diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 9ab2d9fdae352b465ca7652f0a2ccb2153e641ca..27ca6d11b037e8c5a36c31db16f046e835a9b5a9 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -13,20 +13,30 @@ variables:
IBM_BUILD_SUBDIR: provider/partition-ibm
IBM_INT_TEST_SUBDIR: testing/partition-test-ibm
- # --- osdu gcp specific variables ---
OSDU_GCP_ENABLE_BOOTSTRAP: "true"
OSDU_GCP_SERVICE: partition
OSDU_GCP_VENDOR: gcp
- OSDU_GCP_APPLICATION_NAME: os-partition
- MAVEN_PROJECTS: "-pl partition-core,provider/partition-gcp"
- OSDU_GCP_TEST_SUBDIR: testing/$OSDU_GCP_SERVICE-test-$OSDU_GCP_VENDOR
- OSDU_GCP_HELM_PACKAGE_CHARTS: "devops/gcp/deploy devops/gcp/configmap"
- OSDU_GCP_HELM_NAMESPACE: default
- OSDU_GCP_HELM_CONFIG_SERVICE_VARS: "--set data.partition_admin_accounts=$OSDU_GCP_PARTITION_ADMIN_ACCOUNTS --set data.project_id=$OSDU_GCP_PROJECT --set data.google_audiences=$GOOGLE_AUDIENCE --set data.log_level=INFO --set data.key_ring=$OSDU_GCP_PARTITION_KEY_RING --set data.kms_key=$OSDU_GCP_PARTITION_KMS_KEY --set data.data_partition_id=$OSDU_GCP_TENANT"
- OSDU_GCP_HELM_CONFIG_SERVICE_VARS_DEV2: "--set data.partition_admin_accounts=$OSDU_GCP_PARTITION_ADMIN_ACCOUNTS_DEV2 --set data.project_id=$OSDU_GCP_PROJECT --set data.google_audiences=$GOOGLE_AUDIENCE --set data.log_level=INFO --set data.key_ring=$OSDU_GCP_PARTITION_KEY_RING --set data.kms_key=$OSDU_GCP_PARTITION_KMS_KEY --set data.data_partition_id=$OSDU_GCP_TENANT"
- OSDU_GCP_HELM_DEPLOYMENT_SERVICE_VARS: "--set data.image=$CI_REGISTRY_IMAGE/osdu-gcp:$CI_COMMIT_SHORT_SHA --set data.bootstrap_image=$CI_REGISTRY_IMAGE/osdu-gcp-bootstrap-partition:$CI_COMMIT_SHORT_SHA --set data.serviceAccountName=$OSDU_GCP_SERVICE-k8s --set data.bootstrapServiceAccountName=$OSDU_GCP_SERVICE-k8s"
+ OSDU_GCP_HELM_CONFIG_SERVICE_VARS: >
+ --set data.partitionAdminAccounts=$OSDU_GCP_PARTITION_ADMIN_ACCOUNTS
+ --set data.projectId=$OSDU_GCP_PROJECT
+ --set data.googleAudiences=$GOOGLE_AUDIENCE
+ --set data.logLevel=INFO
+ --set data.dataPartitionId=$OSDU_GCP_TENANT
+ OSDU_GCP_HELM_DEPLOYMENT_SERVICE_VARS: >
+ --set data.image=$CI_REGISTRY_IMAGE/osdu-gcp-$OSDU_GCP_SERVICE:$CI_COMMIT_SHORT_SHA
+ --set data.bootstrapImage=$CI_REGISTRY_IMAGE/osdu-gcp-bootstrap-$OSDU_GCP_SERVICE:$CI_COMMIT_SHORT_SHA
+ --set data.serviceAccountName=$OSDU_GCP_SERVICE-k8s
+ --set data.bootstrapServiceAccountName=$OSDU_GCP_SERVICE-k8s
+ OSDU_GCP_HELM_CONFIG_SERVICE_VARS_DEV2: >
+ --set data.partitionAdminAccounts=$OSDU_GCP_PARTITION_ADMIN_ACCOUNTS_DEV2
+ --set data.projectId=$OSDU_GCP_PROJECT
+ --set data.googleAudiences=$GOOGLE_AUDIENCE
+ --set data.logLevel=INFO
+ --set data.dataPartitionId=$OSDU_GCP_TENANT
# FIXME add value below to DEV2 pipeline
- OSDU_GCP_HELM_DEPLOYMENT_SERVICE_VARS_DEV2: "--set data.bootstrap_image=$CI_REGISTRY_IMAGE/osdu-gcp-bootstrap-partition:$CI_COMMIT_SHORT_SHA --set data.bootstrapServiceAccountName=$OSDU_GCP_BOOTSTRAP_SERVICE_ACCOUNT"
+ OSDU_GCP_HELM_DEPLOYMENT_SERVICE_VARS_DEV2: >
+ --set data.bootstrapImage=$CI_REGISTRY_IMAGE/osdu-gcp-bootstrap-$OSDU_GCP_SERVICE:$CI_COMMIT_SHORT_SHA
