diff --git a/instance-applications/130-ibm-mas-suite/templates/05-postsync-add-label_Job.yaml b/instance-applications/130-ibm-mas-suite/templates/05-postsync-add-label_Job.yaml index 6a06ba385..30a5d266f 100644 --- a/instance-applications/130-ibm-mas-suite/templates/05-postsync-add-label_Job.yaml +++ b/instance-applications/130-ibm-mas-suite/templates/05-postsync-add-label_Job.yaml @@ -11,6 +11,8 @@ metadata: namespace: mas-{{ .Values.instance_id }}-core annotations: argocd.argoproj.io/sync-wave: "140" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation {{- if .Values.custom_labels }} labels: {{ .Values.custom_labels | toYaml | indent 4 }} @@ -33,6 +35,8 @@ metadata: namespace: mas-{{ .Values.instance_id }}-core annotations: argocd.argoproj.io/sync-wave: "140" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation {{- if .Values.custom_labels }} labels: {{ .Values.custom_labels | toYaml | indent 4 }} @@ -46,6 +50,8 @@ metadata: name: mas-route-prereq-role-{{ .Values.instance_id }} annotations: argocd.argoproj.io/sync-wave: "140" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation {{- if .Values.custom_labels }} labels: {{ .Values.custom_labels | toYaml | indent 4 }} @@ -75,7 +81,8 @@ metadata: name: mas-route-prereq-rb-{{ .Values.instance_id }} annotations: argocd.argoproj.io/sync-wave: "141" - + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation {{- if .Values.custom_labels }} labels: {{ .Values.custom_labels | toYaml | indent 4 }} @@ -97,6 +104,8 @@ metadata: namespace: mas-{{ .Values.instance_id }}-core annotations: argocd.argoproj.io/sync-wave: "142" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation {{- if .Values.custom_labels }} labels: {{ .Values.custom_labels | toYaml | indent 4 }} diff --git a/instance-applications/220-ibm-mas-workspace/templates/05-postsync-add-label_Job.yaml b/instance-applications/220-ibm-mas-workspace/templates/05-postsync-add-label_Job.yaml new file mode 100644 index 000000000..9eecd1a5f --- /dev/null +++ b/instance-applications/220-ibm-mas-workspace/templates/05-postsync-add-label_Job.yaml @@ -0,0 +1,186 @@ +{{- if .Values.ingress }} + +{{ $job_label := "mas-ws-route-patch" }} +--- +# Permit outbound communication by the Job pods +# (Needed to communicate with the K8S HTTP API and AWS SM) +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: mas-ws-route-np + namespace: mas-{{ .Values.instance_id }}-core + annotations: + argocd.argoproj.io/sync-wave: "221" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation +{{- if .Values.custom_labels }} + labels: +{{ .Values.custom_labels | toYaml | indent 4 }} +{{- end }} +spec: + podSelector: + matchLabels: + app: {{ $job_label }} + egress: + - {} + policyTypes: + - Egress + + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: mas-ws-route-sa + namespace: mas-{{ .Values.instance_id }}-core + annotations: + argocd.argoproj.io/sync-wave: "221" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation +{{- if .Values.custom_labels }} + labels: +{{ .Values.custom_labels | toYaml | indent 4 }} +{{- end }} + + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: mas-ws-route-prereq-role-{{ .Values.instance_id }} + namespace: mas-{{ .Values.instance_id }}-core + annotations: + argocd.argoproj.io/sync-wave: "221" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation +{{- if .Values.custom_labels }} + labels: +{{ .Values.custom_labels | toYaml | indent 4 }} +{{- end }} +rules: + - verbs: + - get + - list + - patch + apiGroups: + - "route.openshift.io" + resources: + - routes + - verbs: + - get + - list + apiGroups: + - core.mas.ibm.com + resources: + - workspaces + + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: mas-ws-route-prereq-rb-{{ .Values.instance_id }} + namespace: mas-{{ .Values.instance_id }}-core + annotations: + argocd.argoproj.io/sync-wave: "222" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation +{{- if .Values.custom_labels }} + labels: +{{ .Values.custom_labels | toYaml | indent 4 }} +{{- end }} +subjects: + - kind: ServiceAccount + name: mas-ws-route-sa + namespace: mas-{{ .Values.instance_id }}-core +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: mas-ws-route-prereq-role-{{ .Values.instance_id }} + +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: "mas-ws-route-patch-v1-{{ .Values | toYaml | adler32sum }}" + namespace: mas-{{ .Values.instance_id }}-core + annotations: + argocd.argoproj.io/sync-wave: "223" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation +{{- if .Values.custom_labels }} + labels: +{{ .Values.custom_labels | toYaml | indent 4 }} +{{- end }} +spec: + template: + metadata: + labels: + app: {{ $job_label }} +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} + spec: + containers: + - name: run + image: quay.io/ibmmas/cli:latest + imagePullPolicy: IfNotPresent + resources: + limits: + cpu: 200m + memory: 512Mi + requests: + cpu: 10m + memory: 64Mi + env: + - name: SUITE_NAMESPACE + value: mas-{{ .Values.instance_id }}-core + command: + - /bin/sh + - -c + - | + + set -e + echo + echo "================================================================================" + echo "Wait for Suite Workspace Routes to be ready and add label type=external to routes" + echo "================================================================================" + echo + + echo "Wait for Suite Workspace Routes to be ready" + wait_period=0 + while true; do + wait_period=$(($wait_period+60)) + if [ $wait_period -gt 3600 ]; then + echo "Suite Workspace Routes is not ready after 20 minutes of waiting. exiting..." + exit 1 + else + sleep 60 + fi + + + SUITE_WORKSPACE_NAME=$(oc get Workspace -n $SUITE_NAMESPACE -o NAME) + echo "SUITE_WORKSPACE_NAME == ${SUITE_WORKSPACE_NAME}" + + export READY=$(oc get ${SUITE_WORKSPACE_NAME} -n ${SUITE_NAMESPACE} -o=jsonpath="{.status.conditions[?(@.type=='Ready')].status}") + echo "READY == ${READY}" + + if [[ "${READY}" == "True" ]]; then + echo "Suite Workspace Routes are now in ready status" + break + fi + done + + export routes=$(oc get routes -n ${SUITE_NAMESPACE} -o jsonpath='{range .items[*]}{.metadata.name}{"\n"}{end}') + echo "Add label to routes updated ${routes}" + + for route in $routes; do + echo "Adding label to route - ${route}" + oc patch route/${route} -p '{"metadata":{"labels":{"type":"external"}}}' + done + restartPolicy: Never + serviceAccountName: "mas-ws-route-sa" + backoffLimit: 4 + +{{- end }} + diff --git a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-add-label_Job.yaml b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-add-label_Job.yaml index b985bb9ca..edc6e0cff 100644 --- a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-add-label_Job.yaml +++ b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-add-label_Job.yaml @@ -13,6 +13,8 @@ metadata: namespace: {{ $ns }} annotations: argocd.argoproj.io/sync-wave: "600" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation {{- if .Values.custom_labels }} labels: {{ .Values.custom_labels | toYaml | indent 4 }} @@ -35,6 +37,8 @@ metadata: namespace: {{ $ns }} annotations: argocd.argoproj.io/sync-wave: "600" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation {{- if .Values.custom_labels }} labels: {{ .Values.custom_labels | toYaml | indent 4 }} @@ -48,6 +52,8 @@ metadata: name: mas-app-route-prereq-role-{{ .Values.instance_id }}-{{ .Values.mas_app_id }} annotations: argocd.argoproj.io/sync-wave: "600" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation {{- if .Values.custom_labels }} labels: {{ .Values.custom_labels | toYaml | indent 4 }} @@ -88,7 +94,8 @@ metadata: name: mas-app-route-prereq-rb-{{ .Values.instance_id }}-{{ .Values.mas_app_id }} annotations: argocd.argoproj.io/sync-wave: "601" - + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation {{- if .Values.custom_labels }} labels: {{ .Values.custom_labels | toYaml | indent 4 }} @@ -110,6 +117,8 @@ metadata: namespace: {{ $ns }} annotations: argocd.argoproj.io/sync-wave: "604" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded,BeforeHookCreation {{- if .Values.custom_labels }} labels: {{ .Values.custom_labels | toYaml | indent 4 }} diff --git a/root-applications/ibm-mas-instance-root/templates/200-ibm-mas-workspaces.yaml b/root-applications/ibm-mas-instance-root/templates/200-ibm-mas-workspaces.yaml index c6775b39e..f5e5dffb7 100644 --- a/root-applications/ibm-mas-instance-root/templates/200-ibm-mas-workspaces.yaml +++ b/root-applications/ibm-mas-instance-root/templates/200-ibm-mas-workspaces.yaml @@ -41,6 +41,7 @@ spec: instance_id: "{{ $.Values.instance.id }}" mas_workspace_id: "{{ $value.mas_workspace_id }}" mas_workspace_name: "{{ $value.mas_workspace_name }}" + ingress: "{{ $.Values.ibm_mas_suite.ingress }}" {{- if $.Values.custom_labels }} custom_labels: {{ $.Values.custom_labels | toYaml | nindent 14 }} {{- end }}