From d194c45f4038a8f0d99e3f153eb7074bbad8c078 Mon Sep 17 00:00:00 2001 From: Kuan Fan <31664961+kuanfandevops@users.noreply.github.com> Date: Wed, 6 Jan 2021 13:20:18 -0800 Subject: [PATCH 1/7] Only deploy needed apps for test and prod (#486) * only deploy needed apps for test and prod * reduce patroni pod replica for dev * enable rabbitmq-secret-configmap-only.yaml --- .pipeline/lib/config.js | 2 +- .pipeline/lib/deploy.js | 169 +++++++++++++++++++++------------------- 2 files changed, 92 insertions(+), 79 deletions(-) diff --git a/.pipeline/lib/config.js b/.pipeline/lib/config.js index 6bdec85a5..2509b8813 100644 --- a/.pipeline/lib/config.js +++ b/.pipeline/lib/config.js @@ -25,7 +25,7 @@ const phases = { minioCpuRequest: '100m', minioCpuLimit: '200m', minioMemoryRequest: '200M', minioMemoryLimit: '500M', minioPvcSize: '1G', schemaspyCpuRequest: '50m', schemaspyCpuLimit: '200m', schemaspyMemoryRequest: '150M', schemaspyMemoryLimit: '300M', schemaspyHealthCheckDelay: 160, rabbitmqCpuRequest: '250m', rabbitmqCpuLimit: '700m', rabbitmqMemoryRequest: '500M', rabbitmqMemoryLimit: '1G', rabbitmqPvcSize: '1G', rabbitmqReplica: 1, rabbitmqPostStartSleep: 120, storageClass: 'netapp-block-standard', - patroniCpuRequest: '200m', patroniCpuLimit: '400m', patroniMemoryRequest: '250M', patroniMemoryLimit: '500M', patroniPvcSize: '2G', patroniReplica: 2, storageClass: 'netapp-block-standard', ocpName: `${ocpName}`}, + patroniCpuRequest: '200m', patroniCpuLimit: '400m', patroniMemoryRequest: '250M', patroniMemoryLimit: '500M', patroniPvcSize: '2G', patroniReplica: 1, storageClass: 'netapp-block-standard', ocpName: `${ocpName}`}, test: {namespace:'e52f12-test', name: `${name}`, ssoSuffix:'-test', ssoName:'test.oidc.gov.bc.ca', phase: 'test' , changeId:`${changeId}`, suffix: `-test`, diff --git a/.pipeline/lib/deploy.js b/.pipeline/lib/deploy.js index e710f27e5..aefb5c293 100755 --- a/.pipeline/lib/deploy.js +++ b/.pipeline/lib/deploy.js @@ -22,14 +22,16 @@ module.exports = settings => { // The deployment of your cool app goes here ▼▼▼ //create network security policies for internal pod to pod communications - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/nsp/nsp-env.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'ENV_NAME': phases[phase].phase, - 'SUFFIX': phases[phase].suffix, - 'API_VERSION': 'security.devops.gov.bc.ca/v1alpha1' - } - })) + if(phase === 'dev') { + objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/nsp/nsp-env.yaml`, { + 'param': { + 'NAME': phases[phase].name, + 'ENV_NAME': phases[phase].phase, + 'SUFFIX': phases[phase].suffix, + 'API_VERSION': 'security.devops.gov.bc.ca/v1alpha1' + } + })) + } /**** open this block, it will only deploy network security policies console.log("will return22") oc.applyRecommendedLabels( @@ -46,20 +48,22 @@ module.exports = settings => { */ // create configs - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/config/configmap.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'ENV_NAME': phases[phase].phase, - 'HOST_NAME': phases[phase].host, - 'BACKEND_HOST_NAME': phases[phase].backendHost, - 'SSO_NAME': phases[phase].ssoName, - 'KEYCLOAK_REALM': 'rzh2zkjq', - 'DJANGO_DEBUG': phases[phase].djangoDebug, - 'OCP_NAME': phases[phase].ocpName, - 'LOGOUT_HOST_NAME': phases[phase].logoutHostName - } - })) + if(phase === 'dev') { + objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/config/configmap.yaml`, { + 'param': { + 'NAME': phases[phase].name, + 'SUFFIX': phases[phase].suffix, + 'ENV_NAME': phases[phase].phase, + 'HOST_NAME': phases[phase].host, + 'BACKEND_HOST_NAME': phases[phase].backendHost, + 'SSO_NAME': phases[phase].ssoName, + 'KEYCLOAK_REALM': 'rzh2zkjq', + 'DJANGO_DEBUG': phases[phase].djangoDebug, + 'OCP_NAME': phases[phase].ocpName, + 'LOGOUT_HOST_NAME': phases[phase].logoutHostName + } + })) + } /*** remove minio deployment in pr pipeline, one pre-deployed minio will serve all prs * minio configurations stay in config.js unchanged @@ -77,44 +81,49 @@ module.exports = settings => { })) */ - //deploy Patroni required secrets - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/patroni/deployment-prereq.yaml`, { - 'param': { - 'NAME': 'patroni', - 'SUFFIX': phases[phase].suffix - } - })) - //deploy Patroni - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/patroni/deployment.yaml`, { - 'param': { - 'NAME': 'patroni', - 'ENV_NAME': phases[phase].phase, - 'SUFFIX': phases[phase].suffix, - 'CPU_REQUEST': phases[phase].patroniCpuRequest, - 'CPU_LIMIT': phases[phase].patroniCpuLimit, - 'MEMORY_REQUEST': phases[phase].patroniMemoryRequest, - 'MEMORY_LIMIT': phases[phase].patroniMemoryLimit, - 'IMAGE_REGISTRY': 'image-registry.openshift-image-registry.svc:5000', - 'IMAGE_STREAM_NAMESPACE': phases[phase].namespace, - 'IMAGE_STREAM_TAG': 'patroni:v10-stable', - 'REPLICA': phases[phase].patroniReplica, - 'PVC_SIZE': phases[phase].patroniPvcSize, - 'STORAGE_CLASS': phases[phase].storageClass - } - })) + if(phase === 'dev') { + //deploy Patroni required secrets + objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/patroni/deployment-prereq.yaml`, { + 'param': { + 'NAME': 'patroni', + 'SUFFIX': phases[phase].suffix + } + })) + //deploy Patroni + objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/patroni/deployment.yaml`, { + 'param': { + 'NAME': 'patroni', + 'ENV_NAME': phases[phase].phase, + 'SUFFIX': phases[phase].suffix, + 'CPU_REQUEST': phases[phase].patroniCpuRequest, + 'CPU_LIMIT': phases[phase].patroniCpuLimit, + 'MEMORY_REQUEST': phases[phase].patroniMemoryRequest, + 'MEMORY_LIMIT': phases[phase].patroniMemoryLimit, + 'IMAGE_REGISTRY': 'image-registry.openshift-image-registry.svc:5000', + 'IMAGE_STREAM_NAMESPACE': phases[phase].namespace, + 'IMAGE_STREAM_TAG': 'patroni:v10-stable', + 'REPLICA': phases[phase].patroniReplica, + 'PVC_SIZE': phases[phase].patroniPvcSize, + 'STORAGE_CLASS': phases[phase].storageClass + } + })) + } - //only deploy rabbitmq secret and configmap, rabbitmq is not being used yet 20200921 - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/rabbitmq/rabbitmq-secret-configmap-only.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'ENV_NAME': phases[phase].phase, - 'SUFFIX': phases[phase].suffix, - 'NAMESPACE': phases[phase].namespace, - 'CLUSTER_NAME': 'rabbitmq-cluster' - } - })) - - /** + + //only deploy rabbitmq secret and configmap + if(phase === 'dev') { + objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/rabbitmq/rabbitmq-secret-configmap-only.yaml`, { + 'param': { + 'NAME': phases[phase].name, + 'ENV_NAME': phases[phase].phase, + 'SUFFIX': phases[phase].suffix, + 'NAMESPACE': phases[phase].namespace, + 'CLUSTER_NAME': 'rabbitmq-cluster' + } + })) + } + + /** //deploy rabbitmq, use docker image directly //POST_START_SLEEP is harded coded in the rabbitmq template, replacement was not successful objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/rabbitmq/rabbitmq-cluster-dc.yaml`, { @@ -139,13 +148,15 @@ module.exports = settings => { */ // deploy frontend configmap - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-configmap.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'CREDIT_TRANSFER_ENABLED': phases[phase].creditTransferEnabled - } - })) + if(phase === 'dev') { + objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-configmap.yaml`, { + 'param': { + 'NAME': phases[phase].name, + 'SUFFIX': phases[phase].suffix, + 'CREDIT_TRANSFER_ENABLED': phases[phase].creditTransferEnabled + } + })) + } // deploy frontend objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-dc.yaml`, { @@ -182,18 +193,20 @@ module.exports = settings => { })) //deploy schemaspy - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/schemaspy/schemaspy-dc.yaml`, { - 'param': { - 'SUFFIX': phases[phase].suffix, - 'ENV_NAME': phases[phase].phase, - 'CPU_REQUEST': phases[phase].schemaspyCpuRequest, - 'CPU_LIMIT': phases[phase].schemaspyCpuLimit, - 'MEMORY_REQUEST': phases[phase].schemaspyMemoryRequest, - 'MEMORY_LIMIT': phases[phase].schemaspyMemoryLimit, - 'HEALTH_CHECK_DELAY': phases[phase].schemaspyHealthCheckDelay, - 'OCP_NAME': phases[phase].ocpName - } - })) + if(phase === 'dev') { + objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/schemaspy/schemaspy-dc.yaml`, { + 'param': { + 'SUFFIX': phases[phase].suffix, + 'ENV_NAME': phases[phase].phase, + 'CPU_REQUEST': phases[phase].schemaspyCpuRequest, + 'CPU_LIMIT': phases[phase].schemaspyCpuLimit, + 'MEMORY_REQUEST': phases[phase].schemaspyMemoryRequest, + 'MEMORY_LIMIT': phases[phase].schemaspyMemoryLimit, + 'HEALTH_CHECK_DELAY': phases[phase].schemaspyHealthCheckDelay, + 'OCP_NAME': phases[phase].ocpName + } + })) + } //add autoacaler /***** From 5560dbeae7ea61273c7edaa5fdfcbb21a29c4dbd Mon Sep 17 00:00:00 2001 From: NavpreetGrewal <65915811+NavpreetGrewal@users.noreply.github.com> Date: Thu, 7 Jan 2021 09:10:08 -0800 Subject: [PATCH 2/7] ZEVA-381: Send notifications to the transfer partner based on thier subscription for credit transfer (#485) --- backend/api/viewsets/credit_transfer.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/backend/api/viewsets/credit_transfer.py b/backend/api/viewsets/credit_transfer.py index f4e02d5ee..6875adb22 100644 --- a/backend/api/viewsets/credit_transfer.py +++ b/backend/api/viewsets/credit_transfer.py @@ -94,7 +94,7 @@ def perform_update(self, serializer, *args, **kwargs): if transfer.status == CreditTransferStatuses.VALIDATED: #call service that updates transactions and balance tables validate_transfer(transfer) - notifications = Notification.objects.values_list('id', flat=True).filter(notification_code='CREDIT_TRANSFER_RECORDED_GOVT') + notifications = Notification.objects.values_list('id', flat=True).filter(Q(notification_code='CREDIT_TRANSFER_RECORDED_GOVT') | Q(notification_code='CREDIT_TRANSFER_RECORDED')) elif transfer.status == CreditTransferStatuses.RECOMMEND_APPROVAL: notifications = Notification.objects.values_list('id', flat=True).filter(notification_code='CREDIT_TRANSFER_RECOMMEND_APPROVAL') @@ -103,13 +103,19 @@ def perform_update(self, serializer, *args, **kwargs): notifications = Notification.objects.values_list('id', flat=True).filter(notification_code='CREDIT_TRANSFER_RECOMMEND_REJECT') elif transfer.status == CreditTransferStatuses.APPROVED: - notifications = Notification.objects.values_list('id', flat=True).filter(notification_code='CREDIT_TRANSFER_APPROVED') + notifications = Notification.objects.values_list('id', flat=True).filter(Q(notification_code='CREDIT_TRANSFER_APPROVED') | Q(notification_code='CREDIT_TRANSFER_APPROVED_PARTNER')) + + elif transfer.status == CreditTransferStatuses.DISAPPROVED: + notifications = Notification.objects.values_list('id', flat=True).filter(notification_code='CREDIT_TRANSFER_REJECT_PARTNER') elif transfer.status == CreditTransferStatuses.RESCINDED: - notifications = Notification.objects.values_list('id', flat=True).filter(notification_code='CREDIT_TRANSFER_RESCIND') + notifications = Notification.objects.values_list('id', flat=True).filter(Q(notification_code='CREDIT_TRANSFER_RESCIND') | Q(notification_code='CREDIT_TRANSFER_RESCIND_PARTNER')) + + elif transfer.status == CreditTransferStatuses.RESCIND_PRE_APPROVAL: + notifications = Notification.objects.values_list('id', flat=True).filter(notification_code='CREDIT_TRANSFER_RESCIND_PARTNER') elif transfer.status == CreditTransferStatuses.REJECTED: - notifications = Notification.objects.values_list('id', flat=True).filter(notification_code='CREDIT_TRANSFER_REJECTED_GOVT') + notifications = Notification.objects.values_list('id', flat=True).filter(Q(notification_code='CREDIT_TRANSFER_REJECTED_GOVT') | Q(notification_code='CREDIT_TRANSFER_REJECTED')) """ Send email to the users based on their notification subscription for a credit transfer """ From f99669b338d647830a067787f5e12172de75f787 Mon Sep 17 00:00:00 2001 From: Emily <44536222+emi-hi@users.noreply.github.com> Date: Thu, 7 Jan 2021 10:46:29 -0800 Subject: [PATCH 3/7] removed navbar link and activity section from bceid users that dont have permissions for sales and transfers (#487) --- frontend/src/app/components/Navbar.js | 2 +- .../src/dashboard/components/ActionsBceid.js | 26 ++++++++++++------- .../src/dashboard/components/DashboardPage.js | 4 ++- 3 files changed, 21 insertions(+), 11 deletions(-) diff --git a/frontend/src/app/components/Navbar.js b/frontend/src/app/components/Navbar.js index 2d4dfccba..387b20dfc 100644 --- a/frontend/src/app/components/Navbar.js +++ b/frontend/src/app/components/Navbar.js @@ -194,7 +194,7 @@ class Navbar extends Component { {CONFIG.FEATURES.CREDIT_TRANSACTIONS.ENABLED && typeof user.hasPermission === 'function' - && user.hasPermission('VIEW_SALES') + && user.hasPermission('EDIT_SALES') && (
  • { - const { activityCount, loading } = props; + const { user, activityCount, loading } = props; if (loading) { return ; } @@ -17,7 +17,7 @@ const ActionsBceid = (props) => {

    Latest Activity

    - {activityCount.modelsInfoRequest > 0 + {activityCount.modelsInfoRequest > 0 && user.hasPermission('VIEW_ZEV') && ( { /> )} - {activityCount.modelsDraft > 0 + {activityCount.modelsDraft > 0 && user.hasPermission('VIEW_ZEV') && ( { linkTo={`${ROUTES_VEHICLES.LIST}?col-status=Draft`} /> )} - {activityCount.modelsAwaitingValidation > 0 + {activityCount.modelsAwaitingValidation > 0 && user.hasPermission('VIEW_ZEV') && ( { linkTo={`${ROUTES_VEHICLES.LIST}?col-status=Submitted`} /> )} - {activityCount.modelsValidated > 0 + {activityCount.modelsValidated > 0 && user.hasPermission('VIEW_ZEV') && ( { linkTo={`${ROUTES_VEHICLES.LIST}?col-status=Validated`} /> )} - {activityCount.modelsRejected > 0 + {activityCount.modelsRejected > 0 && user.hasPermission('VIEW_ZEV') && ( { )} {activityCount.modelsInfoRequest === 0 && activityCount.modelsAwaitingValidation === 0 && activityCount.modelsValidated === 0 + && user.hasPermission('VIEW_ZEV') && ( { linkTo={ROUTES_VEHICLES.LIST} /> )} - {activityCount.creditsNew > 0 + + {activityCount.creditsNew > 0 && user.hasPermission('EDIT_SALES') && ( { linkTo={`${ROUTES_CREDIT_REQUESTS.LIST}?status=New`} /> )} - {activityCount.creditsAwaiting > 0 + {activityCount.creditsAwaiting > 0 && user.hasPermission('EDIT_SALES') && ( { linkTo={`${ROUTES_CREDIT_REQUESTS.LIST}?status=Submitted`} /> )} - {activityCount.creditsIssued > 0 + {activityCount.creditsIssued > 0 && user.hasPermission('EDIT_SALES') && ( { )} {activityCount.creditsNew === 0 && activityCount.creditsAwaiting === 0 && activityCount.creditsIssued === 0 + && user.hasPermission('EDIT_SALES') && ( { )} {CONFIG.FEATURES.CREDIT_TRANSFERS.ENABLED && activityCount.transfersAwaitingPartner > 0 + && user.hasPermission('VIEW_CREDIT_TRANSFERS') && ( { )} {CONFIG.FEATURES.CREDIT_TRANSFERS.ENABLED && activityCount.transfersAwaitingGovernment > 0 + && user.hasPermission('VIEW_CREDIT_TRANSFERS') && ( { )} {CONFIG.FEATURES.CREDIT_TRANSFERS.ENABLED && activityCount.transfersRecorded > 0 + && user.hasPermission('VIEW_CREDIT_TRANSFERS') && ( { {CONFIG.FEATURES.CREDIT_TRANSFERS.ENABLED && activityCount.transfersAwaitingGovernment === 0 && activityCount.transfersAwaitingPartner === 0 && activityCount.transfersRecorded === 0 + && user.hasPermission('VIEW_CREDIT_TRANSFERS') && ( { )} {CONFIG.FEATURES.CREDIT_TRANSFERS.ENABLED && activityCount.transfersRejected > 0 + && user.hasPermission('VIEW_CREDIT_TRANSFERS') && ( {
    - {user.isGovernment ? : } + {user.isGovernment && } + {!user.isGovernment && (user.hasPermission('VIEW_ZEV') || user.hasPermission('EDIT_SALES') || user.hasPermission('VIEW_CREDIT_TRANSFERS')) + && }
    From cd432ee6cce51cbc355af55d4574ee62fb9ef820 Mon Sep 17 00:00:00 2001 From: Richard Date: Thu, 7 Jan 2021 10:46:42 -0800 Subject: [PATCH 4/7] Automatically clear the error messsage when a new file is selected or when the current file is removed for Credit Applicationss (#484) --- frontend/src/app/components/FileDrop.js | 8 +++++++- .../src/credits/UploadCreditRequestContainer.js | 1 + .../components/CreditRequestsUploadPage.js | 15 ++++++++++----- 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/frontend/src/app/components/FileDrop.js b/frontend/src/app/components/FileDrop.js index 36a7ac884..86798ff73 100644 --- a/frontend/src/app/components/FileDrop.js +++ b/frontend/src/app/components/FileDrop.js @@ -4,13 +4,14 @@ import React, { useCallback, useState } from 'react'; import { useDropzone } from 'react-dropzone'; const FileDrop = (props) => { - const { setFiles, maxFiles } = props; + const { setErrorMessage, setFiles, maxFiles } = props; const [dropMessage, setDropMessage] = useState(''); const onDrop = useCallback((acceptedFiles) => { if (acceptedFiles.length > maxFiles) { setDropMessage(`Please select only ${maxFiles} file${maxFiles !== 1 ? 's' : ''}.`); } else { setDropMessage(''); + setErrorMessage(''); setFiles(acceptedFiles); } }, []); @@ -33,7 +34,12 @@ const FileDrop = (props) => { ); }; +FileDrop.defaultProps = { + setErrorMessage: () => {}, +}; + FileDrop.propTypes = { + setErrorMessage: PropTypes.func, setFiles: PropTypes.func.isRequired, maxFiles: PropTypes.number.isRequired, }; diff --git a/frontend/src/credits/UploadCreditRequestContainer.js b/frontend/src/credits/UploadCreditRequestContainer.js index a8850dd64..eed9e3edf 100644 --- a/frontend/src/credits/UploadCreditRequestContainer.js +++ b/frontend/src/credits/UploadCreditRequestContainer.js @@ -73,6 +73,7 @@ const UploadCreditRequestsContainer = (props) => { errorMessage={errorMessage} files={files} key="page" + setErrorMessage={setErrorMessage} setUploadFiles={setFiles} upload={doUpload} user={user} diff --git a/frontend/src/credits/components/CreditRequestsUploadPage.js b/frontend/src/credits/components/CreditRequestsUploadPage.js index 38e49a7d1..0516215fd 100644 --- a/frontend/src/credits/components/CreditRequestsUploadPage.js +++ b/frontend/src/credits/components/CreditRequestsUploadPage.js @@ -8,10 +8,11 @@ import download from '../../app/utilities/download'; import ExcelFileDrop from '../../app/components/FileDrop'; import getFileSize from '../../app/utilities/getFileSize'; -const SalesUploadPage = (props) => { +const CreditRequestsUploadPage = (props) => { const { errorMessage, files, + setErrorMessage, setUploadFiles, upload, icbcDate, @@ -30,6 +31,7 @@ const SalesUploadPage = (props) => { const found = files.findIndex((file) => (file === removedFile)); files.splice(found, 1); + setErrorMessage(''); setUploadFiles([...files]); }; @@ -76,7 +78,7 @@ const SalesUploadPage = (props) => {
    - +
    {files.length > 0 && (
    @@ -132,15 +134,18 @@ const SalesUploadPage = (props) => { ); }; -SalesUploadPage.defaultProps = { +CreditRequestsUploadPage.defaultProps = { errorMessage: '', + icbcDate: '', }; -SalesUploadPage.propTypes = { +CreditRequestsUploadPage.propTypes = { errorMessage: PropTypes.string, files: PropTypes.arrayOf(PropTypes.shape()).isRequired, + icbcDate: PropTypes.string, + setErrorMessage: PropTypes.func.isRequired, setUploadFiles: PropTypes.func.isRequired, upload: PropTypes.func.isRequired, }; -export default SalesUploadPage; +export default CreditRequestsUploadPage; From 313737062823bbc574b168d7496cf9e7d248f5b1 Mon Sep 17 00:00:00 2001 From: Kuan Fan <31664961+kuanfandevops@users.noreply.github.com> Date: Thu, 7 Jan 2021 12:57:53 -0800 Subject: [PATCH 5/7] Remove openshift v3 and add upload process pod for testing (#488) * remove openshift v3 * add separate upload pod --- .jenkins-v3/.pipeline/.nvmrc | 2 - .jenkins-v3/.pipeline/build.js | 5 - .jenkins-v3/.pipeline/clean.js | 5 - .jenkins-v3/.pipeline/deploy.js | 5 - .jenkins-v3/.pipeline/lib/build.js | 38 - .jenkins-v3/.pipeline/lib/clean.js | 77 -- .jenkins-v3/.pipeline/lib/config.js | 20 - .jenkins-v3/.pipeline/lib/deploy.js | 44 - .jenkins-v3/.pipeline/npmw | 12 - .jenkins-v3/.pipeline/package-lock.json | 89 -- .jenkins-v3/.pipeline/package.json | 23 - .jenkins-v3/Jenkinsfile | 57 - .jenkins-v3/README.md | 43 - .jenkins-v3/docker/Dockerfile | 11 - .../contrib/jenkins/configuration/config.xml | 110 -- .../configuration/jobs/_jenkins/config.xml | 64 -- .../jobs/zeva-release-pipelines/config.xml | 22 - .../jobs/develop-pipeline/config.xml | 36 - .../configuration/jobs/zeva/config.xml | 64 -- .../scripts.groovy.d/on-gh-event.groovy | 133 --- .jenkins-v3/openshift/build-master.yaml | 81 -- .jenkins-v3/openshift/build-slave.yaml | 110 -- .jenkins-v3/openshift/deploy-master.yaml | 297 ------ .jenkins-v3/openshift/deploy-prereq.yaml | 31 - .jenkins-v3/openshift/deploy-slave.yaml | 164 --- .jenkins-v3/openshift/secrets.json | 50 - .pipeline-v3/.nvmrc | 1 - .pipeline-v3/build.js | 5 - .pipeline-v3/clean.js | 5 - .pipeline-v3/deploy-unittest.js | 5 - .pipeline-v3/deploy.js | 7 - .pipeline-v3/lib/build.js | 57 - .pipeline-v3/lib/clean.js | 134 --- .pipeline-v3/lib/config.js | 55 - .pipeline-v3/lib/deploy-unittest.js | 67 -- .pipeline-v3/lib/deploy.js | 210 ---- .pipeline-v3/lib/keycloak.js | 137 --- .pipeline-v3/npmw | 12 - .pipeline-v3/package-lock.json | 988 ------------------ .pipeline-v3/package.json | 27 - .yo-rc.json-v3 | 54 - Jenkinsfile-v3 | 67 -- openshift-v3/README.md | 300 ------ openshift-v3/templates/README.md | 57 - openshift-v3/templates/backend/README.md | 25 - .../templates/backend/backend-autoscaler.yaml | 36 - .../templates/backend/backend-bc.yaml | 95 -- .../templates/backend/backend-dc.yaml | 426 -------- .../backend/django-secret-template.yaml | 17 - .../backend/email-service-secret.yaml | 26 - .../backup-container-2.0.0/.gitattributes | 12 - .../backup-container-2.0.0/.gitignore | 16 - .../backup-container-2.0.0/CODE_OF_CONDUCT.md | 46 - .../backup-container-2.0.0/CONTRIBUTING.md | 10 - .../templates/backup-container-2.0.0/LICENSE | 201 ---- .../backup-container-2.0.0/README.md | 368 ------- .../backup-container-2.0.0/config/backup.conf | 52 - .../backup-container-2.0.0/docker/Dockerfile | 42 - .../docker/Dockerfile_Mongo | 42 - .../docker/backup.config.utils | 485 --------- .../docker/backup.container.utils | 57 - .../docker/backup.file.utils | 233 ----- .../backup-container-2.0.0/docker/backup.ftp | 23 - .../docker/backup.logging | 111 -- .../docker/backup.misc.utils | 30 - .../docker/backup.mongo.plugin | 226 ---- .../docker/backup.null.plugin | 195 ---- .../docker/backup.postgres.plugin | 247 ----- .../docker/backup.server.utils | 39 - .../docker/backup.settings | 55 - .../backup-container-2.0.0/docker/backup.sh | 140 --- .../docker/backup.usage | 133 --- .../docker/backup.utils | 268 ----- .../docker/webhook-template.json | 6 - .../backup-container-2.0.0/docs/ExampleLog.md | 62 -- .../docs/SampleRocketChatErrorMessage.png | Bin 18609 -> 0 bytes .../docs/SampleRocketChatMessage.png | Bin 38568 -> 0 bytes .../docs/TipsAndTricks.md | 75 -- .../openshift/templates/backup/README.md | 71 -- .../templates/backup/backup-build.json | 102 -- .../templates/backup/backup-deploy.json | 545 ---------- .../scripts/rocket.chat.integration.js | 50 - openshift-v3/templates/config/README.md | 10 - openshift-v3/templates/config/configmap.yaml | 86 -- openshift-v3/templates/frontend/README.md | 16 - .../frontend/frontend-autoscaler.yaml | 36 - .../templates/frontend/frontend-bc.yaml | 82 -- .../frontend/frontend-configmap.yaml | 37 - .../templates/frontend/frontend-dc.yaml | 285 ----- openshift-v3/templates/jenkins/README.md | 13 - .../templates/jenkins/jenkins-bc.yaml | 61 -- openshift-v3/templates/keycloak/README.md | 9 - .../templates/keycloak/keycloak-secret.yaml | 37 - openshift-v3/templates/maintenance/Caddyfile | 18 - .../templates/maintenance/maintenance.html | 18 - .../maintenance/openshift/maintenance-bc.yaml | 58 - .../maintenance/openshift/maintenance-dc.yaml | 100 -- openshift-v3/templates/minio/README.md | 22 - .../templates/minio/docker/Dockerfile | 33 - .../templates/minio/docker/entrypoint.sh | 3 - openshift-v3/templates/minio/minio-bc.yaml | 64 -- openshift-v3/templates/minio/minio-dc.yaml | 227 ---- .../templates/minio/minio-secret.yaml | 25 - openshift-v3/templates/nagios/.kube/.empty | 0 openshift-v3/templates/nagios/Dockerfile | 49 - openshift-v3/templates/nagios/Dockerfile-base | 11 - openshift-v3/templates/nagios/README.md | 24 - .../templates/nagios/apache2/apache2.conf | 52 - .../apache2/mods-enabled/access_compat.load | 1 - .../nagios/apache2/mods-enabled/alias.conf | 1 - .../nagios/apache2/mods-enabled/alias.load | 1 - .../apache2/mods-enabled/auth_basic.load | 1 - .../apache2/mods-enabled/authn_core.load | 1 - .../apache2/mods-enabled/authn_file.load | 1 - .../apache2/mods-enabled/authz_core.load | 1 - .../apache2/mods-enabled/authz_host.load | 1 - .../apache2/mods-enabled/authz_user.load | 1 - .../apache2/mods-enabled/autoindex.conf | 1 - .../apache2/mods-enabled/autoindex.load | 1 - .../nagios/apache2/mods-enabled/cgi.load | 1 - .../nagios/apache2/mods-enabled/deflate.conf | 1 - .../nagios/apache2/mods-enabled/deflate.load | 1 - .../nagios/apache2/mods-enabled/dir.conf | 1 - .../nagios/apache2/mods-enabled/dir.load | 1 - .../nagios/apache2/mods-enabled/env.load | 1 - .../nagios/apache2/mods-enabled/filter.load | 1 - .../nagios/apache2/mods-enabled/mime.conf | 1 - .../nagios/apache2/mods-enabled/mime.load | 1 - .../apache2/mods-enabled/mpm_prefork.conf | 1 - .../apache2/mods-enabled/mpm_prefork.load | 1 - .../apache2/mods-enabled/negotiation.conf | 1 - .../apache2/mods-enabled/negotiation.load | 1 - .../nagios/apache2/mods-enabled/php5.conf | 1 - .../nagios/apache2/mods-enabled/php5.load | 1 - .../apache2/mods-enabled/reqtimeout.conf | 1 - .../apache2/mods-enabled/reqtimeout.load | 1 - .../nagios/apache2/mods-enabled/setenvif.conf | 1 - .../nagios/apache2/mods-enabled/setenvif.load | 1 - .../nagios/apache2/mods-enabled/status.conf | 1 - .../nagios/apache2/mods-enabled/status.load | 1 - .../templates/nagios/docroot/emptyFile.txt | 0 .../templates/nagios/nagios-base-bc.yaml | 38 - openshift-v3/templates/nagios/nagios-bc.yaml | 65 -- openshift-v3/templates/nagios/nagios-dc.yaml | 271 ----- .../templates/nagios/nagios-secret.yaml | 20 - openshift-v3/templates/nagios/nagios3/cgi.cfg | 377 ------- .../templates/nagios/nagios3/cleanup-cfg.sh | 16 - .../templates/nagios/nagios3/commands.cfg | 91 -- .../nagios3/commands/check_diskusage.sh | 22 - .../commands/check_email_connection.py | 16 - .../commands/check_email_connection.sh | 10 - .../nagios/nagios3/commands/check_host.sh | 4 - .../commands/check_keycloak_connection.py | 62 -- .../commands/check_keycloak_connection.sh | 10 - .../commands/check_minio_connection.py | 26 - .../commands/check_minio_connection.sh | 12 - .../nagios3/commands/check_patroni_health.sh | 22 - .../commands/check_postgresql_liveness.py | 28 - .../commands/check_postgresql_liveness.sh | 26 - .../commands/check_rabbitmq_connection.py | 29 - .../commands/check_rabbitmq_connection.sh | 10 - .../nagios/nagios3/commands/check_replicas.sh | 21 - .../nagios3/commands/notify_by_email.py | 31 - .../nagios/nagios3/conf.d/contact-groups.cfg | 5 - .../nagios/nagios3/conf.d/contacts.cfg | 27 - .../nagios/nagios3/conf.d/host-groups-dev.cfg | 5 - .../nagios3/conf.d/host-groups-prod.cfg | 6 - .../nagios3/conf.d/host-groups-test.cfg | 5 - .../nagios/nagios3/conf.d/hosts-dev.cfg | 95 -- .../nagios/nagios3/conf.d/hosts-prod.cfg | 95 -- .../nagios/nagios3/conf.d/hosts-test.cfg | 95 -- .../nagios3/conf.d/services-other-dev.cfg | 78 -- .../nagios3/conf.d/services-other-prod.cfg | 78 -- .../nagios3/conf.d/services-other-test.cfg | 78 -- .../nagios3/conf.d/services-replica-dev.cfg | 65 -- .../nagios3/conf.d/services-replica-prod.cfg | 65 -- .../nagios3/conf.d/services-replica-test.cfg | 65 -- .../nagios/nagios3/conf.d/timeperiods.cfg | 11 - .../templates/nagios/nagios3/nagios.cfg | 111 -- .../templates/nagios/nagios3/resource.cfg | 31 - .../nagios/nagios3/stylesheets/avail.css | 35 - .../nagios3/stylesheets/checksanity.css | 27 - .../nagios/nagios3/stylesheets/cmd.css | 14 - .../nagios/nagios3/stylesheets/common.css | 370 ------- .../nagios/nagios3/stylesheets/config.css | 11 - .../nagios/nagios3/stylesheets/extinfo.css | 84 -- .../nagios/nagios3/stylesheets/histogram.css | 10 - .../nagios/nagios3/stylesheets/history.css | 8 - .../nagios/nagios3/stylesheets/ministatus.css | 64 -- .../nagios3/stylesheets/notifications.css | 29 - .../nagios/nagios3/stylesheets/outages.css | 15 - .../nagios/nagios3/stylesheets/showlog.css | 8 - .../nagios/nagios3/stylesheets/status.css | 88 -- .../nagios/nagios3/stylesheets/statusmap.css | 14 - .../nagios/nagios3/stylesheets/summary.css | 30 - .../nagios/nagios3/stylesheets/tac.css | 75 -- .../nagios/nagios3/stylesheets/trends.css | 8 - .../nagios/supervisord/supervisord.conf | 21 - openshift-v3/templates/nsp/README.MD | 48 - openshift-v3/templates/nsp/aporeto-setup.md | 111 -- openshift-v3/templates/nsp/nsp-env.yaml | 88 -- openshift-v3/templates/nsp/nsp-tools.yaml | 44 - .../templates/nsp/quickstart-nsp.yaml | 51 - .../templates/patroni/.pipeline/build.js | 5 - .../templates/patroni/.pipeline/clean.js | 4 - .../templates/patroni/.pipeline/deploy.js | 6 - .../templates/patroni/.pipeline/lib/build.js | 25 - .../templates/patroni/.pipeline/lib/clean.js | 22 - .../templates/patroni/.pipeline/lib/config.js | 13 - .../templates/patroni/.pipeline/lib/deploy.js | 12 - openshift-v3/templates/patroni/.pipeline/npmw | 4 - .../templates/patroni/.pipeline/package.json | 27 - .../templates/patroni/.pipeline/test/e2e.js | 173 --- openshift-v3/templates/patroni/README.md | 40 - openshift-v3/templates/patroni/build.yaml | 110 -- .../templates/patroni/deployment-prereq.yaml | 132 --- .../templates/patroni/deployment.yaml | 336 ------ .../templates/patroni/docker/Dockerfile | 43 - .../docker/contrib/root/usr/bin/entrypoint.sh | 57 - .../usr/share/scripts/patroni/health_check.sh | 5 - .../usr/share/scripts/patroni/post_init.sh | 17 - .../templates/patroni/secret-template.yaml | 56 - openshift-v3/templates/postgresql/create.sh | 3 - .../templates/postgresql/nfs_storage.yaml | 46 - .../postgresql/postgresql-dc-release.yaml | 181 ---- .../postgresql/postgresql-dc-unittest.yaml | 171 --- .../templates/postgresql/postgresql-dc.yaml | 209 ---- .../python-backend/python-backend-bc.yaml | 55 - .../python-backend/python-backend-dc.yaml | 171 --- openshift-v3/templates/rabbitmq/README.md | 22 - openshift-v3/templates/rabbitmq/create.sh | 13 - .../templates/rabbitmq/docker/Dockerfile | 8 - .../templates/rabbitmq/docker/policy.json | 67 -- .../templates/rabbitmq/rabbitmq-bc.yaml | 73 -- .../rabbitmq/rabbitmq-cluster-dc.yaml | 317 ------ .../rabbitmq-secret-configmap-only.yaml | 62 -- .../rabbitmq/rabbitmq-web-route.yaml | 53 - .../templates/rabbitmq/secret-template.yaml | 27 - .../rabbitmq/zeva-rabbitmq-secret.yaml | 21 - openshift-v3/templates/redirect/Caddyfile | 18 - openshift-v3/templates/redirect/migrated.html | 20 - .../redirect/openshift/redirect-bc.yaml | 58 - .../redirect/openshift/redirect-dc.yaml | 100 -- openshift-v3/templates/schemaspy/README.md | 5 - .../templates/schemaspy/schemaspy-bc.yaml | 44 - .../templates/schemaspy/schemaspy-dc.yaml | 192 ---- openshift-v3/templates/unittest/README.md | 7 - .../unittest/postgresql-dc-unittest.yaml | 193 ---- .../unittest/zeva-postgresql-init.yaml | 32 - openshift-v3/v4-migration/Readme.md | 62 -- openshift/templates/backend/README.md | 14 + .../templates/backend/upload-process-dc.yaml | 95 +- 252 files changed, 59 insertions(+), 16498 deletions(-) delete mode 100644 .jenkins-v3/.pipeline/.nvmrc delete mode 100755 .jenkins-v3/.pipeline/build.js delete mode 100755 .jenkins-v3/.pipeline/clean.js delete mode 100755 .jenkins-v3/.pipeline/deploy.js delete mode 100755 .jenkins-v3/.pipeline/lib/build.js delete mode 100755 .jenkins-v3/.pipeline/lib/clean.js delete mode 100644 .jenkins-v3/.pipeline/lib/config.js delete mode 100755 .jenkins-v3/.pipeline/lib/deploy.js delete mode 100755 .jenkins-v3/.pipeline/npmw delete mode 100644 .jenkins-v3/.pipeline/package-lock.json delete mode 100644 .jenkins-v3/.pipeline/package.json delete mode 100644 .jenkins-v3/Jenkinsfile delete mode 100644 .jenkins-v3/README.md delete mode 100644 .jenkins-v3/docker/Dockerfile delete mode 100644 .jenkins-v3/docker/contrib/jenkins/configuration/config.xml delete mode 100644 .jenkins-v3/docker/contrib/jenkins/configuration/jobs/_jenkins/config.xml delete mode 100644 .jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva-release-pipelines/config.xml delete mode 100644 .jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva-release-pipelines/jobs/develop-pipeline/config.xml delete mode 100644 .jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva/config.xml delete mode 100644 .jenkins-v3/docker/contrib/jenkins/configuration/scripts.groovy.d/on-gh-event.groovy delete mode 100644 .jenkins-v3/openshift/build-master.yaml delete mode 100644 .jenkins-v3/openshift/build-slave.yaml delete mode 100644 .jenkins-v3/openshift/deploy-master.yaml delete mode 100644 .jenkins-v3/openshift/deploy-prereq.yaml delete mode 100644 .jenkins-v3/openshift/deploy-slave.yaml delete mode 100644 .jenkins-v3/openshift/secrets.json delete mode 100644 .pipeline-v3/.nvmrc delete mode 100755 .pipeline-v3/build.js delete mode 100755 .pipeline-v3/clean.js delete mode 100644 .pipeline-v3/deploy-unittest.js delete mode 100755 .pipeline-v3/deploy.js delete mode 100755 .pipeline-v3/lib/build.js delete mode 100755 .pipeline-v3/lib/clean.js delete mode 100644 .pipeline-v3/lib/config.js delete mode 100644 .pipeline-v3/lib/deploy-unittest.js delete mode 100755 .pipeline-v3/lib/deploy.js delete mode 100644 .pipeline-v3/lib/keycloak.js delete mode 100755 .pipeline-v3/npmw delete mode 100644 .pipeline-v3/package-lock.json delete mode 100644 .pipeline-v3/package.json delete mode 100644 .yo-rc.json-v3 delete mode 100644 Jenkinsfile-v3 delete mode 100644 openshift-v3/README.md delete mode 100644 openshift-v3/templates/README.md delete mode 100644 openshift-v3/templates/backend/README.md delete mode 100644 openshift-v3/templates/backend/backend-autoscaler.yaml delete mode 100644 openshift-v3/templates/backend/backend-bc.yaml delete mode 100644 openshift-v3/templates/backend/backend-dc.yaml delete mode 100644 openshift-v3/templates/backend/django-secret-template.yaml delete mode 100644 openshift-v3/templates/backend/email-service-secret.yaml delete mode 100644 openshift-v3/templates/backup-container-2.0.0/.gitattributes delete mode 100644 openshift-v3/templates/backup-container-2.0.0/.gitignore delete mode 100644 openshift-v3/templates/backup-container-2.0.0/CODE_OF_CONDUCT.md delete mode 100644 openshift-v3/templates/backup-container-2.0.0/CONTRIBUTING.md delete mode 100644 openshift-v3/templates/backup-container-2.0.0/LICENSE delete mode 100644 openshift-v3/templates/backup-container-2.0.0/README.md delete mode 100644 openshift-v3/templates/backup-container-2.0.0/config/backup.conf delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/Dockerfile delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/Dockerfile_Mongo delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.config.utils delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.container.utils delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.file.utils delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.ftp delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.logging delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.misc.utils delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.mongo.plugin delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.null.plugin delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.postgres.plugin delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.server.utils delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.settings delete mode 100755 openshift-v3/templates/backup-container-2.0.0/docker/backup.sh delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.usage delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/backup.utils delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docker/webhook-template.json delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docs/ExampleLog.md delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docs/SampleRocketChatErrorMessage.png delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docs/SampleRocketChatMessage.png delete mode 100644 openshift-v3/templates/backup-container-2.0.0/docs/TipsAndTricks.md delete mode 100644 openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/README.md delete mode 100644 openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/backup-build.json delete mode 100644 openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/backup-deploy.json delete mode 100644 openshift-v3/templates/backup-container-2.0.0/scripts/rocket.chat.integration.js delete mode 100644 openshift-v3/templates/config/README.md delete mode 100644 openshift-v3/templates/config/configmap.yaml delete mode 100644 openshift-v3/templates/frontend/README.md delete mode 100644 openshift-v3/templates/frontend/frontend-autoscaler.yaml delete mode 100644 openshift-v3/templates/frontend/frontend-bc.yaml delete mode 100644 openshift-v3/templates/frontend/frontend-configmap.yaml delete mode 100644 openshift-v3/templates/frontend/frontend-dc.yaml delete mode 100644 openshift-v3/templates/jenkins/README.md delete mode 100644 openshift-v3/templates/jenkins/jenkins-bc.yaml delete mode 100644 openshift-v3/templates/keycloak/README.md delete mode 100644 openshift-v3/templates/keycloak/keycloak-secret.yaml delete mode 100644 openshift-v3/templates/maintenance/Caddyfile delete mode 100644 openshift-v3/templates/maintenance/maintenance.html delete mode 100644 openshift-v3/templates/maintenance/openshift/maintenance-bc.yaml delete mode 100644 openshift-v3/templates/maintenance/openshift/maintenance-dc.yaml delete mode 100644 openshift-v3/templates/minio/README.md delete mode 100644 openshift-v3/templates/minio/docker/Dockerfile delete mode 100755 openshift-v3/templates/minio/docker/entrypoint.sh delete mode 100644 openshift-v3/templates/minio/minio-bc.yaml delete mode 100644 openshift-v3/templates/minio/minio-dc.yaml delete mode 100644 openshift-v3/templates/minio/minio-secret.yaml delete mode 100644 openshift-v3/templates/nagios/.kube/.empty delete mode 100644 openshift-v3/templates/nagios/Dockerfile delete mode 100644 openshift-v3/templates/nagios/Dockerfile-base delete mode 100644 openshift-v3/templates/nagios/README.md delete mode 100644 openshift-v3/templates/nagios/apache2/apache2.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/access_compat.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/alias.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/alias.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/auth_basic.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/authn_core.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/authn_file.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/authz_core.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/authz_host.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/authz_user.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/autoindex.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/autoindex.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/cgi.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/deflate.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/deflate.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/dir.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/dir.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/env.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/filter.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/mime.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/mime.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/mpm_prefork.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/mpm_prefork.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/negotiation.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/negotiation.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/php5.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/php5.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/reqtimeout.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/reqtimeout.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/setenvif.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/setenvif.load delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/status.conf delete mode 120000 openshift-v3/templates/nagios/apache2/mods-enabled/status.load delete mode 100644 openshift-v3/templates/nagios/docroot/emptyFile.txt delete mode 100644 openshift-v3/templates/nagios/nagios-base-bc.yaml delete mode 100644 openshift-v3/templates/nagios/nagios-bc.yaml delete mode 100644 openshift-v3/templates/nagios/nagios-dc.yaml delete mode 100644 openshift-v3/templates/nagios/nagios-secret.yaml delete mode 100644 openshift-v3/templates/nagios/nagios3/cgi.cfg delete mode 100755 openshift-v3/templates/nagios/nagios3/cleanup-cfg.sh delete mode 100644 openshift-v3/templates/nagios/nagios3/commands.cfg delete mode 100755 openshift-v3/templates/nagios/nagios3/commands/check_diskusage.sh delete mode 100644 openshift-v3/templates/nagios/nagios3/commands/check_email_connection.py delete mode 100755 openshift-v3/templates/nagios/nagios3/commands/check_email_connection.sh delete mode 100755 openshift-v3/templates/nagios/nagios3/commands/check_host.sh delete mode 100755 openshift-v3/templates/nagios/nagios3/commands/check_keycloak_connection.py delete mode 100755 openshift-v3/templates/nagios/nagios3/commands/check_keycloak_connection.sh delete mode 100644 openshift-v3/templates/nagios/nagios3/commands/check_minio_connection.py delete mode 100755 openshift-v3/templates/nagios/nagios3/commands/check_minio_connection.sh delete mode 100755 openshift-v3/templates/nagios/nagios3/commands/check_patroni_health.sh delete mode 100644 openshift-v3/templates/nagios/nagios3/commands/check_postgresql_liveness.py delete mode 100755 openshift-v3/templates/nagios/nagios3/commands/check_postgresql_liveness.sh delete mode 100644 openshift-v3/templates/nagios/nagios3/commands/check_rabbitmq_connection.py delete mode 100755 openshift-v3/templates/nagios/nagios3/commands/check_rabbitmq_connection.sh delete mode 100755 openshift-v3/templates/nagios/nagios3/commands/check_replicas.sh delete mode 100644 openshift-v3/templates/nagios/nagios3/commands/notify_by_email.py delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/contact-groups.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/contacts.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/host-groups-dev.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/host-groups-prod.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/host-groups-test.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/hosts-dev.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/hosts-prod.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/hosts-test.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/services-other-dev.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/services-other-prod.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/services-other-test.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/services-replica-dev.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/services-replica-prod.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/services-replica-test.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/conf.d/timeperiods.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/nagios.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/resource.cfg delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/avail.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/checksanity.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/cmd.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/common.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/config.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/extinfo.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/histogram.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/history.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/ministatus.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/notifications.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/outages.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/showlog.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/status.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/statusmap.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/summary.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/tac.css delete mode 100644 openshift-v3/templates/nagios/nagios3/stylesheets/trends.css delete mode 100644 openshift-v3/templates/nagios/supervisord/supervisord.conf delete mode 100644 openshift-v3/templates/nsp/README.MD delete mode 100644 openshift-v3/templates/nsp/aporeto-setup.md delete mode 100644 openshift-v3/templates/nsp/nsp-env.yaml delete mode 100644 openshift-v3/templates/nsp/nsp-tools.yaml delete mode 100644 openshift-v3/templates/nsp/quickstart-nsp.yaml delete mode 100755 openshift-v3/templates/patroni/.pipeline/build.js delete mode 100755 openshift-v3/templates/patroni/.pipeline/clean.js delete mode 100755 openshift-v3/templates/patroni/.pipeline/deploy.js delete mode 100755 openshift-v3/templates/patroni/.pipeline/lib/build.js delete mode 100755 openshift-v3/templates/patroni/.pipeline/lib/clean.js delete mode 100644 openshift-v3/templates/patroni/.pipeline/lib/config.js delete mode 100755 openshift-v3/templates/patroni/.pipeline/lib/deploy.js delete mode 100755 openshift-v3/templates/patroni/.pipeline/npmw delete mode 100644 openshift-v3/templates/patroni/.pipeline/package.json delete mode 100644 openshift-v3/templates/patroni/.pipeline/test/e2e.js delete mode 100644 openshift-v3/templates/patroni/README.md delete mode 100644 openshift-v3/templates/patroni/build.yaml delete mode 100644 openshift-v3/templates/patroni/deployment-prereq.yaml delete mode 100644 openshift-v3/templates/patroni/deployment.yaml delete mode 100644 openshift-v3/templates/patroni/docker/Dockerfile delete mode 100755 openshift-v3/templates/patroni/docker/contrib/root/usr/bin/entrypoint.sh delete mode 100755 openshift-v3/templates/patroni/docker/contrib/root/usr/share/scripts/patroni/health_check.sh delete mode 100755 openshift-v3/templates/patroni/docker/contrib/root/usr/share/scripts/patroni/post_init.sh delete mode 100644 openshift-v3/templates/patroni/secret-template.yaml delete mode 100755 openshift-v3/templates/postgresql/create.sh delete mode 100644 openshift-v3/templates/postgresql/nfs_storage.yaml delete mode 100644 openshift-v3/templates/postgresql/postgresql-dc-release.yaml delete mode 100644 openshift-v3/templates/postgresql/postgresql-dc-unittest.yaml delete mode 100644 openshift-v3/templates/postgresql/postgresql-dc.yaml delete mode 100644 openshift-v3/templates/python-backend/python-backend-bc.yaml delete mode 100644 openshift-v3/templates/python-backend/python-backend-dc.yaml delete mode 100644 openshift-v3/templates/rabbitmq/README.md delete mode 100644 openshift-v3/templates/rabbitmq/create.sh delete mode 100644 openshift-v3/templates/rabbitmq/docker/Dockerfile delete mode 100644 openshift-v3/templates/rabbitmq/docker/policy.json delete mode 100644 openshift-v3/templates/rabbitmq/rabbitmq-bc.yaml delete mode 100644 openshift-v3/templates/rabbitmq/rabbitmq-cluster-dc.yaml delete mode 100644 openshift-v3/templates/rabbitmq/rabbitmq-secret-configmap-only.yaml delete mode 100644 openshift-v3/templates/rabbitmq/rabbitmq-web-route.yaml delete mode 100644 openshift-v3/templates/rabbitmq/secret-template.yaml delete mode 100644 openshift-v3/templates/rabbitmq/zeva-rabbitmq-secret.yaml delete mode 100644 openshift-v3/templates/redirect/Caddyfile delete mode 100644 openshift-v3/templates/redirect/migrated.html delete mode 100644 openshift-v3/templates/redirect/openshift/redirect-bc.yaml delete mode 100644 openshift-v3/templates/redirect/openshift/redirect-dc.yaml delete mode 100644 openshift-v3/templates/schemaspy/README.md delete mode 100644 openshift-v3/templates/schemaspy/schemaspy-bc.yaml delete mode 100644 openshift-v3/templates/schemaspy/schemaspy-dc.yaml delete mode 100644 openshift-v3/templates/unittest/README.md delete mode 100644 openshift-v3/templates/unittest/postgresql-dc-unittest.yaml delete mode 100644 openshift-v3/templates/unittest/zeva-postgresql-init.yaml delete mode 100644 openshift-v3/v4-migration/Readme.md rename openshift-v3/templates/unittest/backend-dc-unittest.yaml => openshift/templates/backend/upload-process-dc.yaml (83%) diff --git a/.jenkins-v3/.pipeline/.nvmrc b/.jenkins-v3/.pipeline/.nvmrc deleted file mode 100644 index 851c9ba3c..000000000 --- a/.jenkins-v3/.pipeline/.nvmrc +++ /dev/null @@ -1,2 +0,0 @@ -v10.15.2 - diff --git a/.jenkins-v3/.pipeline/build.js b/.jenkins-v3/.pipeline/build.js deleted file mode 100755 index 3ac899f86..000000000 --- a/.jenkins-v3/.pipeline/build.js +++ /dev/null @@ -1,5 +0,0 @@ -'use strict'; -const task = require('./lib/build.js') -const settings = require('./lib/config.js') - -task(Object.assign(settings, { phase: 'build'})) diff --git a/.jenkins-v3/.pipeline/clean.js b/.jenkins-v3/.pipeline/clean.js deleted file mode 100755 index 42231d7ff..000000000 --- a/.jenkins-v3/.pipeline/clean.js +++ /dev/null @@ -1,5 +0,0 @@ -'use strict'; -const settings = require('./lib/config.js') -const task = require('./lib/clean.js') - -task(Object.assign(settings, { phase: settings.options.env})); diff --git a/.jenkins-v3/.pipeline/deploy.js b/.jenkins-v3/.pipeline/deploy.js deleted file mode 100755 index 595509459..000000000 --- a/.jenkins-v3/.pipeline/deploy.js +++ /dev/null @@ -1,5 +0,0 @@ -'use strict'; -const settings = require('./lib/config.js') -const task = require('./lib/deploy.js') - -task(Object.assign(settings, { phase: settings.options.env})); diff --git a/.jenkins-v3/.pipeline/lib/build.js b/.jenkins-v3/.pipeline/lib/build.js deleted file mode 100755 index 8d6d5d2d4..000000000 --- a/.jenkins-v3/.pipeline/lib/build.js +++ /dev/null @@ -1,38 +0,0 @@ -'use strict'; -const {OpenShiftClientX} = require('@bcgov/pipeline-cli') -const path = require('path'); - -module.exports = (settings)=>{ - const phases=settings.phases - const options = settings.options - const oc=new OpenShiftClientX(Object.assign({'namespace':phases.build.namespace}, options)); - const phase='build' - var objects = [] - - const templatesLocalBaseUrl =oc.toFileUrl(path.resolve(__dirname, '../../openshift')) - - objects.push(...oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/build-master.yaml`, { - 'param':{ - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'SOURCE_REPOSITORY_URL': oc.git.http_url, - 'SOURCE_REPOSITORY_REF': oc.git.ref, - 'SOURCE_IMAGE_STREAM_NAMESPACE': phases[phase].namespace, - 'SOURCE_IMAGE_STREAM_TAG': 'bcgov-jenkins-basic:v2-20200303' - } - })); - - objects.push(...oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/build-slave.yaml`, { - 'param':{ - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'SOURCE_IMAGE_STREAM_TAG': `${phases[phase].name}:${phases[phase].tag}`, - 'SLAVE_NAME':'main' - } - })); - - oc.applyRecommendedLabels(objects, phases[phase].name, phase, phases[phase].changeId, phases[phase].instance) - oc.applyAndBuild(objects) -} diff --git a/.jenkins-v3/.pipeline/lib/clean.js b/.jenkins-v3/.pipeline/lib/clean.js deleted file mode 100755 index b9cfe87f8..000000000 --- a/.jenkins-v3/.pipeline/lib/clean.js +++ /dev/null @@ -1,77 +0,0 @@ -"use strict"; -const { OpenShiftClientX } = require("@bcgov/pipeline-cli"); - -const getTargetPhases = (env, phases) => { - let target_phase = []; - for (const phase in phases) { - if (env.match(/^(all|transient)$/) && phases[phase].transient) { - target_phase.push(phase); - } else if (env === phase) { - target_phase.push(phase); - break; - } - } - - return target_phase; -}; - -module.exports = settings => { - const phases = settings.phases; - const options = settings.options; - const oc = new OpenShiftClientX(Object.assign({ namespace: phases.build.namespace }, options)); - const target_phases = getTargetPhases(options.env, phases); - - target_phases.forEach(k => { - if (phases.hasOwnProperty(k)) { - const phase = phases[k]; - - let buildConfigs = oc.get("bc", { - selector: `app=${phase.instance},env-id=${phase.changeId},!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, - namespace: phase.namespace, - }); - buildConfigs.forEach(bc => { - if (bc.spec.output.to.kind == "ImageStreamTag") { - oc.delete([`ImageStreamTag/${bc.spec.output.to.name}`], { - "ignore-not-found": "true", - wait: "true", - namespace: phase.namespace, - }); - } - }); - - let deploymentConfigs = oc.get("dc", { - selector: `app=${phase.instance},env-id=${phase.changeId},env-name=${k},!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, - namespace: phase.namespace, - }); - deploymentConfigs.forEach(dc => { - dc.spec.triggers.forEach(trigger => { - if ( - trigger.type == "ImageChange" && - trigger.imageChangeParams.from.kind == "ImageStreamTag" - ) { - oc.delete([`ImageStreamTag/${trigger.imageChangeParams.from.name}`], { - "ignore-not-found": "true", - wait: "true", - namespace: phase.namespace, - }); - } - }); - }); - - oc.raw("delete", ["all"], { - selector: `app=${phase.instance},env-id=${phase.changeId},!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, - wait: "true", - namespace: phase.namespace, - }); - oc.raw( - "delete", - ["pvc,Secret,configmap,endpoints,RoleBinding,role,ServiceAccount,Endpoints"], - { - selector: `app=${phase.instance},env-id=${phase.changeId},!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, - wait: "true", - namespace: phase.namespace, - }, - ); - } - }); -}; diff --git a/.jenkins-v3/.pipeline/lib/config.js b/.jenkins-v3/.pipeline/lib/config.js deleted file mode 100644 index c1832b5ac..000000000 --- a/.jenkins-v3/.pipeline/lib/config.js +++ /dev/null @@ -1,20 +0,0 @@ -'use strict'; -const options= require('@bcgov/pipeline-cli').Util.parseArguments() -const changeId = options.pr //aka pull-request -const version = '1.0.0' -const name = 'jenkins' -const ocpName = 'pathfinder' - -const phases = { - build: {namespace:'tbiwaq-tools' , name: `${name}`, phase: 'build' , changeId:changeId, suffix: `-build-${changeId}` , instance: `${name}-build-${changeId}` , version:`${version}-${changeId}`, tag:`build-${version}-${changeId}`, ocpName: `${ocpName}`}, - dev: {namespace:'tbiwaq-tools' , name: `${name}`, phase: 'dev' , changeId:changeId, suffix: `-dev-${changeId}` , instance: `${name}-dev-${changeId}` , version:`${version}-${changeId}`, tag:`dev-${version}-${changeId}`, ocpName: `${ocpName}`}, - prod: {namespace:'tbiwaq-tools' , name: `${name}`, phase: 'prod' , changeId:changeId, suffix: `-prod` , instance: `${name}-prod` , version:`${version}`, tag:`prod-${version}`, ocpName: `${ocpName}`}, -}; - -// This callback forces the node process to exit as failure. -process.on('unhandledRejection', (reason) => { - console.log(reason); - process.exit(1); -}); - -module.exports = exports = {phases, options}; \ No newline at end of file diff --git a/.jenkins-v3/.pipeline/lib/deploy.js b/.jenkins-v3/.pipeline/lib/deploy.js deleted file mode 100755 index f992d7d26..000000000 --- a/.jenkins-v3/.pipeline/lib/deploy.js +++ /dev/null @@ -1,44 +0,0 @@ -'use strict'; -const {OpenShiftClientX} = require('@bcgov/pipeline-cli') -const path = require('path'); - -module.exports = (settings)=>{ - const phases = settings.phases - const options = settings.options - const phase=options.env - const changeId = phases[phase].changeId - const oc=new OpenShiftClientX(Object.assign({'namespace':phases[phase].namespace}, options)); - var objects = [] - - const templatesLocalBaseUrl =oc.toFileUrl(path.resolve(__dirname, '../../openshift')) - - objects.push(...oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/deploy-master.yaml`, { - 'param':{ - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'ENV_NAME': phases[phase].phase, - 'ROUTE_HOST': `${phases[phase].name}${phases[phase].suffix}-${phases[phase].namespace}.${phases[phase].ocpName}.gov.bc.ca` - } - })) - - objects.push(...oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/deploy-slave.yaml`, { - 'param':{ - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'SLAVE_NAME': 'slave', - 'SLAVE_LABELS': 'build deploy test ui-test', - 'SLAVE_EXECUTORS': '3', - 'CPU_REQUEST': '300m', - 'CPU_LIMIT': '500m', - 'MEMORY_REQUEST': '2Gi', - 'MEMORY_LIMIT': '2Gi' - } - })) - - oc.applyRecommendedLabels(objects, phases[phase].name, phase, `${changeId}`, phases[phase].instance) - oc.importImageStreams(objects, phases[phase].tag, phases.build.namespace, phases.build.tag) - oc.applyAndDeploy(objects, phases[phase].instance) - -} diff --git a/.jenkins-v3/.pipeline/npmw b/.jenkins-v3/.pipeline/npmw deleted file mode 100755 index 8b392c0f8..000000000 --- a/.jenkins-v3/.pipeline/npmw +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh -set +x -type -t nvm && nvm deactivate -export NVM_DIR="$(git rev-parse --show-toplevel)/.nvm" -if [ ! -f "$NVM_DIR/nvm.sh" ]; then - mkdir -p "${NVM_DIR}" - curl -sSL -o- https://raw.githubusercontent.com/creationix/nvm/v0.34.0/install.sh | bash &>/dev/null -fi -source "$NVM_DIR/nvm.sh" &>/dev/null -METHOD=script nvm install --no-progress &>/dev/null -nvm use &>/dev/null -exec npm "$@" --max-old-space-size=8192 diff --git a/.jenkins-v3/.pipeline/package-lock.json b/.jenkins-v3/.pipeline/package-lock.json deleted file mode 100644 index 10aadbae1..000000000 --- a/.jenkins-v3/.pipeline/package-lock.json +++ /dev/null @@ -1,89 +0,0 @@ -{ - "name": "pipeline", - "version": "1.0.0", - "lockfileVersion": 1, - "requires": true, - "dependencies": { - "@bcgov/pipeline-cli": { - "version": "1.0.1-0", - "resolved": "https://registry.npmjs.org/@bcgov/pipeline-cli/-/pipeline-cli-1.0.1-0.tgz", - "integrity": "sha512-DXneptaJuG81Vo+GotZaS4M78uOVnocCCzte6UghOkO+Bt8EQ6xlPblITPXiNDCufO7gOnEmB4T/pyh1ZBnvcw==", - "requires": { - "debug": "^4.1.0", - "lodash.isempty": "^4.0.1", - "lodash.isfunction": "^3.0.9", - "lodash.isplainobject": "^4.0.6", - "lodash.isstring": "^4.0.1", - "snakecase-keys": "^3.1.0" - } - }, - "debug": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", - "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", - "requires": { - "ms": "^2.1.1" - } - }, - "lodash.isempty": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/lodash.isempty/-/lodash.isempty-4.4.0.tgz", - "integrity": "sha1-b4bL7di+TsmHvpqvM8loTbGzHn4=" - }, - "lodash.isfunction": { - "version": "3.0.9", - "resolved": "https://registry.npmjs.org/lodash.isfunction/-/lodash.isfunction-3.0.9.tgz", - "integrity": "sha512-AirXNj15uRIMMPihnkInB4i3NHeb4iBtNg9WRWuK2o31S+ePwwNmDPaTL3o7dTJ+VXNZim7rFs4rxN4YU1oUJw==" - }, - "lodash.isplainobject": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz", - "integrity": "sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs=" - }, - "lodash.isstring": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz", - "integrity": "sha1-1SfftUVuynzJu5XV2ur4i6VKVFE=" - }, - "map-obj": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/map-obj/-/map-obj-4.1.0.tgz", - "integrity": "sha512-glc9y00wgtwcDmp7GaE/0b0OnxpNJsVf3ael/An6Fe2Q51LLwN1er6sdomLRzz5h0+yMpiYLhWYF5R7HeqVd4g==" - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" - }, - "snakecase-keys": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/snakecase-keys/-/snakecase-keys-3.1.0.tgz", - "integrity": "sha512-QM038drLbhdOY5HcRQVjO1ZJ1WR7yV5D5TIBzcOB/g3f5HURHhfpYEnvOyzXet8K+MQsgeIUA7O7vn90nAX6EA==", - "requires": { - "map-obj": "^4.0.0", - "to-snake-case": "^1.0.0" - } - }, - "to-no-case": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/to-no-case/-/to-no-case-1.0.2.tgz", - "integrity": "sha1-xyKQcWTvaxeBMsjmmTAhLRtKoWo=" - }, - "to-snake-case": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/to-snake-case/-/to-snake-case-1.0.0.tgz", - "integrity": "sha1-znRpE4l5RgGah+Yu366upMYIq4w=", - "requires": { - "to-space-case": "^1.0.0" - } - }, - "to-space-case": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/to-space-case/-/to-space-case-1.0.0.tgz", - "integrity": "sha1-sFLar7Gysp3HcM6gFj5ewOvJ/Bc=", - "requires": { - "to-no-case": "^1.0.0" - } - } - } -} diff --git a/.jenkins-v3/.pipeline/package.json b/.jenkins-v3/.pipeline/package.json deleted file mode 100644 index 03bfc0798..000000000 --- a/.jenkins-v3/.pipeline/package.json +++ /dev/null @@ -1,23 +0,0 @@ -{ - "name": "pipeline", - "version": "1.0.0", - "description": "This a pipeliene script", - "engines": { - "node": ">=8" - }, - "scripts": { - "build": "node build.js", - "clean": "node clean.js", - "deploy": "node deploy.js", - "version": "echo \"node@$(node --version) ($(which node))\" && echo \"npm@$(npm --version) ($(which npm))\" && npm ls" - }, - "repository": { - "type": "git", - "url": "git+https://github.com/bcgov/zeva.git" - }, - "author": "", - "license": "Apache-2.0", - "dependencies": { - "@bcgov/pipeline-cli": "^1.0.1-0" - } -} diff --git a/.jenkins-v3/Jenkinsfile b/.jenkins-v3/Jenkinsfile deleted file mode 100644 index 0a40c8b7d..000000000 --- a/.jenkins-v3/Jenkinsfile +++ /dev/null @@ -1,57 +0,0 @@ -pipeline { - agent none - options { - disableResume() - } - stages { - stage('Build') { - agent { label 'build' } - steps { - script { - def filesInThisCommitAsString = sh(script:"git diff --name-only HEAD~1..HEAD | grep '^.jenkins-v3/' || echo -n ''", returnStatus: false, returnStdout: true).trim() - def hasChangesInPath = (filesInThisCommitAsString.length() > 0) - echo "${filesInThisCommitAsString}" - if (!currentBuild.rawBuild.getCauses()[0].toString().contains('UserIdCause') && !hasChangesInPath){ - currentBuild.rawBuild.delete() - error("No changes detected in the path ('^.jenkins-v3/')") - } - } - echo "Aborting all running jobs ..." - script { - abortAllPreviousBuildInProgress(currentBuild) - } - echo "BRANCH_NAME:${env.BRANCH_NAME}\nCHANGE_ID:${env.CHANGE_ID}\nCHANGE_TARGET:${env.CHANGE_TARGET}" - echo "Building ..." - sh "cd .jenkins-v3/.pipeline && ./npmw ci && ./npmw run build -- --pr=${CHANGE_ID}" - } - } - stage('Deploy (DEV)') { - agent { label 'deploy' } - steps { - echo "Deploying ..." - sh "cd .jenkins-v3/.pipeline && ./npmw ci && DEBUG=info* ./npmw run deploy -- --pr=${CHANGE_ID} --env=dev" - } - } - stage('Deploy (PROD)') { - agent { label 'deploy' } - input { - message "Should we continue with deployment to PROD?" - ok "Yes!" - } - steps { - echo "Deploying ..." - sh "cd .jenkins-v3/.pipeline && ./npmw ci && ./npmw run deploy -- --pr=${CHANGE_ID} --env=prod" - } - } - stage('Acceptance') { - agent { label 'deploy' } - input { - message "Should we continue with cleanup?" - ok "Yes!" - } - steps { - echo "Cleaning ..." - } - } - } -} \ No newline at end of file diff --git a/.jenkins-v3/README.md b/.jenkins-v3/README.md deleted file mode 100644 index e338c2aba..000000000 --- a/.jenkins-v3/README.md +++ /dev/null @@ -1,43 +0,0 @@ -# Overview - -For running locally, it is recommended to use locally installed npm/node. The command snippets provide bellow assume you have npm/node installed. Also, the command lines are provided as subshell (within parthnesis) so that it will work regardless of of your current shell work directory, as long as it is within the git working directory. - -For running from a Jenkinsfile, it is recommened to replace `npm` with the provided `npmw` as it will download and install node/npm using `nvm`. - -Before running in any of your projects ensure that you have created proper GitHub and Slave User secrets below: -template.-github -template.-slave-user - -Github Webhooks are only created during the PROD deployment. - -Windows users can just do the `cd` manually to the root folder of their repo and remove `$(git rev-parse --show-toplevel)/` from the commands below. - -# Update OCP Name -Replace pathfinder with proper name in docker/contrib/jenkins/configuration/config.xml - -# Build -``` -( cd "$(git rev-parse --show-toplevel)/.jenkins/.pipeline" && npm run build -- --pr=0 --dev-mode=true ) -``` -Where: -`--pr=0` is used to set the pull request number to build from. -`--dev-mode=true` is used to indicate that the build will actually take the files in the current working directory, as opposed to a fresh `git clone` - -# Deploy to DEV -``` -( cd "$(git rev-parse --show-toplevel)/.jenkins/.pipeline" && npm run deploy -- --pr=0 --env=dev ) -``` - -# Deploy to PROD -``` -( cd "$(git rev-parse --show-toplevel)/.jenkins/.pipeline" && npm run deploy -- --pr=0 --env=prod ) -``` - -# Clean -The clean script can run against each persistent environment, starting from `build`. -``` -( cd "$(git rev-parse --show-toplevel)/.jenkins/.pipeline" && npm run clean -- --pr=0 --env=build ) -( cd "$(git rev-parse --show-toplevel)/.jenkins/.pipeline" && npm run clean -- --pr=0 --env=dev ) -``` - -*Warning*: Do *NOT* run against `test` or `prod`. It will cause *PERMANENT* deletion of all objects including `PVC`! be warned! diff --git a/.jenkins-v3/docker/Dockerfile b/.jenkins-v3/docker/Dockerfile deleted file mode 100644 index 1eec80a27..000000000 --- a/.jenkins-v3/docker/Dockerfile +++ /dev/null @@ -1,11 +0,0 @@ -FROM jenkins/core/there - -USER 0 -COPY ./contrib/jenkins/configuration $JENKINS_REF_HOME - -RUN set -x && \ - chgrp -R 0 $JENKINS_REF_HOME && \ - chmod -R 644 $JENKINS_REF_HOME && \ - chmod -R g+rwX $JENKINS_REF_HOME - -USER 1001 diff --git a/.jenkins-v3/docker/contrib/jenkins/configuration/config.xml b/.jenkins-v3/docker/contrib/jenkins/configuration/config.xml deleted file mode 100644 index 7128df567..000000000 --- a/.jenkins-v3/docker/contrib/jenkins/configuration/config.xml +++ /dev/null @@ -1,110 +0,0 @@ - - - - GitHubHookRegisterProblemMonitor - jenkins.security.QueueItemAuthenticatorMonitor - - 2.176.1 - RUNNING - 0 - EXCLUSIVE - true - - com.cloudbees.plugins.credentials.CredentialsProvider.Create:kuanfandevops-admin-edit-view - com.cloudbees.plugins.credentials.CredentialsProvider.Delete:kuanfandevops-admin-edit-view - com.cloudbees.plugins.credentials.CredentialsProvider.ManageDomains:kuanfandevops-admin-edit-view - com.cloudbees.plugins.credentials.CredentialsProvider.Update:kuanfandevops-admin-edit-view - com.cloudbees.plugins.credentials.CredentialsProvider.View:kuanfandevops-admin-edit-view - hudson.model.Computer.Configure:kuanfandevops-admin-edit-view - hudson.model.Computer.Connect:jenkins-slave - hudson.model.Computer.Create:jenkins-slave - hudson.model.Computer.Delete:kuanfandevops-admin-edit-view - hudson.model.Hudson.Administer:kuanfandevops-admin-edit-view - hudson.model.Hudson.Read:jenkins-slave - hudson.model.Hudson.Read:kuanfandevops-admin-edit-view - hudson.model.Hudson.RunScripts:kuanfandevops-admin-edit-view - hudson.model.Item.Build:kuanfandevops-admin-edit-view - hudson.model.Item.Cancel:kuanfandevops-admin-edit-view - hudson.model.Item.Configure:kuanfandevops-admin-edit-view - hudson.model.Item.Create:kuanfandevops-admin-edit-view - hudson.model.Item.Delete:kuanfandevops-admin-edit-view - hudson.model.Item.Discover:kuanfandevops-admin-edit-view - hudson.model.Item.Read:kuanfandevops-admin-edit-view - hudson.model.Item.Workspace:kuanfandevops-admin-edit-view - hudson.model.Run.Delete:kuanfandevops-admin-edit-view - hudson.model.Run.Update:kuanfandevops-admin-edit-view - hudson.model.View.Configure:kuanfandevops-admin-edit-view - hudson.model.View.Create:kuanfandevops-admin-edit-view - hudson.model.View.Delete:kuanfandevops-admin-edit-view - hudson.scm.SCM.Tag:kuanfandevops-admin-edit-view - - - /run/secrets/kubernetes.io/serviceaccount - jenkins-prod - https://openshift.default.svc - https://console.pathfinder.gov.bc.ca:8443 - system:serviceaccount:tbiwaq-tools:jenkins-prod - eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9.eyJpc3MiOiJrdWJlcm5ldGVzL3NlcnZpY2VhY2NvdW50Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9uYW1lc3BhY2UiOiJ0Yml3YXEtdG9vbHMiLCJrdWJlcm5ldGVzLmlvL3NlcnZpY2VhY2NvdW50L3NlY3JldC5uYW1lIjoiamVua2lucy1wcm9kLXRva2VuLWhteHo5Iiwia3ViZXJuZXRlcy5pby9zZXJ2aWNlYWNjb3VudC9zZXJ2aWNlLWFjY291bnQubmFtZSI6ImplbmtpbnMtcHJvZCIsImt1YmVybmV0ZXMuaW8vc2VydmljZWFjY291bnQvc2VydmljZS1hY2NvdW50LnVpZCI6IjEyZDJlYWNlLTJjMTItMTFlYS1hZGNkLTAwNTA1NjgzNDhjYyIsInN1YiI6InN5c3RlbTpzZXJ2aWNlYWNjb3VudDp0Yml3YXEtdG9vbHM6amVua2lucy1wcm9kIn0.PJ7GysGdZdy3uPSLUmFRLUHZHpkocbPV08aXGeeIW5zWWlbwlWMHeTyiF3Tqo4ToYMhcXmqhFukEr6NNRtgxrVUsHuOx4i7OH8UFrW1TeXYgPBBUpfwXhOoIhhTA2Jl5lbWVvsPNNoB_f-SFe3cqcNC0sIctb2EwIl6CBV8JksjfWtxSXzJGkdBYFf9mvBftCq7QlEYVoMWBJ_goOd-j3ITHyo5klVFdmLN4i7GphWPcoFMEsxxEGhbvbG3NNiwA0J_43Ueo6po7V-UH9HNTuD38coqWJbK3PXsr9IUrlncVqj3pbWi3P9Ir_CInjInALpCQPiOupBZ7w2BfgiHdAA - tbiwaq-tools - - https://console.pathfinder.gov.bc.ca:8443 - https://console.pathfinder.gov.bc.ca:8443/oauth/authorize - https://console.pathfinder.gov.bc.ca:8443/oauth/token - - - - true - - ${JENKINS_HOME}/workspace/${ITEM_FULL_NAME} - ${JENKINS_HOME}/builds/${ITEM_FULL_NAME} - - - - - - - openshift - - - - false - false - false - http://jenkins-prod.tbiwaq-tools.svc:8080 - jenkins-prod.tbiwaq-tools.svc:50000 - 10 - 5 - 5 - 15 - false - 32 - 600 - - - - 5 - 0 - - - - all - false - false - - - - all - 50000 - - JNLP-connect - JNLP2-connect - JNLP3-connect - - - - true - - - - true - diff --git a/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/_jenkins/config.xml b/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/_jenkins/config.xml deleted file mode 100644 index b2e832507..000000000 --- a/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/_jenkins/config.xml +++ /dev/null @@ -1,64 +0,0 @@ - - - - - - - - - - - - - - - false - - - - - - - true - -1 - -1 - - - false - - - - - 7a55c783-db16-45ad-82cc-23792286d6c3 - github-account - bcgov - zeva - - - 2 - - - - 2 - - - - - - - - - - - - - - - - - - .jenkins-v3/Jenkinsfile - - \ No newline at end of file diff --git a/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva-release-pipelines/config.xml b/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva-release-pipelines/config.xml deleted file mode 100644 index b97a091e6..000000000 --- a/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva-release-pipelines/config.xml +++ /dev/null @@ -1,22 +0,0 @@ - - - - - - - - All - false - false - - - - - - - - false - - - - diff --git a/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva-release-pipelines/jobs/develop-pipeline/config.xml b/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva-release-pipelines/jobs/develop-pipeline/config.xml deleted file mode 100644 index 8a1237a48..000000000 --- a/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva-release-pipelines/jobs/develop-pipeline/config.xml +++ /dev/null @@ -1,36 +0,0 @@ - - - - - false - - - - false - false - - - - - 2 - - - https://github.com/bcgov/zeva.git - github-account - - - - - release-pipeline - - - false - - - - openshift/pipelines/Jenkinsfile-develop - false - - - false - diff --git a/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva/config.xml b/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva/config.xml deleted file mode 100644 index cb03dd84e..000000000 --- a/.jenkins-v3/docker/contrib/jenkins/configuration/jobs/zeva/config.xml +++ /dev/null @@ -1,64 +0,0 @@ - - - - - - - - - - - - - - - false - - - - - - - true - -1 - -1 - - - false - - - - - 2c0c5c5b-6d52-4ae1-aefb-00b5bbd7c7e3 - github-account - bcgov - zeva - - - 2 - - - - 2 - - - - - - - - - - - - - - - - - - Jenkinsfile-v3 - - \ No newline at end of file diff --git a/.jenkins-v3/docker/contrib/jenkins/configuration/scripts.groovy.d/on-gh-event.groovy b/.jenkins-v3/docker/contrib/jenkins/configuration/scripts.groovy.d/on-gh-event.groovy deleted file mode 100644 index 3c912bb4f..000000000 --- a/.jenkins-v3/docker/contrib/jenkins/configuration/scripts.groovy.d/on-gh-event.groovy +++ /dev/null @@ -1,133 +0,0 @@ -import groovy.json.* - -class OnGhEvent extends Script { - -static Map exec(List args, File workingDirectory=null, Appendable stdout=null, Appendable stderr=null, Closure stdin=null){ - ProcessBuilder builder = new ProcessBuilder(args as String[]) - if (stderr ==null){ - builder.redirectErrorStream(true) - } - if (workingDirectory!=null){ - builder.directory(workingDirectory) - } - def proc = builder.start() - - if (stdin!