+ --set data.bootstrapServiceAccountName=$OSDU_GCP_BOOTSTRAP_SERVICE_ACCOUNT
OSDU_GCP_HELM_CONFIG_SERVICE: partition-config
OSDU_GCP_HELM_DEPLOYMENT_SERVICE: partition-deploy
@@ -62,30 +72,38 @@ include:
file: "publishing/pages.yml"
osdu-gcp-deploy-deployment:
- variables:
- OSDU_GCP_BOOTSTRAP_SERVICE: partition-bootstrap
- needs: ["osdu-gcp-containerize-gitlab", "osdu-gcp-containerize-bootstrap-gitlab", "osdu-gcp-deploy-configmap"]
+ needs:
+ - osdu-gcp-containerize-gitlab
+ - osdu-gcp-containerize-bootstrap-gitlab
+ - osdu-gcp-deploy-configmap
after_script:
- echo ----- Verify Bootstrap -----
- - kubectl rollout status deployment.v1.apps/$OSDU_GCP_BOOTSTRAP_SERVICE -n $OSDU_GCP_HELM_NAMESPACE --timeout=900s
- - POD=$(kubectl get pod --sort-by=.metadata.creationTimestamp -n $OSDU_GCP_HELM_NAMESPACE | grep $OSDU_GCP_BOOTSTRAP_SERVICE | tail -1 | awk '{print $1}')
+ - kubectl rollout status deployment.v1.apps/$OSDU_GCP_SERVICE-bootstrap -n $OSDU_GCP_HELM_NAMESPACE --timeout=900s
+ - POD=$(kubectl get pod --sort-by=.metadata.creationTimestamp -n $OSDU_GCP_HELM_NAMESPACE | grep $OSDU_GCP_SERVICE-bootstrap | tail -1 | awk '{print $1}')
- STATUS=$(kubectl wait -n $OSDU_GCP_HELM_NAMESPACE --for=condition=Ready pod/$POD --timeout=300s)
- echo $STATUS
- if [[ "$STATUS" != *"met"* ]]; then echo "POD didn't start correctly" ; exit 1 ; fi
osdu-gcp-dev2-deploy-deployment:
variables:
- OSDU_GCP_BOOTSTRAP_SERVICE: partition-bootstrap
OSDU_GCP_BOOTSTRAP_SERVICE_ACCOUNT: workload-gke-bootstrap-sa
- needs: ["osdu-gcp-containerize-gitlab", "osdu-gcp-containerize-bootstrap-gitlab", "osdu-gcp-dev2-deploy-configmap"]
+ needs:
+ - osdu-gcp-containerize-gitlab
+ - osdu-gcp-containerize-bootstrap-gitlab
+ - osdu-gcp-dev2-deploy-configmap
after_script:
- echo ----- Verify Bootstrap -----
- - kubectl rollout status deployment.v1.apps/$OSDU_GCP_BOOTSTRAP_SERVICE -n $OSDU_GCP_HELM_NAMESPACE --timeout=900s
- - POD=$(kubectl get pod --sort-by=.metadata.creationTimestamp -n $OSDU_GCP_HELM_NAMESPACE | grep $OSDU_GCP_BOOTSTRAP_SERVICE | tail -1 | awk '{print $1}')
+ - kubectl rollout status deployment.v1.apps/$OSDU_GCP_SERVICE-bootstrap -n $OSDU_GCP_HELM_NAMESPACE --timeout=900s
+ - POD=$(kubectl get pod --sort-by=.metadata.creationTimestamp -n $OSDU_GCP_HELM_NAMESPACE | grep $OSDU_GCP_SERVICE-bootstrap | tail -1 | awk '{print $1}')
- STATUS=$(kubectl wait -n $OSDU_GCP_HELM_NAMESPACE --for=condition=Ready pod/$POD --timeout=300s)
- echo $STATUS
- if [[ "$STATUS" != *"met"* ]]; then echo "POD didn't start correctly" ; exit 1 ; fi
+osdu-gcp-anthos-deploy-deployment:
+ needs:
+ - osdu-gcp-containerize-gitlab
+ - osdu-gcp-containerize-bootstrap-gitlab
+ - osdu-gcp-anthos-deploy-configmap
osdu-gcp-test:
variables:
diff --git a/devops/gcp/configmap/templates/partition-bootstrap-configmap.yml b/devops/gcp/configmap/templates/partition-bootstrap-configmap.yml
index e2312dc11c73c15d27cbc9a36dfb7f4f1d1f9c6d..b582ed5d72571debb9c26502aeeda7f698ec2d4f 100644
--- a/devops/gcp/configmap/templates/partition-bootstrap-configmap.yml
