diff --git a/.github/ISSUE_TEMPLATE/feature-request.md b/.github/ISSUE_TEMPLATE/feature-request.md index 5511b9374d..d956256915 100644 --- a/.github/ISSUE_TEMPLATE/feature-request.md +++ b/.github/ISSUE_TEMPLATE/feature-request.md @@ -25,6 +25,7 @@ Add any other context or screenshots about the feature request here. * [ ] Changelog updated * [ ] COMPONENTS.md updated / doesn't need to be updated +* [ ] Schema updated / doesn't need to be updated * [ ] Feature has automated tests * [ ] Automated tests passed (QA pipelines) * [ ] apply diff --git a/CHANGELOG-1.2.md b/CHANGELOG-1.2.md index 830faab280..097b82ac94 100644 --- a/CHANGELOG-1.2.md +++ b/CHANGELOG-1.2.md @@ -7,12 +7,16 @@ - [#126](https://github.com/epiphany-platform/epiphany/issues/126) - Added default Kibana dashboards - [#2127](https://github.com/epiphany-platform/epiphany/issues/2127) - Allow to specify configuration to be used in upgrade mode - [#2397](https://github.com/epiphany-platform/epiphany/issues/2397) - Restart CoreDNS pods conditionally +- [#195](https://github.com/epiphany-platform/epiphany/issues/195) - Basic configuration type and schema validation +- [#2434](https://github.com/epiphany-platform/epiphany/issues/2434) - Python 3 installation ### Fixed - [#2406](https://github.com/epiphany-platform/epiphany/issues/2406) - [Upgrade] [Filebeat] All settings for multiline feature are lost after upgrade - [#2380](https://github.com/epiphany-platform/epiphany/issues/2380) - Unable to drain nodes with Istio application enabled due to PodDisruptionBudgets - [#2332](https://github.com/epiphany-platform/epiphany/issues/2332) - [Elasticsearch] Error when having multiple VMs and non-clustered mode +- [#2425](https://github.com/epiphany-platform/epiphany/issues/2425) - Feature-mapping - 'enabled: no' do nothing +- [#2449](https://github.com/epiphany-platform/epiphany/issues/2449) - [Grafana] Unable to add Grafana repository ### Updated diff --git a/core/src/epicli/cli/engine/ApplyEngine.py b/core/src/epicli/cli/engine/ApplyEngine.py index df0e792512..c43960ddeb 100644 --- a/core/src/epicli/cli/engine/ApplyEngine.py +++ b/core/src/epicli/cli/engine/ApplyEngine.py @@ -59,8 +59,9 @@ def process_input_docs(self): if self.cluster_model is None: raise Exception('No cluster model defined in input YAML file') - # Validate input documents - with SchemaValidator(self.cluster_model.provider, self.input_docs) as schema_validator: + # Validate cluster input document. + # Other documents might need more processing (SET_BY_AUTOMATION) so will be validated at a later stage. + with SchemaValidator(self.cluster_model.provider, [self.cluster_model]) as schema_validator: schema_validator.run() def process_infrastructure_docs(self): diff --git a/core/src/epicli/cli/engine/providers/aws/InfrastructureBuilder.py b/core/src/epicli/cli/engine/providers/aws/InfrastructureBuilder.py index 7978ac5d82..cedf85c0be 100644 --- a/core/src/epicli/cli/engine/providers/aws/InfrastructureBuilder.py +++ b/core/src/epicli/cli/engine/providers/aws/InfrastructureBuilder.py @@ -237,7 +237,7 @@ def add_security_rules_inbound_efs(self, infrastructure, security_group): rule.specification.description = 'NFS inbound for '+subnet.specification.name rule.specification.direction = 'ingress' rule.specification.protocol = 'tcp' - rule.specification.destination_port_range = 2049 + rule.specification.destination_port_range = "2049" rule.specification.source_address_prefix = subnet.specification.cidr_block rule.specification.destination_address_prefix = '*' security_group.specification.rules.append(rule.specification) diff --git a/core/src/epicli/cli/engine/schema/SchemaValidator.py b/core/src/epicli/cli/engine/schema/SchemaValidator.py index a4d21f91cb..ae1679096d 100644 --- a/core/src/epicli/cli/engine/schema/SchemaValidator.py +++ b/core/src/epicli/cli/engine/schema/SchemaValidator.py @@ -1,9 +1,8 @@ -from jsonschema import validate +from jsonschema import validate, Draft7Validator from cli.helpers.data_loader import load_yaml_obj, types -from cli.helpers.objdict_helpers import objdict_to_dict, dict_to_objdict +from cli.helpers.objdict_helpers import objdict_to_dict, dict_to_objdict, replace_yesno_with_booleans from cli.helpers.Step import Step from copy import deepcopy -from cli.helpers.doc_list_helpers import select_single class SchemaValidator(Step): @@ -32,6 +31,16 @@ def get_base_schema(self, kind): schema.properties.kind.pattern = '^(' + kind + ')$' return schema + def validate_document(self, doc, schema): + try: + replace_yesno_with_booleans(doc) + Draft7Validator.check_schema(schema) + validate(instance=objdict_to_dict(doc), schema=schema) + except Exception as e: + self.logger.error(f'Failed validating: {doc.kind}') + self.logger.error(e) + raise Exception('Schema validation error, see the error above.') + def run_for_individual_documents(self): for doc in self.validation_docs: # Load document schema @@ -46,12 +55,8 @@ def run_for_individual_documents(self): self.logger.warn('No specification validation for ' + doc.kind) # Assert the schema - try: - validate(instance=objdict_to_dict(doc), schema=objdict_to_dict(schema)) - except Exception as e: - self.logger.error(f'Failed validating: {doc.kind}') - self.logger.error(e) - raise Exception('Schema validation error, see the error above.') + schema_dict = objdict_to_dict(schema) + self.validate_document(doc, schema_dict) def run(self): for doc in self.validation_docs: @@ -61,9 +66,5 @@ def run(self): if hasattr(schema['properties']["specification"], '$ref'): if schema['properties']["specification"]['$ref'] == '#/definitions/unvalidated_specification': self.logger.warn('No specification validation for ' + doc.kind) - try: - validate(instance=objdict_to_dict(doc), schema=objdict_to_dict(schema)) - except Exception as e: - self.logger.error(f'Failed validating: {doc.kind}') - self.logger.error(e) - raise Exception('Schema validation error, see the error above.') + schema_dict = objdict_to_dict(schema) + self.validate_document(doc, schema_dict) diff --git a/core/src/epicli/cli/helpers/objdict_helpers.py b/core/src/epicli/cli/helpers/objdict_helpers.py index 281bfc68c2..543dce44d9 100644 --- a/core/src/epicli/cli/helpers/objdict_helpers.py +++ b/core/src/epicli/cli/helpers/objdict_helpers.py @@ -52,3 +52,18 @@ def remove_value(d, value): else: if value == v: del d[k] + + +def replace_yesno_with_booleans(d): + if isinstance(d, list): + for dd in d: + replace_yesno_with_booleans(dd) + elif isinstance(d, ObjDict): + for key, val in d.items(): + if isinstance(d[key], str): + if val == 'yes': + d[key] = True + elif val == 'no': + d[key] = False + else: + replace_yesno_with_booleans(d[key]) diff --git a/core/src/epicli/data/any/validation/infrastructure/machine.yml b/core/src/epicli/data/any/validation/infrastructure/machine.yml index 89807aa970..232bbc70c5 100644 --- a/core/src/epicli/data/any/validation/infrastructure/machine.yml +++ b/core/src/epicli/data/any/validation/infrastructure/machine.yml @@ -1 +1,10 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Machine specification schema" +description: "Machine specification schema" +specification: + type: object + properties: + hostname: + type: string + ip: + type: string diff --git a/core/src/epicli/data/aws/defaults/infrastructure/launch-configuration.yml b/core/src/epicli/data/aws/defaults/infrastructure/launch-configuration.yml index d8e6f0057a..e2c4924ca7 100644 --- a/core/src/epicli/data/aws/defaults/infrastructure/launch-configuration.yml +++ b/core/src/epicli/data/aws/defaults/infrastructure/launch-configuration.yml @@ -12,6 +12,3 @@ specification: associate_public_ip: SET_BY_AUTOMATION security_groups: [] # SET_BY_AUTOMATION enable_monitoring: true - - - diff --git a/core/src/epicli/data/aws/validation/infrastructure/default-security-group.yml b/core/src/epicli/data/aws/validation/infrastructure/default-security-group.yml index 89807aa970..5507882c89 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/default-security-group.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/default-security-group.yml @@ -1 +1,28 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Default-security-group specification schema" +description: "Default-security-group specification schema" +type: object +properties: + name: + type: string + vpc_name: + type: string + rules: + type: array + items: + type: object + properties: + name: + type: string + description: + type: string + direction: + type: string + protocol: + type: string + destination_port_range: + type: string + source_address_prefix: + type: string + destination_address_prefix: + type: string diff --git a/core/src/epicli/data/aws/validation/infrastructure/efs-storage.yml b/core/src/epicli/data/aws/validation/infrastructure/efs-storage.yml index 89807aa970..215b923fcc 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/efs-storage.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/efs-storage.yml @@ -1 +1,29 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Efs-storage specification schema" +description: "Efs-storage specification schema" +type: object +properties: + name: + type: string + token: + type: string + encrypted: + type: boolean + performance_mode: + type: string + throughput_mode: + type: string + mount_targets: + type: array + items: + type: object + properties: + name: + type: string + subnet_name: + type: string + security: + type: object + properties: + populate_sg_rules: + type: boolean diff --git a/core/src/epicli/data/aws/validation/infrastructure/internet-gateway.yml b/core/src/epicli/data/aws/validation/infrastructure/internet-gateway.yml index 89807aa970..fe6a32b2bc 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/internet-gateway.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/internet-gateway.yml @@ -1 +1,15 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Internet-gateway specification schema" +description: "Internet-gateway specification schema" +type: object +properties: + name: + type: string + vpc_name: + type: string + cluster_name: + type: string + tag: + type: array + items: + type: string diff --git a/core/src/epicli/data/aws/validation/infrastructure/launch-configuration.yml b/core/src/epicli/data/aws/validation/infrastructure/launch-configuration.yml index 89807aa970..6aa06495fe 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/launch-configuration.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/launch-configuration.yml @@ -1 +1,52 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Launch-configuration specification schema" +description: "Launch-configuration specification schema" +type: object +properties: + name: + type: string + image_id: + type: string + size: + type: string + key_name: + type: string + disks: + type: object + properties: + root: + type: object + properties: + volume_type: + type: string + volume_size: + type: integer + delete_on_termination: + type: boolean + encrypted: + type: boolean + additional_disks: + type: array + items: + type: object + properties: + device_name: + type: string + volume_type: + type: string + volume_size: + type: integer + delete_on_termination: + type: boolean + encrypted: + type: boolean + ebs_optimized: + type: boolean + associate_public_ip: + type: boolean + security_groups: + type: array + items: + - type: string + enable_monitoring: + type: boolean diff --git a/core/src/epicli/data/aws/validation/infrastructure/public-key.yml b/core/src/epicli/data/aws/validation/infrastructure/public-key.yml index 89807aa970..27a9f7bbca 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/public-key.