Gonrg 9065 storage bootstrap disable

a6aeb764 · Aliaksandr Ramanovich (EPAM) · Oleksandr Kosse (EPAM) · 2e16f1d8 · a6aeb764 · 2e16f1d8
Commit a6aeb764 authored 1 year ago by Aliaksandr Ramanovich (EPAM) Committed by Oleksandr Kosse (EPAM) 1 year ago
--- a/devops/gc/deploy/README.md
+++ b/devops/gc/deploy/README.md
@@ -32,7 +32,6 @@ First you need to set variables in **values.yaml** file using any code editor. S
 |------|-------------|------|---------|---------|
 **global.domain** | your domain for the external endpoint, ex `example.com` | string | - | yes
 **global.onPremEnabled** | whether on-prem is enabled | boolean | false | yes
-**global.dataBootstrapEnabled** | whether storage bootstrap is enabled | boolean | false | yes
 **global.limitsEnabled** | whether CPU and memory limits are enabled | boolean | true | yes

 ### Configmap variables
@@ -49,9 +48,6 @@ First you need to set variables in **values.yaml** file using any code editor. S
 **data.legalHost** | Legal service host address | string | `http://legal` | yes
 **data.opaEnabled** | whether OPA is enabled | boolean | false | yes
 **data.opaEndpoint** | OPA host address | string | `http://opa` | yes
-**data.storageHost** | Storage service host address | string | `http://storage` | only if `global.dataBootstrapEnabled` is true
-**data.defaultLegalTag** | Name of the previously created legal tag (without partition part) | string | `default-data-tag` | only if `global.dataBootstrapEnabled` is true
-**data.dataPartitionId** | Data partition id | string | - | only if `global.dataBootstrapEnabled` is true
 **data.redisStorageHost** | The host for redis instance. If empty (by default), helm installs an internal redis instance | string | - | yes
 **data.redisStoragePort** | The port for redis instance | digit | 6379 | yes

@@ -66,8 +62,6 @@ First you need to set variables in **values.yaml** file using any code editor. S
 **data.image** | path to the image in a registry | string | - | yes
 **data.imagePullPolicy** | when to pull the image | string | `IfNotPresent` | yes
 **data.serviceAccountName** | name of kubernetes service account | string | `storage` | yes
-**data.bootstrapImage** | path to the bootstrap image in a registry | string | - | only if `global.dataBootstrapEnabled` is true
-**data.bootstrapServiceAccountName** | name of kubernetes service account that will be used for bootstrap | string | - | only if `global.dataBootstrapEnabled` is true
 **data.redisImage** | service image | string | `redis:7` | yes

 ### Configuration variables
@@ -80,7 +74,6 @@ First you need to set variables in **values.yaml** file using any code editor. S
 **conf.postgresSecretName** | secret for postgres | string | `storage-postgres-secret` | yes
 **conf.rabbitmqSecretName** | secret for rabbitmq | string | `rabbitmq-secret` | yes
 **conf.storageRedisSecretName** | secret for redis that contains redis password with REDIS_PASSWORD key | string | `storage-redis-secret` | yes
-**conf.bootstrapSecretName** | secret for bootstrap to access openid provider | string | `datafier-secret` | only if `global.dataBootstrapEnabled` is true
 **conf.replicas** | Number of replicas | integer | 3 | yes

 ### Istio variables
@@ -91,8 +84,6 @@ First you need to set variables in **values.yaml** file using any code editor. S
 **istio.proxyCPULimit** | CPU limit for Envoy sidecars | string | 200m | yes
 **istio.proxyMemory** | memory request for Envoy sidecars | string | 100Mi | yes
 **istio.proxyMemoryLimit** | memory limit for Envoy sidecars | string | 256Mi | yes
-**istio.bootstrapProxyCPU** | CPU request for Envoy sidecars | string | 10m | yes
-**istio.bootstrapProxyCPULimit** | CPU limit for Envoy sidecars | string | 100m | yes