+++ b/devops/gcp/configmap/templates/partition-bootstrap-configmap.yml
@@ -2,18 +2,18 @@ apiVersion: v1
kind: ConfigMap
metadata:
labels:
- app: "{{ .Values.conf.bootstrap_name }}"
- name: "{{ .Values.conf.bootstrap_configmap }}"
+ app: "{{ .Values.conf.appName }}-bootstrap"
+ name: "{{ .Values.conf.configmap }}-bootstrap"
namespace: "{{ .Release.Namespace }}"
data:
- PARTITION_NAME: "{{ .Values.data.partition_name }}.{{ .Release.Namespace }}.svc.cluster.local"
- PROJECT_ID: "{{ .Values.data.project_id }}"
- DATA_PARTITION_ID: "{{ .Values.data.data_partition_id }}"
- {{- if .Values.conf.on_prem_enabled }}
- DOMAIN: "{{ .Values.data.domain }}"
+ PARTITION_NAME: "{{ .Values.data.partitionName }}.{{ .Release.Namespace }}.svc.cluster.local"
+ PROJECT_ID: "{{ .Values.data.projectId }}"
+ DATA_PARTITION_ID: "{{ .Values.data.dataPartitionId }}"
+ {{- if .Values.conf.onPremEnabled }}
+ DOMAIN: "{{- default (printf "%s.%s" ((index (lookup "v1" "Service" .Values.data.istioNamespace "istio-ingressgateway").status.loadBalancer.ingress 0).ip) "nip.io") .Values.data.domain -}}"
ENVIRONMENT: "{{ .Values.data.environment }}"
- CLIENT_ID: "{{ .Values.data.client_id }}"
+ CLIENT_ID: "{{ .Values.data.clientId }}"
{{- else }}
- AUDIENCES: "{{ .Values.data.google_audiences }}"
- DATAFIER_SA: "{{ .Values.data.datafier_sa }}"
+ AUDIENCES: "{{ .Values.data.googleAudiences }}"
+ DATAFIER_SA: "{{ .Values.data.datafierSa }}"
{{- end }}
diff --git a/devops/gcp/configmap/templates/partition-variables.yml b/devops/gcp/configmap/templates/partition-variables.yml
index 0904a5919db399749ee88c72bdf5f9dad17b68c7..ded1afe48f0c4564a811619759c4d4cfdebdf77d 100644
--- a/devops/gcp/configmap/templates/partition-variables.yml
+++ b/devops/gcp/configmap/templates/partition-variables.yml
@@ -2,18 +2,17 @@ apiVersion: v1
kind: ConfigMap
metadata:
labels:
- app: "{{ .Values.conf.app_name }}"
+ app: "{{ .Values.conf.appName }}"
name: "{{ .Values.conf.configmap }}"
namespace: "{{ .Release.Namespace }}"
data:
- LOG_LEVEL: "{{ .Values.data.log_level }}"
- SPRING_PROFILES_ACTIVE: "{{ .Values.data.spring_profiles_active }}"
- {{- if .Values.conf.on_prem_enabled }}
- PARTITION_PROPERTY_KIND: "{{ .Values.data.partition_property_kind }}"
- PARTITION_NAMESPACE: "{{ .Values.data.partition_namespace }}"
+ LOG_LEVEL: "{{ .Values.data.logLevel }}"
+ SPRING_PROFILES_ACTIVE: "{{ .Values.data.springProfilesActive }}"
+ {{- if .Values.conf.onPremEnabled }}
+ PARTITION_NAMESPACE: "{{ .Values.data.partitionNamespace }}"
{{- else }}
- GOOGLE_CLOUD_PROJECT: "{{ .Values.data.project_id }}"
- PARTITION_ADMIN_ACCOUNTS: "{{ .Values.data.partition_admin_accounts }}"
- GOOGLE_AUDIENCES: "{{ .Values.data.google_audiences }}"
- SERVICE_ACCOUNT_TAIL: "{{ .Values.data.service_account_tail }}"
+ GOOGLE_CLOUD_PROJECT: "{{ .Values.data.projectId }}"
+ PARTITION_ADMIN_ACCOUNTS: "{{ .Values.data.partitionAdminAccounts }}"
+ GOOGLE_AUDIENCES: "{{ .Values.data.googleAudiences }}"
+ SERVICE_ACCOUNT_TAIL: "{{ .Values.data.serviceAccountTail }}"
{{- end }}
diff --git a/devops/gcp/configmap/values.yaml b/devops/gcp/configmap/values.yaml