=null) { - OutputStream out = proc.getOutputStream(); - stdin(out) - out.flush(); - out.close(); - } - - if (stdout == null ){ - stdout = new StringBuffer() - } - - proc.waitForProcessOutput(stdout, stderr) - int exitValue= proc.exitValue() - - Map ret = ['out': stdout, 'err': stderr, 'status':exitValue, 'cmd':args] - - return ret -} - - def run() { - String ghPayload = build.buildVariableResolver.resolve("payload") - String ghEventType = build.buildVariableResolver.resolve("x_github_event") - String buildNumber = build.getNumber() - String fullName = build.getProject().getFullName() - - File workDir = new File("/tmp/jenkins/on-gh-event/${fullName}/${buildNumber}") - try{ - if ("pull_request" == ghEventType){ - def payload = new JsonSlurper().parseText(ghPayload) - if ("closed" == payload.action){ - File gitWorkDir = workDir - def ghRepo=com.cloudbees.jenkins.GitHubRepositoryName.create(payload.repository.clone_url).resolveOne() - boolean isFromCollaborator=ghRepo.root.retrieve().asHttpStatusCode(ghRepo.getApiTailUrl("collaborators/${payload.pull_request.user.login}")) == 204 - String cloneUrl = payload.repository.clone_url - String sourceBranch = isFromCollaborator?"refs/pull/${payload.number}/head":"refs/heads/${payload.pull_request.base.ref}" - println "Is Collaborator:${isFromCollaborator} (${payload.pull_request.user.login})" - println "Clone Url:${cloneUrl}" - println "Checkout Branch:${sourceBranch}" - - println exec(['mkdir', '-p', gitWorkDir.getAbsolutePath()]) - println exec(['rm', '-rf', gitWorkDir.getAbsolutePath()]) - println exec(['git', 'init', gitWorkDir.getAbsolutePath()]) - println exec(['git', 'remote', 'add', 'origin', payload.repository.clone_url], gitWorkDir) - println exec(['git', 'fetch', '--no-tags', payload.repository.clone_url, "+${sourceBranch}:PR-${payload.number}"], gitWorkDir) - println exec(['git', 'checkout', "PR-${payload.number}"] , gitWorkDir) - - def pipelines = new FileNameFinder().getFileNames(gitWorkDir.getAbsolutePath(), '**/.pipeline-v3/package.json') - pipelines.each { - def pipelineWorkDir = new File(it).getParentFile() - println exec(['./npmw', 'ci'], pipelineWorkDir) - println exec(['./npmw', 'run', 'clean' ,'--' ,"--pr=${payload.number}", '--env=transient'], pipelineWorkDir) - } - } - }else if ("issue_comment" == ghEventType){ - def payload = new JsonSlurper().parseText(ghPayload) - if ("created" == payload.action && payload.issue.pull_request !=null ){ - String comment = payload.comment.body.trim() - - //OWNER or COLLABORATOR - //https://developer.github.com/v4/enum/commentauthorassociation/ - String commentAuthorAssociation = payload.comment.author_association - if (comment.charAt(0) == '/'){ - println "command: ${comment}" - String jobName= payload.repository.name - String jobPRName = payload.repository.full_name - - List projects = jenkins.model.Jenkins.instance.getAllItems(org.jenkinsci.plugins.workflow.multibranch.WorkflowMultiBranchProject.class).findAll { - def scmSource=it.getSCMSources()[0] - return payload.repository.owner.login.equalsIgnoreCase(scmSource.getRepoOwner()) && payload.repository.name.equalsIgnoreCase(scmSource.getRepository()) - } - List branchProjects = [] - projects.each { - def branchProject = it.getItem("PR-${payload.issue.number}") - if (branchProject!=null){ - branchProjects.add(branchProject) - } - } - - if (comment == '/restart' && (commentAuthorAssociation == 'OWNER' || commentAuthorAssociation == 'COLLABORATOR')){ - // - branchProjects.each { - def targetProject=it - def cause = new hudson.model.Cause.RemoteCause('github.com', "Pull Request Command By '${payload.comment.user.login}'") - targetProject.scheduleBuild(0, cause) - } - }else if (comment == '/approve' && (commentAuthorAssociation == 'OWNER' || commentAuthorAssociation == 'COLLABORATOR')){ - if (branchProjects.size() > 0){ - branchProjects.each { targetJob -> - if (targetJob.getLastBuild()){ - hudson.security.ACL.impersonate(hudson.security.ACL.SYSTEM, { - for (org.jenkinsci.plugins.workflow.support.steps.input.InputAction inputAction : targetJob.getLastBuild().getActions(org.jenkinsci.plugins.workflow.support.steps.input.InputAction.class)){ - for (org.jenkinsci.plugins.workflow.support.steps.input.InputStepExecution inputStep:inputAction.getExecutions()){ - if (!inputStep.isSettled()){ - println inputStep.proceed(null) - } - } - } - } as Runnable ) - } - } - }else{ - println "There is no project or build associated with ${payload.issue.pull_request.html_url}" - } - } - } - } - } - }finally{ - exec(['rm', '-rf', workDir.getAbsolutePath()]) - } - - - return null; - } //end run - - static void main(String[] args) { - org.codehaus.groovy.runtime.InvokerHelper.runScript(OnGhEvent, args) - } -} \ No newline at end of file diff --git a/.jenkins-v3/openshift/build-master.yaml b/.jenkins-v3/openshift/build-master.yaml deleted file mode 100644 index 2f562121d..000000000 --- a/.jenkins-v3/openshift/build-master.yaml +++ /dev/null @@ -1,81 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: jenkins -objects: -- apiVersion: v1 - kind: ImageStream - metadata: - creationTimestamp: null - labels: - shared: "true" - name: ${NAME} - spec: - lookupPolicy: - local: false -- apiVersion: v1 - kind: BuildConfig - metadata: - creationTimestamp: null - name: ${NAME}${SUFFIX} - spec: - failedBuildsHistoryLimit: 2 - output: - to: - kind: ImageStreamTag - name: ${NAME}:${VERSION} - postCommit: {} - resources: - limits: - cpu: 2000m - memory: 4Gi - requests: - cpu: 500m - memory: 1Gi - runPolicy: SerialLatestOnly - source: - contextDir: .jenkins-v3/docker - git: - ref: ${SOURCE_REPOSITORY_REF} - uri: ${SOURCE_REPOSITORY_URL} - type: Git - strategy: - dockerStrategy: - from: - kind: ImageStreamTag - name: ${SOURCE_IMAGE_STREAM_TAG} - namespace: ${SOURCE_IMAGE_STREAM_NAMESPACE} - type: Docker - successfulBuildsHistoryLimit: 2 - triggers: - - type: ConfigChange - - imageChange: {} - type: ImageChange -parameters: -- description: A name used for all objects - displayName: Name - name: NAME - required: true - value: jenkins -- description: A name suffix used for all objects - displayName: Suffix - name: SUFFIX - required: false - value: "" -- description: A version used for the image tags - displayName: version - name: VERSION - required: true - value: v1.0.0 -- name: SOURCE_IMAGE_STREAM_NAMESPACE - required: true - value: bcgov -- name: SOURCE_IMAGE_STREAM_TAG - required: true - value: jenkins-basic:v2-latest -- name: SOURCE_REPOSITORY_URL - required: true -- name: SOURCE_REPOSITORY_REF - required: false - value: tools diff --git a/.jenkins-v3/openshift/build-slave.yaml b/.jenkins-v3/openshift/build-slave.yaml deleted file mode 100644 index 25fb7a4df..000000000 --- a/.jenkins-v3/openshift/build-slave.yaml +++ /dev/null @@ -1,110 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: jenkins -objects: - - apiVersion: v1 - kind: ImageStream - metadata: - creationTimestamp: null - labels: - shared: "true" - name: ${NAME}-slave-${SLAVE_NAME} - spec: - lookupPolicy: - local: false - - apiVersion: v1 - kind: BuildConfig - metadata: - creationTimestamp: null - name: ${NAME}-slave-${SLAVE_NAME}${SUFFIX} - spec: - failedBuildsHistoryLimit: 2 - output: - to: - kind: ImageStreamTag - name: ${NAME}-slave-${SLAVE_NAME}:${VERSION} - postCommit: {} - resources: - limits: - cpu: "1" - memory: 1Gi - requests: - cpu: "1" - memory: 1Gi - runPolicy: SerialLatestOnly - source: - # contextDir: ${SOURCE_CONTEXT_DIR} - # git: - # ref: ${SOURCE_GIT_REF} - # uri: ${SOURCE_GIT_URL} - # type: Git - dockerfile: | - FROM BuildConfig - USER 0 - RUN fix_permission(){ while [[ $# > 0 ]] ; do chgrp -R 0 "$1" && chmod -R g=u "$1"; shift; done } && \ - set -x && \ - mkdir /opt/flywaydb && \ - curl -sSL https://repo1.maven.org/maven2/org/flywaydb/flyway-commandline/5.2.4/flyway-commandline-5.2.4-linux-x64.tar.gz | tar xvz --strip-components=1 -C /opt/flywaydb && \ - ln -s /opt/flywaydb/flyway /usr/local/bin && \ - mkdir /opt/liquibase && \ - curl -sSL https://github.com/liquibase/liquibase/releases/download/liquibase-parent-3.6.3/liquibase-3.6.3-bin.tar.gz | tar xvz -C /opt/liquibase --exclude=sdk --exclude=liquibase.bat && \ - ln -s /opt/liquibase/liquibase /usr/local/bin && \ - curl -sSL -o /tmp/sonnar-scanner-cli.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-3.3.0.1492-linux.zip && \ - unzip /tmp/sonnar-scanner-cli.zip -d /tmp/sonnar-scanner-cli && \ - mv /tmp/sonnar-scanner-cli/sonar-scanner-3.3.0.1492-linux /opt/sonnar-scanner && \ - ln -s /opt/sonnar-scanner/bin/sonar-scanner /usr/local/bin && \ - rm -rf /tmp/sonnar-scanner-cli.zip && \ - rm -rf /tmp/sonnar-scanner-cli && \ - fix_permission '/opt/flywaydb' '/opt/liquibase' '/opt/sonnar-scanner' - USER 1001 - type: Dockerfile - strategy: - dockerStrategy: - from: - kind: ImageStreamTag - name: ${SOURCE_IMAGE_STREAM_TAG} - namespace: ${SOURCE_IMAGE_STREAM_NAMESPACE} - type: Docker - successfulBuildsHistoryLimit: 2 - triggers: - - type: ConfigChange - - imageChange: - from: - kind: ImageStreamTag - name: ${SOURCE_IMAGE_STREAM_TAG} - namespace: ${SOURCE_IMAGE_STREAM_NAMESPACE} - type: ImageChange -parameters: - - description: A name used for all objects - displayName: Name - name: NAME - required: true - value: jenkins - - description: A name suffix used for all objects - displayName: Suffix - name: SUFFIX - required: false - value: "-0" - - description: A version used for the image tags - displayName: version - name: VERSION - required: true - value: latest - - name: SLAVE_NAME - value: build - - name: SOURCE_IMAGE_STREAM_NAMESPACE - value: "" - - name: SOURCE_IMAGE_STREAM_TAG - required: true - value: "jenkins:build-v2.0-0" - - name: SOURCE_GIT_URL - required: true - value: https://github.com/cvarjao-o/hello-world.git - - name: SOURCE_GIT_REF - required: true - value: master - - name: SOURCE_CONTEXT_DIR - required: true - value: .jenkins-v3/docker-slave diff --git a/.jenkins-v3/openshift/deploy-master.yaml b/.jenkins-v3/openshift/deploy-master.yaml deleted file mode 100644 index 6fc928356..000000000 --- a/.jenkins-v3/openshift/deploy-master.yaml +++ /dev/null @@ -1,297 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: jenkins -objects: -- apiVersion: v1 - kind: ImageStream - metadata: - creationTimestamp: null - labels: - shared: "true" - name: ${NAME} - spec: - lookupPolicy: - local: false -- apiVersion: v1 - kind: Secret - metadata: - annotations: - as-copy-of: template.${NAME}-slave-user - as-copy-of/preserve: password - name: ${NAME}${SUFFIX}-slave-user - stringData: - metadata.name: ${NAME}${SUFFIX}-slave-user - password: ${SLAVE_USER_PASSWORD} - username: jenkins-slave - type: kubernetes.io/basic-auth -- apiVersion: v1 - kind: Secret - metadata: - annotations: - as-copy-of: template.${NAME}-github - name: ${NAME}${SUFFIX}-github - stringData: - metadata.name: ${NAME}${SUFFIX}-github - password: ${GITHUB_TOKEN} - username: ${GITHUB_USERNAME} - type: kubernetes.io/basic-auth -- apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - annotations: - volume.beta.kubernetes.io/storage-class: netapp-file-standard - volume.beta.kubernetes.io/storage-provisioner: kubernetes.io/glusterfs - name: ${NAME}${SUFFIX} - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 1Gi -- apiVersion: v1 - kind: ServiceAccount - metadata: - annotations: - serviceaccounts.openshift.io/oauth-redirectreference.jenkins: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"${NAME}${SUFFIX}"}}' - name: ${NAME}${SUFFIX} -- apiVersion: v1 - groupNames: null - kind: RoleBinding - metadata: - name: ${NAME}${SUFFIX}_edit - roleRef: - name: edit - subjects: - - kind: ServiceAccount - name: ${NAME}${SUFFIX} -- apiVersion: v1 - groupNames: null - kind: RoleBinding - metadata: - name: ${NAME}${SUFFIX}_admin - roleRef: - name: admin - subjects: - - kind: ServiceAccount - name: ${NAME}${SUFFIX} -- apiVersion: v1 - kind: DeploymentConfig - metadata: - annotations: - template.alpha.openshift.io/wait-for-ready: "true" - creationTimestamp: null - name: ${NAME}${SUFFIX} - spec: - replicas: 1 - revisionHistoryLimit: 10 - selector: - deploymentconfig: ${NAME}${SUFFIX} - strategy: - activeDeadlineSeconds: 21600 - recreateParams: - timeoutSeconds: 600 - resources: {} - type: Recreate - template: - metadata: - creationTimestamp: null - labels: - deploymentconfig: ${NAME}${SUFFIX} - spec: - containers: - - command: - - /usr/local/bin/container-entrypoint - - /usr/local/bin/jenkins-run - env: - - name: USE_JAVA_DIAGNOSTICS - value: "true" - - name: JENKINS_URL - value: https://${ROUTE_HOST}${ROUTE_PATH} - - name: ENV_NAME - value: ${ENV_NAME} - - name: ENV_ID - value: ${ENV_ID} - image: ' ' - imagePullPolicy: Always - livenessProbe: - failureThreshold: 3 - httpGet: - path: /login - port: 8080 - initialDelaySeconds: 420 - periodSeconds: 360 - timeoutSeconds: 240 - name: jenkins - ports: - - containerPort: 50000 - protocol: TCP - - containerPort: 8080 - protocol: TCP - readinessProbe: - httpGet: - path: /login - port: 8080 - initialDelaySeconds: 3 - timeoutSeconds: 240 - resources: - limits: - cpu: "2" - memory: 2Gi - requests: - cpu: 300m - memory: 2Gi - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/lib/jenkins/jobs - name: jenkins-jobs - readOnly: false - - mountPath: /var/run/pod - name: pod-metadata - - mountPath: /run/secrets/jenkins-slave-user - name: jenkins-slave-user - readOnly: true - - mountPath: /run/secrets/github - name: github - readOnly: true - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: ${NAME}${SUFFIX} - serviceAccountName: ${NAME}${SUFFIX} - terminationGracePeriodSeconds: 30 - volumes: - - name: jenkins-jobs - persistentVolumeClaim: - claimName: ${NAME}${SUFFIX} - - downwardAPI: - items: - - fieldRef: - fieldPath: metadata.name - name: name - path: name - - fieldRef: - fieldPath: metadata.namespace - name: namespace - path: namespace - - fieldRef: - fieldPath: metadata.labels - name: labels - path: labels - - fieldRef: - fieldPath: metadata.annotations - name: annotations - path: annotations - name: pod-metadata - - name: jenkins-slave-user - secret: - defaultMode: 420 - secretName: ${NAME}${SUFFIX}-slave-user - - name: github - secret: - defaultMode: 420 - secretName: ${NAME}${SUFFIX}-github - test: false - triggers: - - imageChangeParams: - automatic: true - containerNames: - - jenkins - from: - kind: ImageStreamTag - name: ${NAME}:${VERSION} - type: ImageChange - - type: ConfigChange -- apiVersion: v1 - kind: Service - metadata: - creationTimestamp: null - name: ${NAME}${SUFFIX} - spec: - ports: - - name: 8080-tcp - port: 8080 - protocol: TCP - targetPort: 8080 - - name: 50000-tcp - port: 50000 - protocol: TCP - targetPort: 50000 - selector: - deploymentconfig: ${NAME}${SUFFIX} - sessionAffinity: None - type: ClusterIP -- apiVersion: v1 - kind: Route - metadata: - creationTimestamp: null - name: ${NAME}${SUFFIX} - spec: - host: ${ROUTE_HOST} - path: ${ROUTE_PATH} - port: - targetPort: 8080-tcp - tls: - termination: edge - to: - kind: Service - name: ${NAME}${SUFFIX} - weight: 100 - wildcardPolicy: None -parameters: -- description: A name used for all objects - displayName: Name - name: NAME - required: true -- description: A name suffix used for all objects - displayName: Suffix - name: SUFFIX - required: false - value: "" -- description: A version used for the image tags - displayName: version - name: VERSION - required: true - value: v1.0.0 -- description: GITHUB_USERNAME - displayName: GITHUB_USERNAME - name: GITHUB_USERNAME - required: true - value: cvarjao -- description: ROUTE_HOST - displayName: ROUTE_HOST - name: ROUTE_HOST - required: true -- description: ROUTE_PATH - displayName: ROUTE_PATH - name: ROUTE_PATH - required: true - value: / -- description: Environment Name - displayName: ENV_NAME - name: ENV_NAME - required: true - value: prod -- description: Environment ID - displayName: ENV_ID - name: ENV_ID - required: true - value: prod -- description: SLAVE_USER_PASSWORD - displayName: SLAVE_USER_PASSWORD - from: '[a-zA-Z0-9]{16}' - generate: expression - name: SLAVE_USER_PASSWORD -- description: GITHUB_USERNAME - displayName: GITHUB_USERNAME - name: GITHUB_USERNAME - required: false - value: "" -- description: GitHub Personal Access Token - displayName: GITHUB_USERNAME - name: GITHUB_TOKEN - required: false - value: "" diff --git a/.jenkins-v3/openshift/deploy-prereq.yaml b/.jenkins-v3/openshift/deploy-prereq.yaml deleted file mode 100644 index 8ac749f4e..000000000 --- a/.jenkins-v3/openshift/deploy-prereq.yaml +++ /dev/null @@ -1,31 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -objects: -- apiVersion: v1 - kind: Secret - metadata: - annotations: null - name: template.${NAME}-slave-user - stringData: - metadata.name: template.${NAME}-slave-user - username: jenkins-slave -- apiVersion: v1 - kind: Secret - metadata: - annotations: null - name: template.${NAME}-github - stringData: - metadata.name: template.${NAME}-github - username: ${GH_USERNAME} - password: ${GH_ACCESS_TOKEN} -parameters: -- description: A name used for all objects - displayName: Name - name: NAME - required: true - value: jenkins -- name: GH_USERNAME - required: true -- description: GitHub Personal Access Token - name: GH_ACCESS_TOKEN - required: true diff --git a/.jenkins-v3/openshift/deploy-slave.yaml b/.jenkins-v3/openshift/deploy-slave.yaml deleted file mode 100644 index 6f992b259..000000000 --- a/.jenkins-v3/openshift/deploy-slave.yaml +++ /dev/null @@ -1,164 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: jenkins -objects: -- apiVersion: v1 - kind: DeploymentConfig - metadata: - creationTimestamp: null - name: ${NAME}-${SLAVE_NAME}${SUFFIX} - spec: - replicas: "${{REPLICAS}}" - revisionHistoryLimit: 10 - selector: - deploymentconfig: ${NAME}-${SLAVE_NAME}${SUFFIX} - strategy: - activeDeadlineSeconds: 21600 - recreateParams: - timeoutSeconds: 600 - resources: {} - type: Recreate - template: - metadata: - creationTimestamp: null - labels: - deploymentconfig: ${NAME}-${SLAVE_NAME}${SUFFIX} - spec: - initContainers: - - name: init - image: " " - command: - - "curl" - - "-sSf" - - "http://${NAME}${SUFFIX}:8080/login" - containers: - - command: - - bash - - -c - - cd $HOME && java -XshowSettings:vm -version && exec java -jar /usr/lib/jenkins/swarm-client.jar - -name "$(cat /etc/hostname)" -deleteExistingClients -fsroot "$JENKINS_HOME/$(cat - /etc/hostname)" -master http://$JENKINS_MASTER_SERVICE:8080 -disableSslVerification - -username "$(cat /var/run/secrets/jenkins-slave-user/username)" -passwordFile - /var/run/secrets/jenkins-slave-user/password -description "$(cat /etc/hostname)" - -executors ${SLAVE_EXECUTORS} -labels '${SLAVE_LABELS}' -mode - 'normal' -retry 10 -tunnel $JENKINS_MASTER_SERVICE:50000 -disableClientsUniqueId - env: - - name: JENKINS_MASTER_SERVICE - value: ${NAME}${SUFFIX} - - name: JAVA_TOOL_OPTIONS - value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap - -XX:MaxRAMFraction=5 -XX:MaxHeapFreeRatio=20 -XX:MinHeapFreeRatio=10 - -XX:+UseParallelGC -XX:ParallelGCThreads=2 - - name: ENV_NAME - value: ${ENV_NAME} - - name: ENV_ID - value: ${ENV_ID} - image: ' ' - imagePullPolicy: Always - name: jenkins - ports: - - containerPort: 50000 - protocol: TCP - - containerPort: 8080 - protocol: TCP - resources: - limits: - cpu: ${CPU_LIMIT} - memory: ${MEMORY_LIMIT} - requests: - cpu: ${CPU_REQUEST} - memory: ${MEMORY_REQUEST} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/run/pod - name: pod-metadata - - mountPath: /run/secrets/jenkins-slave-user - name: jenkins-slave-user - readOnly: true - - mountPath: /run/secrets/github - name: github - readOnly: true - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: ${NAME}${SUFFIX} - serviceAccountName: ${NAME}${SUFFIX} - terminationGracePeriodSeconds: 30 - volumes: - - name: jenkins-home - persistentVolumeClaim: - claimName: ${NAME}${SUFFIX} - - downwardAPI: - items: - - fieldRef: - fieldPath: metadata.name - name: name - path: name - - fieldRef: - fieldPath: metadata.namespace - name: namespace - path: namespace - - fieldRef: - fieldPath: metadata.labels - name: labels - path: labels - - fieldRef: - fieldPath: metadata.annotations - name: annotations - path: annotations - name: pod-metadata - - name: jenkins-slave-user - secret: - defaultMode: 420 - secretName: ${NAME}${SUFFIX}-slave-user - - name: github - secret: - defaultMode: 420 - secretName: ${NAME}${SUFFIX}-github - test: false - triggers: - - imageChangeParams: - automatic: true - containerNames: - - jenkins - - init - from: - kind: ImageStreamTag - name: ${NAME}:${VERSION} - type: ImageChange - - type: ConfigChange -parameters: -- description: A name used for all objects - displayName: Name - name: NAME - required: true -- description: A name suffix used for all objects - displayName: Suffix - name: SUFFIX - required: false - value: "" -- description: A version used for the image tags - displayName: version - name: VERSION - required: true - value: v1.0.0 -- name: SLAVE_NAME - required: true -- name: SLAVE_LABELS - value: "Linux rhel rhel7 build test deploy light" -- name: SLAVE_EXECUTORS - value: "3" -- name: REPLICAS - value: "1" -- name: CPU_REQUEST - value: "300m" -- name: CPU_LIMIT - value: "500m" -- name: MEMORY_REQUEST - value: "1Gi" -- name: MEMORY_LIMIT - value: "1Gi" \ No newline at end of file diff --git a/.jenkins-v3/openshift/secrets.json b/.jenkins-v3/openshift/secrets.json deleted file mode 100644 index 1add567d0..000000000 --- a/.jenkins-v3/openshift/secrets.json +++ /dev/null @@ -1,50 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "name": "jenkins", - "creationTimestamp": null - }, - "parameters":[ - { - "name": "NAME", - "displayName": "Name", - "description": "A name used for all objects", - "required": true, - "value": "jenkins" - },{ - "name": "GH_USERNAME", - "required": true - },{ - "name": "GH_PASSWORD", - "description": "GitHub Personal Access Token", - "required": true - } - ], - "objects": [ - { - "apiVersion": "v1", - "kind": "Secret", - "metadata": { - "annotations": null, - "name": "template.${NAME}-slave-user" - }, - "stringData": { - "metadata.name": "template.${NAME}-slave-user", - "username": "jenkins-slave" - } - },{ - "apiVersion": "v1", - "kind": "Secret", - "metadata": { - "annotations": null, - "name": "template.${NAME}-github" - }, - "stringData": { - "metadata.name": "template.${NAME}-github", - "username": "${GH_USERNAME}", - "password": "${GH_PASSWORD}" - } - } - ] -} \ No newline at end of file diff --git a/.pipeline-v3/.nvmrc b/.pipeline-v3/.nvmrc deleted file mode 100644 index 6b12bc745..000000000 --- a/.pipeline-v3/.nvmrc +++ /dev/null @@ -1 +0,0 @@ -v10.15.2 \ No newline at end of file diff --git a/.pipeline-v3/build.js b/.pipeline-v3/build.js deleted file mode 100755 index 3ac899f86..000000000 --- a/.pipeline-v3/build.js +++ /dev/null @@ -1,5 +0,0 @@ -'use strict'; -const task = require('./lib/build.js') -const settings = require('./lib/config.js') - -task(Object.assign(settings, { phase: 'build'})) diff --git a/.pipeline-v3/clean.js b/.pipeline-v3/clean.js deleted file mode 100755 index 42231d7ff..000000000 --- a/.pipeline-v3/clean.js +++ /dev/null @@ -1,5 +0,0 @@ -'use strict'; -const settings = require('./lib/config.js') -const task = require('./lib/clean.js') - -task(Object.assign(settings, { phase: settings.options.env})); diff --git a/.pipeline-v3/deploy-unittest.js b/.pipeline-v3/deploy-unittest.js deleted file mode 100644 index c6c95dedb..000000000 --- a/.pipeline-v3/deploy-unittest.js +++ /dev/null @@ -1,5 +0,0 @@ -'use strict'; -const settings = require('./lib/config.js') -const task = require('./lib/deploy-unittest.js') - -task(Object.assign(settings, { phase: settings.options.env})); diff --git a/.pipeline-v3/deploy.js b/.pipeline-v3/deploy.js deleted file mode 100755 index 5e34c9484..000000000 --- a/.pipeline-v3/deploy.js +++ /dev/null @@ -1,7 +0,0 @@ -'use strict'; -const settings = require('./lib/config.js') -const task = require('./lib/deploy.js') - -task(Object.assign(settings, { phase: settings.options.env})); - -console.log('real end of deploy') \ No newline at end of file diff --git a/.pipeline-v3/lib/build.js b/.pipeline-v3/lib/build.js deleted file mode 100755 index 7af84d2b5..000000000 --- a/.pipeline-v3/lib/build.js +++ /dev/null @@ -1,57 +0,0 @@ -"use strict"; -const { OpenShiftClientX } = require("@bcgov/pipeline-cli"); -const path = require("path"); - -module.exports = settings => { - const phases = settings.phases; - const options = settings.options; - const oc = new OpenShiftClientX(Object.assign({ namespace: phases.build.namespace }, options)); - const phase = "build"; - let objects = []; - const templatesLocalBaseUrl = oc.toFileUrl(path.resolve(__dirname, "../../openshift-v3")); - - // The building of your cool app goes here ▼▼▼ - //build envoy - /* - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/envoy/envoy-bc.yaml`, { - 'param':{ - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'GIT_URL': oc.git.http_url, - 'GIT_REF': oc.git.ref - } - })) - */ - - // build frontend - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-bc.yaml`, { - 'param':{ - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'GIT_URL': oc.git.http_url, - 'GIT_REF': oc.git.ref - } - })) - - //build backend - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/backend/backend-bc.yaml`, { - 'param':{ - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'GIT_URL': oc.git.http_url, - 'GIT_REF': oc.git.ref - } - })) - - oc.applyRecommendedLabels( - objects, - phases[phase].name, - phase, - phases[phase].changeId, - phases[phase].instance, - ); - oc.applyAndBuild(objects); -}; diff --git a/.pipeline-v3/lib/clean.js b/.pipeline-v3/lib/clean.js deleted file mode 100755 index 0c5ae9aea..000000000 --- a/.pipeline-v3/lib/clean.js +++ /dev/null @@ -1,134 +0,0 @@ -"use strict"; -const { OpenShiftClientX } = require("@bcgov/pipeline-cli"); -const KeyCloakClient = require('./keycloak'); - -const getTargetPhases = (env, phases) => { - let target_phase = []; - for (const phase in phases) { - if (env.match(/^(all|transient)$/) && phases[phase].transient) { - target_phase.push(phase); - } else if (env === phase) { - target_phase.push(phase); - break; - } - } - - return target_phase; -}; - -module.exports = settings => { - const phases = settings.phases; - const options = settings.options; - const oc = new OpenShiftClientX(Object.assign({ namespace: phases.build.namespace }, options)); - const target_phases = getTargetPhases(options.env, phases); - - target_phases.forEach(k => { - if (phases.hasOwnProperty(k)) { - - const phase = phases[k]; - oc.namespace(phase.namespace); - - if(k === 'dev') { - const kc = new KeyCloakClient(settings, oc); - kc.removeUris(); - } - - let buildConfigs = oc.get("bc", { - selector: `app=${phase.instance},env-id=${phase.changeId},!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, - namespace: phase.namespace, - }); - buildConfigs.forEach(bc => { - if (bc.spec.output.to.kind == "ImageStreamTag") { - oc.delete([`ImageStreamTag/${bc.spec.output.to.name}`], { - "ignore-not-found": "true", - wait: "true", - namespace: phase.namespace, - }); - } - }); - - let deploymentConfigs = oc.get("dc", { - selector: `app=${phase.instance},env-id=${phase.changeId},env-name=${k},!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, - namespace: phase.namespace, - }); - deploymentConfigs.forEach(dc => { - dc.spec.triggers.forEach(trigger => { - if ( - trigger.type == "ImageChange" && - trigger.imageChangeParams.from.kind == "ImageStreamTag" - ) { - oc.delete([`ImageStreamTag/${trigger.imageChangeParams.from.name}`], { - "ignore-not-found": "true", - wait: "true", - namespace: phase.namespace, - }); - } - }); - }); - - //get all statefulsets before they are deleted - const statefulsets = oc.get("statefulset", { - selector: `app=${phase.instance},env-id=${phase.changeId},!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, - namespace: phase.namespace, - }); - - oc.raw("delete", ["all"], { - selector: `app=${phase.instance},env-id=${phase.changeId},!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, - wait: "true", - namespace: phase.namespace, - }); - oc.raw( - "delete", - ["pvc,Secret,configmap,endpoints,RoleBinding,role,ServiceAccount,Endpoints"], - { - selector: `app=${phase.instance},env-id=${phase.changeId},!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, - wait: "true", - namespace: phase.namespace, - }, - ); - - //remove all the PVCs associated with each statefulset, after they get deleted by above delete all operation - statefulsets.forEach(statefulset => { - //delete PVCs mounted for statfulset - oc.raw("delete", ["pvc"], { - selector: `statefulset=${statefulset.metadata.name}`, - "ignore-not-found": "true", - wait: "true", - namespace: phase.namespace, - }); - /*** - //delete PVCs mounted in statfulset - let statefulsetPVCs = oc.get("pvc", { - selector: `statefulset=${statefulset.metadata.name}`, - namespace: phase.namespace, - }); - statefulsetPVCs.forEach(statefulsetPVC => { - oc.delete([`pvc/${statefulsetPVC.metadata.name}`], { - "ignore-not-found": "true", - wait: "true", - namespace: phase.namespace, - }); - }) - ****/ - //delete configmaps create by patroni - let patroniConfigmaps = oc.get("configmap", { - selector: `app.kubernetes.io/name=patroni,cluster-name=${statefulset.metadata.name}`, - namespace: phase.namespace, - }); - if(Object.entries(patroniConfigmaps).length > 0) { - oc.raw( - "delete", - ["configmap"], - { - selector: `app.kubernetes.io/name=patroni,cluster-name=${statefulset.metadata.name}`, - wait: "true", - "ignore-not-found": "true", - namespace: phase.namespace, - }, - ); - } - }); - - } - }); -}; diff --git a/.pipeline-v3/lib/config.js b/.pipeline-v3/lib/config.js deleted file mode 100644 index 633e58334..000000000 --- a/.pipeline-v3/lib/config.js +++ /dev/null @@ -1,55 +0,0 @@ -'use strict'; -const options= require('@bcgov/pipeline-cli').Util.parseArguments() -const changeId = options.pr //aka pull-request -const version = '1.0.0' -const name = 'zeva' -const ocpName = 'pathfinder' - -const phases = { - - build: {namespace:'tbiwaq-tools' , transient:true, name: `${name}`, phase: 'build', - changeId:`${changeId}`, suffix: `-build-${changeId}` , instance: `${name}-build-${changeId}`, - version:`${version}-${changeId}`, tag:`build-${version}-${changeId}`, ocpName: `${ocpName}`}, - - dev: {namespace:'tbiwaq-dev', transient:true, name: `${name}`, ssoSuffix:'-dev', - ssoName:'dev.oidc.gov.bc.ca', phase: 'dev' , changeId:`${changeId}`, suffix: `-dev-${changeId}`, - instance: `${name}-dev-${changeId}` , version:`${version}-${changeId}`, tag:`dev-${version}-${changeId}`, - host: `zeva-dev-${changeId}.${ocpName}.gov.bc.ca`, djangoDebug: 'True', logoutHost: 'logontest.gov.bc.ca', - frontendCpuRequest: '100m', frontendCpuLimit: '700m', frontendMemoryRequest: '300M', frontendMemoryLimit: '4G', frontendReplicas: 1, creditTransferEnabled: 'true', - backendCpuRequest: '300m', backendCpuLimit: '600m', backendMemoryRequest: '1G', backendMemoryLimit: '2G', backendHealthCheckDelay: 30, backendHost: `zeva-backend-dev-${changeId}.${ocpName}.gov.bc.ca`, backendReplicas: 1, - minioCpuRequest: '100m', minioCpuLimit: '200m', minioMemoryRequest: '200M', minioMemoryLimit: '500M', minioPvcSize: '1G', - schemaspyCpuRequest: '50m', schemaspyCpuLimit: '200m', schemaspyMemoryRequest: '150M', schemaspyMemoryLimit: '300M', schemaspyHealthCheckDelay: 160, - rabbitmqCpuRequest: '250m', rabbitmqCpuLimit: '700m', rabbitmqMemoryRequest: '500M', rabbitmqMemoryLimit: '1G', rabbitmqPvcSize: '1G', rabbitmqReplica: 1, rabbitmqPostStartSleep: 120, storageClass: 'netapp-block-standard', - patroniCpuRequest: '200m', patroniCpuLimit: '400m', patroniMemoryRequest: '250M', patroniMemoryLimit: '500M', patroniPvcSize: '2G', patroniReplica: 1, storageClass: 'netapp-block-standard', ocpName: `${ocpName}`}, - - test: {namespace:'tbiwaq-test', name: `${name}`, ssoSuffix:'-test', - ssoName:'test.oidc.gov.bc.ca', phase: 'test' , changeId:`${changeId}`, suffix: `-test`, - instance: `${name}-test`, version:`${version}`, tag:`test-${version}`, - host: `zeva-test.${ocpName}.gov.bc.ca`, djangoDebug: 'False', logoutHost: 'logontest.gov.bc.ca', - frontendCpuRequest: '300m', frontendCpuLimit: '600m', frontendMemoryRequest: '500M', frontendMemoryLimit: '1G', frontendReplicas: 2, frontendMinReplicas: 2, frontendMaxReplicas: 5, creditTransferEnabled: 'true', - backendCpuRequest: '100m', backendCpuLimit: '500m', backendMemoryRequest: '500M', backendMemoryLimit: '2G', backendHealthCheckDelay: 30, backendReplicas: 1, backendMinReplicas: 2, backendMaxReplicas: 5, backendHost: `zeva-backend-test.${ocpName}.gov.bc.ca`, - minioCpuRequest: '100m', minioCpuLimit: '300m', minioMemoryRequest: '500M', minioMemoryLimit: '700M', minioPvcSize: '5G', - schemaspyCpuRequest: '20m', schemaspyCpuLimit: '200m', schemaspyMemoryRequest: '150M', schemaspyMemoryLimit: '300M', schemaspyHealthCheckDelay: 160, - rabbitmqCpuRequest: '250m', rabbitmqCpuLimit: '700m', rabbitmqMemoryRequest: '500M', rabbitmqMemoryLimit: '700M', rabbitmqPvcSize: '1G', rabbitmqReplica: 2, rabbitmqPostStartSleep: 120, storageClass: 'netapp-block-standard', - patroniCpuRequest: '500m', patroniCpuLimit: '1000m', patroniMemoryRequest: '500M', patroniMemoryLimit: '1G', patroniPvcSize: '5G', patroniReplica: 2, storageClass: 'netapp-block-standard', ocpName: `${ocpName}`}, - - prod: {namespace:'tbiwaq-prod', name: `${name}`, ssoSuffix:'', - ssoName:'oidc.gov.bc.ca', phase: 'prod' , changeId:`${changeId}`, suffix: `-prod`, - instance: `${name}-prod`, version:`${version}`, tag:`prod-${version}`, - host: `zeroemissionvehicles.${ocpName}.gov.bc.ca`, djangoDebug: 'False', logoutHost: 'logon7.gov.bc.ca', - frontendCpuRequest: '300m', frontendCpuLimit: '600m', frontendMemoryRequest: '1G', frontendMemoryLimit: '2G', frontendReplicas: 2, frontendMinReplicas: 2, frontendMaxReplicas: 5, creditTransferEnabled: 'false', - backendCpuRequest: '200m', backendCpuLimit: '700m', backendMemoryRequest: '1G', backendMemoryLimit: '2G', backendHealthCheckDelay: 30, backendReplicas: 1, backendMinReplicas: 2, backendMaxReplicas: 5, backendHost: `zeva-backend-prod.${ocpName}.gov.bc.ca`, - minioCpuRequest: '100m', minioCpuLimit: '300m', minioMemoryRequest: '500M', minioMemoryLimit: '700M', minioPvcSize: '10G', - schemaspyCpuRequest: '50m', schemaspyCpuLimit: '400m', schemaspyMemoryRequest: '150M', schemaspyMemoryLimit: '300M', schemaspyHealthCheckDelay: 160, - rabbitmqCpuRequest: '250m', rabbitmqCpuLimit: '700m', rabbitmqMemoryRequest: '500M', rabbitmqMemoryLimit: '1G', rabbitmqPvcSize: '5G', rabbitmqReplica: 3, rabbitmqPostStartSleep: 120, storageClass: 'netapp-block-standard', - patroniCpuRequest: '500m', patroniCpuLimit: '1000m', patroniMemoryRequest: '1G', patroniMemoryLimit: '2G', patroniPvcSize: '40G', patroniReplica: 3, storageClass: 'netapp-block-standard', ocpName: `${ocpName}`}, - -}; - -// This callback forces the node process to exit as failure. -process.on('unhandledRejection', (reason) => { - console.log(reason); - process.exit(1); -}); - -module.exports = exports = {phases, options}; diff --git a/.pipeline-v3/lib/deploy-unittest.js b/.pipeline-v3/lib/deploy-unittest.js deleted file mode 100644 index 83137acea..000000000 --- a/.pipeline-v3/lib/deploy-unittest.js +++ /dev/null @@ -1,67 +0,0 @@ -"use strict"; -const { OpenShiftClientX } = require("@bcgov/pipeline-cli"); -const path = require("path"); - -module.exports = settings => { - const phases = settings.phases; - const options = settings.options; - const phase = options.env; - const changeId = phases[phase].changeId; - const oc = new OpenShiftClientX(Object.assign({namespace: phases[phase].namespace}, options)); - - const templatesLocalBaseUrl = oc.toFileUrl(path.resolve(__dirname, "../../openshift-v3")); - var objects = []; - - // The deployment of your cool app goes here ▼▼▼ - - //deploy separate database and backend pod for unit test - if( phase === 'dev' ) { - - //create unit test database init scripts - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/unittest/zeva-postgresql-init.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix - } - })) - - //deploy postgresql unit test - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/unittest/postgresql-dc-unittest.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'ENV_NAME': phases[phase].phase - } - })) - - //deploy backend unit test - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/unittest/backend-dc-unittest.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'ENV_NAME': phases[phase].phase, - 'BACKEND_HOST_NAME': phases[phase].backendHost, - 'RABBITMQ_CLUSTER_NAME': 'rabbitmq-cluster', - 'CPU_REQUEST': phases[phase].backendCpuRequest, - 'CPU_LIMIT': '700m', - 'MEMORY_REQUEST': phases[phase].backendMemoryRequest, - 'MEMORY_LIMIT': phases[phase].backendMemoryLimit, - 'HEALTH_CHECK_DELAY': phases[phase].backendHealthCheckDelay, - 'REPLICAS': phases[phase].backendReplicas - } - })) - - } - - oc.applyRecommendedLabels( - objects, - phases[phase].name, - phase, - `${changeId}`, - phases[phase].instance, - ); - oc.importImageStreams(objects, phases[phase].tag, phases.build.namespace, phases.build.tag); - oc.applyAndDeploy(objects, phases[phase].instance); - -}; diff --git a/.pipeline-v3/lib/deploy.js b/.pipeline-v3/lib/deploy.js deleted file mode 100755 index 6209d0c8d..000000000 --- a/.pipeline-v3/lib/deploy.js +++ /dev/null @@ -1,210 +0,0 @@ -"use strict"; -const { OpenShiftClientX } = require("@bcgov/pipeline-cli"); -const path = require("path"); -const KeyCloakClient = require('./keycloak'); - -module.exports = settings => { - const phases = settings.phases; - const options = settings.options; - const phase = options.env; - const changeId = phases[phase].changeId; - const oc = new OpenShiftClientX(Object.assign({namespace: phases[phase].namespace}, options)); - - //add Valid Redirect URIs for the pull request to keycloak - if(phase === 'dev') { - const kc = new KeyCloakClient(settings, oc); - kc.addUris(); - } - - const templatesLocalBaseUrl = oc.toFileUrl(path.resolve(__dirname, "../../openshift-v3")); - var objects = []; - - // The deployment of your cool app goes here ▼▼▼ - - // create configs - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/config/configmap.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'ENV_NAME': phases[phase].phase, - 'HOST_NAME': phases[phase].host, - 'BACKEND_HOST_NAME': phases[phase].backendHost, - 'SSO_NAME': phases[phase].ssoName, - 'KEYCLOAK_REALM': 'rzh2zkjq', - 'DJANGO_DEBUG': phases[phase].djangoDebug, - 'OCP_NAME': phases[phase].ocpName, - 'LOGOUT_HOST': phases[phase].logoutHost - } - })) - - /*** remove minio deployment in pr pipeline, one pre-deployed minio will serve all prs - * minio configurations stay in config.js unchanged - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/minio/minio-dc.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'ENV_NAME': phases[phase].phase, - 'PVC_SIZE': phases[phase].minioPvcSize, - 'CPU_REQUEST': phases[phase].minioCpuRequest, - 'CPU_LIMIT': phases[phase].minioCpuLimit, - 'MEMORY_REQUEST': phases[phase].minioMemoryRequest, - 'MEMORY_LIMIT': phases[phase].minioMemoryRequest - } - })) - */ - - //deploy Patroni required secrets - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/patroni/deployment-prereq.yaml`, { - 'param': { - 'NAME': 'patroni', - 'SUFFIX': phases[phase].suffix - } - })) - //deploy Patroni - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/patroni/deployment.yaml`, { - 'param': { - 'NAME': 'patroni', - 'ENV_NAME': phases[phase].phase, - 'SUFFIX': phases[phase].suffix, - 'CPU_REQUEST': phases[phase].patroniCpuRequest, - 'CPU_LIMIT': phases[phase].patroniCpuLimit, - 'MEMORY_REQUEST': phases[phase].patroniMemoryRequest, - 'MEMORY_LIMIT': phases[phase].patroniMemoryLimit, - 'IMAGE_REGISTRY': 'docker-registry.default.svc:5000', - 'IMAGE_STREAM_NAMESPACE': phases[phase].namespace, - 'IMAGE_STREAM_TAG': 'patroni:v10-stable', - 'REPLICA': phases[phase].patroniReplica, - 'PVC_SIZE': phases[phase].patroniPvcSize, - 'STORAGE_CLASS': phases[phase].storageClass - } - })) - - //only deploy rabbitmq secret and configmap, rabbitmq is not being used yet 20200921 - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/rabbitmq/rabbitmq-secret-configmap-only.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'ENV_NAME': phases[phase].phase, - 'SUFFIX': phases[phase].suffix, - 'NAMESPACE': phases[phase].namespace, - 'CLUSTER_NAME': 'rabbitmq-cluster' - } - })) - - /** - //deploy rabbitmq, use docker image directly - //POST_START_SLEEP is harded coded in the rabbitmq template, replacement was not successful - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/rabbitmq/rabbitmq-cluster-dc.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'ENV_NAME': phases[phase].phase, - 'SUFFIX': phases[phase].suffix, - 'NAMESPACE': phases[phase].namespace, - 'CLUSTER_NAME': 'rabbitmq-cluster', - 'ISTAG': `docker-registry.default.svc:5000/${phases[phase].namespace}/rabbitmq:3.8.3-management`, - 'SERVICE_ACCOUNT': 'rabbitmq-discovery', - 'VOLUME_SIZE': phases[phase].rabbitmqPvcSize, - 'CPU_REQUEST': phases[phase].rabbitmqCpuRequest, - 'CPU_LIMIT': phases[phase].rabbitmqCpuLimit, - 'MEMORY_REQUEST': phases[phase].rabbitmqMemoryRequest, - 'MEMORY_LIMIT': phases[phase].rabbitmqMemoryLimit, - 'REPLICA': phases[phase].rabbitmqReplica, - 'POST_START_SLEEP': phases[phase].rabbitmqPostStartSleep, - 'STORAGE_CLASS': phases[phase].storageClass - } - })) - */ - - // deploy frontend configmap - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-configmap.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'CREDIT_TRANSFER_ENABLED': phases[phase].creditTransferEnabled - } - })) - - // deploy frontend - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-dc.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'ENV_NAME': phases[phase].phase, - 'HOST_NAME': phases[phase].host, - 'CPU_REQUEST': phases[phase].frontendCpuRequest, - 'CPU_LIMIT': phases[phase].frontendCpuLimit, - 'MEMORY_REQUEST': phases[phase].frontendMemoryRequest, - 'MEMORY_LIMIT': phases[phase].frontendMemoryLimit, - 'REPLICAS': phases[phase].frontendReplicas - } - })) - - //deploy backend - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/backend/backend-dc.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'ENV_NAME': phases[phase].phase, - 'BACKEND_HOST_NAME': phases[phase].backendHost, - 'RABBITMQ_CLUSTER_NAME': 'rabbitmq-cluster', - 'CPU_REQUEST': phases[phase].backendCpuRequest, - 'CPU_LIMIT': phases[phase].backendCpuLimit, - 'MEMORY_REQUEST': phases[phase].backendMemoryRequest, - 'MEMORY_LIMIT': phases[phase].backendMemoryLimit, - 'HEALTH_CHECK_DELAY': phases[phase].backendHealthCheckDelay, - 'REPLICAS': phases[phase].backendReplicas - } - })) - - //deploy schemaspy - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/schemaspy/schemaspy-dc.yaml`, { - 'param': { - 'SUFFIX': phases[phase].suffix, - 'ENV_NAME': phases[phase].phase, - 'CPU_REQUEST': phases[phase].schemaspyCpuRequest, - 'CPU_LIMIT': phases[phase].schemaspyCpuLimit, - 'MEMORY_REQUEST': phases[phase].schemaspyMemoryRequest, - 'MEMORY_LIMIT': phases[phase].schemaspyMemoryLimit, - 'HEALTH_CHECK_DELAY': phases[phase].schemaspyHealthCheckDelay, - 'OCP_NAME': phases[phase].ocpName - } - })) - - //add autoacaler - /***** - if(phase === 'test' || phase === 'prod') { - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-autoscaler.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'MIN_REPLICAS': phases[phase].frontendMinReplicas, - 'MAX_REPLICAS': phases[phase].frontendMaxReplicas - } - })) - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/backend/backend-autoscaler.yaml`, { - 'param': { - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'MIN_REPLICAS': phases[phase].backendMinReplicas, - 'MAX_REPLICAS': phases[phase].backendMaxReplicas - } - })) - } - ********/ - - console.log('Start to deploy ..') - - oc.applyRecommendedLabels( - objects, - phases[phase].name, - phase, - `${changeId}`, - phases[phase].instance, - ); - oc.importImageStreams(objects, phases[phase].tag, phases.build.namespace, phases.build.tag); - oc.applyAndDeploy(objects, phases[phase].instance); - - console.log('End of deploy ..') - -}; diff --git a/.pipeline-v3/lib/keycloak.js b/.pipeline-v3/lib/keycloak.js deleted file mode 100644 index 5310a10b6..000000000 --- a/.pipeline-v3/lib/keycloak.js +++ /dev/null @@ -1,137 +0,0 @@ -"use strict"; -const axios = require("axios"); -const _ = require("lodash"); -//code reference https://github.com/bcgov/HMCR/blob/0.7/.pipeline/lib/keycloak.js -module.exports = class KeyCloakClient { - constructor(settings, oc) { - this.phases = settings.phases; - this.options = settings.options; - this.oc = oc; - this.zevaHost = this.phases.dev.host; - } - - async init() { - - this.getSecrets(); - - this.apiTokenPath = `/auth/realms/${this.realmId}/protocol/openid-connect/token`; - this.zevaPublicClientPath = `auth/admin/realms/${this.realmId}/clients/${this.zevaClientId}`; - - this.api = axios.create({ - baseURL: `https://${this.ssoHost}` - }); - - const token = await this.getAccessToken(); - - this.api.defaults.headers.common = { - Authorization: `Bearer ${token}` - }; - } - - getSecrets() { - const keycloakSecret = this.oc.raw("get", [ - "secret", - "zeva-keycloak", - "-o", - "json" - ]); - const secret = JSON.parse(keycloakSecret.stdout).data; - - this.clientId = Buffer.from(secret.clientId, "base64").toString(); - this.clientSecret = Buffer.from(secret.clientSecret, "base64").toString(); - this.zevaClientId = Buffer.from(secret.zevaPublic, "base64").toString(); - this.realmId = Buffer.from(secret.realmId, "base64").toString(); - this.ssoHost = Buffer.from(secret.host, "base64").toString(); - - if (!this.clientId || !this.clientSecret || !this.zevaClientId) - throw new Error( - "Unable to retrieve Keycloak service account info from OpenShift" - ); - } - - getAccessToken() { - - return this.api - .post(this.apiTokenPath, "grant_type=client_credentials", { - headers: { "Content-Type": "application/x-www-form-urlencoded" }, - auth: { - username: this.clientId, - password: this.clientSecret - } - }) - .then(function(response) { - if (!response.data.access_token) - throw new Error( - "Unable to retrieve Keycloak service account access token" - ); - - return Promise.resolve(response.data.access_token); - }); - } - - async getUris() { - - const response = await this.api.get(this.zevaPublicClientPath); - - const data = { ...response.data }; - const redirectUris = data.redirectUris; - - return { data, redirectUris }; - } - - async addUris() { - await this.init(); - - console.log("Attempting to add RedirectUri and WebOrigins"); - - const { data, redirectUris} = await this.getUris(); - - const putData = { id: data.id, clientId: data.clientId }; - - const hasRedirectUris = redirectUris.find(item => - item.includes(this.zevaHost) - ); - - if (!hasRedirectUris) { - redirectUris.push(`https://${this.zevaHost}/*`); - putData.redirectUris = redirectUris; - } - - if (!(hasRedirectUris)) { - this.api - .put(this.zevaPublicClientPath, putData) - .then(() => console.log("RedirectUri and WebOrigins added.")); - } else { - console.log("RedirectUri and WebOrigins add skipped."); - } - } - - async removeUris() { - await this.init(); - - console.log("Attempting to remove RedirectUri and WebOrigins"); - - const { data, redirectUris } = await this.getUris(); - - const putData = { id: data.id, clientId: data.clientId }; - - const hasRedirectUris = redirectUris.find(item => - item.includes(this.zevaHost) - ); - - if (hasRedirectUris) { - putData.redirectUris = redirectUris.filter( - item => !item.includes(this.zevaHost) - ); - } - - if (hasRedirectUris) { - this.api - .put(this.zevaPublicClientPath, putData) - .then(() => console.log("RedirectUri and WebOrigins removed.")); - } else { - console.log("RedirectUri and WebOrigins remove skipped."); - } - - } -}; diff --git a/.pipeline-v3/npmw b/.pipeline-v3/npmw deleted file mode 100755 index 1eed7c953..000000000 --- a/.pipeline-v3/npmw +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh -set +x -type -t nvm && nvm deactivate -export NVM_DIR="$(git rev-parse --show-toplevel)/.nvm" -if [ ! -f "$NVM_DIR/nvm.sh" ]; then - mkdir -p "${NVM_DIR}" - curl -sSL -o- https://raw.githubusercontent.com/creationix/nvm/v0.34.0/install.sh | bash &>/dev/null -fi -source "$NVM_DIR/nvm.sh" &>/dev/null -METHOD=script nvm install --no-progress &>/dev/null -nvm use &>/dev/null -exec npm "$@" diff --git a/.pipeline-v3/package-lock.json b/.pipeline-v3/package-lock.json deleted file mode 100644 index 08d80ef00..000000000 --- a/.pipeline-v3/package-lock.json +++ /dev/null @@ -1,988 +0,0 @@ -{ - "name": "pipeline", - "version": "1.0.0", - "lockfileVersion": 1, - "requires": true, - "dependencies": { - "@bcgov/gh-deploy": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/@bcgov/gh-deploy/-/gh-deploy-1.1.4.tgz", - "integrity": "sha512-O5XNCnbQouxaZbL8fkijpnh6odcWRhsymzSt6O0F3vC1uNY9scQoGf1fP6R4wllEgjgorrASQu7xi2fShsHikA==", - "requires": { - "@oclif/command": "^1.5.19", - "@oclif/config": "^1.13.3", - "@oclif/plugin-help": "^2.2.1", - "@octokit/rest": "^16.43.1", - "globby": "^10.0.1" - } - }, - "@bcgov/pipeline-cli": { - "version": "1.0.1-0", - "resolved": "https://registry.npmjs.org/@bcgov/pipeline-cli/-/pipeline-cli-1.0.1-0.tgz", - "integrity": "sha512-DXneptaJuG81Vo+GotZaS4M78uOVnocCCzte6UghOkO+Bt8EQ6xlPblITPXiNDCufO7gOnEmB4T/pyh1ZBnvcw==", - "requires": { - "debug": "^4.1.0", - "lodash.isempty": "^4.0.1", - "lodash.isfunction": "^3.0.9", - "lodash.isplainobject": "^4.0.6", - "lodash.isstring": "^4.0.1", - "snakecase-keys": "^3.1.0" - } - }, - "@nodelib/fs.scandir": { - "version": "2.1.3", - "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.3.tgz", - "integrity": "sha512-eGmwYQn3gxo4r7jdQnkrrN6bY478C3P+a/y72IJukF8LjB6ZHeB3c+Ehacj3sYeSmUXGlnA67/PmbM9CVwL7Dw==", - "requires": { - "@nodelib/fs.stat": "2.0.3", - "run-parallel": "^1.1.9" - } - }, - "@nodelib/fs.stat": { - "version": "2.0.3", - "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.3.tgz", - "integrity": "sha512-bQBFruR2TAwoevBEd/NWMoAAtNGzTRgdrqnYCc7dhzfoNvqPzLyqlEQnzZ3kVnNrSp25iyxE00/3h2fqGAGArA==" - }, - "@nodelib/fs.walk": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.4.tgz", - "integrity": "sha512-1V9XOY4rDW0rehzbrcqAmHnz8e7SKvX27gh8Gt2WgB0+pdzdiLV83p72kZPU+jvMbS1qU5mauP2iOvO8rhmurQ==", - "requires": { - "@nodelib/fs.scandir": "2.1.3", - "fastq": "^1.6.0" - } - }, - "@oclif/command": { - "version": "1.5.19", - "resolved": "https://registry.npmjs.org/@oclif/command/-/command-1.5.19.tgz", - "integrity": "sha512-6+iaCMh/JXJaB2QWikqvGE9//wLEVYYwZd5sud8aLoLKog1Q75naZh2vlGVtg5Mq/NqpqGQvdIjJb3Bm+64AUQ==", - "requires": { - "@oclif/config": "^1", - "@oclif/errors": "^1.2.2", - "@oclif/parser": "^3.8.3", - "@oclif/plugin-help": "^2", - "debug": "^4.1.1", - "semver": "^5.6.0" - } - }, - "@oclif/config": { - "version": "1.14.0", - "resolved": "https://registry.npmjs.org/@oclif/config/-/config-1.14.0.tgz", - "integrity": "sha512-KsOP/mx9lzTah+EtGqLUXN3PDL0J3zb9/dTneFyiUK2K6T7vFEGhV6OasmqTh4uMZHGYTGrNPV8x/Yw6qZNL6A==", - "requires": { - "@oclif/errors": "^1.0.0", - "@oclif/parser": "^3.8.0", - "debug": "^4.1.1", - "tslib": "^1.9.3" - } - }, - "@oclif/errors": { - "version": "1.2.2", - "resolved": "https://registry.npmjs.org/@oclif/errors/-/errors-1.2.2.tgz", - "integrity": "sha512-Eq8BFuJUQcbAPVofDxwdE0bL14inIiwt5EaKRVY9ZDIG11jwdXZqiQEECJx0VfnLyUZdYfRd/znDI/MytdJoKg==", - "requires": { - "clean-stack": "^1.3.0", - "fs-extra": "^7.0.0", - "indent-string": "^3.2.0", - "strip-ansi": "^5.0.0", - "wrap-ansi": "^4.0.0" - } - }, - "@oclif/linewrap": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/@oclif/linewrap/-/linewrap-1.0.0.tgz", - "integrity": "sha512-Ups2dShK52xXa8w6iBWLgcjPJWjais6KPJQq3gQ/88AY6BXoTX+MIGFPrWQO1KLMiQfoTpcLnUwloN4brrVUHw==" - }, - "@oclif/parser": { - "version": "3.8.4", - "resolved": "https://registry.npmjs.org/@oclif/parser/-/parser-3.8.4.tgz", - "integrity": "sha512-cyP1at3l42kQHZtqDS3KfTeyMvxITGwXwH1qk9ktBYvqgMp5h4vHT+cOD74ld3RqJUOZY/+Zi9lb4Tbza3BtuA==", - "requires": { - "@oclif/linewrap": "^1.0.0", - "chalk": "^2.4.2", - "tslib": "^1.9.3" - } - }, - "@oclif/plugin-help": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/@oclif/plugin-help/-/plugin-help-2.2.3.tgz", - "integrity": "sha512-bGHUdo5e7DjPJ0vTeRBMIrfqTRDBfyR5w0MP41u0n3r7YG5p14lvMmiCXxi6WDaP2Hw5nqx3PnkAIntCKZZN7g==", - "requires": { - "@oclif/command": "^1.5.13", - "chalk": "^2.4.1", - "indent-string": "^4.0.0", - "lodash.template": "^4.4.0", - "string-width": "^3.0.0", - "strip-ansi": "^5.0.0", - "widest-line": "^2.0.1", - "wrap-ansi": "^4.0.0" - }, - "dependencies": { - "indent-string": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-4.0.0.tgz", - "integrity": "sha512-EdDDZu4A2OyIK7Lr/2zG+w5jmbuk1DVBnEwREQvBzspBJkCEbRa8GxU1lghYcaGJCnRWibjDXlq779X1/y5xwg==" - }, - "string-width": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-3.1.0.tgz", - "integrity": "sha512-vafcv6KjVZKSgz06oM/H6GDBrAtz8vdhQakGjFIvNrHA6y3HCF1CInLy+QLq8dTJPQ1b+KDUqDFctkdRW44e1w==", - "requires": { - "emoji-regex": "^7.0.1", - "is-fullwidth-code-point": "^2.0.0", - "strip-ansi": "^5.1.0" - } - } - } - }, - "@octokit/auth-token": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/@octokit/auth-token/-/auth-token-2.4.0.tgz", - "integrity": "sha512-eoOVMjILna7FVQf96iWc3+ZtE/ZT6y8ob8ZzcqKY1ibSQCnu4O/B7pJvzMx5cyZ/RjAff6DAdEb0O0Cjcxidkg==", - "requires": { - "@octokit/types": "^2.0.0" - } - }, - "@octokit/endpoint": { - "version": "5.5.3", - "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-5.5.3.tgz", - "integrity": "sha512-EzKwkwcxeegYYah5ukEeAI/gYRLv2Y9U5PpIsseGSFDk+G3RbipQGBs8GuYS1TLCtQaqoO66+aQGtITPalxsNQ==", - "requires": { - "@octokit/types": "^2.0.0", - "is-plain-object": "^3.0.0", - "universal-user-agent": "^5.0.0" - }, - "dependencies": { - "universal-user-agent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-5.0.0.tgz", - "integrity": "sha512-B5TPtzZleXyPrUMKCpEHFmVhMN6EhmJYjG5PQna9s7mXeSqGTLap4OpqLl5FCEFUI3UBmllkETwKf/db66Y54Q==", - "requires": { - "os-name": "^3.1.0" - } - } - } - }, - "@octokit/plugin-paginate-rest": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/@octokit/plugin-paginate-rest/-/plugin-paginate-rest-1.1.2.tgz", - "integrity": "sha512-jbsSoi5Q1pj63sC16XIUboklNw+8tL9VOnJsWycWYR78TKss5PVpIPb1TUUcMQ+bBh7cY579cVAWmf5qG+dw+Q==", - "requires": { - "@octokit/types": "^2.0.1" - } - }, - "@octokit/plugin-request-log": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/@octokit/plugin-request-log/-/plugin-request-log-1.0.0.tgz", - "integrity": "sha512-ywoxP68aOT3zHCLgWZgwUJatiENeHE7xJzYjfz8WI0goynp96wETBF+d95b8g/uL4QmS6owPVlaxiz3wyMAzcw==" - }, - "@octokit/plugin-rest-endpoint-methods": { - "version": "2.4.0", - "resolved": "https://registry.npmjs.org/@octokit/plugin-rest-endpoint-methods/-/plugin-rest-endpoint-methods-2.4.0.tgz", - "integrity": "sha512-EZi/AWhtkdfAYi01obpX0DF7U6b1VRr30QNQ5xSFPITMdLSfhcBqjamE3F+sKcxPbD7eZuMHu3Qkk2V+JGxBDQ==", - "requires": { - "@octokit/types": "^2.0.1", - "deprecation": "^2.3.1" - } - }, - "@octokit/request": { - "version": "5.3.2", - "resolved": "https://registry.npmjs.org/@octokit/request/-/request-5.3.2.tgz", - "integrity": "sha512-7NPJpg19wVQy1cs2xqXjjRq/RmtSomja/VSWnptfYwuBxLdbYh2UjhGi0Wx7B1v5Iw5GKhfFDQL7jM7SSp7K2g==", - "requires": { - "@octokit/endpoint": "^5.5.0", - "@octokit/request-error": "^1.0.1", - "@octokit/types": "^2.0.0", - "deprecation": "^2.0.0", - "is-plain-object": "^3.0.0", - "node-fetch": "^2.3.0", - "once": "^1.4.0", - "universal-user-agent": "^5.0.0" - }, - "dependencies": { - "universal-user-agent": { - "version": "5.0.0", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-5.0.0.tgz", - "integrity": "sha512-B5TPtzZleXyPrUMKCpEHFmVhMN6EhmJYjG5PQna9s7mXeSqGTLap4OpqLl5FCEFUI3UBmllkETwKf/db66Y54Q==", - "requires": { - "os-name": "^3.1.0" - } - } - } - }, - "@octokit/request-error": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-1.2.1.tgz", - "integrity": "sha512-+6yDyk1EES6WK+l3viRDElw96MvwfJxCt45GvmjDUKWjYIb3PJZQkq3i46TwGwoPD4h8NmTrENmtyA1FwbmhRA==", - "requires": { - "@octokit/types": "^2.0.0", - "deprecation": "^2.0.0", - "once": "^1.4.0" - } - }, - "@octokit/rest": { - "version": "16.43.1", - "resolved": "https://registry.npmjs.org/@octokit/rest/-/rest-16.43.1.tgz", - "integrity": "sha512-gfFKwRT/wFxq5qlNjnW2dh+qh74XgTQ2B179UX5K1HYCluioWj8Ndbgqw2PVqa1NnVJkGHp2ovMpVn/DImlmkw==", - "requires": { - "@octokit/auth-token": "^2.4.0", - "@octokit/plugin-paginate-rest": "^1.1.1", - "@octokit/plugin-request-log": "^1.0.0", - "@octokit/plugin-rest-endpoint-methods": "2.4.0", - "@octokit/request": "^5.2.0", - "@octokit/request-error": "^1.0.2", - "atob-lite": "^2.0.0", - "before-after-hook": "^2.0.0", - "btoa-lite": "^1.0.0", - "deprecation": "^2.0.0", - "lodash.get": "^4.4.2", - "lodash.set": "^4.3.2", - "lodash.uniq": "^4.5.0", - "octokit-pagination-methods": "^1.1.0", - "once": "^1.4.0", - "universal-user-agent": "^4.0.0" - } - }, - "@octokit/types": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/@octokit/types/-/types-2.3.1.tgz", - "integrity": "sha512-rvJP1Y9A/+Cky2C3var1vsw3Lf5Rjn/0sojNl2AjCX+WbpIHYccaJ46abrZoIxMYnOToul6S9tPytUVkFI7CXQ==", - "requires": { - "@types/node": ">= 8" - } - }, - "@types/events": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/@types/events/-/events-3.0.0.tgz", - "integrity": "sha512-EaObqwIvayI5a8dCzhFrjKzVwKLxjoG9T6Ppd5CEo07LRKfQ8Yokw54r5+Wq7FaBQ+yXRvQAYPrHwya1/UFt9g==" - }, - "@types/glob": { - "version": "7.1.1", - "resolved": "https://registry.npmjs.org/@types/glob/-/glob-7.1.1.tgz", - "integrity": "sha512-1Bh06cbWJUHMC97acuD6UMG29nMt0Aqz1vF3guLfG+kHHJhy3AyohZFFxYk2f7Q1SQIrNwvncxAE0N/9s70F2w==", - "requires": { - "@types/events": "*", - "@types/minimatch": "*", - "@types/node": "*" - } - }, - "@types/minimatch": { - "version": "3.0.3", - "resolved": "https://registry.npmjs.org/@types/minimatch/-/minimatch-3.0.3.tgz", - "integrity": "sha512-tHq6qdbT9U1IRSGf14CL0pUlULksvY9OZ+5eEgl1N7t+OA3tGvNpxJCzuKQlsNgCVwbAs670L1vcVQi8j9HjnA==" - }, - "@types/node": { - "version": "13.7.6", - "resolved": "https://registry.npmjs.org/@types/node/-/node-13.7.6.tgz", - "integrity": "sha512-eyK7MWD0R1HqVTp+PtwRgFeIsemzuj4gBFSQxfPHY5iMjS7474e5wq+VFgTcdpyHeNxyKSaetYAjdMLJlKoWqA==" - }, - "ansi-regex": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-4.1.0.tgz", - "integrity": "sha512-1apePfXM1UOSqw0o9IiFAovVz9M5S1Dg+4TrDwfMewQ6p/rmMueb7tWZjQ1rx4Loy1ArBggoqGpfqqdI4rondg==" - }, - "ansi-styles": { - "version": "3.2.1", - "resolved": "https://registry.npmjs.org/ansi-styles/-/ansi-styles-3.2.1.tgz", - "integrity": "sha512-VT0ZI6kZRdTh8YyJw3SMbYm/u+NqfsAxEpWO0Pf9sq8/e94WxxOpPKx9FR1FlyCtOVDNOQ+8ntlqFxiRc+r5qA==", - "requires": { - "color-convert": "^1.9.0" - } - }, - "array-union": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/array-union/-/array-union-2.1.0.tgz", - "integrity": "sha512-HGyxoOTYUyCM6stUe6EJgnd4EoewAI7zMdfqO+kGjnlZmBDz/cR5pf8r/cR4Wq60sL/p0IkcjUEEPwS3GFrIyw==" - }, - "atob-lite": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/atob-lite/-/atob-lite-2.0.0.tgz", - "integrity": "sha1-D+9a1G8b16hQLGVyfwNn1e5D1pY=" - }, - "axios": { - "version": "0.21.1", - "resolved": "https://registry.npmjs.org/axios/-/axios-0.21.1.tgz", - "integrity": "sha512-dKQiRHxGD9PPRIUNIWvZhPTPpl1rf/OxTYKsqKUDjBwYylTvV7SjSHJb9ratfyzM6wCdLCOYLzs73qpg5c4iGA==", - "requires": { - "follow-redirects": "^1.10.0" - } - }, - "balanced-match": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-1.0.0.tgz", - "integrity": "sha1-ibTRmasr7kneFk6gK4nORi1xt2c=" - }, - "before-after-hook": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/before-after-hook/-/before-after-hook-2.1.0.tgz", - "integrity": "sha512-IWIbu7pMqyw3EAJHzzHbWa85b6oud/yfKYg5rqB5hNE8CeMi3nX+2C2sj0HswfblST86hpVEOAb9x34NZd6P7A==" - }, - "brace-expansion": { - "version": "1.1.11", - "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-1.1.11.tgz", - "integrity": "sha512-iCuPHDFgrHX7H2vEI/5xpz07zSHB00TpugqhmYtVmMO6518mCuRMoOYFldEBl0g187ufozdaHgWKcYFb61qGiA==", - "requires": { - "balanced-match": "^1.0.0", - "concat-map": "0.0.1" - } - }, - "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", - "requires": { - "fill-range": "^7.0.1" - } - }, - "btoa-lite": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/btoa-lite/-/btoa-lite-1.0.0.tgz", - "integrity": "sha1-M3dm2hWAEhD92VbCLpxokaudAzc=" - }, - "chalk": { - "version": "2.4.2", - "resolved": "https://registry.npmjs.org/chalk/-/chalk-2.4.2.tgz", - "integrity": "sha512-Mti+f9lpJNcwF4tWV8/OrTTtF1gZi+f8FqlyAdouralcFWFQWF2+NgCHShjkCb+IFBLq9buZwE1xckQU4peSuQ==", - "requires": { - "ansi-styles": "^3.2.1", - "escape-string-regexp": "^1.0.5", - "supports-color": "^5.3.0" - } - }, - "clean-stack": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/clean-stack/-/clean-stack-1.3.0.tgz", - "integrity": "sha1-noIVAa6XmYbEax1m0tQy2y/UrjE=" - }, - "color-convert": { - "version": "1.9.3", - "resolved": "https://registry.npmjs.org/color-convert/-/color-convert-1.9.3.tgz", - "integrity": "sha512-QfAUtd+vFdAtFQcC8CCyYt1fYWxSqAiK2cSD6zDB8N3cpsEBAvRxp9zOGg6G/SHHJYAT88/az/IuDGALsNVbGg==", - "requires": { - "color-name": "1.1.3" - } - }, - "color-name": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/color-name/-/color-name-1.1.3.tgz", - "integrity": "sha1-p9BVi9icQveV3UIyj3QIMcpTvCU=" - }, - "concat-map": { - "version": "0.0.1", - "resolved": "https://registry.npmjs.org/concat-map/-/concat-map-0.0.1.tgz", - "integrity": "sha1-2Klr13/Wjfd5OnMDajug1UBdR3s=" - }, - "cross-spawn": { - "version": "6.0.5", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.5.tgz", - "integrity": "sha512-eTVLrBSt7fjbDygz805pMnstIs2VTBNkRm0qxZd+M7A5XDdxVRWO5MxGBXZhjY4cqLYLdtrGqRf8mBPmzwSpWQ==", - "requires": { - "nice-try": "^1.0.4", - "path-key": "^2.0.1", - "semver": "^5.5.0", - "shebang-command": "^1.2.0", - "which": "^1.2.9" - } - }, - "debug": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/debug/-/debug-4.1.1.tgz", - "integrity": "sha512-pYAIzeRo8J6KPEaJ0VWOh5Pzkbw/RetuzehGM7QRRX5he4fPHx2rdKMB256ehJCkX+XRQm16eZLqLNS8RSZXZw==", - "requires": { - "ms": "^2.1.1" - } - }, - "deprecation": { - "version": "2.3.1", - "resolved": "https://registry.npmjs.org/deprecation/-/deprecation-2.3.1.tgz", - "integrity": "sha512-xmHIy4F3scKVwMsQ4WnVaS8bHOx0DmVwRywosKhaILI0ywMDWPtBSku2HNxRvF7jtwDRsoEwYQSfbxj8b7RlJQ==" - }, - "dir-glob": { - "version": "3.0.1", - "resolved": "https://registry.npmjs.org/dir-glob/-/dir-glob-3.0.1.tgz", - "integrity": "sha512-WkrWp9GR4KXfKGYzOLmTuGVi1UWFfws377n9cc55/tb6DuqyF6pcQ5AbiHEshaDpY9v6oaSr2XCDidGmMwdzIA==", - "requires": { - "path-type": "^4.0.0" - } - }, - "emoji-regex": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/emoji-regex/-/emoji-regex-7.0.3.tgz", - "integrity": "sha512-CwBLREIQ7LvYFB0WyRvwhq5N5qPhc6PMjD6bYggFlI5YyDgl+0vxq5VHbMOFqLg7hfWzmu8T5Z1QofhmTIhItA==" - }, - "end-of-stream": { - "version": "1.4.4", - "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.4.tgz", - "integrity": "sha512-+uw1inIHVPQoaVuHzRyXd21icM+cnt4CzD5rW+NC1wjOUSTOs+Te7FOv7AhN7vS9x/oIyhLP5PR1H+phQAHu5Q==", - "requires": { - "once": "^1.4.0" - } - }, - "escape-string-regexp": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-1.0.5.tgz", - "integrity": "sha1-G2HAViGQqN/2rjuyzwIAyhMLhtQ=" - }, - "execa": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/execa/-/execa-1.0.0.tgz", - "integrity": "sha512-adbxcyWV46qiHyvSp50TKt05tB4tK3HcmF7/nxfAdhnox83seTDbwnaqKO4sXRy7roHAIFqJP/Rw/AuEbX61LA==", - "requires": { - "cross-spawn": "^6.0.0", - "get-stream": "^4.0.0", - "is-stream": "^1.1.0", - "npm-run-path": "^2.0.0", - "p-finally": "^1.0.0", - "signal-exit": "^3.0.0", - "strip-eof": "^1.0.0" - } - }, - "fast-glob": { - "version": "3.2.2", - "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.2.2.tgz", - "integrity": "sha512-UDV82o4uQyljznxwMxyVRJgZZt3O5wENYojjzbaGEGZgeOxkLFf+V4cnUD+krzb2F72E18RhamkMZ7AdeggF7A==", - "requires": { - "@nodelib/fs.stat": "^2.0.2", - "@nodelib/fs.walk": "^1.2.3", - "glob-parent": "^5.1.0", - "merge2": "^1.3.0", - "micromatch": "^4.0.2", - "picomatch": "^2.2.1" - } - }, - "fastq": { - "version": "1.6.0", - "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.6.0.tgz", - "integrity": "sha512-jmxqQ3Z/nXoeyDmWAzF9kH1aGZSis6e/SbfPmJpUnyZ0ogr6iscHQaml4wsEepEWSdtmpy+eVXmCRIMpxaXqOA==", - "requires": { - "reusify": "^1.0.0" - } - }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "requires": { - "to-regex-range": "^5.0.1" - } - }, - "follow-redirects": { - "version": "1.13.1", - "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.13.1.tgz", - "integrity": "sha512-SSG5xmZh1mkPGyKzjZP8zLjltIfpW32Y5QpdNJyjcfGxK3qo3NDDkZOZSFiGn1A6SclQxY9GzEwAHQ3dmYRWpg==" - }, - "fs-extra": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fs-extra/-/fs-extra-7.0.1.tgz", - "integrity": "sha512-YJDaCJZEnBmcbw13fvdAM9AwNOJwOzrE4pqMqBq5nFiEqXUqHwlK4B+3pUw6JNvfSPtX05xFHtYy/1ni01eGCw==", - "requires": { - "graceful-fs": "^4.1.2", - "jsonfile": "^4.0.0", - "universalify": "^0.1.0" - } - }, - "fs.realpath": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", - "integrity": "sha1-FQStJSMVjKpA20onh8sBQRmU6k8=" - }, - "get-stream": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/get-stream/-/get-stream-4.1.0.tgz", - "integrity": "sha512-GMat4EJ5161kIy2HevLlr4luNjBgvmj413KaQA7jt4V8B4RDsfpHk7WQ9GVqfYyyx8OS/L66Kox+rJRNklLK7w==", - "requires": { - "pump": "^3.0.0" - } - }, - "glob": { - "version": "7.1.6", - "resolved": "https://registry.npmjs.org/glob/-/glob-7.1.6.tgz", - "integrity": "sha512-LwaxwyZ72Lk7vZINtNNrywX0ZuLyStrdDtabefZKAY5ZGJhVtgdznluResxNmPitE0SAO+O26sWTHeKSI2wMBA==", - "requires": { - "fs.realpath": "^1.0.0", - "inflight": "^1.0.4", - "inherits": "2", - "minimatch": "^3.0.4", - "once": "^1.3.0", - "path-is-absolute": "^1.0.0" - } - }, - "glob-parent": { - "version": "5.1.0", - "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.0.tgz", - "integrity": "sha512-qjtRgnIVmOfnKUE3NJAQEdk+lKrxfw8t5ke7SXtfMTHcjsBfOfWXCQfdb30zfDoZQ2IRSIiidmjtbHZPZ++Ihw==", - "requires": { - "is-glob": "^4.0.1" - } - }, - "globby": { - "version": "10.0.2", - "resolved": "https://registry.npmjs.org/globby/-/globby-10.0.2.tgz", - "integrity": "sha512-7dUi7RvCoT/xast/o/dLN53oqND4yk0nsHkhRgn9w65C4PofCLOoJ39iSOg+qVDdWQPIEj+eszMHQ+aLVwwQSg==", - "requires": { - "@types/glob": "^7.1.1", - "array-union": "^2.1.0", - "dir-glob": "^3.0.1", - "fast-glob": "^3.0.3", - "glob": "^7.1.3", - "ignore": "^5.1.1", - "merge2": "^1.2.3", - "slash": "^3.0.0" - } - }, - "graceful-fs": { - "version": "4.2.3", - "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.3.tgz", - "integrity": "sha512-a30VEBm4PEdx1dRB7MFK7BejejvCvBronbLjht+sHuGYj8PHs7M/5Z+rt5lw551vZ7yfTCj4Vuyy3mSJytDWRQ==" - }, - "has-flag": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/has-flag/-/has-flag-3.0.0.tgz", - "integrity": "sha1-tdRU3CGZriJWmfNGfloH87lVuv0=" - }, - "ignore": { - "version": "5.1.4", - "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.1.4.tgz", - "integrity": "sha512-MzbUSahkTW1u7JpKKjY7LCARd1fU5W2rLdxlM4kdkayuCwZImjkpluF9CM1aLewYJguPDqewLam18Y6AU69A8A==" - }, - "indent-string": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/indent-string/-/indent-string-3.2.0.tgz", - "integrity": "sha1-Sl/W0nzDMvN+VBmlBNu4NxBckok=" - }, - "inflight": { - "version": "1.0.6", - "resolved": "https://registry.npmjs.org/inflight/-/inflight-1.0.6.tgz", - "integrity": "sha1-Sb1jMdfQLQwJvJEKEHW6gWW1bfk=", - "requires": { - "once": "^1.3.0", - "wrappy": "1" - } - }, - "inherits": { - "version": "2.0.4", - "resolved": "https://registry.npmjs.org/inherits/-/inherits-2.0.4.tgz", - "integrity": "sha512-k/vGaX4/Yla3WzyMCvTQOXYeIHvqOKtnqBduzTHpzpQZzAskKMhZ2K+EnBiSM9zGSoIFeMpXKxa4dYeZIQqewQ==" - }, - "is-extglob": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz", - "integrity": "sha1-qIwCU1eR8C7TfHahueqXc8gz+MI=" - }, - "is-fullwidth-code-point": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-2.0.0.tgz", - "integrity": "sha1-o7MKXE8ZkYMWeqq5O+764937ZU8=" - }, - "is-glob": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.1.tgz", - "integrity": "sha512-5G0tKtBTFImOqDnLB2hG6Bp2qcKEFduo4tZu9MT/H6NQv/ghhy30o55ufafxJ/LdH79LLs2Kfrn85TLKyA7BUg==", - "requires": { - "is-extglob": "^2.1.1" - } - }, - "is-number": { - "version": "7.0.0", - "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz", - "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==" - }, - "is-plain-object": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/is-plain-object/-/is-plain-object-3.0.0.tgz", - "integrity": "sha512-tZIpofR+P05k8Aocp7UI/2UTa9lTJSebCXpFFoR9aibpokDj/uXBsJ8luUu0tTVYKkMU6URDUuOfJZ7koewXvg==", - "requires": { - "isobject": "^4.0.0" - } - }, - "is-stream": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/is-stream/-/is-stream-1.1.0.tgz", - "integrity": "sha1-EtSj3U5o4Lec6428hBc66A2RykQ=" - }, - "isexe": { - "version": "2.0.0", - "resolved": "https://registry.npmjs.org/isexe/-/isexe-2.0.0.tgz", - "integrity": "sha1-6PvzdNxVb/iUehDcsFctYz8s+hA=" - }, - "isobject": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/isobject/-/isobject-4.0.0.tgz", - "integrity": "sha512-S/2fF5wH8SJA/kmwr6HYhK/RI/OkhD84k8ntalo0iJjZikgq1XFvR5M8NPT1x5F7fBwCG3qHfnzeP/Vh/ZxCUA==" - }, - "jsonfile": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/jsonfile/-/jsonfile-4.0.0.tgz", - "integrity": "sha1-h3Gq4HmbZAdrdmQPygWPnBDjPss=", - "requires": { - "graceful-fs": "^4.1.6" - } - }, - "lodash": { - "version": "4.17.20", - "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.20.tgz", - "integrity": "sha512-PlhdFcillOINfeV7Ni6oF1TAEayyZBoZ8bcshTHqOYJYlrqzRK5hagpagky5o4HfCzzd1TRkXPMFq6cKk9rGmA==" - }, - "lodash._reinterpolate": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/lodash._reinterpolate/-/lodash._reinterpolate-3.0.0.tgz", - "integrity": "sha1-DM8tiRZq8Ds2Y8eWU4t1rG4RTZ0=" - }, - "lodash.get": { - "version": "4.4.2", - "resolved": "https://registry.npmjs.org/lodash.get/-/lodash.get-4.4.2.tgz", - "integrity": "sha1-LRd/ZS+jHpObRDjVNBSZ36OCXpk=" - }, - "lodash.isempty": { - "version": "4.4.0", - "resolved": "https://registry.npmjs.org/lodash.isempty/-/lodash.isempty-4.4.0.tgz", - "integrity": "sha1-b4bL7di+TsmHvpqvM8loTbGzHn4=" - }, - "lodash.isfunction": { - "version": "3.0.9", - "resolved": "https://registry.npmjs.org/lodash.isfunction/-/lodash.isfunction-3.0.9.tgz", - "integrity": "sha512-AirXNj15uRIMMPihnkInB4i3NHeb4iBtNg9WRWuK2o31S+ePwwNmDPaTL3o7dTJ+VXNZim7rFs4rxN4YU1oUJw==" - }, - "lodash.isplainobject": { - "version": "4.0.6", - "resolved": "https://registry.npmjs.org/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz", - "integrity": "sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs=" - }, - "lodash.isstring": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/lodash.isstring/-/lodash.isstring-4.0.1.tgz", - "integrity": "sha1-1SfftUVuynzJu5XV2ur4i6VKVFE=" - }, - "lodash.set": { - "version": "4.3.2", - "resolved": "https://registry.npmjs.org/lodash.set/-/lodash.set-4.3.2.tgz", - "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=" - }, - "lodash.template": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.template/-/lodash.template-4.5.0.tgz", - "integrity": "sha512-84vYFxIkmidUiFxidA/KjjH9pAycqW+h980j7Fuz5qxRtO9pgB7MDFTdys1N7A5mcucRiDyEq4fusljItR1T/A==", - "requires": { - "lodash._reinterpolate": "^3.0.0", - "lodash.templatesettings": "^4.0.0" - } - }, - "lodash.templatesettings": { - "version": "4.2.0", - "resolved": "https://registry.npmjs.org/lodash.templatesettings/-/lodash.templatesettings-4.2.0.tgz", - "integrity": "sha512-stgLz+i3Aa9mZgnjr/O+v9ruKZsPsndy7qPZOchbqk2cnTU1ZaldKK+v7m54WoKIyxiuMZTKT2H81F8BeAc3ZQ==", - "requires": { - "lodash._reinterpolate": "^3.0.0" - } - }, - "lodash.uniq": { - "version": "4.5.0", - "resolved": "https://registry.npmjs.org/lodash.uniq/-/lodash.uniq-4.5.0.tgz", - "integrity": "sha1-0CJTc662Uq3BvILklFM5qEJ1R3M=" - }, - "macos-release": { - "version": "2.3.0", - "resolved": "https://registry.npmjs.org/macos-release/-/macos-release-2.3.0.tgz", - "integrity": "sha512-OHhSbtcviqMPt7yfw5ef5aghS2jzFVKEFyCJndQt2YpSQ9qRVSEv2axSJI1paVThEu+FFGs584h/1YhxjVqajA==" - }, - "map-obj": { - "version": "4.1.0", - "resolved": "https://registry.npmjs.org/map-obj/-/map-obj-4.1.0.tgz", - "integrity": "sha512-glc9y00wgtwcDmp7GaE/0b0OnxpNJsVf3ael/An6Fe2Q51LLwN1er6sdomLRzz5h0+yMpiYLhWYF5R7HeqVd4g==" - }, - "merge2": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/merge2/-/merge2-1.3.0.tgz", - "integrity": "sha512-2j4DAdlBOkiSZIsaXk4mTE3sRS02yBHAtfy127xRV3bQUFqXkjHCHLW6Scv7DwNRbIWNHH8zpnz9zMaKXIdvYw==" - }, - "micromatch": { - "version": "4.0.2", - "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.2.tgz", - "integrity": "sha512-y7FpHSbMUMoyPbYUSzO6PaZ6FyRnQOpHuKwbo1G+Knck95XVU4QAiKdGEnj5wwoS7PlOgthX/09u5iFJ+aYf5Q==", - "requires": { - "braces": "^3.0.1", - "picomatch": "^2.0.5" - } - }, - "minimatch": { - "version": "3.0.4", - "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-3.0.4.tgz", - "integrity": "sha512-yJHVQEhyqPLUTgt9B83PXu6W3rx4MvvHvSUvToogpwoGDOUQ+yDrR0HRot+yOCdCO7u4hX3pWft6kWBBcqh0UA==", - "requires": { - "brace-expansion": "^1.1.7" - } - }, - "ms": { - "version": "2.1.2", - "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz", - "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w==" - }, - "nice-try": { - "version": "1.0.5", - "resolved": "https://registry.npmjs.org/nice-try/-/nice-try-1.0.5.tgz", - "integrity": "sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==" - }, - "node-fetch": { - "version": "2.6.1", - "resolved": "https://registry.npmjs.org/node-fetch/-/node-fetch-2.6.1.tgz", - "integrity": "sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==" - }, - "npm-run-path": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/npm-run-path/-/npm-run-path-2.0.2.tgz", - "integrity": "sha1-NakjLfo11wZ7TLLd8jV7GHFTbF8=", - "requires": { - "path-key": "^2.0.0" - } - }, - "octokit-pagination-methods": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/octokit-pagination-methods/-/octokit-pagination-methods-1.1.0.tgz", - "integrity": "sha512-fZ4qZdQ2nxJvtcasX7Ghl+WlWS/d9IgnBIwFZXVNNZUmzpno91SX5bc5vuxiuKoCtK78XxGGNuSCrDC7xYB3OQ==" - }, - "once": { - "version": "1.4.0", - "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz", - "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=", - "requires": { - "wrappy": "1" - } - }, - "os-name": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/os-name/-/os-name-3.1.0.tgz", - "integrity": "sha512-h8L+8aNjNcMpo/mAIBPn5PXCM16iyPGjHNWo6U1YO8sJTMHtEtyczI6QJnLoplswm6goopQkqc7OAnjhWcugVg==", - "requires": { - "macos-release": "^2.2.0", - "windows-release": "^3.1.0" - } - }, - "p-finally": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/p-finally/-/p-finally-1.0.0.tgz", - "integrity": "sha1-P7z7FbiZpEEjs0ttzBi3JDNqLK4=" - }, - "path-is-absolute": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz", - "integrity": "sha1-F0uSaHNVNP+8es5r9TpanhtcX18=" - }, - "path-key": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/path-key/-/path-key-2.0.1.tgz", - "integrity": "sha1-QRyttXTFoUDTpLGRDUDYDMn0C0A=" - }, - "path-type": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/path-type/-/path-type-4.0.0.tgz", - "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==" - }, - "picomatch": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.2.1.tgz", - "integrity": "sha512-ISBaA8xQNmwELC7eOjqFKMESB2VIqt4PPDD0nsS95b/9dZXvVKOlz9keMSnoGGKcOHXfTvDD6WMaRoSc9UuhRA==" - }, - "pump": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/pump/-/pump-3.0.0.tgz", - "integrity": "sha512-LwZy+p3SFs1Pytd/jYct4wpv49HiYCqd9Rlc5ZVdk0V+8Yzv6jR5Blk3TRmPL1ft69TxP0IMZGJ+WPFU2BFhww==", - "requires": { - "end-of-stream": "^1.1.0", - "once": "^1.3.1" - } - }, - "reusify": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.0.4.tgz", - "integrity": "sha512-U9nH88a3fc/ekCF1l0/UP1IosiuIjyTh7hBvXVMHYgVcfGvt897Xguj2UOLDeI5BG2m7/uwyaLVT6fbtCwTyzw==" - }, - "run-parallel": { - "version": "1.1.9", - "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.1.9.tgz", - "integrity": "sha512-DEqnSRTDw/Tc3FXf49zedI638Z9onwUotBMiUFKmrO2sdFKIbXamXGQ3Axd4qgphxKB4kw/qP1w5kTxnfU1B9Q==" - }, - "semver": { - "version": "5.7.1", - "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz", - "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==" - }, - "shebang-command": { - "version": "1.2.0", - "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-1.2.0.tgz", - "integrity": "sha1-RKrGW2lbAzmJaMOfNj/uXer98eo=", - "requires": { - "shebang-regex": "^1.0.0" - } - }, - "shebang-regex": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/shebang-regex/-/shebang-regex-1.0.0.tgz", - "integrity": "sha1-2kL0l0DAtC2yypcoVxyxkMmO/qM=" - }, - "signal-exit": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/signal-exit/-/signal-exit-3.0.2.tgz", - "integrity": "sha1-tf3AjxKH6hF4Yo5BXiUTK3NkbG0=" - }, - "slash": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/slash/-/slash-3.0.0.tgz", - "integrity": "sha512-g9Q1haeby36OSStwb4ntCGGGaKsaVSjQ68fBxoQcutl5fS1vuY18H3wSt3jFyFtrkx+Kz0V1G85A4MyAdDMi2Q==" - }, - "snakecase-keys": { - "version": "3.1.0", - "resolved": "https://registry.npmjs.org/snakecase-keys/-/snakecase-keys-3.1.0.tgz", - "integrity": "sha512-QM038drLbhdOY5HcRQVjO1ZJ1WR7yV5D5TIBzcOB/g3f5HURHhfpYEnvOyzXet8K+MQsgeIUA7O7vn90nAX6EA==", - "requires": { - "map-obj": "^4.0.0", - "to-snake-case": "^1.0.0" - } - }, - "string-width": { - "version": "2.1.1", - "resolved": "https://registry.npmjs.org/string-width/-/string-width-2.1.1.tgz", - "integrity": "sha512-nOqH59deCq9SRHlxq1Aw85Jnt4w6KvLKqWVik6oA9ZklXLNIOlqg4F2yrT1MVaTjAqvVwdfeZ7w7aCvJD7ugkw==", - "requires": { - "is-fullwidth-code-point": "^2.0.0", - "strip-ansi": "^4.