Merge remote-tracking branch 'origin/master' into master-dev-merge

.fossa.yml

@@ -8,27 +8,27 @@ cli:
   project: Partition
 analyze:
   modules:
-  - name: partition
-    type: mvn
-    target: pom.xml
-    path: .
-  - name: partition-core
-    type: mvn
-    target: partition-core/pom.xml
-    path: .
-  - name: partition-azure
-    type: mvn
-    target: provider/partition-azure/pom.xml
-    path: .
-  - name: partition-aws
-    type: mvn
-    target: provider/partition-aws/pom.xml
-    path: .
-  - name: partition-ibm
-    type: mvn
-    target: provider/partition-ibm/pom.xml
-    path: .
-  - name: partition-gcp
-    type: mvn
-    target: provider/partition-gcp/pom.xml
-    path: .
+    - name: partition
+      type: mvn
+      target: pom.xml
+      path: .
+    - name: partition-core
+      type: mvn
+      target: partition-core/pom.xml
+      path: .
+    - name: partition-azure
+      type: mvn
+      target: provider/partition-azure/pom.xml
+      path: .
+    - name: partition-aws
+      type: mvn
+      target: provider/partition-aws/pom.xml
+      path: .
+    - name: partition-ibm
+      type: mvn
+      target: provider/partition-ibm/pom.xml
+      path: .
+    - name: partition-gcp
+      type: mvn
+      target: provider/partition-gc/pom.xml
+      path: .

.gitlab-ci.yml

@@ -17,9 +17,6 @@ variables:
   IBM_HELM_CONFIG_PATH: devops/ibm/ibm-partition-config
   IBM_HELM_DEPLOY_PATH: devops/ibm/ibm-partition-deploy
 
-  # FIXME remove when all services are migrated to a single helm
-  OSDU_GCP_ENABLE_HELM_CONFIG: "false"
-
 include:
   - project: "osdu/platform/ci-cd-pipelines"
     file: "standard-setup.yml"
@@ -46,9 +43,9 @@ include:
     file: "cloud-providers/ibm.yml"
 
   - project: "osdu/platform/ci-cd-pipelines"
-    file: "cloud-providers/osdu-gcp-global.yml"
+    file: "cloud-providers/gc-global.yml"
 
-  - local: "devops/gcp/pipeline/override-stages.yml"
+  - local: "devops/gc/pipeline/override-stages.yml"
 
   - project: "osdu/platform/ci-cd-pipelines"
     file: "publishing/pages.yml"

NOTICE

@@ -352,7 +352,7 @@ The following software have components provided under the terms of this license:
 - Apache Maven Wagon :: Providers :: SSH External Provider (from https://repo1.maven.org/maven2/org/apache/maven/wagon/wagon-ssh-external)
 - Apache Maven Wagon :: Providers :: SSH Provider (from https://repo1.maven.org/maven2/org/apache/maven/wagon/wagon-ssh)
 - Apache Velocity (from http://velocity.apache.org/engine/devel/, http://velocity.apache.org/engine/releases/velocity-1.6.1/, http://velocity.apache.org/engine/releases/velocity-1.6.2/)
-- AssertJ fluent assertions (from ${project.parent.url}#${project.artifactId}, https://repo1.maven.org/maven2/org/assertj/assertj-core)
+- AssertJ Core (from ${project.organization.url}#${project.artifactId})
 - Asynchronous Http Client (from https://repo1.maven.org/maven2/org/asynchttpclient/async-http-client)
 - Asynchronous Http Client Netty Utils (from https://repo1.maven.org/maven2/org/asynchttpclient/async-http-client-netty-utils)
 - AutoValue Annotations (from https://github.com/google/auto/tree/master/value, https://repo1.maven.org/maven2/com/google/auto/value/auto-value-annotations)
@@ -481,7 +481,6 @@ The following software have components provided under the terms of this license:
 - Microsoft Azure Java Core Library (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure Netty HTTP Client Library (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure SDK for SQL API of Azure Cosmos DB Service (from https://github.com/Azure/azure-sdk-for-java)
-- Microsoft Azure Storage Client SDK (from https://github.com/Azure/azure-storage-java)
 - Mockito (from http://mockito.org, https://github.com/mockito/mockito)
 - Mojo's Maven plugin for Cobertura (from http://mojo.codehaus.org/cobertura-maven-plugin/)
 - MongoDB Driver (from https://www.mongodb.com/)
@@ -622,8 +621,8 @@ The following software have components provided under the terms of this license:
 - proto-google-cloud-iamcredentials-v1 (from https://github.com/googleapis/google-cloud-java, https://github.com/googleapis/java-iamcredentials/proto-google-cloud-iamcredentials-v1, https://repo1.maven.org/maven2/com/google/api/grpc/proto-google-cloud-iamcredentials-v1)
 - proto-google-cloud-logging-v2 (from https://github.com/googleapis/java-logging/proto-google-cloud-logging-v2, https://repo1.maven.org/maven2/com/google/api/grpc/proto-google-cloud-logging-v2)
 - proto-google-cloud-pubsub-v1 (from https://github.com/googleapis/googleapis, https://github.com/googleapis/java-pubsub/proto-google-cloud-pubsub-v1)
-- proto-google-common-protos (from https://github.com/googleapis/api-client-staging, https://github.com/googleapis/googleapis, https://github.com/googleapis/java-iam/proto-google-common-protos)
-- proto-google-iam-v1 (from https://github.com/googleapis/googleapis, https://github.com/googleapis/java-iam/proto-google-iam-v1)
+- proto-google-common-protos (from https://github.com/googleapis/api-client-staging, https://github.com/googleapis/gapic-generator-java, https://github.com/googleapis/googleapis, https://github.com/googleapis/java-iam/proto-google-common-protos)
+- proto-google-iam-v1 (from https://github.com/googleapis/gapic-generator-java, https://github.com/googleapis/googleapis, https://github.com/googleapis/java-iam/proto-google-iam-v1)
 - resilience4j (from https://github.com/resilience4j/resilience4j, https://resilience4j.readme.io, ttps://resilience4j.readme.io)
 - spring-security-crypto (from http://spring.io/spring-security, https://spring.io/projects/spring-security, https://spring.io/spring-security)
 - spring-security-oauth2-client (from http://spring.io/spring-security, https://spring.io/projects/spring-security, https://spring.io/spring-security)
@@ -647,7 +646,7 @@ BSD-2-Clause
 ========================================================================
 The following software have components provided under the terms of this license:
 