index 9095f463b18756c7360846896035ac900b3f76d9..81d28026f17a4d8b5d7b5b67b0f168b4c6592de8 100644
--- a/devops/gcp/configmap/values.yaml
+++ b/devops/gcp/configmap/values.yaml
@@ -1,24 +1,22 @@
data:
- project_id: ""
- partition_admin_accounts: ""
- google_audiences: ""
- log_level: "INFO"
- service_account_tail: ".iam.gserviceaccount.com"
- partition_property_kind: ""
- partition_namespace: ""
- spring_profiles_active: "gcp"
+ projectId: ""
+ partitionAdminAccounts: ""
+ googleAudiences: ""
+ logLevel: "INFO"
+ serviceAccountTail: ".iam.gserviceaccount.com"
+ # FIXME GONRG-4910
+ partitionNamespace: ""
+ springProfilesActive: "gcp"
# bootstrap common
- partition_name: "partition"
- data_partition_id: ""
- datafier_sa: "datafier"
+ partitionName: "partition"
+ dataPartitionId: ""
+ datafierSa: "datafier"
# bootstrap variables onprem
domain: ""
+ istioNamespace: "istio-ingress"
environment: ""
- client_id: ""
+ clientId: "datafier"
conf:
configmap: "partition-config"
- app_name: "partition"
- # bootstrap common
- bootstrap_name: "partition-bootstrap"
- bootstrap_configmap: "partition-bootstrap-configmap"
- on_prem_enabled: false
+ appName: "partition"
+ onPremEnabled: false
diff --git a/devops/gcp/deploy/templates/partition-authorization-policy.yml b/devops/gcp/deploy/templates/partition-authorization-policy.yml
index 0d305dcaae2f88a5ac05dcb14c76871405f50261..d3c3894d54a5c7b03134e9e69e75767b573029bf 100644
--- a/devops/gcp/deploy/templates/partition-authorization-policy.yml
+++ b/devops/gcp/deploy/templates/partition-authorization-policy.yml
@@ -1,4 +1,4 @@
-{{- if .Values.conf.on_prem_enabled }}
+{{- if .Values.conf.onPremEnabled }}
{{- range $key, $spec := .Values.authorizations }}
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
diff --git a/devops/gcp/deploy/templates/partition-bootstrap-deployment.yml b/devops/gcp/deploy/templates/partition-bootstrap-deployment.yml
index e3b2e2e554512cc8d512678019b498e549be09c2..ff41c878a380e3a96c23ed8adf5dc8df8332c375 100644
--- a/devops/gcp/deploy/templates/partition-bootstrap-deployment.yml
+++ b/devops/gcp/deploy/templates/partition-bootstrap-deployment.yml
@@ -1,23 +1,23 @@
apiVersion: apps/v1
kind: Deployment
metadata:
- name: "{{ .Values.conf.bootstrap_name }}"
+ name: "{{ .Values.conf.appName }}-bootstrap"
namespace: "{{ .Release.Namespace }}"
spec:
replicas: 1
selector:
matchLabels:
- app: "{{ .Values.conf.bootstrap_name }}"
+ app: "{{ .Values.conf.appName }}-bootstrap"
template:
metadata:
labels:
- app: "{{ .Values.conf.bootstrap_name }}"
+ app: "{{ .Values.conf.appName }}-bootstrap"
annotations:
rollme: {{ randAlphaNum 5 | quote }}
spec:
containers:
- - image: "{{ .Values.data.bootstrap_image }}"
- name: "{{ .Values.conf.bootstrap_name }}"
+ - image: "{{ .Values.data.bootstrapImage }}"
+ name: "{{ .Values.conf.appName }}-bootstrap"
readinessProbe:
exec:
command:
@@ -25,10 +25,10 @@ spec:
- /tmp/bootstrap_ready
envFrom:
- configMapRef:
- name: "{{ .Values.conf.bootstrap_configmap }}"
+ name: "{{ .Values.conf.configmap }}-bootstrap"
resources:
limits:
- cpu: "{{ .Values.data.bootstrap_limits_cpu }}"
- memory: "{{ .Values.data.bootstrap_limits_memory }}"
+ cpu: "{{ .Values.data.bootstrapLimitsCpu }}"
+ memory: "{{ .Values.data.bootstrapLimitsMemory }}"
restartPolicy: Always
serviceAccountName: "{{ .Values.data.bootstrapServiceAccountName }}"
diff --git a/devops/gcp/deploy/templates/partition-deploy.yml b/devops/gcp/deploy/templates/partition-deploy.yml
index c30fb06d13ff23d740bf5ec2f824a7ffc7c1cde2..3714004424e0875835410f110c9375cd5c1fa1ba 100644
--- a/devops/gcp/deploy/templates/partition-deploy.yml
+++ b/devops/gcp/deploy/templates/partition-deploy.yml
@@ -1,31 +1,31 @@
apiVersion: apps/v1
kind: Deployment
metadata:
- name: "{{ .Values.conf.app_name }}"
+ name: "{{ .Values.conf.appName }}"
namespace: "{{ .Release.Namespace }}"
spec:
replicas: 1
selector:
matchLabels:
- app: "{{ .Values.conf.app_name }}"
+ app: "{{ .Values.conf.appName }}"
template:
metadata:
labels:
- app: "{{ .Values.conf.app_name }}"
+ app: "{{ .Values.conf.appName }}"
annotations:
rollme: {{ randAlphaNum 5 | quote }}
spec:
containers:
- image: "{{ .Values.data.image }}"
imagePullPolicy: "{{ .Values.data.imagePullPolicy }}"
- name: "{{ .Values.conf.app_name }}"
+ name: "{{ .Values.conf.appName }}"
env:
- name: "ACCEPT_HTTP"
value: "true"
envFrom:
- configMapRef:
name: "{{ .Values.conf.configmap }}"
- {{- if .Values.conf.on_prem_enabled }}
+ {{- if .Values.conf.onPremEnabled }}
- secretRef:
name: "{{ .Values.conf.secret }}"
{{- end }}
@@ -36,9 +36,9 @@ spec:
- containerPort: 8080
resources:
requests:
- cpu: "{{ .Values.data.requests_cpu }}"
- memory: "{{ .Values.data.requests_memory }}"
+ cpu: "{{ .Values.data.requestsCpu }}"
+ memory: "{{ .Values.data.requestsMemory }}"
limits:
- cpu: "{{ .Values.data.limits_cpu }}"
- memory: "{{ .Values.data.limits_memory }}"
+ cpu: "{{ .Values.data.limitsCpu }}"
+ memory: "{{ .Values.data.limitsMemory }}"
serviceAccountName: "{{ .Values.data.serviceAccountName }}"
diff --git a/devops/gcp/deploy/templates/partition-peer-authentication.yml b/devops/gcp/deploy/templates/partition-peer-authentication.yml
index e245d8b302ec32f02051dc747af3ca38efb3bb3d..2df6ac7c9313a015affed42ce3843861654dbe33 100644
--- a/devops/gcp/deploy/templates/partition-peer-authentication.yml
+++ b/devops/gcp/deploy/templates/partition-peer-authentication.yml
@@ -1,4 +1,4 @@
-{{- if .Values.conf.on_prem_enabled }}
+{{- if .Values.conf.onPremEnabled }}
apiVersion: security.istio.io/v1beta1
kind: PeerAuthentication
metadata:
diff --git a/devops/gcp/deploy/templates/partition-service.yml b/devops/gcp/deploy/templates/partition-service.yml
index d03488ae7021338d1b4689eae7baa2472481d650..aadcab814f8a42062c70fb328d291f2fc10879a3 100644
--- a/devops/gcp/deploy/templates/partition-service.yml
+++ b/devops/gcp/deploy/templates/partition-service.yml
@@ -1,7 +1,7 @@
apiVersion: v1
kind: Service
metadata:
- name: "{{ .Values.conf.app_name }}"
+ name: "{{ .Values.conf.appName }}"
namespace: "{{ .Release.Namespace }}"
annotations:
cloud.google.com/neg: '{"ingress": true}'
@@ -12,4 +12,4 @@ spec:
protocol: TCP