 ## Install the Helm chart


--- a/devops/gc/deploy/templates/bootstrap-configmap.yaml
+++ b/devops/gc/deploy/templates/bootstrap-configmap.yaml
-{{- if .Values.global.dataBootstrapEnabled }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  labels:
-    app: {{ printf "%s-bootstrap" .Values.conf.appName | quote }}
-  name: {{ printf "%s-config-bootstrap" .Values.conf.appName | quote }}
-  namespace: {{ .Release.Namespace | quote }}
-data:
-  STORAGE_HOST: {{ .Values.data.storageHost | quote }}
-  DEFAULT_LEGAL_TAG: {{ .Values.data.defaultLegalTag | quote }}
-  DATA_PARTITION_ID: {{ .Values.data.dataPartitionId | quote }}
-  ONPREM_ENABLED: {{ .Values.global.onPremEnabled | quote }}
-{{- end }}
--- a/devops/gc/deploy/templates/bootstrap-deployment.yaml
+++ b/devops/gc/deploy/templates/bootstrap-deployment.yaml
-{{- if .Values.global.dataBootstrapEnabled }}
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  labels:
-    app: {{ printf "%s-bootstrap" .Values.conf.appName | quote }}
-  name: {{ printf "%s-bootstrap" .Values.conf.appName | quote }}
-  namespace: {{ .Release.Namespace | quote }}
-spec:
-  replicas: 1
-  selector:
-    matchLabels:
-      app: {{ printf "%s-bootstrap" .Values.conf.appName | quote }}
-  template:
-    metadata:
-      labels:
-        app: {{ printf "%s-bootstrap" .Values.conf.appName | quote }}
-      annotations:
-        rollme: {{ randAlphaNum 5 | quote }}
-        sidecar.istio.io/proxyCPU: {{ .Values.istio.bootstrapProxyCPU | quote }}
-        sidecar.istio.io/proxyMemory: {{ .Values.istio.proxyMemory | quote }}
-        sidecar.istio.io/proxyCPULimit: {{ .Values.istio.bootstrapProxyCPULimit | quote }}
-        sidecar.istio.io/proxyMemoryLimit: {{ .Values.istio.proxyMemoryLimit | quote }}
-    spec:
-      containers:
-        - name: {{ printf "%s-bootstrap" .Values.conf.appName | quote }}
-          image: {{ .Values.data.bootstrapImage | quote }}
-          readinessProbe:
-            exec:
-              command:
-              - cat
-              - /tmp/bootstrap_ready
-          imagePullPolicy: {{ .Values.data.imagePullPolicy | quote }}
-          envFrom:
-          - configMapRef:
-              name: {{ printf "%s-config-bootstrap" .Values.conf.appName | quote }}
-          {{- if .Values.global.onPremEnabled }}
-          - secretRef:
-              name: {{ .Values.conf.bootstrapSecretName | quote }}
-          {{- end }}
-          securityContext:
-            allowPrivilegeEscalation: false
-            runAsNonRoot: true
-      serviceAccountName: {{ .Values.data.bootstrapServiceAccountName | quote }}
-{{- end }}
--- a/devops/gc/deploy/values.yaml
+++ b/devops/gc/deploy/values.yaml
@@ -5,7 +5,6 @@
 global:
  domain: ""
  onPremEnabled: false
-  dataBootstrapEnabled: false
  limitsEnabled: true

 data:
@@ -20,16 +19,11 @@ data:
  legalHost: "http://legal"
  opaEnabled: false
  opaEndpoint: "http://opa"
-  storageHost: "http://storage"
-  defaultLegalTag: "default-data-tag"
-  dataPartitionId: ""
  # deployments
  requestsCpu: "7m"
  requestsMemory: "450Mi"
  limitsCpu: "1"
  limitsMemory: "3G"
-  bootstrapImage: ""
-  bootstrapServiceAccountName: ""
  image: ""
  imagePullPolicy: "IfNotPresent"
  serviceAccountName: "storage"
@@ -44,7 +38,6 @@ conf:
  minioSecretName: "storage-minio-secret"
  postgresSecretName: "storage-postgres-secret"
  rabbitmqSecretName: "rabbitmq-secret"
-  bootstrapSecretName: "datafier-secret"
  replicas: 3
  storageRedisSecretName: "storage-redis-secret"

@@ -53,5 +46,3 @@ istio:
  proxyCPULimit: "200m"
  proxyMemory: "50Mi"
  proxyMemoryLimit: "256Mi"
-  bootstrapProxyCPU: "5m"
-  bootstrapProxyCPULimit: "50m"
--- a/devops/gc/pipeline/override-stages.yml
+++ b/devops/gc/pipeline/override-stages.yml
@@ -4,42 +4,12 @@ variables:
  NO_DATA_ACCESS_TESTER: $GC_NO_DATA_ACCESS_TESTER
  OPA_INTEGRATION_ENABLED: "true"

-.gc_define_DATA_BRANCH:
-  script:
-    - >
-      if [[ -z $CI_COMMIT_TAG ]] && [[ $CI_COMMIT_BRANCH =~ ^release\/[0-9]{1,2}.[0-9]{1,2}$ ]];
-      then
-        REF_DATA_BRANCH=$CI_COMMIT_BRANCH
-      elif [[ $CI_COMMIT_TAG =~ ^v[0-9]{1,2}\.[0-9]{1,2}\.[0-9]{1,2}.* ]];
-      then
-        TAG=$(echo $CI_COMMIT_TAG | sed "s/^v//");
-        REF_DATA_BRANCH="release/${TAG%.*}";
-      else
-        REF_DATA_BRANCH="master";
-      fi;
-
 gc-baremetal-test:
  variables:
    GC_VENDOR: baremetal
    TEST_NO_ACCESS_OPENID_PROVIDER_CLIENT_ID: storage-no-access-tester
    TEST_NO_ACCESS_OPENID_PROVIDER_CLIENT_SECRET: $OSDU_BAREMETAL_STORAGE_NO_ACCESS_CLIENT_SECRET

-gc-containerize-bootstrap-gitlab:
-  variables:
-    GC_ENABLE_BOOTSTRAP: "true"
-    BUILD_ARGS: "--build-arg DATA_BRANCH=$REF_DATA_BRANCH"
-  before_script:
-    - !reference [.gc_define_DATA_BRANCH, script]
-
-gc-containerize-bootstrap-gcr:
-  variables:
-    GC_ENABLE_BOOTSTRAP: "true"
-    BUILD_ARGS: "--build-arg DATA_BRANCH=$REF_DATA_BRANCH"
-  before_script:
-    - !reference [.gc_define_DATA_BRANCH, script]
-    - gcloud auth activate-service-account --key-file=${GC_BAREMETAL_DEPLOY_FILE}
-    - gcloud auth configure-docker gcr.io
-
 gc-dev2-test:
  variables:
    DATA_ROOT_TESTER: $GC_DEV2_DATA_ROOT_CLIENT_ID