-- API Common (from https://github.com/googleapis, https://github.com/googleapis/api-common-java)
+- API Common (from https://github.com/googleapis, https://github.com/googleapis/api-common-java, https://repo1.maven.org/maven2/com/google/api/api-common)
 - GAX (Google Api eXtensions) for Java (Core) (from https://repo1.maven.org/maven2/com/google/api/gax)
 - GAX (Google Api eXtensions) for Java (HTTP JSON) (from https://repo1.maven.org/maven2/com/google/api/gax-httpjson)
 - GAX (Google Api eXtensions) for Java (gRPC) (from https://repo1.maven.org/maven2/com/google/api/gax-grpc)
@@ -667,7 +666,7 @@ BSD-3-Clause
 ========================================================================
 The following software have components provided under the terms of this license:
 
-- API Common (from https://github.com/googleapis, https://github.com/googleapis/api-common-java)
+- API Common (from https://github.com/googleapis, https://github.com/googleapis/api-common-java, https://repo1.maven.org/maven2/com/google/api/api-common)
 - ASM Analysis (from http://asm.ow2.io/)
 - ASM Commons (from http://asm.ow2.io/, https://repo1.maven.org/maven2/org/ow2/asm/asm-commons)
 - ASM Core (from http://asm.ow2.io/, http://asm.ow2.org/)
@@ -685,7 +684,7 @@ The following software have components provided under the terms of this license:
 - Hamcrest Core (from http://hamcrest.org/, http://hamcrest.org/JavaHamcrest/, https://repo1.maven.org/maven2/org/hamcrest/hamcrest-core)
 - JSch (from http://www.jcraft.com/jsch/)
 - Jackson module: Afterburner (from http://wiki.fasterxml.com/JacksonHome, https://github.com/FasterXML/jackson-modules-base)
-- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
+- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://github.com/jakartaee/jaf-api, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
 - Jakarta Annotations API (from https://projects.eclipse.org/projects/ee4j.ca)
 - Jakarta XML Binding API (from https://repo1.maven.org/maven2/jakarta/xml/bind/jakarta.xml.bind-api, https://repo1.maven.org/maven2/org/jboss/spec/javax/xml/bind/jboss-jaxb-api_2.3_spec)
 - Microsoft Application Insights Java Agent (from https://github.com/Microsoft/ApplicationInsights-Java)
@@ -760,7 +759,7 @@ The following software have components provided under the terms of this license:
 
 - Apache Log4j Core (from https://repo1.maven.org/maven2/org/apache/logging/log4j/log4j-core)
 - Apache Maven Reporting Implementation (from https://repo1.maven.org/maven2/org/apache/maven/reporting/maven-reporting-impl)
-- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
+- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://github.com/jakartaee/jaf-api, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
 - Java Architecture for XML Binding (from http://jaxb.java.net/, https://repo1.maven.org/maven2/javax/xml/bind/jaxb-api)
 - JavaBeans Activation Framework (from https://repo1.maven.org/maven2/com/sun/activation/javax.activation)
 - Servlet Specification 2.5 API (from http://jetty.mortbay.org, https://repo1.maven.org/maven2/org/mortbay/jetty/servlet-api-2.5)
@@ -796,7 +795,7 @@ The following software have components provided under the terms of this license:
 - JUnit Jupiter Params (from http://junit.org/junit5/, https://junit.org/junit5/)
 - JUnit Platform Commons (from http://junit.org/junit5/, https://junit.org/junit5/)
 - JUnit Platform Engine API (from http://junit.org/junit5/, https://junit.org/junit5/)
-- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
+- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://github.com/jakartaee/jaf-api, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
 - Jakarta Annotations API (from https://projects.eclipse.org/projects/ee4j.ca)
 - Jakarta Bean Validation API (from https://beanvalidation.org)
 - Jakarta XML Binding API (from https://repo1.maven.org/maven2/jakarta/xml/bind/jakarta.xml.bind-api, https://repo1.maven.org/maven2/org/jboss/spec/javax/xml/bind/jboss-jaxb-api_2.3_spec)
@@ -822,7 +821,7 @@ The following software have components provided under the terms of this license:
 - JUnit Jupiter Params (from http://junit.org/junit5/, https://junit.org/junit5/)
 - JUnit Platform Commons (from http://junit.org/junit5/, https://junit.org/junit5/)
 - JUnit Platform Engine API (from http://junit.org/junit5/, https://junit.org/junit5/)
-- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
+- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://github.com/jakartaee/jaf-api, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
 - Jakarta Annotations API (from https://projects.eclipse.org/projects/ee4j.ca)
 - Jakarta Bean Validation API (from https://beanvalidation.org)
 - Jakarta XML Binding API (from https://repo1.maven.org/maven2/jakarta/xml/bind/jakarta.xml.bind-api, https://repo1.maven.org/maven2/org/jboss/spec/javax/xml/bind/jboss-jaxb-api_2.3_spec)
@@ -860,7 +859,7 @@ GPL-2.0-with-classpath-exception
 The following software have components provided under the terms of this license:
 
