Commit fb2d0de6 authored by Rucha Deshpande's avatar Rucha Deshpande
Browse files

Merge branch 'dev' into deshruch

parents d6b1479b 66be434f
......@@ -4,14 +4,17 @@ variables:
OSDU_GCP_VENDOR: gcp
OSDU_GCP_SERVICE: notification
OSDU_GCP_REGISTER_BASE_URL: https://os-register-attcrcktoa-uc.a.run.app/api/register/v1
OSDU_GCP_ENV_VARS: APP_PROJECT=$OSDU_GCP_PROJECT,APP_ENTITLEMENTS=$OSDU_GCP_ENTITLEMENTS_URL,APP_REGISTER=$OSDU_GCP_REGISTER_BASE_URL,APP_GOOGLEAUDIENCE=$GOOGLE_AUDIENCE
OSDU_GCP_ENV_VARS: APP_PROJECT=$OSDU_GCP_PROJECT,APP_ENTITLEMENTS=$OSDU_GCP_ENTITLEMENTS_V2_URL,APP_REGISTER=$OSDU_GCP_REGISTER_BASE_URL,APP_GOOGLEAUDIENCE=$GOOGLE_AUDIENCE,PARTITION_API=$OSDU_GCP_PARTITION_API,GOOGLE_AUDIENCES=$GOOGLE_AUDIENCE
OSDU_GCP_ENVIRONMENT: dev_gke
OSDU_GCP_LOG_LEVEL: INFO
OSDU_GCP_HELM_PACKAGE_CHARTS: "devops/gcp/deploy devops/gcp/configmap"
AWS_BUILD_SUBDIR: provider/notification-aws/build-aws
AWS_TEST_SUBDIR: testing/notification-test-aws
AWS_SERVICE: notification
AWS_ENVIRONMENT: dev
AWS_DEPLOY_TARGET: EKS
AWS_EKS_DEPLOYMENT_NAME: os-notification
AZURE_SERVICE: notification
AZURE_BUILD_SUBDIR: provider/notification-azure
......
This diff is collapsed.
......@@ -17,6 +17,8 @@ global:
# Service(s) Replica Count
replicaCount: 1
nodepool: services
isAutoscalingEnabled: false
################################################################################
# Specify the Gitlab branch being used for image creation
......@@ -26,3 +28,5 @@ image:
repository: #{container-registry}#.azurecr.io
branch: #{ENVIRONMENT_NAME}#
tag: #{Build.SourceVersion}#
istioDnsHost: #{ISTIO_DNS_HOST}#
\ No newline at end of file
# Source: istio/templates/notification.yaml
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
name: notification-sb-jwt-authz
namespace: osdu
spec:
selector:
matchLabels:
app: notification-sb
action: DENY
rules:
- from:
- source:
notRequestPrincipals: ["*"]
to:
- operation:
notPaths: ["/","*/swagger-resources","*/swagger",
"/api/notification/v1/swagger-resources/*","*/swagger-ui.html","*/actuator/health"]
\ No newline at end of file
......@@ -28,6 +28,10 @@ spec:
app: {{ .Chart.Name }}
aadpodidbinding: osdu-identity
spec:
{{- if .Values.global.isAutoscalingEnabled }}
nodeSelector:
nodepool: {{ .Values.global.nodepool }}
{{- end }}
volumes:
- name: azure-keyvault
csi:
......@@ -58,6 +62,8 @@ spec:
value: /api/notification/v1
- name: server_port
value: "80"
- name: notification_spring_logging_level
value: INFO
- name: KEYVAULT_URI
valueFrom:
configMapKeyRef:
......@@ -77,9 +83,27 @@ spec:
value: osdu-db
- name: entitlements_service_endpoint
value: http://entitlements/api/entitlements/v2
- name: entitlements_service_api_key
value: "OBSOLETE"
- name: registeration_service_endpoint
value: http://register/api/register/v1
- name: partition_service_endpoint
value: http://partition/api/partition/v1
- name: maxCacheSize
value: "20"
\ No newline at end of file
value: "20"
- name: max_concurrent_calls
value: "3"
- name: executor_n_threads
value: "32"
- name: max_lock_renew_duration_seconds
value: "2000"
- name: initial_subscription_manager_delay_seconds
value: "0"
- name: consecutive_subscription_manager_delay_seconds
value: "1800"
- name: service_bus_enabled
value: "false"
- name: event_grid_to_service_bus_enabled
value: "false"
- name: event_grid_enabled
value: "true"
\ No newline at end of file
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}-sb
namespace: osdu
spec:
replicas: {{ .Values.global.replicaCount }}
selector:
matchLabels:
app: {{ .Chart.Name }}-sb
template:
metadata:
labels:
app: {{ .Chart.Name }}-sb
aadpodidbinding: osdu-identity
spec:
volumes:
- name: azure-keyvault
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: azure-keyvault
containers:
- name: {{ .Chart.Name }}-sb
image: {{ .Values.image.repository }}/{{ .Chart.Name }}-{{ .Values.image.branch }}:{{ .Values.image.tag | default .Chart.AppVersion }}