name: http
selector:
- app: "{{ .Values.conf.app_name }}"
+ app: "{{ .Values.conf.appName }}"
diff --git a/devops/gcp/deploy/templates/partition-virtual-service.yml b/devops/gcp/deploy/templates/partition-virtual-service.yml
index 13c21ddf1f4a77208f3b8850a9f540fc4ac35a36..1853711e2ea2d5479d092bdeebf495d5a0dbca1c 100644
--- a/devops/gcp/deploy/templates/partition-virtual-service.yml
+++ b/devops/gcp/deploy/templates/partition-virtual-service.yml
@@ -1,11 +1,15 @@
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
- name: "{{ .Values.conf.app_name }}"
+ name: "{{ .Values.conf.appName }}"
namespace: "{{ .Release.Namespace }}"
spec:
hosts:
+ {{- if .Values.conf.domain }}
+ - {{ printf "osdu.%s" .Values.conf.domain | quote }}
+ {{- else }}
- "*"
+ {{- end }}
gateways:
- service-gateway
http:
@@ -16,4 +20,4 @@ spec:
- destination:
port:
number: 80
- host: "{{ .Values.conf.app_name }}.{{ .Release.Namespace }}.svc.cluster.local"
+ host: "{{ .Values.conf.appName }}.{{ .Release.Namespace }}.svc.cluster.local"
diff --git a/devops/gcp/deploy/templates/service-account.yml b/devops/gcp/deploy/templates/service-account.yml
index 3fede170cb014a4cfdf8cc99d745a32eb66aeed0..25fd74efbfca059f541af82d98b676cfcb930d64 100644
--- a/devops/gcp/deploy/templates/service-account.yml
+++ b/devops/gcp/deploy/templates/service-account.yml
@@ -1,4 +1,4 @@
-{{- if .Values.conf.on_prem_enabled }}
+{{- if .Values.conf.onPremEnabled }}
apiVersion: v1
kind: ServiceAccount
metadata:
diff --git a/devops/gcp/deploy/values.yaml b/devops/gcp/deploy/values.yaml
index 3b61511bd4dacf1382003359e02627b24e6a22f8..9792342b72b869f78f68f9d5d90d725c23885bb7 100644
--- a/devops/gcp/deploy/values.yaml
+++ b/devops/gcp/deploy/values.yaml
@@ -1,24 +1,22 @@
data:
- requests_cpu: "0.1"
- requests_memory: "260M"
- limits_cpu: "1"
- limits_memory: "1G"
+ requestsCpu: "0.1"
+ requestsMemory: "260M"
+ limitsCpu: "1"
+ limitsMemory: "1G"
serviceAccountName: "partition"
imagePullPolicy: "IfNotPresent"
image: ""
- # bootstrap common
- bootstrap_limits_cpu: "0.1"
- bootstrap_limits_memory: "200M"
- bootstrap_image: ""
+ # bootstrap
+ bootstrapLimitsCpu: "0.1"
+ bootstrapLimitsMemory: "200M"
+ bootstrapImage: ""
bootstrapServiceAccountName: ""
conf:
configmap: "partition-config"
secret: "partition-postgres-secret"
- app_name: "partition"
- # bootstrap common
- bootstrap_name: "partition-bootstrap"
- bootstrap_configmap: "partition-bootstrap-configmap"
- on_prem_enabled: false
+ appName: "partition"
+ onPremEnabled: false
+ domain: ""
namespacePolicy:
mtlsMode: STRICT
authorizations:
diff --git a/provider/partition-gcp/bootstrap/bootstrap_partition.sh b/provider/partition-gcp/bootstrap/bootstrap_partition.sh
index 2059ee5de7d2a6ef1de5112811d78b5ce08b421f..a448cb168964dd00beb6d50a1492363b072a3748 100644
--- a/provider/partition-gcp/bootstrap/bootstrap_partition.sh
+++ b/provider/partition-gcp/bootstrap/bootstrap_partition.sh
@@ -4,42 +4,41 @@ set -ex
DATA_PARTITION_ID_UPPER=${DATA_PARTITION_ID^^}
-generate_post_data()
-{
+generate_post_data() {
cat <<EOF
{
"properties": {
"projectId": {