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/public-key.yml @@ -1 +1,9 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Public-key specification schema" +description: "Public-key specification schema" +type: object +properties: + name: + type: string + public_key: + type: string diff --git a/core/src/epicli/data/aws/validation/infrastructure/resource-group.yml b/core/src/epicli/data/aws/validation/infrastructure/resource-group.yml index 89807aa970..9d38a83a81 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/resource-group.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/resource-group.yml @@ -1 +1,9 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Resource-group specification schema" +description: "Resource-group specification schema" +type: object +properties: + name: + type: string + cluster_name: + type: string diff --git a/core/src/epicli/data/aws/validation/infrastructure/route-table-association.yml b/core/src/epicli/data/aws/validation/infrastructure/route-table-association.yml index 89807aa970..e6e0279040 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/route-table-association.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/route-table-association.yml @@ -1 +1,11 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Route-table-association specification schema" +description: "Route-table-association specification schema" +type: object +properties: + name: + type: string + subnet_name: + type: string + route_table_name: + type: string diff --git a/core/src/epicli/data/aws/validation/infrastructure/route-table.yml b/core/src/epicli/data/aws/validation/infrastructure/route-table.yml index 89807aa970..44cd565ec3 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/route-table.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/route-table.yml @@ -1 +1,22 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Route-table specification schema" +description: "Route-table specification schema" +type: object +properties: + name: + type: string + vpc_name: + type: string + route: + type: object + properties: + cidr_block: + type: string + gateway_name: + type: string + tag: + type: array + items: + type: string + cluster_name: + type: string diff --git a/core/src/epicli/data/aws/validation/infrastructure/security-group-rule.yml b/core/src/epicli/data/aws/validation/infrastructure/security-group-rule.yml index 89807aa970..5d6e4fdefa 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/security-group-rule.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/security-group-rule.yml @@ -1 +1,19 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Security-group-rule specification schema" +description: "Security-group-rule specification schema" +type: object +properties: + name: + type: string + protocol: + type: string + description: + type: string + direction: + type: string + destination_port_range: + type: string + source_address_prefix: + type: string + destination_address_prefix: + type: string diff --git a/core/src/epicli/data/aws/validation/infrastructure/security-group.yml b/core/src/epicli/data/aws/validation/infrastructure/security-group.yml index 89807aa970..9023bca08f 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/security-group.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/security-group.yml @@ -1 +1,32 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Security-group specification schema" +description: "Security-group specification schema" +type: object +properties: + vpc_name: + type: string + name: + type: string + cidr_block: + type: string + rules: + type: array + items: + type: object + properties: + name: + type: string + description: + type: string + direction: + type: string + protocol: + type: string + destination_port_range: + type: string + source_address_prefix: + type: string + destination_address_prefix: + type: string + cluster_name: + type: string diff --git a/core/src/epicli/data/aws/validation/infrastructure/subnet.yml b/core/src/epicli/data/aws/validation/infrastructure/subnet.yml index 89807aa970..0d49f682cd 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/subnet.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/subnet.yml @@ -1 +1,15 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Subnet specification schema" +description: "Subnet specification schema" +type: object +properties: + name: + type: string + vpc_name: + type: string + cidr_block: + type: string + cluster_name: + type: string + availability_zone: + type: string diff --git a/core/src/epicli/data/aws/validation/infrastructure/virtual-machine.yml b/core/src/epicli/data/aws/validation/infrastructure/virtual-machine.yml index 89807aa970..f22bd40a68 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/virtual-machine.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/virtual-machine.yml @@ -1 +1,91 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Virtual-machine specification schema" +description: "Virtual-machine specification schema" +type: object +properties: + name: + type: string + count: + type: integer + subnet_names: + type: array + items: + type: string + availability_zones: + type: array + items: + type: string + launch_configuration: + type: string + cluster_name: + type: string + authorized_to_efs: + type: boolean + mount_efs: + type: boolean + tags: + type: array + items: + type: object + properties: + version: + type: string + size: + type: string + os_full_name: + type: string + os_type: + type: string + ebs_optimized: + type: boolean + disks: + type: object + properties: + root: + type: object + properties: + volume_type: + type: string + volume_size: + type: integer + delete_on_termination: + type: boolean + encrypted: + type: boolean + additional_disks: + type: array + items: + type: object + properties: + device_name: + type: string + volume_type: + type: string + volume_size: + type: integer + delete_on_termination: + type: boolean + encrypted: + type: boolean + security: + type: object + properties: + rules: + type: array + items: + type: object + properties: + name: + type: string + description: + type: string + direction: + type: string + protocol: + type: string + destination_port_range: + type: string + source_address_prefix: + type: string + destination_address_prefix: + type: string diff --git a/core/src/epicli/data/aws/validation/infrastructure/vpc.yml b/core/src/epicli/data/aws/validation/infrastructure/vpc.yml index 89807aa970..6af678a4c7 100644 --- a/core/src/epicli/data/aws/validation/infrastructure/vpc.yml +++ b/core/src/epicli/data/aws/validation/infrastructure/vpc.yml @@ -1 +1,17 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Vpc specification schema" +description: "Vpc specification schema" +type: object +properties: + name: + type: string + address_pool: + type: string + instance_tenancy: + type: string + enable_dns_support: + type: boolean + enable_dns_hostnames: + type: boolean + cluster_name: + type: string diff --git a/core/src/epicli/data/azure/validation/infrastructure/availability-set.yml b/core/src/epicli/data/azure/validation/infrastructure/availability-set.yml index c82849cf99..2210c6d43c 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/availability-set.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/availability-set.yml @@ -1,3 +1,7 @@ +"$id": "#/specification" +title: "Availability-set specification schema" +description: "Availability-set specification schema" +type: object required: - platform_fault_domain_count - platform_update_domain_count diff --git a/core/src/epicli/data/azure/validation/infrastructure/cloud-init-custom-data.yml b/core/src/epicli/data/azure/validation/infrastructure/cloud-init-custom-data.yml index bb7ab52b72..4f49590041 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/cloud-init-custom-data.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/cloud-init-custom-data.yml @@ -1,3 +1,7 @@ +"$id": "#/specification" +title: "Cloud-init-custom-data specification schema" +description: "Cloud-init-custom-data specification schema" +type: object properties: enabled: type: boolean diff --git a/core/src/epicli/data/azure/validation/infrastructure/network-interface.yml b/core/src/epicli/data/azure/validation/infrastructure/network-interface.yml index 89807aa970..7ab2eb47f4 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/network-interface.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/network-interface.yml @@ -1 +1,21 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Network-interface specification schema" +description: "Network-interface specification schema" +type: object +properties: + name: + type: string + use_network_security_groups: + type: boolean + security_group_name: + type: string + ip_configuration_name: + type: string + subnet_name: + type: string + use_public_ip: + type: boolean + public_ip_name: + type: string + enable_accelerated_networking: + type: boolean diff --git a/core/src/epicli/data/azure/validation/infrastructure/network-security-group.yml b/core/src/epicli/data/azure/validation/infrastructure/network-security-group.yml index 89807aa970..91bd2c5f5b 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/network-security-group.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/network-security-group.yml @@ -1 +1,32 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Network-security-group specification schema" +description: "Network-security-group specification schema" +type: object +properties: + name: + type: string + rules: + type: array + items: + type: object + properties: + name: + type: string + description: + type: string + priority: + type: integer + direction: + type: string + access: + type: string + protocol: + type: string + source_port_range: + type: string + destination_port_range: + type: string + source_address_prefix: + type: string + destination_address_prefix: + type: string diff --git a/core/src/epicli/data/azure/validation/infrastructure/public-ip.yml b/core/src/epicli/data/azure/validation/infrastructure/public-ip.yml index 89807aa970..cde20e7287 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/public-ip.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/public-ip.yml @@ -1 +1,13 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Public-ip specification schema" +description: "Public-ip specification schema" +type: object +properties: + name: + type: string + allocation_method: + type: string + idle_timeout_in_minutes: + type: integer + sku: + type: string diff --git a/core/src/epicli/data/azure/validation/infrastructure/resource-group.yml b/core/src/epicli/data/azure/validation/infrastructure/resource-group.yml index 89807aa970..39887bdc14 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/resource-group.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/resource-group.yml @@ -1 +1,9 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Resource-group specification schema" +description: "Resource-group specification schema" +type: object +properties: + name: + type: string + region: + type: string diff --git a/core/src/epicli/data/azure/validation/infrastructure/storage-share.yml b/core/src/epicli/data/azure/validation/infrastructure/storage-share.yml index 89807aa970..a09439d678 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/storage-share.