sync up with latest Delfi changes

provider/crs-catalog-azure/crs-catalog-aks/Dockerfile → devops/azure/Dockerfile

 FROM openjdk:8-jdk-alpine
 
-ARG ENTITLEMENT_URL
-ARG client-id
-
-ENV ENTITLEMENT_URL=$ENTITLEMENT_URL
-ENV client-id=$client-id
-
 EXPOSE 8080
 
-COPY /target/crs-catalog-aks-1.0.0.jar /app.jar
+COPY provider/crs-catalog-azure/crs-catalog-aks/target/crs-catalog-aks-1.0.0.jar /app.jar
 ENTRYPOINT ["java","-jar","/app.jar"]
 

devops/azure/chart/templates/deployment.yaml

@@ -24,23 +24,23 @@ spec:
       - name: shared-data
         emptyDir: {}
       imagePullSecrets:
-        - name: {{ .Values.catalogs.imagePullSecrets }}         
+        - name: {{ .Values.image.imagePullSecrets }}         
       initContainers:
       - name: "init-crs-catalog"
-        image: "{{ .Values.catalogs.repository }}:{{ .Values.catalogs.tag }}"
-        imagePullPolicy: {{ .Values.catalogs.pullPolicy }}
+        image: "{{ .Values.catalog.repository }}:{{ .Values.catalog.tag }}"
+        imagePullPolicy: {{ .Values.catalog.pullPolicy }}
         volumeMounts:
         - name: shared-data
           mountPath: /mnt/crs_catalogs              
       containers:
       - name: {{ .Chart.Name }}
-        image: {{ .Values.image.repository }}/{{ .Chart.Name }}-{{ .Values.image.branch }}:{{ .Values.image.tag | default .Chart.AppVersion }}
-        imagePullPolicy: Always
+        image: "{{ .Values.app.repository }}:{{ .Values.app.tag }}"
+        imagePullPolicy: {{ .Values.app.pullPolicy }}
         ports:
         - containerPort: 80
         readinessProbe:
           httpGet:
-            path: /api/crs/catalog/swagger-ui.html
+            path: /api/crs/catalog/_ah/readiness_check
             port: 80
         volumeMounts:
         - name: azure-keyvault
@@ -52,7 +52,7 @@ spec:
         - name: spring_application_name
           value: crs-catalog-service
         - name: server.servlet.contextPath
-          value: /api/crs/catalog/v2/
+          value: /api/crs/catalog/
         - name: server_port
           value: "80"
         - name: ACCEPT_HTTP  # TEMPORARY UNTIL HTTPS
@@ -82,10 +82,6 @@ spec:
             secretKeyRef:
               name: appid
               key: appid
-        - name: azure_activedirectory_session_stateless
-          value: "true"
-        - name: azure_activedirectory_AppIdUri
-          value: "api://$(aad_client_id)"
         - name: appinsights_key
           valueFrom:
             secretKeyRef:

devops/azure/chart/values.yaml

@@ -2,13 +2,16 @@ global:
   replicaCount: 1
 
 image:
-  repository: community.opengroup.org:5555/osdu/platform/ref/crs-catalog-service
-  branch: master
+  imagePullSecrets: acr
+
+app:
+  repository: delfi.azurecr.io/crs-catalog-app
   tag: latest
+  pullPolicy: Always
 
-catalogs:
+catalog:
   repository: delfi.azurecr.io/crs-catalogs
   tag: v2
   pullPolicy: Always
-  imagePullSecrets: acr
+
 

provider/crs-catalog-azure/crs-catalog-aks/crs-catalog-aks/.helmignore

-# Patterns to ignore when building packages.
-# This supports shell glob matching, relative path matching, and
-# negation (prefixed with !). Only one pattern per line.
-.DS_Store
-# Common VCS dirs
-.git/
-.gitignore
-.bzr/
-.bzrignore
-.hg/
-.hgignore
-.svn/
-# Common backup files
-*.swp
-*.bak
-*.tmp
-*~
-# Various IDEs
-.project
-.idea/
-*.tmproj
-.vscode/

provider/crs-catalog-azure/crs-catalog-aks/crs-catalog-aks/Chart.yaml

-# Copyright 2017-2019, Schlumberger
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-appVersion: "1.0"
-description: A Helm chart for Kubernetes
-name: crs-catalog-aks
-version: 0.1.0