 - Checker Qual (from https://checkerframework.org)
-- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
+- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://github.com/jakartaee/jaf-api, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
 - Jakarta Annotations API (from https://projects.eclipse.org/projects/ee4j.ca)
 - Jakarta Bean Validation API (from https://beanvalidation.org)
 - Jakarta XML Binding API (from https://repo1.maven.org/maven2/jakarta/xml/bind/jakarta.xml.bind-api, https://repo1.maven.org/maven2/org/jboss/spec/javax/xml/bind/jboss-jaxb-api_2.3_spec)
@@ -981,10 +980,10 @@ The following software have components provided under the terms of this license:
 - Microsoft Azure Netty HTTP Client Library (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure SDK annotations (from https://github.com/Microsoft/java-api-annotations)
 - Microsoft Azure SDK for EventGrid Management (from https://github.com/Azure/azure-sdk-for-java)
-- Microsoft Azure SDK for Key Vault Core (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure SDK for SQL API of Azure Cosmos DB Service (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure SDK for Service Bus (from https://github.com/Azure/azure-sdk-for-java, https://github.com/Azure/azure-service-bus-java)
 - Microsoft Azure SDK for eventgrid (from https://github.com/Azure/azure-sdk-for-java)
+- Microsoft Azure client library for Azure Tables (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure client library for Blob Storage (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure client library for File Storage Data Lake (from https://github.com/Azure/azure-sdk-for-java)
 - Microsoft Azure client library for Identity (from https://github.com/Azure/azure-sdk-for-java)
@@ -1107,7 +1106,7 @@ unknown
 ========================================================================
 The following software have components provided under the terms of this license:
 
-- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
+- Jakarta Activation API (from https://github.com/eclipse-ee4j/jaf, https://github.com/jakartaee/jaf-api, https://repo1.maven.org/maven2/jakarta/activation/jakarta.activation-api)
 - xml-apis (from https://repo1.maven.org/maven2/xml-apis/xml-apis)
 
 ========================================================================

README.md

-# Introduction 
+# Introduction
 
 The Partition service is responsible for creating and retrieving partition specific properties on behalf of other services whether they are secret values or not. It is a Maven multi-module project with each cloud implementation placed in its submodule.
- 
+
 ## Running Locally - AWS
+
 Instructions for running the AWS implementation locally can be found [here](./provider/partition-aws/README.md)
+
 ## Running Locally - Azure
+
 Instructions for running the Azure implementation locally can be found [here](./provider/partition-azure/README.md)
+
 ## Running Locally - Google Cloud
-Instructions for running the Google Cloud implementation locally can be found [here](./provider/partition-gcp/README.md)
+
+Instructions for running the Google Cloud implementation locally can be found [here](./provider/partition-gc/README.md)
+
 ## Running Locally - IBM
 
 ## Running Integration Tests
+
 Instructions for running the integration tests can be found [here](./testing/README.md)
 
 ## License
+
 Copyright 2017-2020, Schlumberger
 
 Licensed under the Apache License, Version 2.0 (the "License");
 you may not use this file except in compliance with the License.
-You may obtain a copy of the License at 
+You may obtain a copy of the License at
 
 [http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0)
 

devops/gcp/deploy/Chart.yaml → devops/gc/deploy/Chart.yaml

 apiVersion: v2
-name: gcp-partition-deploy
+name: gc-partition-deploy
 description: A Helm chart for Kubernetes
 # A chart can be either an 'application' or a 'library' chart.
 #
@@ -17,4 +17,4 @@ version: 0.1.0
 # This is the version number of the application being deployed. This version number should be
 # incremented each time you make changes to the application. Versions are not expected to
 # follow Semantic Versioning. They should reflect the version the application is using.
-appVersion: 1.16.0
+appVersion: 1.19.0

devops/gcp/deploy/README.md → devops/gc/deploy/README.md

@@ -96,50 +96,59 @@ First you need to set variables in **values.yaml** file using any code editor. S
 
 | Name | Description | Type | Default |Required |
 |------|-------------|------|---------|---------|
-**logLevel** | logging level | string | INFO | yes
-**springProfilesActive** | active spring profile | string | gcp | yes
-**projectId** | your Google Cloud project id | string | - | only in case of Google Cloud installation
-**dataProjectId** | in case of multiproject cloud installation (services and data stored in different project) the name of data project | string | - | only in case of multiproject installation
-**partitionAdminAccounts** | admin accounts validated by partition service | string | - | yes
-**serviceAccountTail** | ending of Google Cloud service account | string | .iam.gserviceaccount.com | yes
-**partitionName** | partition host | string | partition | yes
-**partitionNamespace** | datastore namespace where partition will store the data | string | partition | yes
-**dataPartitionId** | data partition id | string | - | yes
-**datafierSa** | datafier service account | string | datafier | yes
-**bucketPrefix** | minio bucket name prefix | string | refi | only in case of Reference installation when _springProfilesActive_ is set to "_anthos_"
-**minioExternalEndpoint** | api url for external minio, if external minio is configured - this value will be set for MINIO_ENDPOINT and FILE_MINIO_ENDPOINT in bootstrap configmap | string | - | no
+**data.logLevel** | logging level | string | INFO | yes
+**data.springProfilesActive** | active spring profile | string | gcp | yes
+**data.projectId** | your Google Cloud project id | string | - | only in case of Google Cloud installation
+**data.dataProjectId** | in case of multiproject cloud installation (services and data stored in different project) the name of data project | string | - | only in case of multiproject installation
+**data.partitionName** | partition host | string | partition | yes
+**data.partitionNamespace** | datastore namespace where partition will store the data | string | partition | yes
+**data.dataPartitionId** | data partition id | string | - | yes
+**data.datafierSa** | datafier service account | string | datafier | yes
+**data.bucketPrefix** | minio bucket name prefix | string | refi | only in case of Reference installation when _springProfilesActive_ is set to "_anthos_"
+**data.minioExternalEndpoint** | api url for external minio, if external minio is configured - this value will be set for MINIO_ENDPOINT and FILE_MINIO_ENDPOINT in bootstrap configmap | string | - | no
 