imagePullPolicy: Always
ports:
- containerPort: 81
readinessProbe:
httpGet:
path: /api/notification/v1/swagger-ui.html
port: 81
volumeMounts:
- name: azure-keyvault
mountPath: "/mnt/azure-keyvault"
readOnly: true
env:
- name: spring_application_name
value: notification-sb-azure
- name: LOG_PREFIX
value: "notification-sb"
- name: server.servlet.contextPath
value: /api/notification/v1
- name: server_port
value: "81"
- name: notification_spring_logging_level
value: INFO
- name: KEYVAULT_URI
valueFrom:
configMapKeyRef:
name: osdu-svc-properties
key: ENV_KEYVAULT
- name: aad_client_id
valueFrom:
secretKeyRef:
name: active-directory
key: application-appid
- name: appinsights_key
valueFrom:
secretKeyRef:
name: central-logging
key: appinsights
- name: cosmosdb_database
value: osdu-db
- name: entitlements_service_endpoint
value: http://entitlements/api/entitlements/v2
- name: entitlements_service_api_key
value: "OBSOLETE"
- name: registeration_service_endpoint
value: http://register/api/register/v1
- name: partition_service_endpoint
value: http://partition/api/partition/v1
- name: maxCacheSize
value: "20"
- name: max_concurrent_calls
value: "3"
- name: executor_n_threads
value: "32"
- name: max_lock_renew_duration_seconds
value: "500"
- name: initial_subscription_manager_delay_seconds
value: "0"
- name: consecutive_subscription_manager_delay_seconds
value: "600"
- name: service_bus_enabled
value: "true"
- name: event_grid_to_service_bus_enabled
value: "false"
- name: event_grid_enabled
value: "false"
\ No newline at end of file
# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: v1
kind: Service
metadata:
name: {{ .Chart.Name }}-sb
namespace: osdu
spec:
type: ClusterIP
ports:
- protocol: TCP
port: 81
targetPort: 81
selector:
app: {{ .Chart.Name }}-sb
\ No newline at end of file
---
# Source: /devops/azure/chart/templates/virtual-service.yaml
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: {{ .Chart.Name }}
namespace: osdu
spec:
hosts:
- "{{ .Values.istioDnsHost }}"
gateways:
- istio-gateway
http:
- match:
- uri:
prefix: "/api/{{ .Chart.Name }}/v1"
route:
- destination:
host: {{ .Chart.Name }}
port:
number: 80
corsPolicy:
maxAge: "60m"
allowCredentials: true
allowHeaders:
- Authorization
- Data-Partition-Id
- Correlation-Id
- Content-Type
allowMethods:
- POST
- GET
- PUT
- PATCH
- DELETE
allowOrigins:
- prefix: "*"
\ No newline at end of file
......@@ -14,8 +14,12 @@
global:
replicaCount: 1
nodepool: services
isAutoscalingEnabled: false
image:
repository: community.opengroup.org:5555/osdu/platform/system/notification
branch: master
tag: latest
\ No newline at end of file
tag: latest
istioDnsHost: ""
\ No newline at end of file
......@@ -57,8 +57,8 @@ stages:
parameters:
mavenGoal: 'package'
mavenPublishJUnitResults: true
serviceCoreMavenOptions: '-P notification-core --settings .mvn/community-maven.settings.xml'
mavenOptions: '-P notification-azure --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
serviceCoreMavenOptions: '-pl notification-core --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
mavenOptions: '-pl provider/notification-azure --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
copyFileContents: |
pom.xml
provider/notification-azure/maven/settings.xml
......
......@@ -57,8 +57,9 @@ stages:
parameters:
mavenGoal: 'package'
mavenPublishJUnitResults: true
serviceCoreMavenOptions: '-P notification-core --settings .mvn/community-maven.settings.xml'
mavenOptions: '-P notification-azure --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
serviceCoreMavenOptions: '-pl notification-core --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
mavenOptions: '-pl provider/notification-azure --settings .mvn/community-maven.settings.xml -Dmaven.repo.local=$(MAVEN_CACHE_FOLDER)'
copyFileContents: |
pom.xml
provider/notification-azure/maven/settings.xml
......