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/storage-share.yml @@ -1 +1,11 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Storage-share specification schema" +description: "Storage-share specification schema" +type: object +properties: + name: + type: string + storage_account_name: + type: string + quota: + type: integer diff --git a/core/src/epicli/data/azure/validation/infrastructure/subnet-network-security-group-association.yml b/core/src/epicli/data/azure/validation/infrastructure/subnet-network-security-group-association.yml index 89807aa970..6932697d04 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/subnet-network-security-group-association.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/subnet-network-security-group-association.yml @@ -1 +1,11 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Subnet-network-security-group-association specification schema" +description: "Subnet-network-security-group-association specification schema" +type: object +properties: + name: + type: string + subnet_name: + type: string + security_group_name: + type: string diff --git a/core/src/epicli/data/azure/validation/infrastructure/subnet.yml b/core/src/epicli/data/azure/validation/infrastructure/subnet.yml index 89807aa970..1c19b3187a 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/subnet.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/subnet.yml @@ -1 +1,11 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Subnet specification schema" +description: "Subnet specification schema" +type: object +properties: + name: + type: string + address_prefix: + type: string + security_group_name: + type: string diff --git a/core/src/epicli/data/azure/validation/infrastructure/virtual-machine.yml b/core/src/epicli/data/azure/validation/infrastructure/virtual-machine.yml index 89807aa970..557ac842be 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/virtual-machine.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/virtual-machine.yml @@ -1 +1,97 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Virtual-machine specification schema" +description: "Virtual-machine specification schema" +type: object +properties: + name: + type: string + admin_username: + type: string + admin_password: + type: string + public_key: + type: string + network_interface_name: + type: string + availability_set_name: + type: string + tags: + type: array + items: + items: {} + os_type: + type: string + size: + type: string + use_cloud_init_custom_data: + type: boolean + storage_image_reference: + type: object + properties: + publisher: + type: string + offer: + type: string + sku: + type: string + version: + type: string + storage_os_disk: + type: object + properties: + delete_on_termination: + type: boolean + managed: + type: boolean + caching: + type: string + create_option: + type: string + disk_size_gb: + type: integer + managed_disk_type: + type: string + network_interface: + type: object + properties: + enable_accelerated_networking: + type: boolean + private_ip: + type: 'null' + public_ip: + type: object + properties: + allocation_method: + type: string + idle_timeout_in_minutes: + type: integer + sku: + type: string + security: + type: object + properties: + rules: + type: array + items: + type: object + properties: + name: + type: string + description: + type: string + priority: + type: integer + direction: + type: string + access: + type: string + protocol: + type: string + source_port_range: + type: string + destination_port_range: + type: string + source_address_prefix: + type: string + destination_address_prefix: + type: string diff --git a/core/src/epicli/data/azure/validation/infrastructure/vnet.yml b/core/src/epicli/data/azure/validation/infrastructure/vnet.yml index 89807aa970..db1a88b6d9 100644 --- a/core/src/epicli/data/azure/validation/infrastructure/vnet.yml +++ b/core/src/epicli/data/azure/validation/infrastructure/vnet.yml @@ -1 +1,9 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Vnet specification schema" +description: "Vnet specification schema" +type: object +properties: + name: + type: string + address_space: + type: string diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/RedHat.yml index 41220b20aa..1f969005c6 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/RedHat.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/common/tasks/RedHat.yml @@ -33,6 +33,7 @@ - net-tools # required by Ansible (module listen_ports_facts) - openssl - python-setuptools + - python3 - rsync - sysstat - tar diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/grafana/defaults/main.yml b/core/src/epicli/data/common/ansible/playbooks/roles/grafana/defaults/main.yml index 6a0d8d8c45..365e55c8f9 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/grafana/defaults/main.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/grafana/defaults/main.yml @@ -1,6 +1,15 @@ --- grafana_version: 7.3.5 +grafana_package: + filename: + Debian: + aarch64: null + x86_64: grafana_7.3.5_amd64.deb + RedHat: + aarch64: grafana-7.3.5-1.aarch64.rpm + x86_64: grafana-7.3.5-1.x86_64.rpm + # Should the provisioning be kept synced. If true, previous provisioned objects will be removed if not referenced anymore. grafana_provisioning_synced: "{{ specification.grafana_provisioning_synced }}" diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install-packages-Debian.yml b/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install-packages-Debian.yml new file mode 100644 index 0000000000..8ca6933da1 --- /dev/null +++ b/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install-packages-Debian.yml @@ -0,0 +1,5 @@ +--- +- name: Install Grafana with dependencies + apt: + deb: "{{ _package_url }}" + state: present diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install-packages-RedHat.yml b/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install-packages-RedHat.yml new file mode 100644 index 0000000000..7e473d56d6 --- /dev/null +++ b/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install-packages-RedHat.yml @@ -0,0 +1,7 @@ +--- +- name: Install Grafana with dependencies + yum: + name: "{{ _package_url }}" + state: present + module_defaults: + yum: { lock_timeout: "{{ yum_lock_timeout }}" } diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install.yml b/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install.yml index 946fd3c5c2..910f41583d 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install.yml +++ b/core/src/epicli/data/common/ansible/playbooks/roles/grafana/tasks/install.yml @@ -4,18 +4,9 @@ name: grafana-data state: absent -- name: Install Grafana with dependencies - package: - name: "{{ _packages[ansible_os_family] }}" - state: present +- include_tasks: install-packages-{{ ansible_os_family }}.yml vars: - _packages: - Debian: - - grafana={{ grafana_version }} - RedHat: - - grafana-{{ grafana_version }} - module_defaults: - yum: { lock_timeout: "{{ yum_lock_timeout }}" } + _package_url: "{{ repository_url }}/files/{{ grafana_package.filename[ansible_os_family][ansible_architecture] }}" - name: Recursively chown /etc/grafana (fix permissions) file: diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/add-repositories.multiarch.sh b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/add-repositories.multiarch.sh index 7c1f323719..4a3d70b3ea 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/add-repositories.multiarch.sh +++ b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/add-repositories.multiarch.sh @@ -44,19 +44,6 @@ enabled=1 EOF ) -GRAFANA_REPO_CONF=$(cat <<'EOF' -[grafana] -name=grafana -baseurl=https://packages.grafana.com/oss/rpm -repo_gpgcheck=1 -enabled=1 -gpgcheck=1 -gpgkey=https://packages.grafana.com/gpg.key -sslverify=1 -sslcacert=/etc/pki/tls/certs/ca-bundle.crt -EOF -) - KUBERNETES_REPO_CONF=$(cat <<'EOF' [kubernetes] name=Kubernetes @@ -114,7 +101,6 @@ fi add_repo_as_file 'elastic-6' "$ELASTIC_6_REPO_CONF" add_repo_as_file 'elasticsearch-7' "$ELASTICSEARCH_7_REPO_CONF" add_repo_as_file 'elasticsearch-curator-5' "$ELASTICSEARCH_CURATOR_REPO_CONF" -add_repo_as_file 'grafana' "$GRAFANA_REPO_CONF" add_repo_as_file 'kubernetes' "$KUBERNETES_REPO_CONF" add_repo_as_file 'opendistroforelasticsearch' "$OPENDISTRO_REPO_CONF" add_repo_as_file 'postgresql-13' "$POSTGRESQL_REPO_CONF" diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/requirements.aarch64.txt b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/requirements.aarch64.txt index fc269c25e5..0905cf4cbb 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/requirements.aarch64.txt +++ b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/requirements.aarch64.txt @@ -42,7 +42,6 @@ firewalld fontconfig # for grafana fping gnutls # for cifs-utils -grafana-7.3.5 gssproxy # for nfs-utils htop iftop @@ -92,6 +91,7 @@ python-slip-dbus # for firewalld python-ipaddress python-backports python2-cryptography # for Ansible (certificate modules) +python3-3.6.8 quota # for nfs-utils rabbitmq-server-3.8.9 #rh-haproxy18 @@ -129,13 +129,19 @@ kubernetes-cni-0.7.5-0 kubernetes-cni-0.8.6-0 [files] +# --- Packages --- # Github repository for erlang rpm is used since packagecloud repository is limited to a certain number of versions and erlang package from erlang-solutions repository is much more complex and bigger https://packages.erlang-solutions.com/erlang/rpm/centos/7/aarch64/esl-erlang_23.1.5-1~centos~7_arm64.rpm +# Grafana package is not downloaded from repository since it was not reliable (issue #2449) +https://dl.grafana.com/oss/release/grafana-7.3.5-1.aarch64.rpm +# --- Exporters --- https://github.com/prometheus/haproxy_exporter/releases/download/v0.10.0/haproxy_exporter-0.10.0.linux-arm64.tar.gz https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.14.0/jmx_prometheus_javaagent-0.14.0.jar -https://archive.apache.org/dist/kafka/2.6.0/kafka_2.12-2.6.0.tgz https://github.com/danielqsj/kafka_exporter/releases/download/v1.2.0/kafka_exporter-1.2.0.linux-arm64.tar.gz https://github.com/prometheus/node_exporter/releases/download/v1.0.1/node_exporter-1.0.1.linux-arm64.tar.gz +https://github.com/prometheus-community/postgres_exporter/releases/download/v0.9.0/postgres_exporter-0.9.0.linux-arm64.tar.gz +# --- Misc --- +https://archive.apache.org/dist/kafka/2.6.0/kafka_2.12-2.6.0.tgz https://github.com/prometheus/prometheus/releases/download/v2.10.0/prometheus-2.10.0.linux-arm64.tar.gz https://github.com/prometheus/alertmanager/releases/download/v0.17.0/alertmanager-0.17.0.linux-arm64.tar.gz https://archive.apache.org/dist/zookeeper/zookeeper-3.5.8/apache-zookeeper-3.5.8-bin.tar.gz @@ -143,10 +149,10 @@ https://archive.apache.org/dist/ignite/2.9.1/apache-ignite-2.9.1-bin.zip https://releases.hashicorp.com/vault/1.7.0/vault_1.7.0_linux_arm64.zip https://get.helm.sh/helm-v3.2.0-linux-arm64.tar.gz https://github.com/hashicorp/vault-helm/archive/v0.11.0.tar.gz -https://github.com/prometheus-community/postgres_exporter/releases/download/v0.9.0/postgres_exporter-0.9.0.linux-arm64.tar.gz +# --- Helm charts --- https://charts.bitnami.com/bitnami/node-exporter-1.1.2.tgz https://helm.elastic.co/helm/filebeat/filebeat-7.9.2.tgz -## Grafana Dashboards +# --- Grafana Dashboards --- # Kubernetes Cluster https://grafana.com/api/dashboards/7249/revisions/1/download grafana_dashboard_7249.json # Kubernetes cluster monitoring (via Prometheus) diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/requirements.x86_64.txt b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/requirements.x86_64.txt index de2b87289b..50f3d7ed98 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/requirements.x86_64.txt +++ b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/centos-7/requirements.x86_64.txt @@ -43,7 +43,6 @@ firewalld fontconfig # for grafana fping gnutls # for cifs-utils -grafana-7.3.5 gssproxy # for nfs-utils htop iftop @@ -95,6 +94,7 @@ python-slip-dbus # for firewalld python-ipaddress