From fc2f211abfa7ffedc2e66778c05eb10e3a2df366 Mon Sep 17 00:00:00 2001
From: Peter Motzko <peter.motzko@volkswagen.de>
Date: Tue, 12 Dec 2023 12:59:47 +0100
Subject: [PATCH] feat(helm): configure MIW Helm chart to use pgadmin4 subchart

---
 charts/managed-identity-wallet/.helmignore    |  1 -
 charts/managed-identity-wallet/Chart.lock     |  7 ++-
 charts/managed-identity-wallet/Chart.yaml     |  5 ++
 charts/managed-identity-wallet/README.md      | 10 ++++
 .../templates/_helpers.tpl                    |  6 +++
 .../templates/pgAdmin-server-definitions.yaml | 30 ++++++++++++
 charts/managed-identity-wallet/values.yaml    | 46 ++++++++++++++++++-
 dev-assets/tasks/helm.yaml                    |  2 +-
 8 files changed, 102 insertions(+), 5 deletions(-)
 create mode 100644 charts/managed-identity-wallet/templates/pgAdmin-server-definitions.yaml

diff --git a/charts/managed-identity-wallet/.helmignore b/charts/managed-identity-wallet/.helmignore
index 93fabc264..70181f49b 100644
--- a/charts/managed-identity-wallet/.helmignore
+++ b/charts/managed-identity-wallet/.helmignore
@@ -26,4 +26,3 @@ values-*.yaml
 README.md.gotmpl
 .helmdocsignore
 ci/
-charts/pgadmin4
diff --git a/charts/managed-identity-wallet/Chart.lock b/charts/managed-identity-wallet/Chart.lock
index 4ca5f7780..4bc218a11 100644
--- a/charts/managed-identity-wallet/Chart.lock
+++ b/charts/managed-identity-wallet/Chart.lock
@@ -8,5 +8,8 @@ dependencies:
 - name: postgresql
   repository: https://charts.bitnami.com/bitnami
   version: 11.9.13
-digest: sha256:d26187a3896751774a3c7646c6a12186aae20fbde5a705ca458c1aeac9bf361c
-generated: "2023-12-11T11:38:02.235024+01:00"
+- name: pgadmin4
+  repository: file://charts/pgadmin4
+  version: 1.19.0
+digest: sha256:30c1e41f2c5f35829f68dd52ecc80005b4edf726d9e472801f6bfb834b8be512
+generated: "2023-11-22T12:12:48.461495+01:00"
diff --git a/charts/managed-identity-wallet/Chart.yaml b/charts/managed-identity-wallet/Chart.yaml
index 5710ee950..355dcf442 100644
--- a/charts/managed-identity-wallet/Chart.yaml
+++ b/charts/managed-identity-wallet/Chart.yaml
@@ -58,3 +58,8 @@ dependencies:
     version: 11.9.13
     repository: https://charts.bitnami.com/bitnami
     condition: postgresql.internal.enabled
+  - name: pgadmin4
+    repository: file://charts/pgadmin4  # https://helm.runix.net
+    # License: https://github.com/rowanruseler/helm-charts/blob/main/LICENSE
+    version: 1.19.0
+    condition: pgadmin4.enabled
diff --git a/charts/managed-identity-wallet/README.md b/charts/managed-identity-wallet/README.md
index da27ba496..4a1730bf1 100644
--- a/charts/managed-identity-wallet/README.md
+++ b/charts/managed-identity-wallet/README.md
@@ -77,6 +77,7 @@ See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command document
 
 | Repository | Name | Version |
 |------------|------|---------|
+| file://charts/pgadmin4 | pgadmin4 | 1.19.0 |
 | https://charts.bitnami.com/bitnami | common | 2.x.x |
 | https://charts.bitnami.com/bitnami | keycloak | 15.1.6 |
 | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 |
@@ -142,6 +143,15 @@ See [helm upgrade](https://helm.sh/docs/helm/helm_upgrade/) for command document
 | miw.ssi.vcExpiryDate | string | `""` | Verifiable Credential expiry date. Format 'dd-MM-yyyy'. If empty it is set to 31-12-<current year> |
 | nameOverride | string | `""` | String to partially override common.names.fullname template (will maintain the release name) |
 | nodeSelector | object | `{"kubernetes.io/os":"linux"}` | NodeSelector configuration |
+| pgadmin4.enabled | bool | `true` | Enable to deploy pgAdmin |
+| pgadmin4.env.email | string | `"admin@miw.com"` | Preset the admin user email |
+| pgadmin4.env.password | string | `"very-secret-password"` | preset password (there is no auto-generated password) |
+| pgadmin4.extraServerDefinitions.enabled | bool | `true` | enable the predefined server for pgadmin |
+| pgadmin4.extraServerDefinitions.servers | object | `{}` | See [here](https://github.com/rowanruseler/helm-charts/blob/9b970b2e419c2300dfbb3f827a985157098a0287/charts/pgadmin4/values.yaml#L84) how to configure the predefined servers |
+| pgadmin4.ingress.annotations | object | `{}` |  |
+| pgadmin4.ingress.enabled | bool | `false` | Enagle pgAdmin ingress |
+| pgadmin4.ingress.hosts | list | `[]` | See [here](https://github.com/rowanruseler/helm-charts/blob/9b970b2e419c2300dfbb3f827a985157098a0287/charts/pgadmin4/values.yaml#L104) how to configure the ingress host(s) |
+| pgadmin4.ingress.tls | list | `[]` | See [here](https://github.com/rowanruseler/helm-charts/blob/9b970b2e419c2300dfbb3f827a985157098a0287/charts/pgadmin4/values.yaml#L109) how to configure tls for the ingress host(s) |
 | podAnnotations | object | `{}` | PodAnnotation configuration |
 | podSecurityContext | object | `{}` | PodSecurityContext |
 | postgresql.auth.database | string | `"miw_app"` | Postgresql database to create |
diff --git a/charts/managed-identity-wallet/templates/_helpers.tpl b/charts/managed-identity-wallet/templates/_helpers.tpl
index 0d78c77c0..cf153767c 100644
--- a/charts/managed-identity-wallet/templates/_helpers.tpl
+++ b/charts/managed-identity-wallet/templates/_helpers.tpl
@@ -79,3 +79,9 @@ Create the name of the service account to use
 {{- default "default" .Values.serviceAccount.name }}
 {{- end }}
 {{- end }}
+
+{{- define "managed-identity-wallet.pgadminServerDefinitions" -}}
+{
+  "Servers": {{ .Values.pgadmin4.extraServerDefinitions.servers | toJson }}
+}
+{{- end -}}
diff --git a/charts/managed-identity-wallet/templates/pgAdmin-server-definitions.yaml b/charts/managed-identity-wallet/templates/pgAdmin-server-definitions.yaml
new file mode 100644
index 000000000..53fd2be4f
--- /dev/null
+++ b/charts/managed-identity-wallet/templates/pgAdmin-server-definitions.yaml
@@ -0,0 +1,30 @@
+# /********************************************************************************
+# * Copyright (c) 2021,2023 Contributors to the Eclipse Foundation
+# *
+# * See the NOTICE file(s) distributed with this work for additional
+# * information regarding copyright ownership.
+# *
+# * This program and the accompanying materials are made available under the
+# * terms of the Apache License, Version 2.0 which is available at
+# * https://www.apache.org/licenses/LICENSE-2.0.
+# *
+# * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# * License for the specific language governing permissions and limitations
+# * under the License.
+# *
+# * SPDX-License-Identifier: Apache-2.0
+# ********************************************************************************/
+
+{{- if and .Values.pgadmin4.enabled .Values.pgadmin4.extraServerDefinitions.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-pgadmin4-server-definitions
+  labels:
+    {{- include "pgadmin.labels" . | nindent 4 }}
+data:
+  servers.json: |-
+{{- include "common.tplvalues.render" (dict "value" (include "managed-identity-wallet.pgadminServerDefinitions" .) "context" $) | nindent 4 }}
+{{- end }}
diff --git a/charts/managed-identity-wallet/values.yaml b/charts/managed-identity-wallet/values.yaml
index b627e1961..1658e9d6d 100644
--- a/charts/managed-identity-wallet/values.yaml
+++ b/charts/managed-identity-wallet/values.yaml
@@ -41,7 +41,7 @@ secrets: {}
 envs: {}
 
 serviceAccount:
-  # --  Enable creation of ServiceAccount
+  # -- Enable creation of ServiceAccount
   create: true
   # -- Annotations to add to the ServiceAccount
   annotations: {}
@@ -259,3 +259,47 @@ postgresql:
         resourcePolicy: "keep"
         # -- PVC Storage Request for the backup data volume
         size: "8Gi"
+
+# For more information on how to configure the pgadmin chart see https://artifacthub.io/packages/helm/runix/pgadmin4.
+# (Here we're using a stripped-down version of the pgadmin chart, to just )
+pgadmin4:
+  # -- Enable to deploy pgAdmin
+  enabled: true
+  env:
+    # -- Preset the admin user email
+    email: admin@miw.com
+    # -- preset password (there is no auto-generated password)
+    password: very-secret-password
+    # @ignore
+    variables:
+      - name: PGADMIN_SERVER_JSON_FILE
+        value: /pgadmin4/servers.json
+  ingress:
+    # -- Enagle pgAdmin ingress
+    enabled: false
+    annotations: {}
+    # -- See [here](https://github.com/rowanruseler/helm-charts/blob/9b970b2e419c2300dfbb3f827a985157098a0287/charts/pgadmin4/values.yaml#L104) how to configure the ingress host(s)
+    hosts: []
+    # -- See [here](https://github.com/rowanruseler/helm-charts/blob/9b970b2e419c2300dfbb3f827a985157098a0287/charts/pgadmin4/values.yaml#L109) how to configure tls for the ingress host(s)
+    tls: []
+  extraServerDefinitions:
+    # -- enable the predefined server for pgadmin
+    enabled: true
+    # -- See [here](https://github.com/rowanruseler/helm-charts/blob/9b970b2e419c2300dfbb3f827a985157098a0287/charts/pgadmin4/values.yaml#L84) how to configure the predefined servers
+    servers:
+      # @ignore
+      miw-internal-postgresql:
+        Name: "MIW internal Postgresql DB"
+        Group: "Servers"
+        Port: 5432
+        Username: "miw"
+        Host: "{{ .Release.Name }}-postgresql"
+        SSLMode: "prefer"
+        MaintenanceDB: "postgres"
+  # @ignore
+  extraConfigmapMounts:
+    - name: server-definitions
+      configMap: "{{ .Release.Name }}-pgadmin4-server-definitions"
+      subPath: servers.json
+      mountPath: "/pgadmin4/servers.json"
+      readOnly: true
diff --git a/dev-assets/tasks/helm.yaml b/dev-assets/tasks/helm.yaml
index dce88ee83..741515101 100644
--- a/dev-assets/tasks/helm.yaml
+++ b/dev-assets/tasks/helm.yaml
@@ -30,4 +30,4 @@ tasks:
     desc: Rebuilds the readme of the Helm chart
     dir: charts/managed-identity-wallet
     cmds:
-      - helm-docs .
+      - helm-docs -i charts/managed-identity-wallet/.helmdocsignore .