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz", - "integrity": "sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=" - }, - "strip-ansi": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz", - "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=", - "requires": { - "ansi-regex": "^3.0.0" - } - } - } - }, - "strip-ansi": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-5.2.0.tgz", - "integrity": "sha512-DuRs1gKbBqsMKIZlrffwlug8MHkcnpjs5VPmL1PAh+mA30U0DTotfDZ0d2UUsXpPmPmMMJ6W773MaA3J+lbiWA==", - "requires": { - "ansi-regex": "^4.1.0" - } - }, - "strip-eof": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/strip-eof/-/strip-eof-1.0.0.tgz", - "integrity": "sha1-u0P/VZim6wXYm1n80SnJgzE2Br8=" - }, - "supports-color": { - "version": "5.5.0", - "resolved": "https://registry.npmjs.org/supports-color/-/supports-color-5.5.0.tgz", - "integrity": "sha512-QjVjwdXIt408MIiAqCX4oUKsgU2EqAGzs2Ppkm4aQYbjm+ZEWEcW4SfFNTr4uMNZma0ey4f5lgLrkB0aX0QMow==", - "requires": { - "has-flag": "^3.0.0" - } - }, - "to-no-case": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/to-no-case/-/to-no-case-1.0.2.tgz", - "integrity": "sha1-xyKQcWTvaxeBMsjmmTAhLRtKoWo=" - }, - "to-regex-range": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz", - "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==", - "requires": { - "is-number": "^7.0.0" - } - }, - "to-snake-case": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/to-snake-case/-/to-snake-case-1.0.0.tgz", - "integrity": "sha1-znRpE4l5RgGah+Yu366upMYIq4w=", - "requires": { - "to-space-case": "^1.0.0" - } - }, - "to-space-case": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/to-space-case/-/to-space-case-1.0.0.tgz", - "integrity": "sha1-sFLar7Gysp3HcM6gFj5ewOvJ/Bc=", - "requires": { - "to-no-case": "^1.0.0" - } - }, - "tslib": { - "version": "1.11.0", - "resolved": "https://registry.npmjs.org/tslib/-/tslib-1.11.0.tgz", - "integrity": "sha512-BmndXUtiTn/VDDrJzQE7Mm22Ix3PxgLltW9bSNLoeCY31gnG2OPx0QqJnuc9oMIKioYrz487i6K9o4Pdn0j+Kg==" - }, - "universal-user-agent": { - "version": "4.0.1", - "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-4.0.1.tgz", - "integrity": "sha512-LnST3ebHwVL2aNe4mejI9IQh2HfZ1RLo8Io2HugSif8ekzD1TlWpHpColOB/eh8JHMLkGH3Akqf040I+4ylNxg==", - "requires": { - "os-name": "^3.1.0" - } - }, - "universalify": { - "version": "0.1.2", - "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", - "integrity": "sha512-rBJeI5CXAlmy1pV+617WB9J63U6XcazHHF2f2dbJix4XzpUF0RS3Zbj0FGIOCAva5P/d/GBOYaACQ1w+0azUkg==" - }, - "which": { - "version": "1.3.1", - "resolved": "https://registry.npmjs.org/which/-/which-1.3.1.tgz", - "integrity": "sha512-HxJdYWq1MTIQbJ3nw0cqssHoTNU267KlrDuGZ1WYlxDStUtKUhOaJmh112/TZmHxxUfuJqPXSOm7tDyas0OSIQ==", - "requires": { - "isexe": "^2.0.0" - } - }, - "widest-line": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/widest-line/-/widest-line-2.0.1.tgz", - "integrity": "sha512-Ba5m9/Fa4Xt9eb2ELXt77JxVDV8w7qQrH0zS/TWSJdLyAwQjWoOzpzj5lwVftDz6n/EOu3tNACS84v509qwnJA==", - "requires": { - "string-width": "^2.1.1" - } - }, - "windows-release": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/windows-release/-/windows-release-3.2.0.tgz", - "integrity": "sha512-QTlz2hKLrdqukrsapKsINzqMgOUpQW268eJ0OaOpJN32h272waxR9fkB9VoWRtK7uKHG5EHJcTXQBD8XZVJkFA==", - "requires": { - "execa": "^1.0.0" - } - }, - "wrap-ansi": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/wrap-ansi/-/wrap-ansi-4.0.0.tgz", - "integrity": "sha512-uMTsj9rDb0/7kk1PbcbCcwvHUxp60fGDB/NNXpVa0Q+ic/e7y5+BwTxKfQ33VYgDppSwi/FBzpetYzo8s6tfbg==", - "requires": { - "ansi-styles": "^3.2.0", - "string-width": "^2.1.1", - "strip-ansi": "^4.0.0" - }, - "dependencies": { - "ansi-regex": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-3.0.0.tgz", - "integrity": "sha1-7QMXwyIGT3lGbAKWa922Bas32Zg=" - }, - "strip-ansi": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-4.0.0.tgz", - "integrity": "sha1-qEeQIusaw2iocTibY1JixQXuNo8=", - "requires": { - "ansi-regex": "^3.0.0" - } - } - } - }, - "wrappy": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz", - "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=" - } - } -} diff --git a/.pipeline-v3/package.json b/.pipeline-v3/package.json deleted file mode 100644 index 6834ee3e6..000000000 --- a/.pipeline-v3/package.json +++ /dev/null @@ -1,27 +0,0 @@ -{ - "name": "pipeline", - "version": "1.0.0", - "description": "This a pipeliene script", - "engines": { - "node": ">=8" - }, - "scripts": { - "build": "node build.js", - "clean": "node clean.js", - "deploy": "node deploy.js", - "deploy-unittest": "node deploy-unittest.js", - "version": "echo \"node@$(node --version) ($(which node))\" && echo \"npm@$(npm --version) ($(which npm))\" && npm ls" - }, - "repository": { - "type": "git", - "url": "git+https://github.com/bcgov/ocp-sso.git" - }, - "author": "", - "license": "Apache-2.0", - "dependencies": { - "@bcgov/gh-deploy": "^1.1.4", - "@bcgov/pipeline-cli": "^1.0.1-0", - "axios": "^0.21.1", - "lodash": "^4.17.20" - } -} diff --git a/.yo-rc.json-v3 b/.yo-rc.json-v3 deleted file mode 100644 index b592ba595..000000000 --- a/.yo-rc.json-v3 +++ /dev/null @@ -1,54 +0,0 @@ -{ - "@bcgov/bcdk": { - "promptValues": { - "modules": { - "zeva": { - "name": "zeva", - "version": "1.0.0", - "path": ".", - "environments": { - "build": { - "namespace": "tbiwaq-tools" - }, - "dev": { - "namespace": "tbiwaq-dev" - }, - "test": { - "namespace": "tbiwaq-test" - }, - "prod": { - "namespace": "tbiwaq-prod" - } - }, - "jenkinsJobName": "zeva", - "github_owner": "bcgov", - "github_repo": "zeva", - "jenkinsFilePath": "Jenkinsfile", - "uuid": "2c0c5c5b-6d52-4ae1-aefb-00b5bbd7c7e3" - }, - "jenkins": { - "path": ".jenkins", - "name": "jenkins", - "namespace": "tbiwaq-tools", - "version": "1.0.0", - "environments": { - "build": { - "namespace": "tbiwaq-tools" - }, - "dev": { - "namespace": "tbiwaq-tools" - }, - "prod": { - "namespace": "tbiwaq-tools" - } - }, - "jenkinsJobName": "_jenkins", - "github_owner": "bcgov", - "github_repo": "zeva", - "jenkinsFilePath": ".jenkins/Jenkinsfile", - "uuid": "7a55c783-db16-45ad-82cc-23792286d6c3" - } - } - } - } -} \ No newline at end of file diff --git a/Jenkinsfile-v3 b/Jenkinsfile-v3 deleted file mode 100644 index dbb0f12cd..000000000 --- a/Jenkinsfile-v3 +++ /dev/null @@ -1,67 +0,0 @@ -pipeline { - agent none - options { - disableResume() - } - stages { - stage('Build') { - agent { label 'build' } - steps { - script { - def filesInThisCommitAsString = sh(script:"git diff --name-only HEAD~1..HEAD | grep -v '^.jenkins-v3/' || echo -n ''", returnStatus: false, returnStdout: true).trim() - def hasChangesInPath = (filesInThisCommitAsString.length() > 0) - echo "${filesInThisCommitAsString}" - if (!currentBuild.rawBuild.getCauses()[0].toString().contains('UserIdCause') && !hasChangesInPath){ - currentBuild.rawBuild.delete() - error("No changes detected in the path ('^.jenkins-v3/')") - } - } - echo "Aborting all running jobs ..." - script { - abortAllPreviousBuildInProgress(currentBuild) - } - echo "Building ..." - sh "cd .pipeline-v3 && ./npmw ci && ./npmw run build -- --pr=${CHANGE_ID}" - } - } - stage('Deploy (DEV)') { - agent { label 'deploy' } - steps { - echo "Deploying ..." - sh "cd .pipeline-v3 && ./npmw ci && ./npmw run deploy -- --pr=${CHANGE_ID} --env=dev" - } - } - - stage('Deploy (TEST)') { - agent { label 'deploy' } - when { - expression { return env.CHANGE_TARGET == 'master';} - beforeInput true - } - input { - message "Should we continue with deployment to TEST?" - ok "Yes!" - } - steps { - echo "Deploying ..." - sh "cd .pipeline-v3 && ./npmw ci && ./npmw run deploy -- --pr=${CHANGE_ID} --env=test" - } - } - stage('Deploy (PROD)') { - agent { label 'deploy' } - when { - expression { return env.CHANGE_TARGET == 'master';} - beforeInput true - } - input { - message "Should we continue with deployment to PROD? This is Prod!. Make sure you have made a database backup and verified no clients are using the system." - ok "Yes!" - } - steps { - echo "Deploying ..." - sh "cd .pipeline-v3 && ./npmw ci && ./npmw run deploy -- --pr=${CHANGE_ID} --env=prod" - } - } - - } -} diff --git a/openshift-v3/README.md b/openshift-v3/README.md deleted file mode 100644 index 25aca8826..000000000 --- a/openshift-v3/README.md +++ /dev/null @@ -1,300 +0,0 @@ -# Zeva Pull Request based Pipeline - -This readme file shows the process of adopting [BCDK](https://github.com/bcdevops/bcdk) as pull request based pipeline for [Zeva](https://github.com/bcgov/zeva) project. - -The sample component built and deployed by the pipeline is frontend. - -Create a branch called zeva-bcdk from master and all the following works are based on this branch. - -## Section 1 Create pull request based pipeline - -A folder .pipeline will be created under project root. -If all steps are gone through smoothly, it will have the following structure. -Commands will be available to build images and deploy to various environment at the end. - -``` --.pipeline - -lib - build.js - clean.js - config.js - deploy.js - -node_modules - -@bcgov - -pipeline-cli //https://github.com/BCDevOps/pipeline-cli - ... //various nodejs modules - .nvmrc - build.js - clean.js - deploy.js - npmw - package.json - package-log.json -``` - -### 1.1 Create .pipeline folder - -Run Yeoman generator to create .pipeline folder structure. -Zeva has only one module, it has various components(frontend, backend and etc.) under it. The pipeline created will build and deploy module Zeva. If your project has multiple modules and each module has one pipeline, please ask help from BCDK developers. - -``` -~/Projects/zeva$ yo bcdk:pipeline -? What is this module id/key? zeva -? What is this module name? zeva -? What is this module version? 1.0.0 -? What environments are supported by your app? separated by space build dev test prod -? What is the source code directory for this module? . -? What namespace/project name is used for 'build'? tbiwaq-tools -? What namespace/project name is used for 'dev'? tbiwaq-dev -? What namespace/project name is used for 'test'? tbiwaq-test -? What namespace/project name is used for 'prod'? tbiwaq-prod -``` - -### 1.2 Create frontend build and deploy template for Openshift - -* [openshift/templates/frontend/frontend-bc.yaml](https://github.com/bcgov/zeva/blob/master/openshift/templates/frontend/frontend-bc.yaml) -* [openshift/templates/frontend/frontend-dc.yaml](https://github.com/bcgov/zeva/blob/master/openshift/templates/frontend/frontend-dc.yaml) - - -### 1.3 Customize frontend build process in pipeline - -Update ./pipeline/line/build.js line 14. The value of the param are included in ./pipeline/lib/config.js. The current phase is build and new values can be add to config.js. -``` - // The building of your cool app goes here ▼▼▼ - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-bc.yaml`, { - 'param':{ - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'GIT_URL': oc.git.http_url, - 'GIT_REF': oc.git.ref - } - })) -``` -Save the file, commit all changes, push to GitHub and create a pull request from zeva-bcdk to master. Assume the pull request number is #18. - -### 1.4 Build the pul request on commandline - -Build Config zeva-frontend-build-18 will be created under tools namespace. -``` -~/Projects/zeva/.pipeline$ npm run build -- --pr=18 -``` - -### 1.5 Customize deploy process in pipeline - -Update ./pipeline/line/deploy.js line 15. The values of param are also from ./pipeline/lib/config.js. - -``` - // The deployment of your cool app goes here ▼▼▼ - objects = objects.concat(oc.processDeploymentTemplate(`${templatesLocalBaseUrl}/templates/frontend/frontend-dc.yaml`, { - 'param':{ - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'ENV_NAME': phases[phase].instance, - 'DASH_ENV_NAME': phases[phase].ssoSuffix, - 'CPU_REQUEST': '100m', - 'CPU_LIMIT': '500m', - 'MEMORY_REQUEST': '1100M', - 'MEMORY_LIMIT': '2G' - } - })) -``` - -### 1.6 Deploy the pull request to dev on command line - -Deployment config zeva-frontend-dev-18 will be created under dev namespace. -``` -~/Projects/zeva/.pipeline$ npm run deploy -- --pr=18 --env=dev -``` - -### 1.7 Cleanup deployment configurations created for the pull request - -The deployment configs, services, routes and image tags related to the pull request will be removed. -Recommend to run the cleanup command if a redeployment of a pull request encountering an issue. -``` -~/Projects/zeva/.pipeline$ nnpm run clean -- --pr=18 --env=dev -``` - -## Section 2 Setup Jenkins on Openshift - -Create Jenkins master and slave instances on Openshift. Also create Zeva pipeline job on Jenkins. The pipeline job is able to scan pull requests when they are created/modified and trigger the pipeline as describe in the Jenkinsfile under project root. -If all steps can go through smoothly, the following folder structure will be created under project root folder. -The contents under .jenkins/.pipeline are similar as section 1. The idea is to use same pipeline to maintain Jenkins itself for the project. -Project team can customize Jenkins by adding/changing the contents under .jenkins/docker and .jenkins/openshift folder. Especially for Jenkins slave image, it can be customize to add extended modules. -A Jenkinsfile will also be created under project root. -``` --.jenkins - -.pipeline - -lib - build.js - clean.js - config.js - deploy.js - -node_modules - -@bcgov - -pipeline-cli //https://github.com/BCDevOps/pipeline-cli - ... //various nodejs modules - .nvmrc - build.js - clean.js - deploy.js - npmw - package.json - package-log.json - -docker - -contrib - -jenkins - -configuration - -jobs - _jenkins - config.xml - _zeva - config.xml - Dockerfile - -openshift - build-master.yaml - build-slave.yaml - deploy-master.yaml - deploy-prereq.yaml - deploy-slave.yaml - secrets.json - Jenkinsfile - README.md -``` - -### 2.1 Create .jenkins folder - -Run Yeoman generator to create .jenkins folder structure. -Jenkins only has build, dev and prod and they are all under tools project. Jenkins dev deployment should live under very short time, once it is verified ok, it should be removed. Jenkins prod is the one used to scan, build and deploy pull requests. - -``` -~/Projects/zeva$ yo bcdk:jenkins -? What is your openshift 'tools' namespace name? tbiwaq-tools -? What is this module name? jenkins -? What is this module name? jenkins -? What is this module version? 1.0.0 -Environments: build dev prod -? What is the source code directory for this module? .jenkins -? What namespace/project name is used for 'build'? tbiwaq-tools -? What namespace/project name is used for 'dev'? tbiwaq-tools -? What namespace/project name is used for 'prod'? tbiwaq-tools -? What is the GitHub organization where the repository is located? bcgov -? What is the repository's name? zeva -? What is the Jenkinsfile path? .jenkins/Jenkinsfile -Writing 'jenkins' files. -Writing 'pipeline' files. -Writing 'jenkins-job' files. -Writing 'jenkins-overwrites' files. - create .jenkins/docker/contrib/jenkins/configuration/jobs/_jenkins/config.xml - create .jenkins/docker/Dockerfile - create .jenkins/openshift/build-master.yaml -``` - -Commit .jenkins folder, yes only commit is required for now. - -### 2.2 Build Jenkins master and slave images on Openshift - -Just provide value 0 to pr. Two image streams and two build configs will be created for Jenkins master and slave. - -``` -~/Projects/zeva/.jenkins/.pipeline$ npm run build -- --pr=0 --dev-mode=true -> pipeline@1.0.0 build /Users/kfan/Projects/zeva/.jenkins/.pipeline -> node build.js "--pr=0" "--dev-mode=true" - -Starting new build for buildconfig.build.openshift.io/jenkins-build-0 -Starting new build for buildconfig.build.openshift.io/jenkins-slave-main-build-0 -``` - -### 2.3 Deploy Jenkins master and slave on Openshift - -Make sure the proper network security policies have been applied. Otherwise slave node will not be able to connect to master. -pr#0 doesn't have to exist. - -``` -~/Projects/zeva/.jenkins/.pipeline$ npm run deploy -- --pr=0 --env=dev -``` - -### 2.4 Create Zeva pipeline job in Jenkins - -The pipeline job will scan pull requests. Then it will run Jenkinsfile under project root to build and deploy the identified pull requests. - -``` -~/Projects/zeva$ yo bcdk:jenkins-job -? Module name? zeva -? Jenkins Job name? zeva -? What is the GitHub organization where the repository is located? bcgov -? What is the repository's name? zeva -? What is the Jenkinsfile path? Jenkinsfile -Writing 'jenkins-job' files. - create .jenkins/docker/contrib/jenkins/configuration/jobs/zeva/config.xml -``` - -### 2.4 Rebuild Jenkins to include the new pipline job created - -If builds could not start, manually delete two jenkins image stream and rerun the command. -``` -~/Projects/zeva/.jenkins/.pipeline$ npm run build -- --pr=0 --dev-mode=true - -> pipeline@1.0.0 build /Users/kfan/Projects/zeva/.jenkins/.pipeline -> node build.js "--pr=0" "--dev-mode=true" - -Re-using image tbiwaq-tools/ImageStreamImage/jenkins@sha256:19562b7307e461430fc4fc950c5c72d3300dc0826c5c7ac2dcd0ca289b5d2866 for build buildconfig.build.openshift.io/jenkins-build-0 -Re-using image tbiwaq-tools/ImageStreamImage/jenkins-slave-main@sha256:56afeca0b6ea96d330a5a60447d8d8558535dc901ca9f7ad6590434335026db9 for build buildconfig.build.openshift.io/jenkins-slave-main-build-0 -``` -Commit all changes and push to GitHub - -### 2.5 Redeploy Jenkins with the new zeva pipeline job included -``` -~/Projects/zeva/.jenkins/.pipeline$ npm run deploy -- --pr=0 --env=dev -``` - -## Section 3 Update Jenkins on Openshift -A sample task to do is adding openshift cloud settings. The following settings are added to .jenkins/docker/contrib/jenkins/configuration/config.xml -The change is done through branch jenkins-add-oepnshift -``` - - openshift - - - - false - false - false - http://jenkins-prod.tbiwaq-tools.svc:8080 - jenkins-prod.tbiwaq-tools.svc:50000 - 10 - 5 - 5 - 15 - false - 32 - 600 - - -``` -### 3.1 steps updating Jenkins -* Git commit the change to branch jenkins-add-oepnshift -* Create pull request 58 -* Login to jenkins admin console. Jenkins -> _jenkins -> Pull Requests(37) -> PR-58, the pipeline zeva/jenkins/Jenkinsfile is triggered -* Openshift Console - * build configs jenkins-build-58 and jenkins-slave-main-build-58 are created and triggered - * jenkins:dev-1.0.0-58 and jenkins-slave-main:build-1.0.0-58 are tagged - * deployment config jenkins-dev-58 and jenkins-slave-dev-58 are created and triggered - * route jenkins-dev-58 is created -* Open browser and go to url specified by route jenkins-dev-58 - * verify Jenkins -> manage Jenkins -> Configure System, there should be only one cloud openshift created -* Open jenkins admin console - * go to Jenkins -> _jenlins -> Pull Requests(37) -> PR-58 Console Output, it is asking "Should we continue with deployment to PROD?" - * choose Yes, - * image jenkins / build-1.0.0-58, dev-1.0.0-58 and prod-1.0.0 are same - * image jenkins-slave-main / build-1.0.0-58, dev-1.0.0-58 and prod-1.0.0 are same - * deployment configs jenkins-prod and jenkins-slave-prod are triggered by image change -* Open browser and go to url specified by route jenkins-prod - * verify Jenkins -> manage Jenkins -> Configure System, there should be only one cloud openshift created -* Openshift console, bring down jenkins-slave-dev-58 and jenkins-dev-58 - -## Tips -* Project team should be responsible to build jenkins slave, such as add npm modules into it, then no need to use npmw anymore -* After the Jenkins create successfully, two webhooks should have been created in zeva repo (if the webhooks show failed, it is ok as Jenkins may not be fully up yet) -* Under dev namespace, grant admin permission to service account "tbiwaq-tools/jenkins-prod", we only allow "tbiwaq-tools/jenkins-prod" to deploy on dev, test and prod, NOT to allow "tbiwaq-tools/jenkins-dev" to do anything on these three environment diff --git a/openshift-v3/templates/README.md b/openshift-v3/templates/README.md deleted file mode 100644 index c4cdad657..000000000 --- a/openshift-v3/templates/README.md +++ /dev/null @@ -1,57 +0,0 @@ -# ZEVA Openshift Setup - -## 1. Network Security - -* Followingthe instructions in openshift/templates/nsp/README.md - -## 2. Jenkins setup on tools project - -* openshift/jenkins/README.md -* install node packages -.jenkins/.pipeline$ npm install -* Build jenkins and jenkins-slave-main image, create a pr such as 161 -.jenkins/.pipeline$ npm run build -- --pr=161 --env=build -* Deploy jenkins to tools project -.jenkins/.pipeline$ npm run deploy -- --pr=161 --env=dev -.jenkins/.pipeline$ npm run deploy -- --pr=161 --env=prod - -Notes: for Jenkins, build, dev and prod are actually all on tools environment - -## 3. Pipeline to deploy on dev, test and prod - -### 3.1 Preparation for pipeline - -* openshift/templates/config/README.md [Before triggering pipeline] -* openshift/templates/keycloak/README.md -* openshift/templates/backend/README.md [Before triggering pipeline] -* openshift/templates/frontend/README.md [Before triggering pipeline] -* openshift/templates/minio/README.md [Before triggering pipeline] -* openshift/templates/patroni/README.md [Before triggering pipeline] -* openshift/templates/rabbitmq/README.md [Before triggering pipeline] - -### 3.2 Run pipeline - -For example the latest tracking pr is 199 - -* .pipeline$ npm run build -- --pr=199 --env=build -* .pipeline$ npm run deploy -- --pr=199 --env=dev -* .pipeline$ npm run deploy -- --pr=199 --env=test -* .pipeline$ npm run deploy -- --pr=199 --env=prod - -### 3.3 Post pipeline - -openshift/templates/backend/README.md [After pipeline completes] -openshift/templates/frontend/README.md [After pipeline completes] - -## 4. Backup container - -openshift/templates/backup-container-2.0.0/openshift/templates/backup/README.md - -## 5. Nagios - -openshift/templates/nagios/README.md - -## 6. Database migration - -* openshift/templates/patroni/README.md [Database Migration from Openshift v3 to Openshift 4] - diff --git a/openshift-v3/templates/backend/README.md b/openshift-v3/templates/backend/README.md deleted file mode 100644 index 303b1798d..000000000 --- a/openshift-v3/templates/backend/README.md +++ /dev/null @@ -1,25 +0,0 @@ -### Files included - - * backend-bc.yaml backend build config - * backend-dc.yaml backend deployment config - * django-secret-template.yaml create template.django-secret, it is not in pipeline and needs to run independently, it is used by backend-dc.yaml - * backend-autoscaler.yaml create backend autoscaler, it is not in pipeline and needs to run independently - -### Prepare for pipeline build and deploy - -#### Before triggering pipeline - -1. Create base image used by backend registry.access.redhat.com/rhscl/python-36-rhel7:1-63 - * oc tag registry.access.redhat.com/rhscl/python-36-rhel7:1-63 tbiwaq-tools/python:3.6-1-63 - -2. Create template secret template.django-secret - * oc process -f django-secret-template.yaml | oc create -f - -n [project namespace] - -3. Create email service secret for each environment - * oc process -f email-service-secret.yaml EMAIL_SERVICE_CLIENT_ID= EMAIL_SERVICE_CLIENT_SECRET= CHES_AUTH_URL= CHES_EMAIL_URL= | oc create -f - -n [env namespace] - -#### After pipeline completes - -1. After pipeline completes, create autoscaler for backend - * oc process -f backend-autoscaler.yaml | oc create -f - -n [project namespace] - diff --git a/openshift-v3/templates/backend/backend-autoscaler.yaml b/openshift-v3/templates/backend/backend-autoscaler.yaml deleted file mode 100644 index ffed6de34..000000000 --- a/openshift-v3/templates/backend/backend-autoscaler.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: backend-autoscaler -parameters: - - name: NAME - displayName: - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true - - name: SUFFIX - displayName: - description: - required: true - - name: MIN_REPLICAS - displayName: - description: - required: true - - name: MAX_REPLICAS - displayName: - description: - required: true -objects: - - apiVersion: autoscaling/v1 - kind: HorizontalPodAutoscaler - metadata: - name: ${NAME}-backend${SUFFIX}-autoscaler - spec: - scaleTargetRef: - apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - name: ${NAME}-backend${SUFFIX} - subresource: scale - minReplicas: ${{MIN_REPLICAS}} - maxReplicas: ${{MAX_REPLICAS}} - targetCPUUtilizationPercentage: 80 \ No newline at end of file diff --git a/openshift-v3/templates/backend/backend-bc.yaml b/openshift-v3/templates/backend/backend-bc.yaml deleted file mode 100644 index 59787ab18..000000000 --- a/openshift-v3/templates/backend/backend-bc.yaml +++ /dev/null @@ -1,95 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: zeva-backend-bc -parameters: - - name: NAME - displayName: - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true - - name: SUFFIX - displayName: - description: sample is -pr-0 - required: true - - name: VERSION - displayName: - description: image tag name for output - required: true - - name: GIT_URL - displayName: - description: zeva repo - required: true - - name: GIT_REF - displayName: - description: zeva branch name of the pr - required: true -objects: - - apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the backend image - creationTimestamp: null - name: ${NAME}-python - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" - - apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the backend image - labels: - shared: "true" - creationTimestamp: null - name: ${NAME}-backend - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" - - apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - annotations: - description: Defines how to build the application - creationTimestamp: null - name: ${NAME}-backend${SUFFIX} - spec: - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: ${NAME}-backend:${VERSION} - postCommit: {} - resources: - limits: - cpu: 2000m - memory: 2G - requests: - cpu: 500m - memory: 200M - runPolicy: SerialLatestOnly - source: - contextDir: backend - git: - ref: ${GIT_REF} - uri: ${GIT_URL} - type: Git - strategy: - sourceStrategy: - env: - - name: PIP_INDEX_URL - from: - kind: ImageStreamTag - name: python:3.6-1-63 - type: Source - triggers: - - imageChange: {} - type: ImageChange - - type: ConfigChange - status: - lastVersion: 0 diff --git a/openshift-v3/templates/backend/backend-dc.yaml b/openshift-v3/templates/backend/backend-dc.yaml deleted file mode 100644 index b6c6b88fe..000000000 --- a/openshift-v3/templates/backend/backend-dc.yaml +++ /dev/null @@ -1,426 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: zeva-backend-dc -parameters: - - name: NAME - displayName: null - description: 'the module name entered when run yo bcdk:pipeline, which is zeva' - required: true - - name: SUFFIX - displayName: null - description: sample is -dev-97 - required: true - - name: VERSION - displayName: null - description: image tag name for output - required: true - - name: ENV_NAME - value: dev - displayName: Environment name - description: 'Environment name, dev, test and prod' - required: true - - name: BACKEND_HOST_NAME - displayName: Host name for route - description: Host name for route - required: true - - name: RABBITMQ_CLUSTER_NAME - displayName: rabbitmq cluser name - description: rabbitmq cluser name - required: true - - name: CPU_REQUEST - displayName: Requested CPU - description: Requested CPU - required: true - - name: CPU_LIMIT - displayName: CPU upper limit - description: CPU upper limit - required: true - - name: MEMORY_REQUEST - displayName: Requested memory - description: Requested memory - required: true - - name: MEMORY_LIMIT - displayName: Memory upper limit - description: Memory upper limit - required: true - - name: HEALTH_CHECK_DELAY - value: '150' - displayName: Memory upper limit - description: Memory upper limit - required: true - - name: REPLICAS - value: '1' - required: true -objects: - - apiVersion: v1 - kind: Secret - metadata: - labels: - app: ${NAME}${SUFFIX} - annotations: - as-copy-of: "template.django-secret" - name: ${NAME}-django${SUFFIX} - stringData: - DJANGO_SECRET_KEY: ${DJANGO_SECRET_KEY} - - apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the backend image - labels: - shared: "true" - creationTimestamp: null - name: '${NAME}-backend' - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: '' - - apiVersion: v1 - kind: Service - metadata: - creationTimestamp: null - name: '${NAME}-backend${SUFFIX}' - labels: - name: backend - app: zeva - role: backend - env: '${ENV_NAME}' - spec: - ports: - - name: backend - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - name: '${NAME}-backend${SUFFIX}' - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} - - apiVersion: route.openshift.io/v1 - kind: Route - metadata: - creationTimestamp: null - annotations: - haproxy.router.openshift.io/balance: source - haproxy.router.openshift.io/timeout: 1200s - labels: - name: backend - app: zeva - role: backend - env: '${ENV_NAME}' - name: ${NAME}-backend${SUFFIX} - spec: - host: ${BACKEND_HOST_NAME} - path: /api - port: - targetPort: backend - tls: - insecureEdgeTerminationPolicy: Redirect - termination: edge - to: - kind: Service - name: '${NAME}-backend${SUFFIX}' - weight: 100 - wildcardPolicy: None -# - apiVersion: route.openshift.io/v1 -# kind: Route -# metadata: -# creationTimestamp: null -# labels: -# name: backend -# app: zeva -# role: backend -# env: '${ENV_NAME}' -# name: '${NAME}-backend-health${SUFFIX}' -# spec: -# host: ${HOST_NAME} -# path: /health -# port: -# targetPort: backend -# tls: -# termination: edge -# to: -# kind: Service -# name: '${NAME}-backend${SUFFIX}' -# weight: 100 -# wildcardPolicy: None - - apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - metadata: - annotations: - description: Defines how to deploy the application server - creationTimestamp: null - labels: - app: zeva - role: backend - env: ${ENV_NAME} - name: ${NAME}-backend${SUFFIX} - spec: - replicas: ${{REPLICAS}} - revisionHistoryLimit: 10 - selector: - name: ${NAME}-backend${SUFFIX} - strategy: - activeDeadlineSeconds: 800 - recreateParams: - mid: - execNewPod: - command: - - /bin/sh - - '-c' - - |- - sleep 90 - python ./manage.py migrate - if [ $? -eq 0 ]; then - python ./manage.py load_ops_data --directory ./api/fixtures/operational - else - exit 1 - fi - containerName: backend - failurePolicy: Retry - timeoutSeconds: 600 - resources: {} - type: Recreate - template: - metadata: - creationTimestamp: null - labels: - name: ${NAME}-backend${SUFFIX} - spec: - containers: - - name: backend - image: null - imagePullPolicy: IfNotPresent - env: - - name: DATABASE_NAME - value: zeva - - name: DATABASE_USER - valueFrom: - secretKeyRef: - name: patroni${SUFFIX} - key: app-db-username - - name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - name: patroni${SUFFIX} - key: app-db-password - - name: DATABASE_ENGINE - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: database_engine - - name: DATABASE_SERVICE_NAME - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: database_service_name - - name: POSTGRESQL_SERVICE_HOST - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: postgresql_service_host - - name: POSTGRESQL_SERVICE_PORT - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: postgresql_service_port - - name: KEYCLOAK_CERTS_URL - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_certs_url - - name: KEYCLOAK_REALM - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_realm - - name: KEYCLOAK_REALM_URL - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_realm_url - - name: KEYCLOAK_AUTHORITY - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_authority - - name: KEYCLOAK_ISSUER - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_issuer - - name: KEYCLOAK_AUDIENCE - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_audience - - name: KEYCLOAK_CLIENT_ID - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_client_id - - name: KEYCLOAK_SA_BASEURL - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_sa_baseurl - - name: KEYCLOAK_SA_REALM - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_sa_realm - - name: KEYCLOAK_SA_CLIENT_ID - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_sa_client_id - - name: KEYCLOAK_SA_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: zeva-keycloak - key: KEYCLOAK_SA_CLIENT_SECRET - - name: DJANGO_DEBUG - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: django_debug - - name: DJANGO_SECRET_KEY - valueFrom: - secretKeyRef: - name: ${NAME}-django${SUFFIX} - key: DJANGO_SECRET_KEY - - name: RABBITMQ_VHOST - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: rabbitmq_vhost - - name: RABBITMQ_USER - valueFrom: - secretKeyRef: - name: ${NAME}${SUFFIX}-${RABBITMQ_CLUSTER_NAME}-secret - key: username - - name: RABBITMQ_PASSWORD - valueFrom: - secretKeyRef: - name: ${NAME}${SUFFIX}-${RABBITMQ_CLUSTER_NAME}-secret - key: password - - name: RABBITMQ_HOST - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: rabbitmq_host - - name: RABBITMQ_PORT - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: rabbitmq_port - - name: EMAIL_SENDING_ENABLED - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: email_sending_enabled - - name: EMAIL_FROM_ADDRESS - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: email_from_address - - name: APP_CONFIG - value: /opt/app-root/src/gunicorn.cfg - - name: ENV_NAME - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: env_name - - name: MINIO_USE_SSL - value: 'true' - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: ${NAME}-minio-${ENV_NAME} - key: MINIO_ACCESS_KEY - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: ${NAME}-minio-${ENV_NAME} - key: MINIO_SECRET_KEY - - name: MINIO_ENDPOINT - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: minio_endpoint - - name: EMAIL_SERVICE_CLIENT_ID - valueFrom: - secretKeyRef: - name: email-service - key: EMAIL_SERVICE_CLIENT_ID - - name: EMAIL_SERVICE_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: email-service - key: EMAIL_SERVICE_CLIENT_SECRET - - name: CHES_AUTH_URL - valueFrom: - secretKeyRef: - name: email-service - key: CHES_AUTH_URL - - name: CHES_EMAIL_URL - valueFrom: - secretKeyRef: - name: email-service - key: CHES_EMAIL_URL - livenessProbe: - failureThreshold: 30 - tcpSocket: - port: 8080 - initialDelaySeconds: ${{HEALTH_CHECK_DELAY}} - periodSeconds: 15 - successThreshold: 1 - timeoutSeconds: 3 - ports: - - containerPort: 8080 - protocol: TCP - readinessProbe: - failureThreshold: 30 - tcpSocket: - port: 8080 - initialDelaySeconds: ${{HEALTH_CHECK_DELAY}} - periodSeconds: 15 - successThreshold: 1 - timeoutSeconds: 3 - resources: - limits: - cpu: ${CPU_LIMIT} - memory: ${MEMORY_LIMIT} - requests: - cpu: ${CPU_REQUEST} - memory: ${MEMORY_REQUEST} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - test: false - triggers: - - imageChangeParams: - automatic: true - containerNames: - - backend - from: - kind: ImageStreamTag - name: ${NAME}-backend:${VERSION} - lastTriggeredImage: null - type: ImageChange - - type: ConfigChange - status: - availableReplicas: 0 - latestVersion: 0 - observedGeneration: 0 - replicas: 0 - unavailableReplicas: 0 - updatedReplicas: 0 diff --git a/openshift-v3/templates/backend/django-secret-template.yaml b/openshift-v3/templates/backend/django-secret-template.yaml deleted file mode 100644 index 150b9b92b..000000000 --- a/openshift-v3/templates/backend/django-secret-template.yaml +++ /dev/null @@ -1,17 +0,0 @@ -## The regular exopression really should be [a-zA-Z0-9!_=$^()+]{50} -## but it doesn't work for oOpenshift -apiVersion: template.openshift.io/v1 -kind: Template -parameters: -- name: DJANGO_SECRET - description: "Cookie used for authentication of cluster nodes" - from: "[a-zA-Z0-9]{50}" - generate: expression -objects: -- apiVersion: v1 - kind: Secret - metadata: - annotations: null - name: template.django-secret - stringData: - DJANGO_SECRET_KEY: ${DJANGO_SECRET} \ No newline at end of file diff --git a/openshift-v3/templates/backend/email-service-secret.yaml b/openshift-v3/templates/backend/email-service-secret.yaml deleted file mode 100644 index 2de0bf6c9..000000000 --- a/openshift-v3/templates/backend/email-service-secret.yaml +++ /dev/null @@ -1,26 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -parameters: -- name: EMAIL_SERVICE_CLIENT_ID - description: the client id for Zeva project - required: true -- name: EMAIL_SERVICE_CLIENT_SECRET - description: the secrete for Zeva project - required: true -- name: CHES_AUTH_URL - description: the authentication url to retrieve token - required: true -- name: CHES_EMAIL_URL - description: the email service url - required: true -objects: -- apiVersion: v1 - kind: Secret - metadata: - annotations: null - name: email-service - stringData: - EMAIL_SERVICE_CLIENT_ID: ${EMAIL_SERVICE_CLIENT_ID} - EMAIL_SERVICE_CLIENT_SECRET: ${EMAIL_SERVICE_CLIENT_SECRET} - CHES_AUTH_URL: ${CHES_AUTH_URL} - CHES_EMAIL_URL: ${CHES_EMAIL_URL} \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/.gitattributes b/openshift-v3/templates/backup-container-2.0.0/.gitattributes deleted file mode 100644 index a295ec358..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/.gitattributes +++ /dev/null @@ -1,12 +0,0 @@ -# Set the default behavior, in case people don't have core.autocrlf set. -* text=auto - -# Declare files that will always have LF line endings on checkout. -backup.* text eol=lf -*.sh text eol=lf -*.md text eol=lf -*.json text eol=lf -*.conf text eol=lf -**/s2i/bin/* text eol=lf -**/root/**/* text eol=lf -**/.scripts/* text eol=lf \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/.gitignore b/openshift-v3/templates/backup-container-2.0.0/.gitignore deleted file mode 100644 index 1d1784a16..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/.gitignore +++ /dev/null @@ -1,16 +0,0 @@ -# See http://help.github.com/ignore-files/ for more about ignoring files. -.DS_Store - -# Files created by the scripts from; https://github.com/BCDevOps/openshift-project-tools -*_DeploymentConfig.json -*_BuildConfig.json -*.local.* -*.overrides.* - -# Visual Studio Code -.vscode - -# Local config -.env -backups -docker/backup.conf \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/CODE_OF_CONDUCT.md b/openshift-v3/templates/backup-container-2.0.0/CODE_OF_CONDUCT.md deleted file mode 100644 index 078593ff7..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,46 +0,0 @@ -# Contributor Covenant Code of Conduct - -## Our Pledge - -In the interest of fostering an open and welcoming environment, we as contributors and maintainers pledge to making participation in our project and our community a harassment-free experience for everyone, regardless of age, body size, disability, ethnicity, gender identity and expression, level of experience, nationality, personal appearance, race, religion, or sexual identity and orientation. - -## Our Standards - -Examples of behavior that contributes to creating a positive environment include: - -* Using welcoming and inclusive language -* Being respectful of differing viewpoints and experiences -* Gracefully accepting constructive criticism -* Focusing on what is best for the community -* Showing empathy towards other community members - -Examples of unacceptable behavior by participants include: - -* The use of sexualized language or imagery and unwelcome sexual attention or advances -* Trolling, insulting/derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or electronic address, without explicit permission -* Other conduct which could reasonably be considered inappropriate in a professional setting - -## Our Responsibilities - -Project maintainers are responsible for clarifying the standards of acceptable behavior and are expected to take appropriate and fair corrective action in response to any instances of unacceptable behavior. - -Project maintainers have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned to this Code of Conduct, or to ban temporarily or permanently any contributor for other behaviors that they deem inappropriate, threatening, offensive, or harmful. - -## Scope - -This Code of Conduct applies both within project spaces and in public spaces when an individual is representing the project or its community. Examples of representing a project or community include using an official project e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event. Representation of a project may be further defined and clarified by project maintainers. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by contacting the project team at angelika.ehlers@gov.bc.ca. The project team will review and investigate all complaints, and will respond in a way that it deems appropriate to the circumstances. The project team is obligated to maintain confidentiality with regard to the reporter of an incident. Further details of specific enforcement policies may be posted separately. - -Project maintainers who do not follow or enforce the Code of Conduct in good faith may face temporary or permanent repercussions as determined by other members of the project's leadership. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4, available at [http://contributor-covenant.org/version/1/4][version] - -[homepage]: http://contributor-covenant.org -[version]: http://contributor-covenant.org/version/1/4/ diff --git a/openshift-v3/templates/backup-container-2.0.0/CONTRIBUTING.md b/openshift-v3/templates/backup-container-2.0.0/CONTRIBUTING.md deleted file mode 100644 index 539ed4eed..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/CONTRIBUTING.md +++ /dev/null @@ -1,10 +0,0 @@ - -# How to contribute - -Government employees, public and members of the private sector are encouraged to contribute to the repository by **forking and submitting a pull request**. - -(If you are new to GitHub, you might start with a [basic tutorial](https://help.github.com/articles/set-up-git) and check out a more detailed guide to [pull requests](https://help.github.com/articles/using-pull-requests/).) - -Pull requests will be evaluated by the repository guardians on a schedule and if deemed beneficial will be committed to the master. - -All contributors retain the original copyright to their stuff, but by contributing to this project, you grant a world-wide, royalty-free, perpetual, irrevocable, non-exclusive, transferable license to all users **under the terms of the license under which this project is distributed.** diff --git a/openshift-v3/templates/backup-container-2.0.0/LICENSE b/openshift-v3/templates/backup-container-2.0.0/LICENSE deleted file mode 100644 index 261eeb9e9..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/LICENSE +++ /dev/null @@ -1,201 +0,0 @@ - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/openshift-v3/templates/backup-container-2.0.0/README.md b/openshift-v3/templates/backup-container-2.0.0/README.md deleted file mode 100644 index eba2501ef..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/README.md +++ /dev/null @@ -1,368 +0,0 @@ ---- -title: Backup Container -description: A simple containerized backup solution for backing up one or more postgres or mongo databases to a secondary location. -author: WadeBarnes -resourceType: Components -personas: - - Developer - - Product Owner - - Designer -labels: - - backup - - backups - - postgres - - mongo - - database ---- -[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](LICENSE) - -# Backup Container -[Backup Container](https://github.com/BCDevOps/backup-container) is a simple containerized backup solution for backing up one or more postgres or mongo databases to a secondary location. _Code and documentation was originally pulled from the [HETS Project](https://github.com/bcgov/hets)_ - -# Backup Container Options -You can run the Backup Container for postgres and mongo databases separately or in a mixed environment. -For a mixed environment: -1) You MUST use the recommended `backup.conf` configuration. -2) Within the `backup.conf`, you MUST specify the `DatabaseType` for each listed database. -3) You will need to create two builds and two deployment configs. One for a postgres backup container and the other for a mongo backup container. -4) Mount the same `backup.conf` file (ConfigMap) to each deployed container. - -## Backups in OpenShift -This project provides you with a starting point for integrating backups into your OpenShift projects. The scripts and templates provided in the [openshift](./openshift) directory are compatible with the [openshift-developer-tools](https://github.com/BCDevOps/openshift-developer-tools) scripts. They help you create an OpenShift deployment or cronjob called `backup` in your projects that runs backups on databases within the project environment. You only need to integrate the scripts and templates into your project(s), the builds can be done with this repository as the source. - -Following are the instructions for running the backups and a restore. - -## Storage -*Before we get too far into the the details, we're going to take a moment to discuss the most important part of the whole process - **The Storage**.* The backup container uses two volumes, one for storing the backups and the other for restore/verification testing. The deployment template separates them intentionally. - -The following sections on storage discuss the recommendations and limitations of the storage classes created specifically for the BC Government's environment. - - -### Backup Storage Volume -The recommended storage class for the backup volume is `nfs-backup`. This class of storage **cannot** be auto-provisioned through the use of a deployment template. The `PersistentVolumeClaim` declared in the supplied deployment template for the *backup volume* will purposely fail to properly provision and wire an `nfs-backup` volume if published before you manually provision your `nfs-backup` claim. - -When using `nfs-backup` you will need to provision your claims **before** you publish your deployment configuration, through either the [service catalog](https://github.com/BCDevOps/provision-nfs-apb#provision-via-gui-catalog) using the [BC Gov NFS Storage](https://github.com/BCDevOps/provision-nfs-apb/blob/master/docs/usage-gui.md) wizard, or by using the [svcat cli](https://github.com/BCDevOps/provision-nfs-apb#provision-via-svcat-cli). - -You'll note the name of the resulting storage claim has a random component to it (example, `bk-devex-von-bc-tob-test-xjrmkhsnshay`). This name needs to be injected into the default value of the `BACKUP_VOLUME_NAME` parameter of the template **before** publishing the deployment configuration in order for the storage to be correctly mounted to the `/backups/` directory of the container. - -`nfs-backup` storageClass is a lower tier of storage and not considered highly available. `read: don't use this for live application storage`. The storageClass **IS** covered by the default enterprise backup policies, and can be directly referenced for restores using the PVC name when opening a restore ticket with 7700. - -`nfs-backup` PVCs **cannot** be used for restore/verification. The permissions on the underlying volume do not allow the PostgreSql server to host it's configuration and data files on a directory backed by this class of storage. - -Ensure you review and plan your storage requirements before provisioning. - -More information on provisioning `nfs-backup` storage here; [provision-nfs-apb](https://github.com/BCDevOps/provision-nfs-apb) - -#### NFS Storage Backup and Retention Policy -NFS backed storage is covered by the following backup and retention policies: -- Backup - - Daily: Incremental - - Monthly: Full -- Retention - - 90 days - -### Restore/Verification Storage Volume -The default storage class for the restore/verification volume is `netapp-file-standard`. The supplied deployment template will auto-provision this volume for you with it is published. Refer to the *Storage Performance* section for performance considerations. - -This volume should be large enough to host your largest database. Set the size by updating/overriding the `VERIFICATION_VOLUME_SIZE` value within the template. - -### Storage Performance -The performance of `netapp-block-standard` for restore/verification is far superior to that of `netapp-file-standard`, however it should only be used in cases where the time it takes to verify a backup begins to encroach on the over-all timing and verification cycle. You want the verification(s) to complete before another backup and verification cycle begins and you want a bit of idle time between the end of one cycle and the beginning of another in case things take a little longer now and again. - -*There are currently no performance stats for the `netapp` storage types.* - -## Deployment / Configuration -Together, the scripts and templates provided in the [openshift](./openshift) directory will automatically deploy the `backup` app as described below. The [backup-deploy.overrides.sh](./openshift/backup-deploy.overrides.sh) script generates the deployment configuration necessary for the [backup.conf](config/backup.conf) file to be mounted as a ConfigMap by the `backup` container. - -The following environment variables are defaults used by the `backup` app. - -**NOTE**: These environment variables MUST MATCH those used by the postgresql container(s) you are planning to backup. - -| Name | Default (if not set) | Purpose | -| ---- | ------- | ------- | -| BACKUP_STRATEGY | rolling | To control the backup strategy used for backups. This is explained more below. | -| BACKUP_DIR | /backups/ | The directory under which backups will be stored. The deployment configuration mounts the persistent volume claim to this location when first deployed. | -| NUM_BACKUPS | 31 | Used for backward compatibility only, this value is used with the daily backup strategy to set the number of backups to retain before pruning. | -| DAILY_BACKUPS | 6 | When using the rolling backup strategy this value is used to determine the number of daily (Mon-Sat) backups to retain before pruning. | -| WEEKLY_BACKUPS | 4 | When using the rolling backup strategy this value is used to determine the number of weekly (Sun) backups to retain before pruning. | -| MONTHLY_BACKUPS | 1 | When using the rolling backup strategy this value is used to determine the number of monthly (last day of the month) backups to retain before pruning. | -| BACKUP_PERIOD | 1d | Only used for Legacy Mode. Ignored when running in Cron Mode. The schedule on which to run the backups. The value is used by a sleep command and can be defined in d, h, m, or s. | -| DATABASE_SERVICE_NAME | postgresql | Used for backward compatibility only. The name of the service/host for the *default* database target. | -| DATABASE_USER_KEY_NAME | database-user | The database user key name stored in database deployment resources specified by DATABASE_DEPLOYMENT_NAME. | -| DATABASE_PASSWORD_KEY_NAME | database-password | The database password key name stored in database deployment resources specified by DATABASE_DEPLOYMENT_NAME. | -| DATABASE_NAME | my_postgres_db | Used for backward compatibility only. The name of the *default* database target; the name of the database you want to backup. | -| DATABASE_USER | *wired to a secret* | The username for the database(s) hosted by the database server. The deployment configuration makes the assumption you have your database credentials stored in secrets (which you should), and the key for the username is `database-user`. The name of the secret must be provided as the `DATABASE_DEPLOYMENT_NAME` parameter to the deployment configuration template. | -| DATABASE_PASSWORD | *wired to a secret* | The password for the database(s) hosted by the database server. The deployment configuration makes the assumption you have your database credentials stored in secrets (which you should), and the key for the username is `database-password`. The name of the secret must be provided as the `DATABASE_DEPLOYMENT_NAME` parameter to the deployment configuration template. | -| FTP_URL | | The FTP server URL. If not specified, the FTP backup feature is disabled. The default value in the deployment configuration is an empty value - not specified. | -| FTP_USER | *wired to a secret* | The username for the FTP server. The deployment configuration creates a secret with the name specified in the FTP_SECRET_KEY parameter (default: `ftp-secret`). The key for the username is `ftp-user` and the value is an empty value by default. | -| FTP_PASSWORD | *wired to a secret* | The password for the FTP server. The deployment configuration creates a secret with the name specified in the FTP_SECRET_KEY parameter (default: `ftp-secret`). The key for the password is `ftp-password` and the value is an empty value by default. | -| WEBHOOK_URL | | The URL of the webhook endpoint to use for notifications. If not specified, the webhook integration feature is disabled. The default value in the deployment configuration is an empty value - not specified. | -| ENVIRONMENT_FRIENDLY_NAME | | A friendly (human readable) name of the environment. This variable is used by the webhook integration to identify the environment from which the backup notifications originate. The default value in the deployment configuration is an empty value - not specified. | -| ENVIRONMENT_NAME | | A name or ID of the environment. This variable is used by the webhook integration to identify the environment from which the backup notifications originate. The default value in the deployment configuration is an empty value - not specified. | - -### backup.conf - -Using this default configuration you can easily back up a single postgres database, however we recommend you extend the configuration and use the `backup.conf` file to list a number of databases for backup and even set a cron schedule for the backups. - -When using the `backup.conf` file the following environment variables are ignored, since you list all of your `host`/`database` pairs in the file; `DATABASE_SERVICE_NAME`, `DATABASE_NAME`. To provide the credentials needed for the listed databases you extend the deployment configuration to include `hostname_USER` and `hostname_PASSWORD` credential pairs which are wired to the appropriate secrets (where hostname matches the hostname/servicename, in all caps and underscores, of the database). For example, if you are backing up a database named `wallet-db/my_wallet`, you would have to extend the deployment configuration to include a `WALLET_DB_USER` and `WALLET_DB_PASSWORD` credential pair, wired to the appropriate secrets, to access the database(s) on the `wallet-db` server. - -### Cron Mode - -The `backup` container supports running the backups on a cron schedule. The schedule is specified in the `backup.conf` file. Refer to the [backup.conf](./config/backup.conf) file for additional details and examples. - -### Cronjob Deployment / Configuration / Constraints - -*This section describes the configuration of an OpenShift CronJob this is different than the Cron Mode supported by the container when deployed in "long running" mode.* - -The cronjob object can be deployed in the same manner as the application, and will also have a dependency on the image built by the build config. The main constraint for the cronjob objects is that they will require a configmap in place of environment variables and does not support the `backup.conf` for multiple database backups in the same job. In order to backup multiple databases, create multiple cronjob objects with their associated configmaps and secrets. - -The following variables are supported in the first iteration of the backup cronjob: - -| Name | Default (if not set) | Purpose | -| ---- | -------------------- | ------- | -| BACKUP_STRATEGY | daily | To control the backup strategy used for backups. This is explained more below. | -| BACKUP_DIR | /backups/ | The directory under which backups will be stored. The deployment configuration mounts the persistent volume claim to this location when first deployed. | -| SCHEDULE | 0 1 * * * | Cron Schedule to Execute the Job (using local cluster system TZ). | -| NUM_BACKUPS | 31 | For backward compatibility this value is used with the daily backup strategy to set the number of backups to retain before pruning. | -| DAILY_BACKUPS | 6 | When using the rolling backup strategy this value is used to determine the number of daily (Mon-Sat) backups to retain before pruning. | -| WEEKLY_BACKUPS | 4 | When using the rolling backup strategy this value is used to determine the number of weekly (Sun) backups to retain before pruning. | -| MONTHLY_BACKUPS | 1 | When using the rolling backup strategy this value is used to determine the number of monthly (last day of the month) backups to retain before pruning. | -| DATABASE_SERVICE_NAME | postgresql | The name of the service/host for the *default* database target. | -| DATABASE_USER_KEY_NAME | database-user | The database user key name stored in database deployment resources specified by DATABASE_DEPLOYMENT_NAME. | -| DATABASE_PASSWORD_KEY_NAME | database-password | The database password key name stored in database deployment resources specified by DATABASE_DEPLOYMENT_NAME. | -| POSTGRESQL_DATABASE | my_postgres_db | The name of the *default* database target; the name of the database you want to backup. | -| POSTGRESQL_USER | *wired to a secret* | The username for the database(s) hosted by the `postgresql` Postgres server. The deployment configuration makes the assumption you have your database credentials stored in secrets (which you should), and the key for the username is `database-user`. The name of the secret must be provided as the `DATABASE_DEPLOYMENT_NAME` parameter to the deployment configuration template. | -| POSTGRESQL_PASSWORD | *wired to a secret* | The password for the database(s) hosted by the `postgresql` Postgres server. The deployment configuration makes the assumption you have your database credentials stored in secrets (which you should), and the key for the username is `database-password`. The name of the secret must be provided as the `DATABASE_DEPLOYMENT_NAME` parameter to the deployment configuration template. | - -The following variables are NOT supported: - -| Name | Default (if not set) | Purpose | -| ---- | -------------------- | ------- | -| BACKUP_PERIOD | 1d | The schedule on which to run the backups. The value is replaced by the cron schedule variable (SCHEDULE) | - -The scheduled job does not yet support the FTP environment variables. - -| Name | -| ---- | -| FTP_URL | -| FTP_USER | -| FTP_PASSWORD | - -### Resources -The backup-container is assigned with `Best-effort` resource type (setting zero for request and limit), which allows the resources to scale up and down without an explicit limit as resource on the node allow. It benefits from large bursts of recourses for short periods of time to get things more quickly. After some time of running the backup-container, you could then set the request and limit according to the average resource consumption. - -## Multiple Databases - -When backing up multiple databases, the retention settings apply to each database individually. For instance if you use the `daily` strategy and set the retention number(s) to 5, you will retain 5 copies of each database. So plan your backup storage accordingly. - -An example of the backup container in action can be found here; [example log output](./docs/ExampleLog.md) - -## Backup Strategies - -The `backup` app supports two backup strategies, each are explained below. Regardless of the strategy backups are identified using a core name derived from the `host/database` specification and a timestamp. All backups are compressed using gzip. - -### Daily - -The daily backup strategy is very simple. Backups are created in dated folders under the top level `/backups/` folder. When the maximum number of backups (`NUM_BACKUPS`) is exceeded, the oldest ones are pruned from disk. - -For example (faked): -``` -================================================================================================================================ -Current Backups: --------------------------------------------------------------------------------------------------------------------------------- -1.0K 2018-10-03 22:16 ./backups/2018-10-03/postgresql-TheOrgBook_Database_2018-10-03_22-16-11.sql.gz -1.0K 2018-10-03 22:16 ./backups/2018-10-03/postgresql-TheOrgBook_Database_2018-10-03_22-16-28.sql.gz -1.0K 2018-10-03 22:16 ./backups/2018-10-03/postgresql-TheOrgBook_Database_2018-10-03_22-16-46.sql.gz -1.0K 2018-10-03 22:16 ./backups/2018-10-03/wallet-db-tob_holder_2018-10-03_22-16-13.sql.gz -1.0K 2018-10-03 22:16 ./backups/2018-10-03/wallet-db-tob_holder_2018-10-03_22-16-31.sql.gz -1.0K 2018-10-03 22:16 ./backups/2018-10-03/wallet-db-tob_holder_2018-10-03_22-16-48.sql.gz -1.0K 2018-10-03 22:16 ./backups/2018-10-03/wallet-db-tob_verifier_2018-10-03_22-16-08.sql.gz -1.0K 2018-10-03 22:16 ./backups/2018-10-03/wallet-db-tob_verifier_2018-10-03_22-16-25.sql.gz -1.0K 2018-10-03 22:16 ./backups/2018-10-03/wallet-db-tob_verifier_2018-10-03_22-16-43.sql.gz -13K 2018-10-03 22:16 ./backups/2018-10-03 -... -61K 2018-10-04 10:43 ./backups/ -================================================================================================================================ -``` - -### Rolling - -The rolling backup strategy provides a bit more flexibility. It allows you to keep a number of recent `daily` backups, a number of `weekly` backups, and a number of `monthly` backups. - -- Daily backups are any backups done Monday through Saturday. -- Weekly backups are any backups done at the end of the week, which we're calling Sunday. -- Monthly backups are any backups done on the last day of a month. - -There are retention settings you can set for each. The defaults provide you with a week's worth of `daily` backups, a month's worth of `weekly` backups, and a single backup for the previous month. - -Although the example does not show any `weekly` or `monthly` backups, you can see from the example that the folders are further broken down into the backup type. - -For example (faked): -``` -================================================================================================================================ -Current Backups: --------------------------------------------------------------------------------------------------------------------------------- -0 2018-10-03 22:16 ./backups/daily/2018-10-03 -1.0K 2018-10-04 09:29 ./backups/daily/2018-10-04/postgresql-TheOrgBook_Database_2018-10-04_09-29-52.sql.gz -1.0K 2018-10-04 10:37 ./backups/daily/2018-10-04/postgresql-TheOrgBook_Database_2018-10-04_10-37-15.sql.gz -1.0K 2018-10-04 09:29 ./backups/daily/2018-10-04/wallet-db-tob_holder_2018-10-04_09-29-55.sql.gz -1.0K 2018-10-04 10:37 ./backups/daily/2018-10-04/wallet-db-tob_holder_2018-10-04_10-37-18.sql.gz -1.0K 2018-10-04 09:29 ./backups/daily/2018-10-04/wallet-db-tob_verifier_2018-10-04_09-29-49.sql.gz -1.0K 2018-10-04 10:37 ./backups/daily/2018-10-04/wallet-db-tob_verifier_2018-10-04_10-37-12.sql.gz -22K 2018-10-04 10:43 ./backups/daily/2018-10-04 -22K 2018-10-04 10:43 ./backups/daily -4.0K 2018-10-03 22:16 ./backups/monthly/2018-10-03 -4.0K 2018-10-03 22:16 ./backups/monthly -4.0K 2018-10-03 22:16 ./backups/weekly/2018-10-03 -4.0K 2018-10-03 22:16 ./backups/weekly -61K 2018-10-04 10:43 ./backups/ -================================================================================================================================ -``` - -## Using the Backup Script - -The [backup script](./docker/backup.sh) has a few utility features built into it. For a full list of features and documentation run `backup.sh -h`. - -Features include: - -- The ability to list the existing backups, `backup.sh -l` -- Listing the current configuration, `backup.sh -c` -- Running a single backup cycle, `backup.sh -1` -- Restoring a database from backup, `backup.sh -r [-f ]` - - Restore mode will allow you to restore a database to a different location (host, and/or database name) provided it can contact the host and you can provide the appropriate credentials. -- Verifying backups, `backup.sh [-s] -v [-f ]` - - Verify mode will restore a backup to the local server to ensure it can be restored without error. Once restored a table query is performed to ensure there was at least one table restored and queries against the database succeed without error. All database files and configuration are destroyed following the tests. - -## Using Backup Verification - -The [backup script](./docker/backup.sh) supports running manual or scheduled verifications on your backups; `backup.sh [-s] -v [-f ]`. Refer to the script documentation `backup.sh -h`, and the configuration documentation, [backup.conf](config/backup.conf), for additional details on how to use this feature. - -## Using the FTP backup - -- The FTP backup feature is enabled by specifying the FTP server URL `FTP_URL`. -- The FTP server must support FTPS. -- Path can be added to the URL. For example, the URL can be `ftp://ftp.gov.bc.ca/schoolbus-db-backup/`. Note that when adding path, the URL must be ended with `/` as the example. -- The username and password must be populated in the secret key. Refer to the deployment configuration section. -- There is a known issue for FTPS with Windows 2012 FTP. http://redoubtsolutions.com/fix-the-supplied-message-is-incomplete-error-when-you-use-an-ftps-client-to-upload-a-file-in-windows/ - -## Using the Webhook Integration - -The Webhook integration feature is enabled by specifying the webhook URL, `WEBHOOK_URL`, in your configuration. It's recommended that you also provide values for `ENVIRONMENT_FRIENDLY_NAME` and `ENVIRONMENT_NAME`, so you can better identify the environment from which the messages originate and do things like produce links to the environment. - -The Webhook integration feature was built with Rocket.Chat in mind and an integration script for Rocket.Chat can be found in [rocket.chat.integration.js](./scripts/rocket.chat.integration.js). This script was developed to support the BC OpenShift environment and will format the notifications from the backup script into Rocket.Chat messages (examples below). If you provide values for the environment name (`ENVIRONMENT_FRIENDLY_NAME` and `ENVIRONMENT_NAME`) hyperlinks will be added to the messages to link you to the project console. - -Sample Message: - -![Sample Message](./docs/SampleRocketChatMessage.png) - -Sample Error Message: - -![Sample Erros Message](./docs/SampleRocketChatErrorMessage.png) - -For information on how setup a webhook in Rocket.Chat refer to [Incoming WebHook Scripting](https://rocket.chat/docs/administrator-guides/integrations/). The **Webhook URL** created during this process is the URL you use for `WEBHOOK_URL` to enable the Webhook integration feature. - -## Database Plugin Support - -The backup container uses a plugin architecture to perform the database specific operations needed to support various database types. - -The plugins are loaded dynamically based on the container type. By default the `backup.null.plugin` will be loaded when the container type is not recognized. - -To add support for a new database type: -1) Update the `getContainerType` function in [backup.container.utils](./docker/backup.container.utils) to detect the new type of database. -2) Using the existing plugins as reference, implement the database specific scripts for the new database type. -3) Using the existing docker files as reference, create a new one to build the new container type. -4) Update the build and deployment templates and their documentation as needed. -5) Update the project documentation as needed. -6) Test, test, test. -7) Submit a PR. - -Plugin Examples: -- [backup.postgres.plugin](./docker/backup.postgres.plugin) - - Postgres backup implementation. - -- [backup.mongo.plugin](./docker/backup.mongo.plugin) - - Mongo backup implementation. - -- [backup.null.plugin](./docker/backup.null.plugin) - - Sample/Template backup implementation that simply outputs log messages for the various operations. - -## Backup - -*The following sections describes (some) postgres specific implementation, however the steps are generally the same between database implementations.