provider/crs-catalog-azure/crs-catalog-aks/crs-catalog-aks/templates/NOTES.txt

-Copyright 2017-2019, Schlumberger
-
-Licensed under the Apache License, Version 2.0 (the "License");
-you may not use this file except in compliance with the License.
-You may obtain a copy of the License at
-
-     http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing, software
-distributed under the License is distributed on an "AS IS" BASIS,
-WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-See the License for the specific language governing permissions and
-limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range $host := .Values.ingress.hosts }}
-  {{- range $.Values.ingress.paths }}
-  http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $host }}{{ . }}
-  {{- end }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "crs-catalog-aks.fullname" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get svc -w {{ include "crs-catalog-aks.fullname" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "crs-catalog-aks.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
-  echo http://$SERVICE_IP:{{ .Values.service.port }}
-{{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "crs-catalog-aks.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  echo "Visit http://127.0.0.1:8080 to use your application"
-  kubectl port-forward $POD_NAME 8080:80
-{{- end }}

provider/crs-catalog-azure/crs-catalog-aks/crs-catalog-aks/templates/_helpers.tpl

-{{/* vim: set filetype=mustache: */}}
-{{/*
-Expand the name of the chart.
-*/}}
-{{- define "crs-catalog-aks.name" -}}
-{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-
-{{/*
-Create a default fully qualified app name.
-We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
-If release name contains chart name it will be used as a full name.
-*/}}
-{{- define "crs-catalog-aks.fullname" -}}
-{{- if .Values.fullnameOverride -}}
-{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- $name := default .Chart.Name .Values.nameOverride -}}
-{{- if contains $name .Release.Name -}}
-{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
-{{- else -}}
-{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
-{{- end -}}
-{{- end -}}
-{{- end -}}
-
-{{/*
-Create chart name and version as used by the chart label.
-*/}}
-{{- define "crs-catalog-aks.chart" -}}
-{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
-{{- end -}}

provider/crs-catalog-azure/crs-catalog-aks/crs-catalog-aks/templates/deployment.yaml

-# Copyright 2017-2019, Schlumberger
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: "crs-catalog-aks"
-  namespace: {{ .Values.namespace }}
-  labels:
-    app: "crs-catalog-aks"
-    version: v2
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      app: "crs-catalog-aks"
-      version: v2
-  template:
-    metadata:
-      labels:
-        app: "crs-catalog-aks"
-        version: v2
-    spec:
-      volumes:
-      - name: shared-data
-        emptyDir: {}
-      containers:
-        - name: {{ .Chart.Name }}
-          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
-          imagePullPolicy: {{ .Values.image.pullPolicy }}
-          volumeMounts:
-          - name: shared-data
-            mountPath: /mnt/crs_catalogs
-          ports:
-            - name: http
-              containerPort: {{ .Values.service.http.targetPort }}
-            - name: https
-              containerPort: {{ .Values.service.https.targetPort }}
-          resources:
-            {{- toYaml .Values.resources | nindent 12 }}
-          env:
-            - name: ENTITLEMENT_URL
-              value: "{{.Values.service.entitlement.url}}" 
-            - name: client-id
-              value: "{{.Values.service.client.url}}"
-      initContainers:
-      - name: "init-crs-catalog"
-        image: "{{ .Values.catalogs.repository }}:{{ .Values.catalogs.tag }}"
-        imagePullPolicy: {{ .Values.image.pullPolicy }}
-        volumeMounts:
-        - name: shared-data
-          mountPath: /mnt/crs_catalogs
-      imagePullSecrets:
-        - name: {{ .Values.image.imagePullSecrets }}
-      {{- with .Values.nodeSelector }}
-      nodeSelector:
-        {{- toYaml . | nindent 8 }}
-      {{- end }}
-    {{- with .Values.affinity }}
-      affinity:
-        {{- toYaml . | nindent 8 }}
-    {{- end }}
-    {{- with .Values.tolerations }}
-      tolerations:
-        {{- toYaml . | nindent 8 }}
-    {{- end }}

provider/crs-catalog-azure/crs-catalog-aks/crs-catalog-aks/templates/ingress.yaml