apiVersion: v2
name: gcp-notification-configmap
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"
apiVersion: v1
kind: ConfigMap
metadata:
labels:
app: "{{ .Values.conf.app_name }}"
name: "{{ .Values.conf.configmap }}"
namespace: "{{ .Release.Namespace }}"
data:
LOG_LEVEL: "{{ .Values.data.log_level }}"
APP_PROJECT: "{{ .Values.data.app_project }}"
APP_ENTITLEMENTS: "{{ .Values.data.app_entitlements }}"
APP_REGISTER: "{{ .Values.data.app_register }}"
APP_GOOGLEAUDIENCE: "{{ .Values.data.app_googleaudience }}"
PARTITION_API: "{{ .Values.data.partition_api }}"
GOOGLE_AUDIENCES: "{{ .Values.data.google_audiences }}"
data:
log_level: "INFO"
app_project: ""
app_entitlements: "http://entitlements/api/entitlements/v2/"
app_register: "http://register/api/register/v1"
app_googleaudience: ""
partition_api: "http://partition/api/partition/v1/"
google_audiences: ""
conf:
configmap: "notification-config"
app_name: "notification"
apiVersion: v2
name: gcp-notification-deploy
description: A Helm chart for Kubernetes
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "1.16.0"
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: "{{ .Values.conf.app_name }}"
name: "{{ .Values.conf.app_name }}"
namespace: "{{ .Release.Namespace }}"
spec:
selector:
matchLabels:
app: "{{ .Values.conf.app_name }}"
replicas: 1
template:
metadata:
labels:
app: "{{ .Values.conf.app_name }}"
annotations:
rollme: {{ randAlphaNum 5 | quote }}
spec:
containers:
- name: "{{ .Values.conf.app_name }}"
image: "{{ .Values.data.image }}"
envFrom:
- configMapRef:
name: "{{ .Values.conf.configmap }}"
securityContext:
allowPrivilegeEscalation: false
runAsUser: 0
ports:
- containerPort: 8080
resources:
requests:
cpu: "{{ .Values.data.requests_cpu }}"
memory: "{{ .Values.data.requests_memory }}"
limits:
cpu: "{{ .Values.data.limits_cpu }}"
memory: "{{ .Values.data.limits_memory }}"
serviceAccountName: "{{ .Values.data.serviceAccountName }}"
apiVersion: v1
kind: Service
metadata:
name: "{{ .Values.conf.app_name }}"
annotations:
cloud.google.com/neg: '{"ingress": true}'
namespace: "{{ .Release.Namespace }}"
labels:
app: "{{ .Values.conf.app_name }}"
service: "{{ .Values.conf.app_name }}"
spec:
ports:
- protocol: TCP
port: 80
targetPort: 8080
name: http
selector:
app: "{{ .Values.conf.app_name }}"
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: "{{ .Values.conf.app_name }}"
namespace: "{{ .Release.Namespace }}"
spec:
hosts:
- "*"
gateways:
- service-gateway
http:
- match:
- uri:
prefix: "/api/notification"
route:
- destination:
port:
number: 80
host: "{{ .Values.conf.app_name }}.{{ .Release.Namespace }}.svc.cluster.local"
data:
requests_cpu: "0.25"
requests_memory: "256M"
limits_cpu: "1"
limits_memory: "1G"
serviceAccountName: ""
image: ""
conf:
configmap: "notification-config"
app_name: "notification"
......@@ -12,6 +12,8 @@ info:
tags:
- name: pubsub-endpoint
description: Pubsub Endpoint
- name: info
description: Version info endpoint
paths:
/push-handlers/records-changed:
post:
......@@ -45,6 +47,21 @@ paths:
security:
- JWT:
- global
/info:
get:
tags:
- info
summary: "Version info"
description: "For deployment available public `/info` endpoint, \
\ which provides build and git related information."
operationId: "Version info"
produces:
- "application/json"
responses:
200:
description: "Version info."
schema:
$ref: "#/components/schemas/VersionInfo"
servers:
- url: https://evq.csp.osdu.com/api/notification/v1
description: EVT
......@@ -66,4 +83,44 @@ components:
type: string
statusCodeValue:
type: integer
format: int32
\ No newline at end of file
format: int32
VersionInfo:
type: "object"
properties:
groupId:
type: "string"
description: "Maven artifact group ID."
actifactId:
type: "string"
description: "Maven artifact ID."
version:
type: "string"
description: "Maven artifact version"
buildTime:
type: "string"
description: "Maven artifact build time"
branch:
type: "string"
description: "Current git branch"
commitId:
type: "string"
description: "Latest commit hash"
commitMessage:
type: "string"
description: "Latest commit message"
connectedOuterServices:
type: "array"
description: "Connected outer services information"
items:
$ref: "#/components/schemas/ConnectedOuterService"
description: "Version info."
ConnectedOuterService:
type: "object"
properties:
name:
type: "string"
description: "Connected outer service name."
version:
type: "string"
description: "Connected outer service version."
description: "Connected outer service information."
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment