From 9d04f955885ae617fe6ea5f254a09673daf1509a Mon Sep 17 00:00:00 2001 From: adkumar1 Date: Thu, 29 Feb 2024 16:45:19 +0530 Subject: [PATCH 1/5] parameterize values --- charts/orchestrator/templates/deployment.yaml | 33 ++++- charts/orchestrator/templates/secret.yaml | 130 ++++++++---------- charts/orchestrator/values.yaml | 70 ++++++++++ 3 files changed, 159 insertions(+), 74 deletions(-) diff --git a/charts/orchestrator/templates/deployment.yaml b/charts/orchestrator/templates/deployment.yaml index 442dda6f..7cf67d19 100644 --- a/charts/orchestrator/templates/deployment.yaml +++ b/charts/orchestrator/templates/deployment.yaml @@ -67,12 +67,39 @@ spec: value: "3" - name: RETRY_BACKOFFDELAY value: "500" + - name: KEYCLOAKBEARERONLY + value: "{{ .Values.properties.keycloakBearerOnly }}" + - name: KEYCLOAKUSERESOURCEROLEMAPPINGS + value: "{{ .Values.properties.keycloakUseResourceRoleMappings }}" + - name: KEYCLOAKSSLREQUIRED + value: "{{ .Values.properties.keycloakSslRequired }}" + - name: MANUAL-CONNECTOR-REGISTRATION + value: "{{ .Values.properties.manual_connector_registration }}" + - name: MANUALUPDATE + value: "{{ .Values.properties.manualupdate }}" + - name: SMTP_AUTH + value: "{{ .Values.properties.smtp_auth }}" + - name: SMTP_TLS_ENABLE + value: "{{ .Values.properties.smtp_tls_enable }}" + - name: SPRING_DATASOURCE_USERNAME + value: {{ .Values.postgresql.auth.username | required ".Values.sdepostgresql.auth.username is required" | quote }} + {{- if .Values.postgresql.fullnameOverride }} - name: SPRING_DATASOURCE_URL value: "jdbc:postgresql://{{ .Values.postgresql.fullnameOverride }}:{{ .Values.postgresql.auth.port }}/{{ .Values.postgresql.auth.database }}" - - name: SPRING_DATASOURCE_USERNAME - value: {{ .Values.postgresql.auth.username | required ".Values.postgresql.auth.username is required" | quote }} - name: SPRING_DATASOURCE_PASSWORD - value: {{ .Values.postgresql.auth.password | required ".Values.postgresql.auth.password is required" | quote}} + valueFrom: + secretKeyRef: + name: {{ .Values.postgresql.fullnameOverride }} + key: "password" + {{- else }} + - name: SPRING_DATASOURCE_URL + value: "jdbc:postgresql://{{ include "managed-service-orchestrator.fullname" . }}-postgresql:{{ .Values.postgresql.auth.port }}/{{ .Values.postgresql.auth.database }}" + - name: SPRING_DATASOURCE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "sde.fullname" . }}-postgresql + key: "password" + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/charts/orchestrator/templates/secret.yaml b/charts/orchestrator/templates/secret.yaml index c870c3a7..f31c67e9 100644 --- a/charts/orchestrator/templates/secret.yaml +++ b/charts/orchestrator/templates/secret.yaml @@ -24,74 +24,62 @@ type: Opaque metadata: name: {{ .Values.secretRef }} stringData: - connectorTestServiceUrl: default - connectorregisterUrl: default - connectorregisterkeycloakclientId: default - connectorregisterkeycloakclientSecret: default - connectorregisterkeycloaktokenURI: default - dapsJksUrl: default - dapsTokenUrl: default - dapsUrl: default - #dbUrl: jdbc:postgresql://postgresql:5432/postgres - #dbpassword: default - #dbuser: postgres - dnsname: default - dnsnameProtocol: default - edc_miwUrl: default - edc_ssi_authorityId: default - emailpassword: default - emailuser: default - keycloakAuthserverUrl: default - keycloakBearerOnly: "true" - keycloakClientid: default - keycloakRealm: default - keycloakResource: default - keycloakSslRequired: external - keycloakUseResourceRoleMappings: "true" - kubeappsToken: default - kubeappsUrl: default - mail_from: default - mail_to: default - manual-connector-registration: "false" - manualupdate: "true" - password: default - portalclientid: default - portalclientsecret: default - portalemail: default - portaltokenurl: default - portalurl: default - postgres-password: default - resourceServerIssuer: default - sde_bpndiscovery-hostname: default - sde_connector-discovery-clientId: default - sde_connector-discovery-clientSecret: default - sde_connector-discovery-token-url: default - sde_digital-twins-authentication-url: default - sde_digital-twins-hostname: default - sde_discovery-authentication-url: default - sde_discovery-clientId: default - sde_discovery-clientSecret: default - sde_discovery-grantType: default - sde_dtregistry-url-prefix: default - sde_dtregistryidp-client-id: default - sde_dtregistrytenant-id: default - sde_keycloak-auth: default - sde_keycloak-realm: default - sde_keycloak-tokenUrl: default - sde_partner-pool-clientId: default - sde_partner-pool-clientSecret: default - sde_partner-pool-hostname: default - sde_portal-backend-authentication-url: default - sde_portal-backend-clientId: default - sde_portal-backend-clientSecret: default - sde_portal-backend-hostname: default - sde_resource-server-issuer: default - smtp_auth: "true" - smtp_host: default - smtp_port: default - smtp_tls_enable: "true" - targetCluster: default - targetNamesapce: default - vaultToken: default - vaultUrl: default - \ No newline at end of file + connectorTestServiceUrl: {{ .Values.properties.connectorTestServiceUrl }} + connectorregisterUrl: {{ .Values.properties.connectorregisterUrl }} + connectorregisterkeycloakclientId: {{ .Values.properties.connectorregisterkeycloakclientId }} + connectorregisterkeycloakclientSecret: {{ .Values.properties.connectorregisterkeycloakclientSecret }} + connectorregisterkeycloaktokenURI: {{ .Values.properties.connectorregisterkeycloaktokenURI }} + dapsJksUrl: {{ .Values.properties.dapsJksUrl }} + dapsTokenUrl: {{ .Values.properties.dapsTokenUrl }} + dapsUrl: {{ .Values.properties.dapsUrl }} + dnsname: {{ .Values.properties.dnsname }} + dnsnameProtocol: {{ .Values.properties.dnsnameProtocol }} + edc_miwUrl: {{ .Values.properties.edc_miwUrl }} + edc_ssi_authorityId: {{ .Values.properties.edc_ssi_authorityId }} + emailpassword: {{ .Values.properties.emailpassword }} + emailuser: {{ .Values.properties.emailuser }} + keycloakAuthserverUrl: {{ .Values.properties.keycloakAuthserverUrl }} + keycloakClientid: {{ .Values.properties.keycloakClientid }} + keycloakRealm: {{ .Values.properties.keycloakRealm }} + keycloakResource: {{ .Values.properties.keycloakResource }} + kubeappsToken: {{ .Values.properties.kubeappsToken }} + kubeappsUrl: {{ .Values.properties.kubeappsUrl }} + mail_from: {{ .Values.properties.mail_from }} + mail_to: {{ .Values.properties.mail_to }} + dbpassword: {{ .Values.properties.password }} + portalclientid: {{ .Values.properties.portalclientid }} + portalclientsecret: {{ .Values.properties.portalclientsecret }} + portalemail: {{ .Values.properties.portalemail }} + portaltokenurl: {{ .Values.properties.portaltokenurl }} + portalurl: {{ .Values.properties.portalurl }} + resourceServerIssuer: {{ .Values.properties.resourceServerIssuer }} + sde_bpndiscovery-hostname: {{ .Values.properties.sde_bpndiscovery_hostname }} + sde_connector-discovery-clientId: {{ .Values.properties.sde_connector_discovery_clientId }} + sde_connector-discovery-clientSecret: {{ .Values.properties.sde_connector_discovery_clientSecret }} + sde_connector-discovery-token-url: {{ .Values.properties.sde_connector_discovery_token_url }} + sde_digital-twins-authentication-url: {{ .Values.properties.sde_digital_twins_authentication_url }} + sde_digital-twins-hostname: {{ .Values.properties.sde_digital_twins_hostname }} + sde_discovery-authentication-url: {{ .Values.properties.sde_discovery_authentication_url }} + sde_discovery-clientId: {{ .Values.properties.sde_discovery_clientId }} + sde_discovery-clientSecret: {{ .Values.properties.sde_discovery_clientSecret }} + sde_discovery-grantType: {{ .Values.properties.sde_discovery_grantType }} + sde_dtregistry-url-prefix: {{ .Values.properties.sde_dtregistry_url_prefix }} + sde_dtregistryidp-client-id: {{ .Values.properties.sde_dtregistryidp_client_id }} + sde_dtregistrytenant-id: {{ .Values.properties.sde_dtregistrytenant_id }} + sde_keycloak-auth: {{ .Values.properties.sde_keycloak_auth }} + sde_keycloak-realm: {{ .Values.properties.sde_keycloak_realm }} + sde_keycloak-tokenUrl: {{ .Values.properties.sde_keycloak_tokenUrl }} + sde_partner-pool-clientId: {{ .Values.properties.sde_partner_pool_clientId }} + sde_partner-pool-clientSecret: {{ .Values.properties.sde_partner_pool_clientSecret }} + sde_partner-pool-hostname: {{ .Values.properties.sde_partner_pool_hostname }} + sde_portal-backend-authentication-url: {{ .Values.properties.sde_portal_backend_authentication_url }} + sde_portal-backend-clientId: {{ .Values.properties.sde_portal_backend_clientId }} + sde_portal-backend-clientSecret: {{ .Values.properties.sde_portal_backend_clientSecret }} + sde_portal-backend-hostname: {{ .Values.properties.sde_portal_backend_hostname }} + sde_resource-server-issuer: {{ .Values.properties.sde_resource_server_issuer }} + smtp_host: {{ .Values.properties.smtp_host }} + smtp_port: {{ .Values.properties.smtp_port }} + targetCluster: {{ .Values.properties.targetCluster }} + targetNamesapce: {{ .Values.properties.targetNamesapce }} + vaultToken: {{ .Values.properties.vaultToken }} + vaultUrl: {{ .Values.properties.vaultUrl }} diff --git a/charts/orchestrator/values.yaml b/charts/orchestrator/values.yaml index c3a2e0e4..69370d07 100644 --- a/charts/orchestrator/values.yaml +++ b/charts/orchestrator/values.yaml @@ -121,6 +121,76 @@ postgresql: auth: username: "postgres" password: "default" + postgresPassword: "default" database: "postgres" port: 5432 existingSecret: "" + +properties: + connectorTestServiceUrl: default + connectorregisterUrl: default + connectorregisterkeycloakclientId: default + connectorregisterkeycloakclientSecret: default + connectorregisterkeycloaktokenURI: default + dapsJksUrl: default + dapsTokenUrl: default + dapsUrl: default + dnsname: default + dnsnameProtocol: default + edc_miwUrl: default + edc_ssi_authorityId: default + emailpassword: default + emailuser: default + keycloakAuthserverUrl: default + keycloakBearerOnly: "true" + keycloakClientid: default + keycloakRealm: default + keycloakResource: default + keycloakSslRequired: external + keycloakUseResourceRoleMappings: "true" + kubeappsToken: default + kubeappsUrl: default + mail_from: default + mail_to: default + manual_connector_registration: "false" + manualupdate: "true" + password: default + portalclientid: default + portalclientsecret: default + portalemail: default + portaltokenurl: default + portalurl: default + postgres-password: default + resourceServerIssuer: default + sde_bpndiscovery_hostname: default + sde_connector_discovery_clientId: default + sde_connector_discovery_clientSecret: default + sde_connector_discovery_token_url: default + sde_digital_twins_authentication_url: default + sde_digital_twins_hostname: default + sde_discovery_authentication_url: default + sde_discovery_clientId: default + sde_discovery_clientSecret: default + sde_discovery_grantType: default + sde_dtregistry_url_prefix: default + sde_dtregistryidp_client_id: default + sde_dtregistrytenant_id: default + sde_keycloak_auth: default + sde_keycloak_realm: default + sde_keycloak_tokenUrl: default + sde_partner_pool_clientId: default + sde_partner_pool_clientSecret: default + sde_partner_pool_hostname: default + sde_portal_backend_authentication_url: default + sde_portal_backend_clientId: default + sde_portal_backend_clientSecret: default + sde_portal_backend_hostname: default + sde_resource_server_issuer: default + smtp_auth: "true" + smtp_host: default + smtp_port: default + smtp_tls_enable: "true" + targetCluster: default + targetNamesapce: default + vaultToken: default + vaultUrl: default From 87b7d534334964eaea0fc0b5f7ac9bb736888685 Mon Sep 17 00:00:00 2001 From: adkumar1 Date: Thu, 29 Feb 2024 17:37:58 +0530 Subject: [PATCH 2/5] installation steps --- INSTALL.md | 32 +++++++++++++++++++++++++------- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/INSTALL.md b/INSTALL.md index 3c881bc5..b24f73b6 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -1,15 +1,33 @@ ## Installation Steps -Helm charts are provided inside https://github.com/eclipse-tractusx/managed-service-orchestrator - - - Using helm commands
+A helm chart is provided inside the [charts](charts/orchestrator) directory How to install application using helm:
- helm install ReleaseName ChartName + + helm install [ReleaseName] [ChartName] + +1.) Installation from released chart:
a.) Add helm repository in tractusx: - helm repo add tractusx https://eclipse-tractusx.github.io/charts/dev + helm repo add tractusx-dev https://eclipse-tractusx.github.io/charts/dev b.) To search the specific repo in helm repositories - helm search repo tractusx/managed-service-orchestrator + helm search repo tractusx-dev/managed-service-orchestrator c.) To install using helm command: - helm install orchestrator tractusx/managed-service-orchestrator + helm install orchestrator tractusx-dev/managed-service-orchestrator + +2.) Local installation: + + a. Install Kubeapps on your local Kubernetes cluster. + Installation for kubeapps can be taken from reference https://docs.bitnami.com/tutorials/install-use-kubeapps + + b. Add Package repository in Kubeapps https://eclipse-tractusx.github.io/charts/dev/ + + c. Create namespace through Kubeapps + + d. Select the Package Repository which was added in step 2 + + e. Select managed-service-orchestrator from the Catalog + + f. To set your own configuration and secret values in values file + + g. Deploy the application From f3889baca0eed530b2da7e5144e463e3c94fc3eb Mon Sep 17 00:00:00 2001 From: adkumar1 Date: Mon, 4 Mar 2024 16:50:57 +0530 Subject: [PATCH 3/5] Updated name --- charts/orchestrator/templates/deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/orchestrator/templates/deployment.yaml b/charts/orchestrator/templates/deployment.yaml index 7cf67d19..1b2e8bf3 100644 --- a/charts/orchestrator/templates/deployment.yaml +++ b/charts/orchestrator/templates/deployment.yaml @@ -82,7 +82,7 @@ spec: - name: SMTP_TLS_ENABLE value: "{{ .Values.properties.smtp_tls_enable }}" - name: SPRING_DATASOURCE_USERNAME - value: {{ .Values.postgresql.auth.username | required ".Values.sdepostgresql.auth.username is required" | quote }} + value: {{ .Values.postgresql.auth.username | required ".Values.postgresql.auth.username is required" | quote }} {{- if .Values.postgresql.fullnameOverride }} - name: SPRING_DATASOURCE_URL value: "jdbc:postgresql://{{ .Values.postgresql.fullnameOverride }}:{{ .Values.postgresql.auth.port }}/{{ .Values.postgresql.auth.database }}" @@ -97,7 +97,7 @@ spec: - name: SPRING_DATASOURCE_PASSWORD valueFrom: secretKeyRef: - name: {{ include "sde.fullname" . }}-postgresql + name: {{ include "managed-service-orchestrator.fullname" . }}-postgresql key: "password" {{- end }} From 9fb5468c09dd688ca441248bd8ec27a59a40294c Mon Sep 17 00:00:00 2001 From: adkumar1 Date: Mon, 4 Mar 2024 18:07:19 +0530 Subject: [PATCH 4/5] Updated steps for installation --- INSTALL.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/INSTALL.md b/INSTALL.md index b24f73b6..662b6ae3 100644 --- a/INSTALL.md +++ b/INSTALL.md @@ -30,4 +30,7 @@ How to install application using helm:
f. To set your own configuration and secret values in values file - g. Deploy the application + g. Below database details are mandatory to provide, other than that all secrets can be just default: + postgresql.auth.username, postgresql.auth.password, postgresql.auth.postgresPassword, postgresql.auth.database + + h. Deploy the application From 693c48896538a4156fc88b91bc6d2c563140daca Mon Sep 17 00:00:00 2001 From: adkumar1 Date: Mon, 4 Mar 2024 19:50:10 +0530 Subject: [PATCH 5/5] Updated password keyword --- charts/orchestrator/templates/secret.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/charts/orchestrator/templates/secret.yaml b/charts/orchestrator/templates/secret.yaml index f31c67e9..03e1594f 100644 --- a/charts/orchestrator/templates/secret.yaml +++ b/charts/orchestrator/templates/secret.yaml @@ -46,7 +46,7 @@ stringData: kubeappsUrl: {{ .Values.properties.kubeappsUrl }} mail_from: {{ .Values.properties.mail_from }} mail_to: {{ .Values.properties.mail_to }} - dbpassword: {{ .Values.properties.password }} + password: {{ .Values.properties.password }} portalclientid: {{ .Values.properties.portalclientid }} portalclientsecret: {{ .Values.properties.portalclientsecret }} portalemail: {{ .Values.properties.portalemail }}