From 047d534bcfa0ca416e6b94861f04941fa075c1bf Mon Sep 17 00:00:00 2001 From: jdorsch Date: Thu, 30 Nov 2023 10:18:03 +0100 Subject: [PATCH 01/10] added reloaded for status --- deploy/k8s/config/templates/cm.common.yaml | 2 ++ deploy/k8s/status/templates/cm.status.yaml | 2 ++ deploy/k8s/status/templates/deploy.status.yaml | 2 ++ 3 files changed, 6 insertions(+) diff --git a/deploy/k8s/config/templates/cm.common.yaml b/deploy/k8s/config/templates/cm.common.yaml index 3642a284..6cd9030f 100644 --- a/deploy/k8s/config/templates/cm.common.yaml +++ b/deploy/k8s/config/templates/cm.common.yaml @@ -33,3 +33,5 @@ kind: ConfigMap metadata: name: common-env-file namespace: {{ .Values.global.namespace }} + annotations: + reloader.stakater.com/match: "true" diff --git a/deploy/k8s/status/templates/cm.status.yaml b/deploy/k8s/status/templates/cm.status.yaml index 68536723..50d9d1b7 100644 --- a/deploy/k8s/status/templates/cm.status.yaml +++ b/deploy/k8s/status/templates/cm.status.yaml @@ -7,3 +7,5 @@ kind: ConfigMap metadata: name: status-env-file namespace: {{ .Values.global.namespace }} + annotations: + reloader.stakater.com/match: "true" \ No newline at end of file diff --git a/deploy/k8s/status/templates/deploy.status.yaml b/deploy/k8s/status/templates/deploy.status.yaml index b7f6dee2..42f2f87f 100644 --- a/deploy/k8s/status/templates/deploy.status.yaml +++ b/deploy/k8s/status/templates/deploy.status.yaml @@ -3,6 +3,8 @@ kind: Deployment metadata: name: deploy-status namespace: {{ .Values.global.namespace }} + annotations: + configmap.reloader.stakater.com/reload: "status-env-file, common-env-file" spec: replicas: 1 selector: From 4f3f8cd29842fa82e76de3f19ab6392187fcfd4b Mon Sep 17 00:00:00 2001 From: jdorsch Date: Thu, 30 Nov 2023 19:17:55 +0100 Subject: [PATCH 02/10] added secret reload --- deploy/k8s/certificator/templates/cm.certificator.yaml | 2 ++ deploy/k8s/certificator/templates/deploy.certificator.yaml | 5 +++++ deploy/k8s/compute/templates/cm.compute.yaml | 2 ++ deploy/k8s/compute/templates/deploy.compute.yaml | 4 ++++ deploy/k8s/status/templates/deploy.status.yaml | 4 +++- deploy/k8s/storage/templates/cm.storage.yaml | 2 ++ deploy/k8s/storage/templates/deploy.storage.yaml | 5 +++++ deploy/k8s/tasks/templates/cm.tasks.yaml | 2 ++ deploy/k8s/tasks/templates/deploy.tasks.yaml | 5 +++++ deploy/k8s/utilities/templates/cm.utilities.yaml | 2 ++ deploy/k8s/utilities/templates/deploy.utilities.yaml | 4 ++++ 11 files changed, 36 insertions(+), 1 deletion(-) diff --git a/deploy/k8s/certificator/templates/cm.certificator.yaml b/deploy/k8s/certificator/templates/cm.certificator.yaml index 279edbe0..6139ac19 100644 --- a/deploy/k8s/certificator/templates/cm.certificator.yaml +++ b/deploy/k8s/certificator/templates/cm.certificator.yaml @@ -10,3 +10,5 @@ kind: ConfigMap metadata: name: certificator-env-file namespace: {{ .Values.global.namespace }} + annotations: + reloader.stakater.com/match: "true" diff --git a/deploy/k8s/certificator/templates/deploy.certificator.yaml b/deploy/k8s/certificator/templates/deploy.certificator.yaml index e61f1663..cb8d0625 100644 --- a/deploy/k8s/certificator/templates/deploy.certificator.yaml +++ b/deploy/k8s/certificator/templates/deploy.certificator.yaml @@ -5,6 +5,11 @@ items: metadata: name: deploy-certificator namespace: {{ .Values.global.namespace }} + {{ if ne .Values.global.environment "dev" }} + annotations: + configmap.reloader.stakater.com/reload: "certificator-env-file,common-env-file" + secret.reloader.stakater.com/reload: "firecrest-ca-key-secret" + {{ end }} spec: selector: matchLabels: diff --git a/deploy/k8s/compute/templates/cm.compute.yaml b/deploy/k8s/compute/templates/cm.compute.yaml index 94f9a08d..0394e9fd 100644 --- a/deploy/k8s/compute/templates/cm.compute.yaml +++ b/deploy/k8s/compute/templates/cm.compute.yaml @@ -9,3 +9,5 @@ kind: ConfigMap metadata: name: compute-env-file namespace: {{ .Values.global.namespace }} + annotations: + reloader.stakater.com/match: "true" diff --git a/deploy/k8s/compute/templates/deploy.compute.yaml b/deploy/k8s/compute/templates/deploy.compute.yaml index 66e014ea..e805e2c6 100644 --- a/deploy/k8s/compute/templates/deploy.compute.yaml +++ b/deploy/k8s/compute/templates/deploy.compute.yaml @@ -3,6 +3,10 @@ kind: Deployment metadata: name: deploy-compute namespace: {{ .Values.global.namespace }} + {{ if ne .Values.global.environment "dev" }} + annotations: + configmap.reloader.stakater.com/reload: "compute-env-file,common-env-file" + {{ end }} spec: replicas: 1 selector: diff --git a/deploy/k8s/status/templates/deploy.status.yaml b/deploy/k8s/status/templates/deploy.status.yaml index 42f2f87f..f1df2699 100644 --- a/deploy/k8s/status/templates/deploy.status.yaml +++ b/deploy/k8s/status/templates/deploy.status.yaml @@ -3,8 +3,10 @@ kind: Deployment metadata: name: deploy-status namespace: {{ .Values.global.namespace }} + {{ if ne .Values.global.environment "dev" }} annotations: - configmap.reloader.stakater.com/reload: "status-env-file, common-env-file" + configmap.reloader.stakater.com/reload: "status-env-file,common-env-file" + {{ end }} spec: replicas: 1 selector: diff --git a/deploy/k8s/storage/templates/cm.storage.yaml b/deploy/k8s/storage/templates/cm.storage.yaml index bf31e49f..ae4fb9dc 100644 --- a/deploy/k8s/storage/templates/cm.storage.yaml +++ b/deploy/k8s/storage/templates/cm.storage.yaml @@ -28,3 +28,5 @@ kind: ConfigMap metadata: name: storage-env-file namespace: {{ .Values.global.namespace }} + annotations: + reloader.stakater.com/match: "true" diff --git a/deploy/k8s/storage/templates/deploy.storage.yaml b/deploy/k8s/storage/templates/deploy.storage.yaml index a06933cd..a5128ecc 100644 --- a/deploy/k8s/storage/templates/deploy.storage.yaml +++ b/deploy/k8s/storage/templates/deploy.storage.yaml @@ -3,6 +3,11 @@ kind: Deployment metadata: name: deploy-storage namespace: {{ .Values.global.namespace }} + {{ if ne .Values.global.environment "dev" }} + annotations: + configmap.reloader.stakater.com/reload: "storage-env-file,common-env-file" + secret.reloader.stakater.com/reload: "firecrest-common-secrets" + {{ end }} spec: replicas: 1 selector: diff --git a/deploy/k8s/tasks/templates/cm.tasks.yaml b/deploy/k8s/tasks/templates/cm.tasks.yaml index 81117e91..7f6bcb5b 100644 --- a/deploy/k8s/tasks/templates/cm.tasks.yaml +++ b/deploy/k8s/tasks/templates/cm.tasks.yaml @@ -9,3 +9,5 @@ kind: ConfigMap metadata: name: tasks-env-file namespace: {{ .Values.global.namespace }} + annotations: + reloader.stakater.com/match: "true" diff --git a/deploy/k8s/tasks/templates/deploy.tasks.yaml b/deploy/k8s/tasks/templates/deploy.tasks.yaml index 976da5a3..1d8a8ba9 100644 --- a/deploy/k8s/tasks/templates/deploy.tasks.yaml +++ b/deploy/k8s/tasks/templates/deploy.tasks.yaml @@ -3,6 +3,11 @@ kind: Deployment metadata: name: deploy-tasks namespace: {{ .Values.global.namespace }} + {{ if ne .Values.global.environment "dev" }} + annotations: + configmap.reloader.stakater.com/reload: "tasks-env-file,common-env-file" + secret.reloader.stakater.com/reload: "firecrest-common-secrets" + {{ end }} spec: replicas: 1 selector: diff --git a/deploy/k8s/utilities/templates/cm.utilities.yaml b/deploy/k8s/utilities/templates/cm.utilities.yaml index cb72a811..2e203e23 100644 --- a/deploy/k8s/utilities/templates/cm.utilities.yaml +++ b/deploy/k8s/utilities/templates/cm.utilities.yaml @@ -5,3 +5,5 @@ kind: ConfigMap metadata: name: utilities-env-file namespace: {{ .Values.global.namespace }} + annotations: + reloader.stakater.com/match: "true" diff --git a/deploy/k8s/utilities/templates/deploy.utilities.yaml b/deploy/k8s/utilities/templates/deploy.utilities.yaml index 0f6a5ad0..50eb7ff2 100644 --- a/deploy/k8s/utilities/templates/deploy.utilities.yaml +++ b/deploy/k8s/utilities/templates/deploy.utilities.yaml @@ -3,6 +3,10 @@ kind: Deployment metadata: name: deploy-utilities namespace: {{ .Values.global.namespace }} + {{ if ne .Values.global.environment "dev" }} + annotations: + configmap.reloader.stakater.com/reload: "utilities-env-file,common-env-file" + {{ end }} spec: replicas: 1 selector: From 0c1eb6fa33dff4c68dc8dea18393ddc9db5571f4 Mon Sep 17 00:00:00 2001 From: jdorsch Date: Fri, 1 Dec 2023 16:52:38 +0100 Subject: [PATCH 03/10] changed auth variables --- deploy/k8s/config/templates/cm.common.yaml | 6 ++++-- deploy/k8s/kong/templates/cm.kong.yaml | 16 +++++++++++----- deploy/k8s/kong/templates/deploy.kong.yaml | 4 ++++ deploy/k8s/values-dev.yaml | 12 ++++++------ 4 files changed, 25 insertions(+), 13 deletions(-) diff --git a/deploy/k8s/config/templates/cm.common.yaml b/deploy/k8s/config/templates/cm.common.yaml index 6cd9030f..83a9a7b3 100644 --- a/deploy/k8s/config/templates/cm.common.yaml +++ b/deploy/k8s/config/templates/cm.common.yaml @@ -18,8 +18,10 @@ data: F7T_JAEGER_AGENT: "{{ .Values.F7T_JAEGER_AGENT }}" F7T_KONG_URL: "{{ .Values.F7T_KONG_URL }}" F7T_OBJECT_STORAGE: "{{ .Values.F7T_OBJECT_STORAGE }}" - F7T_REALM_RSA_PUBLIC_KEY: "{{ .Values.global.F7T_AUTH_REALM_PUBKEY }}" - F7T_REALM_RSA_TYPE: "{{ .Values.global.F7T_AUTH_REALM_TYPE }}" + {{- range .Values.global.auth }} + F7T_REALM_RSA_PUBLIC_KEY: "{{ .F7T_AUTH_REALM_PUBKEY }};" + {{- end }} + F7T_REALM_RSA_TYPE: "{{ .Values.global.auth.F7T_AUTH_REALM_TYPE }}" F7T_SSH_CERTIFICATE_WRAPPER: "{{ .Values.F7T_SSH_CERTIFICATE_WRAPPER }}" F7T_SSL_CRT: "{{ .Values.F7T_SSL_CRT }}" F7T_SSL_KEY: "{{ .Values.F7T_SSL_KEY }}" diff --git a/deploy/k8s/kong/templates/cm.kong.yaml b/deploy/k8s/kong/templates/cm.kong.yaml index bceab0df..bd87251c 100644 --- a/deploy/k8s/kong/templates/cm.kong.yaml +++ b/deploy/k8s/kong/templates/cm.kong.yaml @@ -5,6 +5,8 @@ items: metadata: name: f7t-kong namespace: {{ .Values.global.namespace }} + annotations: + reloader.stakater.com/match: "true" data: kong.yaml: | _format_version: "1.1" @@ -50,12 +52,16 @@ items: - username: docs custom_id: docs + {{- range .Values.global.auth }} + jwt_secrets: - - consumer: firecrest - key: "{{ .Values.global.F7T_AUTH_URL }}/auth/realms/{{ .Values.global.F7T_AUTH_REALM }}" - algorithm: "{{ .Values.global.F7T_AUTH_REALM_TYPE }}" - rsa_public_key: "-----BEGIN PUBLIC KEY-----\n{{ .Values.global.F7T_AUTH_REALM_PUBKEY }}\n-----END PUBLIC KEY-----" - + - key: "{{ .F7T_AUTH_URL }}/auth/realms/{{ .F7T_AUTH_REALM }}" + algorithm: "{{ .F7T_AUTH_REALM_TYPE }}" + rsa_public_key: "-----BEGIN PUBLIC KEY-----\n{{ .F7T_AUTH_REALM_PUBKEY }}\n-----END PUBLIC KEY-----" + username: "{{ .username }}" + + {{- end }} + routes: - name: reject # rejects any undefined route with 'request-termination' plugin diff --git a/deploy/k8s/kong/templates/deploy.kong.yaml b/deploy/k8s/kong/templates/deploy.kong.yaml index 19528584..92d91329 100644 --- a/deploy/k8s/kong/templates/deploy.kong.yaml +++ b/deploy/k8s/kong/templates/deploy.kong.yaml @@ -3,6 +3,10 @@ kind: Deployment metadata: name: deploy-kong namespace: {{ .Values.global.namespace }} + {{ if ne .Values.global.environment "dev" }} + annotations: + configmap.reloader.stakater.com/reload: "f7t-kong,common-env-file" + {{ end }} spec: replicas: 1 selector: diff --git a/deploy/k8s/values-dev.yaml b/deploy/k8s/values-dev.yaml index 7661b772..4c84cdff 100644 --- a/deploy/k8s/values-dev.yaml +++ b/deploy/k8s/values-dev.yaml @@ -19,8 +19,6 @@ F7T_JAEGER_AGENT: svc-jaeger F7T_KONG_URL: http://svc-kong:8000 F7T_BASE_URL: http://svc-kong:8000 F7T_OBJECT_STORAGE: s3v4 -F7T_REALM_RSA_PUBLIC_KEY: 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB44q32bQp8LbyW6dQvgsjseXESkLT1g5LQKGb+P79AC+nOAtxhn8i/kmgc6zsQH8NlUtNJruLxlzdo2/OGmlDGYZH1x6VmAwvJPJ4er0xPUrvZ8YclxYQC16PY5LFiQRNBMRyQwP5Kne1O46FpmADFVWMfoabdnaqoXexxB56b25o8tE2ulRBgfpnrRgZAvf7kWjugRCNO06FV074FVMYHA1aBk0ICyaFCDM/Tb5oaDyGr5c/ZvdrRUrw8vaiYyMgaAnnJPL75cebGoHeMJaEyZalsHA+iuhRAfeAwpSClsmhVqnfH7a7hqrqumVRo27dydqmfVgpFjU5gbFcBZ5wIDAQAB' -F7T_REALM_RSA_TYPE: RS256 F7T_RESERVATIONS_URL: https://svc-reservations:5005 F7T_SSH_CERTIFICATE_WRAPPER: True F7T_SSL_CRT: /f7t-ssl.crt @@ -93,7 +91,9 @@ global: F7T_UTILITIES_HOST: "https://svc-utilities" F7T_RESERVATIONS_PORT: "5005" F7T_RESERVATIONS_HOST: "https://svc-reservations" - F7T_AUTH_URL: "http://svc-keycloak:8080" - F7T_AUTH_REALM: "kcrealm" - F7T_AUTH_REALM_PUBKEY: 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB44q32bQp8LbyW6dQvgsjseXESkLT1g5LQKGb+P79AC+nOAtxhn8i/kmgc6zsQH8NlUtNJruLxlzdo2/OGmlDGYZH1x6VmAwvJPJ4er0xPUrvZ8YclxYQC16PY5LFiQRNBMRyQwP5Kne1O46FpmADFVWMfoabdnaqoXexxB56b25o8tE2ulRBgfpnrRgZAvf7kWjugRCNO06FV074FVMYHA1aBk0ICyaFCDM/Tb5oaDyGr5c/ZvdrRUrw8vaiYyMgaAnnJPL75cebGoHeMJaEyZalsHA+iuhRAfeAwpSClsmhVqnfH7a7hqrqumVRo27dydqmfVgpFjU5gbFcBZ5wIDAQAB' - F7T_AUTH_REALM_TYPE: "RS256" \ No newline at end of file + auth: + - username: kc-demo + F7T_AUTH_URL: "http://svc-keycloak:8080" + F7T_AUTH_REALM: "kcrealm" + F7T_AUTH_REALM_PUBKEY: 'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB44q32bQp8LbyW6dQvgsjseXESkLT1g5LQKGb+P79AC+nOAtxhn8i/kmgc6zsQH8NlUtNJruLxlzdo2/OGmlDGYZH1x6VmAwvJPJ4er0xPUrvZ8YclxYQC16PY5LFiQRNBMRyQwP5Kne1O46FpmADFVWMfoabdnaqoXexxB56b25o8tE2ulRBgfpnrRgZAvf7kWjugRCNO06FV074FVMYHA1aBk0ICyaFCDM/Tb5oaDyGr5c/ZvdrRUrw8vaiYyMgaAnnJPL75cebGoHeMJaEyZalsHA+iuhRAfeAwpSClsmhVqnfH7a7hqrqumVRo27dydqmfVgpFjU5gbFcBZ5wIDAQAB' + F7T_AUTH_REALM_TYPE: "RS256" \ No newline at end of file From 3ee4cf0ec77b5d1432a3ed010b159b818187ce0b Mon Sep 17 00:00:00 2001 From: jdorsch Date: Fri, 1 Dec 2023 17:00:06 +0100 Subject: [PATCH 04/10] changed cm.common for RSA_TYPE --- deploy/k8s/config/templates/cm.common.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/deploy/k8s/config/templates/cm.common.yaml b/deploy/k8s/config/templates/cm.common.yaml index 83a9a7b3..5a776edc 100644 --- a/deploy/k8s/config/templates/cm.common.yaml +++ b/deploy/k8s/config/templates/cm.common.yaml @@ -21,7 +21,9 @@ data: {{- range .Values.global.auth }} F7T_REALM_RSA_PUBLIC_KEY: "{{ .F7T_AUTH_REALM_PUBKEY }};" {{- end }} - F7T_REALM_RSA_TYPE: "{{ .Values.global.auth.F7T_AUTH_REALM_TYPE }}" + {{- range .Values.global.auth }} + F7T_REALM_RSA_TYPE: "{{ .F7T_AUTH_REALM_TYPE }}" + {{- end }} F7T_SSH_CERTIFICATE_WRAPPER: "{{ .Values.F7T_SSH_CERTIFICATE_WRAPPER }}" F7T_SSL_CRT: "{{ .Values.F7T_SSL_CRT }}" F7T_SSL_KEY: "{{ .Values.F7T_SSL_KEY }}" From 7ab27fe5bca8320a24848fb0b17999507638fe89 Mon Sep 17 00:00:00 2001 From: jdorsch Date: Fri, 1 Dec 2023 17:44:56 +0100 Subject: [PATCH 05/10] added consumer from template --- deploy/k8s/kong/templates/cm.kong.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/deploy/k8s/kong/templates/cm.kong.yaml b/deploy/k8s/kong/templates/cm.kong.yaml index bd87251c..9c2f5996 100644 --- a/deploy/k8s/kong/templates/cm.kong.yaml +++ b/deploy/k8s/kong/templates/cm.kong.yaml @@ -47,8 +47,11 @@ items: credentials: false max_age: 3600 consumers: - - username: firecrest - custom_id: firecrest + {{- range .Values.global.auth }} + - username: "{{ .username }}" + custom_id: "{{ .username }}" + {{- end }} + - username: docs custom_id: docs From 4933b105840aa71a9a99df0c9cce46e35cf5be25 Mon Sep 17 00:00:00 2001 From: jdorsch Date: Fri, 1 Dec 2023 18:05:38 +0100 Subject: [PATCH 06/10] changed consumers/jwt in kong --- deploy/k8s/kong/templates/cm.kong.yaml | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/deploy/k8s/kong/templates/cm.kong.yaml b/deploy/k8s/kong/templates/cm.kong.yaml index 9c2f5996..e80b4b2c 100644 --- a/deploy/k8s/kong/templates/cm.kong.yaml +++ b/deploy/k8s/kong/templates/cm.kong.yaml @@ -46,24 +46,20 @@ items: - Content-Type credentials: false max_age: 3600 + consumers: {{- range .Values.global.auth }} - - username: "{{ .username }}" - custom_id: "{{ .username }}" + - jwt_secrets: + - key: "{{ .F7T_AUTH_URL }}/auth/realms/{{ .F7T_AUTH_REALM }}" + algorithm: "{{ .F7T_AUTH_REALM_TYPE }}" + rsa_public_key: "-----BEGIN PUBLIC KEY-----\n{{ .F7T_AUTH_REALM_PUBKEY }}\n-----END PUBLIC KEY-----" + username: "{{ .username }}" {{- end }} - + - username: docs custom_id: docs - {{- range .Values.global.auth }} - - jwt_secrets: - - key: "{{ .F7T_AUTH_URL }}/auth/realms/{{ .F7T_AUTH_REALM }}" - algorithm: "{{ .F7T_AUTH_REALM_TYPE }}" - rsa_public_key: "-----BEGIN PUBLIC KEY-----\n{{ .F7T_AUTH_REALM_PUBKEY }}\n-----END PUBLIC KEY-----" - username: "{{ .username }}" - - {{- end }} + routes: - name: reject From 9597d5720aa54ad1f7a4fd71674a065457810607 Mon Sep 17 00:00:00 2001 From: jdorsch Date: Mon, 4 Dec 2023 11:48:34 +0100 Subject: [PATCH 07/10] fixed kong configmap for consumers --- deploy/k8s/kong/templates/cm.kong.yaml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/deploy/k8s/kong/templates/cm.kong.yaml b/deploy/k8s/kong/templates/cm.kong.yaml