-# Copyright 2017-2019, Schlumberger
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-{{- if .Values.ingress.enabled -}}
-{{- $fullName := include "crs-catalog-aks.fullname" . -}}
-{{- $ingressPaths := .Values.ingress.paths -}}
-apiVersion: extensions/v1beta1
-kind: Ingress
-metadata:
-  name: {{ $fullName }}
-  namespace: {{ .Values.namespace }}   
-  labels:
-    app.kubernetes.io/name: {{ include "crs-catalog-aks.name" . }}
-    helm.sh/chart: {{ include "crs-catalog-aks.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-  {{- with .Values.ingress.annotations }}
-  annotations:
-    {{- toYaml . | nindent 4 }}
-  {{- end }}
-spec:
-{{- if .Values.ingress.tls }}
-  tls:
-  {{- range .Values.ingress.tls }}
-    - hosts:
-      {{- range .hosts }}
-        - {{ . | quote }}
-      {{- end }}
-      secretName: {{ .secretName }}
-  {{- end }}
-{{- end }}
-  rules:
-  {{- range .Values.ingress.hosts }}
-    - host: {{ . | quote }}
-      http:
-        paths:
-	{{- range $ingressPaths }}
-          - path: {{ . }}
-            backend:
-              serviceName: {{ $fullName }}
-              servicePort: http
-	{{- end }}
-  {{- end }}
-{{- end }}

provider/crs-catalog-azure/crs-catalog-aks/crs-catalog-aks/templates/service.yaml

-# Copyright 2017-2019, Schlumberger
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Service
-metadata:
-  name: "crs-catalog-aks"
-  namespace: {{ .Values.namespace }}  
-  labels:
-    name: "crs-catalog-aks"
-  labels:
-    app: crs-catalog-aks
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    - port: {{ .Values.service.http.port }}
-      targetPort: {{ .Values.service.http.targetPort }}
-      name: http
-    - port: {{ .Values.service.https.port }}
-      targetPort: {{ .Values.service.https.targetPort }}
-      name: https
-  selector:
-    app: crs-catalog-aks

provider/crs-catalog-azure/crs-catalog-aks/crs-catalog-aks/templates/tests/test-connection.yaml

-# Copyright 2017-2019, Schlumberger
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-kind: Pod
-metadata:
-  name: "{{ include "crs-catalog-aks.fullname" . }}-test-connection"
-  namespace: {{ .Values.namespace }}   
-  labels:
-    app.kubernetes.io/name: {{ include "crs-catalog-aks.name" . }}
-    helm.sh/chart: {{ include "crs-catalog-aks.chart" . }}
-    app.kubernetes.io/instance: {{ .Release.Name }}
-    app.kubernetes.io/managed-by: {{ .Release.Service }}
-  annotations:
-    "helm.sh/hook": test-success
-spec:
-  containers:
-    - name: wget
-      image: busybox
-      command: ['wget']
-      args:  ['{{ include "crs-catalog-aks.fullname" . }}:{{ .Values.service.port }}']
-  restartPolicy: Never

provider/crs-catalog-azure/crs-catalog-aks/crs-catalog-aks/values.yaml.tmpl

-# Copyright 2017-2019, Schlumberger
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-# Default values for crs-catalog-aks.
-# This is a YAML-formatted file.
-# Declare variables to be passed into your templates.
-
-namespace: default
-replicaCount: 1
-
-image:
-  repository: delfi.azurecr.io/crs-catalog-aks
-  tag: v2
-  pullPolicy: Always
-  imagePullSecrets: acr
-
-catalogs:
-  repository: delfi.azurecr.io/crs-catalogs
-  tag: v2
-  pullPolicy: Always
-  imagePullSecrets: acr
-
-nameOverride: ""
-fullnameOverride: ""
-
-service:
-  type: NodePort
-  http:
-    port: 80
-    targetPort: 8080
-  https:
-    port: 443
-    targetPort: 8443
-  entitlement:
-    url: ENTITLEMENT_URL
-  client:
-    url: client-id
-
-ingress:
-  enabled: false
-  annotations: {}
-    # kubernetes.io/ingress.class: nginx
-    # kubernetes.io/tls-acme: "true"
-  paths: []
-  hosts:
-    - chart-example.local
-  tls: []
-  #  - secretName: chart-example-tls
-  #    hosts:
-  #      - chart-example.local
-
-resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  # limits:
-  #  cpu: 100m
-  #  memory: 128Mi
-  # requests:
-  #  cpu: 100m
-  #  memory: 128Mi
-
-nodeSelector: {}
-
-tolerations: []
-
-affinity: {}

