVICE |awk '{print $1}')
+status=$(kubectl wait --for=condition=Ready pod/$pod --timeout=60s)
+if [[ "$status" != *"met"* ]]; then echo "POD didn't start correctly" ; exit 1 ; fi
+```
--- a/devops/azure/chart/Chart.yaml
+++ b/devops/azure/chart/Chart.yaml
+#  Copyright © Microsoft Corporation
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+apiVersion: v2
+name: entitlements-azure
+appVersion: "latest"
+description: Helm Chart for installing entitlements-azure service.
+version: 0.1.0
+type: application
--- a/devops/azure/chart/templates/deployment.yaml
+++ b/devops/azure/chart/templates/deployment.yaml
+#  Copyright © Microsoft Corporation
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ .Release.Name }}-{{ .Chart.Name }}
+  namespace: osdu
+spec:
+  replicas: {{ .Values.global.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ .Release.Name }}-{{ .Chart.Name }}
+  template:
+    metadata:
+      labels:
+        app: {{ .Release.Name }}-{{ .Chart.Name }}
+        aadpodidbinding: osdu-identity
+    spec:
+      volumes:
+      - name: azure-keyvault
+        csi:
+          driver: secrets-store.csi.k8s.io
+          readOnly: true
+          volumeAttributes:
+            secretProviderClass: azure-keyvault
+      containers:
+      - name: {{ .Release.Name }}-{{ .Chart.Name }}
+        image: {{ .Values.image.repository }}/{{ .Chart.Name }}-{{ .Values.image.branch }}:{{ .Values.image.tag | default .Chart.AppVersion }}
+        imagePullPolicy: Always
+        ports:
+        - containerPort: 80
+        readinessProbe:
+          httpGet:
+            path: /entitlements/v1/swagger-ui.html
+            port: 80
+        volumeMounts:
+        - name: azure-keyvault
+          mountPath: "/mnt/azure-keyvault"
+          readOnly: true
+        env:
+        - name: spring_application_name
+          value: entitlements-azure
+        - name: server.servlet.contextPath
+          value: /entitlements/v1/
+        - name: server_port
+          value: "80"
+        - name: KEYVAULT_URI
+          valueFrom:
+            configMapKeyRef:
+              name: osdu-svc-properties
+              key: ENV_KEYVAULT
+        - name: AZURE_CLIENT_ID
+          valueFrom:
+            secretKeyRef:
+              name: clientid
+              key: clientid
+        - name: AZURE_CLIENT_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: clientpassword
+              key: clientpassword
+        - name: AZURE_TENANT_ID
+          valueFrom:
+            configMapKeyRef:
+              name: osdu-svc-properties
+              key: ENV_TENANT_ID
+        - name: aad_client_id
+          valueFrom:
+            secretKeyRef:
+              name: appid
+              key: appid
+        - name: appinsights_key
+          valueFrom:
+            secretKeyRef:
+              name: appinsights
+              key: appinsights
+        - name: azure_activedirectory_session_stateless
+          value: "true"
+        - name: azure_activedirectory_AppIdUri
+          value: "api://$(aad_client_id)"
+        - name: cosmosdb_database
+          value: osdu-db
+        - name: service_domain_name
+          value: contoso.com
--- a/devops/azure/chart/templates/service.yaml
+++ b/devops/azure/chart/templates/service.yaml
+#  Copyright © Microsoft Corporation
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ .Release.Name }}-{{ .Chart.Name }}
+  namespace: osdu
+spec:
+  type: ClusterIP
+  ports:
+  - protocol: TCP
+    port: 80
+    targetPort: 80
+  selector:
+    app: {{ .Release.Name }}-{{ .Chart.Name }}
--- a/devops/azure/chart/values.yaml
+++ b/devops/azure/chart/values.yaml
+#  Copyright © Microsoft Corporation
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+global:
+  replicaCount: 1
+
+image:
+  repository: community.opengroup.org:5555/osdu/platform/security-and-compliance/entitlements-azure
+  branch: master
+  tag: latest
--- a/devops/azure/release.yaml
+++ b/devops/azure/release.yaml
+---
+# Source: entitlements-azure/templates/service.yaml
+#  Copyright © Microsoft Corporation
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: osdu-flux-entitlements-azure
+  namespace: osdu
+spec:
+  type: ClusterIP
+  ports:
+  - protocol: TCP
+    port: 80
+    targetPort: 80
+  selector:
+    app: osdu-flux-entitlements-azure
+---
+# Source: entitlements-azure/templates/deployment.yaml
+#  Copyright © Microsoft Corporation
+#
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: osdu-flux-entitlements-azure
+  namespace: osdu
+spec:
+  replicas: 2
+  selector:
+    matchLabels:
+      app: osdu-flux-entitlements-azure
+  template:
+    metadata:
+      labels:
+        app: osdu-flux-entitlements-azure
+        aadpodidbinding: osdu-identity
+    spec:
+      volumes:
+      - name: azure-keyvault
+        csi:
+          driver: secrets-store.csi.k8s.io
+          readOnly: true
+          volumeAttributes:
+            secretProviderClass: azure-keyvault
+      containers:
+      - name: osdu-flux-entitlements-azure
+        image: community.opengroup.org:5555/osdu/platform/security-and-compliance/entitlements-azure/entitlements-azure-master:latest
+        imagePullPolicy: Always
+        ports:
+        - containerPort: 80
+        readinessProbe:
+          httpGet:
+            path: /entitlements/v1/swagger-ui.html
+            port: 80
+        volumeMounts:
+        - name: azure-keyvault
+          mountPath: "/mnt/azure-keyvault"
+          readOnly: true
+        env:
+        - name: spring_application_name
+          value: entitlements-azure
+        - name: server.servlet.contextPath
+          value: /entitlements/v1/
+        - name: server_port
+          value: "80"
+        - name: KEYVAULT_URI
+          valueFrom:
+            configMapKeyRef:
+              name: osdu-svc-properties
+              key: ENV_KEYVAULT
+        - name: AZURE_CLIENT_ID
+          valueFrom:
+            secretKeyRef:
+              name: clientid
+              key: clientid
+        - name: AZURE_CLIENT_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: clientpassword
+              key: clientpassword
+        - name: AZURE_TENANT_ID
+          valueFrom:
+            configMapKeyRef:
+              name: osdu-svc-properties
+              key: ENV_TENANT_ID
+        - name: aad_client_id
+          valueFrom:
+            secretKeyRef:
+              name: appid
+              key: appid
+        - name: appinsights_key
+          valueFrom:
+            secretKeyRef:
+              name: appinsights
+              key: appinsights
+        - name: azure_activedirectory_session_stateless
+          value: "true"
+        - name: azure_activedirectory_AppIdUri
+          value: "api://$(aad_client_id)"
+        - name: cosmosdb_database
+          value: osdu-db
+        - name: service_domain_name
+          value: contoso.com