index e80b4b2c..ebc4cf64 100644 --- a/deploy/k8s/kong/templates/cm.kong.yaml +++ b/deploy/k8s/kong/templates/cm.kong.yaml @@ -49,18 +49,20 @@ items: consumers: {{- range .Values.global.auth }} - - jwt_secrets: - - key: "{{ .F7T_AUTH_URL }}/auth/realms/{{ .F7T_AUTH_REALM }}" - algorithm: "{{ .F7T_AUTH_REALM_TYPE }}" - rsa_public_key: "-----BEGIN PUBLIC KEY-----\n{{ .F7T_AUTH_REALM_PUBKEY }}\n-----END PUBLIC KEY-----" - username: "{{ .username }}" + - username: {{ .username }} + custom_id: {{ .username }} {{- end }} - - username: docs custom_id: docs - - + {{- range .Values.global.auth }} + jwt_secrets: + - key: "{{ .F7T_AUTH_URL }}/auth/realms/{{ .F7T_AUTH_REALM }}" + algorithm: "{{ .F7T_AUTH_REALM_TYPE }}" + rsa_public_key: "-----BEGIN PUBLIC KEY-----\n{{ .F7T_AUTH_REALM_PUBKEY }}\n-----END PUBLIC KEY-----" + consumer: "{{ .username }}" + {{- end }} + routes: - name: reject # rejects any undefined route with 'request-termination' plugin From a76753f5e01eb6d2dc22deb761678248f691182e Mon Sep 17 00:00:00 2001 From: jdorsch Date: Mon, 4 Dec 2023 19:56:08 +0100 Subject: [PATCH 08/10] fixed wrong upper() conversion for F7T_S3_TENANT --- src/common/cscs_api_common.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/common/cscs_api_common.py b/src/common/cscs_api_common.py index b5a72a91..c6a9cb99 100644 --- a/src/common/cscs_api_common.py +++ b/src/common/cscs_api_common.py @@ -41,9 +41,9 @@ def get_boolean_var(var): # var <- object # returns -> value | None def get_null_var(var): - var = str(var).upper() + _var = str(var).upper() - return None if (len(var) == 0 or var == "NONE" or var == "NULL") else var + return None if (len(_var) == 0 or _var == "NONE" or _var == "NULL") else var DEBUG_MODE = get_boolean_var(os.environ.get("F7T_DEBUG_MODE", False)) From efb48f9bfb72f1d26f14792f0966208063a4c153 Mon Sep 17 00:00:00 2001 From: jdorsch Date: Tue, 5 Dec 2023 11:12:59 +0100 Subject: [PATCH 09/10] added _helpers for config public keys --- deploy/k8s/config/templates/_helpers.tpl | 15 +++++++++++++++ deploy/k8s/config/templates/cm.common.yaml | 8 ++------ deploy/k8s/tasks/templates/deploy.tasks.yaml | 9 +++++++-- 3 files changed, 24 insertions(+), 8 deletions(-) create mode 100644 deploy/k8s/config/templates/_helpers.tpl diff --git a/deploy/k8s/config/templates/_helpers.tpl b/deploy/k8s/config/templates/_helpers.tpl new file mode 100644 index 00000000..bc445d48 --- /dev/null +++ b/deploy/k8s/config/templates/_helpers.tpl @@ -0,0 +1,15 @@ +{{- define "list.listPubKeys" -}} +{{- $map := dict }} +{{- range .Values.global.auth }} +{{- $_ := set $map .F7T_AUTH_REALM_PUBKEY ""}} +{{- end }} +{{- keys $map | join ";" }} +{{- end }} + +{{- define "list.listPubKeyTypes" -}} +{{- $map := dict }} +{{- range .Values.global.auth }} +{{- $_ := set $map .F7T_AUTH_REALM_TYPE ""}} +{{- end }} +{{- keys $map | join ";" }} +{{- end }} \ No newline at end of file diff --git a/deploy/k8s/config/templates/cm.common.yaml b/deploy/k8s/config/templates/cm.common.yaml index 5a776edc..b218c5db 100644 --- a/deploy/k8s/config/templates/cm.common.yaml +++ b/deploy/k8s/config/templates/cm.common.yaml @@ -18,12 +18,8 @@ data: F7T_JAEGER_AGENT: "{{ .Values.F7T_JAEGER_AGENT }}" F7T_KONG_URL: "{{ .Values.F7T_KONG_URL }}" F7T_OBJECT_STORAGE: "{{ .Values.F7T_OBJECT_STORAGE }}" - {{- range .Values.global.auth }} - F7T_REALM_RSA_PUBLIC_KEY: "{{ .F7T_AUTH_REALM_PUBKEY }};" - {{- end }} - {{- range .Values.global.auth }} - F7T_REALM_RSA_TYPE: "{{ .F7T_AUTH_REALM_TYPE }}" - {{- end }} + F7T_REALM_RSA_PUBLIC_KEY: '{{ include "list.listPubKeys" . }}' + F7T_REALM_RSA_TYPE: '{{ include "list.listPubKeyTypes" . }}' F7T_SSH_CERTIFICATE_WRAPPER: "{{ .Values.F7T_SSH_CERTIFICATE_WRAPPER }}" F7T_SSL_CRT: "{{ .Values.F7T_SSL_CRT }}" F7T_SSL_KEY: "{{ .Values.F7T_SSL_KEY }}" diff --git a/deploy/k8s/tasks/templates/deploy.tasks.yaml b/deploy/k8s/tasks/templates/deploy.tasks.yaml index 1d8a8ba9..311e401e 100644 --- a/deploy/k8s/tasks/templates/deploy.tasks.yaml +++ b/deploy/k8s/tasks/templates/deploy.tasks.yaml @@ -46,7 +46,7 @@ spec: - mountPath: /var/log name: logs-endpoint - mountPath: /data - name: data-endpoint + name: redis-data - mountPath: /redis name: redis-config @@ -87,8 +87,13 @@ spec: volumes: - name: logs-endpoint emptyDir: {} - - name: data-endpoint + - name: redis-data + {{ if ne .Values.global.environment "dev" }} + persistentVolumeClaim: + claimName: firecrest-redis-pvc + {{ else }} emptyDir: {} + {{ end }} - name: redis-config configMap: name: f7t-redis From 252e8c72741f25f2150e22efa86552cc6b88e745 Mon Sep 17 00:00:00 2001 From: jdorsch Date: Fri, 8 Dec 2023 10:23:43 +0100 Subject: [PATCH 10/10] forcing conversion to string in TASK_EXP_TIME --- deploy/k8s/tasks/templates/cm.tasks.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/deploy/k8s/tasks/templates/cm.tasks.yaml b/deploy/k8s/tasks/templates/cm.tasks.yaml index 7f6bcb5b..57e7e28d 100644 --- a/deploy/k8s/tasks/templates/cm.tasks.yaml +++ b/deploy/k8s/tasks/templates/cm.tasks.yaml @@ -3,8 +3,8 @@ data: F7T_TASKS_PORT: "{{ .Values.F7T_TASKS_PORT }}" F7T_PERSISTENCE_IP: "{{ .Values.F7T_PERSISTENCE_IP }}" F7T_PERSIST_PORT: "{{ .Values.F7T_PERSIST_PORT }}" - F7T_COMPUTE_TASK_EXP_TIME: "{{ .Values.F7T_COMPUTE_TASK_EXP_TIME }}" - F7T_STORAGE_TASK_EXP_TIME: "{{ .Values.F7T_STORAGE_TASK_EXP_TIME }}" + F7T_COMPUTE_TASK_EXP_TIME: "{{ .Values.F7T_COMPUTE_TASK_EXP_TIME | toString }}" + F7T_STORAGE_TASK_EXP_TIME: "{{ .Values.F7T_STORAGE_TASK_EXP_TIME | toString }}" kind: ConfigMap metadata: name: tasks-env-file