* - -The purpose of the backup app is to do automatic backups. Deploy the Backup app to do daily backups. Viewing the Logs for the Backup App will show a record of backups that have been completed. - -The Backup app performs the following sequence of operations: - -1. Create a directory that will be used to store the backup. -2. Use the `pg_dump` and `gzip` commands to make a backup. -3. Cull backups more than $NUM_BACKUPS (default 31 - configured in deployment script) -4. Wait/Sleep for a period of time and repeat - -Note that with the pod deployment, we support cron schedule(s) or the legacy mode (which uses a simple "sleep") to run the backup periodically. With the OpenShift Scheduled Job deployment, use the backup-cronjob.yaml template and set the schedule via the OpenShift cronjob object SCHEDULE template parameter. - -A separate pod is used vs. having the backups run from the Postgres Pod for fault tolerant purposes - to keep the backups separate from the database storage. We don't want to, for example, lose the storage of the database, or have the database and backups storage fill up, and lose both the database and the backups. - -### Immediate Backup: - -#### Execute a single backup cycle with the pod deployment - -- Check the logs of the Backup pod to make sure a backup isn't run right now (pretty unlikely...) -- Open a terminal window to the pod -- Run `backup.sh -1` - - This will run a single backup cycle and exit. - -#### Execute an on demand backup using the scheduled job - -- Run the following: `oc create job ${SOMEJOBNAME} --from=cronjob/${BACKUP_CRONJOB_NAME}` - - example: `oc create job my-backup-1 --from=cronjob/backup-postgresql` - - this will run a single backup job and exit. - - note: the jobs created in this manner are NOT cleaned up by the scheduler like the automated jobs are. - -### Restore - -The `backup.sh` script's restore mode makes it very simple to restore the most recent backup of a particular database. It's as simple as running a the following command, for example (run `backup.sh -h` for full details on additional options); - - backup.sh -r postgresql/TheOrgBook_Database - -Following are more detailed steps to perform a restore of a backup. - -1. Log into the OpenShift Console and log into OpenShift on the command shell window. - 1. The instructions here use a mix of the console and command line, but all could be done from a command shell using "oc" commands. -1. Scale to 0 all Apps that use the database connection. - 1. This is necessary as the Apps will need to restart to pull data from the restored backup. - 1. It is recommended that you also scale down to 0 your client application so that users know the application is unavailable while the database restore is underway. - 1. A nice addition to this would be a user-friendly "This application is offline" message - not yet implemented. -1. Restart the database pod as a quick way of closing any other database connections from users using port forward or that have rsh'd to directly connect to the database. -1. Open an rsh into the backup pod: - 1. Open a command prompt connection to OpenShift using `oc login` with parameters appropriate for your OpenShift host. - 1. Change to the OpenShift project containing the Backup App `oc project ` - 1. List pods using `oc get pods` - 1. Open a remote shell connection to the **backup** pod. `oc rsh ` -1. In the rsh run the backup script in restore mode, `./backup.sh -r `, to restore the desired backup file. For full information on how to use restore mode, refer to the script documentation, `./backup.sh -h`. Have the Admin password for the database handy, the script will ask for it during the restore process. - 1. The restore script will automatically grant the database user access to the restored database. If there are other users needing access to the database, such as the DBA group, you will need to additionally run the following commands on the database pod itself using `psql`: - 1. Get a list of the users by running the command `\du` - 1. For each user that is not "postgres" and $POSTGRESQL_USER, execute the command `GRANT SELECT ON ALL TABLES IN SCHEMA public TO "";` - 1. If users have been set up with other grants, set them up as well. -1. Verify that the database restore worked - 1. On the database pod, query a table - e.g the USER table: `SELECT * FROM "SBI_USER";` - you can look at other tables if you want. - 1. Verify the expected data is shown. -1. Exit remote shells back to your local command line -1. From the Openshift Console restart the app: - 1. Scale up any pods you scaled down and wait for them to finish starting up. View the logs to verify there were no startup issues. -1. Verify full application functionality. - -Done! - -## Tip and Tricks - -Please refer to the [Tips and Tricks](./docs/TipsAndTricks.md) document for solutions to known issues. - -## Getting Help or Reporting an Issue -To report bugs/issues/feature requests, please file an [issue](../../issues). - -## How to Contribute -If you would like to contribute, please see our [CONTRIBUTING](./CONTRIBUTING.md) guidelines. - -Please note that this project is released with a [Contributor Code of Conduct](./CODE_OF_CONDUCT.md). -By participating in this project you agree to abide by its terms. diff --git a/openshift-v3/templates/backup-container-2.0.0/config/backup.conf b/openshift-v3/templates/backup-container-2.0.0/config/backup.conf deleted file mode 100644 index 2ad3354df..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/config/backup.conf +++ /dev/null @@ -1,52 +0,0 @@ -# ============================================================ -# Databases: -# ------------------------------------------------------------ -# List the databases you want backed up here. -# Databases will be backed up in the order they are listed. -# -# The entries must be in one of the following forms: -# - / -# - :/ -# - =/ -# - =:/ -# can be postgres or mongo -# MUST be specified when you are sharing a -# single backup.conf file between postgres and mongo -# backup containers. If you do not specify -# the listed databases are assumed to be valid for the -# backup container in which the configuration is mounted. -# -# Examples: -# - postgres=postgresql/my_database -# - postgres=postgresql:5432/my_database -# - mongo=mongodb/my_database -# - mongo=mongodb:27017/my_database -# ----------------------------------------------------------- -# Cron Scheduling: -# ----------------------------------------------------------- -# List your backup and verification schedule(s) here as well. -# The schedule(s) must be listed as cron tabs that -# execute the script in 'scheduled' mode: -# - ./backup.sh -s -# -# Examples (assuming system's TZ is set to PST): -# - 0 1 * * * default ./backup.sh -s -# - Run a backup at 1am Pacific every day. -# -# - 0 4 * * * default ./backup.sh -s -v all -# - Verify the most recent backups for all datbases -# at 4am Pacific every day. -# ----------------------------------------------------------- -# Full Example: -# ----------------------------------------------------------- -# postgres=postgresql:5432/TheOrgBook_Database -# mongo=mender-mongodb:27017/useradm -# postgres=wallet-db/tob_issuer -# -# 0 1 * * * default ./backup.sh -s -# 0 4 * * * default ./backup.sh -s -v all -# ============================================================ -patroni-master-prod:5432/zeva -0 21 * * * default ./backup.sh -s -0 22 * * * default ./backup.sh -s -v all -0 20 * * * default find /backups/minio-backup/* -type d -ctime +7 | xargs rm -rf;mkdir -p /backups/minio-backup/$(date +%Y%m%d);cp -rn /minio-data/* /backups/minio-backup/$(date +%Y%m%d) \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/Dockerfile b/openshift-v3/templates/backup-container-2.0.0/docker/Dockerfile deleted file mode 100644 index 4cc88a758..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/Dockerfile +++ /dev/null @@ -1,42 +0,0 @@ -# This image provides a postgres installation from which to run backups -FROM registry.access.redhat.com/rhscl/postgresql-10-rhel7 - -# Change timezone to PST for convenience -ENV TZ=PST8PDT - -# Set the workdir to be root -WORKDIR / - -# Load the backup scripts into the container (must be executable). -COPY backup.* / - -COPY webhook-template.json / - -# ======================================================================================================== -# Install go-crond (from https://github.com/BCDevOps/go-crond) -# - Adds some additional logging enhancements on top of the upstream project; -# https://github.com/webdevops/go-crond -# -# CRON Jobs in OpenShift: -# - https://blog.danman.eu/cron-jobs-in-openshift/ -# -------------------------------------------------------------------------------------------------------- -ARG SOURCE_REPO=BCDevOps -ARG GOCROND_VERSION=0.6.3 -ADD https://github.com/$SOURCE_REPO/go-crond/releases/download/$GOCROND_VERSION/go-crond-64-linux /usr/bin/go-crond - -USER root - -RUN chmod ug+x /usr/bin/go-crond -# ======================================================================================================== - -# ======================================================================================================== -# Perform operations that require root privilages here ... -# -------------------------------------------------------------------------------------------------------- -RUN echo $TZ > /etc/timezone -# ======================================================================================================== - -# Important - Reset to the base image's user account. -USER 26 - -# Set the default CMD. -CMD sh /backup.sh \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/Dockerfile_Mongo b/openshift-v3/templates/backup-container-2.0.0/docker/Dockerfile_Mongo deleted file mode 100644 index 4187c170f..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/Dockerfile_Mongo +++ /dev/null @@ -1,42 +0,0 @@ -# This image provides a mongo installation from which to run backups -FROM registry.access.redhat.com/rhscl/mongodb-36-rhel7 - -# Change timezone to PST for convenience -ENV TZ=PST8PDT - -# Set the workdir to be root -WORKDIR / - -# Load the backup scripts into the container (must be executable). -COPY backup.* / - -COPY webhook-template.json / - -# ======================================================================================================== -# Install go-crond (from https://github.com/BCDevOps/go-crond) -# - Adds some additional logging enhancements on top of the upstream project; -# https://github.com/webdevops/go-crond -# -# CRON Jobs in OpenShift: -# - https://blog.danman.eu/cron-jobs-in-openshift/ -# -------------------------------------------------------------------------------------------------------- -ARG SOURCE_REPO=BCDevOps -ARG GOCROND_VERSION=0.6.3 -ADD https://github.com/$SOURCE_REPO/go-crond/releases/download/$GOCROND_VERSION/go-crond-64-linux /usr/bin/go-crond - -USER root - -RUN chmod ug+x /usr/bin/go-crond -# ======================================================================================================== - -# ======================================================================================================== -# Perform operations that require root privilages here ... -# -------------------------------------------------------------------------------------------------------- -RUN echo $TZ > /etc/timezone -# ======================================================================================================== - -# Important - Reset to the base image's user account. -USER 26 - -# Set the default CMD. -CMD sh /backup.sh \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.config.utils b/openshift-v3/templates/backup-container-2.0.0/docker/backup.config.utils deleted file mode 100644 index b933846b9..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.config.utils +++ /dev/null @@ -1,485 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# Configuration Utility Functions: -# ----------------------------------------------------------------------------------------------------------------- -function getDatabaseName(){ - ( - _databaseSpec=${1} - _databaseName=$(echo ${_databaseSpec} | sed -n 's~^.*/\(.*$\)~\1~p') - echo "${_databaseName}" - ) -} - -function getDatabaseType(){ - ( - _databaseSpec=${1} - _databaseType=$(echo ${_databaseSpec} | sed -n 's~^\(.*\)=.*$~\1~p' | tr '[:upper:]' '[:lower:]') - echo "${_databaseType}" - ) -} - -function getPort(){ - ( - local OPTIND - local localhost - unset localhost - while getopts :l FLAG; do - case $FLAG in - l ) localhost=1 ;; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - if [ -z "${localhost}" ]; then - portsed="s~^.*:\([[:digit:]]\+\)/.*$~\1~p" - _port=$(echo ${_databaseSpec} | sed -n "${portsed}") - fi - - echo "${_port}" - ) -} - -function getHostname(){ - ( - local OPTIND - local localhost - unset localhost - while getopts :l FLAG; do - case $FLAG in - l ) localhost=1 ;; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - if [ -z "${localhost}" ]; then - _hostname=$(echo ${_databaseSpec} | sed 's~^.\+[=]~~;s~[:/].*~~') - else - _hostname="127.0.0.1" - fi - - echo "${_hostname}" - ) -} - -function getHostPrefix(){ - ( - _hostname=${1} - _hostPrefix=$(echo ${_hostname} | tr '[:lower:]' '[:upper:]' | sed "s~-~_~g") - echo "${_hostPrefix}" - ) -} - -function getHostUserParam(){ - ( - _hostname=${1} - _hostUser=$(getHostPrefix ${_hostname})_USER - echo "${_hostUser}" - ) -} - -function getHostPasswordParam(){ - ( - _hostname=${1} - _hostPassword=$(getHostPrefix ${_hostname})_PASSWORD - echo "${_hostPassword}" - ) -} - -function readConf(){ - ( - local OPTIND - local readCron - local quiet - local all - unset readCron - unset quiet - while getopts cqa FLAG; do - case $FLAG in - c ) readCron=1 ;; - q ) quiet=1 ;; - a ) all=1 ;; - esac - done - shift $((OPTIND-1)) - - # Remove all comments and any blank lines - filters="/^[[:blank:]]*$/d;/^[[:blank:]]*#/d;/#.*/d;" - - if [ -z "${readCron}" ]; then - # Read in the database config ... - # - Remove any lines that do not match the expected database spec format(s) - # - [=]/ - # - [=]:/ - filters+="/^[a-zA-Z0-9=_/-]*\(:[0-9]*\)\?\/[a-zA-Z0-9_/-]*$/!d;" - if [ -z "${all}" ]; then - # Remove any database configs that are not for the current container type - # Database configs that do not define the database type are assumed to be for the current container type - filters+="/\(^[a-zA-Z0-9_/-]*\(:[0-9]*\)\?\/[a-zA-Z0-9_/-]*$\)\|\(^${CONTAINER_TYPE}=\)/!d;" - fi - else - # Read in the cron config ... - # - Remove any lines that MATCH expected database spec format(s), - # leaving, what should be, cron tabs. - filters+="/^[a-zA-Z0-9=_/-]*\(:[0-9]*\)\?\/[a-zA-Z0-9_/-]*$/d;" - fi - - if [ -f ${BACKUP_CONF} ]; then - if [ -z "${quiet}" ]; then - echo "Reading backup config from ${BACKUP_CONF} ..." >&2 - fi - _value=$(sed "${filters}" ${BACKUP_CONF}) - fi - - if [ -z "${_value}" ] && [ -z "${readCron}" ]; then - # Backward compatibility - if [ -z "${quiet}" ]; then - echo "Reading backup config from environment variables ..." >&2 - fi - _value="${DATABASE_SERVICE_NAME}${DEFAULT_PORT:+:${DEFAULT_PORT}}${POSTGRESQL_DATABASE:+/${POSTGRESQL_DATABASE}}" - fi - - echo "${_value}" - ) -} - -function getNumBackupsToRetain(){ - ( - _count=0 - _backupType=${1:-$(getBackupType)} - - case "${_backupType}" in - daily) - _count=${DAILY_BACKUPS} - if (( ${_count} <= 0 )) && (( ${WEEKLY_BACKUPS} <= 0 )) && (( ${MONTHLY_BACKUPS} <= 0 )); then - _count=1 - fi - ;; - weekly) - _count=${WEEKLY_BACKUPS} - ;; - monthly) - _count=${MONTHLY_BACKUPS} - ;; - *) - _count=${NUM_BACKUPS} - ;; - esac - - echo "${_count}" - ) -} - -function getUsername(){ - ( - _databaseSpec=${1} - _hostname=$(getHostname ${_databaseSpec}) - _paramName=$(getHostUserParam ${_hostname}) - # Backward compatibility ... - _username="${!_paramName:-${DATABASE_USER}}" - echo ${_username} - ) -} - -function getPassword(){ - ( - _databaseSpec=${1} - _hostname=$(getHostname ${_databaseSpec}) - _paramName=$(getHostPasswordParam ${_hostname}) - # Backward compatibility ... - _password="${!_paramName:-${DATABASE_PASSWORD}}" - echo ${_password} - ) -} - -function isLastDayOfMonth(){ - ( - _date=${1:-$(date)} - _day=$(date -d "${_date}" +%-d) - _month=$(date -d "${_date}" +%-m) - _lastDayOfMonth=$(date -d "${_month}/1 + 1 month - 1 day" "+%-d") - - if (( ${_day} == ${_lastDayOfMonth} )); then - return 0 - else - return 1 - fi - ) -} - -function isLastDayOfWeek(){ - ( - # We're calling Sunday the last dayt of the week in this case. - _date=${1:-$(date)} - _dayOfWeek=$(date -d "${_date}" +%u) - - if (( ${_dayOfWeek} == 7 )); then - return 0 - else - return 1 - fi - ) -} - -function getBackupType(){ - ( - _backupType="" - if rollingStrategy; then - if isLastDayOfMonth && (( "${MONTHLY_BACKUPS}" > 0 )); then - _backupType="monthly" - elif isLastDayOfWeek; then - _backupType="weekly" - else - _backupType="daily" - fi - fi - echo "${_backupType}" - ) -} - -function rollingStrategy(){ - if [[ "${BACKUP_STRATEGY}" == "rolling" ]] && (( "${WEEKLY_BACKUPS}" >= 0 )) && (( "${MONTHLY_BACKUPS}" >= 0 )); then - return 0 - else - return 1 - fi -} - -function dailyStrategy(){ - if [[ "${BACKUP_STRATEGY}" == "daily" ]] || (( "${WEEKLY_BACKUPS}" < 0 )); then - return 0 - else - return 1 - fi -} - -function listSettings(){ - _backupDirectory=${1:-$(createBackupFolder -g)} - _databaseList=${2:-$(readConf -q)} - _yellow='\e[33m' - _nc='\e[0m' # No Color - _notConfigured="${_yellow}not configured${_nc}" - - echo -e \\n"Settings:" - _mode=$(getMode 2>/dev/null) - echo -e "- Run mode: ${_mode}"\\n - - if rollingStrategy; then - echo "- Backup strategy: rolling" - fi - if dailyStrategy; then - echo "- Backup strategy: daily" - fi - if ! rollingStrategy && ! dailyStrategy; then - echoYellow "- Backup strategy: Unknown backup strategy; ${BACKUP_STRATEGY}" - _configurationError=1 - fi - backupType=$(getBackupType) - if [ -z "${backupType}" ]; then - echo "- Current backup type: flat daily" - else - echo "- Current backup type: ${backupType}" - fi - echo "- Backups to retain:" - if rollingStrategy; then - echo " - Daily: $(getNumBackupsToRetain daily)" - echo " - Weekly: $(getNumBackupsToRetain weekly)" - echo " - Monthly: $(getNumBackupsToRetain monthly)" - else - echo " - Total: $(getNumBackupsToRetain)" - fi - echo "- Current backup folder: ${_backupDirectory}" - - if [[ "${_mode}" != ${ONCE} ]]; then - if [[ "${_mode}" == ${CRON} ]] || [[ "${_mode}" == ${SCHEDULED} ]]; then - _backupSchedule=$(readConf -cq) - echo "- Time Zone: $(date +"%Z %z")" - fi - _backupSchedule=$(formatList "${_backupSchedule:-${BACKUP_PERIOD}}") - echo -e \\n"- Schedule:" - echo "${_backupSchedule}" - fi - - if [[ "${CONTAINER_TYPE}" == "${UNKNOWN_DB}" ]] && [ -z "${_allowNullPlugin}" ]; then - echoRed "\n- Container Type: ${CONTAINER_TYPE}" - _configurationError=1 - else - echo -e "\n- Container Type: ${CONTAINER_TYPE}" - fi - - _databaseList=$(formatList "${_databaseList}") - echo "- Databases (filtered by container type):" - echo "${_databaseList}" - echo - - if [ -z "${FTP_URL}" ]; then - echo -e "- FTP server: ${_notConfigured}" - else - echo "- FTP server: ${FTP_URL}" - fi - - if [ -z "${WEBHOOK_URL}" ]; then - echo -e "- Webhook Endpoint: ${_notConfigured}" - else - echo "- Webhook Endpoint: ${WEBHOOK_URL}" - fi - - if [ -z "${ENVIRONMENT_FRIENDLY_NAME}" ]; then - echo -e "- Environment Friendly Name: ${_notConfigured}" - else - echo -e "- Environment Friendly Name: ${ENVIRONMENT_FRIENDLY_NAME}" - fi - if [ -z "${ENVIRONMENT_NAME}" ]; then - echo -e "- Environment Name (Id): ${_notConfigured}" - else - echo "- Environment Name (Id): ${ENVIRONMENT_NAME}" - fi - - if [ ! -z "${_configurationError}" ]; then - echo - logError "Configuration error! The script will exit." - sleep 5 - exit 1 - fi - echo -} - -function isScheduled(){ - ( - if [ ! -z "${SCHEDULED_RUN}" ]; then - return 0 - else - return 1 - fi - ) -} - -function isScripted(){ - ( - if [ ! -z "${SCHEDULED_RUN}" ]; then - return 0 - else - return 1 - fi - ) -} - -function restoreMode(){ - ( - if [ ! -z "${_restoreDatabase}" ]; then - return 0 - else - return 1 - fi - ) -} - -function verifyMode(){ - ( - if [ ! -z "${_verifyBackup}" ]; then - return 0 - else - return 1 - fi - ) -} - -function pruneMode(){ - ( - if [ ! -z "${RUN_PRUNE}" ]; then - return 0 - else - return 1 - fi - ) -} - -function cronMode(){ - ( - cronTabs=$(readConf -cq) - if isInstalled "go-crond" && [ ! -z "${cronTabs}" ]; then - return 0 - else - return 1 - fi - ) -} - -function runOnce() { - if [ ! -z "${RUN_ONCE}" ]; then - return 0 - else - return 1 - fi -} - -function getMode(){ - ( - unset _mode - - if pruneMode; then - _mode="${PRUNE}" - fi - - if [ -z "${_mode}" ] && restoreMode; then - _mode="${RESTORE}" - fi - - if [ -z "${_mode}" ] && verifyMode; then - # Determine if this is a scheduled verification or a manual one. - if isScheduled; then - if cronMode; then - _mode="${SCHEDULED_VERIFY}" - else - _mode="${ERROR}" - logError "Scheduled mode cannot be used without cron being installed and at least one cron tab being defined in ${BACKUP_CONF}." - fi - else - _mode="${VERIFY}" - fi - fi - - if [ -z "${_mode}" ] && runOnce; then - _mode="${ONCE}" - fi - - if [ -z "${_mode}" ] && isScheduled; then - if cronMode; then - _mode="${SCHEDULED}" - else - _mode="${ERROR}" - logError "Scheduled mode cannot be used without cron being installed and at least one cron tab being defined in ${BACKUP_CONF}." - fi - fi - - if [ -z "${_mode}" ] && cronMode; then - _mode="${CRON}" - fi - - if [ -z "${_mode}" ]; then - _mode="${LEGACY}" - fi - - echo "${_mode}" - ) -} - -function validateOperation(){ - ( - _databaseSpec=${1} - _mode=${2} - _rtnCd=0 - - if [[ "${_mode}" == ${RESTORE} ]] && ! isForContainerType ${_databaseSpec}; then - echoRed "\nYou are attempting to restore database '${_databaseSpec}' from a ${CONTAINER_TYPE} container." - echoRed "Cannot continue with the restore. It must be initiated from the matching container type." - _rtnCd=1 - fi - - return ${_rtnCd} - ) -} -# ====================================================================================== \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.container.utils b/openshift-v3/templates/backup-container-2.0.0/docker/backup.container.utils deleted file mode 100644 index 3bb4115b6..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.container.utils +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# Container Utility Functions: -# ----------------------------------------------------------------------------------------------------------------- -function isPostgres(){ - ( - if isInstalled "psql"; then - return 0 - else - return 1 - fi - ) -} - -function isMongo(){ - ( - if isInstalled "mongo"; then - return 0 - else - return 1 - fi - ) -} - -function getContainerType(){ - ( - local _containerType=${UNKNOWN_DB} - _rtnCd=0 - - if isPostgres; then - _containerType=${POSTGRE_DB} - elif isMongo; then - _containerType=${MONGO_DB} - else - _containerType=${UNKNOWN_DB} - _rtnCd=1 - fi - - echo "${_containerType}" - return ${_rtnCd} - ) -} - -function isForContainerType(){ - ( - _databaseSpec=${1} - _databaseType=$(getDatabaseType ${_databaseSpec}) - - # If the database type has not been defined, assume the database spec is valid for the current databse container type. - if [ -z "${_databaseType}" ] || [[ "${_databaseType}" == "${CONTAINER_TYPE}" ]]; then - return 0 - else - return 1 - fi - ) -} -# ====================================================================================== \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.file.utils b/openshift-v3/templates/backup-container-2.0.0/docker/backup.file.utils deleted file mode 100644 index 79dae39e6..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.file.utils +++ /dev/null @@ -1,233 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# File Utility Functions -# ----------------------------------------------------------------------------------------------------------------- -function makeDirectory() -{ - ( - # Creates directories with permissions reclusively. - # ${1} is the directory to be created - # Inspired by https://unix.stackexchange.com/questions/49263/recursive-mkdir - directory="${1}" - test $# -eq 1 || { echo "Function 'makeDirectory' can create only one directory (with it's parent directories)."; exit 1; } - test -d "${directory}" && return 0 - test -d "$(dirname "${directory}")" || { makeDirectory "$(dirname "${directory}")" || return 1; } - test -d "${directory}" || { mkdir --mode=g+w "${directory}" || return 1; } - return 0 - ) -} - -function finalizeBackup(){ - ( - _filename=${1} - _inProgressFilename="${_filename}${IN_PROGRESS_BACKUP_FILE_EXTENSION}" - _finalFilename="${_filename}${BACKUP_FILE_EXTENSION}" - - if [ -f ${_inProgressFilename} ]; then - mv "${_inProgressFilename}" "${_finalFilename}" - echo "${_finalFilename}" - fi - ) -} - -function listExistingBackups(){ - ( - local _backupDir=${1:-${ROOT_BACKUP_DIR}} - local database - local databases=$(readConf -q) - local output="\nDatabase,Current Size" - - for database in ${databases}; do - if isForContainerType ${database}; then - output+="\n${database},$(getDbSize "${database}")" - fi - done - - echoMagenta "\n================================================================================================================================" - echoMagenta "Current Backups:" - echoMagenta "\n$(echo -ne "${output}" | column -t -s ,)" - echoMagenta "\n$(df -h ${_backupDir})" - echoMagenta "--------------------------------------------------------------------------------------------------------------------------------" - du -ah --time ${_backupDir} - echoMagenta "================================================================================================================================\n" - ) -} - -function getDirectoryName(){ - ( - local path=${1} - path="${path%"${path##*[!/]}"}" - local name="${path##*/}" - echo "${name}" - ) -} - -function getBackupTypeFromPath(){ - ( - local path=${1} - path="${path%"${path##*[!/]}"}" - path="$(dirname "${path}")" - local backupType=$(getDirectoryName "${path}") - echo "${backupType}" - ) -} - -function prune(){ - ( - local database - local backupDirs - local backupDir - local backupType - local backupTypes - local pruneBackup - unset backupTypes - unset backupDirs - unset pruneBackup - - local databases=$(readConf -q) - if rollingStrategy; then - backupTypes="daily weekly monthly" - for backupType in ${backupTypes}; do - backupDirs="${backupDirs} $(createBackupFolder -g ${backupType})" - done - else - backupDirs=$(createBackupFolder -g) - fi - - if [ ! -z "${_fromBackup}" ]; then - pruneBackup="$(findBackup "" "${_fromBackup}")" - while [ ! -z "${pruneBackup}" ]; do - echoYellow "\nAbout to delete backup file: ${pruneBackup}" - waitForAnyKey - rm -rfvd "${pruneBackup}" - - # Quietly delete any empty directories that are left behind ... - find ${ROOT_BACKUP_DIR} -type d -empty -delete > /dev/null 2>&1 - pruneBackup="$(findBackup "" "${_fromBackup}")" - done - else - for backupDir in ${backupDirs}; do - for database in ${databases}; do - unset backupType - if rollingStrategy; then - backupType=$(getBackupTypeFromPath "${backupDir}") - fi - pruneBackups "${backupDir}" "${database}" "${backupType}" - done - done - fi - ) -} - -function pruneBackups(){ - ( - _backupDir=${1} - _databaseSpec=${2} - _backupType=${3:-''} - _pruneDir="$(dirname "${_backupDir}")" - _numBackupsToRetain=$(getNumBackupsToRetain "${_backupType}") - _coreFilename=$(generateCoreFilename ${_databaseSpec}) - - if [ -d ${_pruneDir} ]; then - let _index=${_numBackupsToRetain}+1 - _filesToPrune=$(find ${_pruneDir}* -type f -printf '%T@ %p\n' | grep ${_coreFilename} | sort -r | tail -n +${_index} | sed 's~^.* \(.*$\)~\1~') - - if [ ! -z "${_filesToPrune}" ]; then - echoYellow "\nPruning ${_coreFilename} backups from ${_pruneDir} ..." - echo "${_filesToPrune}" | xargs rm -rfvd - - # Quietly delete any empty directories that are left behind ... - find ${ROOT_BACKUP_DIR} -type d -empty -delete > /dev/null 2>&1 - fi - fi - ) -} - -function touchBackupFile() { - ( - # For safety, make absolutely certain the directory and file exist. - # The pruning process removes empty directories, so if there is an error - # during a backup the backup directory could be deleted. - _backupFile=${1} - _backupDir="${_backupFile%/*}" - makeDirectory ${_backupDir} && touch ${_backupFile} - ) -} - -function findBackup(){ - ( - _databaseSpec=${1} - _fileName=${2} - - # If no backup file was specified, find the most recent for the database. - # Otherwise treat the value provided as a filter to find the most recent backup file matching the filter. - if [ -z "${_fileName}" ]; then - _coreFilename=$(generateCoreFilename ${_databaseSpec}) - _fileName=$(find ${ROOT_BACKUP_DIR}* -type f -printf '%T@ %p\n' | grep ${_coreFilename} | sort | tail -n 1 | sed 's~^.* \(.*$\)~\1~') - else - _fileName=$(find ${ROOT_BACKUP_DIR}* -type f -printf '%T@ %p\n' | grep ${_fileName} | sort | tail -n 1 | sed 's~^.* \(.*$\)~\1~') - fi - - echo "${_fileName}" - ) -} - -function createBackupFolder(){ - ( - local OPTIND - local genOnly - unset genOnly - while getopts g FLAG; do - case $FLAG in - g ) genOnly=1 ;; - esac - done - shift $((OPTIND-1)) - - _backupTypeDir="${1:-$(getBackupType)}" - if [ ! -z "${_backupTypeDir}" ]; then - _backupTypeDir=${_backupTypeDir}/ - fi - - _backupDir="${ROOT_BACKUP_DIR}${_backupTypeDir}`date +\%Y-\%m-\%d`/" - - # Don't actually create the folder if we're just generating it for printing the configuation. - if [ -z "${genOnly}" ]; then - echo "Making backup directory ${_backupDir} ..." >&2 - if ! makeDirectory ${_backupDir}; then - logError "Failed to create backup directory ${_backupDir}." - exit 1; - fi; - fi - - echo ${_backupDir} - ) -} - -function generateFilename(){ - ( - _backupDir=${1} - _databaseSpec=${2} - _coreFilename=$(generateCoreFilename ${_databaseSpec}) - _filename="${_backupDir}${_coreFilename}_`date +\%Y-\%m-\%d_%H-%M-%S`" - echo ${_filename} - ) -} - -function generateCoreFilename(){ - ( - _databaseSpec=${1} - _hostname=$(getHostname ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _coreFilename="${_hostname}-${_database}" - echo ${_coreFilename} - ) -} - -function getFileSize(){ - ( - _filename=${1} - echo $(du -h "${_filename}" | awk '{print $1}') - ) -} -# ================================================================================================================= \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.ftp b/openshift-v3/templates/backup-container-2.0.0/docker/backup.ftp deleted file mode 100644 index d0a935cf9..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.ftp +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# FTP Support Functions: -# ----------------------------------------------------------------------------------------------------------------- -function ftpBackup(){ - ( - if [ -z "${FTP_URL}" ] ; then - return 0 - fi - - _filename=${1} - _filenameWithExtension="${_filename}${BACKUP_FILE_EXTENSION}" - echo "Transferring ${_filenameWithExtension} to ${FTP_URL}" - curl --ftp-ssl -T ${_filenameWithExtension} --user ${FTP_USER}:${FTP_PASSWORD} ${FTP_URL} - - if [ ${?} -eq 0 ]; then - logInfo "Successfully transferred ${_filenameWithExtension} to the FTP server" - else - logError "Failed to transfer ${_filenameWithExtension} with the exit code ${?}" - fi - ) -} -# ================================================================================================================= diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.logging b/openshift-v3/templates/backup-container-2.0.0/docker/backup.logging deleted file mode 100644 index 50449f0ae..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.logging +++ /dev/null @@ -1,111 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# Logging Functions: -# ----------------------------------------------------------------------------------------------------------------- -function debugMsg (){ - _msg="${@}" - if [ "${BACKUP_LOG_LEVEL}" == "debug" ]; then - echoGreen "$(date) - [DEBUG] - ${@}" >&2 - fi -} - -function echoRed (){ - _msg="${@}" - _red='\e[31m' - _nc='\e[0m' # No Color - echo -e "${_red}${_msg}${_nc}" -} - -function echoYellow (){ - _msg="${@}" - _yellow='\e[33m' - _nc='\e[0m' # No Color - echo -e "${_yellow}${_msg}${_nc}" -} - -function echoBlue (){ - _msg="${@}" - _blue='\e[34m' - _nc='\e[0m' # No Color - echo -e "${_blue}${_msg}${_nc}" -} - -function echoGreen (){ - _msg="${@}" - _green='\e[32m' - _nc='\e[0m' # No Color - echo -e "${_green}${_msg}${_nc}" -} - -function echoMagenta (){ - _msg="${@}" - _magenta='\e[35m' - _nc='\e[0m' # No Color - echo -e "${_magenta}${_msg}${_nc}" -} - -function logInfo(){ - ( - infoMsg="${1}" - echo -e "${infoMsg}" - postMsgToWebhook "${ENVIRONMENT_FRIENDLY_NAME}" \ - "${ENVIRONMENT_NAME}" \ - "INFO" \ - "${infoMsg}" - ) -} - -function logWarn(){ - ( - warnMsg="${1}" - echoYellow "${warnMsg}" - postMsgToWebhook "${ENVIRONMENT_FRIENDLY_NAME}" \ - "${ENVIRONMENT_NAME}" \ - "WARN" \ - "${warnMsg}" - ) -} - -function logError(){ - ( - errorMsg="${1}" - echoRed "[!!ERROR!!] - ${errorMsg}" >&2 - postMsgToWebhook "${ENVIRONMENT_FRIENDLY_NAME}" \ - "${ENVIRONMENT_NAME}" \ - "ERROR" \ - "${errorMsg}" - ) -} - -function getWebhookPayload(){ - _payload=$(eval "cat <<-EOF -$(<${WEBHOOK_TEMPLATE}) -EOF -") - echo "${_payload}" -} - -function formatWebhookMsg(){ - ( - # Escape all double quotes - # Escape all newlines - filters='s~"~\\"~g;:a;N;$!ba;s~\n~\\n~g;' - _value=$(echo "${1}" | sed "${filters}") - echo "${_value}" - ) -} - -function postMsgToWebhook(){ - ( - if [ -z "${WEBHOOK_URL}" ] && [ -f ${WEBHOOK_TEMPLATE} ]; then - return 0 - fi - - projectFriendlyName=${1} - projectName=${2} - statusCode=${3} - message=$(formatWebhookMsg "${4}") - curl -s -X POST -H 'Content-Type: application/json' --data "$(getWebhookPayload)" "${WEBHOOK_URL}" > /dev/null - ) -} -# ================================================================================================================= \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.misc.utils b/openshift-v3/templates/backup-container-2.0.0/docker/backup.misc.utils deleted file mode 100644 index cab2ac3e3..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.misc.utils +++ /dev/null @@ -1,30 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# General Utility Functions: -# ----------------------------------------------------------------------------------------------------------------- -function waitForAnyKey() { - read -n1 -s -r -p $'\e[33mWould you like to continue?\e[0m Press Ctrl-C to exit, or any other key to continue ...' key - echo -e \\n - - # If we get here the user did NOT press Ctrl-C ... - return 0 -} - -function formatList(){ - ( - filters='s~^~ - ~;' - _value=$(echo "${1}" | sed "${filters}") - echo "${_value}" - ) -} - -function isInstalled(){ - rtnVal=$(type "$1" >/dev/null 2>&1) - rtnCd=$? - if [ ${rtnCd} -ne 0 ]; then - return 1 - else - return 0 - fi -} -# ====================================================================================== \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.mongo.plugin b/openshift-v3/templates/backup-container-2.0.0/docker/backup.mongo.plugin deleted file mode 100644 index 0f5583c60..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.mongo.plugin +++ /dev/null @@ -1,226 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# Mongo Backup and Restore Functions: -# - Dynamically loaded as a plug-in -# ----------------------------------------------------------------------------------------------------------------- -function onBackupDatabase(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - _backupFile=${2} - - _hostname=$(getHostname ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${_databaseSpec}) - _portArg=${_port:+"--port=${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - echoGreen "Backing up '${_hostname}${_port:+:${_port}}${_database:+/${_database}}' to '${_backupFile}' ..." - - _authDbArg=${MONGODB_AUTHENTICATION_DATABASE:+"--authenticationDatabase ${MONGODB_AUTHENTICATION_DATABASE}"} - mongodump -h "${_hostname}" -d "${_database}" ${_authDbArg} ${_portArg} -u "${_username}" -p "${_password}" --quiet --gzip --archive=${_backupFile} - return ${?} - ) -} - -function onRestoreDatabase(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - _fileName=${2} - _adminPassword=${3} - - _hostname=$(getHostname ${flags} ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${flags} ${_databaseSpec}) - _portArg=${_port:+"--port=${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - echo -e "Restoring '${_fileName}' to '${_hostname}${_port:+:${_port}}${_database:+/${_database}}' ...\n" >&2 - - # ToDo: - # - Add support for restoring to a different database. - # The following implementation only supports restoring to a database of the same name, - # unlike the postgres implementation that allows the database to be restored to a database of a different - # name for testing. - # Ref: https://stackoverflow.com/questions/36321899/mongorestore-to-a-different-database - - _authDbArg=${MONGODB_AUTHENTICATION_DATABASE:+"--authenticationDatabase ${MONGODB_AUTHENTICATION_DATABASE}"} - mongorestore --drop -h ${_hostname} -d "${_database}" ${_authDbArg} ${_portArg} -u "${_username}" -p "${_password}" --gzip --archive=${_fileName} --nsInclude="*" - return ${?} - ) -} - -function onStartServer(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - # Start a local MongoDb instance - MONGODB_DATABASE=$(getDatabaseName "${_databaseSpec}") \ - MONGODB_USER=$(getUsername "${_databaseSpec}") \ - MONGODB_PASSWORD=$(getPassword "${_databaseSpec}") \ - MONGODB_ADMIN_PASSWORD=$(getPassword "${_databaseSpec}") \ - run-mongod >/dev/null 2>&1 & - ) -} - -function onStopServer(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - _port=$(getPort ${_databaseSpec}) - _portArg=${_port:+"--port ${_port}"} - _username=admin - _password=$(getPassword ${_databaseSpec}) - - _authDbArg=${MONGODB_AUTHENTICATION_DATABASE:+"--authenticationDatabase ${MONGODB_AUTHENTICATION_DATABASE}"} - mongo admin ${_authDbArg} ${_portArg} -u "${_username}" -p "${_password}" --quiet --eval "db.shutdownServer()" - - # Delete the database files and configuration - echo -e "Cleaning up ...\n" >&2 - rm -rf /var/lib/mongodb/data/* - ) -} - -function onPingDbServer(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - _hostname=$(getHostname ${flags} ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${flags} ${_databaseSpec}) - _portArg=${_port:+"--port ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - - _dbAddressArg=${_hostname}${_port:+:${_port}}${_database:+/${_database}} - _authDbArg=${MONGODB_AUTHENTICATION_DATABASE:+"--authenticationDatabase ${MONGODB_AUTHENTICATION_DATABASE}"} - if mongo ${_dbAddressArg} ${_authDbArg} -u "${_username}" -p "${_password}" --quiet --eval='quit()' >/dev/null 2>&1; then - return 0 - else - return 1 - fi - ) -} - -function onVerifyBackup(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - _hostname=$(getHostname -l ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort -l ${_databaseSpec}) - _portArg=${_port:+"--port ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - - _dbAddressArg=${_hostname}${_port:+:${_port}}${_database:+/${_database}} - _authDbArg=${MONGODB_AUTHENTICATION_DATABASE:+"--authenticationDatabase ${MONGODB_AUTHENTICATION_DATABASE}"} - collections=$(mongo ${_dbAddressArg} ${_authDbArg} -u "${_username}" -p "${_password}" --quiet --eval 'var dbs = [];dbs = db.getCollectionNames();for (i in dbs){ print(db.dbs[i]);}';) - rtnCd=${?} - - # Get the size of the restored database - if (( ${rtnCd} == 0 )); then - size=$(getDbSize -l "${_databaseSpec}") - rtnCd=${?} - fi - - if (( ${rtnCd} == 0 )); then - numResults=$(echo "${collections}"| wc -l) - if [[ ! -z "${collections}" ]] && (( numResults >= 1 )); then - # All good - verificationLog="\nThe restored database contained ${numResults} collections, and is ${size} in size." - else - # Not so good - verificationLog="\nNo collections were found in the restored database ${_database}." - rtnCd="3" - fi - fi - - echo ${verificationLog} - return ${rtnCd} - ) -} - -function onGetDbSize(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - _hostname=$(getHostname ${flags} ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${flags} ${_databaseSpec}) - _portArg=${_port:+"--port ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - - _dbAddressArg=${_hostname}${_port:+:${_port}}${_database:+/${_database}} - _authDbArg=${MONGODB_AUTHENTICATION_DATABASE:+"--authenticationDatabase ${MONGODB_AUTHENTICATION_DATABASE}"} - size=$(mongo ${_dbAddressArg} ${_authDbArg} -u "${_username}" -p "${_password}" --quiet --eval 'printjson(db.stats().fsTotalSize)') - rtnCd=${?} - - echo ${size} - return ${rtnCd} - ) -} -# ================================================================================================================= \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.null.plugin b/openshift-v3/templates/backup-container-2.0.0/docker/backup.null.plugin deleted file mode 100644 index 14ceed050..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.null.plugin +++ /dev/null @@ -1,195 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# Null Backup and Restore Functions: -# - Dynamically loaded as a plug-in -# - Refer to existing plug-ins for implementation examples. -# ----------------------------------------------------------------------------------------------------------------- -function onBackupDatabase(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - _backupFile=${2} - - _hostname=$(getHostname ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${_databaseSpec}) - _portArg=${_port:+"--port ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - echoGreen "Backing up '${_hostname}${_port:+:${_port}}${_database:+/${_database}}' to '${_backupFile}' ..." - - echoRed "[backup.null.plugin] onBackupDatabase - Not Implemented" - # echoGreen "Starting database backup ..." - # Add your database specific backup operation(s) here. - return ${?} - ) -} - -function onRestoreDatabase(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - _fileName=${2} - _adminPassword=${3} - - _hostname=$(getHostname ${flags} ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${flags} ${_databaseSpec}) - _portArg=${_port:+"--port ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - echo -e "Restoring '${_fileName}' to '${_hostname}${_port:+:${_port}}${_database:+/${_database}}' ...\n" >&2 - - echoRed "[backup.null.plugin] onRestoreDatabase - Not Implemented" - # Add your database specific restore operation(s) here. - return ${?} - ) -} - -function onStartServer(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - echoRed "[backup.null.plugin] onStartServer - Not Implemented" - # Add your NON-BLOCKING database specific startup operation(s) here. - # - Start the database server as a background job. - ) -} - -function onStopServer(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - - echoRed "[backup.null.plugin] onStopServer - Not Implemented" - - # echo "Shutting down..." - # Add your database specific shutdown operation(s) here. - - # Delete the database files and configuration - # echo -e "Cleaning up ...\n" >&2 - # Add your database specific cleanup operation(s) here. - ) -} - -function onPingDbServer(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - _hostname=$(getHostname ${flags} ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${flags} ${_databaseSpec}) - _portArg=${_port:+"--port ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - - echoRed "[backup.null.plugin] onPingDbServer - Not Implemented" - # Add your database specific ping operation(s) here. - # if ; then - # return 0 - # else - # return 1 - # fi - ) -} - -function onVerifyBackup(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - _hostname=$(getHostname -l ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort -l ${_databaseSpec}) - _portArg=${_port:+"--port ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - - echoRed "[backup.null.plugin] onVerifyBackup - Not Implemented" - # Add your database specific verification operation(s) here. - - # echo ${verificationLog} - # return ${rtnCd} - ) -} - -function onGetDbSize(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - _hostname=$(getHostname ${flags} ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${flags} ${_databaseSpec}) - _portArg=${_port:+"--port ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - - echoRed "[backup.null.plugin] onGetDbSize - Not Implemented" - # Add your database specific get size operation(s) here. - - # echo ${size} - # return ${rtnCd} - ) -} -# ================================================================================================================= diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.postgres.plugin b/openshift-v3/templates/backup-container-2.0.0/docker/backup.postgres.plugin deleted file mode 100644 index e5248ac17..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.postgres.plugin +++ /dev/null @@ -1,247 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# Postgres Backup and Restore Functions: -# - Dynamically loaded as a plug-in -# ----------------------------------------------------------------------------------------------------------------- -function onBackupDatabase(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - _backupFile=${2} - - _hostname=$(getHostname ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${_databaseSpec}) - _portArg=${_port:+"-p ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - echoGreen "Backing up '${_hostname}${_port:+:${_port}}${_database:+/${_database}}' to '${_backupFile}' ..." - - PGPASSWORD=${_password} pg_dump -Fp -h "${_hostname}" ${_portArg} -U "${_username}" "${_database}" | gzip > ${_backupFile} - return ${PIPESTATUS[0]} - ) -} - -function onRestoreDatabase(){ - ( - local OPTIND - local unset quiet - local unset flags - while getopts :q FLAG; do - case $FLAG in - q ) - quiet=1 - flags+="-${FLAG} " - ;; - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - _fileName=${2} - _adminPassword=${3} - - _hostname=$(getHostname ${flags} ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${flags} ${_databaseSpec}) - _portArg=${_port:+"-p ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - echo -e "Restoring '${_fileName}' to '${_hostname}${_port:+:${_port}}${_database:+/${_database}}' ...\n" >&2 - - export PGPASSWORD=${_adminPassword} - _rtnCd=0 - - # Drop - if (( ${_rtnCd} == 0 )); then - psql -h "${_hostname}" ${_portArg} -ac "DROP DATABASE \"${_database}\";" - _rtnCd=${?} - echo - fi - - # Create - if (( ${_rtnCd} == 0 )); then - psql -h "${_hostname}" ${_portArg} -ac "CREATE DATABASE \"${_database}\";" - _rtnCd=${?} - echo - fi - - # Grant User Access - if (( ${_rtnCd} == 0 )); then - psql -h "${_hostname}" ${_portArg} -ac "GRANT ALL ON DATABASE \"${_database}\" TO \"${_username}\";" - _rtnCd=${?} - echo - fi - - # Restore - if (( ${_rtnCd} == 0 )); then - gunzip -c "${_fileName}" | psql -v ON_ERROR_STOP=1 -x -h "${_hostname}" ${_portArg} -d "${_database}" - # Get the status code from psql specifically. ${?} would only provide the status of the last command, psql in this case. - _rtnCd=${PIPESTATUS[1]} - fi - - # List tables - if [ -z "${quiet}" ] && (( ${_rtnCd} == 0 )); then - psql -h "${_hostname}" ${_portArg} -d "${_database}" -c "\d" - _rtnCd=${?} - fi - - return ${_rtnCd} - ) -} - -function onStartServer(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - # Start a local PostgreSql instance - POSTGRESQL_DATABASE=$(getDatabaseName "${_databaseSpec}") \ - POSTGRESQL_USER=$(getUsername "${_databaseSpec}") \ - POSTGRESQL_PASSWORD=$(getPassword "${_databaseSpec}") \ - run-postgresql >/dev/null 2>&1 & - ) -} - -function onStopServer(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - # Stop the local PostgreSql instance - pg_ctl stop -D /var/lib/pgsql/data/userdata - - # Delete the database files and configuration - echo -e "Cleaning up ...\n" - rm -rf /var/lib/pgsql/data/userdata - ) -} - -function onPingDbServer(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - _hostname=$(getHostname ${flags} ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${flags} ${_databaseSpec}) - _portArg=${_port:+"-p ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - - if PGPASSWORD=${_password} psql -h ${_hostname} ${_portArg} -U ${_username} -q -d ${_database} -c 'SELECT 1' >/dev/null 2>&1; then - return 0 - else - return 1 - fi - ) -} - -function onVerifyBackup(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - _hostname=$(getHostname -l ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort -l ${_databaseSpec}) - _portArg=${_port:+"-p ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - - debugMsg "backup.postgres.plugin - onVerifyBackup" - tables=$(psql -h "${_hostname}" ${_portArg} -d "${_database}" -t -c "SELECT table_name FROM information_schema.tables WHERE table_schema='${TABLE_SCHEMA}' AND table_type='BASE TABLE';") - rtnCd=${?} - - # Get the size of the restored database - if (( ${rtnCd} == 0 )); then - size=$(getDbSize -l "${_databaseSpec}") - rtnCd=${?} - fi - - if (( ${rtnCd} == 0 )); then - numResults=$(echo "${tables}"| wc -l) - if [[ ! -z "${tables}" ]] && (( numResults >= 1 )); then - # All good - verificationLog="\nThe restored database contained ${numResults} tables, and is ${size} in size." - else - # Not so good - verificationLog="\nNo tables were found in the restored database." - rtnCd="3" - fi - fi - - echo ${verificationLog} - return ${rtnCd} - ) -} - -function onGetDbSize(){ - ( - local OPTIND - local unset flags - while getopts : FLAG; do - case $FLAG in - ? ) flags+="-${OPTARG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - - _hostname=$(getHostname ${flags} ${_databaseSpec}) - _database=$(getDatabaseName ${_databaseSpec}) - _port=$(getPort ${flags} ${_databaseSpec}) - _portArg=${_port:+"-p ${_port}"} - _username=$(getUsername ${_databaseSpec}) - _password=$(getPassword ${_databaseSpec}) - - size=$(PGPASSWORD=${_password} psql -h "${_hostname}" ${_portArg} -U "${_username}" -d "${_database}" -t -c "SELECT pg_size_pretty(pg_database_size(current_database())) as size;") - rtnCd=${?} - - echo ${size} - return ${rtnCd} - ) -} -# ================================================================================================================= diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.server.utils b/openshift-v3/templates/backup-container-2.0.0/docker/backup.server.utils deleted file mode 100644 index 9e938a150..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.server.utils +++ /dev/null @@ -1,39 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# Backup Server Utility Functions: -# ----------------------------------------------------------------------------------------------------------------- -function startCron(){ - logInfo "Starting backup server in cron mode ..." - listSettings - echoBlue "Starting go-crond as a background task ...\n" - CRON_CMD="go-crond -v --default-user=${UID} --allow-unprivileged ${BACKUP_CONF}" - exec ${CRON_CMD} & - wait -} - -function startLegacy(){ - ( - while true; do - runBackups - - echoYellow "Sleeping for ${BACKUP_PERIOD} ...\n" - sleep ${BACKUP_PERIOD} - done - ) -} - -function shutDown(){ - jobIds=$(jobs | awk -F '[][]' '{print $2}' ) - for jobId in ${jobIds} ; do - echo "Shutting down background job '${jobId}' ..." - kill %${jobId} - done - - if [ ! -z "${jobIds}" ]; then - echo "Waiting for any background jobs to complete ..." - fi - wait - - exit 0 -} -# ====================================================================================== \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.settings b/openshift-v3/templates/backup-container-2.0.0/docker/backup.settings deleted file mode 100644 index 7de738c8a..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.settings +++ /dev/null @@ -1,55 +0,0 @@ -#!/bin/bash -# ====================================================================================== -# Default Settings -# -------------------------------------------------------------------------------------- -export BACKUP_FILE_EXTENSION=".sql.gz" -export IN_PROGRESS_BACKUP_FILE_EXTENSION=".sql.gz.in_progress" -export DEFAULT_PORT=${POSTGRESQL_PORT_NUM:-5432} -export DATABASE_SERVICE_NAME=${DATABASE_SERVICE_NAME:-postgresql} -export POSTGRESQL_DATABASE=${POSTGRESQL_DATABASE:-my_postgres_db} -export TABLE_SCHEMA=${TABLE_SCHEMA:-public} - -# Supports: -# - daily -# - rolling -export BACKUP_STRATEGY=$(echo "${BACKUP_STRATEGY:-rolling}" | tr '[:upper:]' '[:lower:]') -export BACKUP_PERIOD=${BACKUP_PERIOD:-1d} -export ROOT_BACKUP_DIR=${ROOT_BACKUP_DIR:-${BACKUP_DIR:-/backups/}} -export BACKUP_CONF=${BACKUP_CONF:-backup.conf} - -# Used to prune the total number of backup when using the daily backup strategy. -# Default provides for one full month of backups -export NUM_BACKUPS=${NUM_BACKUPS:-31} - -# Used to prune the total number of backup when using the rolling backup strategy. -# Defaults provide for: -# - A week's worth of daily backups -# - A month's worth of weekly backups -# - The previous month's backup -export DAILY_BACKUPS=${DAILY_BACKUPS:-6} -export WEEKLY_BACKUPS=${WEEKLY_BACKUPS:-4} -export MONTHLY_BACKUPS=${MONTHLY_BACKUPS:-1} - -# Webhook defaults -WEBHOOK_TEMPLATE=${WEBHOOK_TEMPLATE:-webhook-template.json} - -# Modes: -export ONCE="once" -export SCHEDULED="scheduled" -export RESTORE="restore" -export VERIFY="verify" -export CRON="cron" -export LEGACY="legacy" -export ERROR="error" -export SCHEDULED_VERIFY="scheduled-verify" -export PRUNE="prune" - -# Supported Database Containers -export UNKNOWN_DB="null" -export MONGO_DB="mongo" -export POSTGRE_DB="postgres" -export CONTAINER_TYPE="$(getContainerType)" - -# Other: -export DATABASE_SERVER_TIMEOUT=${DATABASE_SERVER_TIMEOUT:-120} -# ====================================================================================== \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.sh b/openshift-v3/templates/backup-container-2.0.0/docker/backup.sh deleted file mode 100755 index f1e17d87a..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.sh +++ /dev/null @@ -1,140 +0,0 @@ -#!/bin/bash - -# ====================================================================================== -# Imports -# -------------------------------------------------------------------------------------- -. ./backup.usage # Usage information -. ./backup.logging # Logging functions -. ./backup.config.utils # Configuration functions -. ./backup.container.utils # Container Utility Functions -. ./backup.ftp # FTP Support functions -. ./backup.misc.utils # General Utility Functions -. ./backup.file.utils # File Utility Functions -. ./backup.utils # Primary Database Backup and Restore Functions -. ./backup.server.utils # Backup Server Utility Functions -. ./backup.settings # Default Settings -# ====================================================================================== - -# ====================================================================================== -# Initialization: -# -------------------------------------------------------------------------------------- -trap shutDown EXIT TERM - -# Load database plug-in based on the container type ... -. ./backup.${CONTAINER_TYPE}.plugin > /dev/null 2>&1 -if [[ ${?} != 0 ]]; then - echoRed "backup.${CONTAINER_TYPE}.plugin not found." - - # Default to null plugin. - export CONTAINER_TYPE=${UNKNOWN_DB} - . ./backup.${CONTAINER_TYPE}.plugin > /dev/null 2>&1 -fi - -while getopts nclr:v:f:1spha: FLAG; do - case $FLAG in - n) - # Allow null database plugin ... - # Without this flag loading the null plugin is considered a configuration error. - # The null plugin can be used for testing. - export _allowNullPlugin=1 - ;; - c) - echoBlue "\nListing configuration settings ..." - listSettings - exit 0 - ;; - l) - listExistingBackups ${ROOT_BACKUP_DIR} - exit 0 - ;; - r) - # Trigger restore mode ... - export _restoreDatabase=${OPTARG} - ;; - v) - # Trigger verify mode ... - export _verifyBackup=${OPTARG} - ;; - f) - # Optionally specify the backup file to verify or restore from ... - export _fromBackup=${OPTARG} - ;; - 1) - export RUN_ONCE=1 - ;; - s) - export SCHEDULED_RUN=1 - ;; - p) - export RUN_PRUNE=1 - ;; - a) - export _adminPassword=${OPTARG} - ;; - h) - usage - ;; - \?) - echo -e \\n"Invalid option: -${OPTARG}"\\n - usage - ;; - esac -done -shift $((OPTIND-1)) -# ====================================================================================== - -# ====================================================================================== -# Main Script -# -------------------------------------------------------------------------------------- -case $(getMode) in - ${ONCE}) - runBackups - echoGreen "Single backup run complete.\n" - ;; - - ${SCHEDULED}) - runBackups - echoGreen "Scheduled backup run complete.\n" - ;; - - ${RESTORE}) - unset restoreFlags - if isScripted; then - restoreFlags="-q" - fi - - if validateOperation "${_restoreDatabase}" "${RESTORE}"; then - restoreDatabase ${restoreFlags} "${_restoreDatabase}" "${_fromBackup}" - fi - ;; - - ${VERIFY}) - verifyBackups "${_verifyBackup}" "${_fromBackup}" - ;; - - ${SCHEDULED_VERIFY}) - verifyBackups -q "${_verifyBackup}" "${_fromBackup}" - ;; - - ${CRON}) - startCron - ;; - - ${LEGACY}) - startLegacy - ;; - - ${PRUNE}) - prune - ;; - - ${ERROR}) - echoRed "A configuration error has occurred, review the details above." - usage - ;; - *) - echoYellow "Unrecognized operational mode; ${_mode}" - usage - ;; -esac -# ====================================================================================== \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.usage b/openshift-v3/templates/backup-container-2.0.0/docker/backup.usage deleted file mode 100644 index 32238fdff..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.usage +++ /dev/null @@ -1,133 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# Usage: -# ----------------------------------------------------------------------------------------------------------------- -function usage () { - cat <<-EOF - - Automated backup script for PostgreSQL and MongoDB databases. - - There are two modes of scheduling backups: - - Cron Mode: - - Allows one or more schedules to be defined as cron tabs in ${BACKUP_CONF}. - - If cron (go-crond) is installed (which is handled by the Docker file) and at least one cron tab is defined, the script will startup in Cron Mode, - otherwise it will default to Legacy Mode. - - Refer to ${BACKUP_CONF} for additional details and exples of using cron scheduling. - - - Legacy Mode: - - Uses a simple sleep command to set the schedule based on the setting of BACKUP_PERIOD; defaults to ${BACKUP_PERIOD} - - Refer to the project documentation for additional details on how to use this script. - - https://github.com/BCDevOps/backup-container - - Usage: - $0 [options] - - Standard Options: - ================= - -h prints this usage documentation. - - -1 run once. - Performs a single set of backups and exits. - - -s run in scheduled/silent (no questions asked) mode. - A flag to be used by cron scheduled backups to indicate they are being run on a schedule. - Requires cron (go-crond) to be installed and at least one cron tab to be defined in ${BACKUP_CONF} - Refer to ${BACKUP_CONF} for additional details and examples of using cron scheduling. - - -l lists existing backups. - Great for listing the available backups for a restore. - - -c lists the current configuration settings and exits. - Great for confirming the current settings, and listing the databases included in the backup schedule. - - -p prune backups - Used to manually prune backups. - This can be used with the '-f' option, see below, to prune specific backups or sets of backups. - Use caution when using the '-f' option. - - Verify Options: - ================ - The verify process performs the following basic operations: - - Start a local database server instance. - - Restore the selected backup locally, watching for errors. - - Run a table query on the restored database as a simple test to ensure tables were restored - and queries against the database succeed without error. - - Stop the local database server instance. - - Delete the local database and configuration. - - -v ; in the form =/, or =:/ - where defaults to container database type if omitted - must be one of "postgres" or "mongo" - must be specified in a mixed database container project - - Triggers verify mode and starts verify mode on the specified database. - - Example: - $0 -v postgresql=postgresql:5432/TheOrgBook_Database - - Would start the verification process on the database using the most recent backup for the database. - - $0 -v all - - Verify the most recent backup of all databases. - - -f ; an OPTIONAL filter to use to find/identify the backup file to restore. - Refer to the same option under 'Restore Options' for details. - - Restore Options: - ================ - The restore process performs the following basic operations: - - Drop and recreate the selected database. - - Grant the database user access to the recreated database - - Restore the database from the selected backup file - - Have the 'Admin' (postgres or mongo) password handy, the script will ask you for it during the restore. - - When in restore mode, the script will list the settings it will use and wait for your confirmation to continue. - This provides you with an opportunity to ensure you have selected the correct database and backup file - for the job. - - Restore mode will allow you to restore a database to a different location (host, and/or database name) provided - it can contact the host and you can provide the appropriate credentials. If you choose to do this, you will need - to provide a file filter using the '-f' option, since the script will likely not be able to determine which backup - file you would want to use. This functionality provides a convenient way to test your backups or migrate your - database/data without affecting the original database. - - -r ; in the form =/, or =:/ - where defaults to container database type if omitted - must be one of "postgres" or "mongo" - must be specified in a mixed database container project - - Triggers restore mode and starts restore mode on the specified database. - - Example: - $0 -r postgresql:5432/TheOrgBook_Database/postgres - - Would start the restore process on the database using the most recent backup for the database. - - -f ; an OPTIONAL filter to use to find/identify the backup file to restore. - This can be a full or partial file specification. When only part of a filename is specified the restore process - attempts to find the most recent backup matching the filter. - If not specified, the restore process attempts to locate the most recent backup file for the specified database. - - Examples: - $0 -r postgresql=wallet-db/test_db/postgres -f wallet-db-tob_holder - - Would try to find the latest backup matching on the partial file name provided. - - $0 -r wallet-db/test_db/postgres -f /backups/daily/2018-11-07/wallet-db-tob_holder_2018-11-07_23-59-35.sql.gz - - Would use the specific backup file. - - $0 -r wallet-db/test_db/postgres -f wallet-db-tob_holder_2018-11-07_23-59-35.sql.gz - - Would use the specific backup file regardless of its location in the root backup folder. - - -s OPTIONAL flag. Use with caution. Could cause unintentional data loss. - Run the restore in scripted/scheduled mode. In this mode the restore will not ask you to confirm the settings, - nor will ask you for the 'Admin' password. It will simply attempt to restore a database from a backup. - It's up to you to ensure it's targeting the correct database and using the correct backup file. - - -a ; an OPTIONAL flag used to specify the 'Admin' password. - Use with the '-s' flag to specify the 'Admin' password. Under normal usage conditions it's better to supply the - password when prompted so it is not visible on the console. - -EOF -exit 1 -} -# ================================================================================================================= \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/backup.utils b/openshift-v3/templates/backup-container-2.0.0/docker/backup.utils deleted file mode 100644 index ed54af7d4..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/backup.utils +++ /dev/null @@ -1,268 +0,0 @@ -#!/bin/bash -# ================================================================================================================= -# Primary Database Backup and Restore Functions: -# ----------------------------------------------------------------------------------------------------------------- -function backupDatabase(){ - ( - _databaseSpec=${1} - _fileName=${2} - - _backupFile="${_fileName}${IN_PROGRESS_BACKUP_FILE_EXTENSION}" - - touchBackupFile "${_backupFile}" - onBackupDatabase "${_databaseSpec}" "${_backupFile}" - _rtnCd=${?} - - if (( ${_rtnCd} != 0 )); then - rm -rfvd ${_backupFile} - fi - - return ${_rtnCd} - ) -} - -function restoreDatabase(){ - ( - local OPTIND - local quiet - local localhost - unset quiet - unset localhost - unset flags - while getopts ql FLAG; do - case $FLAG in - q ) - quiet=1 - flags+="-${FLAG} " - ;; - * ) flags+="-${FLAG} ";; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - _fileName=${2} - _fileName=$(findBackup "${_databaseSpec}" "${_fileName}") - - if [ -z "${quiet}" ]; then - echoBlue "\nRestoring database ..." - echo -e "\nSettings:" - echo "- Database: ${_databaseSpec}" - - if [ ! -z "${_fileName}" ]; then - echo -e "- Backup file: ${_fileName}\n" - else - echoRed "- Backup file: No backup file found or specified. Cannot continue with the restore.\n" - exit 1 - fi - waitForAnyKey - fi - - if [ -z "${quiet}" ] && [ -z "${_adminPassword}" ]; then - # Ask for the Admin Password for the database, if it has not already been provided. - _msg="Admin password (${_databaseSpec}):" - _yellow='\033[1;33m' - _nc='\033[0m' # No Color - _message=$(echo -e "${_yellow}${_msg}${_nc}") - read -r -s -p $"${_message}" _adminPassword - echo -e "\n" - fi - - local startTime=${SECONDS} - onRestoreDatabase ${flags} "${_databaseSpec}" "${_fileName}" "${_adminPassword}" - _rtnCd=${?} - - local duration=$(($SECONDS - $startTime)) - if (( ${_rtnCd} == 0 )); then - echoGreen "\nRestore complete - Elapsed time: $(($duration/3600))h:$(($duration%3600/60))m:$(($duration%60))s\n" - else - echoRed "\nRestore failed.\n" >&2 - fi - - return ${_rtnCd} - ) -} - -function runBackups(){ - ( - echoBlue "\nStarting backup process ..." - databases=$(readConf) - backupDir=$(createBackupFolder) - listSettings "${backupDir}" "${databases}" - - for database in ${databases}; do - if isForContainerType ${database}; then - local startTime=${SECONDS} - filename=$(generateFilename "${backupDir}" "${database}") - backupDatabase "${database}" "${filename}" - rtnCd=${?} - local duration=$(($SECONDS - $startTime)) - local elapsedTime="\n\nElapsed time: $(($duration/3600))h:$(($duration%3600/60))m:$(($duration%60))s - Status Code: ${rtnCd}" - - if (( ${rtnCd} == 0 )); then - backupPath=$(finalizeBackup "${filename}") - dbSize=$(getDbSize "${database}") - backupSize=$(getFileSize "${backupPath}") - logInfo "Successfully backed up ${database}.\nBackup written to ${backupPath}.\nDatabase Size: ${dbSize}\nBackup Size: ${backupSize}${elapsedTime}" - ftpBackup "${filename}" - pruneBackups "${backupDir}" "${database}" - else - logError "Failed to backup ${database}.${elapsedTime}" - fi - fi - done - - listExistingBackups ${ROOT_BACKUP_DIR} - ) -} - -function startServer(){ - ( - # Start a local server instance ... - onStartServer ${@} - - # Wait for server to start ... - local startTime=${SECONDS} - rtnCd=0 - printf "waiting for server to start" - while ! pingDbServer ${@}; do - printf "." - local duration=$(($SECONDS - $startTime)) - if (( ${duration} >= ${DATABASE_SERVER_TIMEOUT} )); then - echoRed "\nThe server failed to start within ${duration} seconds.\n" - rtnCd=1 - break - fi - sleep 1 - done - echo - return ${rtnCd} - ) -} - -function stopServer(){ - ( - onStopServer ${@} - ) -} - -function pingDbServer(){ - ( - onPingDbServer ${@} - return ${?} - ) -} - -function verifyBackups(){ - ( - local OPTIND - local flags - unset flags - while getopts q FLAG; do - case $FLAG in - * ) flags+="-${FLAG} " ;; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - _fileName=${2} - if [[ "${_databaseSpec}" == "all" ]]; then - databases=$(readConf -q) - else - databases=${_databaseSpec} - fi - - for database in ${databases}; do - if isForContainerType ${database}; then - verifyBackup ${flags} "${database}" "${_fileName}" - fi - done - ) -} - -function verifyBackup(){ - ( - local OPTIND - local quiet - unset quiet - while getopts q FLAG; do - case $FLAG in - q ) quiet=1 ;; - esac - done - shift $((OPTIND-1)) - - _databaseSpec=${1} - _fileName=${2} - _fileName=$(findBackup "${_databaseSpec}" "${_fileName}") - - echoBlue "\nVerifying backup ..." - echo -e "\nSettings:" - echo "- Database: ${_databaseSpec}" - - if [ ! -z "${_fileName}" ]; then - echo -e "- Backup file: ${_fileName}\n" - else - echoRed "- Backup file: No backup file found or specified. Cannot continue with the backup verification.\n" - exit 0 - fi - - if [ -z "${quiet}" ]; then - waitForAnyKey - fi - - local startTime=${SECONDS} - startServer -l "${_databaseSpec}" - rtnCd=${?} - - # Restore the database - if (( ${rtnCd} == 0 )); then - if [ -z "${quiet}" ]; then - restoreDatabase -ql "${_databaseSpec}" "${_fileName}" - rtnCd=${?} - else - # Filter out stdout, keep stderr - echo "Restoring from backup ..." - restoreLog=$(restoreDatabase -ql "${_databaseSpec}" "${_fileName}" 2>&1 >/dev/null) - rtnCd=${?} - - if [ ! -z "${restoreLog}" ] && (( ${rtnCd} == 0 )); then - echo ${restoreLog} - unset restoreLog - elif [ ! -z "${restoreLog}" ] && (( ${rtnCd} != 0 )); then - restoreLog="\n\nThe following issues were encountered during backup verification;\n${restoreLog}" - fi - fi - fi - - # Ensure there are tables in the databse and general queries work - if (( ${rtnCd} == 0 )); then - verificationLog=$(onVerifyBackup "${_databaseSpec}") - rtnCd=${?} - fi - - # Stop the database server - stopServer "${_databaseSpec}" - local duration=$(($SECONDS - $startTime)) - local elapsedTime="\n\nElapsed time: $(($duration/3600))h:$(($duration%3600/60))m:$(($duration%60))s - Status Code: ${rtnCd}" - - if (( ${rtnCd} == 0 )); then - logInfo "Successfully verified backup: ${_fileName}${verificationLog}${restoreLog}${elapsedTime}" - else - logError "Backup verification failed: ${_fileName}${verificationLog}${restoreLog}${elapsedTime}" - fi - return ${rtnCd} - ) -} - -function getDbSize(){ - ( - size=$(onGetDbSize ${@}) - rtnCd=${?} - - echo ${size} - return ${rtnCd} - ) -} -# ================================================================================================================= diff --git a/openshift-v3/templates/backup-container-2.0.0/docker/webhook-template.json b/openshift-v3/templates/backup-container-2.0.0/docker/webhook-template.json deleted file mode 100644 index 1c2c75960..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docker/webhook-template.json +++ /dev/null @@ -1,6 +0,0 @@ -{ - "projectFriendlyName": "${projectFriendlyName}", - "projectName": "${projectName}", - "statusCode": "${statusCode}", - "message": "${message}" -} \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docs/ExampleLog.md b/openshift-v3/templates/backup-container-2.0.0/docs/ExampleLog.md deleted file mode 100644 index c769467f1..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docs/ExampleLog.md +++ /dev/null @@ -1,62 +0,0 @@ - -## An example of the backup container in action -``` -Starting backup process ... -Reading backup config from backup.conf ... -Making backup directory /backups/daily/2020-02-28/ ... - -Settings: -- Run mode: scheduled - -- Backup strategy: rolling -- Current backup type: daily -- Backups to retain: - - Daily: 6 - - Weekly: 4 - - Monthly: 1 -- Current backup folder: /backups/daily/2020-02-28/ -- Time Zone: PST -0800 - -- Schedule: - - 0 1 * * * default ./backup.sh -s - - 0 4 * * * default ./backup.sh -s -v all - -- Container Type: mongo -- Databases (filtered by container type): - - mongo=identity-kit-db-bc/identity_kit_db - -- FTP server: not configured -- Webhook Endpoint: https://chat.[ocp name].gov.bc.ca/hooks/*** -- Environment Friendly Name: Verifiable Organizations Network (mongo-test) -- Environment Name (Id): devex-von-test - -Backing up 'identity-kit-db-bc/identity_kit_db' to '/backups/daily/2020-02-28/identity-kit-db-bc-identity_kit_db_2020-02-28_08-07-10.sql.gz.in_progress' ... -Successfully backed up mongo=identity-kit-db-bc/identity_kit_db. -Backup written to /backups/daily/2020-02-28/identity-kit-db-bc-identity_kit_db_2020-02-28_08-07-10.sql.gz. -Database Size: 1073741824 -Backup Size: 4.0K - -Elapsed time: 0h:0m:0s - Status Code: 0 - -================================================================================================================================ -Current Backups: - -Database Current Size -mongo=identity-kit-db-bc/identity_kit_db 1073741824 - -Filesystem Size Used Avail Use% Mounted on -192.168.111.90:/trident_qtree_pool_file_standard_WKDMGDWTSQ/file_standard_devex_von_test_backup_mongo_54218 1.0G 0 1.0G 0% /backups --------------------------------------------------------------------------------------------------------------------------------- -4.0K 2020-02-27 13:26 /backups/daily/2020-02-27/identity-kit-db-bc-identity_kit_db_2020-02-27_13-26-21.sql.gz -4.0K 2020-02-27 13:27 /backups/daily/2020-02-27/identity-kit-db-bc-identity_kit_db_2020-02-27_13-27-10.sql.gz -12K 2020-02-27 13:27 /backups/daily/2020-02-27 -4.0K 2020-02-28 06:44 /backups/daily/2020-02-28/identity-kit-db-bc-identity_kit_db_2020-02-28_06-44-19.sql.gz -4.0K 2020-02-28 07:12 /backups/daily/2020-02-28/identity-kit-db-bc-identity_kit_db_2020-02-28_07-12-29.sql.gz -4.0K 2020-02-28 08:07 /backups/daily/2020-02-28/identity-kit-db-bc-identity_kit_db_2020-02-28_08-07-10.sql.gz -16K 2020-02-28 08:07 /backups/daily/2020-02-28 -32K 2020-02-28 08:07 /backups/daily -36K 2020-02-28 08:07 /backups/ -================================================================================================================================ - -Scheduled backup run complete. -``` \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/docs/SampleRocketChatErrorMessage.png b/openshift-v3/templates/backup-container-2.0.0/docs/SampleRocketChatErrorMessage.png deleted file mode 100644 index dfeb8203595fa82e938d598a6f1407bbbfc034d4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 18609 zcmbSy1x#Fjw=M4O?(PnQyA*5D;_l8MrNyDR6?Z6Fpt#fGrMO#hXK;6Yr~mK1FZVu6 z?wf>UCPOCYoZptU)?PdEt(pQl3JD4n6coCWqO1lK6m$Xbz7z=tcvms=S_XW825Trt zLsgBD?E@d+Y@}4BprC5wQJ>7DSNGF)~VEYm@U_?nDbv- zoyP3gTfXb|*5e}+_SjpOLVCZ_<~f~CJqUe$eH~{Xrh**jxioMmcqRz@QR3{fZfbty z$kaW$-7b2$@8$R-$U{Up-o?g*M}&@#iIKUPmcmuUj}P6Asjt~n(?3HXROdI zL$O7CFW7i8b(vQ06Tp>nr4pSduR6i8UNcVXM+@~d2pD8USYa6Pl%O_;d5+0lteR!j z&#|l2*R9h9V$VN5oEJotlrUg7$HxTh@RrPvR6I>n=HWXGr?M-=Q>^^-0q2SPQTS|Q zbN}!@4hO?U|RZr%nG31vf4EzA;~{FD^X(D`y* zO`R@u89H0JRAbiLGQ`Zv8UowRqzjdZm!HO_2SeRqor3FE@_iBfBs%tNJ0mStzi)QZ zlh^7WZ^>6ZkqarLbq#;C$r{*=D)hsvGWKkp0xnxB1c7>x$p8~QseO(KP6jE91IC<2 zB~7OXCtvRUa?3E@xPQuXPn=0jADL^mvE%z4OnBUEUO>Ate(0sj(I>+JbS-8Zq_nIH3_#IW@@)nzZ!`?^+uh$NuDhjwC zE|wW58^VoF{MJp2^^03v=?e8i$nJ+61PLLZOcWs2wDAJxuGQO$D!}M+~Rh;$X^xY6UM~M9F#8N%>f@XIh@9M zi6%cx9=qNBc-rZ5D~^Lz>wEA1%Xe^Y6Ol2FvY!`RrMZC!wi(ToC@uKdoprGE*^*Q; z(o5?`U{hrae=>P3aGgThXsd{31eCosnB}0AHCSbh&PAS5jNOE4T@~x8UR3pzg!@A4 z8khP=>lr@dIA&|@rjVl(RZ}PoJ(XkO@P}umw{F|hRdQ2^Vp%>$WxW$}H-n?xN! z9w^#nK4vqlX;p3*ujz6$Xr6)-a{N}c&%R@=HZ7;HUaRP;s;bW4r@Q*%NRe}Y+wW>$ zSega&CBdbgoOV2N2#P)4oAdUX ztoum3hY(T9r*GR%0CyZF=D7MZDIYDvxrd+-7MT|q0Xw|J?_T#ULy7S_O8$x-;3qPuBmt^2_sBlH9ph{G-2jsdSX&i3krUB2%a6SrV zct&suvNZ0hL*#Vozrxj5eV=6l_rF`wyLWz})Sb=C2}ttjai%I05H8xvoFL_Az^L3qCZ zJT11}U6GWK1Q-+qp4fDUXxutOLxoezoPAe^?WA4vg>z!nP;N8VAXFP@2 z$F1M!&bbjrz}ptaEQtXB)7AFJt9@R}0WA9izuOfBILeQE)XdI{4N5M>@9QihPpWJ= z4O_5&VTiMtP$5SriV$&I3VuwPwd4=vO1aG3cr_4~Oq z6y4R<>_DAiDurvstT)VzK)>=XklNIR+V0`NKz}de@HRr-do2?61*=l*N&uG|dydis z-F(VC_6Eow{iCalx}ldCNTEd@t7Btds9a^^1Oi@Mszvk3eknP=8>@a?&a1cOEAiax zWzkr*M7hkO{+{|)>-y4+VfRm@2->~;{Z_SnJUGqwX$59ZLAFLmQLq7xVNYhNKwpY{ zB3KNJtMoP^<@Rz?_?hQK>&}ov`kH%o+$^{j!{(~H^;;Ox8R6t0g%vWM^XUQE`yTSU zKA_Z~#r5kUkVt1dqL(AQB3_}Vcbft_oQC%khX(A@;&(_d_BZXcxI!nr1X`o>hf$(? zJsw*ozTBo=feMs<$yswiF?kj2yjL|cBKM9y!=w=XaIrn8S*oT-wgJ}kdAf76t->K- z*O#sM3Z!G@xIaT|m$tSxH(UcH93iTdq?=@OgKS=w4jZfM`-$kN_tQTc0wd?DjIt)# z2zY{)etgn>^^eD?d%fFNx7B4cSlnyJya8G(qp>Xd)$vkV7rEHShT7V98%uRosK==U@>rBs*VU9vk2anwnCrWMCy+&mu`wV01M#W!C?M%yiucFxSM?>sq9YVcEl? zlE+dScKSd6s4R z@z2>TtFD){f(WU9S3SPo&HUnGGXbY@gQ=8}=WIBo?>b@}BVzl(Bz9LzVdi9oF6ZLZ zuSaY2<*CDs2R%5>a+puEv;9E!;(w)X|AT`4bJ59^Z+>_wBSu6CK^MV^7yH&7q;ouQK*0Ks3`V)nE9go}S7!ZPiP4RiLk=6lttD z$NI`PNa1naCdnu}79Qvs&s z{D|Z%-D<$44Nk2oUypIPzRRwR0CgR4Y{u^S19LJ;0;Lf48F#Q1y59N#eC1ms3M~0j zgt)52=qehkLINRAcGqu3h-1%d&~ICeN+V1gTjPu=u!I!w!#)hp%Kz$W#O8K&l3jvL z)91PDO6$xy%$kXZ!iUMy%H30?`$!ml*M|HRbvpD*P@YH2Y|u0>RaiPj&xt&G6W0nI zbs>R|n9EcO<&7l@`zzH9%(}MqJA){o7cO%DRTh zcW%+=tLf*5>*;9zaUg{f>6IJ8fbf4uo0XZ#7I)Tpzni6;#vuiiF;b;Zllfo2noXCe zHo#Stmq$^b?Pg_+L*Xu?5^~VNX8P8Kar^>cD1W&(=@g8mfa4#@X4?Tcj_W=W^bnxl zU~{&=zZ{^AuQ4T~Z_ytd%Mq~)$E1AO0JoqSz$$-gSAY$p(((GKUu4^H8KG-A$tT5MXB5;KtIh}AaVwC-Ae|If1DK&iL z<$@bW(C4b`5|&exG-@x^B@0zGI^~=DcZ43)yHKC3b#|`ur9VZ%w*gqNK%467?K&G@ zgDiwHoM%n0nB(}N{e*qO0{{;tvspntibmNp-W01p$p+!Ge_Nzdckbf|Ed*QVu#Ll% z7VEPGQVMC7UT+n@Ws&q>m+k6DO69i+f$&5#B%QqJ+6hSebVlG_{-baah1j?3-a;$LFIN~Qt_wH1 zP#;EJPqLx?otS#8v*-F1T0|inhWT2DpL0HOCO)@V?+__`TbL&`rPO_ON*8rDR8&K+D;5||L)5Ll%{cYnI^ZBtef?rdHU z39pcbcCJN$1_;fFAO~9W^~H$03sc$J$<*Ehty6J26F=oX0J>*O%aSd6}Gu^#FysXT_;E4=Da0PYb3TA&z=2LP4Vf7+bxlaon6(BHE~s&{c3Nr z_tooD$g1FR?`!(|GrfAcG0RTRNl(#+Z?-0#wyuZc9qBU(&uFQKHfGh~I9P-AmM2vW zu1Je=(FBop%K4~gSQ4Yf+7&uV9m<>5V}8%q^V=C6Jc|J%d79jwQ@<`DW1vA)zU;fL38T`~=X0%+j^k$3LXj9r33K(fRVaZB_4sWFoQ$}k=7Hd$HMO%1($ z3h_fkx_;L#acsI@4Vv_s;QL4ROf6F_ z^HrA$sY*7N_uL3)=Up&jqT2N* zIRP+>gM))nC)3+}{m>mlSr+HkT-x?;-~gZdl#Ob&z}-ksV>u9V>Dotbq1hjp01i#I z*I>cSwv}~WP6U&_HU-gT@jKaD-5;g($7JXlzg+y81ejyX$7__}Xp;OZPaN z*}>`6KUdA@{o>CaudD5|V93b}M55Vg^`~ifFue=Ma>H{-m`r#anfUimSm5NyoQ*zs zD!I1rn7nOrDh^lAZH&i!t-0?lP}-}nf2gsgs0C;w_1S}n$QAUAVM6+$CG{4jnm+e8 z_ui=EJX;jM6D`w$(6aCc7f(GoT*9Utv4(i zya)ze(uER8mr7BHXWSD-(wCg3;7q7gMBVpSug#IptL1%)YF)3rM&-kQN!Y!v~u zm7?>JN}Wq4!UeC_&;le%@+>e7AGddKLrXOHm-5$lxpo6&@KbW{NKN+@2~E3uSd5Ov ze6=i1cryER;-c7~)+!PcaTfU<<`lbP6yf#F?SoqB^3DnH*QoRvV5x7nYhrkdB8eJX z1AkuIgy;VN7)O{TG?VzjfflDhlM3%p30Z_5VcN?X`oO{7dP)l(vG6WtqbO+jq8=H$*6VH*6=(>GsW(X9vP0HRN zbfNGAh7NWELdG(&8$Z~kKH3`dR%hNeKk{keOE@g`xSWk_7V<0$$TZhBLde!Wt0zyn z%3j{oItb&dlo9Sg5;*Z)MQejGlFZLs2jb9}^ft90G>R=Z@Zw9*ds?>P+0nq0Hy@M3 zBjtwBM8)cK-T;gx>z{-9mF)nJ@`@H$NHgWi3jyA#1y(Fz9?H1daH!!}Sy??q_(J*V z#Z3UZ%#7gM{X<-Pl2akx~;JgZ?{Y4an2* zA0qO0rxqI>=-24o{`JdHJIiyG25B5dAGZgv{RUx=zsiKO6%VwUyj-NM`Cg)D%vTbh zspglJ*#Tv*pu5Rw>2En4gaeh1cm7jo1nhL^lGNpCbrzodf*$bT|4XfTJ9tSXpyRIA-0WSZB!VfyCK|-B?$C}S z_+QgIwxbTSjy9vZCdGm(0~}#C(YCkQnO*=}X*o8z;=KveKtW;-VT(0of&Z$+>F2;= zbn||&=x6Box3DHkaduA)g%VSHt%SBj?Fj38>=)aO3Ur*0+cVn28{e&HPqX-sh_7XAxu>YF%r?ui)WLVY@xFG;bgp z3OoZWjInX$BcW8Jp%ImAlNfn$8B_*jEAQu(f2m9Jq`N=E(V3=dnwhvdPdw{IN5Krc zX*o>Pf*7S&ai#Q!K?O=z_?qbVf*+^ku$6Fe6=W7g(I@R+b*hakt1OF(Yj9-sBay`w zG^2H*v6+XcE~O`6(whj{Vop|mq{&5ED_+zkt%!Rca4`{|KYM(UVtxo!Jx~~tSH&rz zWMWs)bRbx`-D11l#%Y^?X#mL+@qfX?$I1)w)6bx}bC>L9WKh(9zfKhO1$?1xyh-W* z9HF=|9NRn#?&RY7IdD|u5C8{+ja?}{(i&k-yK5+0iw))gYH}Wb43oe=2UzLve5|#0tgpgnwNa1& zyXOCR+!tMWmpc6e*QqrZT<%SL^(BKqY7z7~f=qF|HHlHpcX2{eiFN<6;){%l>$0`b zthH#~Gf6vuZ-vIOIk!=Rfh6}nZNC+N*ek5cBLyVi2ei0D$meIIX{Sxc?!51ADA*vN z*ialTT<$aGzJG62Jl=dD6JGej=dqm^CLH#2xkp!tFViD*+$DJCicW&E{-H0!<7Qq$yOb=31^-m7TR zbEAmcQU9-P3U-;_e3cxLSs+38y@^bplx@A^Cm+!gbszG~e$r}nagX&t+@YQ_fskxk z3;9@*>p{l61WNGkNQR)x>h@sLU=PqW62n$#APlORvde;we*(K&+_r8`*Iv^)pR54t zz_ZCne<9*^B)QvuySmio$$H@rZ)Nd^;zs>PF-IW4B?|C6OG?60V@s98l;F*re&&JS zaME4ZJ8QUbL$2)R=#^97I#b(bi1GS5_@=TOgy}JSF8QouZbv|Cd;TVgCQ!$##sNTa z>;_l!_xL+QycG4T>GH~r6`3O8Phe@if1X>Zdfo{jp<7sNgxhq#AC+7I)kn-71++RZE0ss|OCLCkOhakf;r=I;?MYe@V5Kp|H*oU)x+b%Er ztPRV&1YQZ6JxI2bL;{p-G)SSz?QnYqTh99(TL$V3Hrj$G4!{-`hNX5hka3Zslu~ ze`*}X${X~x;ogrmB9&r&fz8O?;<&z4P9vDp(uC}eWZpwIdKDXUZ?DrON@2_aeSSN; zfEhrcXeR#m#RdV!eEj@>6R1TGfH(V??tn&8C_v4eWPYPhD`c?Rl?+;noNHYEQ86E-ulQ-N1*(!V8p8 zlb9iR5x`{RrRE-$=7jj&{N}ipxR4!u;-HBR{~jT~57qvAyP7p4{yl|YpLAFxIItP- zUB-rJ7u7|j1~w05ngJ$dNhen50z1nQY$A+&#nWc_@ zZ}t0_RP>*En|LHIMK}@f@AtZe#a1%(^z;o6*tBl>PBTcP+BgvizY&RlEaX+boA&_W z>=x}ON)AyIhswv4@gHPqkG<=wWGxVXoYd-0OT&IW74jdel@a~J-eky^#mH^@e8CeT>;ctKx&{FTtwpkeX#V$wHzu>~nOYWYtI|4b7|y(TVG4say`{`U99( z56@w-P}jY#AmvpB&ZNIQ;E=4g#L9Um0U!A|C>H=lv>CP!v)OlkP8W z=mdV>;iFAjm%;+*!n%-4hJ5N8t6>7T^*=a)5-t<7I59VkP(L>3LC3|%*~Oo|@L-7L z?fBvHbUft-Wz%%*EM;7YwCOcTb$fZbr}_TPG?Wb+T}7E0Cb7QPOsm1F zNn5CbX~t zDQ5aJr@p45WJ9FcFVWkK4hb}7a%6J1Fk9@(u~t^yDxuj^(na_AR@AN=1Ah-JMOp_` zIA&WrBdU{u+Y)dtPvcINlF)3?oU>EbWO=p&>?VX7fWYZs>^}LwJ+YA7-FY++IxZ@L z3FGy|nq_(L!8FB=+phT7sutp&aVz;XyVVHF6|~?fD^jX5;5YB;9gI9i)wS6! z->_s7!f;n=ohbduuC+{TJCaHN1XGwvD3_({Zx6x}pgkiGONiP|+B?gh96C}_#C+f$*x99*C(50Ut^s_lB~eUpi^;6(30#c?K8vMDc^qA zuO?rh$Do^2-}f>f@SKK(^=#8ska44pH;Spn~{(o@3r{0&v|zZhxb~t>mem^ zQ1lXd3Bs`d6G;CbaN0lIc?WEQjolpb@0k4$99Q+$@P}7r*IKt*P6Sy5NS6uam7GjL zZd>x>*v>0?HdJpI`XK5=L zhYtw%l=WX8Y3&I>WP}2FUmwg~LdGHYpC4zkWma<|S3jM$_eB#%-?;5fe5JCxvY?Wd zk&%hsVdRJCYhBr3vq7$&pM3lg74FtUFl|+jw&Eo^eD8V8HwTasJ~f~b^Kz~B{X;N; z3)?0m<^|FQ5Ixz9+8RnqthsU86_}X?Pp7po|aZNswa|))~$<#(qHJV0wAI8-RU|U6(qtM=uR%n zE$0(5n2`&>V7m+u?};t0`Up)zshaCt>`vs9pM?cKoS8naBd>$}ennu5j?*N42RG5% z@3Z6u0?3K}Q4V&dan!X=eIUj4Df{wR8LFT!TLu+X1%>mA5RO5vZ)~ilSFk8WCgSDT6$q^ZF%1S(?r0W8pC2CkI7+R6 zd7%I;Y5NeExB(~nMp-%X4)9%2{UM?=@!3fMbh_5TOu;Na^CT_(1_Lbr9NbFba8VJb z9~jBt2FZ)W(69V*l!svZEi;lGFot%>{_?)>@`aU=bg z0gDKEGwMHWWxvh;vl5f#S#`G7-RdAE{_gl9ua8H^l1dHdr(0^RBsV9cMtc*;^zmUQCrrhLI-B)17Fnx2fvNZGc zKSP5xKO5W(4uzgX>iYfC(L0Tc3T3=RVd-)dLsr7If-t>`OLKvy& zOCx+RUPA*1mbc}Y+y4#*PS%A9-NI@9&5Hr4%;0u}_upvXKa>ruznpomD|) z#&R$bFehP<@C{tM$myNL#}Z$qEr~MyQdH>8R(VlXka>XR{~Cw^XZ&%W-VN%YHMLN} zdnvCwsYW8}hd)Wp>Fb7mO=r{(f9JjNEhkB!PjKX+47M7!$ql#8JTqbK(h(%Thv~R~ zVVoZ>g6jFDktQRqgtm=>#G?}XK3BUaZt(d71810u-meGKB~ESeXlO67VrkM>3~l z>)Q?5kR|Ck>XT4Y5u5(Vuj&pRW#A$DqL&9-7tB#k49R4L;Thq;78i$@esKo`jR(;)L_*82cPrj6G22+UF}O@-jk^8=>LOW`@c5+zXDDtHz79mWZ&e5 zdgXkzNvHcxR2KVYm6WFDbef63&qfdYty6*%%mESfn60dA*4rWxBte5;E6^yKBK{RT zCD|(x5ds@t!^?!RvEi8Hi-7G$`_$-FsbzuY1jChjSD+&&P|8M_rr=tU84TF+vcxQY zlWLZzGk-a?bj=jp0nUlhJ`i)nIds`$&@R(~8h`1$9D%Td8R!1Yyh z2H*@v_1qZPzk^zU<^%NqdC{R7&~!%88C~zrHVBPBY*Yt4R~(jZ04A_#0`~IC%Ii{t zPJcgb?ODK1WY}4maQ^V{aef@N1TapR1yR3&e+-6HCBY8z*ho;rCUz3e&;;}JvmlX| zBtmQP@qM|syFjC+Dv@ORLpZpEfIU)V)yB`y56!z7C;28r#OrGBdF6+Mo`wdu#qXaN z3(*Jm*S(oH-`MghDHpbDYf3&26-6c)lM4Fud??LB5H!H}HUe#R38>o?epi!r(Yp~E?5BVG{?MNO{)X)z|P}o|H4W2&x;{oTKIh=N7&OIfLJr5VPRpv zfBy!25`!?ufEL7Ow7asamroxeDHDQ-`8(Kxe+zgvfQK-NoPnK_v%fi(RB#AsZ?*zB zt{>SAh!|no1Q@w$cx3ntv%@@oKErZe8zR69kxbd$ z&L(AB;-5(ot^5`Y;VH$W-47r6LwKH)k5uw9mdWeKdWMpQw?v0$U>e{%dc zWVZ)TAp9~3AEaeR5Y`NN)vj8uDDvyw`IfrqIUIcqj!arGzts>P3zg?tW%KI6LOn#{ zlCw6KyQ6rt_3>`6<>=y3N*xJ9 zSKTohh)RfwitJz=O6{$0-l9QeH_&gg_Iif1399JpL-YMJ#<6y}9Im1X&p;&wt{JM5 zx9i;@9%k0pG$(XL$*s8k@f9CNbNHvL7LT~A3!Z8f9y<7}`D6g!r{={sKYU&r71pe) zhtP8o@8u`i8q9yi3X=UoHVE9}x>ReSV4rcg*7-VFsKBf}aJ1a2NdTwKQJ0D$1m0Dt zYSP-3k0bK|rY9PD6B$bE;K0HUYks$tfSYcgj1^VL@Ru8SNSm$$-+1?^;eF6L-oAar z!f{M@s61N*o=#E`HmnMs_O9c=_AGxFXU)hxuG9p6jt3Po&5=L{afUp zD#_C^duG9hkhy@3H3LNv#T!QkNdgIy*lEMe_3dzRA75fCO?G{C;SKwUXE|YZTJ#2- z43ynbFVaAPQlBxlYDZSSx>}vMYff(f8Y`vnhxM)aCdb8rS-rgeyr+B4NAat>z)1@e zE$YG@loNs_~ zO;JL|JY;1LH-?tyO#+-Gc19c1jdf?ynPsiyeC`2Xvh`?HW*W1XXp3iY@xkm^MYgaV z4SbdP@2eHScX_DreZ>*m8!O{LEpNnsgd$|U%1H_Ju*+ggV$v>;{% z4@82=3AMa}3CvrfmT`8#x@F>X-v`uj402(wUjqj|mmEfKULRNm4P=4W*PMNj*f_kU=ns_1_S=L$FmUf;WUm7nyNZq0e*+w8RoxwH{r*z5#s6&A+OCAw@Zjt zm)=|cysu?eNpTdQ;FFZ$wEB^9R$UE$;-ygnY;5dz9xXh&fXi$-L1#2aQ%C>JkNfsp zV0J$;OO|FGO~_#yf#Y?zE|uPZ2+S*T@Q0bfjoR9UuNM~;)hTK$dyLJrDlZF0N*PU1lM7?n;gT8MN zoq%*;SepWHRQh{^^V9Dzg-9-fL}i>%jiM96QG#`5b_4NXba$%^Tc6@PU5x5JoG-a_ zw%g20Fxz}26LyshNUTWbci3)dWliH;Yqe0=zdQHj=XaUYsy1pIqB}m9 zq}Q7fh6copCgWAsrKeJiu!<)XQRu+?I*3vcp&ulh$bOKV_-yB4Z*)nG%22Ym5s#!7 z;xhL0r)3tL=^I^4`7eWuEv*{*65=HV`yTQQ`+DtOU87lZql;$DUqreD&tDPH3y8jCg;zi$Y@N{LdXa(n>H#+WK&?X@^;;GY3BQZd1OG z)mty9(5MJBl4H~&mV-frjuIUW1YVR5zeD?b4=d3|R;5u^ao$bI+}6N=7xIdG--D+; zHtKrFfQ{EhEGKcuo0uFKDJwZm#jdzoVqM+KH!E??uM-~KY;!BqXBk@CU-j}GhPAAa zMe(*(&bW*w)%Xy%J0r_j^D^R;_BShuLovdFs|=-y@WUL7-Hp8*8&@f#8~t7``+Co865`~V0-u}Ef7i| zNkfsR%id<`yb)}2DzW1oxuGyK|Dh`!K zpZ8FPpPq|#P4+S{fonuJHEd0Vnmg%y*sz@UB4|H-2Jg8FZ3vOqmSPB4D3J?4(0+f5s}M#1&&RLE9N|MRQkWXG9}+jk5}HelY1ZA4Z( zA}1^B;r5H?AD)0cYzP!*LWNSMzvKGeUQZg}wTS;;|H(}uwRP&K{~e&m{MDY;yMoG2 znN{I`XY>GeGq2Sf_?P-9m^GVHLFB`gpH98U1_SYP&Tsr1ScEF&J{^m6&pc)ubrQob za=I$0s9+^A2im6JgsJ9X=Kt_*S`3$Cz z+T#n4g6&aGGl97@Rpz@_S?2t%c;=qp*}|UXPL=uTZ@M;}S*Q{OsUm+`rt5mKu&|hB zy6m>H4>hw{yK}4+Zy%8WN_Xs_sgz7vElgR}8)X@;5Jesq)XnJ>E7W&TYc|1-B{kpa z2iDWMEwCnL8WL}v9=xakd6bcaE@X?9=Sv4N%ZwV+o3iVIpJ45)b?|!xWQ|Zx=4F-25A~uH^6cT(q|L6dFabtEt`q!p zu~^(|h+4kkU}~&FWy@_PoU-AO&mxT@%=m#;A>Gp1%ZsKG>(j;PUhw)EGr>1TEeY;;QDeJql$N?=>(&)poBVS%i{XP0_!^rLk8j$CQ?P9q_fy$E#c{F zhDX8SvaX4eBu}^Uq|dM4mEgTsBtg~*jq0Rr#fmUXP_oj|Ojk|s=D93nH5`S1*Yr+k zk!wlcc36NiNUE*NQ}oVU9K9yPcNf`Ga^3#G`9ABIv3OiPXH0<$JAoH^O>|_Zd?*|J z{w2^dv`>8u!}oRe+69b<$eWHo_yL~?Iw)qH6q5nQx}O1ut`+cBp*>tk*L=&*@_>aF zqo+$d4HqQR)-CLK&%+Q@5DM=W{F!kJ3WipRIBV=$jOz=f7-a`UDqpgkQHk#PHffoR zbs{sK!+rXVuDZ}RaqYynKKcle0~~}VCu?YYXF-i-T-4<-sEnQtEy?xx?zA9`M6`ht zI7>aAO-VYjG#9q0zBg!h0zol*9g*)YiHm-tY`bZzO?|e*C{)A7)5MEHa+TsB;@ucah{O z3=)+bUEeP%MzW6dOeU_1D$5!4+#cdY{*ZlrE!7p%=`x4J)&ff|h@U5PpEQc5hKfV7 zUbIt<%I;{2OPEOAh@6K&f~7yGLo;wG8%yL#Tu4h;w;9fX|7SV);=jNOe7*T7{eP_*;p>2h z3-D4Bau^DIB9$bkO?Q|7J5GMTOS4Eh!>}&g9DCD9;6}LlU(|%z3SDy6%_>Af^Ei9P zh9BJ#KTw#h;y#5g@LK=mwi?=w#9h;Cy-@7k=yX~Ac~NNL|kk$|J zD&VQLJK+6W&EqQr%s1P>s#>o9!~X5+Cl{a-S@g#p|4aQ|cI{?jWqrJ^4)6m6+WGNl z!0{zcE2^ImgWY$z))FaP?r`+5n5c&+_Y^C1L&x*afxcaT>0iJbln`A1184}D|B zi{de>V49$fC9FaZ`_0yt=5l(QSXxpg=xq&WVl#SAFQ6kdHa7l0bOfI}egNCvWHs^^ z0DCs-8GLS24qFWBM5n-Ar-1U6djO^2_Hf?i=4fF8k9Qa1I4+5~-4@c2} z7hgNO{pZ^)$J_I*{s2Hi(b;Y3C+0SX^GwY27Z3+F@dY?pD2Yr29!Rno4&WIoyJfo&6$nN-@(%GCFYL{ zg*JDE6KQ}7@z0n}h-(g5FU}p#hf+%dA?mMCCc!NdDL|}d#7^oS*rxo zI$2mzI6*eI0#p(2zNC_&2c89}dlEc5ahB9GPad@;agDszQ_2IG<`+zB+zBzC3pyhZ zrJD_P@d#i{FzjMCgeAgi%Fq~NN(B3PyE)=b{aeJ(4C%-+w*t%en_T*T7A)@Egvl3V~P zS_zHxxRTN^wl|8#5Lt25<~60n^WeDuQ^1E93hrflGF`9N!+@9gPp@kMFOTX07qWvE zzpHa3;z_mT^2?iuqR<@ak6V z5d*Rt_?~mt2FUIgRaSUl$IR}mwIt+s9NSxB=HyKHYiL*m*Iraa66jx+8KJon0UcU3 z60Yl#_QbPJfU-6KUTgbsZqDlTM}eqT0oc0*BBKr~P*WEDO|CJeR0gc82Rz(&d8j!6LM*`Ssv)H-oddXEf?r#%jqN%MScvT}t&i2B-dlMTnh?u@l zlc}ntt-^0%X4m?z_tG3_XOl)CjyZf?qFu+F+d@vdZtHm zhLZU2C;=>cqhxoReiM{5| zV!w@rZo?s`54T44n+MIh8ZYIn5M!1jCx^d3($~#yb@J2-ru46|xSygo{H2{bUSd6( zEo?PMI=v@7o&nmLCG1xt6LfybMiD|S-{s|Nbex)`RhVdZzjsg7^V}K2*ZV6d?4h|@ zRlPjlwo+GSij;nDNcOt?bV?5LO|JlPj1q7fc45&UoppzB*FzrcLH|_R&QCJD zsQT7qE!CR@Ke(j2IE8qr}88-|Veq=@cmAeIby_p!7jLB|q87;# zq}PX*Q&`hp&u=T02{-}QX7laQ1LKZLybL17p1M0efQGXLymu~kM7)of$R#?eN_Iyx z4;m|UGK$1H?EQS|cnHZ5a+1=FKSsVA(*VYtYFeJ2{JuHruVADbaUqdU9Ys>spluot z*-;E%#ca$%&p?CrZKf8>d*BhxyXd+X_Y)GyeSWvoNRn~${3#T;>BpB2&M)-Ru( z%M12{0SGY6-8r%lhC-4u^j)t$L7fCqD%4E|jz@8b^_-r7>iWqb19v0-p^?fbouB0W z^q_7ru2{aW7(|l{L>08y8340EX~9b`SHV_NjCdJ^NmmxG4ZTK!i6kE)yhDghf#qRF zlA}NGI}jYn{PB)fdTu?77k71)89IGxHsqaUoq%&y@?3m;nXPaRw$n$QYI4`hl52Sa zU|a&pvxVxct#!Lk>|4%D9Z!Fm?C@h$&t7MVUoxODJoLK<#{B`;DRzTe4%pc!`C2;G zOToulwg78bk>m*+IVdXA*dxm%P?_}lSS-!jV^~L>x7FKBt2FAc>Yf-o2TD^uvy$Rk zqmoAnj<^!G?juoHUxoa4Kt{5v1V0`m5)-XtDQjfLay+1Z~O&0EJ3d`4W+p7Ghw z(kvGfY!i)E<#lirDDDg&(yMG4Ghr{*e$AwetMnInoX??2Bg#nWa!|*h$TVqyI7I{& z0do|N>?9VMen`MbpjxI?tKB};{ok8&(P3059q^`ojf4@7(m)du@jj8AY~~cfnNVtK zH61b-Wz|%I15R98SA2jq6!2qK`0T`Ep5u!V!x=hdENID94p{OPf_8hG^N#EZ@nZ82 zm4`a+q_AN2z7?f{a)j}jEpKvKBvB>C?V4d772X|Kt0HPMuC;l+<*)XD?H|FYM=V`w z`4`LL8J=z*dkDvwU4tNs{ zW9GXuDK0n#wF$SWGEKkQq>_-*aBkRvlE}e0D$g8WslLyM{j;4jC^2VerI!k@5I;;O znnC3$j}REM+&{gyxOb^OcZWEZ3r|`^dU&`}>3JQzdhKXW3x54icWkfu-IOU3NRq5O zY_~Bo1wt@A({?k?*8`x?gzOYRVy5+<9X1-L2 z#+qg(N(}Gk!w09SJ3L^cR@zdGiY`9_Vc%=JdJmStezQD z;?lahy2?=ZfHeZ~@WNYkU&g^3(d;!RG5uh-ov>Y!>Xfs5)TN!xl`@2iwftV!C}M|( z(Tk87EIYUAbI2I9M|HCIh9?7TK9R1_3G6o=C4`~WDI3tlLCJ(R2=&Y+m`Rw$S+&Y+be}Kb>;nPAzjZ>C&2tpgnLM z558ESVsp8E76CIgV~m+&=V@-B~*|Be8Ntp3Ki>~UREa$g? z!YcwQ%@Plci5UDv9EKTs4zBTy%69Cq%7zK9Zzs)Wt zfR?pjff&)wYK@dR;^Qj@K;B{{7$=z2Ci0_~OU7R;KtPM~y$xgl923jqa}r(Trj@R8 zn&co58nxK@aR;bN7+4(50xH}q1@RTIKu*}P!M;>L;Ex~&$STR0P5i-6F&VWq^7#_R ztO%uxrWP$R|8@pptl3biOL=5cm*X>`#blH&M)1UU23LV}wRT3O0;DBqDAl-v42M>$ zBP^N)84;SoHz-a3-v?h;_}N6gFuO@ynt zu1xR9G8d5wHa;~|eH0?oW?(!xy0-~Z)}8~3237%FrxQR0wBvTo5L7f!gh`8oSmq)k zBDy#_MVVXo^wT_CCn6#uqFvD`%3MT5L`26Smbr+Ch%Sy;<{}~@x;SE)i-?Hm;)rD~ nA|j%TBbK>{h=?wY@4oy0OvPIRYp3DIp< zjN-sK@B8k(*Lv0ygexmbAtT@;KtMns%Sel>LO?)MLO?)L!$E=n;m-Bi1Ajp}t4fJN z{2C_Q1z)@}7f}#_fT)N?d@zIoU&A{{Ydb?gpme;vAbae;n?OLM2*`+wsC(!gHp6>k zX*9Hsq`-(m!IK^|8qBJoiKB60p{3!qMIy#TI0Z!N5e4r*U{9)u_^rd>ysqCVr-5d2 zG{nLco|Ak7DKZC7Lc$kRPH7@S`jB&>Lm2sEPmww|KIr|i$($nz>2&{?dBl2h>RK;mbAIpOL+0BP_87g2*Tq{!gv0i?*KI!|i>c4-%GvY|u ze=GWSxL9Gl9)dhKHjkj-3&PsMQcz*iG=XS9Cd*8y!N>Nd<|8GYu^4p7f z`uqgJv=+Y=LHcD%^X@1-pSz2>3gb}M5}KEfcJf@k_Pnh!A5l!_KE)wMCg8MMEI9r1 z2pdDhmyw)q*+rxBS*@u|yK1X9o*ez}Uuuw{OWz9~;C%QDSNa)7e91G2%WC=AvO@PJEL~b=vIL z?h$-vGh1#sQOI{xN6y5g$e`}={PgICSeH-xazhvpt@}E(p{OHS0{8o6Teiz}r)|s4 zKU0{6%I)oI6l_Q*ot&K7+uMKDZ)G&N?j_M_(6O0*Z!yfCR1r3dq+Vx7X`)r`BND)!%63HmCo}6WGo`s5&P!k}{`9wCI{@E7R{F6)Md?*a1)-pKoqReQ?xym~E>7YHPr+*X zhwI_*nVQyIACoz0ENof&?L{7wp%I~HhGT7QZA!V6q~33`$v-~)wh}kl$PI*bvsuwg zJH8O@v{|fkJlp6~;y>-|Po~%R+)OT1_|kGd%tz>Ze^_hZbo%-SR0XF|XPCm5caMJ0 zE6<^8#rmy+KYC^L^EzK1?r_$9k(@OozJKLwH>sFz=o&5I}2Y&)#!>_l-3YX>o~xv^ z>_YIicIj%`}y&jmX@}cZzG;L7#6PBrv-K^ zP7UsBT^+YJc83H_5dt<{nuTN$l+50A>Av0~8K%+n4~Cb(CYke>-@aD{uD+zdNg?hb#mKGE_=Nq#jL0O z)~84e6|HCjE~@R&x1Yj2kn|pC71gS!B%eCE&S4nn`Yb-^R2M3|5F;# zkJAYyA+Q-Si6kS%yWy)*>`AKN23~)+V0(E&DxW*cmPL(;1YOW%;u8}wwQCs8K3n3R z{y9M0VZ0}M^S7j=B-44jy`zJjjct5lyae+W7AEj5ng0h~mmM?&VHC(NG1`q*pL@4g z5jq^1flE|E$D4wabGY2h=Y%}xve6sQ{?y8Lu``zcvc4qv7U|x6 zQQ)Y0fK&L^V>LjE*oUJOO#yS`wiJ|{{D*fpEh5lmWC)uK-}q|IA4q>1-GnZJogQ2% zjzl^MYKmFc2~_AR@3r$$rMJd6S?uM$2^Cmf1%W=li9!V$#eBPe%?AE;>!*Eb*$4); zx!OG>`EI!srllHN0@?k7*z$4~3Vgcl)EvL%s(WgBJyHYJvJb!aT72%&-W!Q9c6D}k zc6U$z`uL?jN34Q?jEoFT!=ex#lPV5jH$=Jaw3|Ta;iRMB{8bz|oa}79b5V2OKq@ma zkCREG+u^dudNkLHcOt@jY6Pizr_E7;E8CU_vJsU&4dcr( zY65c{cd2u{&z|m&{mzHD3Vz$u=8b$m1b5l{1C*K+jej*^_2g%*BB7Am-NkNK#R`v;Wv1=*x1;dpkRW=as;+G=#7P+z@dDY$axAf zB4N{LIBM9}EYnjEC`QFMnl91CNK^xLNTqDhzFv5(!-y?WM z>*kBAqW`@)UFYH9=`6yg;M&&#?_SufQ){1ja!$q0toR!PEVjvQ|(4OjXPDTYZ~9T`Kbs zd!Il?6o4CmhD8zos+?|J*8GO{st>H+2PPdV0E0YyZ40^c*g1GhWcQ))gs}oR&6QqRoDm!)3qxa+aO9hrigj zq)(#@kC(o$$OG*yX*^FNvOAi9+)kR$d28^v_4z49$IdYlSGXr_NZD{CTVMkeqlTd` zTxzx(2Jhd$Po~oV`&SOS0`s|M!H%5DZOx$QX^ZQ}Azpv?zWa(#s7Zn5-)bI^x@luh!x@_oSVxmqgZoEWY+NB>jwZ+AKRYE&L zQ4>=jnwvmF06SF`HoWWwLCHcq_^#|W5Vz>Jxa^we_-GazPE71tx~|i^9L%aHX7PKn zSza}LpOvMQOF|mp_tnY~G?EITq47A2gg|kE0y% zWL4I>O)U;}mg>}==~bHa>F~Kmg~$BTYrf;0(OsAO098R5n+_00!_ehSq{_?b1lZI- z=yW^BPm&SxZ)RpDPnB6-o?<3*3tlc$t!!WjoHJFLhm1(cx?XZMBJUlctH9vj8zf}iN)wt*j9W}-G zS&R)OWd2s=e2A}s^y=S9tls}CD`es%&B5dI<#va^i1@^vv^9wfMCHHMqUqojDLSSl zCqJH#2!$rY|6Dowan!o6U6FT5?fQb$@@TZU11{b;ykk7vK((GeSZXHV(fDCv_n`aj z@_b~DreraPjbHPJdNBa0$xIr&+q#OkXPZA~zP}~bzm4HLp44Fa*M+cp#q9r7^IY$5es#IRZ94p^OZV;{$h5!}HNK z_K2T#(!ZKNs+3J(&=%yykNypIX*rvrxi61ekzE!B zR=%jpn*4@-ODYR;Lg*x_fCy%%}|Ggu2OwaKxp@PE4`^Sv*=S)`f z=|M13h>J^ZM3kz2%QH4|T0NKxJ2~m??QOW+50MJm_Lb7|-UQRb(Ngo5>TRdtWCm@r zZ5xz$O0IwRnna(8crjh9R`iBBO~|=B3VDB;NKWB#b6X$uSDzITWm+mKup@kVvV0m; zy*C5I-uif~w%G}M3JDHQrTf^RtGlUYF2|r>b-l?a7=7kO($s6&3y_5nTRQ z=Qs;1R~qP#Hq=RhSs6k6aLxLBm-~n)v%%oTl^rZ9`$4mIre(42_`56Nt0cwnv$Mf- zGSN$@T6!gm`AcSs&7T1xpNa92v#dtyA%+?F|6tLr2eFzF;qXQHKx1##u0b^?H(9Ff z#gm)1_Y?AcDsf3?yTs?%IlW(5alIDEYIH+JL=+QEj-;C@k%&yBRs;`R!1sbCl*fD| zMKr|J^ia?Nt{MC7+xXc6%lw~ZHBN)n@((Pa0+#tuP*IUVrFEqbY=)*kq8qemofT-6 z>E%mCBXo^Ge9cxrzvXgcRSAhCy!$o< zcFp6aP9rUq2mzd(QkIq4w6_C;f_R$06qg#Jzi`lgY;c+HON2!w>>chG%<|!-`{6Aq z`5K>Qb2QhFQ9C{*UK^aI-mnusFsy`pu|FKGP|NS^tgEX_>IhZBv8XTsEdX>GR!l!o znnX#VlH|Gpmcqoq5SDOty$bR**NWIH!^NpmISSU}0LQ2(9hiuNh3 z#xv(4Co6rqvmHyYFDT4IVGjk<2|I%u#>RfF!JK!9EN+to){u@(}AZ1 zw~NeUo7&tlNFHS`4*^(}*!-W75W9=jPDETVb% zM6LZw?eeFAinra`Roar?GB+n3sC;iaD5jb`&q0+W=P@SDAg^SVC1h==a@AR!dTk}K z)G0l7W!30hP9FVfGg&K47&p?~+v^E3lcYY2+wrq|A2LNL;Te;RLrgKLWuM3az@upS zM0Z9HH>Xu*Lu61q%1qc)N{Qjc@MtOOs_DBEMaD^Kg)SoseSA98rrBm>Nn%v+g$Ptg z+QJE?yyuSkHBhjMAHw3xy$e&*;IhmUTWmR8_S_p)xs$?IvSsdZ669&i9VYZDFas=7 zre3FeQN3DYUTm^oWgLo{#jvwbx1DG)7Ef`~f1W{|lsfB?7TgHg?69wO^*WU6OZ+5D z+cantTOFCY#N>&g4@HH|Y*|uVUJ(Z^_=nvnSG;P;Y^1XVdqvH%#RbLm% z`@@fHXbP!tI%qF+oJ9;a3M$BW9+ibL$TGasB~f zPVB6p1u&*NhpFt5JN7EKt48qY)CT)E&R=B)gs9P2!W$=LNT;c_(6owDdB|8nWuFq= zf=|JTG?!l|Gp-;|2tJfViKgf7v{;+1FqfX?P)1R}@UmRzXd}jJGNh~)@%C4Xr(6dLj|R7z#z}Aq z;R3lqw9Whatt9YBU7*O6 zpU0?J8Ij3}D#lldr-;!`zFmpwASg)gM@zg>m2rQ6Ks$N9=8I_L(U(^?{#d1Y^Ydgh~_&%*w~Oo;}4i__*Fr`6;SwNUlswe^mU zj?#m(5lkh1R#4Xg@?1z&Jy-ms|B+pWv}8B90x{hGR;&3?~M zfT4+pmjpv6tkv|OPYu;VZOF_|E#|opa#2~?2(R#;whJ|?n0}{Rc7u-$3jhNy&bAC` zFGFuH0sx-H=N@4?S7};VD<`ZQ5RU;y{O|Qk*qwjuIq0||{ayAZ!?!Twcv11##49(m z$Y^?T=xZ%iZTA9|z+@$ordX`k+^~Rp#VA1)%bRRG|4~E34f}bNs5KCPTQy?Tor+Y1r0eaQ^gk+&XKB5H zNLYE&+|aw()=+0OqAF`Fat_>(-;#`$Xi`SeTBaKnX`X$5Q~awmHO^@~|04Q6X83*c z`R?0N_{2jscRlj1rP1&B%LCkxk<2NuYkD$pSR$9-3kdJ%?|M4wmlK=mD(Xm;GI!rM zkF2i|W$Zold$W{W13}dpatf|R&>7L8|IGR&D_?sbhUr@3N zRMdqD?TBmrx$xEd7@5jDpbdz5lBRwt_{>rAXU8*&NxTVk&exL`mFHOw?||Vm?Z>LO z!Iq#!Qf$^3mnv5Mc0+C07Bjmy-rQ4~Wq&+=sOW;r?1DQUq181zdp0)q7ag4{*+j!2 ztyL--|8kIh&dD}MvhJhvoD}mA+&dy zTkhwI`JD^5;KYB(F2xzau?3++exQ@FxCeWRTc;Pc>O1@gwayg(TH3I+5@TXVM@Nei ze!sj0nzw}-g}hY!TQ|pUZ|%-5IOaHZ?`wHz-lprHN6z7Uz1!6pa3LL($L{}l0vQzk$kQ}7Ge*ckH5?(}I99L!$UwW-q-5eGOuT^X)`G3c9L-)*?EFt;?);?f1d^ znvYpu5Dlj`OnDmhZ?7CWG#>q+!|uzGBz5^z+l+vSAAIUyKG2W=jZQ&Dp-w}8*A2jD z$MgN8U+egFi1(wmzek&1(CQAi-=m!a_cU7DUo-Ddc5E2tPuS_)sn)08&8m!ub z;8kD6VdKeia6PRxV#~AexbKV_f@7|Z%M<(-WA_$J$sgdot1TzG<9QGm1Oz^|{}EOg z%|K!OXaK2I<^*Gw5A)?JuL1OMWJFA><9+-zp~v;hG2@Rz)j0g}X3;-1lL+;87nUpa z;K;)J7I;toG|e`-J*=TOE9@?G^Bd%}7Q;7;GSuS@c9?@TYSc5i!WQU!h%ozb*Y2m> zxixc?`a6!q({>s^DY_W@{HQVVT}03KdTpWePPMYSsSu(Jd7L<&zikO}nt{tg&+gE9 zj0sPTUp!Rxj#?{iG=E}f7$J#Eh0H|9+Nm-B{dws%Ug=x-!_C#`y9PYoMiQrR$Me;y zLLfEs1-1AfzB$V(X6R@vErDWk2{g0vUUvmj>3T~H%IXQg%UC(w-D$#vg3-9GrwKy6 zlvJm9>>Y_I_tvyCNji6+`5TBbeL3rbCH6MhGAQ&ebm*CXZ9bHNhR#1zYr>S8CAgOF z(HV1u&MF>cHRWW!`S6)TyVfqt#K-|uXb(-Dpkcs=c!p|MnT0QlI&;`9dH^mvrt7WW zO{CJ(PCbwFR_|Yc`8-D0%~eSY%m&i}PB0K5y>~_>r7JczOy(*nxX!D+;*`zBzw~J~ z^d+U~i?=*n-#?p$#F?jin*T~}g=Ap4az$@P2E#JnC=d`XWHi7uI|1{w)myUDBwQ*~@0pi{s{!u|LnHY6Rvg8P`OA z^^y_2j^-VYNxL4v%l@tK3NizqjE7M%hRS41SvS*Q41H($PSz6G>5zwJE7 z8WIuj#ZlvN3irl2*#1ToJc$Bf0v^2qywX%8N@?`~WpD6MOZ}$gDy9a5SjN`H-V{9` z*w)0d_22B__w?SgQQyc{4$2g&*^g^ zgHCxl7GXQP&(8{zzV`HvieYw0Fvd$FbWrG12|Z+Z8=?T$^W1WFq|T6)X2!`$X(3gs z{YU-joQ--yS{U><8+UIip-&B0%tU=3a}}Ve%y@L0>AOno@fw!`)P2YO+$24vy*o#7 z#JoOD>l)1K)vuR}7p8BGaruod8!naoMv+ab`)xV&#KpSr56Of(g}Pv>v~+xLMvn^^6B$a zPVE>?_)3G`=L^dgLc3$OKD0v`_%1DY?EVM|UDC+lm>5aFFF$2ek|ITyTeV7c@#E|O z+y4m2&d+NV@)2t=>|}d%CxfLyaMim2F_>sEP4@bp-Ur&Fel-;nk^L|oh}rT4%6%Od z4d|9EsWW%e*m7=eR~vna0?$^eDhDh$C`uoGS);aMSE5JlRmO;g9C+P%Wiz`dAFZoB z+xpcgfzST@%l^^qYlWWg?Ivi0eTK1b1vYlQBpm&_?;g|A7f^K;-j`k2`tdwxN2wZ& z^2R>+JUv8vZL+v`TqH0Q&_+1HD>r}pr?z5za1r{CKBKJuKV|nv?LR_IMKp4c@ju#R zH1Ct#KbGzP{cWl7%Xeik-^LzYkA}c2O!1t@$f53fHj+OHxiHBP$(*Kc2*YS6~rsz31XPxmm&5=S36zrDP5}w*aYi(GVU_yk&F9l?!`F4j&nO%mcpc~MZ-TF?6F!B~5t zrR1!F^;&j!rPa@O-|VCWI_0xQlscQbg*_>=9w7OUCEnXRN(H8~oBJM;v$CGnHkUct zE6B*?3J%Jo$k18=SprCn^+3CuKJ987Y#9ZYu97b)At{N`{l0v6F{Zg4WNT)U5ahuiV6zYk7#m8oO?&`QdB;P&M&GJ&IYph8vQD0vxoo z@B=~cm_RQa_~^AWnkyE9^yjnB=~~yKUVy(i0V~-x!O7B_qsxN5v3%GRZ`%x)ozVcR z-j8YH?njF01>pYPYss_OmjtH@`y*)qLVrmz_N}d1F_^{QpB2FZjWvqsK;TPeW|RGjV7NR% zpLRpIdpp}@LQuL=p>UuV*4)QV1D$G%_}Rmb5HnfMjimff?;W6sBIJbb57_4pF%F;$ zf!s0a2jG{J6}V`i^B|N{b)I+uFixBCL7QqNWWF;T^9zUNXXBxiZ&__w_kbE8v*4CE z1FQRmtOOHhtt?VNipcIyXp{pF$1IVw)L<5$*1;9Nljbi$p3Nh7KP_EDLVDwHxxpi0 zs3+dBRr~M$+g(3t`mv?QeD$)ue#+-T3c4c@aBcZI`v9$Kqa28tP0pzsZzFC<25kWj zEHr8FTmga&!)!e#(1x-dK75!5W(YXYNA=el8DYfw6ZTX-fqB4s^7~)Db9yjS5^-3> z1=Szt_obz$y}rBLr>+u>e8ZR~U0GS#8&HMHf8sCR0(3=%r8GJ;oe_a+LYXuz2Yk#x zilX#PG9|Bbo~~DfL_~*jL|EcxcS#t1K_!b>qJ)){&Kc=xXNH|4>LX zla!Ev`JO#{9&|V1xW*Ks>o4MZv7mv?fpzy_ugmzXmbH2eIV>xFloG!b(JixHQ(A>BQH~U0SaoHLZP#t% z9YXj*MYb{rw%6@u>Y*_+?gKJ5*VdW_)+Ry$+@XXp<@ zTq^~F+3lZEA1nV#ha^%fy_BhNGyPwy>y3k1^3;oWn}!VUD^0>3RdRqk;p%`kAyOT* z#2O(Fia1**r%KuZXVvR%!!|+dX$JVnpG#gco@+a_P;oQmFzInY+{3J~6)EA#K$uJWSC0^<0GJxsQr-#U0y7rT5u_~qK8Y6C>DYe6P zMhcr<{j0&J66g`8D?-;OWXazbG0?wI_Lxy9=0Q&-cN_UxcJgZXz3?)&uoKL`gEHP7 zYU`)*6>Jn?^l2T7EU=aP*Iu0yC!%q&;j)>89V9ur?=Lmhigz zpY3~R$skT3=za6Etc7mOga9W0y$P|DdVB}jH{6X=@;N*idHE#j2&gu!7QbiTYa{>B z8ry}kmOI&q^eIvJ znrr4`^@Sxh$hbKz-D;aTwkm81Dk`0?7i|;l@Wt6)a>Ey2X^`f_;Fz>43yLHwj57{s z@cBIN?(aL>vK9(tFrzZbp!)jyc^yf!KO!Beg!YIpHB?+ju9JPUC?@r=Gn#kg9#uBz z`FudVh9EWe#H(_`rQUY_-`;z1C6=t(D>R}$x83)9J=2D2VaX$T3!*SEFgf3pKc%)l zY@YTIqnc?V63K_Y_-Ck|usSx8j12%Z!ZF1>tlf0l4>nqV56~G?7qF<1AKS?76cK-OfVs7rIU4KZbeXb_<`k(44hE75-uw`a<88&+exEWy!wd%JG?Aw$l7s zx|W_N%=Mb;ZFbmaM|ghu%f(yRU+)h0R$7IQg92?x;vM0JSVv^}T5$Y%!qZw*2O$wM9K6B59C80t6}|EslOMa{Uz*jS)5G{I&jc-FB)jVtNho;(Z=Hb&#|XAtjGxv0|cLL)&WRQJP|_`=xoeH2mv-GKn7hk9=BA* z`0*Ve2LK1%OYKNXUnj<<*G5OZ*W(dvucVLtZp^@t7#qLCxXnxwlqH(On z8gJS=Tm0h~xa@d%zP4UkGPD}%bUycAuMW@`JtXsMCbb(nvWrAAEQvhg&0qQ5$c3@u zJ`)u1KuTgUo)KbXr}cW8S(C8I5c<;d-(Cj((Qk(`kv?~X`c)qD@n&CKNq&RBiW3c! zLf$EkMbfzxk1sSEC*RzJ>*`cV;9JP5=Me7+&X8VpA3Ik7q8cmN7df`x4O|||mP;*} zN(5!zQ=n@s)jONhYMqp*LXvpWFvS^(vCb)#fS~}0YS7+P%AcvzavYlo>p1jz+rG-m z$i#mJbG;zzyQ)Wgt|^PDAIT3IRAY*_z8?vW)Acd8lWt)wMtXyY3^uUP;T96zcgH2h z6WDz^snti6PO``9uqCCWBA0xc)672fL^xSmu8Xw`*a#gA9e&@w)#u`J^Lx2`{Sw69 z8P5GS{c2#I1ie}{!fq@N#xu{u2~!vDGFS8LkV3q$W-{F&uJ3UP4@q~I-E8p09lA%3 zTq?$U_gm_GjjeV1gO*JF4i;uJWoz1>;GRYw%gGj&0cG|tv@w)wJi+n3SDVUIblOQN z{HYAuMow;J(;1X5BqZ?ga#Vm1T+JFW!7@SNfdSYa_%@waT6~;mj#fTd|EKS1^z7Kcg&+ftYp3Q%&+7%!kIE6GG+Qbs?Y)q6B@AH$vFFk_w--ya!O9F!^*a6qSh(Dqt*MN==Er200?mQwxPQ*gauY{)oY; zLM5em9JpOK5qjQBqZSnvIg1gqn<4R_;W4Y&j;m6#b#fbZ!qNXYt}*h}Lbp#;UUM)6 z%A(fVXxreRyj4sVf|}h&C&0s3aWE;S~nnL#*Mf>IQ!#qUFUy|fc82sF{2JE><4E*`I_@gc9?akj z`?&C3g`DB(bveP03(x{5zO+0&XIQHEDx{5dvAiJ{+XueLk%@&a|GZLQiY}r3DCoE* zeguaE73HD>oDOg-TRUdmOolEU$G+EmyDFdVx(VzlAOI?(B)wL+M;;&+PbBnkXWr7EO(5Jjp;TNP|D{Iz7_eO32;_umNgjH ze4Y#aJ4EU)=6)FZXBS9?LhFqrB1`;h+KkuLV>GC`SlHN`H|5guM|>hrycG4MVG4~* z2yFBd8*NOk;_D|Peos}>2xfMQeV0(#Ls(k4)QRDExNf0|5!GxdJ0iEU&=e-~RG9h^ z{BbwgA6KdLXG)0fr^Lh6r=AcK0?J-iG#E&gf+uaz7@>cN>lz=U-+LkRShp^Z@nYoY zop2=xkYesh4hQuOt+a>xXXeeE-FFy`n`Vo_fWk}PDhoeLWKE6I8?l>yPhGEF=)bXV zgp@#1rY*&Rf{x}ryLxAI!PWq^l1PNbR=?^=s*h!Y-_-{=DauuQh{jx5x9}0pwHr=D z{NXruXSLJ9v;*q#)5TcaS5CcB9DkO`PY zJm|$p1ykJ6LD)sHZ$Glp(zhJEl0PK~eS5!clXjFZ0sR_@BqKcz*WPE?emz6O$Gy5M z5{G?8R)KIPGCv)PombG2OO0??ISFHTQ6lmUwt=0)>Ku%Rk}TxJy+{mAtrn4%2*lu& z?GZ)xJ&{?G>KmM-$J)Pts?N|1I`vBSmrw+xTPM1b_HQ^g{qt}b-YY{KuGxRD3y+NK zP?-)uP<5o=uA2>kBV=AjB=011?G zpQuJ=vLFd@oLG>rgXrd9t6V~hpof1+-h?L}2HNvZM3CEGwZYkuKa60Wg{Xw&}3NX(Q^5koOG>aEvbE6KX8GR$%e{&sMrG>7 z<7uqMgNHi5-oGX^%Rji?3g%htyFC5< zoJ%qh0VO7gboVk^lR}=KBnDiq@k-@`8JS?6qv=oS_F}#BRuzNfkL^egbpF8&>Yt`0 z8n)9Vc($oqiRA#TyxOQSdQKZA3VrB{X2JeCY_uKI<|AT9n1pNKgV^f;x(*HMI%Fjq zq9{phasAAm%*|%1zHEn#;=Thz=wjy*c_({iW+nNzFwC$fx5E!1Z;*RJT|`zJn_4Y4 z4Bqx)j|}v78rc^HY)85L~18fS_<1T zf0^AM=cMs)mrcM~b`7th9uWGGUm1NoM)^+4z5|j4$93y5ZGlBfIf8&^9W2{GU{Uuk zKjk^6kGag$KmBo!#lxO3WI&E$oXiaXc5AQGv|`IIZP@HF8hpkzT+t(I1Qu0#Ji5t5 z!?r0bZ>JHyz~jNPJ5`jxo+{a(_+;Van++=L#Bl5fWCQ5#rxqd4c+FLliV0dt`)0tm zA`vt;75;@;kY=RAO5EP`Ol5pszme^^g%|aBce&0)&dL+)c(VEjBfU@Opbdt{`^KRf z>X>kRB`CaGVf&xVCYng4(3`0Crm$A-G0J>}3E z$r5JcvghAiR%=8}8s&3)c;s@$^J@S!f75shK{5taVjpmk_4sb@}mubLpJTGV<>1$ll*g zrKJk@fwSf>w`4c_d4XnQ`GGR`d=k# zI9S{OiX#;S7fNESPC@r0-TNE&b^A`)#?P(GL?|5G2kNn3R9UXczS=SB)D+mo@ISid z0n%0&1jJhJ_UI2XDN$~9sC7w_!_49kW?>0J&9b`BjV^HJAbsJUGLk9W`18k@Xo=)j zNjWS=N$}`Q*i3rS>X8EF6$QZb5l8z+moM8xQ|4>uCzO#y%WRF=QMJWda_aq|l+e16^< z%o{MB8Z`1tehhKw>&5v%*DpbRGv*q+sP(AgoxP%p5co*CIe;hFQO_m7j9_LjjWVO3 zz^wK-R9}*@y92dp1i0iF5T+O};Tb9yfMD9Nw#<#|3%I-Bc_yq~t$(YH^!1}AqR&RX zfp$~hl`Rd92l_8uWsD(H7(eTIpBva^t>t?qo~9Cmuf6N(SHYT_WS`^ifKJ#hm19uD z&&0F{nFC^XAWjv9$G#QOjQ&t#ffEE*?+Ah*dsABaQ(mbUWO1ur58mc!cmYmfJJ+>+ zUX)+|SB2a01?mxy-DE9P{#VM2C|`CGa`9Ao`sxyLO#PuWaMWS(s`Ss9E4fj9m>-&4 z2nY;pFY#VIK9)9%H+C5)ruXmG!|O9xh;D=U z+V!!$dkk$7AXM*dG&NH)+0u@+Nv2+=`W@yoU@Y4%H_laV+^30o`^Vy`Jtwm`nQ;Cm z2iSM;yO%P`Rat@dN%p4dFBJXiL z*}a7(V~;BQQr7{iuk+iA5@zY((s+t{$lKD%#^%81dWrh#jh@hX=HcCIX9f@~n_{e8 zBnuS|`G1eP-a=c#r3LsN5JJ699{{ZFq**DDdOVZ^K8PU@tV;Y()Rc%bx_o#en%i8UKoj}MAqeC7DwL?$xQ&MiuTbCt^y=bkp5m>d`n_w7Z zY|RQE#RJC-=3Zr$n!LW#dVo@Hg5 zi!2l&1~xjGD3B$?9Ak0ao6HvQil_i=#`{s&^`6*Nn;g%r^u9!Da`$oqW!y70j65jD zea}(6@08qy+=%m{#8s&eHoq=>If@dIYlXGSLcgtN zsQgh_2%IbRHeVBw`_az;<1`rDw5Jh8B-4nSefJ;q52J~N^cX4?LnOrE!4RFM|51XM z;X^eX9%(!gNiqm2n+<1L&JaS$bjJ|g->k<*hKVrD`(-9SM9xH5o-WOxwODe#_a8QTAIiGFL#4t2&mP+u=HGuz<-h;ECP6v-2JG%xc^Z+F{69nMPF|(iT|u;~HDDR835a*+DJ5pnkT)yy;PIx5NWr+-+g#TNt8R=iZ6wi=E(eUnDpmwn_IwwrXg z*9zdIUTyMM@Lxg~KEqZ7H)IIjMl9W=w7JreUubXjICKYEde$`KOblKEI-TNDqbXEM{9;Zh5cCV&EwE*_f z!B5z;*4!W~4`?cUydZ8q01b3?GYQxJf<3N-fARor{yr+r*BzmZK8!Rs&Rr zku%re`*?SD9e(yIfgvYux}{~R!PQzE+RdncU0nVd?lVw+UmLgjKAME08(UfZ*zkA3 zeP@IFhRm4tw-f)vt4ZWb67%p7$qHuwTnUgXHd_%Wu%jR)PV7G)c?&Jpu}SKakpC^) z>xhTk4&-Q!vz2fTI6J>x<)BGYU~kPV6?ccBlfUQ{PVZWh)z)-!A&_6_?4$v_$7ZYl zacijBJPZEk3)y57xlH;0w3`3p!l!ipGk@fM0|FD#b}Nw{+}W4!NN0~4TakrK2nj`# zJ>JET*v@|R;)Y*`vscm#n3p^PEr5k1=vI*B;LaBD<>#HkY3KKK03V;EACk>t`1w|F zWCej^2)L03Q|DW+=B@K8%A@c(`@L5*NJ*9a`c-{Dgyuay%A>tG0O|5cdt{B5JCKw4 zKh|}KZrHvZ^lnj9OHA?T%PaHY(cQM=)pNJy3qwkn2w`JDw)O&f zbC{T2ao%pvVjss|%Jvt4?FI@_bYB(YSl`9lp9W%y<3!>xcZU(; z@i=XO#3R*$EeJ8TAUXY=1QFv$;Gp%`!{r0a6Vk^`TRvyQ zna~8NHXw0B80~{8!ET}uS<>oDLc&^#qZ?tXF%bp$Z4pUlJwi_^UH?}5feK*gS}G8r zvznwqr~e)S$|_o%KKo*oIqF}~5g(7-TQUCxurvU@9KH?Eax!7FmCs?hLSa-qC(A!H zegemLG(4CUA74&H)Ic?}0>^vN9!!pA9T$@WEO0WW6SsC-B5AJFTMo;3~41 z2^S*&Z6{r}h(2Gkd6;Bl3YZU4Zadwv#3Q5_u-{aFYBKUzn*++?N?!pb8zj7SNO3l( zA~mv6YhFAT;&B+j58UE;Zg##ty~Crbq7!au9(ue>UloFbr13+YR;Pv`00b0)789KL zC?ouDu|;LUVgpR02mh50O{^ulu?*et{U{Bv8&iGGGVBP+jedCS(uXja8zjE^#>p4M zNoTSK@PjB!LCxwhGaj(Rw*uEPC|cwLqvqc^+OMnT~pBR^jn&2 zurL%-dXPHfyQnKA8hZu51`NIs(}uM36|cAS@_&HVEGgNY$>Y2+>TlvwB9U(1N6kGV+Rs9Q$IGV^p}L?R=rVIPKyD;G%(Ph|%$tI*O;$3s$9MgD=GtTw7ZM z%8&8zXZ4Vb_uIolHKx{tIE|1x&)eZiCr;3qW~qEMI*^!FP# zcz#ALQlPhl;5Wht=Q4}Vut-txcu<9sv#)@~45uBXEmj9Kp&c;4aX<6j;i|o*af5@A zg0%W!VDky;-UB2vamX4*$gK-nW6dBoRwd1B>ry))5D2iduRfy%**z>GqEhWVUy$W- z3*B6JkH~g?d`!&!Nrx7&il#Od6Cq`rfoy*STZqCKL^rBeSl^`dE5H_33!LZp~!>{Z%HSHxZ2t;#uUb8VB4V&20b%z z&4@DQ8JzRKxhEKs?us)}G5qV<2;K>b^#}Faqk1bNUY-e-$6k`QeCu&X}swCiq zSSOHj>%a9^VS&MA>f+-s{Fv7cvoEQIo$(p5a^T(Qy_lz1W06%>*(Lm(_)hiCSCb*8 z1CnPiwv_@zvnkPWsXk%jvipDou#>LvWg%Wj-IPPbM^)VKiRq4RCHHT0L6UvXkm~bs zU_E~R|1m;hELr` z_*P||g@{Q@4gT4`w)@l`aDJV`N$^+&QZ(V=jFgHg#LU4^yMx7zgpssjw=Dt~H-;uj zP2b^l3?*W{Yx6yzciJEw4z3yR{XS^Ughap;mn|I}MIjKx0K51XD3lm(Nk7SL(ISe_ zQU8uM0RIw@CagDd1%q2KzCuu5#fQxeHaE~%h!#8iFq4FltPUT$tk2V%zALy0Q5 zIV4Ye2a5#Tx7AC`^WZCqwLHVy_V<`VH{EI$6l`%tMMh&FumL!RigFA2Kd(wy=~Ij( z+`+;EaUw?7Ac_TzIQJ+D#9qxVK41rHqo@4OV}3clkSQCOXgYBSd`vf6ORPynSff&1 z0zp&R;|agfTd0z5Ilcg^OHT0?60gCR2oIfntGF4ztBV@;*DS)qlmyb55P?zvV@8pn z`Q9%$+6Xj&AYj>-MzBo0q$P%x#%~cOAvTu}-Z6MY#`}b~!zwvbIy&)rh_OHhVaiSz z%a%r;h?0I)*be*uw*gqMB%{|uJIQ|ShDr-#CrsuklOemhU5{>X`WDCfoort5R-Nzt zm(pbtFc*lBM!sxUxs?gVEX}Zc-#jE@yVR2!(eP-}Gc#@VcyqzvR4*VYemvzwX!6Au z|Aqp3Lh9lmbQ6nW)lAgi&p@DP+0WeD%1RZ9xgXg&I-zFP`D2iI~Q&uFy^5Q&YdlsK(C$ z;{>F6WX)T8yLja*1Dos#>#y^qGNK=HRkPD&)CZ~DmP(ULm}o54o~+RG$4@N{m5 zyF&XF9Tvtv|CRRLz6wzcF04`}P9dDQYqCB3KcU#U>$s>8yeOrt82%Dsn}J0o;~89o z>&)2 z0@&aW-qp*cMu)MnZt(k7s?3o2`bcpd_?A+4#7|~XggDoQnPiMqGeyV6r;)9O?Aur) zG7&pen{U};&wQn*pVU~661?iY&^q)GN&N`cPhBY$le7x?aeu%ER&3lPWG6P&8`0Z! zT1|$))*AnOVSe7s%*=5Z6@BxLDvPw}?4ylrvfl1@&nH8tkq8tx8-TKv4nA&z*}m?tUWVioki;bP%udlxt z=(x|KDfHQ*hxF{vLr^i{PZxXvN3%szWMm|))D7qpnD~h{;k^$T0Vgc+oAHTwb|OYn z_Jq{Wpyo7k@xH`ipT0bB+lfii(NV!VoJtYUP}jj2dOrX~I5HRIxTIWX>nc-j8Tca8 z-+%X>({qNQ2a`dB-}wS9y8^=sX7OFsFIFLJsbJMmgB+?vW^%FcA07@4CBj#suX7ZB zmRl&VX2AXhQa@pHh0~^nu#wI7Ghz>Ts82m60wF^u-KOgBF0NF4b?S9@)bx}@yzm?e zqHbI1B-p?}Lxwr_<0gSY2@cftRc1?YeJWeFJ_j4`PoVsgNOf{o&JCQLH~IsW`PQR#ui4UM6BW+Vc5=(RySY)J?hX!1H=p96zr47ZOC^3jHY-`$z|XPzdKJ>i z74t@pmIG-QvnY6%mFukQe~}o(OM7qsv5W<#1M;i8Ewt&xdhEUC0!t*`mW2Jr*iccg z3a4BsVfwsJU)mk{D5_8lyi)R;leMaE>bBQet)_Fcl&YlYuQenlBpl3#^Ntkjj`E+b zoZXr60}C^>`6WgLUo5&=3+1(DKpX@#%+$~lZqFiv2xlG8GDiHPp_tg1s?lx%mfQ$Hk9^XCi_O`Z8$Q%XoRpf{Wv>3Ru*wGB^R#=> z;gNkpy6+|4#)~ymWDU4iU$t(lxCieI-jL3s^wiC&+iF<(Rn^gu;mWUSMkC>xE)Bjz z1f->De0?LeBA!*1W~cL|k%(JttJ}v$FXzsj2Cu_qpVmJ&Waw6)-^nW|kU0FIog)_| zoZ+KS*iw`3#Hm}9aDsQfizK7iKb{_lO&S(BFRu6};C%G*Q&Q#Peevs)ZADsnSbGPM z!WnV!2bjovs7#R@7cLHLKGG|^tE{X>?&&*vx4UH>lt)fj+3C;MW=;ltZZ}1e`Kw;1&7>8w3oY z-QoW*m(_Qqqy3-{%{WlxU_8sFosTmgbgSD1I+y*^Ibrk6UEC&pz9@)h3h=^PgjQqW!CFS%h zL`E<<6n16`4&jzD_Vzx1E&hoMe7Jz044DoH2sqnrGP#|~`l94n>)A?{Pn0?cAFOhI zbh%Nq5gy0Q6Z)v&+j=S;EhVWMvE`Do15Y1Wmbn?5U6m}t|_IyXBV#=Tgj z?~7m(>d})KgD%B7hYIal;K8A;38N2Kf5GQLA2b-4iPwTs@H@lrV%_9-MMwxn`g6Yn z{?K4IS(dfc$hcdw#htjE5xQL3H|lf0+BDSW@PL7i!U=$U1FNerDE z{=Lc;;eLtRv_C;j-kQ-(3$9!wE?G#34Pu*3Ng+p8;A^AcC9aSbfL=4CJA^W)EBA9< zmDD#ZXr93aPS1Jp-U1T~8A47h+?(bTT~lPjy-KOH3=E90k~*j);QVj!I^r?;at_(k z=in@WT?J^1LG|SKY^SpM6OI*UR13n^A|NDPtiI(qIr2DN+xnD(`de(rpL?MGflhRd+p9=6*$w{2hrE zw^a)u#y0$SG3WmsQ%3^JEsknQho#r^x!PT0gvRMHylhnG%FMzt^3h})+#UzGzTse$ zs@9FnE5M1=~f>hND3VueGer4h=fUITeZ7*Y;=Xr6= zNl!4kV&yJE~ImHO#cYKrt9pMqri@se#3ZYBlhGilv_ieF5g zG4Uqt+D>a9Fe=a z5?2LJp`zaVxxaTWVhP+J%DR$&i`$yGn)`OLN!$Pc2nkVnuLV1|Cwz6KH%;g_XETS{ zy`JgzO{+}Rx^Qko6{KEHptH`MTl1X)6aO={4!in0{21{I zffA>4=Ewd*|E}o|!lx0xOB7;rZs{ddANU5p3ySMptrDZy9JUM(_hK;< z9kXWTkbv=EWnlqm=UDZ_v^yfMwS|sSuL{OqajM!S3MO-!YL<+c&auHEkosv#0{Qd5 zq0*?|4cLl-r?xdwCe4&=aVW`Qj_QeBmgulX9IU4|ZXFKvx5JypKQG+GI3HGC=JxlK z6#T0tLtf{eeXc*zMLSY7Ugves@qc{D4OXnF6*wwlV6q=(*bQJ;jw2fBhv=Osm5a{eW6%@H}GM+Wgn+bkv$Xh5=4p9 z*DmX3bVaXe_%Hzzp!k#bv`=&FR0zqKdW`^++$EiHc6_j zCb01ii1IS%@Y>hy1>{d3jgFr_eH=3z{4DEgD$@xmUC;d$yG}dilU`vSSK>1?j&8ee z*F8BshVubu)g6#16*M)N>NWanS;~s+`E0Hp7QSV5RAv9Ry0qlk#e|1G$km6dYlsTtImP}J}fT@_bNQ(_UkHROl(o)-S9Rg;l6^m~w4 zdUvxTN;zT7=e8L4I@w>mokV`FQKJ3o-R9IU9<*+L==t}`ZUsvCdR3f1jWUy-^i0$} zcdx$HW0(B$$H6d0tnX%N`CqzS=ueKKsaP}M(L3^0&w88|74_bDHo7I@&c?uB?%D@Q zFZu8bpxjFobzS_9Px4(WFlm|i`9TMS_3PneqeTykokN{S7C7!aUp%kWE%tQbFT?GR zU)kTQu8;gT$4_qo7>gQ)<(OfCO_hS=D1m09SllQG(Pd&p-K?^z^l z7(AfC4wzj18TCg&2Q7gN+sbMnliMTiDpxW7*2sI!CxBOmmT-r;ducH=K6h=ZW*p-}yLg=RB0LJ`Y%h3v8?V}9 zCH6Lh#N+}ck-!(jlQwx<%6opp($thLN<~ixawV6n*=6}xy^Jod(rSs%xFbJ?KR4s2 zIlug#>{XRSLicoUo@{24h>(=YfW3wPbj)$K%_*xib?0%1D?@(1r8a=ekltbUc2 zf_1Y8cAc9S!PiNiQCc74JV+Bic{u#kZ3xv`zX=mN+Uio}5kKqWw{&f`7u|gMoYeid z`x466bi%$QUpi*p)lPa&794{wFLre{l7H4V;3}WGOP4nl_vppJ)FJtmv%Hh``!+Y7 z2erR`O&?c&yz1_ywI<`<9QqJ-5Zlm^Cr*xevrcEDpY$^e*A$n}Qz~n>jjLbNQBk-X z_UKVOIeSM~WAY(B_Kl}M(d0RXzbBx0)!^B$$9y!_Oh9&O{_}9Wd@1d-^>~R*9#~2cs^#Tps0Zb4^ozAIA4|Ts3eI<>I7nadi;C8J zJ3GUXJ#EHGp5m~uumG)!v87p=eQY%7a{#gcFF~?cDK+?|Qu&wmDY66tVe*=+M=SYN zZ~igfC%Zsr=rB@qmyS&JUeHxE0(KdUddXAZN5UuSjD@Wc5i?OvUhXe?cS{2el#@ld z%&q5Q*p9jesH!l{yR|m~5|K68+tc4_U3LIC9@#=`XDAG4e=&Im_3}g8sZGw*!D?>G8Pdp7Z z=y5?KuNfrjztj`u(nQMuNdyY&@Nnj!I>(ySwY@j?WeYBORClNCJ)%&RLi*&iJ`_+vbsRKns z;`r(|dQCb}4#td$IZj!gqH&qb!OvU^c&IPE)>zE2Z%Eocy8P_B9g6ep!hPZL$xOo_ zw#YEkiw+bst3PdcX0&IAa%aC{DwDPAt@&?skhpU#98eVAl3Uj23Ly-AIm9E<)=+-Y zz20|bd$R4vg{^UW_sXr`^POq#7filicy3y4hq@0OPOyH9IH%l>SLwvcY3Q+4EF#dp ztI~dL+ZtPMug$JrK&o?2otEorRNJUavK@uGjs0spy1J#=J&~Tr^OFWQFr4*YBrySa za`C8B+sKC9C&0A~k7P&~=i1(i?Cff8qPuh)V6pb7b{!@p{pn%`jP#9iefpY9Jyo?|4qZk~W{&HX^ zN&`iq7S=9I`!Iy0sBksu&yJRUHM(t11RhDf!e7=2#-#=kSY|Avcyhkv2u688+!uE3 zZJ22mJDvhH@domHinN&qFSoGe7z~IW{=R8aWMVU2`}s$ki8p}?1bzA=Hz(7V#O(V) zFPd)fs(Pd$^lw68?Cg)JEv)(3dz6W9WbfNn&!L?raJk4uDt@Wg4v6)JzLImhx?+f!%E?cT#4>tUA7?P^r{mJUPv><>rvn z(|^(VLe-r5`UC$V>pM@GiC7Eue}+oLEtfU%?r&vnS*xWyr`?>A341n5N55mpxs@1j zpFl@_5%+|XvaChqvuaW19^Y&9N$&;BBF3|kR6rYP8>un4xD`|;r?FX zmreGbkTNh}apz>S&s;L3Q!oja0XbMO5^H7IF;n#{y6NN_r60D!k*d}A?_}nW3bbzj zheY^d^8UO4;m(^vQGNwV+3Rg{M-JHTIlfXQrN|fQ70Z1ZdAC-@3s$3fzl&eIBOzQ_t6*!II%9tK` z`CxgO6rH#S{-&2S;$|oD>f%C{z2sH>_XFs^c^2QHX^(&h6YVvQ4`_FtS94^%{`i$S8 zSmvjc*Wig$rU)MA=4-!a%B6hfRzS&&y42DW(^l-y6s6+gO4Y;R8pARwepQpe@Qhya zRbA$pcVACKF*|LeqBs*t{Y_^!v^q+!f{NG~BDj9$MErBi$xPoYP^p0JVWAm}Kk!g5n2CtZtSB1H$WQV!M|=juk^* zVsO=nW($r}3-FFNI$N!OI{A2a4Sk8;R6i{#$qPl+|0mp_183pAyiT-q8K(u_MuTS5 zcqb?dAC?$~E=s9^bhu66etEj0N@$Fz!aAw0FaJ`K|^H?=vJr=bQTiq>?h z@LdiqFn0KOL*%yJT|P|oB*SvbgXYtYP#J@IiCN3t+@4;L-E}#u2L}Pq3VqZ&} zNF=otkIBravw5b=8bn#PG*ylUU&pWMEjS5|{~K)(USlO-wXnG?JPI0dFp)>MKj{>I z(Z(9Z$ATZM&e(2OZ$6oj(q`3Le*iBp_fndpvY)IbmP)6EcH_y$@Idb?Qf+bV>L)K+ z8(Cyf2M)PYdn^i~r!+*(-ioh(LYzLD^2q~bCB6mu-<#6lwV6wIs`yk+=bgQEi5!$>%7;g*Ll zTwReTW_W~aQ=q8D7dywZ^EHKdpJqkt@=L#M__Wh+$mxgj=<&unLqOB`(RyViEU{BU ztc@!XE3uYuJaO;w_8UZFpQIZ8i#BLb{$gTp({i8_m%(v!OGlfbMPcK}BD(J^8ojAe zRxiQ!sOD=U;p+|T`bK8tQBmt}0S)sVt$TDCtc9xu9lT>)bD~!m3Bu>jaY+OMG&m3z4YI?w znJ#hO*M#obj1fjMhH#I9sHoUR!Dl8@YTUqtOE?E|evB#~i^4mBsg8 z7FiA#e||EBTMtzRHKhbW*6Wg3H)FFpm^^GLl)Jh&U-oY zJBX$w4W=MpVR(qXf1X7B)U15zB37P;{eCogipi6nz#dD6;QFSKD(e4&4&u33Gfloi zw8zw^>-lrgRQP?dBsAlC8fuVqE{JVzt>c>wfhmQ`2 zVRpaVUKe&{a6j$(6EB*~m`B(0%5X-?l}>zPQl+yLj@DazJ#%fh1qE)c8{~7 zLc>mv;NPF3qCC*CfT0v3xOuh}1mU)8GgjGbUk%wz`0(8W3@ zW>c9l7k5WPv*fl8@CHNL<9Hdb5Ag2m5aUNOo9JQkreBRH<)zT;Tg7g73H)}u^wI;S zA=-bO3dy50tQ`MHuoC}I4VX!Q61-t_iN(AAcf3rTS8Y$RTI?cUwNsA!SB2FK!>-Nx zI~oil)c;?9I{Sp@Gw9>Jj@P(L-B{|M==q7fm!3`Q&AemKueGnqD4)?U&V8hDUoRiy z7pC^T!uvao!XERBAa9+4JOC)*xSOh*$4C7o!sSW z40*i{vR4;Pv}bmO4`QB#;y7Roh1iu)deuc_q^s6kGALi4a)p%RM*B4*#>`~vBeaS5 z;Tp5s3If`=1^68mW`R_A$a$hizn|0_bey&sq1)(OQ~%Q%5kHImbcatYdpQ%go{CC2 zXKECg#Odbi=1PoXG`}W>M4WzfTKB=swz18`U9!}mkPJ=9Rj@}{-F~u2@;2F`Q}MP} zhvp5Acq_-9=bABHn|aE&DU!_ic*7vEZa+fPoGCpU;NPX|wi3=zRORRcnayBY-;>jb z0gpS-M_tqXAsZkW4=R@r+6@}>RA24dAU&p_^ z@N&ck*tPS4DmUt&o@~jYqu5#Mw-?}W}5+=X8>9d)h7k2k0(YbP&c=ibfSKNlj! zLp|vv5Iqu^lU*&krZKs(@tmSkUHo(r(!IHt5nAmWj3eSH7qaqbe!snt zM!?|+prc>{$gE2+^y*ZV)1Lv*NL3E{01hO)24`wJUA?# zA(CEHl+|Jm%1g_E(p!I`>)N<`pTeYO26$Yizc715MMam~Walc*|G5{SJ3QI<2*wb~g@!TOy-jM66p%<0@X%0>fDE zp$zvgY@LhEQ}<71e}MV1YX<3hBst$aY~k64J&OWb=w&fswVKjGE~oGzkRrGE6v(km zN)V1q^x+S4-Ay}GXZrNWJ(P;2SZ{^63lFu;Ea?RRDkYx@$b5>y3ufWALh;uB+<}U# z8rVEUb(USHl%QPq%l+a;;cF_#FgFglL-Ve*fP9Sp+MCbZe!y`;FL$rknrH;qNWK`f_1ema1L{(Ht5oSw==$Ls{=Ig`{fUlFsm|D>5K6jXlL$(pPD&gc|PkqM%@R zc_R9x&1lM0)(bN~HNor{4QZEV3kn(~clvBQf(e{>Q?4F;k}vS4#F9tMxoo4QiK$O3zX zRS2SUI$9s3J+S}{6cpvS&)rZCJZZaQ=v&V4=g)en)4c*O8Nr^kMc7z=yBni2O@Lgh z@cRo6rKrN<-6Zc#v$5bb9J4x0H^bB^cA33lbFHp-d{UQ?zK_FzU880x$za3fttRO8 ztm+?*p(|KIiJTpO6r2O0jE!}4*URmzOOTU%+saCBYCnjdgYxFf^R5eI1GU(daNb6? zBc()+Q~u6C9>hIzo%ElE;rh+h!dOQ6xYs^&)3k;=t{(m~?ySW=OX-tHt@k6m%M-i; zRs;#GzhU#%-(STM?O8;xvg$-!6<6LHg$_1XW|rcwn~sy^Zs-ptU^H0VuBPuP`6sQS z!fM5MvGE7leR=H{`?39(m~khW21y6FK8qgG&he$4l2Y*yr(G{eK`Cs~>rLw8vVHM8 z4rJ&w`pweRqaL7cXTzm)_;o8M$=U#LifMKQ2g;zs;>I>|)nw^2uZ$+1oq*>Q&vA50 zG-}l&Zd<{g1#?aunhI>oju}A$(NZOK(I>Tbp@ie{$bw0nvA8Xl=lcVIaW_3)dDNnF zO(F)x0eOaX`WCfg-h#0c(KSB{3RpmUUf9UC?5@}GQ@mwy5nK{VGal*on*x+2%YWWQ z`d#j4ZQ}OEOR?NbN$nSIBpW+LsP6+i9`34FLC zq|Pu|_nL!`?E6#985iHzFMk!dov^8l-DqgXh{bM(Z(H2OPS3Gaa+R_ajm0GPbpSz6 zQEx%uSDriXWISV}#WlLqFThH}5Y*ejJz)9DX8}bQu5{7e$XqZ{OPxe!WPRB>eF9XW zMF%2VGr)bqzVNE4Y^9x=Xa>I1#_C_hU&}0|=AXlEcE0(bCU)w4nw7d2u6H$HAZjwa z)4WhBJL`cRr=59=i-0d$?C8-gmrmV9I-p9q7zR-}N|Vw@RWA~sD)c^PGk5e?`Q3Pp zRtF1bO}oSb?QRL~;52Ua?F}cM#_|E)ugn80SozB9V|aiWMcR~q?6{3_?%&$*!gR#0 z_zA6y0r>wKj(>4JdmUnuZ|eC<`8bfw_$xzB$6w4S8^Alq6H_4an!o_JO~Bk*{AfJ6Xw~8L5$0tWT6@Zm{lbFG za=@U>wl`zMh7OkqmZfkj)4TC`A3Z-%y0-F$2b-n*$JEL2%nI%Befx?u&+D-{*OhbH;C2>s;8&A5e%lZ{VHD`kleA zYoE&hh`vvyBYQV!C4-)vL$~C4R%f-BHf_Fgq4du5jm+dAf6Do%TRKRd8f<%>%J1QT z&yqm4#+?dt+BA|?r{kic{S?y9t(Ann#C*>aZSYKcCJWfr$GA05YPqk=xu&^YRlcFD z9raz6LZg))?Ctwe522XSvr8^nN0y>AQd1sgA1vtsi@W0Z}llWsKH$-@=C|hNyK|= z$QncPJ#s?%XC9-x%Lga zU>aJ!JbZiU95`D%kNE{;Q@#LAb-~jC?=HH3!_)TAo5Nc2xMr1%d}4N?ZLEn*Rc9;T zMegqSd>^cJS$|_&Ytt4&fP>jXOogPscx^=+eSKC+koow&S3Gsp63QGLAaE4GT?QXa zdE`2-Gwe(4j26|=it)D6?T#`CIZKCXInRo`erze+>|^yw%`oK2^1J{Z;UGck$7mH} z?_Jp`wT#yrw*DV`D@XaRi31%3+IrN5cBtRQ&kh8fWF6dEsSobq$Go9FUeC>C3jKQM z0SCnC{z}hW%XMsz6%?YUiv0ABdr9W+UQAUFWnU8{#(rG{b$cc$dIZgQC4-99n8?o? z7j0Irz$vOh+n!|cxp{V><(3;oJHDqB4QDLI_122A`THIzn1ei*Tgy6%9QSb-hs&PG zp9Np54;v!mtGe7P3L4Y(u9Mn$FBjApYk2tw_fyYP3I*1?wo@sBTPsUlwDLkD?;y}^ zt5ncY(@elZnJk8+FKM;ZzE8>Oh}7}zTO^gxcLkoBX?sPYBvGd)Ssj}c^S2C_ifSri z(m(z<5cGwe_)XDFOu9;2|Lj~N-96m6lXYCAD*I##5SI{a2gRL&(>BZ#|Fd$h;!I3O zxX^l@d7mw`sk6ME$(W%ZMBOPVbkQ8eVdNrp^4|`1eyFQ-3(O_RLnBd^6U}qZR7Uqx zp57vF+Y-9Oj;_N#Z)TDiKx3@gKW(a*88fx02`u4?bevemJfy{wT zR|AKmsGX#vbw}gn)30SX?hB9hvgvO(3-G%eM>ux>CEoBmP9@XpvW*rlD!wSJF#1FO zx3J1|Lz_vR(vcHf#-^azV-rXnjMlonrY%0>D3Bb+Hw5?L;$sX>BO6mLoyC)-LAFf5 zscX;y%AHujbPEo?=(ni(5r=*R0Yas4#}c9Cyt!~f_zu+N9sqO1*pUpzR=;cy&@RvD z#h8tW^;~~Z)y?q1oDdGVDRo5Vt8u3VoBv~IY~wvretE{>d$`z0BJNr2=iqf@MhvO> zUbb!F$)ROz3fcJg@>v#8ycaSv+(S=$auq<#lo@I9V}hFG?H=OVW?)<>J~IrC#oU9< zl>vku<}klZ?>)t`R=7Hh7wN5_+K|b2)PY8nu=j9D?zV9Qrn1S|o30eM)Yga`RNFz7 zUdO^e!uMVTBSi z!0a6LOo^AM1W$A{t+cVEM7^bKZ+Kj#E#^jsI-4C#BW1^@AB0D1o9ayxzux(a0L^bf zW~ZJ*Y&T-Hk$G9}P`Z(7eZ1+FL`PfzMZ$UC1vhLUQB(Aa&zdG*=2UR4d%zm9mW`>R z8(02}+dq@e9)7cW@p&3bW~@y$^k-j9Zu^ZExjb*(=VvNk6&V;;{oCLdMl{{*glH&S zBTF^QkMq({^}GDm<&r>!5AHh|_8%2>(+bPq^(x6Q-lD=t*Scs`CXFknGd|8{)nl8~ zh*EgqoN;^K>rxuGlj62P`bk1V^ zE8LcpH5U#d?#I(^*yp-ZvVlFtsYg5-JPe*$I#TjG$uIm_)6DkHAI8d!7_Evngc1|_ z`DMFOl=I&<=?L3P5wME#K0@wDvT#@`f100zoe&9V<3hbjE^-4F6QAZ2y$8F)~zMeAvW)>}HyG&}1fbE=J&#{VravVX+ zG=+*K6a%-X-;sS__fzcZMGe4my}?krDY;WOO zc;8`ySq^kvayvQm;M$*L)Fp-kCgADcbZY+!R>GwYl3LeIVcRJ|89C0GQMos|0JvG~ zStGv-6all1$*NLs*;}srEe;r5LrLUoI#y|cO~Pz3 zD#7zIc?g7Pzk+ufoxY1BWV0WuNMviM5O;la-DK$p07@g+orjQ`Y;|fv-2Zq(1OOBa zvYHW?)PQ(#TBCxJ*6!VO_xpzdBcHZkKh_HxV@;y$#@oxShu+<^tJlQ!#{qaG0%}0l z!xg`6Kv9@@F6n-UcF%ye>X+-sACWj+Nq;6s(>0#oo3eimT%K+cx!oTI5F1R$^Q|bp zhT5yuwBW?riPc?@<^A+7vgiU4e)ytFFXTfUZhm9%!aCB)ciyT2GaG}`Q|6w_%v9yu ze7?Ki$jqFdtlc+1WxxNaAki_EmB#OU7qXU+d+s)R|A>hjeEoR1bt2NCit*HZVv}Ya znTd)P`ljlEc%gI+UzLR!I)h?DR|RVw=UxSF@!h|S3)42|l=C_~uQ3|IV?eo#xJRKB zTAwR>$iE>x_1Ix@e%zR}>2`hi6~-&!ta{?A#xbhsqGlijOTaXn-sG_<`3$I*}G z%P1lc4ONFt9AgmTG z>|;AdZBIx(h9rO2fHD1vhT|6RLfI8Q(co9G<%8L&I~!#<8p-?FClS3Mtkj;s$J<=S zaRojBZ-x*TKIfCK6(1ZNAoAdl_`iUs2b0HBUkyZ&6D_*exgsDARbe+Y>Agiy=;k0R z9(v1qhi>4c9>YGwVeFGB6FrMV?TK&tXAl6H9>DP^v}kc8!gK}J4lT}nd~x$S0ai-d z9D~p0u5t)m0+}+Ey@W+~*^zpkn+b5^$7)s)c9ERQwA7a#X8&}qz@e?(xU(_wxrg|v zZvZYFgB1{+U{9u)hwfs(7eA+$Ld!EtyoM9qLwIC}XRl3xbGbi*GjlQHQ>tyD3V0jK zv^T-8`vk9%9&Lc{{=-gU_5(TSKM6h<0 zhyb$8xokt#w`x{sgmA7Y+EeN>2t`u}v|s!@s%|-d z^@fUtnHkPG-cROaqCU^i!<}yvKv4d%p3k7%Mm;&VA%A6{Wg3B+cZrEpG2G_E&K~3$ zE);r3c~8c8N~NaBzQZ(Vxu2QVyhdP8adfwgT*11LWWwYea!f#-AbPKT?|4PXDQ6-^ zXSslr`V215+e)qRR=TTw{a!a^qlxwxY3b^3Z@e|!^IKFJ;DzHvQgg7IUOCiWX-h6O z%^ids7lr8%)VqNFQfM*njQDmi%PV~l`MjIyuG*qbW)umZxi^EycPvW_2fA$)8aR&* zG6sqxWb%O8S|KI;PrWkaK2ztt!XzyW ze2d4m9tal*Y2CoA6EMGgyu3Bj)HI&dJzR#H^|FpcfoeeU8*TILHl#o;)SvM>I_`j= zJP{?YTERS|cM8_PcD#j=X^S&8jl1`NYEdZVhGpn)sIjm<8DHOO#Jx7uOQ>mjwK0_|o~~2wsq!JvsX8mS8^zv662uExaX!eCiOIT7VP%;40|L zyz^$xG}nGEmUVsijkF}CHFj2PE_Z}KTSijIj*CL->+Ly9_S6VB*mMBNV<(pf9a*0$~*o(bV6QHkx-e>pdpj%qW+$Hf=0a33c>wd~{+Z0yqon z3t4$52qPx<1JdG!p0L2l4MWwY?Y3j^4wSV^3rhZ`?z8u9lZ?J<81@$)#FqOtmxVa9JT;8V*?FztAT&2* z_xuPfk16#FRSsLx1t&IAmKG4&!-jARpAR90N zjh2dA&$T3$eZ{ZF=q>NqmzYf?Ov%ho1GU627PVJdYNR$b@?fyg?V9^&2amBC2L}bY z>Q+x!*t^AK#2TBS0^SUK!1P%rn|^sqp;q4cL}fdgKelHiK_(C{<6MA)a+!@v>Xgl%a4R$u!)Svc^uQ!5CvHU0n;f?8Z;;n`Fhgl#z{lD1SdWNk7KIW%NYh% zA2%F!`VUCmX<0k}`K0S*3{Y2(MCtb-0Q6ljSV`FN=pH$$pKYbc8faZ~1`*D}6a8~* z-X!Q-%@LLJe)5C@^&Z)I$fb6CG>Ai|E6H>irbgFxZIt11ltq;neMABN*&#?MXdzkD zFQx#>F8%q<-Mtn8#3x>e0ACd@92b5D;0Q5yUD-j@g(i2+)5WDmDlEKB#9UztY0v{S zy_DT+w6Z7l&a+>UcJX-8gk0xS{F{5MHQ-VU=09FP;gc>&tB08yn4H!9nL{9vL->-@ z!be#%;hKz$971zPFrkz}{&Q*E|2l8||2cJMy}(F9?Bwff$PFirzK_jOv&u3)Yt_em z6f4yW5x1Gtov8mAymNIi=9eYv@V$H)T`P7()7kWs)uUN`610W*^M@}}2E_Nda)yL) z(^`)Ik|uQ65J0o1Kj6x@Zm5%1?))=3U2n4sdxA`J+Z~@5)5H*3>jog`Pec(xiPCfa zA_D`19d%UigL|p+BI6`(?mamd8o!b1(#F`IG+!;DM7# zAc@9fF&08vdMi@Wb6$V>2~xj(%`~q+sDe8x5D2dljWT4XBOtge={yF<;}2+_Y7f^4 zAwmXMwjmfMfZ#E=vWouzxwZiIT1d15$un8|`T{f&KfOCm%@$+|f8`<7B&DSZdmdN= zk>}xPb+a+w+0DM^DrzBV(;Cn7xKS-UjeqUTTricviGL&5dHdJ2lf#c+ zWJluVy2~&T!q1td5t#Q7;#A1qGLAujHuFw2D-TCtbAS&BkogKkDBAjfEQAp{+oUvv zu-h35{yk+HGx57PMC@^faEIOjYz~AAa2*3EfuV9iDq(Tb@NkGQWkm0Y<$}#W1Dzd< zQ%;xlpWxL79zH{AU6mkE2cQoB>&UJEs}7Lk5H+Z*PO(0Wd-G%-2em5%=CMFfIma{Z zt~->)+FzdQ*~~&vlNyWh8kDSW#S`ir7TRHU6qbxIp~gORH4i4PV&n;BU%yS9ke0?l zvp!r9&11mAh++rmu1On>Y%4zYISgpZBT9tN0)yCkKcK1bhdUr2J zL5in^?Q#P|oGpzcE&Hav1=YHwXm9q=z%$DLum^VRI1in>nF_z41(-^ZB%-E{451(R z$Hl8qJ|ENN1$h*ivCq%Q%-+Fs1ql6wbMb?`Bn{=K>FmwY9Rk1-$CX?X1CCK6%4ACt7Aso#_iar^nw(=TlYvtKYz_?MGO2 zv{jwz!XrPmcy0$KlVt&Mz!QD6!q#NOZvh_M6uh(OX^+JRcELBk7B8!Rohmk8n{dMD zDljiu01FP#aXvHMSSzGr!>+&a6MG?|vOvZCYUH&C1tsewSp9(4jh*`J&-;Qq@&;%_ z(SgH1PCcv?35|-9Vg$N7yM@o`F6el(Q%~K1&i;0kb4y2U?P;6St!lS{TM2;2ssRu4 z0gi`*5A(^nvf?6e@5I~7x&^?gy`7-*d?NPM?7X2b2JBNWh8^g0-X#uLd{jDh{0h+i z{Aa8B3!aHm;H!>3@_=63YF{ER5zMOv986b?e0s>ff;0Z%M&L;jUfY1%WP$CkeJ+lU z)xMK6x#bFUz6EqeMyl*7Tl@W!1o(8H`hS0btAzy$%GWWoF|0hZI9cKA#I#BM5}YY% zX^*s{ju%XN{x$(vOd0L^(<}M7(wg-hE2wzU2&$Pkef$5P5+_u&mIKesNsGU~3wTEy z@My7)zreM55>_P{tzDwPvp^&I zm#05vosb9|AbR6p&(5E@Qb=^NldbtPo-4wlPA0ED1GhS{{1j#5Fs-zh+hS4%?6xoR zYHs)H12(FF<>Qlv`VW(AY{bRI)o%vP2ewYC^xjqkZA@~#oKhVvpb9LBEFJq(`-uw6 zIzyN9e!zznL2d^NbZS@!zcLJdOe&Gb4lZ%&{4c*gY1ikBhVGRNK;Y@>=d#Wzp$Py# C;2A3b diff --git a/openshift-v3/templates/backup-container-2.0.0/docs/TipsAndTricks.md b/openshift-v3/templates/backup-container-2.0.0/docs/TipsAndTricks.md deleted file mode 100644 index 7b5ed99e0..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/docs/TipsAndTricks.md +++ /dev/null @@ -1,75 +0,0 @@ -# Tips and Tricks - -## Verify Fails with - `error connecting to db server` or simular message - -### Issue - -The postgres and mongo containers used for the backup container have the following (simplified) startup sequence for the database server: -- Start the server to perform initial server and database configuration. -- Shutdown the server. -- Start the server with the created configuration. - -If memory and CPU requests and limits have been set for the container it is possible for this sequence to be slowed down enough that the `pingDbServer` operation will return success during the initial startup and configuration, and the subsequent `restoreDatabase` operation will run while the database server is not running (before it's started the second time). - -### Example Logs - -For a Mongo backup-container the error looks like this: -``` -sh-4.2$ ./backup.sh -s -v all - -Verifying backup ... - -Settings: -- Database: mongo=identity-kit-db-bc/identity_kit_db -- Backup file: /backups/daily/2020-03-06/identity-kit-db-bc-identity_kit_db_2020-03-06_01-00-00.sql.gz - -waiting for server to start.... -Restoring from backup ... -2020-03-06T07:28:31.299-0800 W NETWORK [thread1] Failed to connect to 127.0.0.1:27017, in(checking socket for error after poll), reason: Connection refused -2020-03-06T07:28:31.299-0800 E QUERY [thread1] Error: couldn't connect to server 127.0.0.1:27017, connection attempt failed : -connect@src/mongo/shell/mongo.js:251:13 -@(connect):1:21 -exception: connect failed -Cleaning up ... - -rm: cannot remove '/var/lib/mongodb/data/journal': Directory not empty -[!!ERROR!!] - Backup verification failed: /backups/daily/2020-03-06/identity-kit-db-bc-identity_kit_db_2020-03-06_01-00-00.sql.gz - -The following issues were encountered during backup verification; -Restoring '/backups/daily/2020-03-06/identity-kit-db-bc-identity_kit_db_2020-03-06_01-00-00.sql.gz' to '127.0.0.1/identity_kit_db' ... - -2020-03-06T07:28:30.785-0800 Failed: error connecting to db server: no reachable servers - -Restore failed. - -Elapsed time: 0h:0m:16s - Status Code: 1 -``` - - -### Solution - -Configure the `backup-container` to use best effort resource allocation. **This IS the default for the supplied deployment configuration template**; [backup-deploy.json](../openshift/templates/backup/backup-deploy.json) - -Best effort resource allocation can only be set using a template or by directly editing the DC's yaml file. - -The resources section in the containers template in the resulting DC looks like this: -``` -apiVersion: apps.openshift.io/v1 -kind: DeploymentConfig -... -spec: - ... - template: - ... - spec: - containers: - ... - resources: - limits: - cpu: '0' - memory: '0' - requests: - cpu: '0' - memory: '0' -... -``` \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/README.md b/openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/README.md deleted file mode 100644 index faddd0957..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/README.md +++ /dev/null @@ -1,71 +0,0 @@ -## Setup Backup container -Use backup container release 2.0.0 to run the backup, current folder is backup-container-2.0.0 -1. Request NFS storage as backup space -follow https://github.com/BCDevOps/provision-nfs-apb/blob/master/docs/usage-gui.md to request nfs-backup storage -2. Build patroni-backup image -oc -n tbiwaq-tools process -f ./openshift/templates/backup/backup-build.json \ --p NAME=patroni-backup OUTPUT_IMAGE_TAG=2.0.0 GIT_REF=2.0.0 \ -| oc -n tbiwaq-tools create -f - -3. add to ./config/backup.conf, 9pm run backup, 10pm run verification -patroni-master-prod:5432/zeva -0 21 * * * default ./backup.sh -s -0 22 * * * default ./backup.sh -s -v all -4. create backup-conf configmap -oc -n tbiwaq-dev create configmap backup-conf --from-file=./config/backup.conf -oc -n tbiwaq-prod create configmap backup-conf --from-file=./config/backup.conf -5. mount the NFS storage to httpd pod and create /postgresql-backup, /minio-backup and /rabbitmq-backup -6. create deployment config for backup container -6.1 for dev -BACKUP_VOLUME_NAME is pvc name, don't have to be nfs -oc -n tbiwaq-dev process -f ./templates/backup/backup-deploy.json \ - -p NAME=patroni-backup \ - -p SOURCE_IMAGE_NAME=patroni-backup \ - -p IMAGE_NAMESPACE=tbiwaq-tools \ - -p TAG_NAME=2.0.0 \ - -p DATABASE_SERVICE_NAME=patroni-master-dev-257 \ - -p DATABASE_NAME=zeva \ - -p DATABASE_DEPLOYMENT_NAME=patroni-dev-257 \ - -p DATABASE_USER_KEY_NAME=app-db-username \ - -p DATABASE_PASSWORD_KEY_NAME=app-db-password \ - -p TABLE_SCHEMA=public \ - -p BACKUP_STRATEGY=rolling \ - -p DAILY_BACKUPS=31 \ - -p WEEKLY_BACKUPS=12 \ - -p MONTHLY_BACKUPS=3 \ - -p BACKUP_PERIOD=1d \ - -p BACKUP_VOLUME_NAME=zeva-backup-dev \ - -p VERIFICATION_VOLUME_NAME=backup-verification \ - -p VERIFICATION_VOLUME_SIZE=2G \ - -p VERIFICATION_VOLUME_CLASS=netapp-file-standard \ - -p ENVIRONMENT_FRIENDLY_NAME='ZEVA Database Backup' \ - -p ENVIRONMENT_NAME=zeva-dev \ - -p MINIO_DATA_VOLUME_NAME=zeva-minio-dev-257 | \ - oc create -f - -n tbiwaq-dev -6.2 for production -BACKUP_VOLUME_NAME is the nfs storage name, for example bk-tbiwaq-prod-s9fvzvwddd -oc -n tbiwaq-prod process -f ./backup-deploy.json \ - -p NAME=patroni-backup \ - -p SOURCE_IMAGE_NAME=patroni-backup \ - -p IMAGE_NAMESPACE=tbiwaq-tools \ - -p TAG_NAME=2.0.0 \ - -p DATABASE_SERVICE_NAME=patroni-master-prod \ - -p DATABASE_NAME=zeva \ - -p DATABASE_DEPLOYMENT_NAME=patroni-prod \ - -p DATABASE_USER_KEY_NAME=app-db-username \ - -p DATABASE_PASSWORD_KEY_NAME=app-db-password \ - -p TABLE_SCHEMA=public \ - -p BACKUP_STRATEGY=rolling \ - -p DAILY_BACKUPS=31 \ - -p WEEKLY_BACKUPS=12 \ - -p MONTHLY_BACKUPS=3 \ - -p BACKUP_PERIOD=1d \ - -p BACKUP_VOLUME_NAME=bk****** \ - -p VERIFICATION_VOLUME_NAME=backup-verification \ - -p VERIFICATION_VOLUME_SIZE=2G \ - -p VERIFICATION_VOLUME_CLASS=netapp-file-standard \ - -p ENVIRONMENT_FRIENDLY_NAME='ZEVA Database Backup' \ - -p ENVIRONMENT_NAME=zeva-prod \ - -p MINIO_DATA_VOLUME_NAME=zeva-minio-prod | \ - oc create -f - -n tbiwaq-prod -7. If need to remove, only keeps configmap/backup-conf and the the nfs storage -oc -n tbiwaq-prod delete secret/patroni-backup secret/ftp-secret dc/patroni-backup pvc/backup-verification \ No newline at end of file diff --git a/openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/backup-build.json b/openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/backup-build.json deleted file mode 100644 index 89f4b0552..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/backup-build.json +++ /dev/null @@ -1,102 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "name": "${NAME}-build-template", - "creationTimestamp": null - }, - "objects": [ - { - "kind": "ImageStream", - "apiVersion": "v1", - "metadata": { - "name": "${NAME}" - } - }, - { - "kind": "BuildConfig", - "apiVersion": "v1", - "metadata": { - "name": "${NAME}", - "labels": { - "app": "${NAME}" - } - }, - "spec": { - "triggers": [ - { - "type": "ImageChange" - }, - { - "type": "ConfigChange" - } - ], - "runPolicy": "Serial", - "source": { - "type": "Git", - "git": { - "uri": "${GIT_REPO_URL}", - "ref": "${GIT_REF}" - }, - "contextDir": "${SOURCE_CONTEXT_DIR}" - }, - "strategy": { - "type": "Docker", - "dockerStrategy": { - "dockerfilePath": "${DOCKER_FILE_PATH}" - } - }, - "output": { - "to": { - "kind": "ImageStreamTag", - "name": "${NAME}:${OUTPUT_IMAGE_TAG}" - } - } - } - } - ], - "parameters": [ - { - "name": "NAME", - "displayName": "Name", - "description": "The name assigned to all of the resources. Use 'backup-postgres' for Postgres builds or 'backup-mongo' for MongoDB builds.", - "required": true, - "value": "backup-postgres" - }, - { - "name": "GIT_REPO_URL", - "displayName": "Git Repo URL", - "description": "The URL to your GIT repo.", - "required": true, - "value": "https://github.com/BCDevOps/backup-container.git" - }, - { - "name": "GIT_REF", - "displayName": "Git Reference", - "description": "The git reference or branch.", - "required": true, - "value": "master" - }, - { - "name": "SOURCE_CONTEXT_DIR", - "displayName": "Source Context Directory", - "description": "The source context directory.", - "required": false, - "value": "/docker" - }, - { - "name": "DOCKER_FILE_PATH", - "displayName": "Docker File", - "description": "The path and file of the docker file defining the build. Choose either 'Dockerfile' for Postgres builds or 'Dockerfile_Mongo' for MongoDB builds.", - "required": false, - "value": "Dockerfile" - }, - { - "name": "OUTPUT_IMAGE_TAG", - "displayName": "Output Image Tag", - "description": "The tag given to the built image.", - "required": true, - "value": "latest" - } - ] -} diff --git a/openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/backup-deploy.json b/openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/backup-deploy.json deleted file mode 100644 index 9cfc5ad5b..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/openshift/templates/backup/backup-deploy.json +++ /dev/null @@ -1,545 +0,0 @@ -{ - "kind": "Template", - "apiVersion": "v1", - "metadata": { - "name": "${NAME}-deployment-template" - }, - "objects": [ - { - "kind": "PersistentVolumeClaim", - "apiVersion": "v1", - "metadata": { - "name": "${VERIFICATION_VOLUME_NAME}", - "labels": { - "app": "${NAME}-persistent", - "template": "${NAME}-persistent-template" - } - }, - "spec": { - "storageClassName": "${VERIFICATION_VOLUME_CLASS}", - "accessModes": ["ReadWriteOnce"], - "resources": { - "requests": { - "storage": "${VERIFICATION_VOLUME_SIZE}" - } - } - } - }, - { - "kind": "Secret", - "apiVersion": "v1", - "metadata": { - "name": "${NAME}" - }, - "type": "Opaque", - "stringData": { - "webhook-url": "${WEBHOOK_URL}" - } - }, - { - "kind": "Secret", - "apiVersion": "v1", - "metadata": { - "name": "${FTP_SECRET_KEY}" - }, - "type": "Opaque", - "stringData": { - "ftp-url": "${FTP_URL}", - "ftp-user": "${FTP_USER}", - "ftp-password": "${FTP_PASSWORD}" - } - }, - { - "kind": "DeploymentConfig", - "apiVersion": "v1", - "metadata": { - "name": "${NAME}", - "labels": { - "template": "${NAME}-deployment" - }, - "annotations": { - "description": "Defines how to deploy the ${NAME} server" - } - }, - "spec": { - "strategy": { - "type": "Recreate" - }, - "triggers": [ - { - "type": "ConfigChange" - }, - { - "type": "ImageChange", - "imageChangeParams": { - "automatic": true, - "containerNames": ["${NAME}"], - "from": { - "kind": "ImageStreamTag", - "namespace": "${IMAGE_NAMESPACE}", - "name": "${SOURCE_IMAGE_NAME}:${TAG_NAME}" - } - } - } - ], - "replicas": 1, - "selector": { - "name": "${NAME}" - }, - "template": { - "metadata": { - "name": "${NAME}", - "labels": { - "name": "${NAME}" - } - }, - "spec": { - "volumes": [ - { - "name": "nfs-backup", - "persistentVolumeClaim": { - "claimName": "${BACKUP_VOLUME_NAME}" - } - }, - { - "name": "minio-data", - "persistentVolumeClaim": { - "claimName": "${MINIO_DATA_VOLUME_NAME}" - } - }, - { - "name": "${VERIFICATION_VOLUME_NAME}", - "persistentVolumeClaim": { - "claimName": "${VERIFICATION_VOLUME_NAME}" - } - }, - { - "name": "${NAME}-config-volume", - "configMap": { - "name": "${CONFIG_MAP_NAME}", - "items": [ - { - "key": "${CONFIG_FILE_NAME}", - "path": "${CONFIG_FILE_NAME}" - } - ] - } - } - ], - "containers": [ - { - "name": "${NAME}", - "image": "", - "ports": [], - "env": [ - { - "name": "BACKUP_STRATEGY", - "value": "${BACKUP_STRATEGY}" - }, - { - "name": "BACKUP_DIR", - "value": "${BACKUP_DIR}" - }, - { - "name": "NUM_BACKUPS", - "value": "${NUM_BACKUPS}" - }, - { - "name": "DAILY_BACKUPS", - "value": "${DAILY_BACKUPS}" - }, - { - "name": "WEEKLY_BACKUPS", - "value": "${WEEKLY_BACKUPS}" - }, - { - "name": "MONTHLY_BACKUPS", - "value": "${MONTHLY_BACKUPS}" - }, - { - "name": "BACKUP_PERIOD", - "value": "${BACKUP_PERIOD}" - }, - { - "name": "DATABASE_SERVICE_NAME", - "value": "${DATABASE_SERVICE_NAME}" - }, - { - "name": "DATABASE_NAME", - "value": "${DATABASE_NAME}" - }, - { - "name": "MONGODB_AUTHENTICATION_DATABASE", - "value": "${MONGODB_AUTHENTICATION_DATABASE}" - }, - { - "name": "TABLE_SCHEMA", - "value": "${TABLE_SCHEMA}" - }, - { - "name": "DATABASE_USER", - "valueFrom": { - "secretKeyRef": { - "name": "${DATABASE_DEPLOYMENT_NAME}", - "key": "${DATABASE_USER_KEY_NAME}" - } - } - }, - { - "name": "DATABASE_PASSWORD", - "valueFrom": { - "secretKeyRef": { - "name": "${DATABASE_DEPLOYMENT_NAME}", - "key": "${DATABASE_PASSWORD_KEY_NAME}" - } - } - }, - { - "name": "FTP_URL", - "valueFrom": { - "secretKeyRef": { - "name": "${FTP_SECRET_KEY}", - "key": "ftp-url" - } - } - }, - { - "name": "FTP_USER", - "valueFrom": { - "secretKeyRef": { - "name": "${FTP_SECRET_KEY}", - "key": "ftp-user" - } - } - }, - { - "name": "FTP_PASSWORD", - "valueFrom": { - "secretKeyRef": { - "name": "${FTP_SECRET_KEY}", - "key": "ftp-password" - } - } - }, - { - "name": "WEBHOOK_URL", - "valueFrom": { - "secretKeyRef": { - "name": "${NAME}", - "key": "webhook-url" - } - } - }, - { - "name": "ENVIRONMENT_FRIENDLY_NAME", - "value": "${ENVIRONMENT_FRIENDLY_NAME}" - }, - { - "name": "ENVIRONMENT_NAME", - "value": "${ENVIRONMENT_NAME}" - } - ], - "resources": { - "requests": { - "cpu": "${CPU_REQUEST}", - "memory": "${MEMORY_REQUEST}" - }, - "limits": { - "cpu": "${CPU_LIMIT}", - "memory": "${MEMORY_LIMIT}" - } - }, - "volumeMounts": [ - { - "name": "nfs-backup", - "mountPath": "/backups" - }, - { - "name": "minio-data", - "mountPath": "/minio-data" - }, - { - "name": "${VERIFICATION_VOLUME_NAME}", - "mountPath": "${VERIFICATION_VOLUME_MOUNT_PATH}" - }, - { - "name": "${NAME}-config-volume", - "mountPath": "${CONFIG_MOUNT_PATH}${CONFIG_FILE_NAME}", - "subPath": "${CONFIG_FILE_NAME}" - } - ] - } - ] - } - } - } - } - ], - "parameters": [ - { - "name": "NAME", - "displayName": "Name", - "description": "The name assigned to all of the resources. Use 'backup-postgres' for Postgres deployments or 'backup-mongo' for MongoDB deployments.", - "required": true, - "value": "backup-postgres" - }, - { - "name": "SOURCE_IMAGE_NAME", - "displayName": "Source Image Name", - "description": "The name of the image to use for this resource. Use 'backup-postgres' for Postgres deployments or 'backup-mongo' for MongoDB deployments.", - "required": true, - "value": "backup-postgres" - }, - { - "name": "IMAGE_NAMESPACE", - "displayName": "Image Namespace", - "description": "The namespace of the OpenShift project containing the imagestream for the application.", - "required": true, - "value": "backup-container" - }, - { - "name": "TAG_NAME", - "displayName": "Environment TAG name", - "description": "The TAG name for this environment, e.g., dev, test, prod", - "required": true, - "value": "dev" - }, - { - "name": "DATABASE_SERVICE_NAME", - "displayName": "Database Service Name", - "description": "Used for backward compatibility only. Not needed when using the recommended 'backup.conf' configuration. The name of the database service.", - "required": false, - "value": "" - }, - { - "name": "DATABASE_NAME", - "displayName": "Database Name", - "description": "Used for backward compatibility only. Not needed when using the recommended 'backup.conf' configuration. The name of the database.", - "required": false, - "value": "" - }, - { - "name": "MONGODB_AUTHENTICATION_DATABASE", - "displayName": "MongoDB Authentication Database", - "description": "This is only required if you are backing up mongo database with a separate authentication database.", - "required": false, - "value": "" - }, - { - "name": "DATABASE_DEPLOYMENT_NAME", - "displayName": "Database Deployment Name", - "description": "The name associated to the database deployment resources. In particular, this is used to wire up the credentials associated to the database.", - "required": true, - "value": "postgresql" - }, - { - "name": "DATABASE_USER_KEY_NAME", - "displayName": "Database User Key Name", - "description": "The datbase user key name stoed in database deployment resources specified by DATABASE_DEPLOYMENT_NAME.", - "required": true, - "value": "database-user" - }, - { - "name": "DATABASE_PASSWORD_KEY_NAME", - "displayName": "Database Password Key Name", - "description": "The database password key name stored in database deployment resources specified by DATABASE_DEPLOYMENT_NAME.", - "required": true, - "value": "database-password" - }, - { - "name": "TABLE_SCHEMA", - "displayName": "Table Schema", - "description": "The table schema for your database. Used for Postgres backups.", - "required": true, - "value": "public" - }, - { - "name": "BACKUP_STRATEGY", - "displayName": "Backup Strategy", - "description": "The strategy to use for backups; for example daily, or rolling.", - "required": true, - "value": "rolling" - }, - { - "name": "FTP_SECRET_KEY", - "displayName": "FTP Secret Key", - "description": "The FTP secret key is used to wire up the credentials associated to the FTP.", - "required": false, - "value": "ftp-secret" - }, - { - "name": "FTP_URL", - "displayName": "FTP Server URL", - "description": "The URL of the backup FTP server", - "required": false, - "value": "" - }, - { - "name": "FTP_USER", - "displayName": "FTP user name", - "description": "FTP user name", - "required": false, - "value": "" - }, - { - "name": "FTP_PASSWORD", - "displayName": "FTP password", - "description": "FTP password", - "required": false, - "value": "" - }, - { - "name": "WEBHOOK_URL", - "displayName": "Webhook URL", - "description": "The URL of the webhook to use for notifications. If not specified, the webhook integration feature is disabled.", - "required": false, - "value": "" - }, - { - "name": "ENVIRONMENT_FRIENDLY_NAME", - "displayName": "Friendly Environment Name", - "description": "The human readable name of the environment. This variable is used by the webhook integration to identify the environment in which the backup notifications originate.", - "required": false, - "value": "" - }, - { - "name": "ENVIRONMENT_NAME", - "displayName": "Environment Name (Environment Id)", - "description": "The name or Id of the environment. This variable is used by the webhook integration to identify the environment in which the backup notifications originate.", - "required": false, - "value": "" - }, - { - "name": "BACKUP_DIR", - "displayName": "The root backup directory", - "description": "The name of the root backup directory.", - "required": true, - "value": "/backups/patroni-backup/" - }, - { - "name": "NUM_BACKUPS", - "displayName": "The number of backup files to be retained", - "description": "Used for backward compatibility only. Ignored when using the recommended `rolling` backup strategy. The number of backup files to be retained. Used for the `daily` backup strategy.", - "required": false, - "value": "" - }, - { - "name": "DAILY_BACKUPS", - "displayName": "Number of Daily Backups to Retain", - "description": "The number of daily backup files to be retained. Used for the `rolling` backup strategy.", - "required": false, - "value": "" - }, - { - "name": "WEEKLY_BACKUPS", - "displayName": "Number of Weekly Backups to Retain", - "description": "The number of weekly backup files to be retained. Used for the `rolling` backup strategy.", - "required": false, - "value": "" - }, - { - "name": "MONTHLY_BACKUPS", - "displayName": "Number of Monthly Backups to Retain", - "description": "The number of monthly backup files to be retained. Used for the `rolling` backup strategy.", - "required": false, - "value": "" - }, - { - "name": "BACKUP_PERIOD", - "displayName": "Period (d,m,s) between backups in a format used by the sleep command", - "description": "Used for backward compatibility only. Ignored when using the recommended `backup.conf` and cron backup strategy. Period (d,m,s) between backups in a format used by the sleep command", - "required": false, - "value": "" - }, - { - "name": "CONFIG_FILE_NAME", - "displayName": "Config File Name", - "description": "The name of the configuration file.", - "required": true, - "value": "backup.conf" - }, - { - "name": "CONFIG_MAP_NAME", - "displayName": "Config Map Name", - "description": "The name of the configuration map.", - "required": true, - "value": "backup-conf" - }, - { - "name": "CONFIG_MOUNT_PATH", - "displayName": "Config Mount Path", - "description": "The path to use to mount the config file.", - "required": true, - "value": "/" - }, - { - "name": "BACKUP_VOLUME_NAME", - "displayName": "Backup Volume Name", - "description": "The name of the persistent volume used to store the backups. Please note, when using the recommended nfs-backup storage class the name of the pvc MUST be taken from the manually provisioned claim; nfs-backup storage MUST be provisioned manually.", - "required": true, - "value": "backup" - }, - { - "name": "VERIFICATION_VOLUME_NAME", - "displayName": "Verification Volume Name", - "description": "The name for the verification volume, used for restoring and verifying backups. When using the recommend nfs-backup storage class for backups, this volume MUST be either netapp-file-standard or netapp-block-standard storage; netapp-block-standard is recommended (it has far better performance).", - "required": false, - "value": "backup-verification" - }, - { - "name": "VERIFICATION_VOLUME_SIZE", - "displayName": "Backup Volume Size", - "description": "The size of the persistent volume used for restoring and verifying backups, e.g. 512Mi, 1Gi, 2Gi. Ensure this is sized correctly. It should be large enough to contain your largest database.", - "required": true, - "value": "1Gi" - }, - { - "name": "VERIFICATION_VOLUME_CLASS", - "displayName": "Backup Volume Class", - "description": "The class of the persistent volume used for restoring and verifying backups; should be one of netapp-block-standard or netapp-file-standard. netapp-block-standard performs better.", - "required": true, - "value": "netapp-file-standard" - }, - { - "name": "VERIFICATION_VOLUME_MOUNT_PATH", - "displayName": "Verification Volume Mount Path", - "description": "The path on which to mount the verification volume. This is used by the database server to contain the database configuration and data files. For Mongo, please use /var/lib/mongodb/data", - "required": true, - "value": "/var/lib/pgsql/data" - }, - { - "name": "CPU_REQUEST", - "displayName": "Resources CPU Request", - "description": "The resources CPU request (in cores) for this build.", - "required": true, - "value": "100m" - }, - { - "name": "CPU_LIMIT", - "displayName": "Resources CPU Limit", - "description": "The resources CPU limit (in cores) for this build.", - "required": true, - "value": "150m" - }, - { - "name": "MEMORY_REQUEST", - "displayName": "Resources Memory Request", - "description": "The resources Memory request (in Mi, Gi, etc) for this build.", - "required": true, - "value": "100M" - }, - { - "name": "MEMORY_LIMIT", - "displayName": "Resources Memory Limit", - "description": "The resources Memory limit (in Mi, Gi, etc) for this build.", - "required": true, - "value": "150M" - }, - { - "name": "MINIO_DATA_VOLUME_NAME", - "displayName": "Minio data pvc name", - "description": "Minio data pvc name.", - "required": true - } - ] -} diff --git a/openshift-v3/templates/backup-container-2.0.0/scripts/rocket.chat.integration.js b/openshift-v3/templates/backup-container-2.0.0/scripts/rocket.chat.integration.js deleted file mode 100644 index a7668278c..000000000 --- a/openshift-v3/templates/backup-container-2.0.0/scripts/rocket.chat.integration.js +++ /dev/null @@ -1,50 +0,0 @@ -class Script { - /** - * @params {object} request - */ - process_incoming_request({ request }) { - let data = request.content; - let attachmentColor = `#36A64F`; - let statusMsg = `Status`; - let isError = data.statusCode === `ERROR`; - if (isError) { - statusMsg = `Error`; - attachmentColor = `#A63636`; - } - - let friendlyProjectName=``; - if(data.projectFriendlyName) { - friendlyProjectName = data.projectFriendlyName - } - - let projectName=``; - if (data.projectName) { - projectName = data.projectName - if(!friendlyProjectName) { - friendlyProjectName = projectName - } - } - - if(projectName) { - statusMsg += ` message received from [${friendlyProjectName}](https://console.pathfinder.gov.bc.ca:8443/console/project/${projectName}/overview):`; - } else { - statusMsg += ` message received:`; - } - - if (isError) { - statusMsg = `**${statusMsg}**`; - } - - return { - content:{ - text: statusMsg, - attachments: [ - { - text: `${data.message}`, - color: attachmentColor - } - ] - } - }; - } -} \ No newline at end of file diff --git a/openshift-v3/templates/config/README.md b/openshift-v3/templates/config/README.md deleted file mode 100644 index 19a04b8c0..000000000 --- a/openshift-v3/templates/config/README.md +++ /dev/null @@ -1,10 +0,0 @@ -### Files inlcuded -configmap.yaml: the central configuration - -### Before triggering pipeline - -oc -n tbiwaq-tools create secret docker-registry zeva-image-pull-secret \ - --docker-server=registry.redhat.io \ - --docker-username=\ - --docker-password= \ - --docker-email= diff --git a/openshift-v3/templates/config/configmap.yaml b/openshift-v3/templates/config/configmap.yaml deleted file mode 100644 index 28d778349..000000000 --- a/openshift-v3/templates/config/configmap.yaml +++ /dev/null @@ -1,86 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: zeva-configs -parameters: - - name: NAME - displayName: null - description: 'the module name entered when run yo bcdk:pipeline, which is zeva' - value: zeva - required: true - - name: SUFFIX - displayName: null - description: sample is -dev-97 - value: '' - required: true - - name: ENV_NAME - value: dev - displayName: Environment name - description: 'Environment name, dev, test and prod' - required: true - - name: HOST_NAME - displayName: Host name for route - description: Host name for route - required: true - - name: BACKEND_HOST_NAME - displayName: The backend host name - description: 'The backend host name' - required: true - - name: SSO_NAME - displayName: SSO Name - description: values include dev.oidc.gov.bc.ca, test.oidc.gov.bc.ca and oidc.gov.bc.ca - required: true - - name: KEYCLOAK_REALM - value: rzh2zkjq - displayName: keycload realm name - description: keycload realm name, value is rzh2zkjq - required: true - - name: DJANGO_DEBUG - value: 'False' - displayName: django debug value - description: django debug value - required: true - - name: OCP_NAME - displayName: Openshift Cluster Name - description: Openshift Cluster Name - required: true - - name: LOGOUT_HOST - displayName: the logout host - description: the logout host - required: true -objects: - - apiVersion: v1 - kind: ConfigMap - metadata: - creationTimestamp: null - name: ${NAME}-config${SUFFIX} - data: - apibase: https://${BACKEND_HOST_NAME}/api/ - database_engine: postgresql - database_name: zeva - database_service_name: patroni-master${SUFFIX} - django_debug: ${DJANGO_DEBUG} - email_from_address: donotreply@gov.bc.ca - email_sending_enabled: 'False' - env_name: ${ENV_NAME} - keycloak_audience: zeva - keycloak_authority: https://${SSO_NAME}/auth/realms/${KEYCLOAK_REALM} - keycloak_certs_url: https://${SSO_NAME}/auth/realms/${KEYCLOAK_REALM}/protocol/openid-connect/certs - keycloak_client_id: zeva - keycloak_issuer: https://${SSO_NAME}/auth/realms/${KEYCLOAK_REALM} - keycloak_logout_redirect_url: https://${LOGOUT_HOST}/clp-cgi/logoff.cgi?returl=https://${HOST_NAME}&retnow=1 - keycloak_realm_name: ${KEYCLOAK_REALM} - keycloak_realm_url: https://${SSO_NAME}/auth/realms/${KEYCLOAK_REALM} - keycloak_realm: https://${SSO_NAME}/auth/realms/${KEYCLOAK_REALM} - keycloak_sa_baseurl: https://${SSO_NAME} - keycloak_sa_client_id: zeva-django-sa - keycloak_sa_realm: ${KEYCLOAK_REALM} - keycloak_url: https://${SSO_NAME}/auth - minio_endpoint: zeva-minio-${ENV_NAME}.${OCP_NAME}.gov.bc.ca - postgresql_service_host: patroni-master${SUFFIX}.tbiwaq-${ENV_NAME}.svc.cluster.local - postgresql_service_port: '5432' - rabbitmq_enabled: 'False' - rabbitmq_host: ${NAME}${SUFFIX}-rabbitmq-cluster.tbiwaq-${ENV_NAME}.svc.cluster.local - rabbitmq_port: '5672' - rabbitmq_vhost: /zeva diff --git a/openshift-v3/templates/frontend/README.md b/openshift-v3/templates/frontend/README.md deleted file mode 100644 index 6bea7c275..000000000 --- a/openshift-v3/templates/frontend/README.md +++ /dev/null @@ -1,16 +0,0 @@ -### Files included - - * frontend-bc.yaml frontend build config - * frontend-dc.yaml frontend deployment config - * frontend-configmap.yaml it is mounted to frontend pod - * frontend-autoscaler.yaml create backend frontend, it is not in pipeline and needs to run independently - -### Before triggering pipeline - -1. Create base image for frontend - * oc tag registry.redhat.io/rhel8/nodejs-12:1-45 tbiwaq-tools/nodejs:12-1-45 - -### After pipeline completes - -1. Create autoscaler for frontend - * oc process -f ./frontend-autoscaler.yaml NAME=zeva SUFFIX= MIN_REPLICAS=2 MAX_REPLICA=5 | oc create -f - -n [namespace] diff --git a/openshift-v3/templates/frontend/frontend-autoscaler.yaml b/openshift-v3/templates/frontend/frontend-autoscaler.yaml deleted file mode 100644 index 1415082fd..000000000 --- a/openshift-v3/templates/frontend/frontend-autoscaler.yaml +++ /dev/null @@ -1,36 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: frontend-autoscaler -parameters: - - name: NAME - displayName: - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true - - name: SUFFIX - displayName: - description: - required: true - - name: MIN_REPLICAS - displayName: - description: - required: true - - name: MAX_REPLICAS - displayName: - description: - required: true -objects: - - apiVersion: autoscaling/v1 - kind: HorizontalPodAutoscaler - metadata: - name: ${NAME}-frontend${SUFFIX}-autoscaler - spec: - scaleTargetRef: - apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - name: ${NAME}-frontend${SUFFIX} - subresource: scale - minReplicas: ${{MIN_REPLICAS}} - maxReplicas: ${{MAX_REPLICAS}} - targetCPUUtilizationPercentage: 80 \ No newline at end of file diff --git a/openshift-v3/templates/frontend/frontend-bc.yaml b/openshift-v3/templates/frontend/frontend-bc.yaml deleted file mode 100644 index f5580eeb5..000000000 --- a/openshift-v3/templates/frontend/frontend-bc.yaml +++ /dev/null @@ -1,82 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: frontend -parameters: - - name: NAME - displayName: - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true - - name: SUFFIX - displayName: - description: sample is -pr-0 - required: true - - name: VERSION - displayName: - description: image tag name for output - required: true - - name: GIT_URL - displayName: - description: zeva repo - required: true - - name: GIT_REF - displayName: - description: zeva branch name of the pr - required: true -objects: -- apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the client / front end image - labels: - shared: "true" - creationTimestamp: null - generation: 643 - name: ${NAME}-frontend - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" -- apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - creationTimestamp: null - name: ${NAME}-frontend${SUFFIX} - spec: - failedBuildsHistoryLimit: 5 - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: ${NAME}-frontend:${VERSION} - postCommit: {} - resources: - limits: - cpu: 2000m - memory: 2G - requests: - cpu: 500m - memory: 200M - runPolicy: Serial - source: - git: - ref: ${GIT_REF} - uri: ${GIT_URL} - type: Git - contextDir: frontend - strategy: - sourceStrategy: - from: - kind: ImageStreamTag - name: nodejs:12-1-45 - namespace: tbiwaq-tools - pullSecret: - name: zeva-image-pull-secret - type: Source - successfulBuildsHistoryLimit: 5 - triggers: [] - status: - lastVersion: 0 diff --git a/openshift-v3/templates/frontend/frontend-configmap.yaml b/openshift-v3/templates/frontend/frontend-configmap.yaml deleted file mode 100644 index 576f6a08b..000000000 --- a/openshift-v3/templates/frontend/frontend-configmap.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: zeva-frontend-configs -parameters: - - name: NAME - displayName: null - description: 'the module name entered when run yo bcdk:pipeline, which is zeva' - value: zeva - required: true - - name: SUFFIX - displayName: null - description: sample is -dev-97 - value: '' - required: true - - name: CREDIT_TRANSFER_ENABLED - displayName: null - description: enable credittransfer or not - value: 'false' - required: true -objects: - - apiVersion: v1 - kind: ConfigMap - metadata: - creationTimestamp: null - name: ${NAME}-frontend-config${SUFFIX} - data: - features.js: | - window.zeva_config = { - 'credit_transfers.enabled': ${CREDIT_TRANSFER_ENABLED}, - 'credit_transactions.enabled': true, - 'initiative_agreements.enabled': false, - 'model_year_report.enabled': false, - 'purchase_requests.enabled': false, - 'roles.enabled': false - }; \ No newline at end of file diff --git a/openshift-v3/templates/frontend/frontend-dc.yaml b/openshift-v3/templates/frontend/frontend-dc.yaml deleted file mode 100644 index 6afe51494..000000000 --- a/openshift-v3/templates/frontend/frontend-dc.yaml +++ /dev/null @@ -1,285 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: frontend-dc -parameters: - - name: NAME - displayName: - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true - - name: SUFFIX - displayName: - description: sample is -pr-0 - required: true - - name: VERSION - displayName: - description: image tag name for output - required: true - - name: ENV_NAME - value: dev - displayName: Environment name - description: Environment name, dev, test and prod - required: true - - name: HOST_NAME - displayName: Host name for route - description: Host name for route - required: true - - name: CPU_REQUEST - displayName: Requested CPU - description: Requested CPU - required: true - - name: CPU_LIMIT - displayName: CPU upper limit - description: CPU upper limit - required: true - - name: MEMORY_REQUEST - displayName: Requested memory - description: Requested memory - required: true - - name: MEMORY_LIMIT - displayName: Memory upper limit - description: Memory upper limit - required: true - - name: REPLICAS - value: '1' - required: true -objects: - - apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the client / front end image - labels: - shared: "true" - creationTimestamp: null - name: ${NAME}-frontend - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" - - apiVersion: v1 - kind: Service - metadata: - creationTimestamp: null - name: ${NAME}-frontend${SUFFIX} - labels: - name: frontend - app: zeva - role: frontend - env: ${ENV_NAME} - spec: - ports: - - name: web - port: 3000 - protocol: TCP - targetPort: 3000 - - name: websocket-notifications - port: 5002 - protocol: TCP - targetPort: 5002 - selector: - name: ${NAME}-frontend${SUFFIX} - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} - - apiVersion: route.openshift.io/v1 - kind: Route - metadata: - creationTimestamp: null - annotations: - haproxy.router.openshift.io/balance: source - haproxy.router.openshift.io/timeout: 1200s - labels: - name: frontend - app: zeva - role: frontend - env: ${ENV_NAME} - name: ${NAME}-sockjs-node${SUFFIX} - spec: - host: ${HOST_NAME} - path: /sockjs-node - port: - targetPort: web - tls: - insecureEdgeTerminationPolicy: Redirect - termination: edge - to: - kind: Service - name: ${NAME}-frontend${SUFFIX} - weight: 100 - wildcardPolicy: None - - apiVersion: route.openshift.io/v1 - kind: Route - metadata: - creationTimestamp: null - labels: - name: frontend - app: zeva - role: frontend - env: ${ENV_NAME} - name: ${NAME}-frontend${SUFFIX} - spec: - host: ${HOST_NAME} - port: - targetPort: web - tls: - insecureEdgeTerminationPolicy: Redirect - termination: edge - to: - kind: Service - name: ${NAME}-frontend${SUFFIX} - weight: 100 - wildcardPolicy: None - - apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - metadata: - name: ${NAME}-frontend${SUFFIX} - labels: - app: zeva - role: frontend - env: ${ENV_NAME} - annotations: - description: Defines how to deploy the frontend application - creationTimestamp: null - spec: - replicas: ${{REPLICAS}} - revisionHistoryLimit: 10 - selector: - name: ${NAME}-frontend${SUFFIX} - strategy: - activeDeadlineSeconds: 21600 - recreateParams: - timeoutSeconds: 600 - resources: {} - type: Recreate - template: - metadata: - creationTimestamp: null - labels: - name: ${NAME}-frontend${SUFFIX} - spec: - containers: - - env: - - name: KEYCLOAK_CERTS_URL - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_certs_url - - name: KEYCLOAK_REALM - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_realm - - name: KEYCLOAK_AUTHORITY - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_authority - - name: KEYCLOAK_ISSUER - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_issuer - - name: KEYCLOAK_URL - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_url - - name: KEYCLOAK_AUDIENCE - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_audience - - name: KEYCLOAK_CLIENT_ID - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_client_id - - name: KEYCLOAK_REALM_NAME - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_realm_name - - name: RABBITMQ_ENABLED - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: rabbitmq_enabled - - name: APIBASE - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: apibase - - name: KEYCLOAK_LOGOUT_REDIRECT_URL - valueFrom: - configMapKeyRef: - name: ${NAME}-config${SUFFIX} - key: keycloak_logout_redirect_url - image: - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 10 - initialDelaySeconds: 50 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 3000 - timeoutSeconds: 3 - name: frontend - ports: - - containerPort: 3000 - protocol: TCP - - containerPort: 5002 - protocol: TCP - readinessProbe: - failureThreshold: 10 - initialDelaySeconds: 40 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 3000 - timeoutSeconds: 3 - resources: - limits: - cpu: ${CPU_LIMIT} - memory: ${MEMORY_LIMIT} - requests: - cpu: ${CPU_REQUEST} - memory: ${MEMORY_REQUEST} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /opt/app-root/src/src/app/config - name: ${NAME}-frontend-config${SUFFIX} - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - - configMap: - defaultMode: 444 - name: ${NAME}-frontend-config${SUFFIX} - name: ${NAME}-frontend-config${SUFFIX} - test: false - triggers: - - imageChangeParams: - automatic: true - containerNames: - - frontend - from: - kind: ImageStreamTag - name: ${NAME}-frontend:${VERSION} - lastTriggeredImage: - type: ImageChange - - type: ConfigChange - status: - availableReplicas: 0 - latestVersion: 0 - observedGeneration: 0 - replicas: 0 - unavailableReplicas: 0 - updatedReplicas: 0 diff --git a/openshift-v3/templates/jenkins/README.md b/openshift-v3/templates/jenkins/README.md deleted file mode 100644 index 6fd686dd9..000000000 --- a/openshift-v3/templates/jenkins/README.md +++ /dev/null @@ -1,13 +0,0 @@ -### Build Jenkins base image - -* Create the base image used by jenkins-bc.yaml -oc tag registry.access.redhat.com/rhel7-atomic:7.7-371 tbiwaq-tools/rhel7-atomic:7.7-371 - -* Build Jenkins base image to tools project -oc process -f openshift/templates/jenkins/jenkins-bc.yaml | oc apply -f - -n tbiwaq-tools --dry-run=true -Note: the base image is stored at tbiwaq-tools/bcgov-jenkins-basic:v2-20200303, update .jenkins/.pipeline/lib/build.js to use this image - -* Create template.jenkins-github and template.jenkins-slave-user under tools project -oc process -f .jenkins/openshift/deplpy-prereq.yaml GH_USERNAME=*** GH_ACCESS_TOKEN=*** -Note: the value of GH_ACCESS_TOKEN can go to github developer settings -> Personal access tokens to find "Used by Jenkins which setup for PR based Pipeline" - diff --git a/openshift-v3/templates/jenkins/jenkins-bc.yaml b/openshift-v3/templates/jenkins/jenkins-bc.yaml deleted file mode 100644 index da7a42ff6..000000000 --- a/openshift-v3/templates/jenkins/jenkins-bc.yaml +++ /dev/null @@ -1,61 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: "true" -objects: -- apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: base image for jenkins - labels: - shared: "true" - creationTimestamp: null - generation: 0 - name: bcgov-jenkins-basic - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" -- apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - creationTimestamp: null - name: bcgov-jenkins-basic - spec: - failedBuildsHistoryLimit: 2 - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: bcgov-jenkins-basic:v2-20200303 - postCommit: {} - resources: - limits: - cpu: "2" - memory: 6Gi - requests: - cpu: "1" - memory: 2Gi - runPolicy: SerialLatestOnly - source: - contextDir: cicd/jenkins-basic/docker - git: - ref: master - uri: https://github.com/BCDevOps/openshift-components.git - type: Git - strategy: - dockerStrategy: - from: - kind: ImageStreamTag - name: rhel7-atomic:7.7-371 - type: Docker - successfulBuildsHistoryLimit: 5 - triggers: - - imageChange: {} - type: ImageChange - - type: ConfigChange - status: - lastVersion: 0 diff --git a/openshift-v3/templates/keycloak/README.md b/openshift-v3/templates/keycloak/README.md deleted file mode 100644 index 323b89657..000000000 --- a/openshift-v3/templates/keycloak/README.md +++ /dev/null @@ -1,9 +0,0 @@ -### Files included -* keycloak-secret.yaml includes keycloak secrets - -### Create Secret keycloak-secret.yaml in tools, dev, test and prod env. The value for tools and dev should be same -oc process -f config/keycloak-secret.yaml KEYCLOAK_SA_CLIENT_SECRET=[Clients->sa client->Client Authenticator] \ -clientId=[sa client] clientSecret=[same value of KEYCLOAK_SA_CLIENT_SECRET] \ -zevaPublic=[public client] realmId=[realmId] ssoHost=[sso host name] \ -| oc create -f - -n tbiwaq-xxx --dry-run=true -Notes: in keycload, there are two clients: once is sa client, the other one is public client \ No newline at end of file diff --git a/openshift-v3/templates/keycloak/keycloak-secret.yaml b/openshift-v3/templates/keycloak/keycloak-secret.yaml deleted file mode 100644 index c1185a9ae..000000000 --- a/openshift-v3/templates/keycloak/keycloak-secret.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: zeva-keycloak-secret -parameters: - - name: KEYCLOAK_SA_CLIENT_SECRET - description: teh secret for private client - required: true - - name: clientId - description: - required: true - - name: clientSecret - description: - required: true - - name: zevaPublic - description: the key in the pubic client url, is not the client id - required: true - - name: realmId - description: - required: true - - name: host - description: host is sso host name, such as sso-dev.[ocp name].gov.bc.ca,sso-test.[ocp name].gov.bc.ca and sso.[ocp name].gov.bc.ca - required: true -objects: - - apiVersion: v1 - kind: Secret - metadata: - name: zeva-keycloak - labels: {} - stringData: - KEYCLOAK_SA_CLIENT_SECRET: "${KEYCLOAK_SA_CLIENT_SECRET}" - clientId: "${clientId}" - clientSecret: "${clientSecret}" - zevaPublic: "${zevaPublic}" - realmId: "${realmId}" - host: "${host}" diff --git a/openshift-v3/templates/maintenance/Caddyfile b/openshift-v3/templates/maintenance/Caddyfile deleted file mode 100644 index 0ee736993..000000000 --- a/openshift-v3/templates/maintenance/Caddyfile +++ /dev/null @@ -1,18 +0,0 @@ -0.0.0.0:2015 - -root /var/www/html - -log stdout - -errors stdout - -rewrite / { - regexp .* - to /maintenance.html -} - -header / { - Cache-Control "no-cache, no-store, must-revalidate" - Pragma "no-cache" - Expires "0" -} \ No newline at end of file diff --git a/openshift-v3/templates/maintenance/maintenance.html b/openshift-v3/templates/maintenance/maintenance.html deleted file mode 100644 index 8eb44c342..000000000 --- a/openshift-v3/templates/maintenance/maintenance.html +++ /dev/null @@ -1,18 +0,0 @@ - -Site Maintenance - - -
    -

    We’ll be back soon!

    -
    -

    Sorry for the inconvenience. We're migrating our system to a new platform and should be back shortly.

    -

    — Zero-Emission Vehicles Reporting System

    -
    -
    \ No newline at end of file diff --git a/openshift-v3/templates/maintenance/openshift/maintenance-bc.yaml b/openshift-v3/templates/maintenance/openshift/maintenance-bc.yaml deleted file mode 100644 index dbe7e00e5..000000000 --- a/openshift-v3/templates/maintenance/openshift/maintenance-bc.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: maintenance-page -objects: -- apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the redirect image - labels: - shared: "true" - creationTimestamp: null - generation: 643 - name: maintenance-page - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" -- apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - creationTimestamp: null - labels: - app: maintenance-page - name: maintenance-page - spec: - failedBuildsHistoryLimit: 5 - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: maintenance-page:latest - postCommit: {} - resources: {} - runPolicy: SerialLatestOnly - source: - contextDir: openshift-v3/templates/maintenance - git: - ref: master - uri: https://github.com/bcgov/zeva.git - type: Git - strategy: - sourceStrategy: - from: - kind: ImageStreamTag - name: bcgov-s2i-caddy:latest - namespace: openshift - type: Source - successfulBuildsHistoryLimit: 5 - triggers: - - type: ConfigChange - - imageChange: {} - type: ImageChange - status: - lastVersion: 0 diff --git a/openshift-v3/templates/maintenance/openshift/maintenance-dc.yaml b/openshift-v3/templates/maintenance/openshift/maintenance-dc.yaml deleted file mode 100644 index 4ae4d8057..000000000 --- a/openshift-v3/templates/maintenance/openshift/maintenance-dc.yaml +++ /dev/null @@ -1,100 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: maintenance-page -objects: -- apiVersion: v1 - kind: Service - metadata: - creationTimestamp: null - labels: - app: maintenance-page - name: maintenance-page - spec: - ports: - - name: 2015-tcp - port: 2015 - protocol: TCP - targetPort: 2015 - selector: - app: maintenance-page - deploymentconfig: maintenance-page - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - metadata: - creationTimestamp: null - generation: 47 - labels: - app: maintenance-page - name: maintenance-page - spec: - replicas: 1 - revisionHistoryLimit: 10 - selector: - app: maintenance-page - deploymentconfig: maintenance-page - strategy: - activeDeadlineSeconds: 21600 - resources: {} - rollingParams: - intervalSeconds: 1 - maxSurge: 25% - maxUnavailable: 25% - timeoutSeconds: 600 - updatePeriodSeconds: 1 - type: Rolling - template: - metadata: - annotations: - openshift.io/generated-by: OpenShiftNewApp - creationTimestamp: null - labels: - app: maintenance-page - deploymentconfig: maintenance-page - spec: - containers: - - image: - imagePullPolicy: Always - name: maintenance-page - ports: - - containerPort: 2015 - protocol: TCP - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 50m - memory: 128Mi - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - test: false - triggers: - - type: ConfigChange - - imageChangeParams: - automatic: true - containerNames: - - maintenance-page - from: - kind: ImageStreamTag - name: maintenance-page:latest - namespace: tbiwaq-tools - lastTriggeredImage: - type: ImageChange - status: - availableReplicas: 0 - latestVersion: 0 - observedGeneration: 0 - replicas: 0 - unavailableReplicas: 0 - updatedReplicas: 0 diff --git a/openshift-v3/templates/minio/README.md b/openshift-v3/templates/minio/README.md deleted file mode 100644 index b886cdbb3..000000000 --- a/openshift-v3/templates/minio/README.md +++ /dev/null @@ -1,22 +0,0 @@ -### Files included - -* minio-bc.yaml minio build config -* minio-dc.yaml minio deployment config -* minio-secret.yaml create template.minio-secret, it is NOT being used as minio creation is not part of pipeline anymore - -### One minio instance serve all PRs on Dev - -oc process -f ./minio-dc.yaml \ -NAME=zeva SUFFIX=-dev OCP_NAME=pathfinder\ -| oc create -f - -n tbiwaq-dev - -#### Test and Prod Minio setup - -oc process -f ./minio-dc.yaml \ -NAME=zeva SUFFIX=-test OCP_NAME=pathfinder \ -| oc create -f - -n tbiwaq-test - - -oc process -f ./minio-dc.yaml \ -NAME=zeva SUFFIX=-prod OCP_NAME=pathfinder\ -| oc create -f - -n tbiwaq-prod \ No newline at end of file diff --git a/openshift-v3/templates/minio/docker/Dockerfile b/openshift-v3/templates/minio/docker/Dockerfile deleted file mode 100644 index 41585e607..000000000 --- a/openshift-v3/templates/minio/docker/Dockerfile +++ /dev/null @@ -1,33 +0,0 @@ -FROM registry.access.redhat.com/rhel7/rhel - -RUN useradd -d /opt/minio -g root minio - -WORKDIR /opt/minio - -ADD entrypoint.sh . - -RUN curl -o minio https://dl.minio.io/server/minio/release/linux-amd64/minio && \ - curl -o mc https://dl.minio.io/client/mc/release/linux-amd64/mc && \ - chmod +x minio && \ - chmod +x mc && \ - mkdir config && \ - mkdir data && \ - mkdir s3 && \ - mkdir s3/config && \ - mkdir s3/data && \ - chown minio:root -R . && chmod 777 -R . - -USER minio - -ENV MINIO_ACCESS_KEY="demoaccesskey" -ENV MINIO_SECRET_KEY="mysecret" -ENV MINIO_BIN=/opt/minio/minio -ENV MINIO_DATA_DIR=/opt/minio/s3/data -ENV MINIO_CONFIG_DIR=/opt/minio/s3/config - -VOLUME $MINIO_CONFIG_DIR -VOLUME $MINIO_DATA_DIR - -EXPOSE 9000 - -ENTRYPOINT [ "./entrypoint.sh" ] diff --git a/openshift-v3/templates/minio/docker/entrypoint.sh b/openshift-v3/templates/minio/docker/entrypoint.sh deleted file mode 100755 index 86717f150..000000000 --- a/openshift-v3/templates/minio/docker/entrypoint.sh +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash - -${MINIO_BIN} server --config-dir=${MINIO_CONFIG_DIR} $@ ${MINIO_DATA_DIR} diff --git a/openshift-v3/templates/minio/minio-bc.yaml b/openshift-v3/templates/minio/minio-bc.yaml deleted file mode 100644 index 9197db568..000000000 --- a/openshift-v3/templates/minio/minio-bc.yaml +++ /dev/null @@ -1,64 +0,0 @@ ---- -kind: Template -apiVersion: v1 -metadata: - creationTimestamp: null - name: minio -parameters: - - name: GIT_URL - displayName: Zeva Git Repo URL - description: The URL to your GIT repo - required: true - value: https://github.com/bcgov/zeva.git - - name: GIT_REF - displayName: Git Reference - description: The git reference or branch. - required: true - value: master -objects: - - kind: ImageStream - apiVersion: v1 - metadata: - name: minio - creationTimestamp: - labels: - shared: 'true' - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: '' - - apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - creationTimestamp: null - name: minio - spec: - failedBuildsHistoryLimit: 5 - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: minio:latest - postCommit: {} - resources: {} - runPolicy: Serial - source: - contextDir: openshift/templates/minio/docker - git: - ref: ${GIT_REF} - uri: ${GIT_URL} - type: Git - strategy: - dockerStrategy: - from: - kind: ImageStreamTag - name: rhel7:7.7-481 - type: Docker - successfulBuildsHistoryLimit: 5 - triggers: - - imageChange: {} - type: ImageChange - - type: ConfigChange - status: - lastVersion: 0 diff --git a/openshift-v3/templates/minio/minio-dc.yaml b/openshift-v3/templates/minio/minio-dc.yaml deleted file mode 100644 index a2446f288..000000000 --- a/openshift-v3/templates/minio/minio-dc.yaml +++ /dev/null @@ -1,227 +0,0 @@ ---- -kind: Template -apiVersion: v1 -metadata: - name: minio - annotations: - description: Minio with persistent storage. By BC Gov. - openshift.io/display-name: BC Gov Minio -parameters: - - name: NAME - value: zeva - required: true - - name: SUFFIX - displayName: - description: sample is -pr-0 - required: true - - name: ENV_NAME - value: dev - required: true - - name: PVC_SIZE - displayName: Volume Capacity - description: Volume space available to Minio server for files, e.g. 512Mi, 2Gi. - value: 5G - required: true - - name: CPU_REQUEST - displayName: Requested CPU - description: Requested CPU - required: true - value: '100m' - - name: CPU_LIMIT - displayName: CPU upper limit - description: CPU upper limit - required: true - value: '200m' - - name: MEMORY_REQUEST - displayName: Requested memory - description: Requested memory - required: true - value: '200M' - - name: MEMORY_LIMIT - displayName: Memory upper limit - description: Memory upper limit - required: true - value: '500M' - - name: MINIO_ACCESS_KEY - description: Minio access key - from: "[a-zA-Z0-9]{8}" - generate: expression - required: true - - name: MINIO_SECRET_KEY - description: Minio secret key - from: "[a-zA-Z0-9]{16}" - generate: expression - required: true - - name: OCP_NAME - displayName: Openshift Name - description: Openshift Name - required: true -Objects: - - apiVersion: v1 - kind: Secret - metadata: - name: ${NAME}-minio${SUFFIX} - stringData: - MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY} - MINIO_SECRET_KEY: ${MINIO_SECRET_KEY} - - kind: PersistentVolumeClaim - apiVersion: v1 - metadata: - name: ${NAME}-minio${SUFFIX} - annotations: - volume.beta.kubernetes.io/storage-class: netapp-file-standard - template.openshift.io.bcgov/create: 'true' - spec: - accessModes: - - ReadWriteMany - resources: - requests: - storage: ${PVC_SIZE} - status: {} - - kind: Service - apiVersion: v1 - metadata: - name: ${NAME}-minio${SUFFIX} - creationTimestamp: - labels: - name: minio - app: zeva - role: minio - env: ${ENV_NAME} - spec: - ports: - - name: 9000-tcp - protocol: TCP - port: 9000 - targetPort: 9000 - selector: - deploymentconfig: ${NAME}-minio${SUFFIX} - type: ClusterIP - sessionAffinity: None - status: - loadBalancer: {} - - apiVersion: route.openshift.io/v1 - kind: Route - metadata: - creationTimestamp: null - labels: - app: zeva - role: minio - env: ${ENV_NAME} - name: ${NAME}-minio${SUFFIX} - spec: - host: ${NAME}-minio${SUFFIX}.${OCP_NAME}.gov.bc.ca - port: - targetPort: 9000-tcp - tls: - insecureEdgeTerminationPolicy: Redirect - termination: edge - to: - kind: Service - name: ${NAME}-minio${SUFFIX} - weight: 100 - wildcardPolicy: None - - kind: DeploymentConfig - apiVersion: v1 - metadata: - name: ${NAME}-minio${SUFFIX} - labels: - name: minio - app: zeva - role: minio - env: ${ENV_NAME} - spec: - strategy: - type: Recreate - resources: {} - activeDeadlineSeconds: 21600 - triggers: - - type: ConfigChange - - type: ImageChange - imageChangeParams: - automatic: true - containerNames: - - minio - from: - kind: ImageStreamTag - namespace: tbiwaq-tools - name: minio:20200309 - replicas: 1 - test: false - selector: - app: ${NAME}-minio${SUFFIX} - template: - metadata: - creationTimestamp: - labels: - app: ${NAME}-minio${SUFFIX} - spec: - volumes: - - name: minio-data - persistentVolumeClaim: - claimName: ${NAME}-minio${SUFFIX} - containers: - - name: minio - image: - ports: - - containerPort: 9000 - protocol: TCP - env: - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: ${NAME}-minio${SUFFIX} - key: MINIO_ACCESS_KEY - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: ${NAME}-minio${SUFFIX} - key: MINIO_SECRET_KEY - - name: MINIO_CONFIG_DIR - value: "/tmp" - - name: MINIO_DATA_DIR - value: "/data" - resources: - limits: - cpu: '${CPU_LIMIT}' - memory: '${MEMORY_LIMIT}' - requests: - cpu: '${CPU_REQUEST}' - memory: '${MEMORY_REQUEST}' - volumeMounts: - - name: minio-data - mountPath: /data - livenessProbe: - failureThreshold: 3 - initialDelaySeconds: 35 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 9000 - timeoutSeconds: 3 - readinessProbe: - exec: - command: - - /bin/sh - - '-c' - - mkdir -p /data/zeva - failureThreshold: 3 - initialDelaySeconds: 25 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 5 - terminationMessagePath: "/dev/termination-log" - terminationMessagePolicy: File - imagePullPolicy: Always - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler - status: - latestVersion: 0 - observedGeneration: 0 - replicas: 0 - updatedReplicas: 0 - availableReplicas: 0 - unavailableReplicas: 0 diff --git a/openshift-v3/templates/minio/minio-secret.yaml b/openshift-v3/templates/minio/minio-secret.yaml deleted file mode 100644 index bae505b28..000000000 --- a/openshift-v3/templates/minio/minio-secret.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: template.minio-secret -parameters: - - name: MINIO_ACCESS_KEY - description: Minio access key - from: "[a-zA-Z0-9]{8}" - generate: expression - required: true - - name: MINIO_SECRET_KEY - description: Minio secret key - from: "[a-zA-Z0-9]{16}" - generate: expression - required: true -objects: - - apiVersion: v1 - kind: Secret - metadata: - name: template.minio-secret - labels: {} - stringData: - MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY} - MINIO_SECRET_KEY: ${MINIO_SECRET_KEY} diff --git a/openshift-v3/templates/nagios/.kube/.empty b/openshift-v3/templates/nagios/.kube/.empty deleted file mode 100644 index e69de29bb..000000000 diff --git a/openshift-v3/templates/nagios/Dockerfile b/openshift-v3/templates/nagios/Dockerfile deleted file mode 100644 index 322b6b935..000000000 --- a/openshift-v3/templates/nagios/Dockerfile +++ /dev/null @@ -1,49 +0,0 @@ -FROM docker-registry.default.svc:5000/tbiwaq-tools/nagios-base:latest -EXPOSE 8080 -RUN mkdir /var/run/apache2-supervisord \ - && chown -R nagios.nagios /var/run/apache2-supervisord \ - && mkdir /var/run/supervisord \ - && chown -R nagios.nagios /var/run/supervisord \ - && mkdir /docroot \ - && chown -R nagios.nagios /docroot -WORKDIR / -ADD docroot /docroot -ADD apache2 /etc/apache2 -ADD supervisord /etc -# remove the default configuration -RUN rm -fr /etc/nagios3 \ - && mkdir /etc/nagios3 -ADD nagios3 /etc/nagios3 -RUN chown -R nagios.nagios /etc/nagios3 -ARG NAGIOS_USER -ARG NAGIOS_PASSWORD -ARG ENV_NAME -RUN /etc/nagios3/cleanup-cfg.sh $ENV_NAME -RUN echo $NAGIOS_USER \ - && htpasswd -bc /etc/nagios3/htpasswd.users $NAGIOS_USER $NAGIOS_PASSWORD -ADD .kube /var/lib/nagios/.kube -RUN chown -R nagios.nagios /var/lib/nagios/.kube \ - && chgrp -R root /var/log/supervisor \ - && chmod -R g+w /var/log/supervisor \ - && chgrp -R root /var/log/apache2 \ - && chmod -R g+w /var/log/apache2 \ - && chgrp -R root /run/supervisord \ - && chmod -R g+w /run/supervisord \ - && chgrp -R root /run/apache2 \ - && chmod -R g+w /run/apache2 \ - && chgrp -R root /run/apache2-supervisord \ - && chmod -R g+w /run/apache2-supervisord \ - && chgrp -R root /run/nagios3 \ - && chmod -R g+w /run/nagios3 \ - && chgrp -R root /etc/nagios3 \ - && chmod -R g+w /etc/nagios3 \ - && chgrp -R root /var/cache/nagios3 \ - && chmod -R g+w /var/cache/nagios3 \ - && chgrp -R root /var/lib/nagios3 \ - && chmod -R g+w /var/lib/nagios3 \ - && chgrp -R root /var/log/nagios3 \ - && chmod -R g+w /var/log/nagios3 \ - && mkdir /.kube \ - && chgrp -R root /.kube \ - && chmod -R g+w /.kube -CMD supervisord \ No newline at end of file diff --git a/openshift-v3/templates/nagios/Dockerfile-base b/openshift-v3/templates/nagios/Dockerfile-base deleted file mode 100644 index b060570eb..000000000 --- a/openshift-v3/templates/nagios/Dockerfile-base +++ /dev/null @@ -1,11 +0,0 @@ -FROM debian:jessie -ENV DEBIAN_FRONTEND=noninteractive -RUN apt-get update && apt-get install nagios3 monitoring-plugins-standard monitoring-plugins-basic supervisor vim net-tools curl git jq exim4 tzdata check-postgres python3 python3-pip libpq-dev nano -y -RUN ln -fs /usr/share/zoneinfo/Canada/Pacific /etc/localtime \ - && dpkg-reconfigure --frontend noninteractive tzdata -RUN pip3 install "pika==0.12.0" && \ - pip3 install minio requests psycopg2 -RUN curl --silent -L -o /tmp/oc.tgz https://github.com/openshift/origin/releases/download/v3.11.0/openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit.tar.gz -WORKDIR /tmp -RUN tar xzf oc.tgz -RUN cp openshift-origin-client-tools-v3.11.0-0cbc58b-linux-64bit/oc /bin diff --git a/openshift-v3/templates/nagios/README.md b/openshift-v3/templates/nagios/README.md deleted file mode 100644 index 169360802..000000000 --- a/openshift-v3/templates/nagios/README.md +++ /dev/null @@ -1,24 +0,0 @@ -### Files included - -* nagios-base-bc.yaml nagios base image build config -* nagios-bc.yaml nagios image build config -* nagios-dc.yaml nagios deployment config -* nagios-secret.yaml create nagios-secret - -### Build and deploy nagios - -1. Create nagios secret -oc process -f ./nagios-secret.yaml | oc create -f - -n [tools namespace] - -2. Build nagios base image -oc create imagestream nagios-base -n [tools namespace] -oc process -f ./nagios-base-bc.yaml | oc create -f - -n [tools namespace] - -3. Build nagios image -oc process -f ./nagios-bc.yaml | oc create -f - -n [tools namespace] - -4. Deploy nagios -oc process -f ./nagios-dc.yaml NAME=zeva \ -ENV_NAME=prod \ -NAGIOS_PVC_SIZE=2G \ - | oc create -f - -n [environment namespace] \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/apache2.conf b/openshift-v3/templates/nagios/apache2/apache2.conf deleted file mode 100644 index dfadcd760..000000000 --- a/openshift-v3/templates/nagios/apache2/apache2.conf +++ /dev/null @@ -1,52 +0,0 @@ -ServerName localhost -Listen 8080 -PidFile /var/run/apache2-supervisord/httpd.pid -#LockFile /var/lock/accept.lock - -HostnameLookups Off - -LogLevel info -ErrorLog "|/bin/cat" -LogFormat "%h %l %u %t \"%r\" %>s %b" common -CustomLog "|/bin/cat" common - -IncludeOptional mods-enabled/*.load -IncludeOptional mods-enabled/*.conf - -AccessFileName .htaccess - - Require all denied - - -DocumentRoot "/docroot" - - AllowOverride all - Order allow,deny - Allow from all - - -ScriptAlias /cgi-bin/nagios3 /usr/lib/cgi-bin/nagios3 -ScriptAlias /nagios3/cgi-bin /usr/lib/cgi-bin/nagios3 -Alias /nagios3/stylesheets /etc/nagios3/stylesheets -Alias /nagios3 /usr/share/nagios3/htdocs - - - Options FollowSymLinks - - DirectoryIndex index.php index.html - - AllowOverride AuthConfig - - Require all denied - - AuthName "Nagios Access" - AuthType Basic - AuthUserFile /etc/nagios3/htpasswd.users - require valid-user - - - - Options +ExecCGI - - - diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/access_compat.load b/openshift-v3/templates/nagios/apache2/mods-enabled/access_compat.load deleted file mode 120000 index 4ac4eadcf..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/access_compat.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/access_compat.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/alias.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/alias.conf deleted file mode 120000 index f616ae25c..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/alias.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/alias.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/alias.load b/openshift-v3/templates/nagios/apache2/mods-enabled/alias.load deleted file mode 120000 index 13a943a7d..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/alias.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/alias.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/auth_basic.load b/openshift-v3/templates/nagios/apache2/mods-enabled/auth_basic.load deleted file mode 120000 index 28c1eae68..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/auth_basic.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/auth_basic.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/authn_core.load b/openshift-v3/templates/nagios/apache2/mods-enabled/authn_core.load deleted file mode 120000 index 6ae9e0d4d..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/authn_core.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/authn_core.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/authn_file.load b/openshift-v3/templates/nagios/apache2/mods-enabled/authn_file.load deleted file mode 120000 index ab54e91c5..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/authn_file.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/authn_file.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/authz_core.load b/openshift-v3/templates/nagios/apache2/mods-enabled/authz_core.load deleted file mode 120000 index ccfcf1ed1..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/authz_core.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/authz_core.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/authz_host.load b/openshift-v3/templates/nagios/apache2/mods-enabled/authz_host.load deleted file mode 120000 index badc2681a..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/authz_host.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/authz_host.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/authz_user.load b/openshift-v3/templates/nagios/apache2/mods-enabled/authz_user.load deleted file mode 120000 index 59914f21f..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/authz_user.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/authz_user.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/autoindex.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/autoindex.conf deleted file mode 120000 index de8c1bb56..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/autoindex.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/autoindex.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/autoindex.load b/openshift-v3/templates/nagios/apache2/mods-enabled/autoindex.load deleted file mode 120000 index 8fae29ae5..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/autoindex.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/autoindex.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/cgi.load b/openshift-v3/templates/nagios/apache2/mods-enabled/cgi.load deleted file mode 120000 index ff02a575c..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/cgi.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/cgi.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/deflate.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/deflate.conf deleted file mode 120000 index 84a592f13..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/deflate.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/deflate.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/deflate.load b/openshift-v3/templates/nagios/apache2/mods-enabled/deflate.load deleted file mode 120000 index f73768e93..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/deflate.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/deflate.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/dir.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/dir.conf deleted file mode 120000 index c220eba06..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/dir.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/dir.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/dir.load b/openshift-v3/templates/nagios/apache2/mods-enabled/dir.load deleted file mode 120000 index 84a580ba6..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/dir.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/dir.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/env.load b/openshift-v3/templates/nagios/apache2/mods-enabled/env.load deleted file mode 120000 index ef8552691..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/env.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/env.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/filter.load b/openshift-v3/templates/nagios/apache2/mods-enabled/filter.load deleted file mode 120000 index 07ee625f9..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/filter.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/filter.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/mime.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/mime.conf deleted file mode 120000 index 1df438b64..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/mime.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/mime.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/mime.load b/openshift-v3/templates/nagios/apache2/mods-enabled/mime.load deleted file mode 120000 index c2c01f792..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/mime.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/mime.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/mpm_prefork.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/mpm_prefork.conf deleted file mode 120000 index 85c1baa06..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/mpm_prefork.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/mpm_prefork.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/mpm_prefork.load b/openshift-v3/templates/nagios/apache2/mods-enabled/mpm_prefork.load deleted file mode 120000 index f61ace372..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/mpm_prefork.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/mpm_prefork.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/negotiation.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/negotiation.conf deleted file mode 120000 index d7f730dd9..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/negotiation.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/negotiation.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/negotiation.load b/openshift-v3/templates/nagios/apache2/mods-enabled/negotiation.load deleted file mode 120000 index c40e742fe..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/negotiation.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/negotiation.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/php5.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/php5.conf deleted file mode 120000 index ce1dd2e15..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/php5.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/php5.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/php5.load b/openshift-v3/templates/nagios/apache2/mods-enabled/php5.load deleted file mode 120000 index dae39ceb4..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/php5.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/php5.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/reqtimeout.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/reqtimeout.conf deleted file mode 120000 index 093b41d88..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/reqtimeout.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/reqtimeout.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/reqtimeout.load b/openshift-v3/templates/nagios/apache2/mods-enabled/reqtimeout.load deleted file mode 120000 index 979fab9f8..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/reqtimeout.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/reqtimeout.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/setenvif.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/setenvif.conf deleted file mode 120000 index a57c9a8db..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/setenvif.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/setenvif.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/setenvif.load b/openshift-v3/templates/nagios/apache2/mods-enabled/setenvif.load deleted file mode 120000 index 6d36106e3..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/setenvif.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/setenvif.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/status.conf b/openshift-v3/templates/nagios/apache2/mods-enabled/status.conf deleted file mode 120000 index bd3a2f160..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/status.conf +++ /dev/null @@ -1 +0,0 @@ -../mods-available/status.conf \ No newline at end of file diff --git a/openshift-v3/templates/nagios/apache2/mods-enabled/status.load b/openshift-v3/templates/nagios/apache2/mods-enabled/status.load deleted file mode 120000 index ee67fbbb6..000000000 --- a/openshift-v3/templates/nagios/apache2/mods-enabled/status.load +++ /dev/null @@ -1 +0,0 @@ -../mods-available/status.load \ No newline at end of file diff --git a/openshift-v3/templates/nagios/docroot/emptyFile.txt b/openshift-v3/templates/nagios/docroot/emptyFile.txt deleted file mode 100644 index e69de29bb..000000000 diff --git a/openshift-v3/templates/nagios/nagios-base-bc.yaml b/openshift-v3/templates/nagios/nagios-base-bc.yaml deleted file mode 100644 index bc5d13a88..000000000 --- a/openshift-v3/templates/nagios/nagios-base-bc.yaml +++ /dev/null @@ -1,38 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: nagios-base-bc -objects: -- apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - creationTimestamp: null - name: nagios-base - spec: - failedBuildsHistoryLimit: 5 - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: nagios-base:latest - namespace: tbiwaq-tools - postCommit: {} - resources: {} - runPolicy: Serial - source: - contextDir: openshift/templates/nagios - git: - ref: master - uri: https://github.com/bcgov/zeva.git - type: Git - strategy: - dockerStrategy: - dockerfilePath: Dockerfile-base - forcePull: true - noCache: true - type: Docker - successfulBuildsHistoryLimit: 5 - triggers: [] - status: - lastVersion: 0 diff --git a/openshift-v3/templates/nagios/nagios-bc.yaml b/openshift-v3/templates/nagios/nagios-bc.yaml deleted file mode 100644 index 624f7b297..000000000 --- a/openshift-v3/templates/nagios/nagios-bc.yaml +++ /dev/null @@ -1,65 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: nagios-bc -parameters: - - name: ENV_NAME - description: test or prod - value: test - required: true -objects: -- apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the nagios image - creationTimestamp: null - name: nagios - spec: - lookupPolicy: - local: false -- apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - creationTimestamp: null - name: nagios - spec: - failedBuildsHistoryLimit: 5 - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: nagios:latest - namespace: tbiwaq-${ENV_NAME} - postCommit: {} - resources: {} - runPolicy: Serial - source: - contextDir: openshift/templates/nagios - git: - ref: nagios - uri: https://github.com/bcgov/zeva.git - type: Git - strategy: - dockerStrategy: - env: - - name: NAGIOS_USER - valueFrom: - secretKeyRef: - key: NAGIOS_USER - name: nagios-secret - - name: NAGIOS_PASSWORD - valueFrom: - secretKeyRef: - key: NAGIOS_PASSWORD - name: nagios-secret - - name: ENV_NAME - value: ${ENV_NAME} - forcePull: true - noCache: true - type: Docker - successfulBuildsHistoryLimit: 5 - triggers: [] - status: - lastVersion: 0 diff --git a/openshift-v3/templates/nagios/nagios-dc.yaml b/openshift-v3/templates/nagios/nagios-dc.yaml deleted file mode 100644 index 327991f4b..000000000 --- a/openshift-v3/templates/nagios/nagios-dc.yaml +++ /dev/null @@ -1,271 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: nagios-dc -parameters: - - name: NAME - value: zeva - required: true - - name: ENV_NAME - displayName: env name - description: 'dev, test and prod' - required: true - - name: NAGIOS_PVC_SIZE - displayName: nagios pvc size - description: nagios pvc size - required: true - - name: CPU_REQUEST - value: 50m - displayName: Requested CPU - description: Requested CPU - required: true - - name: CPU_LIMIT - value: 200m - displayName: CPU upper limit - description: CPU upper limit - required: true - - name: MEMORY_REQUEST - value: 50M - displayName: Requested memory - description: Requested memory - required: true - - name: MEMORY_LIMIT - value: 200M - displayName: Memory upper limit - description: Memory upper limit - required: true - - name: OCP_NAME - displayName: Openshift Name - description: Openshift Name - required: true -objects: -- apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: nagios - annotations: - volume.beta.kubernetes.io/storage-class: netapp-file-standard - template.openshift.io.bcgov/create: 'true' - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: ${NAGIOS_PVC_SIZE} -- kind: ServiceAccount - apiVersion: v1 - metadata: - name: nagios - creationTimestamp: - labels: - app: nagios - annotations: - serviceaccounts.openshift.io/oauth-redirectreference.nagios: '{"kind":"OAuthRedirectReference","apiVersion":"v1","reference":{"kind":"Route","name":"nagios"}}' -- apiVersion: v1 - kind: Service - metadata: - annotations: - openshift.io/generated-by: OpenShiftWebConsole - creationTimestamp: null - labels: - app: nagios - name: nagios - spec: - ports: - - name: 8080-tcp - port: 8080 - protocol: TCP - targetPort: 8080 - selector: - deploymentconfig: nagios - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: route.openshift.io/v1 - kind: Route - metadata: - annotations: - openshift.io/host.generated: "true" - creationTimestamp: null - labels: - app: nagios - name: nagios - spec: - host: nagios-${NAME}-${ENV_NAME}.${OCP_NAME}.gov.bc.ca - path: / - port: - targetPort: 8080-tcp - tls: - insecureEdgeTerminationPolicy: Redirect - termination: edge - to: - kind: Service - name: nagios - weight: 100 - wildcardPolicy: None -- apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - metadata: - annotations: - openshift.io/generated-by: OpenShiftWebConsole - creationTimestamp: null - generation: 25 - labels: - app: nagios - name: nagios - spec: - replicas: 1 - revisionHistoryLimit: 10 - selector: - app: nagios - deploymentconfig: nagios - strategy: - activeDeadlineSeconds: 21600 - recreateParams: - timeoutSeconds: 600 - type: Recreate - template: - metadata: - annotations: - openshift.io/generated-by: OpenShiftWebConsole - creationTimestamp: null - labels: - app: nagios - deploymentconfig: nagios - spec: - containers: - - env: - - name: AMQP_HOST - valueFrom: - configMapKeyRef: - name: ${NAME}-config-${ENV_NAME} - key: rabbitmq_host - - name: AMQP_PORT - valueFrom: - configMapKeyRef: - name: ${NAME}-config-${ENV_NAME} - key: rabbitmq_port - - name: AMQP_USER - valueFrom: - secretKeyRef: - name: ${NAME}-${ENV_NAME}-rabbitmq-cluster-secret - key: username - - name: AMQP_VHOST - value: /zeva - - name: AMQP_PASSWORD - valueFrom: - secretKeyRef: - name: ${NAME}-${ENV_NAME}-rabbitmq-cluster-secret - key: password - - name: MINIO_ENDPOINT - value: docs-mem-${NAME}-${ENV_NAME}.${OCP_NAME}.gov.bc.ca:443 - - name: MINIO_USE_SSL - value: "true" - - name: MINIO_ACCESS_KEY - valueFrom: - secretKeyRef: - name: ${NAME}-minio - key: MINIO_ACCESS_KEY - - name: MINIO_SECRET_KEY - valueFrom: - secretKeyRef: - name: ${NAME}-minio - key: MINIO_SECRET_KEY - - name: KEYCLOAK_SA_CLIENT_SECRET - valueFrom: - secretKeyRef: - name: zeva-keycloak - key: KEYCLOAK_SA_CLIENT_SECRET - - name: KEYCLOAK_CLIENT_ID - valueFrom: - configMapKeyRef: - name: ${NAME}-config-${ENV_NAME} - key: keycloak_client_id - - name: KEYCLOAK_SA_REALM - valueFrom: - configMapKeyRef: - name: ${NAME}-config-${ENV_NAME} - key: keycloak_sa_realm - - name: KEYCLOAK_SA_CLIENT_ID - valueFrom: - configMapKeyRef: - name: ${NAME}-config-${ENV_NAME} - key: keycloak_sa_client_id - - name: KEYCLOAK_SA_BASEURL - valueFrom: - configMapKeyRef: - name: ${NAME}-config-${ENV_NAME} - key: keycloak_sa_baseurl - - name: KEYCLOAK_REALM - valueFrom: - configMapKeyRef: - name: ${NAME}-config-${ENV_NAME} - key: keycloak_realm - - name: DATABASE_SERVICE_NAME - valueFrom: - configMapKeyRef: - name: ${NAME}-config-${ENV_NAME} - key: database_service_name - - name: DATABASE_USER - valueFrom: - secretKeyRef: - key: app-db-username - name: patroni-${ENV_NAME} - - name: DATABASE_PASSWORD - valueFrom: - secretKeyRef: - key: app-db-password - name: patroni-${ENV_NAME} - - name: DATABASE_NAME - valueFrom: - secretKeyRef: - key: app-db-name - name: patroni-${ENV_NAME} - image: - imagePullPolicy: Always - name: nagios - resources: - limits: - cpu: ${CPU_LIMIT} - memory: ${MEMORY_LIMIT} - requests: - cpu: ${CPU_REQUEST} - memory: ${MEMORY_REQUEST} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - - mountPath: /var/log/nagios3 - name: nagios-data - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccount: nagios - serviceAccountName: nagios - terminationGracePeriodSeconds: 30 - volumes: - - name: nagios-data - persistentVolumeClaim: - claimName: nagios - test: false - triggers: - - imageChangeParams: - automatic: true - containerNames: - - nagios - from: - kind: ImageStreamTag - name: nagios:${ENV_NAME} - namespace: tbiwaq-${ENV_NAME} - lastTriggeredImage: - type: ImageChange - - type: ConfigChange - status: - availableReplicas: 0 - latestVersion: 0 - observedGeneration: 0 - replicas: 0 - unavailableReplicas: 0 - updatedReplicas: 0 diff --git a/openshift-v3/templates/nagios/nagios-secret.yaml b/openshift-v3/templates/nagios/nagios-secret.yaml deleted file mode 100644 index 7eacb7672..000000000 --- a/openshift-v3/templates/nagios/nagios-secret.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: nagios-secret -parameters: - - name: NAGIOS_PASSWORD - description: nagios password - from: "[a-zA-Z0-9]{8}" - generate: expression - required: true -objects: - - apiVersion: v1 - kind: Secret - metadata: - name: nagios-secret - labels: {} - stringData: - NAGIOS_USER: nagiosadmin - NAGIOS_PASSWORD: ${NAGIOS_PASSWORD} diff --git a/openshift-v3/templates/nagios/nagios3/cgi.cfg b/openshift-v3/templates/nagios/nagios3/cgi.cfg deleted file mode 100644 index 1d6cc30e7..000000000 --- a/openshift-v3/templates/nagios/nagios3/cgi.cfg +++ /dev/null @@ -1,377 +0,0 @@ -################################################################# -# -# CGI.CFG - Sample CGI Configuration File for Nagios -# -################################################################# - - -# MAIN CONFIGURATION FILE -# This tells the CGIs where to find your main configuration file. -# The CGIs will read the main and host config files for any other -# data they might need. - -main_config_file=/etc/nagios3/nagios.cfg - - - -# PHYSICAL HTML PATH -# This is the path where the HTML files for Nagios reside. This -# value is used to locate the logo images needed by the statusmap -# and statuswrl CGIs. - -physical_html_path=/usr/share/nagios3/htdocs - - - -# URL HTML PATH -# This is the path portion of the URL that corresponds to the -# physical location of the Nagios HTML files (as defined above). -# This value is used by the CGIs to locate the online documentation -# and graphics. If you access the Nagios pages with an URL like -# http://www.myhost.com/nagios, this value should be '/nagios' -# (without the quotes). - -url_html_path=/nagios3 - - - -# CONTEXT-SENSITIVE HELP -# This option determines whether or not a context-sensitive -# help icon will be displayed for most of the CGIs. -# Values: 0 = disables context-sensitive help -# 1 = enables context-sensitive help - -show_context_help=1 - - - -# PENDING STATES OPTION -# This option determines what states should be displayed in the web -# interface for hosts/services that have not yet been checked. -# Values: 0 = leave hosts/services that have not been check yet in their original state -# 1 = mark hosts/services that have not been checked yet as PENDING - -use_pending_states=1 - -# NAGIOS PROCESS CHECK COMMAND -# This is the full path and filename of the program used to check -# the status of the Nagios process. It is used only by the CGIs -# and is completely optional. However, if you don't use it, you'll -# see warning messages in the CGIs about the Nagios process -# not running and you won't be able to execute any commands from -# the web interface. The program should follow the same rules -# as plugins; the return codes are the same as for the plugins, -# it should have timeout protection, it should output something -# to STDIO, etc. -# -# Note: The command line for the check_nagios plugin below may -# have to be tweaked a bit, as different versions of the plugin -# use different command line arguments/syntaxes. - -nagios_check_command=/usr/lib/nagios/plugins/check_nagios /var/cache/nagios3/status.dat 5 '/usr/sbin/nagios3' - - -# AUTHENTICATION USAGE -# This option controls whether or not the CGIs will use any -# authentication when displaying host and service information, as -# well as committing commands to Nagios for processing. -# -# Read the HTML documentation to learn how the authorization works! -# -# NOTE: It is a really *bad* idea to disable authorization, unless -# you plan on removing the command CGI (cmd.cgi)! Failure to do -# so will leave you wide open to kiddies messing with Nagios and -# possibly hitting you with a denial of service attack by filling up -# your drive by continuously writing to your command file! -# -# Setting this value to 0 will cause the CGIs to *not* use -# authentication (bad idea), while any other value will make them -# use the authentication functions (the default). - -use_authentication=1 - - - - -# x509 CERT AUTHENTICATION -# When enabled, this option allows you to use x509 cert (SSL) -# authentication in the CGIs. This is an advanced option and should -# not be enabled unless you know what you're doing. - -use_ssl_authentication=0 - - - - -# DEFAULT USER -# Setting this variable will define a default user name that can -# access pages without authentication. This allows people within a -# secure domain (i.e., behind a firewall) to see the current status -# without authenticating. You may want to use this to avoid basic -# authentication if you are not using a secure server since basic -# authentication transmits passwords in the clear. -# -# Important: Do not define a default username unless you are -# running a secure web server and are sure that everyone who has -# access to the CGIs has been authenticated in some manner! If you -# define this variable, anyone who has not authenticated to the web -# server will inherit all rights you assign to this user! - -#default_user_name=guest - - - -# SYSTEM/PROCESS INFORMATION ACCESS -# This option is a comma-delimited list of all usernames that -# have access to viewing the Nagios process information as -# provided by the Extended Information CGI (extinfo.cgi). By -# default, *no one* has access to this unless you choose to -# not use authorization. You may use an asterisk (*) to -# authorize any user who has authenticated to the web server. - -authorized_for_system_information=nagiosadmin - - - -# CONFIGURATION INFORMATION ACCESS -# This option is a comma-delimited list of all usernames that -# can view ALL configuration information (hosts, commands, etc). -# By default, users can only view configuration information -# for the hosts and services they are contacts for. You may use -# an asterisk (*) to authorize any user who has authenticated -# to the web server. - -authorized_for_configuration_information=nagiosadmin - - - -# SYSTEM/PROCESS COMMAND ACCESS -# This option is a comma-delimited list of all usernames that -# can issue shutdown and restart commands to Nagios via the -# command CGI (cmd.cgi). Users in this list can also change -# the program mode to active or standby. By default, *no one* -# has access to this unless you choose to not use authorization. -# You may use an asterisk (*) to authorize any user who has -# authenticated to the web server. - -authorized_for_system_commands=nagiosadmin - - - -# GLOBAL HOST/SERVICE VIEW ACCESS -# These two options are comma-delimited lists of all usernames that -# can view information for all hosts and services that are being -# monitored. By default, users can only view information -# for hosts or services that they are contacts for (unless you -# you choose to not use authorization). You may use an asterisk (*) -# to authorize any user who has authenticated to the web server. - - -authorized_for_all_services=nagiosadmin -authorized_for_all_hosts=nagiosadmin - - - -# GLOBAL HOST/SERVICE COMMAND ACCESS -# These two options are comma-delimited lists of all usernames that -# can issue host or service related commands via the command -# CGI (cmd.cgi) for all hosts and services that are being monitored. -# By default, users can only issue commands for hosts or services -# that they are contacts for (unless you you choose to not use -# authorization). You may use an asterisk (*) to authorize any -# user who has authenticated to the web server. - -authorized_for_all_service_commands=nagiosadmin -authorized_for_all_host_commands=nagiosadmin - - - -# READ-ONLY USERS -# A comma-delimited list of usernames that have read-only rights in -# the CGIs. This will block any service or host commands normally shown -# on the extinfo CGI pages. It will also block comments from being shown -# to read-only users. - -#authorized_for_read_only=user1,user2 - - - - -# STATUSMAP BACKGROUND IMAGE -# This option allows you to specify an image to be used as a -# background in the statusmap CGI. It is assumed that the image -# resides in the HTML images path (i.e. /usr/local/nagios/share/images). -# This path is automatically determined by appending "/images" -# to the path specified by the 'physical_html_path' directive. -# Note: The image file may be in GIF, PNG, JPEG, or GD2 format. -# However, I recommend that you convert your image to GD2 format -# (uncompressed), as this will cause less CPU load when the CGI -# generates the image. - -#statusmap_background_image=smbackground.gd2 - - - - -# STATUSMAP TRANSPARENCY INDEX COLOR -# These options set the r,g,b values of the background color used the statusmap CGI, -# so normal browsers that can't show real png transparency set the desired color as -# a background color instead (to make it look pretty). -# Defaults to white: (R,G,B) = (255,255,255). - -#color_transparency_index_r=255 -#color_transparency_index_g=255 -#color_transparency_index_b=255 - - - - -# DEFAULT STATUSMAP LAYOUT METHOD -# This option allows you to specify the default layout method -# the statusmap CGI should use for drawing hosts. If you do -# not use this option, the default is to use user-defined -# coordinates. Valid options are as follows: -# 0 = User-defined coordinates -# 1 = Depth layers -# 2 = Collapsed tree -# 3 = Balanced tree -# 4 = Circular -# 5 = Circular (Marked Up) - -default_statusmap_layout=5 - - - -# DEFAULT STATUSWRL LAYOUT METHOD -# This option allows you to specify the default layout method -# the statuswrl (VRML) CGI should use for drawing hosts. If you -# do not use this option, the default is to use user-defined -# coordinates. Valid options are as follows: -# 0 = User-defined coordinates -# 2 = Collapsed tree -# 3 = Balanced tree -# 4 = Circular - -default_statuswrl_layout=4 - - - -# STATUSWRL INCLUDE -# This option allows you to include your own objects in the -# generated VRML world. It is assumed that the file -# resides in the HTML path (i.e. /usr/local/nagios/share). - -#statuswrl_include=myworld.wrl - - - -# PING SYNTAX -# This option determines what syntax should be used when -# attempting to ping a host from the WAP interface (using -# the statuswml CGI. You must include the full path to -# the ping binary, along with all required options. The -# $HOSTADDRESS$ macro is substituted with the address of -# the host before the command is executed. -# Please note that the syntax for the ping binary is -# notorious for being different on virtually ever *NIX -# OS and distribution, so you may have to tweak this to -# work on your system. - -ping_syntax=/bin/ping -n -U -c 5 $HOSTADDRESS$ - - - -# REFRESH RATE -# This option allows you to specify the refresh rate in seconds -# of various CGIs (status, statusmap, extinfo, and outages). - -refresh_rate=90 - -# DEFAULT PAGE LIMIT -# This option allows you to specify the default number of results -# displayed on the status.cgi. This number can be adjusted from -# within the UI after the initial page load. Setting this to 0 -# will show all results. - -result_limit=100 - - -# ESCAPE HTML TAGS -# This option determines whether HTML tags in host and service -# status output is escaped in the web interface. If enabled, -# your plugin output will not be able to contain clickable links. - -escape_html_tags=1 - - - - -# SOUND OPTIONS -# These options allow you to specify an optional audio file -# that should be played in your browser window when there are -# problems on the network. The audio files are used only in -# the status CGI. Only the sound for the most critical problem -# will be played. Order of importance (higher to lower) is as -# follows: unreachable hosts, down hosts, critical services, -# warning services, and unknown services. If there are no -# visible problems, the sound file optionally specified by -# 'normal_sound' variable will be played. -# -# -# = -# -# Note: All audio files must be placed in the /media subdirectory -# under the HTML path (i.e. /usr/local/nagios/share/media/). - -#host_unreachable_sound=hostdown.wav -#host_down_sound=hostdown.wav -#service_critical_sound=critical.wav -#service_warning_sound=warning.wav -#service_unknown_sound=warning.wav -#normal_sound=noproblem.wav - - - -# URL TARGET FRAMES -# These options determine the target frames in which notes and -# action URLs will open. - -action_url_target=_blank -notes_url_target=_blank - - - - -# LOCK AUTHOR NAMES OPTION -# This option determines whether users can change the author name -# when submitting comments, scheduling downtime. If disabled, the -# author names will be locked into their contact name, as defined in Nagios. -# Values: 0 = allow editing author names -# 1 = lock author names (disallow editing) - -lock_author_names=1 - - - - -# SPLUNK INTEGRATION OPTIONS -# These options allow you to enable integration with Splunk -# in the web interface. If enabled, you'll be presented with -# "Splunk It" links in various places in the CGIs (log file, -# alert history, host/service detail, etc). Useful if you're -# trying to research why a particular problem occurred. -# For more information on Splunk, visit http://www.splunk.com/ - -# This option determines whether the Splunk integration is enabled -# Values: 0 = disable Splunk integration -# 1 = enable Splunk integration - -#enable_splunk_integration=1 - - -# This option should be the URL used to access your instance of Splunk - -#splunk_url=http://127.0.0.1:8000/ - - - diff --git a/openshift-v3/templates/nagios/nagios3/cleanup-cfg.sh b/openshift-v3/templates/nagios/nagios3/cleanup-cfg.sh deleted file mode 100755 index 920201a7c..000000000 --- a/openshift-v3/templates/nagios/nagios3/cleanup-cfg.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash - -ENV_NAME=$1 - -if [ ${ENV_NAME} == "dev" ]; then - rm -f /etc/nagios3/conf.d/*-test.cfg - rm -f /etc/nagios3/conf.d/*-prod.cfg -fi -if [ ${ENV_NAME} == "test" ]; then - rm -f /etc/nagios3/conf.d/*-dev.cfg - rm -f /etc/nagios3/conf.d/*-prod.cfg -fi -if [ ${ENV_NAME} == "prod" ]; then - rm -f /etc/nagios3/conf.d/*-dev.cfg - rm -f /etc/nagios3/conf.d/*-test.cfg -fi \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/commands.cfg b/openshift-v3/templates/nagios/nagios3/commands.cfg deleted file mode 100644 index 5ba2b4cdc..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands.cfg +++ /dev/null @@ -1,91 +0,0 @@ -############################################################################### -# COMMANDS.CFG - SAMPLE COMMAND DEFINITIONS FOR NAGIOS -############################################################################### - - -################################################################################ -# NOTIFICATION COMMANDS -################################################################################ - - -# 'notify-host-by-email' command definition -define command{ - command_name notify-host-by-email - command_line python3 /etc/nagios3/commands/notify_by_email.py "** Nagios $HOSTNAME$ $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" $CONTACTEMAIL$ - } - -# 'notify-service-by-email' command definition -define command { - command_name notify-service-by-email - command_line python3 /etc/nagios3/commands/notify_by_email.py "** Nagios $HOSTALIAS$ $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$\n" $CONTACTEMAIL$ -} - -################################################################################ -# HOST CHECK COMMANDS -################################################################################ - -# On Debian, check-host-alive is being defined from within the -# nagios-plugins-basic package - -################################################################################ -# PERFORMANCE DATA COMMANDS -################################################################################ - - -# 'process-host-perfdata' command definition -define command{ - command_name process-host-perfdata - command_line /usr/bin/printf "%b" "$LASTHOSTCHECK$\t$HOSTNAME$\t$HOSTSTATE$\t$HOSTATTEMPT$\t$HOSTSTATETYPE$\t$HOSTEXECUTIONTIME$\t$HOSTOUTPUT$\t$HOSTPERFDATA$\n" >> /var/lib/nagios3/host-perfdata.out - } - - -# 'process-service-perfdata' command definition -define command{ - command_name process-service-perfdata - command_line /usr/bin/printf "%b" "$LASTSERVICECHECK$\t$HOSTNAME$\t$SERVICEDESC$\t$SERVICESTATE$\t$SERVICEATTEMPT$\t$SERVICESTATETYPE$\t$SERVICEEXECUTIONTIME$\t$SERVICELATENCY$\t$SERVICEOUTPUT$\t$SERVICEPERFDATA$\n" >> /var/lib/nagios3/service-perfdata.out - } - -define command { - command_name check_replicas - command_line /etc/nagios3/commands/check_replicas.sh '$ARG1$' '$ARG2$' '$ARG3$' -} - -define command { - command_name check_diskusage - command_line /etc/nagios3/commands/check_diskusage.sh '$ARG1$' -} - -define command { - command_name check_postgresql_liveness - command_line /etc/nagios3/commands/check_postgresql_liveness.sh -} - -define command { - command_name check_host - command_line /etc/nagios3/commands/check_host.sh -} - -define command { - command_name check_rabbitmq_connection - command_line /etc/nagios3/commands/check_rabbitmq_connection.sh -} - -define command { - command_name check_minio_connection - command_line /etc/nagios3/commands/check_minio_connection.sh -} - -define command { - command_name check_keycloak_connection - command_line /etc/nagios3/commands/check_keycloak_connection.sh -} - -define command { - command_name check_email_connection - command_line /etc/nagios3/commands/check_email_connection.sh -} - -define command { - command_name check_patroni_health - command_line /etc/nagios3/commands/check_patroni_health.sh -} diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_diskusage.sh b/openshift-v3/templates/nagios/nagios3/commands/check_diskusage.sh deleted file mode 100755 index 25a575945..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_diskusage.sh +++ /dev/null @@ -1,22 +0,0 @@ -PROJECT_NAME=$1 - -databasePodName=`oc get pods -n $PROJECT_NAME | grep postgresql96 | awk '{print $1}'` - -backupDiskUsagePercent=`oc exec $databasePodName -c postgresql96 -n $PROJECT_NAME -- df -k | grep "/postgresql-backup" | awk '{print $5}'` -backupDiskUsage=${backupDiskUsagePercent%?} -diskusageAlarm=false -if [ ${backupDiskUsage} -gt 70 ]; then - diskusageAlarm=true -fi - -databaseDiskUsagePercent=`oc exec $databasePodName -c postgresql96 -n $PROJECT_NAME -- df -k | grep "/var/lib/pgsql/data" | awk '{print $5}'` -databaseDiskUsage=${databaseDiskUsagePercent%?} -if [ ${databaseDiskUsage} -gt 70 ]; then - diskusageAlarm=true -fi -if [ ${diskusageAlarm} = true ]; then - echo "CRITICAL - $1 Posgresql liveness checking failed" - exit 2 -fi -echo "OK - $1 Posgresql liveness checking passed" -exit 0 diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_email_connection.py b/openshift-v3/templates/nagios/nagios3/commands/check_email_connection.py deleted file mode 100644 index ae3b9d179..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_email_connection.py +++ /dev/null @@ -1,16 +0,0 @@ -import os - -import smtplib - -EMAIL = { - 'SMTP_SERVER_HOST': os.getenv('SMTP_SERVER_HOST', 'apps.smtp.gov.bc.ca'), - 'SMTP_SERVER_PORT': int(os.getenv('SMTP_SERVER_PORT', 25)) -} - -try: - with smtplib.SMTP(host=EMAIL['SMTP_SERVER_HOST'], - port=EMAIL['SMTP_SERVER_PORT']) as server: - server.noop() - print('OK - Email connection checking passed') -except Exception as error: - print('CRITICAL - Email connection checking failed') diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_email_connection.sh b/openshift-v3/templates/nagios/nagios3/commands/check_email_connection.sh deleted file mode 100755 index e49e5ebd4..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_email_connection.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -emailConnectionTest=$(python3 /etc/nagios3/commands/check_email_connection.py) -echo $emailConnectionTest -if [[ $emailConnectionTest == OK* ]]; -then - exit 0 -else - exit 2 -fi diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_host.sh b/openshift-v3/templates/nagios/nagios3/commands/check_host.sh deleted file mode 100755 index 782c37e85..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_host.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash - -echo "OK - This check is same as replica check." -exit 0 \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_keycloak_connection.py b/openshift-v3/templates/nagios/nagios3/commands/check_keycloak_connection.py deleted file mode 100755 index ec7ddc0c7..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_keycloak_connection.py +++ /dev/null @@ -1,62 +0,0 @@ -import os -import requests - -KEYCLOAK = { - 'REALM': os.getenv('KEYCLOAK_REALM', 'http://localhost:8888/auth/realms/tfrs'), - 'CLIENT_ID': os.getenv('KEYCLOAK_CLIENT_ID', 'tfrs-app'), - 'SERVICE_ACCOUNT_REALM': os.getenv('KEYCLOAK_SA_REALM', 'tfrs'), - 'SERVICE_ACCOUNT_CLIENT_ID': os.getenv('KEYCLOAK_SA_CLIENT_ID', 'tfrs'), - 'SERVICE_ACCOUNT_KEYCLOAK_API_BASE': os.getenv('KEYCLOAK_SA_BASEURL', 'http://localhost:8888'), - 'SERVICE_ACCOUNT_CLIENT_SECRET': os.getenv('KEYCLOAK_SA_CLIENT_SECRET', '') - } - -""" -This function will generate the token for the Service Account. -This token is most likely going to be used to update information -for the logged-in user (not to be confused with the service account) -such as auto-mapping the user upon first login. -""" -token_url = '{keycloak}/auth/realms/{realm}/protocol/openid-connect/token'.format( - keycloak=KEYCLOAK['SERVICE_ACCOUNT_KEYCLOAK_API_BASE'], - realm=KEYCLOAK['SERVICE_ACCOUNT_REALM']) - -response = requests.post(token_url, - auth=(KEYCLOAK['SERVICE_ACCOUNT_CLIENT_ID'], - KEYCLOAK['SERVICE_ACCOUNT_CLIENT_SECRET']), - data={'grant_type': 'client_credentials'}) - -token = response.json()['access_token'] - -""" -Retrieves the list of users found in Keycloak. -Not to be confused with the list of users found in the actual -database. -""" -users_url = '{keycloak}/auth/admin/realms/{realm}/users'.format( - keycloak=KEYCLOAK['SERVICE_ACCOUNT_KEYCLOAK_API_BASE'], - realm=KEYCLOAK['SERVICE_ACCOUNT_REALM']) - -headers = {'Authorization': 'Bearer {}'.format(token)} - -response = requests.get(users_url, - headers=headers) - -i=0 -all_users = response.json() -for user in all_users: - i=i+1 - users_detail_url = '{keycloak}/auth/admin/realms/{realm}/users/{user_id}/federated-identity'.format( - keycloak=KEYCLOAK['SERVICE_ACCOUNT_KEYCLOAK_API_BASE'], - realm=KEYCLOAK['SERVICE_ACCOUNT_REALM'], - user_id=user['id']) - - response = requests.get(users_detail_url, - headers=headers) - if i>=1: - break - - -if response.status_code == 200: - print('OK - Keycloak connection checking passed') -else: - print('CRITICAL - Keycloak connection checking failed') diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_keycloak_connection.sh b/openshift-v3/templates/nagios/nagios3/commands/check_keycloak_connection.sh deleted file mode 100755 index 31b77c503..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_keycloak_connection.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -keycloakConnectionTest=$(python3 /etc/nagios3/commands/check_keycloak_connection.py) -echo $keycloakConnectionTest -if [[ $keycloakConnectionTest == OK* ]]; -then - exit 0 -else - exit 2 -fi \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_minio_connection.py b/openshift-v3/templates/nagios/nagios3/commands/check_minio_connection.py deleted file mode 100644 index 95e041fc6..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_minio_connection.py +++ /dev/null @@ -1,26 +0,0 @@ -import os -from minio import Minio -from minio.error import MinioError, ResponseError - -MINIO = { - 'ENDPOINT': os.getenv('MINIO_ENDPOINT', None), - 'USE_SSL': bool(os.getenv('MINIO_USE_SSL', 'False').lower() in ['true', 1]), - 'ACCESS_KEY': os.getenv('MINIO_ACCESS_KEY', None), - 'SECRET_KEY': os.getenv('MINIO_SECRET_KEY', None) -} - -minio = Minio(MINIO['ENDPOINT'], - access_key=MINIO['ACCESS_KEY'], - secret_key=MINIO['SECRET_KEY'], - secure=MINIO['USE_SSL']) - -try: - minio = Minio(MINIO['ENDPOINT'], - access_key=MINIO['ACCESS_KEY'], - secret_key=MINIO['SECRET_KEY'], - secure=MINIO['USE_SSL']) - - _objects = minio.list_buckets() - print('OK - Minio connection checking passed') -except MinioError as _error: - print('CRITICAL - Minio connection checking failed') \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_minio_connection.sh b/openshift-v3/templates/nagios/nagios3/commands/check_minio_connection.sh deleted file mode 100755 index 9aa93ba5b..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_minio_connection.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -# the check_minio_connection.py doesn't work because failed to import ResponseError -# minioConnectionTest=$(python3 /etc/nagios3/commands/check_minio_connection.py) -minioConnectionTest="OK - Minio connection checking passed" -echo $minioConnectionTest -if [[ $minioConnectionTest == OK* ]]; -then - exit 0 -else - exit 2 -fi diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_patroni_health.sh b/openshift-v3/templates/nagios/nagios3/commands/check_patroni_health.sh deleted file mode 100755 index 374465440..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_patroni_health.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -PATRONI_SERVICE_NAME=$1 -NAMESPACE=$2 - -## the value must be running -master_node_state=`curl --silent --show-error http://$PATRONI_SERVICE_NAME.$NAMESPACE.svc.cluster.local:8008/patroni | jq --raw-output .state` -if [ $master_node_state != "running" ]; then - exit 2 -fi - -## the value must be streaming -second_node_state=`curl --silent --show-error http://$PATRONI_SERVICE_NAME.$NAMESPACE.svc.cluster.local:8008/patroni | jq --raw-output .replication[0].state` -if [ $second_node_state != "streaming" ]; then - exit 2 -fi - -## the value must be streaming -third_node_state=`curl --silent --show-error http://$PATRONI_SERVICE_NAME.$NAMESPACE.svc.cluster.local:8008/patroni | jq --raw-output .replication[1].state` -if [ $third_node_state != "streaming" ]; then - exit 2 -fi diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_postgresql_liveness.py b/openshift-v3/templates/nagios/nagios3/commands/check_postgresql_liveness.py deleted file mode 100644 index e85f9533f..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_postgresql_liveness.py +++ /dev/null @@ -1,28 +0,0 @@ -#!/usr/bin/python -import psycopg2 -import sys -import os - -DB = { - 'DATABASE_SERVICE_NAME': os.getenv('DATABASE_SERVICE_NAME', None), - 'DATABASE_USER': os.getenv('DATABASE_USER', None), - 'DATABASE_PASSWORD': os.getenv('DATABASE_PASSWORD', None), - 'DATABASE_NAME': os.getenv('DATABASE_NAME', None) -} - -try: - - conn_string = "host='{database_service_name}' dbname='{database_name}' user='{database_user}' password='{database_password}'".format( - database_service_name=DB['DATABASE_SERVICE_NAME'], - database_name=DB['DATABASE_NAME'], - database_user=DB['DATABASE_USER'], - database_password=DB['DATABASE_PASSWORD'] - ) - - conn=psycopg2.connect(conn_string) - conn.close() - - print('OK - Database connection checking passed') - -except Exception as error: - print('CRITICAL - Database connection checking failed') \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_postgresql_liveness.sh b/openshift-v3/templates/nagios/nagios3/commands/check_postgresql_liveness.sh deleted file mode 100755 index 5f89c9528..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_postgresql_liveness.sh +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash - -dbConnectionTest=$(python3 /etc/nagios3/commands/check_postgresql_liveness.py) -echo $dbConnectionTest -if [[ $dbConnectionTest == OK* ]]; -then - exit 0 -else - exit 2 -fi - -#PROJECT_NAME=$1 - -#databasePodName=`oc get pods -n $PROJECT_NAME | grep postgresql96 | awk '{print $1}'` - -#databaseLivenessAlarm=false -#selectResult=`oc exec $databasePodName -c postgresql96 -n $PROJECT_NAME -- psql -h 127.0.0.1 -q -d tfrs -c 'SELECT 1' | grep row` -#if [ ${selectResult} == "(1 row)" ]; then -# databaseLivenessAlarm=true -#fi -#if [ ${databaseLivenessAlarm} = true ]; then -# echo "CRITICAL - $1 Postgresql liveness checking failed" -# exit 2 -#fi -#echo "OK - $1 Postgresql liveness checking passed successfully" -#exit 0 diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_rabbitmq_connection.py b/openshift-v3/templates/nagios/nagios3/commands/check_rabbitmq_connection.py deleted file mode 100644 index d67fab501..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_rabbitmq_connection.py +++ /dev/null @@ -1,29 +0,0 @@ -import os -import pika -from pika import ConnectionParameters, PlainCredentials -from pika.exceptions import AMQPError - -AMQP = { - 'ENGINE': 'rabbitmq', - 'VHOST': os.getenv('AMQP_VHOST', '/'), - 'USER': os.getenv('AMQP_USER', 'guest'), - 'PASSWORD': os.getenv('AMQP_PASSWORD', 'guest'), - 'HOST': os.getenv('AMQP_HOST', 'localhost'), - 'PORT': os.getenv('AMQP_PORT', '5672') -} - -AMQP_CONNECTION_PARAMETERS = ConnectionParameters( - host=AMQP['HOST'], - port=AMQP['PORT'], - virtual_host=AMQP['VHOST'], - credentials=PlainCredentials(AMQP['USER'], AMQP['PASSWORD']) -) - -try: - parameters = AMQP_CONNECTION_PARAMETERS - connection = pika.BlockingConnection(parameters) - connection.channel() - connection.close() - print('OK - Rabbitmq connection checking passed') -except AMQPError as _error: - print('CRITICAL - Rabbitmq connection checking failed') \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_rabbitmq_connection.sh b/openshift-v3/templates/nagios/nagios3/commands/check_rabbitmq_connection.sh deleted file mode 100755 index 4a4688b5e..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_rabbitmq_connection.sh +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/bash - -rabbitmqConnectionTest=$(python3 /etc/nagios3/commands/check_rabbitmq_connection.py) -echo $rabbitmqConnectionTest -if [[ $rabbitmqConnectionTest == OK* ]]; -then - exit 0 -else - exit 2 -fi \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/commands/check_replicas.sh b/openshift-v3/templates/nagios/nagios3/commands/check_replicas.sh deleted file mode 100755 index 1e8e6f2b5..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/check_replicas.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash - -PROJECT_NAME=$1 -DEPLOYMENT=$2 -MIN_REPLICAS=$3 - -if [ ${DEPLOYMENT} == "zeva-test-rabbitmq-cluster" ] || [ ${DEPLOYMENT} == "zeva-prod-rabbitmq-cluster" ]; then - availableReplicas=$(oc get -o json StatefulSet ${DEPLOYMENT} -n $PROJECT_NAME | jq '.status.readyReplicas') -elif [ ${DEPLOYMENT} == "patroni-dev" ] || [ ${DEPLOYMENT} == "patroni-test" ] || [ ${DEPLOYMENT} == "patroni-prod" ]; then - availableReplicas=$(oc get -o json StatefulSet ${DEPLOYMENT} -n $PROJECT_NAME | jq '.status.currentReplicas') -else availableReplicas=$(oc get -o json dc $DEPLOYMENT -n $PROJECT_NAME | jq '.status.availableReplicas') -fi - -if (($availableReplicas>=$MIN_REPLICAS)); then - echo "OK - $1:$2 has $availableReplicas replicas available" - exit 0 - else - echo "CRITICAL - $1:$2 has $availableReplicas replicas available" - exit 2 -fi - diff --git a/openshift-v3/templates/nagios/nagios3/commands/notify_by_email.py b/openshift-v3/templates/nagios/nagios3/commands/notify_by_email.py deleted file mode 100644 index 2c755923e..000000000 --- a/openshift-v3/templates/nagios/nagios3/commands/notify_by_email.py +++ /dev/null @@ -1,31 +0,0 @@ -import os -import sys -from email.message import EmailMessage -from email.mime.text import MIMEText -import smtplib - -# sys.argv[1] is subject -# sys.argv[2] is email body -# sys.argv[3] is receiver email address(es) - -EMAIL = { - 'SMTP_SERVER_HOST': os.getenv('SMTP_SERVER_HOST', 'apps.smtp.gov.bc.ca'), - 'SMTP_SERVER_PORT': int(os.getenv('SMTP_SERVER_PORT', 25)) -} - -emailBody = sys.argv[2].replace("\\n", "\n") - -msg = EmailMessage() -msg.set_content(emailBody) - -msg['Subject'] = sys.argv[1] -msg['From'] = "noreply@gov.bc.ca" -msg['To'] = sys.argv[3] - -with smtplib.SMTP(host=EMAIL['SMTP_SERVER_HOST'], - port=EMAIL['SMTP_SERVER_PORT']) as server: - try: - server.send_message(msg) - print('OK - Email sending succeed') - except Exception as error: - print('CRITICAL - Email sending failed') \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/contact-groups.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/contact-groups.cfg deleted file mode 100644 index 293f4bbf9..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/contact-groups.cfg +++ /dev/null @@ -1,5 +0,0 @@ -define contactgroup{ - contactgroup_name zeva-devops - alias ZEVA DevOps Group - members Kuan.Fan - } diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/contacts.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/contacts.cfg deleted file mode 100644 index d367c591a..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/contacts.cfg +++ /dev/null @@ -1,27 +0,0 @@ -define contact { - contact_name Kuan.Fan - alias ZEVA DevOps Kuan - host_notifications_enabled 1 - service_notifications_enabled 1 - service_notification_period 24x7 - host_notification_period 24x7 - service_notification_options w,u,c,r - host_notification_options d,u,r - service_notification_commands notify-service-by-email - host_notification_commands notify-host-by-email - email Kuan.Fan@gov.bc.ca - can_submit_commands 1 -} -#define contact { -# contact_name zeva.team -# alias ZEVA Team -# host_notifications_enabled 1 -# service_notifications_enabled 1 -# service_notification_period 24x7 -# host_notification_period 24x7 -# service_notification_options w,u,c,r -# host_notification_options d,u,r -# host_notification_commands notify-host-by-email -# email zeva@gov.bc.ca -# can_submit_commands 1 -#} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/host-groups-dev.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/host-groups-dev.cfg deleted file mode 100644 index 9b11648ee..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/host-groups-dev.cfg +++ /dev/null @@ -1,5 +0,0 @@ -define hostgroup { - hostgroup_name hosts-dev - alias ZEVA Openshift Dev Hosts - members zeva-frontend-dev, zeva-backend-dev, patroni-dev, zeva-minio-dev, zeva-dev-rabbitmq-cluster, keycloak-dev, email-dev -} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/host-groups-prod.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/host-groups-prod.cfg deleted file mode 100644 index 459c4f56e..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/host-groups-prod.cfg +++ /dev/null @@ -1,6 +0,0 @@ -define hostgroup { - hostgroup_name hosts-prod - alias ZEVA Openshift Prod Hosts - members zeva-frontend-prod, zeva-backend-prod, patroni-prod, zeva-minio-prod, keycloak-prod, email-prod -} -#members zeva-frontend-prod, zeva-backend-prod, patroni-prod, zeva-minio-prod, zeva-prod-rabbitmq-cluster, keycloak-prod, email-prod \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/host-groups-test.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/host-groups-test.cfg deleted file mode 100644 index d8681bb99..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/host-groups-test.cfg +++ /dev/null @@ -1,5 +0,0 @@ -define hostgroup { - hostgroup_name hosts-test - alias ZEVA Openshift Test Hosts - members zeva-frontend-test, zeva-backend-test, patroni-test, zeva-minio-test, zeva-test-rabbitmq-cluster, keycloak-test, email-test -} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/hosts-dev.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/hosts-dev.cfg deleted file mode 100644 index 5189b0493..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/hosts-dev.cfg +++ /dev/null @@ -1,95 +0,0 @@ -define host { - host_name zeva-frontend-dev - address zeva-frontend-dev.tbiwaq-dev.svc.cluster.local - hostgroups hosts-dev - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name zeva-backend-dev - address zeva-backend-dev.tbiwaq-dev.svc.cluster.local - hostgroups hosts-dev - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name patroni-dev - address patroni-master-dev.tbiwaq-dev.svc.cluster.local - hostgroups hosts-dev - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name zeva-minio-dev - address zeva-minio-dev.tbiwaq-dev.svc.cluster.local - hostgroups hosts-dev - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name zeva-dev-rabbitmq-cluster - hostgroups hosts-dev - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name keycloak-dev - hostgroups hosts-dev - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name email-dev - hostgroups hosts-dev - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/hosts-prod.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/hosts-prod.cfg deleted file mode 100644 index dff361fcb..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/hosts-prod.cfg +++ /dev/null @@ -1,95 +0,0 @@ -define host { - host_name zeva-frontend-prod - address zeva-frontend-prod.tbiwaq-prod.svc.cluster.local - hostgroups hosts-prod - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name zeva-backend-prod - address zeva-backend-prod.tbiwaq-prod.svc.cluster.local - hostgroups hosts-prod - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name patroni-prod - address patroni-master-prod.tbiwaq-prod.svc.cluster.local - hostgroups hosts-prod - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name zeva-minio-prod - address zeva-minio-prod.tbiwaq-prod.svc.cluster.local - hostgroups hosts-prod - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -#define host { -# host_name zeva-prod-rabbitmq-cluster -# hostgroups hosts-prod -# check_command check_host -# check_interval 60 -# retry_interval 1 -# max_check_attempts 5 -# check_period 24x7 -# contact_groups zeva-devops -# notification_interval 30 -# notification_period 24x7 -# notifications_enabled 1 -#} -define host { - host_name keycloak-prod - hostgroups hosts-prod - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name email-prod - hostgroups hosts-prod - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/hosts-test.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/hosts-test.cfg deleted file mode 100644 index 1c7e49c49..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/hosts-test.cfg +++ /dev/null @@ -1,95 +0,0 @@ -define host { - host_name zeva-frontend-test - address zeva-frontend-test.tbiwaq-test.svc.cluster.local - hostgroups hosts-test - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name zeva-backend-test - address zeva-backend-test.tbiwaq-test.svc.cluster.local - hostgroups hosts-test - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name patroni-test - address patroni-master-test.tbiwaq-test.svc.cluster.local - hostgroups hosts-test - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name zeva-minio-test - address zeva-minio-test.tbiwaq-test.svc.cluster.local - hostgroups hosts-test - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name zeva-test-rabbitmq-cluster - hostgroups hosts-test - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name keycloak-test - hostgroups hosts-test - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} -define host { - host_name email-test - hostgroups hosts-test - check_command check_host - check_interval 60 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 30 - notification_period 24x7 - notifications_enabled 1 -} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/services-other-dev.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/services-other-dev.cfg deleted file mode 100644 index 2bac2b3e7..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/services-other-dev.cfg +++ /dev/null @@ -1,78 +0,0 @@ -define service { - host_name patroni-dev - service_description Patroni liveness check - check_command check_postgresql_liveness - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name zeva-dev-rabbitmq-cluster - service_description Rabbitmq connection check - check_command check_rabbitmq_connection - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name zeva-minio-dev - service_description Minio connection check - check_command check_minio_connection - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name keycloak-dev - service_description Keycloak connection check - check_command check_keycloak_connection - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name email-dev - service_description Email connection check - check_command check_email_connection - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name patroni-dev - service_description Patroni health check - check_command check_patroni_health - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/services-other-prod.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/services-other-prod.cfg deleted file mode 100644 index 5ad7342f4..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/services-other-prod.cfg +++ /dev/null @@ -1,78 +0,0 @@ -define service { - host_name patroni-prod - service_description Patroni liveness check - check_command check_postgresql_liveness - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -#define service { -# host_name zeva-prod-rabbitmq-cluster -# service_description Rabbitmq connection check -# check_command check_rabbitmq_connection -# check_interval 5 -# retry_interval 1 -# max_check_attempts 5 -# check_period 24x7 -# contact_groups zeva-devops -# notification_interval 5 -# notification_period 24x7 -# notifications_enabled 1 -#} -define service { - host_name zeva-minio-prod - service_description Minio connection check - check_command check_minio_connection - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name keycloak-prod - service_description Keycloak connection check - check_command check_keycloak_connection - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name email-prod - service_description Email connection check - check_command check_email_connection - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name patroni-prod - service_description Patroni health check - check_command check_patroni_health!patroni-master-prod!tbiwaq-prod - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/services-other-test.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/services-other-test.cfg deleted file mode 100644 index 54ffe49b0..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/services-other-test.cfg +++ /dev/null @@ -1,78 +0,0 @@ -define service { - host_name patroni-test - service_description Patroni liveness check - check_command check_postgresql_liveness - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name zeva-test-rabbitmq-cluster - service_description Rabbitmq connection check - check_command check_rabbitmq_connection - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -#define service { -# host_name zeva-minio-test -# service_description Minio connection check -# check_command check_minio_connection -# check_interval 5 -# retry_interval 1 -# max_check_attempts 5 -# check_period 24x7 -# contact_groups zeva-devops -# notification_interval 5 -# notification_period 24x7 -# notifications_enabled 1 -#} -define service { - host_name keycloak-test - service_description Keycloak connection check - check_command check_keycloak_connection - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name email-test - service_description Email connection check - check_command check_email_connection - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name patroni-test - service_description Patroni health check - check_command check_patroni_health - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/services-replica-dev.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/services-replica-dev.cfg deleted file mode 100644 index 96d090413..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/services-replica-dev.cfg +++ /dev/null @@ -1,65 +0,0 @@ -define service { - host_name zeva-frontend-dev - service_description frontend replica count - check_command check_replicas!tbiwaq-dev!zeva-frontend-dev!1 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name zeva-backend-dev - service_description backend replica count - check_command check_replicas!tbiwaq-dev!zeva-backend-dev!1 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name patroni-dev - service_description patroni replica count - check_command check_replicas!tbiwaq-dev!patroni-dev!1 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name minio-dev - service_description Minio replica count - check_command check_replicas!tbiwaq-dev!zeva-minio-dev!1 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name rabbitmq-dev - service_description Rabbitmq replica count - check_command check_replicas!tbiwaq-dev!zeva-dev-rabbitmq-cluster!1 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/services-replica-prod.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/services-replica-prod.cfg deleted file mode 100644 index b94ebfeb1..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/services-replica-prod.cfg +++ /dev/null @@ -1,65 +0,0 @@ -define service { - host_name zeva-frontend-prod - service_description frontend replica count - check_command check_replicas!tbiwaq-prod!zeva-frontend-prod!2 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name zeva-backend-prod - service_description backend replica count - check_command check_replicas!tbiwaq-prod!zeva-backend-prod!2 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name patroni-prod - service_description patroni replica count - check_command check_replicas!tbiwaq-prod!patroni-prod!3 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name zeva-minio-prod - service_description Minio replica count - check_command check_replicas!tbiwaq-prod!zeva-minio-prod!1 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -#define service { -# host_name zeva-prod-rabbitmq-cluster -# service_description Rabbitmq replica count -# check_command check_replicas!tbiwaq-prod!zeva-prod-rabbitmq-cluster!2 -# check_interval 5 -# retry_interval 1 -# max_check_attempts 5 -# check_period 24x7 -# contact_groups zeva-devops -# notification_interval 5 -# notification_period 24x7 -# notifications_enabled 1 -#} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/services-replica-test.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/services-replica-test.cfg deleted file mode 100644 index e5885c71b..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/services-replica-test.cfg +++ /dev/null @@ -1,65 +0,0 @@ -define service { - host_name zeva-frontend-test - service_description frontend replica count - check_command check_replicas!tbiwaq-test!zeva-frontend-test!2 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name zeva-backend-test - service_description backend replica count - check_command check_replicas!tbiwaq-test!zeva-backend-test!2 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name patroni-test - service_description patroni replica count - check_command check_replicas!tbiwaq-test!patroni-test!2 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name zeva-minio-test - service_description Minio replica count - check_command check_replicas!tbiwaq-test!zeva-minio-test!1 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} -define service { - host_name zeva-test-rabbitmq-cluster - service_description Rabbitmq replica count - check_command check_replicas!tbiwaq-test!zeva-test-rabbitmq-cluster!2 - check_interval 5 - retry_interval 1 - max_check_attempts 5 - check_period 24x7 - contact_groups zeva-devops - notification_interval 5 - notification_period 24x7 - notifications_enabled 1 -} \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/conf.d/timeperiods.cfg b/openshift-v3/templates/nagios/nagios3/conf.d/timeperiods.cfg deleted file mode 100644 index 3e7c1aa07..000000000 --- a/openshift-v3/templates/nagios/nagios3/conf.d/timeperiods.cfg +++ /dev/null @@ -1,11 +0,0 @@ -define timeperiod { - timeperiod_name 24x7 - alias Always - sunday 00:00-24:00 - monday 00:00-24:00 - tuesday 00:00-24:00 - wednesday 00:00-24:00 - thursday 00:00-24:00 - friday 00:00-24:00 - saturday 00:00-24:00 -} diff --git a/openshift-v3/templates/nagios/nagios3/nagios.cfg b/openshift-v3/templates/nagios/nagios3/nagios.cfg deleted file mode 100644 index 2d4a7eb4d..000000000 --- a/openshift-v3/templates/nagios/nagios3/nagios.cfg +++ /dev/null @@ -1,111 +0,0 @@ -log_file=/var/log/nagios3/nagios3.log -cfg_file=/etc/nagios3/commands.cfg -cfg_dir=/etc/nagios-plugins/config -cfg_dir=/etc/nagios3/conf.d -log_rotation_method=d -log_archive_path=/var/log/nagios3 -object_cache_file=/var/cache/nagios3/objects.cache -precached_object_file=/var/lib/nagios3/objects.precache -resource_file=/etc/nagios3/resource.cfg -status_file=/var/cache/nagios3/status.dat -status_update_interval=10 -nagios_user=nagios -nagios_group=nagios -check_external_commands=0 -command_check_interval=5 -command_file=/var/lib/nagios3/rw/nagios.cmd -external_command_buffer_slots=4096 -lock_file=/var/run/nagios3/nagios3.pid -temp_file=/var/cache/nagios3/nagios.tmp -temp_path=/tmp -event_broker_options=-1 -use_syslog=0 -log_notifications=0 -log_service_retries=0 -log_host_retries=0 -log_event_handlers=1 -log_initial_states=1 -log_external_commands=1 -log_passive_checks=1 -service_inter_check_delay_method=s -max_service_check_spread=30 -service_interleave_factor=s -host_inter_check_delay_method=s -max_host_check_spread=30 -max_concurrent_checks=1 -check_result_reaper_frequency=10 -max_check_result_reaper_time=30 -check_result_path=/var/lib/nagios3/spool/checkresults -max_check_result_file_age=3600 -cached_host_check_horizon=15 -cached_service_check_horizon=15 -enable_predictive_host_dependency_checks=1 -enable_predictive_service_dependency_checks=1 -soft_state_dependencies=0 -auto_reschedule_checks=0 -auto_rescheduling_interval=30 -auto_rescheduling_window=180 -sleep_time=0.25 -service_check_timeout=60 -host_check_timeout=30 -event_handler_timeout=30 -notification_timeout=30 -ocsp_timeout=5 -perfdata_timeout=5 -retain_state_information=1 -state_retention_file=/var/lib/nagios3/retention.dat -retention_update_interval=60 -use_retained_program_state=1 -use_retained_scheduling_info=1 -retained_host_attribute_mask=0 -retained_service_attribute_mask=0 -retained_process_host_attribute_mask=0 -retained_process_service_attribute_mask=0 -retained_contact_host_attribute_mask=0 -retained_contact_service_attribute_mask=0 -interval_length=60 -check_for_updates=1 -bare_update_check=0 -use_aggressive_host_checking=0 -execute_service_checks=1 -accept_passive_service_checks=1 -execute_host_checks=1 -accept_passive_host_checks=1 -enable_notifications=1 -enable_event_handlers=1 -process_performance_data=0 -obsess_over_services=0 -obsess_over_hosts=0 -translate_passive_host_checks=0 -passive_host_checks_are_soft=0 -check_for_orphaned_services=1 -check_for_orphaned_hosts=1 -check_service_freshness=1 -service_freshness_check_interval=60 -service_check_timeout_state=c -check_host_freshness=0 -host_freshness_check_interval=60 -additional_freshness_latency=15 -enable_flap_detection=1 -low_service_flap_threshold=5.0 -high_service_flap_threshold=20.0 -low_host_flap_threshold=5.0 -high_host_flap_threshold=20.0 -date_format=iso8601 -p1_file=/usr/lib/nagios3/p1.pl -enable_embedded_perl=1 -use_embedded_perl_implicitly=1 -use_timezone=Canada/Pacific -illegal_object_name_chars=`~!$%^&*|'"<>?,()= -illegal_macro_output_chars=`~$&|'"<> -use_regexp_matching=0 -use_true_regexp_matching=0 -admin_email=kuan.fan@gov.bc.ca -admin_pager=pageroot@localhost -daemon_dumps_core=0 -use_large_installation_tweaks=0 -enable_environment_macros=1 -debug_level=32 -debug_verbosity=2 -debug_file=/var/log/nagios3/nagios3-debug.log -max_debug_file_size=10000000 diff --git a/openshift-v3/templates/nagios/nagios3/resource.cfg b/openshift-v3/templates/nagios/nagios3/resource.cfg deleted file mode 100644 index 3ed732bb1..000000000 --- a/openshift-v3/templates/nagios/nagios3/resource.cfg +++ /dev/null @@ -1,31 +0,0 @@ -########################################################################### -# -# RESOURCE.CFG - Resource File for Nagios -# -# You can define $USERx$ macros in this file, which can in turn be used -# in command definitions in your host config file(s). $USERx$ macros are -# useful for storing sensitive information such as usernames, passwords, -# etc. They are also handy for specifying the path to plugins and -# event handlers - if you decide to move the plugins or event handlers to -# a different directory in the future, you can just update one or two -# $USERx$ macros, instead of modifying a lot of command definitions. -# -# The CGIs will not attempt to read the contents of resource files, so -# you can set restrictive permissions (600 or 660) on them. -# -# Nagios supports up to 32 $USERx$ macros ($USER1$ through $USER32$) -# -# Resource files may also be used to store configuration directives for -# external data sources like MySQL... -# -########################################################################### - -# Sets $USER1$ to be the path to the plugins -$USER1$=/usr/lib/nagios/plugins - -# Sets $USER2$ to be the path to event handlers -#$USER2$=/usr/lib/nagios/plugins/eventhandlers - -# Store some usernames and passwords (hidden from the CGIs) -#$USER3$=someuser -#$USER4$=somepassword diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/avail.css b/openshift-v3/templates/nagios/nagios3/stylesheets/avail.css deleted file mode 100644 index b1ad0bfe3..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/avail.css +++ /dev/null @@ -1,35 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.avail { } - -.data { font-size: 9pt; } - -.hostUP { background-color: #cce8cc; padding: 0 4 0 4; } -.hostDOWN { background-color: #ffdddd; padding: 0 4 0 4; } -.hostUNREACHABLE { background-color: #ffddaa; padding: 0 4 0 4; } - -.serviceOK { background-color: #cce8cc; padding: 0 4 0 4; } -.serviceWARNING { background-color: #feffc1; padding: 0 4 0 4; } -.serviceUNKNOWN { background-color: #ffddaa; padding: 0 4 0 4; } -.serviceCRITICAL { background-color: #ffdddd; padding: 0 4 0 4; } - -table.logEntries { font-size: 9pt; padding: 5 0 0 0; } -th.logEntries { font-size: 9pt; text-align: left; padding: 0 3px 0 3px; border-bottom: 1px solid #777777; color: #333333; } -.logEntriesOdd { background-color: #e7e7e7; padding: 0 4 0 4; } -.logEntriesEven { background-color: #f4f2f2; padding: 0 4 0 4; } - -.logEntriesOK { background-color: #cce8cc; padding: 0 4 0 4; } -.logEntriesUNKNOWN { background-color: #ffddaa; padding: 0 4 0 4; } -.logEntriesWARNING { background-color: #feffc1; padding: 0 4 0 4; } -.logEntriesCRITICAL { background-color: #ffdddd; padding: 0 4 0 4; } -.logEntriesUP { background-color: #cce8cc; padding: 0 4 0 4; } -.logEntriesDOWN { background-color: #ffdddd; padding: 0 4 0 4; } -.logEntriesUNREACHABLE { background-color: #ffddaa; padding: 0 4 0 4; } -.logEntriesINDETERMINATE { background-color: #ddccff; padding: 0 4 0 4; } - -.infoMessage { font-size: 9pt; } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/checksanity.css b/openshift-v3/templates/nagios/nagios3/stylesheets/checksanity.css deleted file mode 100644 index 49922d19b..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/checksanity.css +++ /dev/null @@ -1,27 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.extinfo { } - -.Title { font-size: 12pt; text-align: center; font-weight: bold; } -.SectionTitle { font-size: 12pt; text-align: center; font-weight: bold; } - -.DynamicData { font-size: 10pt; padding: 2; } -.StaticData { font-size: 10pt; padding: 2; } -.TableHeader { font-size: 10pt; background-color: #d0d0d0; font-weight: bold; } - -.Item { font-size: 10pt; background-color: #f4f2f2; font-weight: bold; } -.DataSource { font-size: 10pt; background-color: #f4f2f2; } -.Number { font-size: 10pt; background-color: #f4f2f2; } - -.Value { font-size: 10pt; background-color: #f4f2f2; font-weight: bold; } -.ValueOk { font-size: 10pt; background-color: #88d066; font-weight: bold; } -.ValueError { font-size: 10pt; background-color: #f88888; font-weight: bold; } - - - - diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/cmd.css b/openshift-v3/templates/nagios/nagios3/stylesheets/cmd.css deleted file mode 100644 index f8698f736..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/cmd.css +++ /dev/null @@ -1,14 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.cmd { } - -.cmdType { font-size: 12pt; font-weight: bold; color: #aa0000; padding-bottom: 40; } -.commandDescription { font-size: 8pt; background-color: #f4f2f2; border: 1px solid #d0d0d0; margin: 4 0 0 0; padding: 4 4 4 4; } -.descriptionTitle { font-size: 10pt; font-weight: bold; } -.infoMessage { font-size: 8pt; background-color: #efefaa; border: 1px solid #777777; margin: 40 20% 0 20%; padding: 5 5 5 5; } -.optBox { font-size: 9pt; padding: 5 5 5 5; } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/common.css b/openshift-v3/templates/nagios/nagios3/stylesheets/common.css deleted file mode 100644 index 6d8e1aae8..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/common.css +++ /dev/null @@ -1,370 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* version: 0.7 */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -/* thanks to jacob.laack for nagiosneat */ -/* thanks to nagios authors for a solid base */ - -/* these are reference colors for the color scheme: - - color dark light border - OK: green 88d066 cce8cc 777777 - WARNING: yellow ffff00 feffc1 777777 - CRITICAL: red f88888 ffdddd 777777 - PENDING: grey acacac fefefe 777777 - UNKNOWN: orange ffbb55 ffddaa 777777 - UNREACHABLE: orange ffbb55 ffddaa 777777 -INDETERMINATE: purple ddccff 777777 - PROBLEMS: blue aaccff 777777 - - ACK: aaaaaa - CUSTOM: 778899 - - important: blue 99aacc 777777 -not important: blue aaccff 777777 - - table header: d0d0d0 - odd rows: e7e7e7 - even rows: f4f2f2 - - titles: 12pt - body: 10pt - table headings: 9pt - controls: 9pt - data in tables: 8pt or 9pt -*/ - -body { - margin: 0em; - margin: 0.8em 0.8em 2em 0.8em; - color: black; - background-color: white; - font-family: arial, verdana, serif; - font-weight: normal; - font-size: 10pt; -} - -table { - border: none; - margin: 0; -} - -th, td { - border: none; - padding: 0 2px 0 2px; -} - -form { - margin: 0; - padding: 0; -} - - -a img { - border: none; -} -a { - text-decoration: none; - color: #40529b; -} -a:hover { - text-decoration: underline; - color: #3f5bcd; -} -a:active { - color: #496aef; -} -a:visited { - color: #2c3763; -} - - -div.navbarlogo { - margin: 0 0 10px 0; -} -div.navsection { - margin: 5px 0 10px 0; -} -div.navsectiontitle { - font-size: 9pt; - font-weight: bold; - padding: 2px; - background-color: #efefef; - border:1px solid #dddddd; -} -div.navsectionlinks { - margin: 3px 0 0 0; -} - -ul.navsectionlinks { - margin: 0; - padding: 0; - list-style: none; -} -ul.navsectionlinks li { } -ul.navsectionlinks li a { - font-weight: bold; - font-size: 9pt; - text-decoration: none; - padding: 0 0 0 15px; - /* background: transparent url(../images/greendot.gif) no-repeat scroll 0 0; */ - -} -ul.navsectionlinks li ul { - margin: 0px; - padding: 0 0 0 30px; - list-style: none; -} -ul.navsectionlinks li ul li { } -ul.navsectionlinks li a:hover { -/* background: transparent url(../images/orangedot.gif) no-repeat scroll 0 0; */ -color: #8391cd; -} -ul.navsectionlinks li ul li a { - background: none; - padding: 0; - font-weight: normal; -} -ul.navsectionlinks li ul li a:hover { - background: none; -} -ul.navsectionlinks li ul li ul { - margin: 0px; - padding: 0 0 0 15px; - list-style: none; -} - - -.navbarsearch { - margin: 5px 0 0 0; -} -.navbarsearch fieldset { - border: none; -} - -.navbarsearch fieldset legend { - font-size: 8pt; -} -.navbarsearch input{ - font-size: 9pt; -} - - -#splashpage{ - text-align: center; -} -#mainbrandsplash{ - font-size: 12pt; - font-weight: bold; - margin: 0 0 35px 0; -} -#maincopy{ - margin: 0 0 15px 0; -} -#currentversioninfo{ - font-size: 12pt; -} -#currentversioninfo .product{ - font-size: 14pt; - font-weight: bold; -} -#currentversioninfo .version{ - font-size: 14pt; - font-weight: bold; -} -#currentversioninfo .releasedate{ - font-size: 11pt; - margin: 5px 0 0 0; -} -#currentversioninfo .checkforupdates{ - font-size: 11pt; - font-weight: bold; -} -#currentversioninfo .whatsnew{ - font-size: 11pt; - font-weight: bold; - margin: 50px 0 0 0; -} -#updateversioninfo{ - margin: 15px auto 35px auto; - width: 400px; -} -.updatechecksdisabled{ - background-color: #FF9F9F; - border: 1px solid red; - padding: 10px; -} -.updatechecksdisabled div.warningmessage{ - font-weight: bold; -} -#updateversioninfo div.submessage{ - clear: left; -} -.updateavailable{ - background-color: #9FD4FF; - border: 1px solid blue; - padding: 10px; -} -.updateavailable div.updatemessage{ - font-size: 12pt; - font-weight: bold; -} - -#splashpage #mainfooter{ - /*margin: 100px 0 0 0;*/ - clear: both; - font-size: 8pt; - padding-top: 35px; -} -#splashpage #mainfooter .disclaimer{ - /*width: 80%;*/ - margin: auto; -} -#splashpage #mainfooter .logos{ - margin: 15px 0 0 0; -} - - - - - - -table.infoBox { width: 100%; } -td.infoBox { font-size: 8pt; padding: 0 0 1em 0; white-space: nowrap; } -div.infoBoxTitle { font-size: 10pt; font-weight: bold; } -div.infoBoxBadProcStatus { font-size: 8pt; font-weight: bold; color: red; } - -.linkBox { font-size: 8pt; padding: 1; } -table.linkBox td { white-space: nowrap; } - -.filter { font-size: 8pt; padding: 1; } -.filterTitle { font-size: 9pt; font-weight: bold; } -.filterName { font-size: 8pt; text-align: right; font-weight: bold; } -.filterValue { font-size: 8pt; } - -.errorDescription { font-size: 10pt; text-align: center; font-weight: bold; } -.errorMessage { font-size: 10pt; text-align: center; font-weight: bold; color: red; } -.warningMessage { font-size: 10pt; text-align: center; font-weight: bold; color: red; } - -.statusTitle { text-align: center; font-weight: bold; font-size: 12pt; white-space: nowrap; } -.statusSort { font-size: 8pt; } - -table.data { padding: 0; } -th.data { font-size: 9pt; text-align: left; padding: 0 3px 0 3px; border-bottom: 1px solid #777777; color: #333333; } -.dataOdd { font-size: 8pt; background-color: #e7e7e7; padding: 0 4 0 4; } -.dataEven { font-size: 8pt; background-color: #f4f2f2; padding: 0 4 0 4; } -.dataTitle { font-size: 12pt; text-align: center; font-weight: bold; } -.dataSubTitle { font-size: 10pt; text-align: center; font-weight: bold; } - -.optBox { font-size: 9pt; white-space: nowrap; padding: 2 0 0 0; } -.optBoxTitle { font-size: 10pt; font-weight: bold; text-align: center; } -.optBoxRequiredItem { font-size: 9pt; text-align: right; padding: 0 5 0 5; color: red; } -.optBoxItem { font-size: 9pt; text-align: right; padding: 0 5 0 5; } -.optBoxValue { font-size: 9pt; } - -.optionBoxTitle { font-size: 10pt; text-align: center; font-weight: bold; } -.optionBox { font-size: 10pt; padding: 2; } - -.navBoxTitle { font-size: 10pt; font-weight: bold; white-space: nowrap; } -.navBoxItem { font-size: 8pt; } -.navBoxDate { font-size: 8pt; white-space: nowrap; } -.navBoxFile { font-size: 8pt; text-align: center; } - -.helpfulHint { font-size: 8pt; font-style: italic; text-align: center; } - -.logEntries { font-size: 8pt; white-space: nowrap; } - -.dateTimeBreak { font-size: 9pt; font-weight: bold; } - -.reportRange { font-size: 10pt; white-space: nowrap; } -.reportDuration { font-size: 8pt; white-space: nowrap; } -.reportTime { font-size: 8pt; white-space: nowrap; text-align: right; font-style: italic; } - -.reportSelectTitle { font-size: 12pt; text-align: center; font-weight: bold; } -.reportSelectSubTitle { font-size: 9pt; text-align: right; } -.reportSelectItem { font-size: 9pt; } -.reportSelectTip { font-size: 8pt; font-style: italic; } - -.dateSelectTitle { font-size: 12pt; text-align: center; font-weight: bold; } -.dateSelectSubTitle { font-size: 9pt; text-align: right; } -.dateSelectItem { font-size: 9pt; } - -.popupText { font-size: 8pt; background-color: #eeeeaa; border: 1px solid #777777; padding: 10 10 10 10; } - -.hostImportantProblem { font-size: 8pt; background-color: #88aadd; border: 1px solid #aaaaaa; padding: 0 5 0 5; } -.hostUnimportantProblem { font-size: 8pt; background-color: #aaccff; border: 1px solid #888888; padding: 0 5 0 5; } - -.serviceImportantProblem { font-size: 8pt; background-color: #88aadd; border: 1px solid #aaaaaa; padding: 0 5 0 5; } -.serviceUnimportantProblem { font-size: 8pt; background-color: #aaccff; border: 1px solid #888888; padding: 0 5 0 5; } - -.outageImportantProblem { font-size: 8pt; background-color: #88aadd; border: 1px solid #aaaaaa; padding: 0 5 0 5; } -.outageUnimportantProblem { font-size: 8pt; background-color: #aaccff; border: 1px solid #888888; padding: 0 5 0 5; } - - -/* Some nagios configurations have side.html rather than side.php and define */ -/* a slightly different set of nav elements. */ -.NavBarTitle { - font-size: 9pt; - font-weight: bold; - margin: 5px 0 10px 0; - padding: 2px; - background-color: #efefef; - border:v1px solid #dddddd; -} - -.NavBarItem { - font-size: 9pt; - font-weight: bold; - list-style: none; - text-decoration: none; - margin: 0; - padding: 0 0 0 0; -} - -.NavBarSearchItem { - font-size: 9pt; -} - - - -#splashboxes { - /*border: 1px solid blue;*/ - margin: auto; - width: 90%; - } -.splashbox{ - padding: 5px; - margin: 5px 5px 5px; - border: 1px solid #AAAAAA; - float: left; - text-align: left; - height: 140px; - } -.splashbox h2{ - margin: 0px; - font-size: 12pt; - } -.splashbox ul{ - margin: 0; - padding: 5px 5px 5px 15px; - } -.splashbox ul li{ - clear: both; - } -#splashbox1 { - width: 250px; - } -#splashbox2 { - width: 500px; - } -#splashbox3 { - width: 250px; - clear: both; - } -#splashbox4 { - width: 500px; - } \ No newline at end of file diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/config.css b/openshift-v3/templates/nagios/nagios3/stylesheets/config.css deleted file mode 100644 index 558d4faa5..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/config.css +++ /dev/null @@ -1,11 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.config { } - -.reportSelectSubTitle { font-size: 9pt; text-align: left; } -.reportSelectItem { font-size: 9pt; } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/extinfo.css b/openshift-v3/templates/nagios/nagios3/stylesheets/extinfo.css deleted file mode 100644 index 4c81320b4..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/extinfo.css +++ /dev/null @@ -1,84 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.extinfo { } - -.perfTypeTitle { font-size: 10pt; text-align: right; font-weight: bold; } - -.stateInfoPanel { font-size: 9pt; } -.stateStatisticsPanel { } -.stateInfoTable1 { background-color: #f4f2f2; border: 1px solid #d0d0d0; } -.stateInfoTable2 { background-color: #f4f2f2; border: 1px solid #d0d0d0; } - -.dataVar { font-size: 9pt; font-weight: bold; } -.dataVal { font-size: 9pt; } - -/* FIXME: override the defaults until php/html is fixed */ -/* .data { font-size: 10pt; font-weight: bold; } */ -div.data { font-size: 10pt; font-weight: normal; } -.dataTitle { font-size: 10pt; font-weight: bold; padding-bottom: 5; } - -.commandTitle { font-size: 10pt; text-align: center; font-weight: bold; padding-bottom: 5; } -TABLE.command { background-color: #f4f2f2; border: 1px solid #d0d0d0; } -.command { font-size: 9pt; } -.commandPanel { } -.commentPanel { } - -.commentTitle { font-size: 10pt; text-align: center; font-weight: bold; } -DIV.commentNav { font-size: 10pt; text-align: center; } -A.commentNav { font-size: 10pt; } - -TABLE.comment { font-size: 10pt; background-color: white; padding: 2; } -TH.comment { font-size: 9pt; text-align: left; padding: 0 3px 0 3px; border-bottom: 1px solid #777777; color: #333333; } -.commentOdd { font-size: 9pt; background-color: #e7e7e7; } -.commentEven { font-size: 9pt; background-color: #f4f2f2; } -DIV.comment,A.comment { font-size: 10pt; background-color: white; text-align: center; } - -.downtimeTitle { font-size: 12pt; text-align: center; font-weight: bold; } -DIV.downtimeNav { font-size: 10pt; text-align: center; } -A.downtimeNav { font-size: 10pt; } - -TABLE.downtime { font-size: 10pt; background-color: white; padding: 2; } -TH.downtime { font-size: 9pt; text-align: left; padding: 0 3px 0 3px; border-bottom: 1px solid #777777; color: #333333; } -.downtimeOdd { font-size: 9pt; background-color: #e7e7e7; } -.downtimeEven { font-size: 9pt; background-color: #f4f2f2; } - -.notflapping { background-color: #88d066; border: 1px solid #777777; font-weight: bold; float: left; } -.flapping { background-color: #f88888; border: 1px solid #777777; font-weight: bold; float: left; } -.notificationsENABLED { background-color: #88d066; border: 1px solid #777777; font-weight: bold; } -.notificationsDISABLED { background-color: #f88888; border: 1px solid #777777; font-weight: bold; } -.checksENABLED { background-color: #88d066; border: 1px solid #777777; font-weight: bold; } -.checksDISABLED { background-color: #f88888; border: 1px solid #777777; font-weight: bold; } -.eventhandlersENABLED { background-color: #88d066; border: 1px solid #777777; font-weight: bold; } -.eventhandlersDISABLED { background-color: #f88888; border: 1px solid #777777; font-weight: bold; } -.flapdetectionENABLED { background-color: #88d066; border: 1px solid #777777; font-weight: bold; } -.flapdetectionDISABLED { background-color: #f88888; border: 1px solid #777777; font-weight: bold; } -.downtimeACTIVE { background-color: #f88888; border: 1px solid #777777; font-weight: bold; float: left; } -.downtimeINACTIVE { background-color: #88d066; border: 1px solid #777777; font-weight: bold; float: left; } -.processOK { background-color: #88d066; border: 1px solid #777777; font-weight: bold; } -.processUNKNOWN { background-color: #ffbb55; border: 1px solid #777777; font-weight: bold; } -.processWARNING { background-color: #ffff00; border: 1px solid #777777; font-weight: bold; } -.processCRITICAL { background-color: #f88888; border: 1px solid #777777; font-weight: bold; } -.modeACTIVE { background-color: #88d066; border: 1px solid #777777; font-weight: bold; } -.modeSTANDBY { background-color: #ffff00; border: 1px solid #777777; font-weight: bold; } - -.hostUP { background-color: #88d066; border: 1px solid #777777; font-weight: bold; float: left; } -.hostDOWN { background-color: #f88888; border: 1px solid #777777; font-weight: bold; float: left; } -.hostUNREACHABLE { background-color: #f88888; border: 1px solid #777777; font-weight: bold; float: left; } - -.serviceOK { background-color: #88d066; border: 1px solid #777777; font-weight: bold; float: left; } -.serviceWARNING { background-color: #ffff00; border: 1px solid #777777; font-weight: bold; float: left; } -.serviceUNKNOWN { background-color: #ffbb55; border: 1px solid #777777; font-weight: bold; float: left; } -.serviceCRITICAL { background-color: #f88888; border: 1px solid #777777; font-weight: bold; float: left; } - -.queueTitle { font-size: 12pt; text-align: center; font-weight: bold; } -TABLE.queue { font-size: 9pt; padding: 0; } -TH.queue { font-size: 9pt; text-align: left; padding: 0 3px 0 3px; border-bottom: 1px solid #777777; color: #333333; } -.queueOdd { font-size: 9pt; background-color: #e7e7e7; padding: 0 4 0 4; } -.queueEven { font-size: 9pt; background-color: #f4f2f2; padding: 0 4 0 4; } -.queueENABLED { font-size: 9pt; background-color: #88d066; border: 1px solid #777777; padding: 0 4 0 4; } -.queueDISABLED { font-size: 9pt; background-color: #f88888; border: 1px solid #777777; padding: 0 4 0 4; } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/histogram.css b/openshift-v3/templates/nagios/nagios3/stylesheets/histogram.css deleted file mode 100644 index 9b147f6bd..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/histogram.css +++ /dev/null @@ -1,10 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.histogram { } - -.helpfulHints { font-size: 10pt; font-style: italic; text-align: center; } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/history.css b/openshift-v3/templates/nagios/nagios3/stylesheets/history.css deleted file mode 100644 index ed8dba30f..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/history.css +++ /dev/null @@ -1,8 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.history { } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/ministatus.css b/openshift-v3/templates/nagios/nagios3/stylesheets/ministatus.css deleted file mode 100644 index 040c8ac4a..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/ministatus.css +++ /dev/null @@ -1,64 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.status { } - -TABLE.status { font-size: 9pt; padding: 2; } -TH.status { font-size: 9pt; text-align: left; padding: 0 3px 0 3px; border-bottom: 1px solid #777777; color: #333333; } -DIV.status { font-size: 10pt; text-align: center; } -.statusOdd { font-size: 9pt; background-color: #e7e7e7; } -.statusEven { font-size: 9pt; background-color: #f4f2f2; } - -.statusPENDING { font-size: 9pt; background-color: #acacac; } -.statusOK { font-size: 9pt; background-color: #88d066; } -.statusRECOVERY { font-size: 9pt; background-color: #88d066; } -.statusUNKNOWN { font-size: 9pt; background-color: #ffbb55; } -.statusWARNING { font-size: 9pt; background-color: #ffff00; } -.statusCRITICAL { font-size: 9pt; background-color: #f88888; } - -.statusHOSTPENDING { font-size: 9pt; background-color: #acacac; } -.statusHOSTUP { font-size: 9pt; background-color: #88d066; } -.statusHOSTDOWN { font-size: 9pt; background-color: #f88888; } -.statusHOSTUNREACHABLE { font-size: 9pt; background-color: #ffbb55; } - -.statusBGUNKNOWN { font-size: 9pt; background-color: #ffddaa; } -.statusBGWARNING { font-size: 9pt; background-color: #feffc1; } -.statusBGCRITICAL { font-size: 9pt; background-color: #ffdddd; } -.statusBGDOWN { font-size: 9pt; background-color: #ffdddd; } -.statusBGUNREACHABLE { font-size: 9pt; background-color: #ffbb55; } - -DIV.serviceTotals { font-size: 10pt; text-align: center; font-weight: bold; } -TABLE.serviceTotals { font-size: 10pt; font-weight: bold; } -TH.serviceTotals,A.serviceTotals { font-size: 9pt; } -TD.serviceTotals { font-size: 9pt; text-align: center; background-color: #e0e0e0; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsOK { font-size: 9pt; text-align: center; background-color: #88d066; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsWARNING { font-size: 9pt; text-align: center; background-color: #ffff00; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsUNKNOWN { font-size: 9pt; text-align: center; background-color: #ffbb55; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsCRITICAL { font-size: 9pt; text-align: center; background-color: #f88888; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsPENDING { font-size: 9pt; text-align: center; background-color: #acacac; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsPROBLEMS { font-size: 9pt; text-align: center; background-color: #aaccff; border: 1px solid #777777; padding: 2 4 2 4; } - - -DIV.hostTotals { font-size: 10pt; text-align: center; font-weight: bold; } -TABLE.hostTotals { font-size: 10pt; font-weight: bold; } -TH.hostTotals,A.hostTotals { font-size: 9pt; } -TD.hostTotals { font-size: 9pt; text-align: center; background-color: #e4e4e4; } -.hostTotalsUP { font-size: 9pt; text-align: center; background-color: #88d066; } -.hostTotalsDOWN { font-size: 9pt; text-align: center; background-color: #f88888; } -.hostTotalsUNREACHABLE { font-size: 9pt; text-align: center; background-color: #ffbb55; } -.hostTotalsPENDING { font-size: 9pt; text-align: center; background-color: #acacac; } -.hostTotalsPROBLEMS { font-size: 9pt; text-align: center; background-color: #aaccff; } - -.miniStatusPENDING { font-size: 9pt; background-color: #acacac; text-align: center; } -.miniStatusOK { font-size: 9pt; background-color: #66ffee; text-align: center; } -.miniStatusUNKNOWN { font-size: 9pt; background-color: #ffbb55; text-align: center; } -.miniStatusWARNING { font-size: 9pt; background-color: #ffff00; text-align: center; } -.miniStatusCRITICAL { font-size: 9pt; background-color: #f88888; text-align: center; } - -.miniStatusUP { font-size: 9pt; background-color: #66ffee; text-align: center; } -.miniStatusDOWN { font-size: 9pt; background-color: #f88888; text-align: center; } -.miniStatusUNREACHABLE { font-size: 9pt; background-color: #ffbb55; text-align: center; } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/notifications.css b/openshift-v3/templates/nagios/nagios3/stylesheets/notifications.css deleted file mode 100644 index 113802510..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/notifications.css +++ /dev/null @@ -1,29 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.notifications { } - -TABLE.notifications { padding: 0; margin: 0; } -TH.notifications { font-size: 9pt; text-align: left; padding: 0 3px 0 3px; border-bottom: 1px solid #777777; color: #333333; } -.notificationsOdd { font-size: 8pt; background-color: #e7e7e7; padding: 0 4 0 4; } -.notificationsEven { font-size: 8pt; background-color: #f4f2f2; padding: 0 4 0 4; } - -/* these are dark colors */ -.notificationsOK { background-color: #88d066; border: 1px solid #777777; padding: 0 4 0 4; } -.notificationsUNKNOWN { background-color: #ffbb55; border: 1px solid #777777; padding: 0 4 0 4; } -.notificationsWARNING { background-color: #ffff00; border: 1px solid #777777; padding: 0 4 0 4; } -.notificationsCRITICAL { background-color: #f88888; border: 1px solid #777777; padding: 0 4 0 4; } -.notificationsACKNOWLEDGEMENT { background-color: #aaaaaa; border: 1px solid #777777; padding: 0 4 0 4; } -.notificationsCUSTOM { background-color: #778899; border: 1px solid #777777; padding: 0 4 0 4; } - -/* these are dark colors */ -.notificationsHOSTUP { background-color: #88d066; border: 1px solid #777777; padding: 0 4 0 4; } -.notificationsHOSTDOWN { background-color: #f88888; border: 1px solid #777777; padding: 0 4 0 4; } -.notificationsHOSTUNREACHABLE { background-color: #ffbb55; border: 1px solid #777777; padding: 0 4 0 4; } -.notificationsHOSTACKNOWLEDGEMENT { background-color: #aaaaaa; border: 1px solid #777777; padding: 0 4 0 4; } -.notificationsHOSTCUSTOM { background-color: #778899; border: 1px solid #777777; padding: 0 4 0 4; } - diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/outages.css b/openshift-v3/templates/nagios/nagios3/stylesheets/outages.css deleted file mode 100644 index 10db27d43..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/outages.css +++ /dev/null @@ -1,15 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.outages { } - -.itemTotalsTitle { font-size: 8pt; text-align: center; } - -.hostUP { background-color: #88d066; font-weight: bold; } -.hostDOWN { background-color: #f88888; font-weight: bold; } -.hostUNREACHABLE { background-color: #ffbb55; font-weight: bold; } - diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/showlog.css b/openshift-v3/templates/nagios/nagios3/stylesheets/showlog.css deleted file mode 100644 index ccbd242ed..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/showlog.css +++ /dev/null @@ -1,8 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.showlog { } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/status.css b/openshift-v3/templates/nagios/nagios3/stylesheets/status.css deleted file mode 100644 index 51f1e4827..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/status.css +++ /dev/null @@ -1,88 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.status { } - -.itemTotalsTitle { font-size: 8pt; font-style: italic; clear:both;} - -table.status { font-size: 9pt; padding: 0 0 10 0; } -th.status { font-size: 9pt; text-align: left; padding: 0 3px 0 3px; border-bottom: 1px solid #777777; color: #333333; } -div.status { font-size: 10pt; text-align: center; } -.statusOdd { font-size: 8pt; background-color: #e7e7e7; line-height: 150%; padding: 0 4 0 4; } -.statusEven { font-size: 8pt; background-color: #f4f2f2; line-height: 150%; padding: 0 4 0 4; } - -.statusPENDING { font-size: 8pt; background-color: #acacac; border: 1px solid #777777; padding: 0 5 0 5; } -.statusOK { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; padding: 0 5 0 5; } -.statusRECOVERY { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; padding: 0 5 0 5; } -.statusUNKNOWN { font-size: 8pt; background-color: #ffbb55; border: 1px solid #777777; padding: 0 5 0 5; } -.statusWARNING { font-size: 8pt; background-color: #ffff00; border: 1px solid #777777; padding: 0 5 0 5; } -.statusCRITICAL { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; padding: 0 5 0 5; } - -.statusHOSTPENDING { font-size: 8pt; background-color: #acacac; line-height: 150%; padding: 0 4 0 4; } -.statusHOSTUP { font-size: 8pt; background-color: #cce8cc; line-height: 150%; padding: 0 4 0 4; } -.statusHOSTDOWN { font-size: 8pt; background-color: #ffdddd; line-height: 150%; padding: 0 4 0 4; } -.statusHOSTDOWNACK { font-size: 8pt; background-color: #ffdddd; line-height: 150%; padding: 0 4 0 4; } -.statusHOSTDOWNSCHED { font-size: 8pt; background-color: #ffdddd; line-height: 150%; padding: 0 4 0 4; } -.statusHOSTUNREACHABLE { font-size: 8pt; background-color: #ffddaa; line-height: 150%; padding: 0 4 0 4; } -.statusHOSTUNREACHABLEACK { font-size: 8pt; background-color: #ffddaa; line-height: 150%; padding: 0 4 0 4; } -.statusHOSTUNREACHABLESCHED { font-size: 8pt; background-color: #ffddaa; line-height: 150%; padding: 0 4 0 4; } - -.statusBGUNKNOWN { font-size: 8pt; background-color: #ffddaa; } -.statusBGUNKNOWNACK { font-size: 8pt; background-color: #ffddaa; } -.statusBGUNKNOWNSCHED { font-size: 8pt; background-color: #ffddaa; } -.statusBGWARNING { font-size: 8pt; background-color: #feffc1; } -.statusBGWARNINGACK { font-size: 8pt; background-color: #feffc1; } -.statusBGWARNINGSCHED { font-size: 8pt; background-color: #feffc1; } -.statusBGCRITICAL { font-size: 8pt; background-color: #ffdddd; } -.statusBGCRITICALACK { font-size: 8pt; background-color: #ffdddd; } -.statusBGCRITICALSCHED { font-size: 8pt; background-color: #ffdddd; } -.statusBGDOWN { font-size: 8pt; background-color: #ffdddd; } -.statusBGDOWNACK { font-size: 8pt; background-color: #ffdddd; } -.statusBGDOWNSCHED { font-size: 8pt; background-color: #ffdddd; } -.statusBGUNREACHABLE { font-size: 8pt; background-color: #ffddaa; } -.statusBGUNREACHABLEACK { font-size: 8pt; background-color: #ffddaa; } -.statusBGUNREACHABLESCHED { font-size: 8pt; background-color: #ffddaa; } - -div.serviceTotals { font-size: 10pt; text-align: center; font-weight: bold; } -table.serviceTotals { font-size: 10pt; font-weight: bold; } -th.serviceTotals,a.serviceTotals { font-size: 8pt; } -td.serviceTotals { font-size: 8pt; text-align: center; background-color: #e0e0e0; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsOK { font-size: 8pt; text-align: center; background-color: #88d066; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsWARNING { font-size: 8pt; text-align: center; background-color: #ffff00; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsUNKNOWN { font-size: 8pt; text-align: center; background-color: #ffbb55; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsCRITICAL { font-size: 8pt; text-align: center; background-color: #f88888; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsPENDING { font-size: 8pt; text-align: center; background-color: #acacac; border: 1px solid #777777; padding: 2 4 2 4; } -.serviceTotalsPROBLEMS { font-size: 8pt; text-align: center; background-color: #aaccff; border: 1px solid #777777; padding: 2 4 2 4; } - -div.hostTotals { font-size: 10pt; text-align: center; font-weight: bold; } -table.hostTotals { font-size: 10pt; font-weight: bold; } -th.hostTotals,a.hostTotals { font-size: 8pt; } -td.hostTotals { font-size: 8pt; text-align: center; background-color: #e0e0e0; border: 1px solid #777777; padding: 2 4 2 4; } -.hostTotalsUP { font-size: 8pt; text-align: center; background-color: #88d066; border: 1px solid #777777; padding: 2 4 2 4; } -.hostTotalsDOWN { font-size: 8pt; text-align: center; background-color: #f88888; border: 1px solid #777777; padding: 2 4 2 4; } -.hostTotalsUNREACHABLE { font-size: 8pt; text-align: center; background-color: #ffbb55; border: 1px solid #777777; padding: 2 4 2 4; } -.hostTotalsPENDING { font-size: 8pt; text-align: center; background-color: #acacac; border: 1px solid #777777; padding: 2 4 2 4; } -.hostTotalsPROBLEMS { font-size: 8pt; text-align: center; background-color: #aaccff; border: 1px solid #777777; padding: 2 4 2 4; } - -.miniStatusPENDING { font-size: 8pt; text-align: center; background-color: #acacac; border: 1px solid #777777; padding: 0 5 0 5; } -.miniStatusOK { font-size: 8pt; text-align: center; background-color: #88d066; border: 1px solid #777777; padding: 0 5 0 5; } -.miniStatusUNKNOWN { font-size: 8pt; text-align: center; background-color: #ffbb55; border: 1px solid #777777; padding: 0 5 0 5; } -.miniStatusWARNING { font-size: 8pt; text-align: center; background-color: #ffff00; border: 1px solid #777777; padding: 0 5 0 5; } -.miniStatusCRITICAL { font-size: 8pt; text-align: center; background-color: #f88888; border: 1px solid #777777; padding: 0 5 0 5; } - -.miniStatusUP { font-size: 8pt; text-align: center; background-color: #88d066; border: 1px solid #777777; padding: 0 5 0 5; } -.miniStatusDOWN { font-size: 8pt; text-align: center; background-color: #f88888; border: 1px solid #777777; padding: 0 5 0 5; } -.miniStatusUNREACHABLE { font-size: 8pt; text-align: center; background-color: #ffbb55; border: 1px solid #777777; padding: 0 5 0 5; } - -/* page number styles, added 2/01/2012 -MG */ -#top_page_numbers { float:right;} -#result_limit { display:inline;} -.pagenumber { display: block; float:left; border: 1px solid #AAAAAA; padding: 0 2px 0 2px; margin: 1px;text-align:center; height:15px; } -a.pagenumber:hover { background-color: #EFEFEF;text-decoration:none;} -.current_page { color: #AAA; } -#inner_numbers { clear:right;} -#pagelimit,#bottom_page_numbers { font-size:8pt;} diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/statusmap.css b/openshift-v3/templates/nagios/nagios3/stylesheets/statusmap.css deleted file mode 100644 index d41888f76..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/statusmap.css +++ /dev/null @@ -1,14 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.statusmap { } - -.imageInfo { font-size: 8pt; font-weight: bold; text-align: center; } - -.zoomTitle { font-size: 8pt; font-weight: bold; } - -.popupText { font-size: 8pt; background-color: #eeeeaa; border: 1px solid #777777; padding: 0 5 0 5; } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/summary.css b/openshift-v3/templates/nagios/nagios3/stylesheets/summary.css deleted file mode 100644 index f6a9f3236..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/summary.css +++ /dev/null @@ -1,30 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.summary { } - -/* override to match filter table style */ -.optBoxItem { font-size: 8pt; font-weight: bold; } -.optBoxValue { font-size: 8pt; } - -/* override to match query info style */ -.dataSubTitle { font-size: 8pt; text-align: center; font-weight: normal; } - -/* override so we get a bit of whitespace */ -table.data { padding-top: 15; } - -.reportDataOdd { font-size: 9pt; background-color: #e7e7e7; padding: 0 4 0 4; } -.reportDataEven { font-size: 9pt; background-color: #f4f2f2; padding: 0 4 0 4; } - -.hostUP { font-size: 9pt; background-color: #88d066; border: 1px solid #777777; padding: 0 4 0 4; } -.hostDOWN { font-size: 9pt; background-color: #f88888; border: 1px solid #777777; padding: 0 4 0 4; } -.hostUNREACHABLE { font-size: 9pt; background-color: #ffbb55; border: 1px solid #777777; padding: 0 4 0 4; } - -.serviceOK { font-size: 9pt; background-color: #88d066; border: 1px solid #777777; padding: 0 4 0 4; } -.serviceWARNING { font-size: 9pt; background-color: #ffff00; border: 1px solid #777777; padding: 0 4 0 4; } -.serviceUNKNOWN { font-size: 9pt; background-color: #ffbb55; border: 1px solid #777777; padding: 0 4 0 4; } -.serviceCRITICAL { font-size: 9pt; background-color: #f88888; border: 1px solid #777777; padding: 0 4 0 4; } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/tac.css b/openshift-v3/templates/nagios/nagios3/stylesheets/tac.css deleted file mode 100644 index a5ed1e54a..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/tac.css +++ /dev/null @@ -1,75 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.tac { font-size: 10pt; } - -.title { font-weight: bold; } -.titleItem { font-size: 8pt; font-weight: bold; } - -td.perfTitle { font-size: 10pt; font-weight: bold; background-color: #d0d0d0; border: 1px solid #aaaaaa; } -.perfBox { background-color: #eeeeee; border: 1px solid #cccccc; } -.perfItem { font-size: 8pt; font-weight: bold; } -.perfValue { font-size: 8pt; } - -.healthTitle { font-weight: bold; font-size: 10pt; background-color: #d0d0d0; border: 1px solid #aaaaaa; } -.healthBox { } -.healthItem { font-size: 10pt; font-weight: bold; } -.healthBar { background-color: grey; padding: 2 4 2 4; } - -.outageTitle { font-weight: bold; background-color: #d0d0d0; border: 1px solid #aaaaaa; } -.outageHeader { font-weight: bold; border-bottom: 1px solid #aaaaaa; } - -.hostTitle { font-weight: bold; background-color: #d0d0d0; border: 1px solid #aaaaaa; } -td.hostHeader { font-weight: bold; border-bottom: 1px solid #aaaaaa; } - -.serviceTitle { font-weight: bold; background-color: #d0d0d0; border: 1px solid #aaaaaa; } -td.serviceHeader { font-weight: bold; border-bottom: 1px solid #aaaaaa; } - -.featureTitle { font-weight: bold; background-color: #d0d0d0; border: 1px solid #aaaaaa; } -td.featureHeader { font-weight: bold; border-bottom: 1px solid #aaaaaa; } - -.featureEnabled { text-align: center; background-color: #ccffcc; } -.featureDisabled { text-align: center; background-color: #ffcccc; } - -.featureEnabledFlapDetection { text-align: center; font-weight: bold; } -.featureDisabledFlapDetection { text-align: center; font-weight: bold; } -.featureItemEnabledServiceFlapDetection { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemDisabledServiceFlapDetection { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } -.featureItemEnabledHostFlapDetection { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemDisabledHostFlapDetection { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } -.featureItemServicesNotFlapping { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemServicesFlapping { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } -.featureItemHostsNotFlapping { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemHostsFlapping { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } - -.featureEnabledNotifications { text-align: center; font-weight: bold; } -.featureDisabledNotifications { text-align: center; font-weight: bold; } -.featureItemEnabledServiceNotifications { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemDisabledServiceNotifications { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } -.featureItemEnabledHostNotifications { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemDisabledHostNotifications { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } - -.featureEnabledHandlers { text-align: center; font-weight: bold; } -.featureDisabledHandlers { text-align: center; font-weight: bold; } -.featureItemEnabledServiceHandlers { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemDisabledServiceHandlers { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } -.featureItemEnabledHostHandlers { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemDisabledHostHandlers { font-size: 8pt; background-color: #f88888; } - -.featureEnabledActiveChecks { text-align: center; font-weight: bold; } -.featureDisabledActiveChecks { text-align: center; font-weight: bold; } -.featureItemEnabledActiveServiceChecks { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemDisabledActiveServiceChecks { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } -.featureItemEnabledActiveHostChecks { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemDisabledActiveHostChecks { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } - -.featureEnabledPassiveChecks { text-align: center; font-weight: bold; } -.featureDisabledPassiveChecks { text-align: center; font-weight: bold; } -.featureItemEnabledPassiveServiceChecks { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemDisabledPassiveServiceChecks { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } -.featureItemEnabledPassiveHostChecks { font-size: 8pt; background-color: #88d066; border: 1px solid #777777; } -.featureItemDisabledPassiveHostChecks { font-size: 8pt; background-color: #f88888; border: 1px solid #777777; } diff --git a/openshift-v3/templates/nagios/nagios3/stylesheets/trends.css b/openshift-v3/templates/nagios/nagios3/stylesheets/trends.css deleted file mode 100644 index 6ca9d8b37..000000000 --- a/openshift-v3/templates/nagios/nagios3/stylesheets/trends.css +++ /dev/null @@ -1,8 +0,0 @@ -/* exfoliation: a nagios makeover */ -/* Copyright 2010 Matthew Wall, all rights reserved */ -/* */ -/* Permission to use, copy, modify, and distribute this software for any */ -/* purpose with or without fee is hereby granted, provided that the above */ -/* copyright notice and this permission notice appear in all copies. */ - -.trends { } diff --git a/openshift-v3/templates/nagios/supervisord/supervisord.conf b/openshift-v3/templates/nagios/supervisord/supervisord.conf deleted file mode 100644 index c3e298d99..000000000 --- a/openshift-v3/templates/nagios/supervisord/supervisord.conf +++ /dev/null @@ -1,21 +0,0 @@ -[supervisord] -logfile = /dev/fd/1 -loglevel = info -logfile_maxbytes = 0 -redirect_stderr=true -nodaemon = true -pidfile=/var/run/supervisord/supervisord.pid - -[program:nagios] -logfile = /dev/fd1 -loglevel = info -logfile_maxbytes = 0 -redirect_stderr = true -command = /usr/sbin/nagios3 /etc/nagios3/nagios.cfg - -[program:apache] -logfile = /dev/fd/1 -loglevel = info -logfile_maxbytes = 0 -redirect_stderr = true -command = /usr/sbin/apachectl -DFOREGROUND \ No newline at end of file diff --git a/openshift-v3/templates/nsp/README.MD b/openshift-v3/templates/nsp/README.MD deleted file mode 100644 index 028fc66c5..000000000 --- a/openshift-v3/templates/nsp/README.MD +++ /dev/null @@ -1,48 +0,0 @@ -### Files included - -* nsp-env.yaml not being used -* nsp-tools.yaml pods-to-external-network, apply it to tools name space only -* quickstart-nsp.yaml apply this to all namespaces -* aporeto-setup.md documentation for aporeto setup, including more specific security policies - -### Apply to name spaces before anything else - -* oc process -f ./nsp-tools.yaml OCP_NAME=pathfinder | oc create -f - -n tbiwaq-tools -* oc process -f ./quickstart-nsp.yaml ENV_NAME=tools OCP_NAME=pathfinder | oc create -f - -n tbiwaq-tools -* oc process -f ./quickstart-nsp.yaml ENV_NAME=dev OCP_NAME=pathfinder | oc create -f - -n tbiwaq-dev -* oc process -f ./quickstart-nsp.yaml ENV_NAME=test OCP_NAME=pathfinder | oc create -f - -n tbiwaq-test -* oc process -f ./quickstart-nsp.yaml ENV_NAME=prod OCP_NAME=pathfinder | oc create -f - -n tbiwaq-prod - -### Add role to users, check if the settings already exist before run the grant - -* tools project - -oc policy add-role-to-user admin system:serviceaccount:tbiwaq-tools:jenkins-prod --namespace=tbiwaq-tools -oc policy add-role-to-user system:image-puller system:serviceaccount:tbiwaq-dev:default --namespace=tbiwaq-tools -oc policy add-role-to-user system:image-puller system:serviceaccount:tbiwaq-dev:builder --namespace=tbiwaq-tools -oc policy add-role-to-user system:image-puller system:serviceaccount:tbiwaq-test:default --namespace=tbiwaq-tools -oc policy add-role-to-user system:image-puller system:serviceaccount:tbiwaq-test:builder --namespace=tbiwaq-tools -oc policy add-role-to-user system:image-puller system:serviceaccount:tbiwaq-prod:default --namespace=tbiwaq-tools -oc policy add-role-to-user system:image-puller system:serviceaccount:tbiwaq-prod:builder --namespace=tbiwaq-tools - - -* dev enviornment - -oc policy add-role-to-user admin system:serviceaccount:tbiwaq-tools:jenkins-prod --namespace=tbiwaq-dev -oc policy add-role-to-user edit system:serviceaccount:tbiwaq-dev:nagios --namespace=tbiwaq-dev -oc policy add-role-to-user system:deployer system:serviceaccount:tbiwaq-dev:deployer --namespace=tbiwaq-dev -oc policy add-role-to-user system:image-builder system:serviceaccount:tbiwaq-dev:builder --namespace=tbiwaq-dev - -* test enviornment - -oc policy add-role-to-user admin system:serviceaccount:tbiwaq-tools:jenkins-prod --namespace=tbiwaq-test -oc policy add-role-to-user edit system:serviceaccount:tbiwaq-test:nagios --namespace=tbiwaq-test -oc policy add-role-to-user system:deployer system:serviceaccount:tbiwaq-test:deployer --namespace=tbiwaq-test -oc policy add-role-to-user system:image-builder system:serviceaccount:tbiwaq-test:builder --namespace=tbiwaq-test - -* prod enviornment - -oc policy add-role-to-user admin system:serviceaccount:tbiwaq-tools:jenkins-prod --namespace=tbiwaq-prod -oc policy add-role-to-user edit system:serviceaccount:tbiwaq-prod:nagios --namespace=tbiwaq-prod -oc policy add-role-to-user system:deployer system:serviceaccount:tbiwaq-prod:deployer --namespace=tbiwaq-prod -oc policy add-role-to-user system:image-builder system:serviceaccount:tbiwaq-prod:builder --namespace=tbiwaq-prod diff --git a/openshift-v3/templates/nsp/aporeto-setup.md b/openshift-v3/templates/nsp/aporeto-setup.md deleted file mode 100644 index 58907d822..000000000 --- a/openshift-v3/templates/nsp/aporeto-setup.md +++ /dev/null @@ -1,111 +0,0 @@ -## 1. Identify Components - -### 1.1 Frontend - -app: zeva -role: frontend -env: {env_name} - -### 1.2 Backend - -app: zeva -role: backend -env: {env_name} - -### 1.3 Patroni - -app: zeva -role: Patroni -env: {env_name} - -### 1.4 Minio - -app: zeva -role: minio -env: {env_name} - -### 1.5 Namspace Internal Network - -int:network - -### 1.6 Interweb - -ext:network=any - -### 1.7 Openshift K8S Cluster API - -int:network=internal-cluster-api-endpoint - -### 1.8 Tools Namspace - -$namspace=tbiwaq-tools - -### 1.9 Environment Namspace - -$namspace=tbiwaq-[environment name] - -### 1.10 KeyCloak - -$namespace=devops-sso-dev -app=sso-dev - -$namespace=devops-sso-test -app=sso-test - -Notes: prod may be not right, could be just devops-sso and sso -$namespace=devops-sso-prod -app=sso-prod - - -## 2. Zeva Aporeto Security Model - -### 2.1 Interweb -> Frontend - -Source: - Interweb -Destination: - Frontend - -### 2.2 Frontend -> Backend - -Source: - Frontend -Destination: - Backend - -### 2.3 Backend -> Patroni - -Source: - Backend -Destination: - Patroni - -### 2.4 Backend -> KeyCloak - -Source: - Backend -Destination: - KeyCloa; - - -### 2.5 Environment Namespace -> Openshift K8S Cluster API - -Source: - Environment Namespace -Destination: - Openshift Kubernets Cluster API - -### 2.6 Tools Namspace -> Openshift K8S Cluster API - -Source: - Tools Namspace -Destination: - Openshift K8S Cluster API - -### 2.7 Tools Namespace -> Interweb - -Source: - Tools Namespace -Destination: - Interweb - diff --git a/openshift-v3/templates/nsp/nsp-env.yaml b/openshift-v3/templates/nsp/nsp-env.yaml deleted file mode 100644 index 32203c021..000000000 --- a/openshift-v3/templates/nsp/nsp-env.yaml +++ /dev/null @@ -1,88 +0,0 @@ ---- -kind: Template -apiVersion: v1 -labels: - template: zeva-nsp -metadata: - name: zeva-nsp - creationTimestamp: -parameters: - - name: ENV_NAME - displayName: Environment Name - description: Environment Name - required: true - - name: OCP_NAME - displayName: Openshift Name - description: Openshift Name - required: true -objects: - - kind: NetworkSecurityPolicy - apiVersion: secops.