provider/crs-catalog-azure/crs-catalog-aks/devops/azure-pipelines.yml

-# Maven package Java project Web App to Linux on Azure
-# Build your Java project and deploy it to Azure as a Linux web app
-# Add steps that analyze code, save build artifacts, deploy, and more:
-# https://docs.microsoft.com/azure/devops/pipelines/languages/java
-
-# Required Group Variables - `Service Pipeline Variables`
-  # VM_IMAGE_NAME -- Agent VM image name
-  # AZURE_SUBSCRIPTION - ${{env_name}} -- Azure Resource Manager service connection created during pipeline creation
-
-# Required Group Variables - `Service Pipeline Variables - {env_name}`
-  # AZURE_AD_APP_RESOURCE_ID
-  # AZURE_AD_OTHER_APP_RESOURCE_ID
-  # AZURE_AD_TENANT_ID -- Azure Subscription Id
-  # DOMAIN
-  # ENTITLEMENT_URL -- end with '/'
-  # ENVIRONMENT_NAME
-  # EXPIRED_TOKEN
-  # INTEGRATION_TESTER
-  # MY_TENANT
-  # ENTITLEMENTS_WEBAPPNAME
-
-trigger:
-  branches:
-    include:
-      - master
-  paths:
-    exclude:
-      - README.md
-      - OpenDES_Azure_Security.md
-      - .gitignore
-      - images/*
-
-variables:
-  - group: 'AZURE_REGISTRY_DELFI'
-  - group: 'Azure Common Secrets'
-  - group: 'Azure - Common'
-  - group: 'Azure Service Release - crs-catalog'
-  - name: imageName
-    value: 'crs-catalog-aks'
-
-stages:
-  - template: stages.yml
-    parameters:
-      environments:
-        - name: 'devint'
-          kubeconfig: 'devint-aks-kubeconfig'
-        - ${{ if eq(variables['Build.SourceBranchName'], 'master') }}:
-          - name: 'qa'
-            kubeconfig: 'qa-aks-kubeconfig'
-          - name: 'prod'
-            kubeconfig: 'prod-aks-kubeconfig'
-

provider/crs-catalog-azure/crs-catalog-aks/devops/stages.yml

-parameters:
-  environments: []
-
-stages:
-  - ${{ each environment in parameters.environments }}:
-    - stage: 'Build_${{ environment.name }}'
-
-      variables:
-      - group: 'Azure Target Env - ${{environment.name}}'
-      - group: 'Azure Target Env Secrets - ${{environment.name}}'
-      - name: tag
-        value: 'v2'
-
-      jobs:
-        - job: MavenPackageAndPublishArtifacts
-          displayName: Maven Package and Publish Artifacts
-          pool: $(AGENT_POOL)
-
-          steps:
-          - ${{ if eq(environment.name, 'devint') }}:
-            - bash: |
-                #!/bin/bash
-                set -e
-                pushd data
-                docker login -u $(dockerId) -p $(dockerPassword) $(dockerId).azurecr.io
-                docker build -t $(dockerId).azurecr.io/crs-catalogs:v2 .
-                docker push $(dockerId).azurecr.io/crs-catalogs:v2
-                popd
-              displayName: 'build and upload data catalog image'
-            - task: Maven@3
-              displayName: 'Maven: build'
-              inputs:
-                mavenPomFile: 'pom.xml'
-                goals: 'install'
-                publishJUnitResults: true
-
-            - bash: |
-                #!/bin/bash
-                set -e
-                pushd provider/crs-catalog-azure/crs-catalog-aks
-                docker login -u $(dockerId) -p $(dockerPassword) $(dockerId).azurecr.io
-                docker build -t $(dockerId).azurecr.io/$(imageName):$(tag) .
-                echo 'Image done.'
-                docker tag $(dockerId).azurecr.io/$(imageName):$(tag) $(dockerId).azurecr.io/$(imageName):latest
-                echo 'Added $(dockerId).azurecr.io/$(imageName):latest tag to $(dockerId).azurecr.io/$(imageName):$(tag)'
-                docker push $(dockerId).azurecr.io/$(imageName):$(tag)