 ### Deployment variables
 
 | Name | Description | Type | Default |Required |
 |------|-------------|------|---------|---------|
-**requestsCpu** | amount of requests CPU | string | 0.1 | yes
-**requestsMemory** | amount of requests memory | string | 260M | yes
-**limitsCpu** | CPU limit | string | 1 | yes
-**limitsMemory** | memory limit | string | 1G | yes
-**serviceAccountName** | name of your service account | string | partition | yes
-**image** | path to the image in a registry | string | - | yes
-**imagePullPolicy** | when to pull the image | string | IfNotPresent | yes
-**bootstrapImage** | name of the bootstrap image | string | - | yes
+**data.requestsCpu** | amount of requests CPU | string | 40m | yes
+**data.requestsMemory** | amount of requests memory | string | 256Mi | yes
+**data.limitsCpu** | CPU limit | string | 500m | yes
+**data.imitsMemory** | memory limit | string | 1G | yes
+**data.serviceAccountName** | name of your service account | string | partition | yes
+**data.image** | path to the image in a registry | string | - | yes
+**data.imagePullPolicy** | when to pull the image | string | IfNotPresent | yes
+**data.bootstrapImage** | name of the bootstrap image | string | - | yes
 
 ### Configuration variables
 
 | Name | Description | Type | Default |Required |
 |------|-------------|------|---------|---------|
-**appName** | name of the app | string | partition | yes
-**configmap** | configmap to be used | string | partition-config | yes
-**domain** | your domain | string | - | yes
-**onPremEnabled** | whether on-prem is enabled | boolean | false | yes
-**secret** | secret for postgres | string | partition-postgres-secret | yes
-**mtlsMode** | MTLS mode | string | STRICT | yes
-**realm** | realm in keycloak | string | osdu | yes
+**conf.appName** | name of the app | string | partition | yes
+**conf.configmap** | configmap to be used | string | partition-config | yes
+**conf.domain** | your domain | string | - | yes
+**conf.onPremEnabled** | whether on-prem is enabled | boolean | false | yes
+**conf.secret** | secret for postgres | string | partition-postgres-secret | yes
+**auth.realm** | realm in keycloak | string | osdu | yes
+
+### ISTIO variables
+
+| Name | Description | Type | Default |Required |
+|------|-------------|------|---------|---------|
+**istio.proxyCPU** | CPU request for Envoy sidecars | string | 10m | yes
+**istio.proxyCPULimit** | CPU limit for Envoy sidecars | string | 500m | yes
+**istio.proxyMemory** | memory request for Envoy sidecars | string | 32Mi | yes
+**istio.proxyMemoryLimit** | memory limit for Envoy sidecars | string | 512Mi | yes
+**istio.bootstrapProxyCPU** | CPU request for Envoy sidecars | string | 10m | yes
+**istio.bootstrapProxyCPULimit** | CPU limit for Envoy sidecars | string | 100m | yes
+**istio.sidecarInject** | whether to inject sidecar | boolean | true | yes
 
 ### Install the helm chart
 
 Run this command from within this directory:
 
 ```console
-helm install gcp-partition-deploy .
+helm install gc-partition-deploy .
 ```
 
 ## Uninstalling the Chart
@@ -147,7 +156,7 @@ helm install gcp-partition-deploy .
 To uninstall the helm deployment:
 
 ```console
-helm uninstall gcp-partition-deploy
+helm uninstall gc-partition-deploy
 ```
 
 To delete secrets and PVCs:

devops/gcp/deploy/templates/configmap.yaml → devops/gc/deploy/templates/configmap.yaml

@@ -10,6 +10,5 @@ data:
   SPRING_PROFILES_ACTIVE: {{ .Values.data.springProfilesActive | quote }}
   {{- if not .Values.conf.onPremEnabled }}
   GOOGLE_CLOUD_PROJECT: {{ .Values.data.projectId | quote }}
-  PARTITION_ADMIN_ACCOUNTS: {{ .Values.data.partitionAdminAccounts | quote }}
   PARTITION_NAMESPACE: {{ .Values.data.partitionNamespace | quote }}
   {{- end }}

devops/gcp/deploy/templates/deploy-bootstrap.yaml → devops/gc/deploy/templates/deploy-bootstrap.yaml

@@ -12,6 +12,7 @@ spec:
     metadata:
       labels:
         app: {{ printf "%s-bootstrap" .Values.conf.appName | quote }}
+        sidecar.istio.io/inject: {{ .Values.istio.sidecarInject | quote }}
       annotations:
         rollme: {{ randAlphaNum 5 | quote }}
         sidecar.istio.io/proxyCPU: {{ .Values.istio.bootstrapProxyCPU | quote }}

devops/gcp/deploy/templates/deploy.yaml → devops/gc/deploy/templates/deploy.yaml

@@ -12,6 +12,7 @@ spec:
     metadata:
       labels:
         app: {{ .Values.conf.appName | quote }}
+        sidecar.istio.io/inject: {{ .Values.istio.sidecarInject | quote }}
       annotations:
         rollme: {{ randAlphaNum 5 | quote }}
         sidecar.istio.io/proxyCPU: {{ .Values.istio.proxyCPU | quote }}

devops/gcp/deploy/values.yaml → devops/gc/deploy/values.yaml

@@ -6,16 +6,15 @@ data:
   dataProjectId: ""
   dataPartitionId: ""
   dataPartitionIdList: []
-  partitionAdminAccounts: ""
   partitionName: "partition"
   partitionNamespace: "partition"
   datafierSa: "datafier"
   bucketPrefix: "refi"
   minioExternalEndpoint: "" # use only if external minio is configured
   # deployments
-  requestsCpu: "0.1"
-  requestsMemory: "260M"
-  limitsCpu: "1"
+  requestsCpu: "40m"
+  requestsMemory: "256Mi"
+  limitsCpu: "500m"
   limitsMemory: "1G"
   serviceAccountName: "partition"
   imagePullPolicy: "IfNotPresent"
@@ -24,20 +23,17 @@ data:
   # bootstrap onprem
 conf:
   appName: "partition"
-  cicdEnabled: false
   configmap: "partition-config"
   domain: ""
   onPremEnabled: false
-  publicAvailable: false
   secret: "partition-postgres-secret"
-namespacePolicy:
-  mtlsMode: STRICT
 auth:
   realm: "osdu"
 istio:
-  proxyCPU: "50m"
+  proxyCPU: "10m"
   proxyCPULimit: "500m"
   proxyMemory: "64Mi"
   proxyMemoryLimit: "512Mi"
   bootstrapProxyCPU: "10m"
   bootstrapProxyCPULimit: "100m"
+  sidecarInject: "true"

devops/gcp/pipeline/override-stages.yml → devops/gc/pipeline/override-stages.yml

 variables:
-  OSDU_GCP_ENABLE_BOOTSTRAP: "true"
-  OSDU_GCP_SERVICE: partition
-  OSDU_GCP_VENDOR: gcp
-  OSDU_GCP_HELM_ENV_DIR: "devops/gcp/tests/env"
-  ENV_BUILD_PATH: "devops/gcp/tests/build/Dockerfile"
+  GC_ENABLE_BOOTSTRAP: "true"
+  GC_SERVICE: partition
+  GC_VENDOR: gc
+  GC_HELM_ENV_DIR: "devops/gc/tests/env"
+  ENV_BUILD_PATH: "devops/gc/tests/build/Dockerfile"
+  # FIXME remove when all services are migrated to a single helm
+  GC_ENABLE_HELM_CONFIG: "false"
 
 .common_cleanup:
   script:
     - git clone https://community.opengroup.org/osdu/platform/deployment-and-operations/infra-gcp-provisioning.git
-    - cp infra-gcp-provisioning/tools/datastore-cleanup/* devops/gcp/tests/clean_up/
+    - cp infra-gcp-provisioning/tools/datastore-cleanup/* devops/gc/tests/clean_up/
 
-osdu-gcp-containerize-bootstrap-env-gitlab:
+gc-containerize-bootstrap-env-gitlab:
   stage: build
   image: docker:19.03.15
   tags: ["osdu-small"]
   services:
     - docker:20.10.7-dind
   variables:
-    BUILD_BOOTSTRAP_PATH: "devops/gcp/tests/build/Dockerfile"
+    BUILD_BOOTSTRAP_PATH: "devops/gc/tests/build/Dockerfile"
   script:
     - export EXTRA_DOCKER_TAG=""
     - >
@@ -29,112 +31,111 @@ osdu-gcp-containerize-bootstrap-env-gitlab:
     - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
     - docker push $CI_REGISTRY_IMAGE/$IMAGE_BOOTSTRAP_NAME-env
   rules:
-    - if: "$OSDU_GCP == '1' && $OSDU_GCP_ENABLE_BOOTSTRAP == 'true'"
+    - if: "$GC == '1' && $GC_ENABLE_BOOTSTRAP == 'true'"
       when: on_success
 
-osdu-gcp-anthos-deploy-test-env: #infra deploy for on-prem install
+gc-anthos-deploy-test-env: #infra deploy for on-prem install
   environment:
-    name: GCP
-  extends: .osdu-gcp-anthos-variables
+    name: gc
+  extends: .gc-anthos-variables
   tags: ["osdu-small"]
   image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
   stage: deploy
-  needs: ["osdu-gcp-containerize-bootstrap-env-gitlab", "compile-and-unit-test"]
+  needs: ["gc-containerize-bootstrap-env-gitlab", "compile-and-unit-test"]
   retry: 1
   variables:
-    OSDU_GCP_HELM_NAMESPACE: partition-int-test
+    GC_HELM_NAMESPACE: partition-int-test
   script:
-    - gcloud auth activate-service-account --key-file $OSDU_GCP_ANTHOS_DEPLOY_FILE
+    - gcloud auth activate-service-account --key-file $GC_ANTHOS_DEPLOY_FILE
     - !reference [.common_config, script]
     - export PASSWORD=$(</dev/urandom tr -dc _A-Z-a-z-0-9 | head -c10)
-    - cd $OSDU_GCP_HELM_ENV_DIR
+    - cd $GC_HELM_ENV_DIR
     - helm dependency update
     - >
-      helm upgrade $OSDU_GCP_SERVICE-env .
+      helm upgrade $GC_SERVICE-env .
       --install
       --create-namespace
-      --namespace=$OSDU_GCP_HELM_NAMESPACE
+      --namespace=$GC_HELM_NAMESPACE
       --wait
       --history-max=3
       --set postgresql.global.postgresql.auth.postgresPassword=$PASSWORD
-      --set bootstrap.postgres.image=$CI_REGISTRY_IMAGE/osdu-gcp-bootstrap-$OSDU_GCP_SERVICE-env:$CI_COMMIT_SHORT_SHA
-      $OSDU_GCP_HELM_TIMEOUT
+      --set bootstrap.postgres.image=$CI_REGISTRY_IMAGE/gc-bootstrap-$GC_SERVICE-env:$CI_COMMIT_SHORT_SHA
+      $GC_HELM_TIMEOUT
   rules:
     - if: "$CI_COMMIT_BRANCH =~ /^release/"
       when: never
     - if: "$CI_COMMIT_TAG"
       when: never
-    - if: '$OSDU_GCP == "1"'
+    - if: '$GC == "1"'
       when: on_success
 
-osdu-gcp-anthos-deploy-deployment: # reuse common deploy job for test deployment
-  needs: ["osdu-gcp-anthos-deploy-test-env", "osdu-gcp-containerize-gitlab"]
+gc-anthos-deploy-deployment: # reuse common deploy job for test deployment
+  needs: ["gc-anthos-deploy-test-env", "gc-containerize-gitlab"]
   variables:
-    OSDU_GCP_HELM_NAMESPACE: partition-int-test
-    ISTIO_ENABLED: "false"
-    OSDU_GCP_TENANT: test
+    GC_HELM_NAMESPACE: partition-int-test
+    GC_TENANT: test
+    GC_HELM_SETS: >-
+      --set istio.sidecarInject=false
 
-osdu-gcp-anthos-test:
+gc-anthos-test:
   variables:
-    OSDU_GCP_VENDOR: anthos
+    GC_VENDOR: anthos
     PARTITION_BASE_URL: https://test.ref.gcp.gnrg-osdu.projects.epam.com/
 
-osdu-gcp-anthos-cleanup-env: # clean-up env after tests
+gc-anthos-cleanup-env: # clean-up env after tests
   environment:
-    name: GCP
+    name: gc
   stage: cleanup
-  extends: .osdu-gcp-anthos-variables
+  extends: .gc-anthos-variables
   image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
-  needs: [osdu-gcp-anthos-test]
+  needs: ["gc-anthos-test"]
   tags: ["osdu-small"]
   variables:
     PARTITION_NAMESPACE: partition-test
-    OSDU_GCP_HELM_NAMESPACE: partition-int-test
+    GC_HELM_NAMESPACE: partition-int-test
   script:
-    - gcloud auth activate-service-account --key-file $OSDU_GCP_ANTHOS_DEPLOY_FILE
+    - gcloud auth activate-service-account --key-file $GC_ANTHOS_DEPLOY_FILE
     - !reference [.common_config, script]
-    - export GOOGLE_APPLICATION_CREDENTIALS="$OSDU_GCP_ANTHOS_DEPLOY_FILE"
+    - export GOOGLE_APPLICATION_CREDENTIALS="$GC_ANTHOS_DEPLOY_FILE"
     - !reference [.common_cleanup, script]
-    - chmod +x devops/gcp/tests/clean_up/clean_up.sh && devops/gcp/tests/clean_up/clean_up.sh --cluster
+    - chmod +x devops/gc/tests/clean_up/clean_up.sh && devops/gc/tests/clean_up/clean_up.sh --cluster
   rules:
     - if: "$CI_COMMIT_BRANCH =~ /^release/"
       when: never
     - if: "$CI_COMMIT_TAG"
       when: never
-    - if: '$OSDU_GCP == "1"'
+    - if: '$GC == "1"'
       when: always
 
-osdu-gcp-anthos-deploy: # verified deploy after tests
+gc-anthos-deploy: # verified deploy after tests
   environment:
-    name: GCP
-  extends: .osdu-gcp-anthos-variables
+    name: gc
+  extends: .gc-anthos-variables
   tags: ["osdu-small"]
   image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
   stage: verified-deploy
-  needs: ["osdu-gcp-anthos-test"]
+  needs: ["gc-anthos-test"]
   retry: 1
   script:
-    - gcloud auth activate-service-account --key-file $OSDU_GCP_ANTHOS_DEPLOY_FILE
+    - gcloud auth activate-service-account --key-file $GC_ANTHOS_DEPLOY_FILE
     - !reference [.common_config, script]
     - >
-      helm upgrade $OSDU_GCP_SERVICE-deploy $OSDU_GCP_HELM_DEPLOYMENT_DIR
+      helm upgrade $GC_SERVICE-deploy $GC_HELM_DEPLOYMENT_DIR
       --install
       --create-namespace
-      --namespace=$OSDU_GCP_HELM_NAMESPACE
+      --namespace=$GC_HELM_NAMESPACE
       --wait
       --history-max=3
-      --set data.bootstrapImage=$CI_REGISTRY_IMAGE/osdu-gcp-bootstrap-$OSDU_GCP_SERVICE:$CI_COMMIT_SHORT_SHA
-      --set data.image=$CI_REGISTRY_IMAGE/osdu-gcp-$OSDU_GCP_SERVICE:$CI_COMMIT_SHORT_SHA
-      --set data.serviceAccountName=$OSDU_GCP_SERVICE
+      --set data.bootstrapImage=$CI_REGISTRY_IMAGE/gc-bootstrap-$GC_SERVICE:$CI_COMMIT_SHORT_SHA
+      --set data.image=$CI_REGISTRY_IMAGE/gc-$GC_SERVICE:$CI_COMMIT_SHORT_SHA
+      --set data.serviceAccountName=$GC_SERVICE
       --set data.bucketPrefix=osdu-anthos
-      --set data.dataPartitionId=$OSDU_GCP_TENANT
+      --set data.dataPartitionId=$GC_TENANT
       --set data.logLevel=INFO
       --set data.springProfilesActive=anthos
-      --set conf.cicdEnabled=true
-      --set conf.publicAvailable=true
       --set conf.onPremEnabled=true
-      --set conf.domain=$OSDU_GCP_DOMAIN
-      $OSDU_GCP_HELM_TIMEOUT
+      --set conf.domain=$GC_DOMAIN
+      $GC_HELM_TIMEOUT
     - !reference [.verify_deploy, script]
     - !reference [.verify_bootstrap, script]
   rules:
@@ -142,73 +143,74 @@ osdu-gcp-anthos-deploy: # verified deploy after tests
       when: never
     - if: "$CI_COMMIT_TAG"
       when: never
-    - if: '$OSDU_GCP == "1"'
+    - if: '$GC == "1"'
       when: on_success
 
-osdu-gcp-deploy-deployment: # reuse common deploy job for test deployment
+gc-deploy-deployment: # reuse common deploy job for test deployment
   variables:
-    OSDU_GCP_HELM_NAMESPACE: partition-int-test
-    DATA_PARTITION_ID: test
-    OSDU_GCP_PARTITION_NAMESPACE: partition-test
+    GC_HELM_NAMESPACE: partition-int-test
+    GC_HELM_SETS: >-
+      --set data.dataPartitionId=test
+      --set data.partitionNamespace=partition-test
+      --set istio.sidecarInject=false
 
-osdu-gcp-test:
+gc-test:
   variables:
     CLIENT_TENANT: test
     PARTITION_BASE_URL: https://test.community.gcp.gnrg-osdu.projects.epam.com/
 
-osdu-gcp-cleanup-env: # clean-up env after tests
+gc-cleanup-env: # clean-up env after tests
   environment:
-    name: GCP
+    name: gc
   stage: cleanup
-  extends: .osdu-gcp-variables
+  extends: .gc-variables
   image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
-  needs: [osdu-gcp-test]
+  needs: ["gc-test"]
   tags: ["osdu-small"]
   variables:
     PARTITION_NAMESPACE: partition-test
-    OSDU_GCP_HELM_NAMESPACE: partition-int-test
+    GC_HELM_NAMESPACE: partition-int-test
   script:
-    - gcloud auth activate-service-account --key-file $OSDU_GCP_DEPLOY_FILE
+    - gcloud auth activate-service-account --key-file $GC_DEPLOY_FILE
     - !reference [.common_config, script]
-    - export GOOGLE_APPLICATION_CREDENTIALS="$OSDU_GCP_DEPLOY_FILE"
+    - export GOOGLE_APPLICATION_CREDENTIALS="$GC_DEPLOY_FILE"
     - !reference [.common_cleanup, script]
-    - chmod +x devops/gcp/tests/clean_up/clean_up.sh && devops/gcp/tests/clean_up/clean_up.sh --all
+    - chmod +x devops/gc/tests/clean_up/clean_up.sh && devops/gc/tests/clean_up/clean_up.sh --all
   rules:
     - if: "$CI_COMMIT_BRANCH =~ /^release/"
       when: never
     - if: "$CI_COMMIT_TAG"
       when: never
-    - if: '$OSDU_GCP == "1"'
+    - if: '$GC == "1"'
       when: always
 
-osdu-gcp-deploy: # verified deploy after tests
+gc-deploy: # verified deploy after tests
   environment:
-    name: GCP
-  extends: .osdu-gcp-variables
+    name: gc
+  extends: .gc-variables
   tags: ["osdu-small"]
   image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
   stage: verified-deploy
-  needs: ["osdu-gcp-test"]
+  needs: ["gc-test"]
   retry: 1
   script:
-    - gcloud auth activate-service-account --key-file $OSDU_GCP_DEPLOY_FILE
+    - gcloud auth activate-service-account --key-file $GC_DEPLOY_FILE
     - !reference [.common_config, script]
     - >
-      helm upgrade $OSDU_GCP_SERVICE-deploy $OSDU_GCP_HELM_DEPLOYMENT_DIR
+      helm upgrade $GC_SERVICE-deploy $GC_HELM_DEPLOYMENT_DIR
       --install
       --create-namespace
-      --namespace=$OSDU_GCP_HELM_NAMESPACE
+      --namespace=$GC_HELM_NAMESPACE
       --wait
       --history-max=3
-      --set data.bootstrapImage=$CI_REGISTRY_IMAGE/osdu-gcp-bootstrap-$OSDU_GCP_SERVICE:$CI_COMMIT_SHORT_SHA
-      --set data.image=$CI_REGISTRY_IMAGE/osdu-gcp-$OSDU_GCP_SERVICE:$CI_COMMIT_SHORT_SHA
-      --set data.serviceAccountName=$OSDU_GCP_SERVICE-k8s
-      --set data.projectId=$OSDU_GCP_PROJECT
-      --set data.partitionAdminAccounts=$OSDU_GCP_PARTITION_ADMIN_ACCOUNTS
-      --set data.dataPartitionId=$OSDU_GCP_TENANT
+      --set data.bootstrapImage=$CI_REGISTRY_IMAGE/gc-bootstrap-$GC_SERVICE:$CI_COMMIT_SHORT_SHA
+      --set data.image=$CI_REGISTRY_IMAGE/gc-$GC_SERVICE:$CI_COMMIT_SHORT_SHA
+      --set data.serviceAccountName=$GC_SERVICE-k8s
+      --set data.projectId=$GC_PROJECT
+      --set data.dataPartitionId=$GC_TENANT
       --set data.logLevel=INFO
-      --set conf.domain=$OSDU_GCP_DOMAIN
-      $OSDU_GCP_HELM_TIMEOUT
+      --set conf.domain=$GC_DOMAIN
+      $GC_HELM_TIMEOUT
     - !reference [.verify_deploy, script]
     - !reference [.verify_bootstrap, script]
   rules:
@@ -216,85 +218,86 @@ osdu-gcp-deploy: # verified deploy after tests
       when: never
     - if: "$CI_COMMIT_TAG"
       when: never
-    - if: '$OSDU_GCP == "1"'
+    - if: '$GC == "1"'
       when: on_success
 
-osdu-gcp-dev2-deploy-deployment: # reuse common deploy job for test deployment
+gc-dev2-deploy-deployment: # reuse common deploy job for test deployment
   variables:
-    OSDU_GCP_HELM_NAMESPACE: partition-int-test
-    DATA_PARTITION_ID: test
-    OSDU_GCP_PARTITION_NAMESPACE: partition-test
+    GC_HELM_NAMESPACE: partition-int-test
+    GC_HELM_SETS: >-
+      --set data.dataPartitionId=test
+      --set data.partitionNamespace=partition-test
+      --set istio.sidecarInject=false
 
-osdu-gcp-dev2-test:
+gc-dev2-test:
   variables:
     CLIENT_TENANT: test
     PARTITION_BASE_URL: https://test.dev2.gcp.gnrg-osdu.projects.epam.com/
 
-osdu-gcp-dev2-cleanup-env: # clean-up env after tests
+gc-dev2-cleanup-env: # clean-up env after tests
   environment:
-    name: GCP
+    name: gc
   stage: cleanup
-  extends: .osdu-gcp-dev2-variables
+  extends: .gc-dev2-variables
   image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
-  needs: [osdu-gcp-dev2-test]
+  needs: [gc-dev2-test]
   tags: ["osdu-small"]
   variables:
     PARTITION_NAMESPACE: partition-test
-    OSDU_GCP_HELM_NAMESPACE: partition-int-test
+    GC_HELM_NAMESPACE: partition-int-test
   script:
-    - gcloud auth activate-service-account --key-file $OSDU_GCP_DEPLOY_FILE
+    - gcloud auth activate-service-account --key-file $GC_DEPLOY_FILE
     - !reference [.common_config, script]
-    - export GOOGLE_APPLICATION_CREDENTIALS="$OSDU_GCP_DEPLOY_FILE"
+    - export GOOGLE_APPLICATION_CREDENTIALS="$GC_DEPLOY_FILE"
     - !reference [.common_cleanup, script]
-    - chmod +x devops/gcp/tests/clean_up/clean_up.sh && devops/gcp/tests/clean_up/clean_up.sh --all
+    - chmod +x devops/gc/tests/clean_up/clean_up.sh && devops/gc/tests/clean_up/clean_up.sh --all
   rules:
-    - if: '$OSDU_GCP == "1" && $CI_COMMIT_BRANCH =~ /^release/'
+    - if: '$GC == "1" && $CI_COMMIT_BRANCH =~ /^release/'
       when: always
-    - if: '$OSDU_GCP == "1" && $CI_COMMIT_TAG'
+    - if: '$GC == "1" && $CI_COMMIT_TAG'
       when: always
 
-osdu-gcp-dev2-deploy: # verified deploy after tests
+gc-dev2-deploy: # verified deploy after tests
   tags: ["osdu-small"]
-  extends: .osdu-gcp-dev2-variables
+  extends: .gc-dev2-variables
   image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
   stage: verified-deploy
-  needs: ["osdu-gcp-containerize-gitlab", "osdu-gcp-dev2-test"]
+  needs: ["gc-containerize-gitlab", "gc-dev2-test"]
   retry: 1
   script:
-    - gcloud auth activate-service-account --key-file $OSDU_GCP_DEV2_DEPLOY_FILE
+    - gcloud auth activate-service-account --key-file $GC_DEV2_DEPLOY_FILE
     - !reference [.common_config, script]
     - !reference [.define_version, script]
-    - !reference [.set_image_name,script]
-    - helm repo add $OSDU_GCP_SERVICE ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/stable
+    - !reference [.set_image_name, script]
+    - helm repo add $GC_SERVICE ${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/helm/stable
     - >
-      helm upgrade $OSDU_GCP_SERVICE-deploy $OSDU_GCP_SERVICE/gcp-$OSDU_GCP_SERVICE-deploy
+      helm upgrade $GC_SERVICE-deploy $GC_SERVICE/gc-$GC_SERVICE-deploy
       --version $VERSION
       --install
       --create-namespace
-      --namespace=$OSDU_GCP_HELM_NAMESPACE
+      --namespace=$GC_HELM_NAMESPACE
       --wait
       --history-max=3
       --set data.imagePullPolicy=Always
-      --set data.bootstrapImage=$CI_REGISTRY_IMAGE/osdu-gcp-bootstrap-$OSDU_GCP_SERVICE:${CI_COMMIT_TAG:-$CI_COMMIT_SHORT_SHA}
+      --set data.bootstrapImage=$CI_REGISTRY_IMAGE/gc-bootstrap-$GC_SERVICE:${CI_COMMIT_TAG:-$CI_COMMIT_SHORT_SHA}
       --set data.image=$CI_REGISTRY_IMAGE/$IMAGE_NAME:${CI_COMMIT_TAG:-$CI_COMMIT_SHORT_SHA}
-      --set data.serviceAccountName=$OSDU_GCP_SERVICE-k8s
+      --set data.serviceAccountName=$GC_SERVICE-k8s
       --set data.projectId=osdu-dev2
-      --set data.partitionAdminAccounts=$OSDU_GCP_DEV2_PARTITION_ADMIN_ACCOUNTS
-      --set data.dataPartitionId=$OSDU_GCP_TENANT
+      --set data.dataPartitionId=$GC_TENANT
       --set data.logLevel=INFO
-      --set conf.domain=$OSDU_GCP_DOMAIN
-      $OSDU_GCP_HELM_TIMEOUT
+      --set conf.domain=$GC_DOMAIN
+      $GC_HELM_TIMEOUT
     - !reference [.verify_deploy, script]
     - !reference [.verify_bootstrap, script]
   rules:
-    - if: '$OSDU_GCP == "1" && $CI_COMMIT_BRANCH =~ /^release/'
+    - if: '$GC == "1" && $CI_COMMIT_BRANCH =~ /^release/'
       when: on_success
-    - if: '$OSDU_GCP == "1" && $CI_COMMIT_TAG'
+    - if: '$GC == "1" && $CI_COMMIT_TAG'
       when: on_success
 
-osdu-gcp-preship-deploy-deployment:
-  extends: .osdu-gcp-preship-variables
+gc-preship-deploy-deployment:
+  extends: .gc-preship-variables
   tags: ["osdu-small"]
   image: gcr.io/google.com/cloudsdktool/cloud-sdk:alpine
   stage: deploy_preship
-  needs: ["osdu-gcp-dev2-deploy", "osdu-gcp-dev2-test"]
+  needs: ["gc-dev2-deploy", "gc-dev2-test"]

devops/gcp/tests/build/Dockerfile → devops/gc/tests/build/Dockerfile

@@ -3,7 +3,7 @@ FROM alpine:3.16
 RUN apk update && \
     apk -q add jq postgresql-client bash
 
-COPY ./devops/gcp/tests/build/ ./opt
+COPY ./devops/gc/tests/build/ ./opt
 RUN chmod +x /opt/bootstrap.sh
 
 WORKDIR /opt