- "sensitive": false,
- "value": "${PROJECT_ID}"
+ "sensitive": false,
+ "value": "${PROJECT_ID}"
},
"serviceAccount": {
- "sensitive": false,
- "value": "${SERVICEACCOUNT}"
+ "sensitive": false,
+ "value": "${SERVICEACCOUNT}"
},
"complianceRuleSet": {
- "sensitive": false,
- "value": "shared"
+ "sensitive": false,
+ "value": "shared"
},
"dataPartitionId": {
- "sensitive": false,
- "value": "${DATA_PARTITION_ID}"
+ "sensitive": false,
+ "value": "${DATA_PARTITION_ID}"
},
"name": {
- "sensitive": false,
- "value": "${DATA_PARTITION_ID}"
+ "sensitive": false,
+ "value": "${DATA_PARTITION_ID}"
},
"policy-service-enabled": {
- "sensitive": false,
- "value": "false"
+ "sensitive": false,
+ "value": "false"
},
"bucket": {
- "sensitive": false,
- "value": "${PROJECT_ID}-records"
+ "sensitive": false,
+ "value": "${PROJECT_ID}-records"
},
"crmAccountID": {
- "sensitive": false,
- "value": "[${DATA_PARTITION_ID},${DATA_PARTITION_ID}]"
+ "sensitive": false,
+ "value": "[${DATA_PARTITION_ID},${DATA_PARTITION_ID}]"
},
"osm.postgres.datasource.url": {
"sensitive": true,
@@ -89,12 +88,11 @@ generate_post_data()
"sensitive": true,
"value": "RABBITMQ_ADMIN_PASSWORD"
},
-
- "oqm.rabbitmq.admin.schema": {
+ "oqm.rabbitmq.admin.schema": {
"sensitive": false,
"value": "http"
},
- "oqm.rabbitmq.admin.host": {
+ "oqm.rabbitmq.admin.host": {
"sensitive": false,
"value": "rabbitmq"
},
@@ -135,9 +133,6 @@ generate_post_data()
EOF
}
-echo "sleep to prevent 500 response from the partition service, due to timeout of creation for Workload Identity"
-sleep 20
-
if [ "$ENVIRONMENT" == "anthos" ]
then
@@ -150,21 +145,25 @@ then
if [ "$status_code" == 201 ]
then
- echo "partition bootstrap was OK!"
+ echo "Partition bootstrap finished successfully!"
elif [ "$status_code" == 409 ]
then
curl -X PATCH \
--url "http://${PARTITION_NAME}/api/partition/v1/partitions/${DATA_PARTITION_ID}" --write-out "%{http_code}" --silent --output "/dev/null" \
-H "Content-Type: application/json" \
--data-raw "$(generate_post_data)"
- echo "partition was patched because datastore has already had some entities!"
+ echo "Partition was patched because Postgres Database had already had entities!"
else
exit 1
fi
+# FIXME "$ENVIRONMENT" == "gcp" or use another variable
elif [ "$ENVIRONMENT" == "" ]
then
+ echo "sleep to prevent 500 response from the Partition service, due to timeout of creation for Workload Identity"
+ sleep 20
+
IDENTITY_TOKEN=$(gcloud auth print-identity-token --audiences="${AUDIENCES}")
SERVICEACCOUNT=${DATAFIER_SA}@${PROJECT_ID}.iam.gserviceaccount.com
@@ -177,7 +176,7 @@ then
if [ "$status_code" == 201 ]
then
- echo "partition bootstrap was OK!"
+ echo "Partition bootstrap finished successfully!"
elif [ "$status_code" == 409 ]
then
curl -X PATCH \
@@ -185,7 +184,7 @@ then
-H "Authorization: Bearer ${IDENTITY_TOKEN}" \
-H "Content-Type: application/json" \
--data-raw "$(generate_post_data)"
- echo "partition was patched because datastore has already had some entities!"
+ echo "Partition was patched because Datastore had already had entities!"
else
exit 1
fi