python-backports python2-cryptography # for Ansible (certificate modules) +python3-3.6.8 quota # for nfs-utils rabbitmq-server-3.8.9 rh-haproxy18 @@ -138,13 +138,19 @@ kubernetes-cni-0.7.5-0 kubernetes-cni-0.8.6-0 [files] +# --- Packages --- # Github repository for erlang rpm is used since packagecloud repository is limited to a certain number of versions and erlang package from erlang-solutions repository is much more complex and bigger https://github.com/rabbitmq/erlang-rpm/releases/download/v23.1.5/erlang-23.1.5-1.el7.x86_64.rpm +# Grafana package is not downloaded from repository since it was not reliable (issue #2449) +https://dl.grafana.com/oss/release/grafana-7.3.5-1.x86_64.rpm +# --- Exporters --- https://github.com/prometheus/haproxy_exporter/releases/download/v0.10.0/haproxy_exporter-0.10.0.linux-amd64.tar.gz https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.14.0/jmx_prometheus_javaagent-0.14.0.jar -https://archive.apache.org/dist/kafka/2.6.0/kafka_2.12-2.6.0.tgz https://github.com/danielqsj/kafka_exporter/releases/download/v1.2.0/kafka_exporter-1.2.0.linux-amd64.tar.gz https://github.com/prometheus/node_exporter/releases/download/v1.0.1/node_exporter-1.0.1.linux-amd64.tar.gz +https://github.com/prometheus-community/postgres_exporter/releases/download/v0.9.0/postgres_exporter-0.9.0.linux-amd64.tar.gz +# --- Misc --- +https://archive.apache.org/dist/kafka/2.6.0/kafka_2.12-2.6.0.tgz https://github.com/prometheus/prometheus/releases/download/v2.10.0/prometheus-2.10.0.linux-amd64.tar.gz https://github.com/prometheus/alertmanager/releases/download/v0.17.0/alertmanager-0.17.0.linux-amd64.tar.gz https://archive.apache.org/dist/zookeeper/zookeeper-3.5.8/apache-zookeeper-3.5.8-bin.tar.gz @@ -152,10 +158,10 @@ https://archive.apache.org/dist/ignite/2.9.1/apache-ignite-2.9.1-bin.zip https://releases.hashicorp.com/vault/1.7.0/vault_1.7.0_linux_amd64.zip https://get.helm.sh/helm-v3.2.0-linux-amd64.tar.gz https://github.com/hashicorp/vault-helm/archive/v0.11.0.tar.gz -https://github.com/prometheus-community/postgres_exporter/releases/download/v0.9.0/postgres_exporter-0.9.0.linux-amd64.tar.gz -https://charts.bitnami.com/bitnami/node-exporter-1.1.2.tgz +# --- Helm charts --- https://helm.elastic.co/helm/filebeat/filebeat-7.9.2.tgz -## Grafana Dashboards +https://charts.bitnami.com/bitnami/node-exporter-1.1.2.tgz +# --- Grafana Dashboards --- # Kubernetes Cluster https://grafana.com/api/dashboards/7249/revisions/1/download grafana_dashboard_7249.json # Kubernetes cluster monitoring (via Prometheus) diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/redhat-7/add-repositories.multiarch.sh b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/redhat-7/add-repositories.multiarch.sh index 7c1f323719..4a3d70b3ea 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/redhat-7/add-repositories.multiarch.sh +++ b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/redhat-7/add-repositories.multiarch.sh @@ -44,19 +44,6 @@ enabled=1 EOF ) -GRAFANA_REPO_CONF=$(cat <<'EOF' -[grafana] -name=grafana -baseurl=https://packages.grafana.com/oss/rpm -repo_gpgcheck=1 -enabled=1 -gpgcheck=1 -gpgkey=https://packages.grafana.com/gpg.key -sslverify=1 -sslcacert=/etc/pki/tls/certs/ca-bundle.crt -EOF -) - KUBERNETES_REPO_CONF=$(cat <<'EOF' [kubernetes] name=Kubernetes @@ -114,7 +101,6 @@ fi add_repo_as_file 'elastic-6' "$ELASTIC_6_REPO_CONF" add_repo_as_file 'elasticsearch-7' "$ELASTICSEARCH_7_REPO_CONF" add_repo_as_file 'elasticsearch-curator-5' "$ELASTICSEARCH_CURATOR_REPO_CONF" -add_repo_as_file 'grafana' "$GRAFANA_REPO_CONF" add_repo_as_file 'kubernetes' "$KUBERNETES_REPO_CONF" add_repo_as_file 'opendistroforelasticsearch' "$OPENDISTRO_REPO_CONF" add_repo_as_file 'postgresql-13' "$POSTGRESQL_REPO_CONF" diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/redhat-7/requirements.x86_64.txt b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/redhat-7/requirements.x86_64.txt index 2c3218634c..602281cc57 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/redhat-7/requirements.x86_64.txt +++ b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/redhat-7/requirements.x86_64.txt @@ -41,7 +41,6 @@ firewalld fontconfig # for grafana fping gnutls # for cifs-utils -grafana-7.3.5 gssproxy # for nfs-utils htop iftop @@ -91,6 +90,7 @@ python-pycparser # for python2-cryptography python-setuptools python-slip-dbus # for firewalld python2-cryptography # for Ansible (certificate modules) +python3-3.6.8 quota # for nfs-utils rabbitmq-server-3.8.9 rh-haproxy18 @@ -134,13 +134,19 @@ kubernetes-cni-0.7.5-0 kubernetes-cni-0.8.6-0 [files] +# --- Packages --- # Github repository for erlang rpm is used since packagecloud repository is limited to a certain number of versions and erlang package from erlang-solutions repository is much more complex and bigger https://github.com/rabbitmq/erlang-rpm/releases/download/v23.1.5/erlang-23.1.5-1.el7.x86_64.rpm +# Grafana package is not downloaded from repository since it was not reliable (issue #2449) +https://dl.grafana.com/oss/release/grafana-7.3.5-1.x86_64.rpm +# --- Exporters --- https://github.com/prometheus/haproxy_exporter/releases/download/v0.10.0/haproxy_exporter-0.10.0.linux-amd64.tar.gz https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.14.0/jmx_prometheus_javaagent-0.14.0.jar -https://archive.apache.org/dist/kafka/2.6.0/kafka_2.12-2.6.0.tgz https://github.com/danielqsj/kafka_exporter/releases/download/v1.2.0/kafka_exporter-1.2.0.linux-amd64.tar.gz https://github.com/prometheus/node_exporter/releases/download/v1.0.1/node_exporter-1.0.1.linux-amd64.tar.gz +https://github.com/prometheus-community/postgres_exporter/releases/download/v0.9.0/postgres_exporter-0.9.0.linux-amd64.tar.gz +# --- Misc --- +https://archive.apache.org/dist/kafka/2.6.0/kafka_2.12-2.6.0.tgz https://github.com/prometheus/prometheus/releases/download/v2.10.0/prometheus-2.10.0.linux-amd64.tar.gz https://github.com/prometheus/alertmanager/releases/download/v0.17.0/alertmanager-0.17.0.linux-amd64.tar.gz https://archive.apache.org/dist/zookeeper/zookeeper-3.5.8/apache-zookeeper-3.5.8-bin.tar.gz @@ -148,10 +154,10 @@ https://archive.apache.org/dist/ignite/2.9.1/apache-ignite-2.9.1-bin.zip https://releases.hashicorp.com/vault/1.7.0/vault_1.7.0_linux_amd64.zip https://get.helm.sh/helm-v3.2.0-linux-amd64.tar.gz https://github.com/hashicorp/vault-helm/archive/v0.11.0.tar.gz -https://github.com/prometheus-community/postgres_exporter/releases/download/v0.9.0/postgres_exporter-0.9.0.linux-amd64.tar.gz -https://charts.bitnami.com/bitnami/node-exporter-1.1.2.tgz +# --- Helm charts --- https://helm.elastic.co/helm/filebeat/filebeat-7.9.2.tgz -## Grafana Dashboards +https://charts.bitnami.com/bitnami/node-exporter-1.1.2.tgz +# --- Grafana Dashboards --- # Kubernetes Cluster https://grafana.com/api/dashboards/7249/revisions/1/download grafana_dashboard_7249.json # Kubernetes cluster monitoring (via Prometheus) diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/ubuntu-18.04/add-repositories.sh b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/ubuntu-18.04/add-repositories.sh index f282dca0cb..ffa0631d45 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/ubuntu-18.04/add-repositories.sh +++ b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/ubuntu-18.04/add-repositories.sh @@ -3,9 +3,6 @@ wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - echo "deb https://artifacts.elastic.co/packages/oss-6.x/apt stable main" | tee /etc/apt/sources.list.d/elastic-6.x.list -wget -qO - https://packages.grafana.com/gpg.key | apt-key add - -echo "deb https://packages.grafana.com/oss/deb stable main" | tee /etc/apt/sources.list.d/grafana.list - wget -qO - https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - echo "deb http://apt.kubernetes.io/ kubernetes-xenial main" | tee /etc/apt/sources.list.d/kubernetes.list diff --git a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/ubuntu-18.04/requirements.x86_64.txt b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/ubuntu-18.04/requirements.x86_64.txt index a7779a23c4..e62390cbfd 100644 --- a/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/ubuntu-18.04/requirements.x86_64.txt +++ b/core/src/epicli/data/common/ansible/playbooks/roles/repository/files/download-requirements/ubuntu-18.04/requirements.x86_64.txt @@ -44,7 +44,6 @@ filebeat 7.9.2 firewalld fping gnupg2 -grafana 7.3.5 haproxy htop iftop @@ -192,24 +191,30 @@ kubernetes-cni 0.7.5-00 kubernetes-cni 0.8.6-00 [files] +# --- Packages --- +# Switched from APT repo because there was only one (the latest) version available (issue #2262) +https://packages.elastic.co/curator/5/debian9/pool/main/e/elasticsearch-curator/elasticsearch-curator_5.8.3_amd64.deb +# Grafana package is not downloaded from repository since it was not reliable (issue #2449) +https://dl.grafana.com/oss/release/grafana_7.3.5_amd64.deb +# --- Exporters --- +https://github.com/prometheus/haproxy_exporter/releases/download/v0.10.0/haproxy_exporter-0.10.0.linux-amd64.tar.gz https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.14.0/jmx_prometheus_javaagent-0.14.0.jar +https://github.com/danielqsj/kafka_exporter/releases/download/v1.2.0/kafka_exporter-1.2.0.linux-amd64.tar.gz +https://github.com/prometheus/node_exporter/releases/download/v1.0.1/node_exporter-1.0.1.linux-amd64.tar.gz +https://github.com/prometheus-community/postgres_exporter/releases/download/v0.9.0/postgres_exporter-0.9.0.linux-amd64.tar.gz +# --- Misc --- https://archive.apache.org/dist/kafka/2.6.0/kafka_2.12-2.6.0.tgz https://archive.apache.org/dist/zookeeper/zookeeper-3.5.8/apache-zookeeper-3.5.8-bin.tar.gz -https://github.com/danielqsj/kafka_exporter/releases/download/v1.2.0/kafka_exporter-1.2.0.linux-amd64.tar.gz https://github.com/prometheus/alertmanager/releases/download/v0.17.0/alertmanager-0.17.0.linux-amd64.tar.gz -https://github.com/prometheus/haproxy_exporter/releases/download/v0.10.0/haproxy_exporter-0.10.0.linux-amd64.tar.gz -https://github.com/prometheus/node_exporter/releases/download/v1.0.1/node_exporter-1.0.1.linux-amd64.tar.gz https://github.com/prometheus/prometheus/releases/download/v2.10.0/prometheus-2.10.0.linux-amd64.tar.gz https://archive.apache.org/dist/ignite/2.9.1/apache-ignite-2.9.1-bin.zip https://releases.hashicorp.com/vault/1.7.0/vault_1.7.0_linux_amd64.zip https://get.helm.sh/helm-v3.2.0-linux-amd64.tar.gz https://github.com/hashicorp/vault-helm/archive/v0.11.0.tar.gz -https://github.com/prometheus-community/postgres_exporter/releases/download/v0.9.0/postgres_exporter-0.9.0.linux-amd64.tar.gz +# --- Helm charts --- https://charts.bitnami.com/bitnami/node-exporter-1.1.2.tgz https://helm.elastic.co/helm/filebeat/filebeat-7.9.2.tgz -# Switched from APT repo because there was only one (the latest) version available (issue #2262) -https://packages.elastic.co/curator/5/debian9/pool/main/e/elasticsearch-curator/elasticsearch-curator_5.8.3_amd64.deb -## Grafana Dashboards +# --- Grafana Dashboards --- # Kubernetes Cluster https://grafana.com/api/dashboards/7249/revisions/1/download grafana_dashboard_7249.json # Kubernetes cluster monitoring (via Prometheus) diff --git a/core/src/epicli/data/common/defaults/configuration/feature-mapping.yml b/core/src/epicli/data/common/defaults/configuration/feature-mapping.yml index b84b072ff6..9aa514dbc7 100644 --- a/core/src/epicli/data/common/defaults/configuration/feature-mapping.yml +++ b/core/src/epicli/data/common/defaults/configuration/feature-mapping.yml @@ -4,59 +4,59 @@ name: default specification: available_roles: - name: repository - enabled: yes + enabled: true - name: firewall - enabled: yes + enabled: true - name: image-registry - enabled: yes + enabled: true - name: kubernetes-master - enabled: yes + enabled: true - name: kubernetes-node - enabled: yes + enabled: true - name: helm - enabled: yes + enabled: true - name: logging - enabled: yes + enabled: true - name: opendistro-for-elasticsearch - enabled: yes + enabled: true - name: elasticsearch-curator - enabled: yes + enabled: true - name: kibana - enabled: yes + enabled: true - name: filebeat - enabled: yes + enabled: true - name: logstash - enabled: yes + enabled: true - name: prometheus - enabled: yes + enabled: true - name: grafana - enabled: yes + enabled: true - name: node-exporter - enabled: yes + enabled: true - name: jmx-exporter - enabled: yes + enabled: true - name: zookeeper - enabled: yes + enabled: true - name: kafka - enabled: yes + enabled: true - name: rabbitmq - enabled: yes + enabled: true - name: kafka-exporter - enabled: yes + enabled: true - name: postgresql - enabled: yes + enabled: true - name: postgres-exporter - enabled: yes + enabled: true - name: haproxy - enabled: yes + enabled: true - name: haproxy-exporter - enabled: yes + enabled: true - name: vault - enabled: yes + enabled: true - name: applications - enabled: yes + enabled: true - name: ignite - enabled: yes + enabled: true roles_mapping: kafka: diff --git a/core/src/epicli/data/common/defaults/configuration/grafana.yml b/core/src/epicli/data/common/defaults/configuration/grafana.yml index 67623d0067..5a8277ac63 100644 --- a/core/src/epicli/data/common/defaults/configuration/grafana.yml +++ b/core/src/epicli/data/common/defaults/configuration/grafana.yml @@ -183,7 +183,7 @@ specification: # concurrent_render_limit: 5 # Grafana logging configuration - grafana_log: + grafana_log: {} # mode: 'console file' # level: info diff --git a/core/src/epicli/data/common/defaults/configuration/haproxy.yml b/core/src/epicli/data/common/defaults/configuration/haproxy.yml index 495ecd62da..d3c64c5ca7 100644 --- a/core/src/epicli/data/common/defaults/configuration/haproxy.yml +++ b/core/src/epicli/data/common/defaults/configuration/haproxy.yml @@ -17,7 +17,7 @@ specification: frontend: - name: https_front port: 443 - https: yes + https: true backend: - http_back1 backend: # example backend config below diff --git a/core/src/epicli/data/common/defaults/configuration/kubernetes-master.yml b/core/src/epicli/data/common/defaults/configuration/kubernetes-master.yml index c30c7bc8b9..4b7d14f893 100644 --- a/core/src/epicli/data/common/defaults/configuration/kubernetes-master.yml +++ b/core/src/epicli/data/common/defaults/configuration/kubernetes-master.yml @@ -35,7 +35,7 @@ specification: expiration_days: 365 # values greater than 24855 are not recommended renew: false etcd_args: - encrypted: yes + encrypted: true kubeconfig: local: api_server: diff --git a/core/src/epicli/data/common/validation/configuration/applications.yml b/core/src/epicli/data/common/validation/configuration/applications.yml index 89807aa970..38d876773c 100644 --- a/core/src/epicli/data/common/validation/configuration/applications.yml +++ b/core/src/epicli/data/common/validation/configuration/applications.yml @@ -1 +1,337 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Application specification schema" +description: "Application specification schema" +type: object +properties: + applications: + type: array + items: + - type: object + properties: + name: + type: string + enabled: + type: boolean + image_path: + type: string + use_local_image_registry: + type: boolean + namespace: + type: string + service: + type: object + properties: + rest_nodeport: + type: integer + sql_nodeport: + type: integer + thinclients_nodeport: + type: integer + replicas: + type: integer + enabled_plugins: + type: array + items: + - type: string + - type: string + - type: object + properties: + name: + type: string + enabled: + type: boolean + image_path: + type: string + use_local_image_registry: + type: boolean + service: + type: object + properties: + name: + type: string + port: + type: integer + management_port: + type: integer + replicas: + type: integer + namespace: + type: string + rabbitmq: + type: object + properties: + plugins: + type: array + items: + - type: string + - type: string + policies: + type: array + items: + - type: object + properties: + name: + type: string + pattern: + type: string + definitions: + type: object + properties: + ha-mode: + type: string + custom_configurations: + type: array + items: + - type: object + properties: + name: + type: string + value: + type: number + cluster: + type: 'null' + - type: object + properties: + name: + type: string + enabled: + type: boolean + image_path: + type: string + use_local_image_registry: + type: boolean + service: + type: object + properties: + name: + type: string + port: + type: integer + replicas: + type: integer + namespace: + type: string + admin_user: + type: string + admin_password: + type: string + database: + type: object + properties: + name: + type: string + user: + type: string + password: + type: string + - type: object + properties: + name: + type: string + enabled: + type: boolean + image: + type: object + properties: + path: + type: string + debug: + type: boolean + use_local_image_registry: + type: boolean + namespace: + type: string + service: + type: object + properties: + name: + type: string + port: + type: integer + replicas: + type: integer + pod_spec: + type: object + properties: + affinity: + type: object + properties: + podAntiAffinity: + type: object + properties: + preferredDuringSchedulingIgnoredDuringExecution: + type: array + items: + - type: object + properties: + weight: + type: integer + podAffinityTerm: + type: object + properties: + labelSelector: + type: object + properties: + matchExpressions: + type: array + items: + - type: object + properties: + key: + type: string + operator: + type: string + values: + type: array + items: + - type: string + topologyKey: + type: string + nodeSelector: + type: object + tolerations: + type: object + resources: + type: object + properties: + limits: + type: object + properties: + memory: + type: string + requests: + type: object + properties: + cpu: + type: string + memory: + type: string + pgpool: + type: object + properties: + env: + type: object + properties: + PGPOOL_BACKEND_NODES: + type: string + PGPOOL_POSTGRES_USERNAME: + type: string + PGPOOL_SR_CHECK_USER: + type: string + PGPOOL_ADMIN_USERNAME: + type: string + PGPOOL_ENABLE_LOAD_BALANCING: + type: boolean + PGPOOL_MAX_POOL: + type: integer + PGPOOL_POSTGRES_PASSWORD_FILE: + type: string + PGPOOL_SR_CHECK_PASSWORD_FILE: + type: string + PGPOOL_ADMIN_PASSWORD_FILE: + type: string + secrets: + type: object + properties: + pgpool_postgres_password: + type: string + pgpool_sr_check_password: + type: string + pgpool_admin_password: + type: string + pgpool_conf_content_to_append: + type: string + pool_hba_conf: + type: string + - type: object + properties: + name: + type: string + enabled: + type: boolean + image_path: + type: string + init_image_path: + type: string + use_local_image_registry: + type: boolean + namespace: + type: string + service: + type: object + properties: + name: + type: string + port: + type: integer + replicas: + type: integer + resources: + type: object + properties: + requests: + type: object + properties: + cpu: + type: string + memory: + type: string + limits: + type: object + properties: + cpu: + type: string + memory: + type: string + pgbouncer: + type: object + properties: + env: + type: object + properties: + DB_HOST: + type: string + DB_LISTEN_PORT: + type: integer + LISTEN_ADDR: + type: string + LISTEN_PORT: + type: integer + AUTH_FILE: + type: string + AUTH_TYPE: + type: string + MAX_CLIENT_CONN: + type: integer + DEFAULT_POOL_SIZE: + type: integer + RESERVE_POOL_SIZE: + type: integer + POOL_MODE: + type: string + - type: object + properties: + name: + type: string + enabled: + type: boolean + use_local_image_registry: + type: boolean + namespaces: + type: object + properties: + operator: + type: string + watched: + type: array + items: + - type: string + istio: + type: string + istio_spec: + type: object + properties: + profile: + type: string + name: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/backup.yml b/core/src/epicli/data/common/validation/configuration/backup.yml index c61f718127..1f196f6638 100644 --- a/core/src/epicli/data/common/validation/configuration/backup.yml +++ b/core/src/epicli/data/common/validation/configuration/backup.yml @@ -79,4 +79,3 @@ properties: enabled: "$id": "#/properties/specification/properties/components/properties/kubernetes/properties/enabled" type: boolean - diff --git a/core/src/epicli/data/common/validation/configuration/elasticsearch-curator.yml b/core/src/epicli/data/common/validation/configuration/elasticsearch-curator.yml index 89807aa970..906b0afeba 100644 --- a/core/src/epicli/data/common/validation/configuration/elasticsearch-curator.yml +++ b/core/src/epicli/data/common/validation/configuration/elasticsearch-curator.yml @@ -1 +1,60 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Elasticsearch-curator specification schema" +description: "Elasticsearch-curator specification schema" +type: object +properties: + delete_indices_cron_jobs: + type: array + items: + - type: object + properties: + description: + type: string + cron: + type: object + properties: + hour: + type: integer + minute: + type: integer + enabled: + type: boolean + filter_list: + type: array + items: + - type: object + properties: + filtertype: + type: string + unit_count: + type: integer + unit: + type: string + source: + type: string + direction: + type: string + - type: object + properties: + description: + type: string + cron: + type: object + properties: + minute: + type: integer + enabled: + type: boolean + filter_list: + type: array + items: + - type: object + properties: + filtertype: + type: string + disk_space: + type: integer + use_age: + type: boolean + source: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/elasticsearch.yml b/core/src/epicli/data/common/validation/configuration/elasticsearch.yml deleted file mode 100644 index 89807aa970..0000000000 --- a/core/src/epicli/data/common/validation/configuration/elasticsearch.yml +++ /dev/null @@ -1 +0,0 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file diff --git a/core/src/epicli/data/common/validation/configuration/feature-mapping.yml b/core/src/epicli/data/common/validation/configuration/feature-mapping.yml index 89807aa970..ae6cd504b0 100644 --- a/core/src/epicli/data/common/validation/configuration/feature-mapping.yml +++ b/core/src/epicli/data/common/validation/configuration/feature-mapping.yml @@ -1 +1,69 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Feature-mapping specification schema" +description: "Feature-mapping specification schema" +type: object +properties: + available_roles: + type: array + items: + type: object + properties: + name: + type: string + enabled: + type: boolean + roles_mapping: + type: object + properties: + kafka: + type: array + items: + type: string + rabbitmq: + type: array + items: + type: string + logging: + type: array + items: + type: string + load_balancer: + type: array + items: + type: string + monitoring: + type: array + items: + type: string + postgresql: + type: array + items: + type: string + custom: + type: array + items: + type: string + single_machine: + type: array + items: + type: string + kubernetes_master: + type: array + items: + type: string + kubernetes_node: + type: array + items: + type: string + ignite: + type: array + items: + type: string + opendistro_for_elasticsearch: + type: array + items: + type: string + repository: + type: array + items: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/filebeat.yml b/core/src/epicli/data/common/validation/configuration/filebeat.yml index 89807aa970..02c7af95dc 100644 --- a/core/src/epicli/data/common/validation/configuration/filebeat.yml +++ b/core/src/epicli/data/common/validation/configuration/filebeat.yml @@ -1 +1,29 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Filebeat specification schema" +description: "Filebeat specification schema" +type: object +properties: + kibana: + type: object + properties: + dashboards: + type: object + properties: + index: + type: string + enabled: + type: string + disable_helm_chart: + type: boolean + postgresql_input: + type: object + properties: + multiline: + type: object + properties: + pattern: + type: string + negate: + type: boolean + match: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/firewall.yml b/core/src/epicli/data/common/validation/configuration/firewall.yml index 89807aa970..8ab744ab04 100644 --- a/core/src/epicli/data/common/validation/configuration/firewall.yml +++ b/core/src/epicli/data/common/validation/configuration/firewall.yml @@ -1 +1,199 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Firewall specification schema" +description: "Firewall specification schema" +type: object +properties: + Debian: + type: object + properties: + install_firewalld: + type: boolean + firewall_service_enabled: + type: boolean + apply_configuration: + type: boolean + managed_zone_name: + type: string + rules: + type: object + properties: + applications: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + common: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + grafana: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + haproxy: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + haproxy_exporter: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + ignite: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + image_registry: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + jmx_exporter: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + kafka: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + kafka_exporter: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + kibana: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + kubernetes_master: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + kubernetes_node: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + logging: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + node_exporter: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + opendistro_for_elasticsearch: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + postgresql: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + prometheus: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + rabbitmq: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string + zookeeper: + type: object + properties: + enabled: + type: boolean + ports: + type: array + items: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/grafana.yml b/core/src/epicli/data/common/validation/configuration/grafana.yml index 89807aa970..d107fe4d41 100644 --- a/core/src/epicli/data/common/validation/configuration/grafana.yml +++ b/core/src/epicli/data/common/validation/configuration/grafana.yml @@ -1 +1,376 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Grafana specification schema" +description: "Grafana specification schema" +type: object +properties: + grafana_logs_dir: + type: string + grafana_data_dir: + type: string + grafana_address: + type: string + grafana_port: + type: integer + grafana_provisioning_synced: + type: boolean + grafana_url: + type: string + grafana_server: + type: object + properties: + protocol: + type: string + enforce_domain: + type: boolean + socket: + type: string + cert_key: + type: string + cert_file: + type: string + enable_gzip: + type: boolean + static_root_path: + type: string + router_logging: + type: boolean + grafana_security: + type: object + properties: + admin_user: + type: string + admin_password: + type: string + secret_key: + type: string + login_remember_days: + type: integer + cookie_username: + type: string + cookie_remember_name: + type: string + disable_gravatar: + type: boolean + data_source_proxy_whitelist: + type: 'null' + grafana_database: + type: object + properties: + type: + type: string + host: + type: string + name: + type: string + user: + type: string + password: + type: string + url: + type: string + ssl_mode: + type: string + path: + type: string + max_idle_conn: + type: integer + max_open_conn: + type: string + log_queries: + type: string + grafana_external_dashboards: + type: array + items: + type: object + properties: + dashboard_id: + type: string + datasource: + type: string + grafana_online_dashboards: + type: array + items: + type: object + properties: + dashboard_id: + type: string + revision_id: + type: string + grafana_dashboards_dir: + type: string + grafana_welcome_email_on_sign_up: + type: boolean + grafana_users: + type: object + properties: + allow_sign_up: + type: boolean + allow_org_create: + type: boolean + auto_assign_org: + type: boolean + auto_assign_org_role: + type: string + login_hint: + type: string + default_theme: + type: string + external_manage_link_url: + type: string + external_manage_link_name: + type: string + external_manage_info: + type: string + grafana_auth: + type: object + properties: + disable_login_form: + type: boolean + disable_signout_menu: + type: boolean + anonymous: + type: object + properties: + org_name: + type: string + org_role: + type: string + ldap: + type: object + properties: + config_file: + type: string + allow_sign_up: + type: boolean + basic: + type: object + properties: + enabled: + type: boolean + grafana_ldap: + type: object + properties: + verbose_logging: + type: boolean + servers: + type: object + properties: + host: + type: string + port: + type: integer + use_ssl: + type: boolean + start_tls: + type: boolean + ssl_skip_verify: + type: boolean + root_ca_cert: + type: string + bind_dn: + type: string + bind_password: + type: string + search_filter: + type: string + search_base_dns: + type: array + items: + type: string + group_search_filter: + type: string + group_search_base_dns: + type: array + items: + type: string + attributes: + type: object + properties: + name: + type: string + surname: + type: string + username: + type: string + member_of: + type: string + email: + type: string + group_mappings: + type: array + items: + type: object + properties: + name: + type: string + id: + type: integer + groups: + type: array + items: + type: object + properties: + group_dn: + type: string + org_role: + type: string + grafana_session: + type: object + properties: + provider: + type: string + provider_config: + type: string + grafana_analytics: + type: object + properties: + reporting_enabled: + type: boolean + google_analytics_ua_id: + type: string + grafana_smtp: + type: object + properties: + host: + type: string + user: + type: string + password: + type: string + from_address: + type: string + grafana_alerting: + type: object + properties: + execute_alerts: + type: boolean + error_or_timeout: + type: string + nodata_or_nullvalues: + type: string + concurrent_render_limit: + type: integer + grafana_log: + type: object + properties: + mode: + type: string + level: + type: string + grafana_metrics: + type: object + properties: + interval_seconds: + type: integer + graphite: + type: object + properties: + address: + type: string + prefix: + type: string + grafana_tracing: + type: object + properties: + address: + type: string + always_included_tag: + type: string + sampler_type: + type: string + sampler_param: + type: integer + grafana_snapshots: + type: object + properties: + external_enabled: + type: boolean + external_snapshot_url: + type: string + external_snapshot_name: + type: string + snapshot_remove_expired: + type: boolean + snapshot_TTL_days: + type: integer + grafana_image_storage: + type: object + properties: + provider: + type: string + key_file: + type: string + bucket: + type: string + path: + type: string + grafana_plugins: + type: array + items: + type: string + grafana_alert_notifications: + type: array + items: + type: object + properties: + name: + type: string + type: + type: string + isDefault: + type: boolean + settings: + type: object + properties: + addresses: + type: string + grafana_datasources: + type: array + items: + type: object + properties: + name: + type: string + type: + type: string + access: + type: string + url: + type: string + basicAuth: + type: boolean + basicAuthUser: + type: string + basicAuthPassword: + type: string + isDefault: + type: boolean + editable: + type: boolean + jsonData: + type: object + properties: + tlsAuth: + type: boolean + tlsAuthWithCACert: + type: boolean + tlsSkipVerify: + type: boolean + grafana_api_keys: + type: array + items: + type: object + properties: + name: + type: string + role: + type: string + grafana_logging: + type: object + properties: + log_rotate: + type: boolean + daily_rotate: + type: boolean + max_days: + type: integer diff --git a/core/src/epicli/data/common/validation/configuration/haproxy-exporter.yml b/core/src/epicli/data/common/validation/configuration/haproxy-exporter.yml index 89807aa970..5466cbc822 100644 --- a/core/src/epicli/data/common/validation/configuration/haproxy-exporter.yml +++ b/core/src/epicli/data/common/validation/configuration/haproxy-exporter.yml @@ -1 +1,25 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Haproxy-exporter specification schema" +description: "Haproxy-exporter specification schema" +type: object +properties: + description: + type: string + web_listen_port: + type: string + config_for_prometheus: + type: object + properties: + exporter_listen_port: + type: string + prometheus_config_dir: + type: string + file_sd_labels: + type: array + items: + type: object + properties: + label: + type: string + value: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/haproxy.yml b/core/src/epicli/data/common/validation/configuration/haproxy.yml index 89807aa970..4e2b5c8400 100644 --- a/core/src/epicli/data/common/validation/configuration/haproxy.yml +++ b/core/src/epicli/data/common/validation/configuration/haproxy.yml @@ -1 +1,56 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Haproxy specification schema" +description: "Haproxy specification schema" +type: object +properties: + logs_max_days: + type: integer + self_signed_certificate_name: + type: string + self_signed_private_key_name: + type: string + self_signed_concatenated_cert_name: + type: string + haproxy_log_path: + type: string + stats: + type: object + properties: + enable: + type: boolean + bind_address: + type: string + uri: + type: string + user: + type: string + password: + type: string + frontend: + type: array + items: + type: object + properties: + name: + type: string + port: + type: integer + https: + type: boolean + backend: + type: array + items: + type: string + backend: + type: array + items: + type: object + properties: + name: + type: string + server_groups: + type: array + items: + type: string + port: + type: integer diff --git a/core/src/epicli/data/common/validation/configuration/helm.yml b/core/src/epicli/data/common/validation/configuration/helm.yml index 89807aa970..777489b9e0 100644 --- a/core/src/epicli/data/common/validation/configuration/helm.yml +++ b/core/src/epicli/data/common/validation/configuration/helm.yml @@ -1 +1,7 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Helm specification schema" +description: "Helm specification schema" +type: object +properties: + apache_epirepo_path: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/ignite.yml b/core/src/epicli/data/common/validation/configuration/ignite.yml index 89807aa970..195e69d462 100644 --- a/core/src/epicli/data/common/validation/configuration/ignite.yml +++ b/core/src/epicli/data/common/validation/configuration/ignite.yml @@ -1 +1,11 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Ignite specification schema" +description: "Ignite specification schema" +type: object +properties: + enabled_plugins: + type: array + items: + type: string + config: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/image-registry.yml b/core/src/epicli/data/common/validation/configuration/image-registry.yml index 89807aa970..aaf08f8f03 100644 --- a/core/src/epicli/data/common/validation/configuration/image-registry.yml +++ b/core/src/epicli/data/common/validation/configuration/image-registry.yml @@ -1 +1,72 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Image-registry specification schema" +description: "Image-registry specification schema" +type: object +properties: + description: + type: string + registry_image: + type: object + properties: + name: + type: string + file_name: + type: string + images_to_load: + type: object + properties: + x86_64: + type: object + properties: + generic: + type: array + items: + type: object + properties: + name: + type: string + file_name: + type: string + current: + type: array + items: + type: object + properties: + name: + type: string + file_name: + type: string + legacy: + type: array + items: + type: object + properties: + name: + type: string + file_name: + type: string + aarch64: + type: object + properties: + generic: + type: array + items: + type: object + properties: + name: + type: string + file_name: + type: string + current: + type: array + items: + type: object + properties: + name: + type: string + file_name: + type: string + legacy: + type: array + items: + items: {} diff --git a/core/src/epicli/data/common/validation/configuration/jmx-exporter.yml b/core/src/epicli/data/common/validation/configuration/jmx-exporter.yml index 89807aa970..1dcfbd2a94 100644 --- a/core/src/epicli/data/common/validation/configuration/jmx-exporter.yml +++ b/core/src/epicli/data/common/validation/configuration/jmx-exporter.yml @@ -1 +1,15 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Jmx-exporter specification schema" +description: "Jmx-exporter specification schema" +type: object +properties: + file_name: + type: string + jmx_path: + type: string + jmx_jars_directory: + type: string + jmx_exporter_user: + type: string + jmx_exporter_group: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/kafka-exporter.yml b/core/src/epicli/data/common/validation/configuration/kafka-exporter.yml index 89807aa970..e98fe687f1 100644 --- a/core/src/epicli/data/common/validation/configuration/kafka-exporter.yml +++ b/core/src/epicli/data/common/validation/configuration/kafka-exporter.yml @@ -1 +1,29 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Kafka-exporter specification schema" +description: "Kafka-exporter specification schema" +type: object +properties: + description: + type: string + web_listen_port: + type: string + config_flags: + type: array + items: + type: string + config_for_prometheus: + type: object + properties: + exporter_listen_port: + type: string + prometheus_config_dir: + type: string + file_sd_labels: + type: array + items: + type: object + properties: + label: + type: string + value: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/kafka.yml b/core/src/epicli/data/common/validation/configuration/kafka.yml index 89807aa970..df937774e2 100644 --- a/core/src/epicli/data/common/validation/configuration/kafka.yml +++ b/core/src/epicli/data/common/validation/configuration/kafka.yml @@ -1 +1,167 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Kafka specification schema" +description: "Kafka specification schema" +type: object +properties: + kafka_var: + type: object + properties: + enabled: + type: boolean + admin: + type: string + admin_pwd: + type: string + javax_net_debug: + type: string + security: + type: object + properties: + ssl: + type: object + properties: + enabled: + type: boolean + port: + type: integer + server: + type: object + properties: + local_cert_download_path: + type: string + keystore_location: + type: string + truststore_location: + type: string + cert_validity: + type: integer + passwords: + type: object + properties: + keystore: + type: string + truststore: + type: string + key: + type: string + endpoint_identification_algorithm: + type: string + client_auth: + type: string + encrypt_at_rest: + type: boolean + inter_broker_protocol: + type: string + authorization: + type: object + properties: + enabled: + type: boolean + authorizer_class_name: + type: string + allow_everyone_if_no_acl_found: + type: boolean + super_users: + type: array + items: + type: string + users: + type: array + items: + type: object + properties: + name: + type: string + topic: + type: string + authentication: + type: object + properties: + enabled: + type: boolean + authentication_method: + type: string + sasl_mechanism_inter_broker_protocol: + type: 'null' + sasl_enabled_mechanisms: + type: string + sha: + type: string + port: + type: integer + min_insync_replicas: + type: integer + default_replication_factor: + type: integer + offsets_topic_replication_factor: + type: integer + num_recovery_threads_per_data_dir: + type: integer + num_replica_fetchers: + type: integer + replica_fetch_max_bytes: + type: integer + replica_socket_receive_buffer_bytes: + type: integer + partitions: + type: integer + log_retention_hours: + type: integer + log_retention_bytes: + type: integer + offset_retention_minutes: + type: integer + heap_opts: + type: string + opts: + type: string + jmx_opts: + type: 'null' + max_incremental_fetch_session_cache_slots: + type: integer + controlled_shutdown_enable: + type: boolean + group: + type: string + user: + type: string + conf_dir: + type: string + data_dir: + type: string + log_dir: + type: string + socket_settings: + type: object + properties: + network_threads: + type: integer + io_threads: + type: integer + send_buffer_bytes: + type: integer + receive_buffer_bytes: + type: integer + request_max_bytes: + type: integer + zookeeper_set_acl: + type: boolean + zookeeper_hosts: + type: string + jmx_exporter_user: + type: string + jmx_exporter_group: + type: string + prometheus_jmx_path: + type: string + prometheus_jmx_exporter_web_listen_port: + type: integer + prometheus_jmx_config: + type: string + prometheus_config_dir: + type: string + prometheus_kafka_jmx_file_sd_labels: + type: object + properties: + job: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/kibana.yml b/core/src/epicli/data/common/validation/configuration/kibana.yml index 89807aa970..17b77c2e15 100644 --- a/core/src/epicli/data/common/validation/configuration/kibana.yml +++ b/core/src/epicli/data/common/validation/configuration/kibana.yml @@ -1 +1,7 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Kibana specification schema" +description: "Kibana specification schema" +type: object +properties: + kibana_log_dir: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/kubernetes-master.yml b/core/src/epicli/data/common/validation/configuration/kubernetes-master.yml index d5484005e7..3404593b1d 100644 --- a/core/src/epicli/data/common/validation/configuration/kubernetes-master.yml +++ b/core/src/epicli/data/common/validation/configuration/kubernetes-master.yml @@ -1,6 +1,6 @@ "$id": "#/specification" -title: "K8s specification schema" -description: "K8s specification schema" +title: "K8s-master specification schema" +description: "K8s-master specification schema" type: object properties: advanced: diff --git a/core/src/epicli/data/common/validation/configuration/kubernetes-node.yml b/core/src/epicli/data/common/validation/configuration/kubernetes-node.yml index 89807aa970..c203483d16 100644 --- a/core/src/epicli/data/common/validation/configuration/kubernetes-node.yml +++ b/core/src/epicli/data/common/validation/configuration/kubernetes-node.yml @@ -1 +1,11 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "K8s-nodes specification schema" +description: "K8s-nodes specification schema" +type: object +properties: + version: + type: string + cni_version: + type: string + node_labels: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/logging.yml b/core/src/epicli/data/common/validation/configuration/logging.yml index 89807aa970..2a434160a0 100644 --- a/core/src/epicli/data/common/validation/configuration/logging.yml +++ b/core/src/epicli/data/common/validation/configuration/logging.yml @@ -1 +1,45 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Logging specification schema" +description: "Logging specification schema" +type: object +properties: + cluster_name: + type: string + admin_password: + type: string + kibanaserver_password: + type: string + kibanaserver_user_active: + type: boolean + logstash_password: + type: string + logstash_user_active: + type: boolean + demo_users_to_remove: + type: array + items: {} + paths: + type: object + properties: + data: + type: string + repo: + type: string + logs: + type: string + jvm_options: + type: object + properties: + Xmx: + type: string + opendistro_security: + type: object + properties: + ssl: + type: object + properties: + transport: + type: object + properties: + enforce_hostname_verification: + type: boolean diff --git a/core/src/epicli/data/common/validation/configuration/logstash.yml b/core/src/epicli/data/common/validation/configuration/logstash.yml index e476595b41..b7e3f6cf9c 100644 --- a/core/src/epicli/data/common/validation/configuration/logstash.yml +++ b/core/src/epicli/data/common/validation/configuration/logstash.yml @@ -1 +1,4 @@ -$ref: '#/definitions/unvalidated_specification' +"$id": "#/specification" +title: "Logstash specification schema" +description: "Logstash specification schema" +type: object diff --git a/core/src/epicli/data/common/validation/configuration/node-exporter.yml b/core/src/epicli/data/common/validation/configuration/node-exporter.yml index 89807aa970..2d65589397 100644 --- a/core/src/epicli/data/common/validation/configuration/node-exporter.yml +++ b/core/src/epicli/data/common/validation/configuration/node-exporter.yml @@ -1 +1,50 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Node-exporter specification schema" +description: "Node-exporter specification schema" +type: object +properties: + disable_helm_chart: + type: boolean + helm_chart_values: + type: object + properties: + service: + type: object + properties: + port: + type: integer + targetPort: + type: integer + files: + type: object + properties: + node_exporter_helm_chart_file_name: + type: string + enabled_collectors: + type: array + items: + type: string + config_flags: + type: array + items: + type: string + web_listen_port: + type: string + web_listen_address: + type: string + config_for_prometheus: + type: object + properties: + exporter_listen_port: + type: string + prometheus_config_dir: + type: string + file_sd_labels: + type: array + items: + type: object + properties: + label: + type: string + value: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/opendistro-for-elasticsearch.yml b/core/src/epicli/data/common/validation/configuration/opendistro-for-elasticsearch.yml index 89807aa970..3992bc36ab 100644 --- a/core/src/epicli/data/common/validation/configuration/opendistro-for-elasticsearch.yml +++ b/core/src/epicli/data/common/validation/configuration/opendistro-for-elasticsearch.yml @@ -1 +1,48 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Opendistro-for-elasticsearch specification schema" +description: "Opendistro-for-elasticsearch specification schema" +type: object +properties: + cluster_name: + type: string + clustered: + type: boolean + admin_password: + type: string + kibanaserver_password: + type: string + kibanaserver_user_active: + type: boolean + logstash_password: + type: string + logstash_user_active: + type: boolean + demo_users_to_remove: + type: array + items: + type: string + paths: + type: object + properties: + data: + type: string + repo: + type: string + logs: + type: string + jvm_options: + type: object + properties: + Xmx: + type: string + opendistro_security: + type: object + properties: + ssl: + type: object + properties: + transport: + type: object + properties: + enforce_hostname_verification: + type: boolean diff --git a/core/src/epicli/data/common/validation/configuration/postgres-exporter.yml b/core/src/epicli/data/common/validation/configuration/postgres-exporter.yml index 89807aa970..e4b9227047 100644 --- a/core/src/epicli/data/common/validation/configuration/postgres-exporter.yml +++ b/core/src/epicli/data/common/validation/configuration/postgres-exporter.yml @@ -1 +1,25 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Postgres-exporter specification schema" +description: "Postgres-exporter specification schema" +type: object +properties: + config_flags: + type: array + items: + type: string + config_for_prometheus: + type: object + properties: + exporter_listen_port: + type: string + prometheus_config_dir: + type: string + file_sd_labels: + type: array + items: + type: object + properties: + label: + type: string + value: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/postgresql.yml b/core/src/epicli/data/common/validation/configuration/postgresql.yml index 89807aa970..f0b22b0dd5 100644 --- a/core/src/epicli/data/common/validation/configuration/postgresql.yml +++ b/core/src/epicli/data/common/validation/configuration/postgresql.yml @@ -1 +1,106 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Postgresql specification schema" +description: "Postgresql specification schema" +type: object +properties: + config_file: + type: object + properties: + parameter_groups: + type: array + items: + type: object + properties: + name: + type: string + subgroups: + type: array + items: + type: object + properties: + name: + type: string + parameters: + type: array + items: + type: object + properties: + name: + type: string + value: + type: + - string + - integer + comment: + type: string + when: + type: string + extensions: + type: object + properties: + pgaudit: + type: object + properties: + enabled: + type: boolean + shared_preload_libraries: + type: array + items: + type: string + config_file_parameters: + type: object + properties: + log_connections: + type: string + log_disconnections: + type: string + log_statement: + type: string + log_line_prefix: + type: string + pgaudit.log: + type: string + pgaudit.log_catalog: + type: string + pgaudit.log_relation: + type: string + pgaudit.log_statement_once: + type: string + pgaudit.log_parameter: + type: string + pgbouncer: + type: object + properties: + enabled: + type: boolean + replication: + type: object + properties: + enabled: + type: boolean + replication_user_name: + type: string + replication_user_password: + type: string + privileged_user_name: + type: string + privileged_user_password: + type: string + repmgr_database: + type: string + shared_preload_libraries: + type: array + items: + type: string + logrotate: + type: object + properties: + pgbouncer: + type: object + properties: + period: + type: string + rotations: + type: integer + postgresql: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/prometheus.yml b/core/src/epicli/data/common/validation/configuration/prometheus.yml index 89807aa970..d7ab835d40 100644 --- a/core/src/epicli/data/common/validation/configuration/prometheus.yml +++ b/core/src/epicli/data/common/validation/configuration/prometheus.yml @@ -1 +1,134 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Prometheus specification schema" +description: "Prometheus specification schema" +type: object +properties: + config_directory: + type: string + storage: + type: object + properties: + data_directory: + type: string + config_flags: + type: array + items: + type: string + metrics_path: + type: string + scrape_interval: + type: string + scrape_timeout: + type: string + evaluation_interval: + type: string + remote_write: + type: array + items: + items: {} + remote_read: + type: array + items: + items: {} + alertmanager: + type: object + properties: + enable: + type: boolean + alert_rules: + type: object + properties: + common: + type: boolean + container: + type: boolean + kafka: + type: boolean + node: + type: boolean + postgresql: + type: boolean + prometheus: + type: boolean + config: + type: object + properties: + global: + type: object + properties: + resolve_timeout: + type: string + smtp_from: + type: string + smtp_smarthost: + type: string + smtp_auth_username: + type: string + smtp_auth_password: + type: string + smtp_require_tls: + type: boolean + route: + type: object + properties: + group_by: + type: array + items: + type: string + group_wait: + type: string + group_interval: + type: string + repeat_interval: + type: string + receiver: + type: string + routes: + type: array + items: + type: object + properties: + match_re: + type: object + properties: + severity: + type: string + receiver: + type: string + continue: + type: boolean + receivers: + type: array + items: + type: object + properties: + name: + type: string + email_configs: + type: array + items: + type: object + properties: + to: + type: string + slack_configs: + type: array + items: + type: object + properties: + api_url: + type: string + pagerduty_configs: + type: array + items: + type: object + properties: + service_key: + type: string + opsgenie_config: + type: object + properties: + api_key: + type: string + api_url: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/rabbitmq.yml b/core/src/epicli/data/common/validation/configuration/rabbitmq.yml index 89807aa970..2fdd3acb01 100644 --- a/core/src/epicli/data/common/validation/configuration/rabbitmq.yml +++ b/core/src/epicli/data/common/validation/configuration/rabbitmq.yml @@ -1 +1,38 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Rabbitmq specification schema" +description: "Rabbitmq specification schema" +type: object +properties: + rabbitmq_user: + type: string + rabbitmq_group: + type: string + stop_service: + type: boolean + logrotate_period: + type: string + logrotate_number: + type: integer + ulimit_open_files: + type: integer + amqp_port: + type: integer + rabbitmq_use_longname: + type: string + rabbitmq_policies: + type: array + items: + items: {} + rabbitmq_plugins: + type: array + items: + items: {} + custom_configurations: + type: array + items: + items: {} + cluster: + type: object + properties: + is_clustered: + type: boolean diff --git a/core/src/epicli/data/common/validation/configuration/repository.yml b/core/src/epicli/data/common/validation/configuration/repository.yml index 89807aa970..319bbe7b42 100644 --- a/core/src/epicli/data/common/validation/configuration/repository.yml +++ b/core/src/epicli/data/common/validation/configuration/repository.yml @@ -1 +1,27 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Repository specification schema" +description: "Repository specification schema" +type: object +properties: + description: + type: string + download_done_flag_expire_minutes: + type: integer + apache_epirepo_path: + type: string + teardown: + type: object + properties: + disable_http_server: + type: boolean + remove: + type: object + properties: + files: + type: boolean + helm_charts: + type: boolean + images: + type: boolean + packages: + type: boolean diff --git a/core/src/epicli/data/common/validation/configuration/shared-config.yml b/core/src/epicli/data/common/validation/configuration/shared-config.yml index 89807aa970..0dfb1a8f9b 100644 --- a/core/src/epicli/data/common/validation/configuration/shared-config.yml +++ b/core/src/epicli/data/common/validation/configuration/shared-config.yml @@ -1 +1,19 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Shared-config specification schema" +description: "Shared-config specification schema" +type: object +properties: + custom_repository_url: + type: string + custom_image_registry_address: + type: string + download_directory: + type: string + vault_location: + type: string + vault_tmp_file_location: + type: string + use_ha_control_plane: + type: boolean + promote_to_ha: + type: boolean diff --git a/core/src/epicli/data/common/validation/configuration/vault.yml b/core/src/epicli/data/common/validation/configuration/vault.yml index 89807aa970..93d5c1b606 100644 --- a/core/src/epicli/data/common/validation/configuration/vault.yml +++ b/core/src/epicli/data/common/validation/configuration/vault.yml @@ -1 +1,100 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Vault specification schema" +description: "Vault specification schema" +type: object +properties: + vault_enabled: + type: boolean + vault_system_user: + type: string + vault_system_group: + type: string + enable_vault_audit_logs: + type: boolean + enable_vault_ui: + type: boolean + vault_script_autounseal: + type: boolean + vault_script_autoconfiguration: + type: boolean + tls_disable: + type: boolean + kubernetes_integration: + type: boolean + kubernetes_configuration: + type: boolean + kubernetes_namespace: + type: string + enable_vault_kubernetes_authentication: + type: boolean + app_secret_path: + type: string + revoke_root_token: + type: boolean + secret_mount_path: + type: string + vault_token_cleanup: + type: boolean + vault_install_dir: + type: string + vault_log_level: + type: string + override_existing_vault_users: + type: boolean + certificate_name: + type: string + private_key_name: + type: string + selfsigned_certificate: + type: object + properties: + country: + type: string + state: + type: string + city: + type: string + company: + type: string + common_name: + type: string + vault_tls_valid_days: + type: integer + vault_users: + type: array + items: + type: object + properties: + name: + type: string + policy: + type: string + files: + type: object + properties: + vault_helm_chart_file_name: + type: string + vault_helm_chart_values: + type: object + properties: + injector: + type: object + properties: + image: + type: object + properties: + repository: + type: string + agentImage: + type: object + properties: + repository: + type: string + server: + type: object + properties: + image: + type: object + properties: + repository: + type: string diff --git a/core/src/epicli/data/common/validation/configuration/zookeeper.yml b/core/src/epicli/data/common/validation/configuration/zookeeper.yml index 89807aa970..eab86b2f04 100644 --- a/core/src/epicli/data/common/validation/configuration/zookeeper.yml +++ b/core/src/epicli/data/common/validation/configuration/zookeeper.yml @@ -1 +1,10 @@ -$ref: '#/definitions/unvalidated_specification' \ No newline at end of file +"$id": "#/specification" +title: "Zookeeper specification schema" +description: "Zookeeper specification schema" +type: object +properties: + static_config_file: + type: object + properties: + configurable_block: + type: string