${OCP_NAME}.gov.bc.ca/v1alpha1 - metadata: - name: custom-interweb-to-frontend - spec: - description: | - Allow frontend to communicate with internet. - source: - - - ext:network=any - destination: - - - app=zeva - - role=frontend - - env=${ENV_NAME} - - kind: NetworkSecurityPolicy - apiVersion: secops.${OCP_NAME}.gov.bc.ca/v1alpha1 - metadata: - name: custom-frontend-to-backend - spec: - description: | - Allow frontend to communicate with backend. - source: - - - app=zeva - - role=frontend - - env=${ENV_NAME} - destination: - - - app=zeva - - role=backend - - env=${ENV_NAME} - - kind: NetworkSecurityPolicy - apiVersion: secops.${OCP_NAME}.gov.bc.ca/v1alpha1 - metadata: - name: custom-backend-to-patroni - spec: - description: | - Allow backend to communicate with patroni. - source: - - - app=zeva - - role=backend - - env=${ENV_NAME} - destination: - - - app=zeva - - role=patroni - - env=${ENV_NAME} - - kind: NetworkSecurityPolicy - apiVersion: secops.${OCP_NAME}.gov.bc.ca/v1alpha1 - metadata: - name: custom-pods-to-ocp-api - spec: - description: | - Allow pods to talk to the internal OCP api so deployments work. - This only needs to be specified once per environment. - Without this policy, pods could have PU Update error when starting container - source: - - - $namespace=tbiwaq-${ENV_NAME} - destination: - - - int:network=internal-cluster-api-endpoint - - kind: NetworkSecurityPolicy - apiVersion: secops.${OCP_NAME}.gov.bc.ca/v1alpha1 - metadata: - name: custom-backend-to-keycloak - spec: - description: | - Allow backend pod to communicate with keycloak - source: - - - app=zeva - - role=backend - - env=${ENV_NAME} - destination: - - - $namespace=devops-sso-${ENV_NAME} - - app=sso-${ENV_NAME} diff --git a/openshift-v3/templates/nsp/nsp-tools.yaml b/openshift-v3/templates/nsp/nsp-tools.yaml deleted file mode 100644 index 5ab4a7c72..000000000 --- a/openshift-v3/templates/nsp/nsp-tools.yaml +++ /dev/null @@ -1,44 +0,0 @@ ---- -kind: Template -apiVersion: v1 -labels: - template: zeva-nsp -metadata: - name: zeva-nsp - creationTimestamp: -parameters: - - name: OCP_NAME - displayName: Openshift Name - description: Openshift Name - required: true -objects: - - kind: NetworkSecurityPolicy - apiVersion: secops.${OCP_NAME}.gov.bc.ca/v1alpha1 - metadata: - name: pods-to-external-network - labels: - name: pods-to-external-network - env: tbiwaq-tools - spec: - description: | - Allow the builds to access the internet. - This only needs to be specified once for tbiwaq-tools project as build only runs in tools project. - source: - - - $namespace=tbiwaq-tools - destination: - - - ext:network=any - - kind: NetworkSecurityPolicy - apiVersion: secops.${OCP_NAME}.gov.bc.ca/v1alpha1 - metadata: - name: pods-to-external-network - labels: - name: pods-to-external-network - env: tbiwaq-tools - spec: - description: | - Allow the builds to access the internet. - This only needs to be specified once for tbiwaq-tools project as build only runs in tools project. - source: - - - $namespace=tbiwaq-tools - destination: - - - int:network=internal-cluster-api-endpoint diff --git a/openshift-v3/templates/nsp/quickstart-nsp.yaml b/openshift-v3/templates/nsp/quickstart-nsp.yaml deleted file mode 100644 index 672d1bfaa..000000000 --- a/openshift-v3/templates/nsp/quickstart-nsp.yaml +++ /dev/null @@ -1,51 +0,0 @@ ---- -kind: Template -apiVersion: v1 -labels: - template: zeva-generic-policy -metadata: - name: zeva-generic-policy - creationTimestamp: -parameters: - - name: ENV_NAME - displayName: Environment Name - description: Environment Name - required: true - - name: OCP_NAME - displayName: Openshift Name - description: Openshift Name - required: true -objects: - - kind: NetworkSecurityPolicy - apiVersion: secops.${OCP_NAME}.gov.bc.ca/v1alpha1 - metadata: - name: egress-internet - spec: - description: | - allow the tbiwaq-${ENV_NAME} namespace to talk to the internet. - source: - - - $namespace=tbiwaq-${ENV_NAME} - destination: - - - ext:network=any - - kind: NetworkSecurityPolicy - apiVersion: secops.${OCP_NAME}.gov.bc.ca/v1alpha1 - metadata: - name: intra-namespace-comms - spec: - description: | - allow the tbiwaq-${ENV_NAME} namespace to talk to itself - source: - - - $namespace=tbiwaq-${ENV_NAME} - destination: - - - $namespace=tbiwaq-${ENV_NAME} - - kind: NetworkSecurityPolicy - apiVersion: secops.${OCP_NAME}.gov.bc.ca/v1alpha1 - metadata: - name: int-cluster-k8s-api-comms - spec: - description: | - allow tbiwaq-${ENV_NAME} pods to talk to the k8s api - destination: - - - int:network=internal-cluster-api-endpoint - source: - - - $namespace=tbiwaq-${ENV_NAME} \ No newline at end of file diff --git a/openshift-v3/templates/patroni/.pipeline/build.js b/openshift-v3/templates/patroni/.pipeline/build.js deleted file mode 100755 index 4df964f0b..000000000 --- a/openshift-v3/templates/patroni/.pipeline/build.js +++ /dev/null @@ -1,5 +0,0 @@ -'use strict'; -const build = require('./lib/build.js') -const phases = require('./lib/config.js') - -build({phases:phases}) \ No newline at end of file diff --git a/openshift-v3/templates/patroni/.pipeline/clean.js b/openshift-v3/templates/patroni/.pipeline/clean.js deleted file mode 100755 index f88e35923..000000000 --- a/openshift-v3/templates/patroni/.pipeline/clean.js +++ /dev/null @@ -1,4 +0,0 @@ -'use strict'; -const build = require('./lib/clean.js') - -build() \ No newline at end of file diff --git a/openshift-v3/templates/patroni/.pipeline/deploy.js b/openshift-v3/templates/patroni/.pipeline/deploy.js deleted file mode 100755 index a2d1f0da1..000000000 --- a/openshift-v3/templates/patroni/.pipeline/deploy.js +++ /dev/null @@ -1,6 +0,0 @@ -'use strict'; -const phases = require('./lib/config.js') -const deploy = require('./lib/deploy.js') -const options= require('pipeline-cli').Util.parseArguments() - -deploy({phases:phases, options:options}) diff --git a/openshift-v3/templates/patroni/.pipeline/lib/build.js b/openshift-v3/templates/patroni/.pipeline/lib/build.js deleted file mode 100755 index 59ddc3436..000000000 --- a/openshift-v3/templates/patroni/.pipeline/lib/build.js +++ /dev/null @@ -1,25 +0,0 @@ -'use strict'; -const {OpenShiftClientX} = require('pipeline-cli') -const path = require('path'); - -module.exports = (settings)=>{ - const phases=settings.phases - const oc=new OpenShiftClientX({'namespace':phases.build.namespace}); - const phase='build' - var objects = [] - var git_http_url = oc.git.http_url - //git_http_url = 'https://github.com/BCDevOps/platform-services.git' - - objects = objects.concat(oc.processDeploymentTemplate(oc.toFileUrl(path.resolve(__dirname, '../../openshift/build.yaml')), { - 'param':{ - 'NAME': phases[phase].name, - 'SUFFIX': phases[phase].suffix, - 'VERSION': phases[phase].tag, - 'GIT_URI': git_http_url, - 'GIT_REF': oc.git.ref - } - })) - - oc.applyRecommendedLabels(objects, phases[phase].name, phase, phases[phase].changeId, phases[phase].instance) - oc.applyAndBuild(objects) -} \ No newline at end of file diff --git a/openshift-v3/templates/patroni/.pipeline/lib/clean.js b/openshift-v3/templates/patroni/.pipeline/lib/clean.js deleted file mode 100755 index 0e0f74f12..000000000 --- a/openshift-v3/templates/patroni/.pipeline/lib/clean.js +++ /dev/null @@ -1,22 +0,0 @@ -'use strict'; -const {OpenShiftClientX} = require('pipeline-cli') -const phases = require('./config') -const options= require('pipeline-cli').Util.parseArguments() - -module.exports = (settings)=>{ - const oc=new OpenShiftClientX({'namespace':phases.build.namespace}); - const target_phase=options.env - - //console.log(`target_phase=${target_phase}`) - - for (var k in phases){ - if (phases.hasOwnProperty(k) && k != 'prod') { - const phase=phases[k] - if (k == target_phase){ - //console.log(`phase=${phase}`) - oc.raw('delete', ['all'], {selector:`app-name=${phase.name},env-id=${phase.changeId},env-name!=prod,!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, namespace:phase.namespace}) - oc.raw('delete', ['pvc,Secret,configmap,endpoints,RoleBinding,role,ServiceAccount,Endpoints'], {selector:`app-name=${phase.name},env-id=${phase.changeId},env-name!=prod,!shared,github-repo=${oc.git.repository},github-owner=${oc.git.owner}`, namespace:phase.namespace}) - } - } - } -} \ No newline at end of file diff --git a/openshift-v3/templates/patroni/.pipeline/lib/config.js b/openshift-v3/templates/patroni/.pipeline/lib/config.js deleted file mode 100644 index 020029fdf..000000000 --- a/openshift-v3/templates/patroni/.pipeline/lib/config.js +++ /dev/null @@ -1,13 +0,0 @@ -'use strict'; -const options= require('pipeline-cli').Util.parseArguments() -const changeId = options.pr //aka pull-request -const version = '10' -const name = 'patroni' - -const phases = { - build: {namespace:'bcgov-tools' , name: `${name}`, phase: 'build', changeId:changeId, suffix: `-build-${changeId}`, instance: `${name}-build-${changeId}`, tag:`v${version}-${changeId}`}, - test: {namespace:`bcgov`, name: `${name}`, phase: 'test' , changeId:changeId, suffix: '-test' , instance: `${name}-test` , tag:`v${version}-latest`}, - prod: {namespace:`bcgov`, name: `${name}`, phase: 'prod' , changeId:changeId, suffix: '' , instance: `${name}-prod` , tag:`v${version}-stable`} -} - -module.exports = exports = phases diff --git a/openshift-v3/templates/patroni/.pipeline/lib/deploy.js b/openshift-v3/templates/patroni/.pipeline/lib/deploy.js deleted file mode 100755 index 6e0131e7f..000000000 --- a/openshift-v3/templates/patroni/.pipeline/lib/deploy.js +++ /dev/null @@ -1,12 +0,0 @@ -'use strict'; -const {OpenShiftClientX} = require('pipeline-cli') - - -module.exports = (settings)=>{ - const phases=settings.phases - const phase=settings.options.env - const oc=new OpenShiftClientX({'namespace':phases[phase].namespace}); - - oc.tag([`${phases.build.namespace}/${phases.build.name}:${phases.build.tag}`, `${phases[phase].namespace}/${phases[phase].name}:${phases[phase].tag}`]) - -} \ No newline at end of file diff --git a/openshift-v3/templates/patroni/.pipeline/npmw b/openshift-v3/templates/patroni/.pipeline/npmw deleted file mode 100755 index e7a80b4c2..000000000 --- a/openshift-v3/templates/patroni/.pipeline/npmw +++ /dev/null @@ -1,4 +0,0 @@ -#!/usr/bin/env sh -set -e - -curl -sSL 'https://raw.githubusercontent.com/BCDevOps/pipeline-cli/v1.0/cli.sh' | bash -s "$@" \ No newline at end of file diff --git a/openshift-v3/templates/patroni/.pipeline/package.json b/openshift-v3/templates/patroni/.pipeline/package.json deleted file mode 100644 index 9d62bc018..000000000 --- a/openshift-v3/templates/patroni/.pipeline/package.json +++ /dev/null @@ -1,27 +0,0 @@ -{ - "name": "pipeline", - "version": "1.0.0", - "description": "This a pipeliene script", - "engines": { - "node": ">=8" - }, - "scripts": { - "build": "node build.js", - "clean": "node clean.js", - "deploy": "node deploy.js", - "test": "mocha", - "version": "echo \"node@$(node --version) ($(which node))\" && echo \"npm@$(npm --version) ($(which npm))\" && npm ls" - }, - "repository": { - "type": "git", - "url": "git+https://github.com/BCDevOps/platform-services.git" - }, - "author": "", - "license": "Apache-2.0", - "dependencies": { - "pipeline-cli": "git+https://github.com/BCDevOps/pipeline-cli.git#v1.0" - }, - "devDependencies": { - "mocha": "^5.2.0" - } -} diff --git a/openshift-v3/templates/patroni/.pipeline/test/e2e.js b/openshift-v3/templates/patroni/.pipeline/test/e2e.js deleted file mode 100644 index 662954204..000000000 --- a/openshift-v3/templates/patroni/.pipeline/test/e2e.js +++ /dev/null @@ -1,173 +0,0 @@ -var assert = require('assert'); -const {OpenShiftClientX} = require('pipeline-cli') -const {spawnSync} = require('child_process'); -const path = require('path'); - -function randomstring(L) { - var s = ''; - var randomchar = function() { - var n = Math.floor(Math.random() * 62); - if (n < 10) return n; //1-10 - if (n < 36) return String.fromCharCode(n + 55); //A-Z - return String.fromCharCode(n + 61); //a-z - } - while (s.length < L) s += randomchar(); - return s; -} - -describe('e2e2', function() { - const namespace='a1b2c3d';//randomstring(6).toLowerCase() - const buildNamespace = `${namespace}-tools`; - const deployNamespace = `${namespace}-tools`; - const oc=new OpenShiftClientX(); - let currentNamespace="" - - before(function() { - currentNamespace=oc.raw('project', ['-q']).stdout - console.log(`currentNamespace=${currentNamespace}`) - }); - - it(`delete project`, function(done) { - this.timeout(20000) - spawnSync('oc', ['delete', `project/${buildNamespace}`], {encoding:'utf8'}) - //oc.raw('delete', [`namespace/${buildNamespace}`]) - //assert.equal([1,2,3].indexOf(4), -1); - setTimeout(function(){done()}, 5000) - }); - - it('create project', function() { - currentNamespace=oc.raw('project', ['-q']).stdout - console.log(`currentNamespace=${currentNamespace}`) - oc.raw('create', ['namespace',buildNamespace]) - oc.raw('label', [`namespace/${buildNamespace}`, 'mocha=e2e', 'name=patroni']) - }); - - it('build', function() { - this.timeout(60000) - const build = require('../lib/build.js'); - const changeId=0; - const _phase={name:'patroni', changeId:0} - const settings={ - phases:{ - build:{ - namespace: buildNamespace, - name:`${_phase.name}`, - suffix:'-build', - tag:`v10-${_phase.changeId}`, - instance: `${_phase.name}-build-${_phase.changeId}` - } - } - } - build(settings) - assert.equal([1,2,3].indexOf(4), -1); - }); - - it('deploy', function() { - this.timeout(60000) - const _phase={name:'patroni', changeId:0} - const settings={ - phases:{ - build:{ - namespace: buildNamespace, - name:`${_phase.name}`, - suffix:'-build', - tag:`v10-${_phase.changeId}`, - instance: `${_phase.name}-build-${_phase.changeId}`, - changeId: _phase.changeId - }, - e2e:{ - namespace: deployNamespace, - name:`${_phase.name}`, - suffix:'-e2e', - tag:`v10-${_phase.changeId}`, - instance: `${_phase.name}-e2e-${_phase.changeId}`, - changeId: _phase.changeId - } - } - } - const phases = settings.phases - const phase = 'e2e' - let objects =[] - - //Switch to Build Namespace - oc.namespace(deployNamespace); - - objects = objects.concat(oc.processDeploymentTemplate(oc.toFileUrl(path.resolve(__dirname, '../../openshift/deployment-prereq.yaml')), { - 'param':{ - 'NAME': `${phases[phase].name}-pgsql`, - 'SUFFIX': phases[phase].suffix, - 'APP_DB_USERNAME': 'rhsso', - 'APP_DB_NAME': 'rhsso' - } - })) - - objects = objects.concat(oc.processDeploymentTemplate(oc.toFileUrl(path.resolve(__dirname, '../../openshift/deployment.yaml')), { - 'param':{ - 'NAME': `${phases[phase].name}-pgsql`, - 'SUFFIX': phases[phase].suffix, - 'INSTANCE': `${phases[phase].name}-pgsql${phases[phase].suffix}`, - 'IMAGE_STREAM_NAMESPACE': phases[phase].namespace, - 'OPENSHIFT_IMAGE_REGISTRY': '172.30.1.1:5000', - 'IMAGE_STREAM_TAG': `patroni:v10-${phases[phase].changeId}` - } - })) - - oc.applyRecommendedLabels(objects, phases[phase].name, phase, `${phases[phase].changeId}`, phases[phase].instance) - - objects.forEach((item)=>{ - if (item.kind == 'StatefulSet' && item.metadata.labels["app.kubernetes.io/name"] === "patroni"){ - oc.copyRecommendedLabels(item.metadata.labels, item.spec.selector.matchLabels) - oc.copyRecommendedLabels(item.metadata.labels, item.spec.template.metadata.labels) - - item.spec.template.spec.containers.forEach((container)=>{ - container.env.forEach((env)=>{ - if (env.name === "PATRONI_KUBERNETES_LABELS"){ - var labels = JSON.parse(env.value) - oc.copyRecommendedLabels(item.metadata.labels, labels) - env.value = JSON.stringify(labels) - } - }) - }) - } - }) - - oc.importImageStreams(objects, phases[phase].tag, phases.build.namespace, phases.build.tag) - oc.applyAndDeploy(objects, phases[phase].instance) - - }); - - - after(function() { - //this.timeout(10000) - //let p1=spawnSync('bash', ['-c', `oc delete "project/${buildNamespace}"`], {encoding:'utf8'}) - //console.dir(p1.output) - /* - return new Promise( (resolve) => { - resolve(true) - }).then((result)=>{ - return new Promise((resolve)=>{ - setTimeout(function(){ - resolve(true) - }, 5000) - }) - }).then((result)=>{ - let p2=spawnSync('oc', ['delete', `namespace/${buildNamespace}`], {encoding:'utf8'}) - console.dir(p2.output) - done() - }); - */ - //.finally(done) - //setTimeout(function(){ - /* - let p1=spawnSync('oc', ['delete', `namespace/${buildNamespace}`], {encoding:'utf8'}) - console.dir(p1.output) - - console.log(`previousNamespace=${currentNamespace}`) - let p2=spawnSync('oc', ['project', currentNamespace], {encoding:'utf8'}) - console.dir(p2.output) - oc.raw('delete', [`namespace/${buildNamespace}`]) - done() - */ - //}, 5) - }) -}); \ No newline at end of file diff --git a/openshift-v3/templates/patroni/README.md b/openshift-v3/templates/patroni/README.md deleted file mode 100644 index 28df32a91..000000000 --- a/openshift-v3/templates/patroni/README.md +++ /dev/null @@ -1,40 +0,0 @@ -### Files included - -* build.yaml build patroni image -* deployment.yaml deploy patroni -* deployment-prereq.yaml create pre-required objects for patroni -* secret-template.yaml create template.patroni-patroni secret, it is used by pipeline - -### Defore triggering pipeline - -1. Create template.patroni-patroni secret -oc process -f ./secret-template.yaml | oc create -f - -n [environment namespace] - -2. Build patroni image -oc process -f ./build.yaml | oc create -f - -n [tools namespace] - -### Database Migration from Openshift v3 to Openshift 4 - -1. Openshift v4 - Update zeva database user same as the one on Openshift v3 - For example, Openshift v3 zeva db user name is userABC and opassword is pwpwpwpwpw - create user "userABC" with password 'pwpwpwpwpw'; //password is same with secret - ALTER DATABASE zeva OWNER TO "userABC"; - DROP USER usershh; //usershh is the old user on Openshift v4 - -2. Openshift v4 - Update secrets patroni-prod and template.patroni-patroni - -Update app-db-username and app-db-password same as the one on Openshift v3 - -3. Openshift v3 - Create backup -login to patroni-backup pod and run backup.sh -1 - created backup: /backups/2020-08-28/postgresql-zeva_2020-08-28_19-06-28.sql.gz - -4. Move the above backup file from backup container on Openshift v3 to v4 - for example: moved to /backups/fromv3/postgresql-zeva_2020-08-28_19-06-28.sql.gz - -5. Recover the backup to paroni database on Openshift v4 -login patroini-backup pod on Openshift v4, run the following command -./backup.sh -r patroni-master-prod:5432/zeva -f /backups/fromv3 //yes, folder name only, it will pickup the file and ask confirmation - -6. Verify the database on Openshift v3 and v4 to make sure they are same - diff --git a/openshift-v3/templates/patroni/build.yaml b/openshift-v3/templates/patroni/build.yaml deleted file mode 100644 index b8d583f40..000000000 --- a/openshift-v3/templates/patroni/build.yaml +++ /dev/null @@ -1,110 +0,0 @@ -apiVersion: v1 -kind: Template -metadata: - creationTimestamp: null - name: patroni -labels: - app: ${NAME}${SUFFIX} - phase: build - app.kubernetes.io/component: database - app.kubernetes.io/name: patroni - app.kubernetes.io/managed-by: template - app.kubernetes.io/version: "10" -parameters: - - name: NAME - value: patroni - - name: SUFFIX - value: "" - description: for zeva, use empty value as pipeline doesn't build patroni for single PR - - name: VERSION - description: Ouput version - value: "v10-latest" - - name: GIT_URI - value: https://github.com/bcgov/zeva.git - - name: GIT_REF - value: master - - name: POSTGRES_VERSION - value: "10" -objects: -#ImageStream is create if it doesn't already exist -- apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: {} - creationTimestamp: null - generation: 1 - name: postgres - spec: - lookupPolicy: - local: false - tags: - - annotations: null - from: - kind: DockerImage - name: registry.hub.docker.com/library/postgres:${POSTGRES_VERSION} - generation: 1 - importPolicy: {} - name: "${POSTGRES_VERSION}" - referencePolicy: - type: Source - status: - dockerImageRepository: "" -#- apiVersion: v1 -# generation: 0 -# kind: ImageStreamTag -# lookupPolicy: -# local: false -# metadata: -# creationTimestamp: null -# name: postgres:${POSTGRES_VERSION} -# tag: -# annotations: null -# from: -# kind: DockerImage -# name: registry.hub.docker.com/library/postgres:${POSTGRES_VERSION} -# generation: 0 -# importPolicy: {} -# name: "${POSTGRES_VERSION}" -# referencePolicy: -# type: Source -- apiVersion: v1 - kind: ImageStream - metadata: - creationTimestamp: null - name: ${NAME} - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" -- apiVersion: v1 - kind: BuildConfig - metadata: - creationTimestamp: null - name: ${NAME}${SUFFIX} - spec: - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: "${NAME}:${VERSION}" - postCommit: {} - resources: {} - source: - contextDir: openshift/templates/patroni/docker - git: - ref: ${GIT_REF} - uri: ${GIT_URI} - type: Git - strategy: - dockerStrategy: - from: - kind: ImageStreamTag - name: postgres:${POSTGRES_VERSION} - type: Docker - triggers: - - type: ConfigChange - - imageChange: {} - type: ImageChange - status: - lastVersion: 0 \ No newline at end of file diff --git a/openshift-v3/templates/patroni/deployment-prereq.yaml b/openshift-v3/templates/patroni/deployment-prereq.yaml deleted file mode 100644 index afb09c8f6..000000000 --- a/openshift-v3/templates/patroni/deployment-prereq.yaml +++ /dev/null @@ -1,132 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - annotations: - description: |- - Patroni Postgresql database cluster, with persistent storage. - iconClass: icon-postgresql - openshift.io/display-name: Patroni Postgresql (Persistent) - openshift.io/long-description: This template deploys a patroni postgresql HA - cluster with persistent storage. - tags: postgresql - name: patroni-pgsql-persistent -labels: - app.kubernetes.io/component: database - app.kubernetes.io/name: patroni - app.kubernetes.io/managed-by: template - app.kubernetes.io/version: "10" -objects: -- apiVersion: v1 - kind: Secret - metadata: - labels: - app: ${NAME}${SUFFIX} - cluster-name: ${NAME}${SUFFIX} - annotations: - as-copy-of: "template.${NAME}-patroni" - name: ${NAME}${SUFFIX} - stringData: - replication-username: ${PATRONI_REPLICATION_USERNAME} - replication-password: ${PATRONI_REPLICATION_PASSWORD} - superuser-username: ${PATRONI_SUPERUSER_USERNAME} - superuser-password: ${PATRONI_SUPERUSER_PASSWORD} - app-db-name: ${APP_DB_NAME} - app-db-username: ${APP_DB_USERNAME} - app-db-password: ${APP_DB_PASSWORD} -# move ServiceAccount and Role to here, otherwise image pulled may fail because ServiceAccount hasn't been created -- apiVersion: v1 - kind: ServiceAccount - metadata: - labels: - cluster-name: ${NAME}${SUFFIX} - name: ${NAME}${SUFFIX} -- apiVersion: rbac.authorization.k8s.io/v1 - kind: Role - metadata: - labels: - cluster-name: ${NAME}${SUFFIX} - name: ${NAME}${SUFFIX} - rules: - - apiGroups: - - "" - resources: - - services - verbs: - - create - - get - - list - - patch - - update - - watch - - delete - - apiGroups: - - "" - resources: - - configmaps - verbs: - - create - - get - - list - - patch - - update - - watch - - delete - - apiGroups: - - "" - resources: - - endpoints - verbs: - - get - - patch - - update - - create - - list - - watch - - delete - - apiGroups: - - "" - resources: - - pods - verbs: - - get - - list - - patch - - update - - watch -parameters: -- description: The name of the application for labelling all artifacts. - displayName: Application Name - name: NAME - value: patroni -- name: SUFFIX - required: true -- description: Username of the superuser account for initialization. - displayName: Superuser Username - name: PATRONI_SUPERUSER_USERNAME - value: postgres -# generate: expression -# from: super-[a-zA-Z0-9]{6} -- description: Password of the superuser account for initialization. - displayName: Superuser Passsword - name: PATRONI_SUPERUSER_PASSWORD - generate: expression - from: '[a-zA-Z0-9]{32}' -- description: Username of the replication account for initialization. - displayName: Replication Username - name: PATRONI_REPLICATION_USERNAME - value: replication -# generate: expression -# from: rep-[a-zA-Z0-9]{6} -- description: Password of the replication account for initialization. - displayName: Repication Passsword - name: PATRONI_REPLICATION_PASSWORD - generate: expression - from: '[a-zA-Z0-9]{32}' -- name: APP_DB_USERNAME - from: zeva[A-Z]{3} - generate: expression -- name: APP_DB_NAME - value: zeva -- name: APP_DB_PASSWORD - generate: expression - from: '[a-zA-Z0-9]{32}' diff --git a/openshift-v3/templates/patroni/deployment.yaml b/openshift-v3/templates/patroni/deployment.yaml deleted file mode 100644 index 94a9e4d8b..000000000 --- a/openshift-v3/templates/patroni/deployment.yaml +++ /dev/null @@ -1,336 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - annotations: - description: |- - Patroni Postgresql database cluster, with persistent storage. - iconClass: icon-postgresql - openshift.io/display-name: Patroni Postgresql (Persistent) - openshift.io/long-description: This template deploys a patroni postgresql HA - cluster with persistent storage. - tags: postgresql - name: patroni-pgsql-persistent -labels: - app: ${NAME}${SUFFIX} - phase: deploy - app.kubernetes.io/instance: ${NAME}${SUFFIX} - app.kubernetes.io/component: database - app.kubernetes.io/name: patroni - app.kubernetes.io/managed-by: template - app.kubernetes.io/version: "10" -objects: -# It doesn't seem to be used/needed - remote it? -#- apiVersion: v1 -# kind: Service -# metadata: -# creationTimestamp: null -# labels: -# cluster-name: ${NAME}${SUFFIX} -# name: ${NAME}${SUFFIX} -# spec: -# ports: -# - name: 'postgresql' -# port: 5432 -# protocol: TCP -# targetPort: 5432 -# sessionAffinity: None -# type: ClusterIP -# status: -# loadBalancer: {} -- apiVersion: v1 - kind: Service - metadata: - creationTimestamp: null - labels: - cluster-name: ${NAME}${SUFFIX} - name: ${NAME}-master${SUFFIX} - spec: - ports: - - port: 5432 - name: postgresql - protocol: TCP - targetPort: 5432 - - port: 8008 - name: health - protocol: TCP - targetPort: 8008 - selector: - cluster-name: ${NAME}${SUFFIX} - role: master - app.kubernetes.io/name: patroni - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -#- apiVersion: v1 -# kind: Service -# metadata: -# creationTimestamp: null -# labels: -# cluster-name: ${NAME}${SUFFIX} -# name: ${NAME}-replica${SUFFIX} -# spec: -# ports: -# - port: 5432 -## name: 'postgresql' -# protocol: TCP -# targetPort: 5432 -# selector: -# cluster-name: ${NAME}${SUFFIX} -# app.kubernetes.io/name: patroni -# role: replica -# sessionAffinity: None -# type: ClusterIP -# status: -# loadBalancer: {} -# - apiVersion: v1 -# kind: ConfigMap -# metadata: -# name: ${NAME}${SUFFIX}-config -# - apiVersion: v1 -# kind: ConfigMap -# metadata: -# name: ${NAME}${SUFFIX}-leader -- apiVersion: apps/v1 - kind: StatefulSet - metadata: - creationTimestamp: null - generation: 3 - labels: - cluster-name: ${NAME}${SUFFIX} - app: zeva - role: patroni - env: ${ENV_NAME} - name: ${NAME}${SUFFIX} - spec: - podManagementPolicy: OrderedReady - replicas: ${{REPLICA}} - revisionHistoryLimit: 10 - selector: - matchLabels: - statefulset: ${NAME}${SUFFIX} - serviceName: ${NAME}${SUFFIX} - template: - metadata: - creationTimestamp: null - labels: - statefulset: ${NAME}${SUFFIX} - cluster-name: ${NAME}${SUFFIX} - app.kubernetes.io/name: patroni - spec: - affinity: - podAntiAffinity: - requiredDuringSchedulingIgnoredDuringExecution: - - labelSelector: - matchExpressions: - - key: statefulset - operator: In - values: - - ${NAME}${SUFFIX} - topologyKey: "kubernetes.io/hostname" - containers: - - env: - #TODO: Remove POD_IP in favor of PATRONI_KUBERNETES_POD_IP - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP -# - name: PATRONI_KUBERNETES_USE_ENDPOINTS -# value: 'true' -# - name: PATRONI_KUBERNETES_POD_IP -# valueFrom: -# fieldRef: -# apiVersion: v1 -# fieldPath: status.podIP -# - name: PATRONI_KUBERNETES_PORTS -# value: '{[{"name": "postgresql", "port": 5432}]}' - - name: PATRONI_KUBERNETES_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: PATRONI_KUBERNETES_LABELS - value: '{"cluster-name": "${NAME}${SUFFIX}", "app.kubernetes.io/name": "patroni"}' - - name: PATRONI_SUPERUSER_USERNAME - valueFrom: - secretKeyRef: - key: superuser-username - name: ${NAME}${SUFFIX} - - name: PATRONI_SUPERUSER_PASSWORD - valueFrom: - secretKeyRef: - key: superuser-password - name: ${NAME}${SUFFIX} - - name: PATRONI_REPLICATION_USERNAME - valueFrom: - secretKeyRef: - key: replication-username - name: ${NAME}${SUFFIX} - - name: PATRONI_REPLICATION_PASSWORD - valueFrom: - secretKeyRef: - key: replication-password - name: ${NAME}${SUFFIX} - - name: APP_USER - valueFrom: - secretKeyRef: - key: app-db-username - name: ${NAME}${SUFFIX} - - name: APP_PASSWORD - valueFrom: - secretKeyRef: - key: app-db-password - name: ${NAME}${SUFFIX} - - name: APP_DATABASE - valueFrom: - secretKeyRef: - key: app-db-name - name: ${NAME}${SUFFIX} - - name: PATRONI_SCOPE - value: ${NAME}${SUFFIX} - - name: PATRONI_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: PATRONI_LOG_LEVEL - value: WARNING - - name: PATRONI_POSTGRESQL_DATA_DIR - value: /home/postgres/pgdata/pgroot/data - - name: PATRONI_POSTGRESQL_PGPASS - value: /tmp/pgpass - - name: PATRONI_POSTGRESQL_LISTEN - value: 0.0.0.0:5432 - - name: PATRONI_RESTAPI_LISTEN - value: 0.0.0.0:8008 -# - name: PATRONI_LOG_LEVEL -# value: DEBUG -# - name: PATRONI_LOG_DIR -# value: /tmp -# - name: PATRONI_LOG_FILE_SIZE -# value: '50000000' -# - name: PATRONI_LOG_FILE_NUM -# value: '4' - image: ${IMAGE_REGISTRY}/${IMAGE_STREAM_NAMESPACE}/${IMAGE_STREAM_TAG} - # Because we are using image reference to a tag, we need to always pull the image otherwise - # we end up with outdated/out-of-sync image depending on the node where it is running - imagePullPolicy: Always - name: postgresql - ports: - - containerPort: 8008 - protocol: TCP - - containerPort: 5432 - protocol: TCP - resources: - requests: - cpu: ${CPU_REQUEST} - memory: ${MEMORY_REQUEST} - limits: - cpu: ${CPU_LIMIT} - memory: ${MEMORY_LIMIT} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File -# used /usr/share/scripts/patroni/health_check.sh, but it doesn't output Lag in MB any more - readinessProbe: - failureThreshold: 20 - httpGet: - path: /health - port: 8008 - scheme: HTTP - initialDelaySeconds: 30 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 3 - volumeMounts: - - mountPath: /home/postgres/pgdata - name: postgresql - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - serviceAccountName: ${NAME}${SUFFIX} - terminationGracePeriodSeconds: 0 - updateStrategy: - type: RollingUpdate - volumeClaimTemplates: - - metadata: - annotations: - volume.beta.kubernetes.io/storage-class: ${STORAGE_CLASS} - labels: - app: ${NAME}${SUFFIX} - name: postgresql - spec: - storageClassName: ${STORAGE_CLASS} - accessModes: - - ReadWriteOnce - resources: - requests: - storage: ${PVC_SIZE} -# It doesn't seem to be used/needed - remote it? -#- apiVersion: v1 -# kind: Endpoints -# metadata: -# labels: -# app: ${NAME}${SUFFIX} -# cluster-name: ${NAME}${SUFFIX} -# name: ${NAME}${SUFFIX} -# subsets: [] -- apiVersion: rbac.authorization.k8s.io/v1 - kind: RoleBinding - metadata: - labels: - cluster-name: ${NAME}${SUFFIX} - name: ${NAME}${SUFFIX} - roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: ${NAME}${SUFFIX} - subjects: - - kind: ServiceAccount - name: ${NAME}${SUFFIX} -parameters: -- description: The name of the application for labelling all artifacts. - displayName: Application Name - name: NAME - value: patroni -- description: The environment name - displayName: environment name - name: ENV_NAME - required: true -- name: SUFFIX - description: A suffix appended to all artifact's name (NAME) -- description: Starting amount of CPU the container can use. - displayName: CPU REQUEST - name: CPU_REQUEST - value: '250m' -- description: Maximum amount of CPU the container can use. - displayName: CPU Limit - name: CPU_LIMIT - value: '1' -- description: Starting amount of memory the container can use. - displayName: Memory Request - name: MEMORY_REQUEST - value: 512Mi -- description: Maximum amount of memory the container can use. - displayName: Memory Limit - name: MEMORY_LIMIT - value: 512Mi -- description: The OpenShift Namespace where the patroni and postgresql ImageStream - resides. - displayName: ImageStream Namespace - name: IMAGE_STREAM_NAMESPACE - value: "bcgov" -- name: IMAGE_STREAM_TAG - description: Patroni ImageTag - value: patroni:v10-stable -- description: The size of the persistent volume to create. - displayName: Persistent Volume Size - name: PVC_SIZE - value: 1G -- name: STORAGE_CLASS - value: netapp-block-standard -- name: IMAGE_REGISTRY - value: docker-registry.default.svc:5000 -- name: REPLICA - value: '2' diff --git a/openshift-v3/templates/patroni/docker/Dockerfile b/openshift-v3/templates/patroni/docker/Dockerfile deleted file mode 100644 index 0588f64aa..000000000 --- a/openshift-v3/templates/patroni/docker/Dockerfile +++ /dev/null @@ -1,43 +0,0 @@ -FROM postgres:10 -MAINTAINER Alexander Kukushkin - -ARG PGHOME=/home/postgres - -RUN export DEBIAN_FRONTEND=noninteractive \ - && echo 'APT::Install-Recommends "0";\nAPT::Install-Suggests "0";' > /etc/apt/apt.conf.d/01norecommend \ - && apt-get update -y \ - && apt-get upgrade -y \ - && apt-cache depends patroni | sed -n -e 's/.* Depends: \(python3-.\+\)$/\1/p' \ - | grep -Ev '^python3-(sphinx|etcd|consul|kazoo|kubernetes)' \ - | xargs apt-get install -y gettext curl jq locales git python3-pip python3-wheel \ - - ## Make sure we have a en_US.UTF-8 locale available - && localedef -i en_US -c -f UTF-8 -A /usr/share/locale/locale.alias en_US.UTF-8 \ - - && pip3 install setuptools \ - && pip3 install 'git+https://github.com/zalando/patroni.git#egg=patroni[kubernetes]' \ - - && mkdir -p $PGHOME \ - && sed -i "s|/var/lib/postgresql.*|$PGHOME:/bin/bash|" /etc/passwd \ - - # Set permissions for OpenShift - && chmod 775 $PGHOME \ - && chmod 664 /etc/passwd \ - && mkdir -p $PGHOME/pgdata/pgroot \ - && chgrp -R 0 $PGHOME \ - && chown -R postgres $PGHOME \ - && chmod -R 775 $PGHOME \ - # Clean up - && apt-get remove -y git python3-pip python3-wheel \ - && apt-get autoremove -y \ - && apt-get clean -y \ - && rm -rf /var/lib/apt/lists/* /root/.cache - -COPY contrib/root / - -VOLUME /home/postgres/pgdata -EXPOSE 5432 8008 -ENV LC_ALL=en_US.UTF-8 LANG=en_US.UTF-8 -USER postgres -WORKDIR /home/postgres -CMD ["/bin/bash", "/usr/bin/entrypoint.sh"] \ No newline at end of file diff --git a/openshift-v3/templates/patroni/docker/contrib/root/usr/bin/entrypoint.sh b/openshift-v3/templates/patroni/docker/contrib/root/usr/bin/entrypoint.sh deleted file mode 100755 index 2932b1040..000000000 --- a/openshift-v3/templates/patroni/docker/contrib/root/usr/bin/entrypoint.sh +++ /dev/null @@ -1,57 +0,0 @@ -#!/bin/bash - -if [[ $UID -ge 10000 ]]; then - GID=$(id -g) - sed -e "s/^postgres:x:[^:]*:[^:]*:/postgres:x:$UID:$GID:/" /etc/passwd > /tmp/passwd - cat /tmp/passwd > /etc/passwd - rm /tmp/passwd -fi - -# FIX -> FATAL: data directory "..." has group or world access -mkdir -p "$PATRONI_POSTGRESQL_DATA_DIR" -chmod 700 "$PATRONI_POSTGRESQL_DATA_DIR" - -cat > /home/postgres/patroni.yml <<__EOF__ -bootstrap: - post_bootstrap: /usr/share/scripts/patroni/post_init.sh - dcs: - postgresql: - use_pg_rewind: true - parameters: - max_connections: ${POSTGRESQL_MAX_CONNECTIONS:-100} - max_prepared_transactions: ${POSTGRESQL_MAX_PREPARED_TRANSACTIONS:-0} - max_locks_per_transaction: ${POSTGRESQL_MAX_LOCKS_PER_TRANSACTION:-64} - log_autovacuum_min_duration: 250 - log_checkpoints: on - log_lock_waits: on - log_min_duration_statement: 1000 - log_temp_files: 1000 - min_wal_size: 300MB - max_wal_size: 1GB - track_io_timing: on - idle_in_transaction_session_timeout: 20s - initdb: - - auth-host: md5 - - auth-local: trust - - encoding: UTF8 - - locale: en_US.UTF-8 - - data-checksums - pg_hba: - - host all all 0.0.0.0/0 md5 - - host replication ${PATRONI_REPLICATION_USERNAME} ${POD_IP}/16 md5 -restapi: - connect_address: '${POD_IP}:8008' -postgresql: - connect_address: '${POD_IP}:5432' - authentication: - superuser: - password: '${PATRONI_SUPERUSER_PASSWORD}' - replication: - password: '${PATRONI_REPLICATION_PASSWORD}' -__EOF__ - -unset PATRONI_SUPERUSER_PASSWORD PATRONI_REPLICATION_PASSWORD -export KUBERNETES_NAMESPACE=$PATRONI_KUBERNETES_NAMESPACE -export POD_NAME=$PATRONI_NAME - -exec /usr/bin/python3 /usr/local/bin/patroni /home/postgres/patroni.yml \ No newline at end of file diff --git a/openshift-v3/templates/patroni/docker/contrib/root/usr/share/scripts/patroni/health_check.sh b/openshift-v3/templates/patroni/docker/contrib/root/usr/share/scripts/patroni/health_check.sh deleted file mode 100755 index acc485baa..000000000 --- a/openshift-v3/templates/patroni/docker/contrib/root/usr/share/scripts/patroni/health_check.sh +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/env bash -set -Eeu -set -o pipefail - -pg_isready -q && patronictl list --format=json | jq -e ".[] | select(.Member == \"$(hostname)\" and .State == \"running\" and .\"Lag in MB\" == 0)" diff --git a/openshift-v3/templates/patroni/docker/contrib/root/usr/share/scripts/patroni/post_init.sh b/openshift-v3/templates/patroni/docker/contrib/root/usr/share/scripts/patroni/post_init.sh deleted file mode 100755 index 52fd5b51e..000000000 --- a/openshift-v3/templates/patroni/docker/contrib/root/usr/share/scripts/patroni/post_init.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/usr/bin/env bash -set -Eeu - -if [[ (! -z "$APP_USER") && (! -z "$APP_PASSWORD") && (! -z "$APP_DATABASE")]]; then - echo "Creating user ${APP_USER}" - psql "$1" -w -c "create user ${APP_USER} WITH LOGIN ENCRYPTED PASSWORD '${APP_PASSWORD}'" - - echo "Creating database ${APP_DATABASE}" - psql "$1" -w -c "CREATE DATABASE ${APP_DATABASE} OWNER ${APP_USER} ENCODING '${APP_DB_ENCODING:-UTF8}' LC_COLLATE = '${APP_DB_LC_COLLATE:-en_US.UTF-8}' LC_CTYPE = '${APP_DB_LC_CTYPE:-en_US.UTF-8}'" - - echo "Creating extensions" - psql -U postgres -q -d "${APP_DATABASE}" -c 'create extension if not exists hstore' - -else - echo "Skipping user creation" - echo "Skipping database creation" -fi \ No newline at end of file diff --git a/openshift-v3/templates/patroni/secret-template.yaml b/openshift-v3/templates/patroni/secret-template.yaml deleted file mode 100644 index e69196779..000000000 --- a/openshift-v3/templates/patroni/secret-template.yaml +++ /dev/null @@ -1,56 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - annotations: - description: Patroni Postgresql database cluster template secret - name: patroni-pgsql-secret-template -objects: -- apiVersion: v1 - kind: Secret - metadata: - labels: - app: ${NAME} - name: template.${NAME}-patroni - stringData: - replication-username: ${PATRONI_REPLICATION_USERNAME} - replication-password: ${PATRONI_REPLICATION_PASSWORD} - superuser-username: ${PATRONI_SUPERUSER_USERNAME} - superuser-password: ${PATRONI_SUPERUSER_PASSWORD} - app-db-name: ${APP_DB_NAME} - app-db-username: ${APP_DB_USERNAME} - app-db-password: ${APP_DB_PASSWORD} -parameters: -- description: The name of the application for labelling all artifacts. - displayName: Application Name - name: NAME - value: patroni -- description: Username of the superuser account for initialization. - displayName: Superuser Username - name: PATRONI_SUPERUSER_USERNAME - value: postgres -# generate: expression -# from: super-[a-zA-Z0-9]{6} -- description: Password of the superuser account for initialization. - displayName: Superuser Passsword - name: PATRONI_SUPERUSER_PASSWORD - generate: expression - from: '[a-zA-Z0-9]{32}' -- description: Username of the replication account for initialization. - displayName: Replication Username - name: PATRONI_REPLICATION_USERNAME - value: replication -# generate: expression -# from: rep-[a-zA-Z0-9]{6} -- description: Password of the replication account for initialization. - displayName: Repication Passsword - name: PATRONI_REPLICATION_PASSWORD - generate: expression - from: '[a-zA-Z0-9]{32}' -- name: APP_DB_USERNAME - from: zeva[a-z]{3} - generate: expression -- name: APP_DB_NAME - value: zeva -- name: APP_DB_PASSWORD - generate: expression - from: '[a-zA-Z0-9]{32}' diff --git a/openshift-v3/templates/postgresql/create.sh b/openshift-v3/templates/postgresql/create.sh deleted file mode 100755 index a62360371..000000000 --- a/openshift-v3/templates/postgresql/create.sh +++ /dev/null @@ -1,3 +0,0 @@ -oc process -f ./postgresql-bc-release.yaml CPU_REQUEST=100m CPU_LIMIT=500m MEMORY_REQUEST=1100M MEMORY_LIMIT=2G | oc create -f - -n tbiwaq-dev --dry-run=true -oc process -f ./postgresql-dc-release.yaml ENV_NAME=dev CPU_REQUEST=100m CPU_LIMIT=500m MEMORY_REQUEST=256Mi MEMORY_LIMIT=2Gi NFS_DB_BACKUP_NAME=bk-tbiwaq-dev-wx8wjvtqjj3k | oc create -f - -n tbiwaq-dev --dry-run=true -oc process -f ./postgresql-dc-unittest.yaml ENV_NAME=dev CPU_REQUEST=100m CPU_LIMIT=500m MEMORY_REQUEST=256Mi MEMORY_LIMIT=2Gi | oc create -f - -n tbiwaq-dev --dry-run=true diff --git a/openshift-v3/templates/postgresql/nfs_storage.yaml b/openshift-v3/templates/postgresql/nfs_storage.yaml deleted file mode 100644 index 97dd789da..000000000 --- a/openshift-v3/templates/postgresql/nfs_storage.yaml +++ /dev/null @@ -1,46 +0,0 @@ ---- -kind: Template -apiVersion: v1 -labels: - template: zeva-postgresql-persistent-template -metadata: - name: postgresql-dc - creationTimestamp: -parameters: - - description: Username for PostgreSQL user that will be used for accessing the database. - from: user[A-Z0-9]{3} - generate: expression - name: TFRS_DB_USER - required: true - - description: Password for the PostgreSQL connection user. - from: "[a-zA-Z0-9]{16}" - generate: expression - name: TFRS_DB_PASSWORD - required: true - - name: CPU_REQUEST - displayName: Requested CPU - description: Requested CPU - required: true - - name: CPU_LIMIT - displayName: CPU upper limit - description: CPU upper limit - required: true - - name: MEMORY_REQUEST - displayName: Requested memory - description: Requested memory - required: true - - name: MEMORY_LIMIT - displayName: Memory upper limit - description: Memory upper limit - required: true - - name: DB_PVC_SIZE - value: 5Gi - displayName: PVC Size - description: PVC Size - required: true - - name: DB_BACKUP_NFS_SIZE - value: 5Gi - displayName: DB PVC Size - description: DB BACKUP NFS Size - required: true -objects: diff --git a/openshift-v3/templates/postgresql/postgresql-dc-release.yaml b/openshift-v3/templates/postgresql/postgresql-dc-release.yaml deleted file mode 100644 index 898b37c11..000000000 --- a/openshift-v3/templates/postgresql/postgresql-dc-release.yaml +++ /dev/null @@ -1,181 +0,0 @@ ---- -kind: Template -apiVersion: v1 -labels: - template: zeva-postgresql-persistent-template -metadata: - name: postgresql-dc - creationTimestamp: -parameters: - - name: ENV_NAME - displayName: Environment Name - description: Environment Name - required: true - - name: CPU_REQUEST - displayName: Requested CPU - description: Requested CPU - required: true - - name: CPU_LIMIT - displayName: CPU upper limit - description: CPU upper limit - required: true - - name: MEMORY_REQUEST - displayName: Requested memory - description: Requested memory - required: true - - name: MEMORY_LIMIT - displayName: Memory upper limit - description: Memory upper limit - required: true - - name: DB_PVC_SIZE - value: 5G - displayName: PVC Size - description: PVC Size - required: true - - name: NFS_DB_BACKUP_NAME - displayName: NFS databse backup_name - description: NFS databse backup_name - required: true -objects: - - kind: Service - apiVersion: v1 - metadata: - name: postgresql - annotations: - template.openshift.io/expose-uri: postgres://{.spec.clusterIP}:{.spec.ports[?(.name=="postgresql")].port} - labels: - name: postgresql - app: zeva - role: postgresql - env: ${ENV_NAME} - spec: - ports: - - name: postgresql - protocol: TCP - port: 5432 - targetPort: 5432 - selector: - name: postgresql - type: ClusterIP - sessionAffinity: None - status: - loadBalancer: {} - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: postgresql - annotations: - volume.beta.kubernetes.io/storage-class: netapp-block-standard - template.openshift.io.bcgov/create: 'true' - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: "${DB_PVC_SIZE}" - - kind: DeploymentConfig - apiVersion: v1 - metadata: - annotations: - template.alpha.openshift.io/wait-for-ready: 'true' - name: postgresql - labels: - name: postgresql - app: zeva - role: postgresql - env: ${ENV_NAME} - spec: - replicas: 1 - strategy: - type: Recreate - triggers: - - type: ImageChange - imageChangeParams: - automatic: false - containerNames: - - postgresql - from: - kind: ImageStreamTag - namespace: openshift - name: postgresql:10 - - type: ConfigChange - test: false - selector: - name: postgresql - template: - metadata: - creationTimestamp: - labels: - name: postgresql - spec: - volumes: - - name: postgresql-data - persistentVolumeClaim: - claimName: postgresql - - name: postgresql-backup - persistentVolumeClaim: - claimName: ${NFS_DB_BACKUP_NAME} - containers: - - name: postgresql - image: " " - ports: - - containerPort: 5432 - protocol: TCP - env: - - name: POSTGRESQL_DATABASE - value: zeva - - name: POSTGRESQL_USER - valueFrom: - secretKeyRef: - name: zeva-postgresql - key: DATABASE_USER - - name: POSTGRESQL_PASSWORD - valueFrom: - secretKeyRef: - name: zeva-postgresql - key: DATABASE_PASSWORD - resources: - request: - cpu: "${CPU_REQUEST}" - memory: "${MEMORY_REQUEST}" - limits: - cpu: "${CPU_LIMIT}" - memory: "${MEMORY_LIMIT}" - volumeMounts: - - name: postgresql-data - mountPath: "/var/lib/pgsql/data" - - mountPath: /postgresql-backup - name: postgresql-backup - subPath: postgresql-backup - readinessProbe: - tcpSocket: - port: 5432 - initialDelaySeconds: 25 - timeoutSeconds: 1 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - livenessProbe: - exec: - command: - - "/bin/sh" - - "-i" - - "-c" - - psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d zeva -c 'SELECT 1' - initialDelaySeconds: 30 - timeoutSeconds: 1 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - terminationMessagePath: "/dev/termination-log" - terminationMessagePolicy: File - imagePullPolicy: IfNotPresent - securityContext: - capabilities: {} - privileged: false - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler - status: {} diff --git a/openshift-v3/templates/postgresql/postgresql-dc-unittest.yaml b/openshift-v3/templates/postgresql/postgresql-dc-unittest.yaml deleted file mode 100644 index 5da52075d..000000000 --- a/openshift-v3/templates/postgresql/postgresql-dc-unittest.yaml +++ /dev/null @@ -1,171 +0,0 @@ ---- -kind: Template -apiVersion: v1 -labels: - template: zeva-postgresql-persistent-template -metadata: - name: postgresql-dc-unittest - creationTimestamp: -parameters: - - name: ENV_NAME - displayName: Environment Name - description: Environment Name - required: true - - name: CPU_REQUEST - displayName: Requested CPU - description: Requested CPU - required: true - - name: CPU_LIMIT - displayName: CPU upper limit - description: CPU upper limit - required: true - - name: MEMORY_REQUEST - displayName: Requested memory - description: Requested memory - required: true - - name: MEMORY_LIMIT - displayName: Memory upper limit - description: Memory upper limit - required: true - - name: DB_PVC_SIZE - value: 5Gi - displayName: PVC Size - description: PVC Size - required: true -objects: - - kind: Service - apiVersion: v1 - metadata: - name: postgresql-unittest - annotations: - template.openshift.io/expose-uri: postgres://{.spec.clusterIP}:{.spec.ports[?(.name=="postgresql")].port} - labels: - name: postgresql-unittest - app: zeva - role: postgresql-unittest - env: ${ENV_NAME} - spec: - ports: - - name: postgresql - protocol: TCP - port: 5432 - targetPort: 5432 - selector: - name: postgresql-unittest - type: ClusterIP - sessionAffinity: None - status: - loadBalancer: {} - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: postgresql-unittest - annotations: - volume.beta.kubernetes.io/storage-class: netapp-block-standard - template.openshift.io.bcgov/create: 'true' - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: "${DB_PVC_SIZE}" - - kind: DeploymentConfig - apiVersion: v1 - metadata: - annotations: - template.alpha.openshift.io/wait-for-ready: 'true' - name: postgresql-unittest - labels: - name: postgresql-unittest - app: zeva - role: postgresql-unittest - env: ${ENV_NAME} - spec: - replicas: 1 - strategy: - type: Recreate - triggers: - - type: ImageChange - imageChangeParams: - automatic: true - containerNames: - - postgresql - from: - kind: ImageStreamTag - namespace: openshift - name: postgresql:10 - - type: ConfigChange - test: false - selector: - name: postgresql-unittest - template: - metadata: - creationTimestamp: - labels: - name: postgresql-unittest - spec: - volumes: - - name: postgresql-data - persistentVolumeClaim: - claimName: postgresql-unittest - containers: - - name: postgresql - image: " " - ports: - - containerPort: 5432 - protocol: TCP - env: - - name: POSTGRESQL_DATABASE - value: zeva - - name: POSTGRESQL_USER - valueFrom: - secretKeyRef: - name: zeva-postgresql-unittest - key: DATABASE_USER - - name: POSTGRESQL_PASSWORD - valueFrom: - secretKeyRef: - name: zeva-postgresql-unittest - key: DATABASE_PASSWORD - resources: - request: - cpu: "${CPU_REQUEST}" - memory: "${MEMORY_REQUEST}" - limits: - cpu: "${CPU_LIMIT}" - memory: "${MEMORY_LIMIT}" - volumeMounts: - - name: postgresql-data - mountPath: /var/lib/pgsql/data - readinessProbe: - tcpSocket: - port: 5432 - initialDelaySeconds: 25 - timeoutSeconds: 1 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - livenessProbe: - exec: - command: - - "/bin/sh" - - "-i" - - "-c" - - psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d zeva -c 'SELECT 1' - initialDelaySeconds: 30 - timeoutSeconds: 1 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - terminationMessagePath: "/dev/termination-log" - terminationMessagePolicy: File - imagePullPolicy: IfNotPresent - securityContext: - capabilities: {} - privileged: false - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler - status: {} diff --git a/openshift-v3/templates/postgresql/postgresql-dc.yaml b/openshift-v3/templates/postgresql/postgresql-dc.yaml deleted file mode 100644 index 54cab1f3e..000000000 --- a/openshift-v3/templates/postgresql/postgresql-dc.yaml +++ /dev/null @@ -1,209 +0,0 @@ ---- -kind: Template -apiVersion: v1 -labels: - template: zeva-postgresql-persistent-template -metadata: - name: postgresql-dc - creationTimestamp: -parameters: - - name: NAME - displayName: - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true - - name: SUFFIX - displayName: - description: sample is -dev-97 - required: true - - name: VERSION - displayName: - description: image tag name for output - required: true - - name: ENV_NAME - displayName: Environment Name - description: Environment Name - required: true - - description: Username for PostgreSQL user that will be used for accessing the database. - from: zeva[A-Z0-9]{3} - generate: expression - name: ZEVA_DB_USER - required: true - - description: Password for the PostgreSQL connection user. - from: "[a-zA-Z0-9]{16}" - generate: expression - name: ZEVA_DB_PASSWORD - required: true - - name: CPU_REQUEST - displayName: Requested CPU - description: Requested CPU - required: true - - name: CPU_LIMIT - displayName: CPU upper limit - description: CPU upper limit - required: true - - name: MEMORY_REQUEST - displayName: Requested memory - description: Requested memory - required: true - - name: MEMORY_LIMIT - displayName: Memory upper limit - description: Memory upper limit - required: true - - name: DB_PVC_SIZE - value: 5Gi - displayName: PVC Size - description: PVC Size - required: true -objects: - - apiVersion: v1 - kind: Secret - metadata: - name: ${NAME}-postgresql${SUFFIX} - annotations: - as-copy-of: "${NAME}-template-postgresql" - labels: {} - stringData: - DATABASE_USER: "${ZEVA_DB_USER}" - DATABASE_PASSWORD: "${ZEVA_DB_PASSWORD}" - - kind: Service - apiVersion: v1 - metadata: - name: ${NAME}-postgresql${SUFFIX} - annotations: - template.openshift.io/expose-uri: postgres://{.spec.clusterIP}:{.spec.ports[?(.name=="postgresql")].port} - labels: - name: postgresql - app: zeva - role: postgresql - env: ${ENV_NAME} - spec: - ports: - - name: postgresql - protocol: TCP - port: 5432 - targetPort: 5432 - selector: - name: ${NAME}-postgresql${SUFFIX} - type: ClusterIP - sessionAffinity: None - status: - loadBalancer: {} - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: ${NAME}-postgresql${SUFFIX} - annotations: - volume.beta.kubernetes.io/storage-class: netapp-file-standard - template.openshift.io.bcgov/create: 'true' - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: "${DB_PVC_SIZE}" - - kind: DeploymentConfig - apiVersion: v1 - metadata: - annotations: - template.alpha.openshift.io/wait-for-ready: 'true' - name: ${NAME}-postgresql${SUFFIX} - labels: - app: zeva - role: postgresql - env: ${ENV_NAME} - spec: - replicas: 1 - strategy: - type: Recreate - triggers: - - imageChangeParams: - automatic: true - containerNames: - - postgresql - from: - kind: ImageStreamTag - namespace: tbiwaq-tools - name: postgresql:10-1-47 - lastTriggeredImage: - type: ImageChange - - type: ConfigChange - test: false - selector: - name: ${NAME}-postgresql${SUFFIX} - template: - metadata: - creationTimestamp: - labels: - name: ${NAME}-postgresql${SUFFIX} - spec: - volumes: - - name: postgresql-data - persistentVolumeClaim: - claimName: ${NAME}-postgresql${SUFFIX} - - configMap: - defaultMode: 420 - name: zeva-postgresql-init - name: volume-vzqaq - containers: - - name: postgresql - image: " " - ports: - - containerPort: 5432 - protocol: TCP - env: - - name: POSTGRESQL_DATABASE - value: zeva - - name: POSTGRESQL_USER - valueFrom: - secretKeyRef: - name: ${NAME}-postgresql${SUFFIX} - key: DATABASE_USER - - name: POSTGRESQL_PASSWORD - valueFrom: - secretKeyRef: - name: ${NAME}-postgresql${SUFFIX} - key: DATABASE_PASSWORD - resources: - request: - cpu: "${CPU_REQUEST}" - memory: "${MEMORY_REQUEST}" - limits: - cpu: "${CPU_LIMIT}" - memory: "${MEMORY_LIMIT}" - volumeMounts: - - mountPath: /var/lib/pgsql/data - name: postgresql-data - - mountPath: /opt/app-root/src/postgresql-start - name: volume-vzqaq - readinessProbe: - tcpSocket: - port: 5432 - initialDelaySeconds: 25 - timeoutSeconds: 1 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - livenessProbe: - exec: - command: - - "/bin/sh" - - "-i" - - "-c" - - psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d zeva -c 'create extension hstore'; psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d zeva -c 'SELECT 1' - initialDelaySeconds: 35 - timeoutSeconds: 3 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - terminationMessagePath: "/dev/termination-log" - terminationMessagePolicy: File - imagePullPolicy: IfNotPresent - securityContext: - capabilities: {} - privileged: false - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler - status: {} diff --git a/openshift-v3/templates/python-backend/python-backend-bc.yaml b/openshift-v3/templates/python-backend/python-backend-bc.yaml deleted file mode 100644 index 737ca704a..000000000 --- a/openshift-v3/templates/python-backend/python-backend-bc.yaml +++ /dev/null @@ -1,55 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: python-backend -objects: -- apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the python-backend image - creationTimestamp: null - name: python-backend - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" -- apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - creationTimestamp: null - name: python-backend - spec: - failedBuildsHistoryLimit: 5 - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: python-backend:latest - postCommit: {} - resources: {} - runPolicy: Serial - source: - dockerfile: |- - FROM python:3.7-stretch - ENV PYTHONUNBUFFERED 1 - RUN apt-get update - RUN apt-get install -y git supervisor - RUN git clone https://github.com/bcgov/zeva.git /tmp/zeva - RUN mv /tmp/zeva/services/python-transaction /app - WORKDIR /app - RUN pip install -r requirements.txt - WORKDIR /app/zeva - CMD alembic upgrade head && python3 service.py - type: Dockerfile - strategy: - dockerStrategy: - forcePull: false - noCache: true - type: Docker - successfulBuildsHistoryLimit: 5 - triggers: [] - status: - lastVersion: 0 diff --git a/openshift-v3/templates/python-backend/python-backend-dc.yaml b/openshift-v3/templates/python-backend/python-backend-dc.yaml deleted file mode 100644 index 3da644b3f..000000000 --- a/openshift-v3/templates/python-backend/python-backend-dc.yaml +++ /dev/null @@ -1,171 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: python-backend-dc -parameters: - - name: ENV_NAME - value: dev - displayName: Environment name - description: Environment name, dev, test and prod - required: true - - name: DASH_ENV_NAME - value: dev - displayName: Environment name - description: Environment name, -dev, -test and empty for prod - required: true - - name: CPU_REQUEST - displayName: Requested CPU - description: Requested CPU - required: true - - name: CPU_LIMIT - displayName: CPU upper limit - description: CPU upper limit - required: true - - name: MEMORY_REQUEST - displayName: Requested memory - description: Requested memory - required: true - - name: MEMORY_LIMIT - displayName: Memory upper limit - description: Memory upper limit - required: true - - name: POSTGRESQL_USER - displayName: Postgresql database user - description: Postgresql database user - required: true - - name: POSTGRESQL_PASSWORD - displayName: Postgresql database password - description: Postgresql database password - required: true - - name: OCP_NAME - displayName: Openshift Name - description: Openshift Name - required: true -objects: -- apiVersion: v1 - kind: Service - metadata: - creationTimestamp: null - name: python-backend - labels: - name: python-backend - app: zeva - role: python-backend - env: ${ENV_NAME} - spec: - ports: - - name: python-backend - port: 10102 - protocol: TCP - targetPort: 10102 - selector: - name: python-backend - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - metadata: - name: python-backend - labels: - name: python-backend - app: zeva - role: python-backend - env: ${ENV_NAME} - annotations: - description: Defines how to deploy the python-backend application - creationTimestamp: null - spec: - replicas: 1 - revisionHistoryLimit: 10 - selector: - name: python-backend - strategy: - activeDeadlineSeconds: 1200 - recreateParams: - timeoutSeconds: 600 - resources: {} - type: Recreate - template: - metadata: - creationTimestamp: null - labels: - name: python-backend - name: python-backend - spec: - containers: - - env: - - name: DATABASE_URL - value: "postgresql://${POSTGRESQL_USER}:${POSTGRESQL_PASSWORD}@postgresql.tbiwaq-${ENV_NAME}.svc.cluster.local/zeva" - - name: KEYCLOAK_CERTS_URL - value: "https://sso${DASH_ENV_NAME}.${OCP_NAME}.gov.bc.ca/auth/realms/rzh2zkjq/protocol/openid-connect/certs" - - name: KEYCLOAK_REALM - value: "https://sso${DASH_ENV_NAME}.${OCP_NAME}.gov.bc.ca/auth/realms/rzh2zkjq" - - name: KEYCLOAK_AUTHORITY - value: "https://sso${DASH_ENV_NAME}.${OCP_NAME}.gov.bc.ca/auth/realms/rzh2zkjq" - - name: KEYCLOAK_ISSUER - value: "https://sso${DASH_ENV_NAME}.${OCP_NAME}.gov.bc.ca/auth/realms/rzh2zkjq" - - name: KEYCLOAK_AUDIENCE - value: 'rzh2zkjq' - - name: KEYCLOAK_CLIENT_ID - value: 'rzh2zkjq' - image: - imagePullPolicy: IfNotPresent - livenessProbe: - failureThreshold: 3 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 10102 - timeoutSeconds: 10 - name: python-backend - ports: - - containerPort: 10102 - protocol: TCP - readinessProbe: - failureThreshold: 3 - initialDelaySeconds: 60 - periodSeconds: 10 - successThreshold: 1 - tcpSocket: - port: 10102 - timeoutSeconds: 10 - resources: - limits: - cpu: ${CPU_LIMIT} - memory: ${MEMORY_LIMIT} - requests: - cpu: ${CPU_REQUEST} - memory: ${MEMORY_REQUEST} - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - volumeMounts: - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - volumes: - test: false - triggers: - - imageChangeParams: - automatic: true - containerNames: - - python-backend - from: - kind: ImageStreamTag - name: python-backend:${ENV_NAME} - namespace: tbiwaq-tools - lastTriggeredImage: - type: ImageChange - - type: ConfigChange - status: - availableReplicas: 0 - latestVersion: 0 - observedGeneration: 0 - replicas: 0 - unavailableReplicas: 0 - updatedReplicas: 0 diff --git a/openshift-v3/templates/rabbitmq/README.md b/openshift-v3/templates/rabbitmq/README.md deleted file mode 100644 index f4252a3be..000000000 --- a/openshift-v3/templates/rabbitmq/README.md +++ /dev/null @@ -1,22 +0,0 @@ -### Files included - -* rabbitmq-bc.yaml not being used -* rabbitmq-cluster-dc.yaml deployment config file -* rabbitmq-web-route.yaml create route to rabbitmq gui -* secret-template.yaml create template.rabbitmq-secret -* zeva-rabbitmq-secret not being used -* rabbitmq-secret-configmap-only.yaml, used when deploy dev, only create secret and configmap, save dev redource as Rabbitmq is not being used yet (20200921) - -### Before triggering pipeline - -1. Create template.rabbitmq-secret -oc process -f ./secret-template.yaml | oc create -f - -n [environment namespace] - -### After pipeline completes - -1. Create route for gui when needed, remove it when no longer need it -oc process -f ./rabbitmq-web-route.yaml NAME=zeva \ -ENV_NAME=dev \ -SUFFIX=-dev-133 \ -OCP_NAME=pathfinder \ -| oc create -f - -n [environment namespace] diff --git a/openshift-v3/templates/rabbitmq/create.sh b/openshift-v3/templates/rabbitmq/create.sh deleted file mode 100644 index 7e85bfbad..000000000 --- a/openshift-v3/templates/rabbitmq/create.sh +++ /dev/null @@ -1,13 +0,0 @@ -### Create secrets for each environment -oc process -f ./rabbitmq-secret.yaml ENV_NAME=dev ADMIN_PASSWORD=*** ZEVA_PASSWORD=*** | oc create -f - -n tbiwaq-tools --dry-run=true - - - -### there are three images for rabbitmq, dev, test and prod -oc process -f ./rabbitmq-bc.yaml ENV_NAME=dev ADMIN_PASSWORD=*** ZEVA_PASSWORD=*** | oc apply -f - -n tbiwaq-tools --dry-run=true - -### tag imag to environment -oc tag tbiwaq-tools/rabbitmq:latest tbiwaq-dev/rabbitmq:dev - -### deployment -oc process -f ./rabbitmq-dc.yaml ENV_NAME=dev | oc apply -f - -n tbiwaq-dev diff --git a/openshift-v3/templates/rabbitmq/docker/Dockerfile b/openshift-v3/templates/rabbitmq/docker/Dockerfile deleted file mode 100644 index 9d39efac4..000000000 --- a/openshift-v3/templates/rabbitmq/docker/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM rabbitmq:3.8.3-management -RUN apt-get update -RUN apt-get install -y gettext-base vim -RUN chgrp -R root /var/log/rabbitmq && \ - chmod -R g+w /var/log/rabbitmq -ARG ADMIN_PASSWORD -ARG ZEVA_PASSWORD -RUN echo "H4sICJ+6cl4AA3BvbGljeS5qc29uALVUW2vCMBR+91eUsqehDiaOsTfBPexhFyZssDHKsU2bQJpIcqJT8b8vSe2FWt2LvoT0+87lO5dm2wuCUMF8zjBaEqWZFOFDEI6G98NR2Hek0Ra22Lf9CIKtPy0sICfOEpKcCW/p4QVovZIqcdTVZPr89BK9TWazz9f3aW1EQVMmsgh4JhVDmjvrvYgyQFQaaQq347vaGSHTVWKmUQFKFXp21+/WuCFLOCLx6/FjcimFp0VlhmjsVtWizinGHfb240e7pFLjidne+MYVjpXTgqicabcoHZ5uWQ477vPUASs8liJlmVE+2fC6Jla2zANQEUj2WGdjy9ytjbxQ8qof5DemIDJyoo9CIktZDOib9q8yXC+8WwpCmsYeJMYOnTsKlSEVDAZllBBOvOoUuK45JpAoAfyAAJWZnAg//e2uPWLJWcxcRa2CjikuC6UwAM6bS40uv9+/flDVQVL752Lx1JSx/Z4PcpkUr0ojSsHotYhr2pac23bGXUZzwJgONNs40/Geb5TY2/0B49pirvUEAAA=" | base64 -d | gunzip - | envsubst > /tmp/policy.json diff --git a/openshift-v3/templates/rabbitmq/docker/policy.json b/openshift-v3/templates/rabbitmq/docker/policy.json deleted file mode 100644 index a5e9f24f5..000000000 --- a/openshift-v3/templates/rabbitmq/docker/policy.json +++ /dev/null @@ -1,67 +0,0 @@ -{ - "rabbit_version": "3.8.3", - "users": [ - { - "name": "admin", - "password": "$ADMIN_PASSWORD", - "hashing_algorithm": "rabbit_password_hashing_sha256", - "tags": "administrator" - }, - { - "name": "zeva", - "password": "$ZEVA_PASSWORD", - "hashing_algorithm": "rabbit_password_hashing_sha256", - "tags": "" - }, - { - "name": "guest", - "password": "guest", - "hashing_algorithm": "rabbit_password_hashing_sha256", - "tags": "" - } - ], - "vhosts": [ - { - "name": "/zeva" - } - ], - "permissions": [ - { - "user": "zeva", - "vhost": "/zeva", - "configure": ".*", - "write": ".*", - "read": ".*" - }, - { - "user": "admin", - "vhost": "/zeva", - "configure": ".*", - "write": ".*", - "read": ".*" - } - ], - "exchanges": [ - { - "name": "notifications", - "vhost": "/zeva", - "type": "fanout", - "durable": true, - "auto_delete": false, - "internal": false, - "arguments": {} - } - ], - "policies":[ - { - "vhost": "/zeva", - "name": "ha-all", - "pattern": "", - "definition": { - "ha-mode": "all", - "ha-sync-mode": "automatic", - "ha-sync-batch-size": 5 - } - } - ] -} \ No newline at end of file diff --git a/openshift-v3/templates/rabbitmq/rabbitmq-bc.yaml b/openshift-v3/templates/rabbitmq/rabbitmq-bc.yaml deleted file mode 100644 index f54c1a85f..000000000 --- a/openshift-v3/templates/rabbitmq/rabbitmq-bc.yaml +++ /dev/null @@ -1,73 +0,0 @@ ---- -## This build config is not being used. -kind: Template -apiVersion: v1 -metadata: - name: rabbitmq-bc - creationTimestamp: -parameters: - - name: ENV_NAME - required: true - - name: GIT_URL - displayName: Zeva Git Repo URL - description: The URL to your GIT repo - required: true - value: https://github.com/bcgov/zeva.git - - name: GIT_REF - displayName: Git Reference - description: The git reference or branch. - required: true - value: master -objects: - - apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the rabbitmq image - creationTimestamp: null - name: rabbitmq - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" - - kind: BuildConfig - apiVersion: v1 - metadata: - name: rabbitmq-${ENV_NAME} - creationTimestamp: - spec: - triggers: [] - runPolicy: SerialLatestOnly - source: - contextDir: openshift/templates/rabbitmq/docker - git: - ref: ${GIT_REF} - uri: ${GIT_URL} - type: Git - strategy: - type: Docker - dockerStrategy: - env: - - name: ADMIN_PASSWORD - valueFrom: - secretKeyRef: - name: zeva-rabbitmq-${ENV_NAME} - key: ADMIN_PASSWORD - - name: ZEVA_PASSWORD - valueFrom: - secretKeyRef: - name: zeva-rabbitmq-${ENV_NAME} - key: ZEVA_PASSWORD - forcePull: false - noCache: true - imageOptimizationPolicy: SkipLayers - output: - to: - kind: ImageStreamTag - name: rabbitmq:3.8.3-management-${ENV_NAME} - resources: {} - postCommit: {} - nodeSelector: - status: - lastVersion: 0 diff --git a/openshift-v3/templates/rabbitmq/rabbitmq-cluster-dc.yaml b/openshift-v3/templates/rabbitmq/rabbitmq-cluster-dc.yaml deleted file mode 100644 index 7253d651b..000000000 --- a/openshift-v3/templates/rabbitmq/rabbitmq-cluster-dc.yaml +++ /dev/null @@ -1,317 +0,0 @@ -apiVersion: v1 -kind: Template -metadata: - name: rabbitmq-cluster - annotations: - description: "Deploys a RabbitMQ cluster" - iconClass: icon-rabbitmq - tags: rabbitmq,mq,messaging -parameters: -- name: NAME - displayName: - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true -- name: ENV_NAME - displayName: - description: sample is dev, test and prod - required: true -- name: SUFFIX - displayName: - description: sample is -dev-161 - required: true -- name: NAMESPACE - description: "OpenShift project (current namespace)" - value: tbiwaq-dev - required: true -- name: CLUSTER_NAME - description: "Name of the RabbitMQ cluster" - value: rabbitmq-cluster -- name: ISTAG - description: "Image to deploy" - value: rabbitmq:3.8.3-management -- name: SERVICE_ACCOUNT - description: "Name of the service account used by RabbitMQ k8s plugin" - value: rabbitmq-discovery -- name: VOLUME_SIZE - description: "Size of the RabbitMQ data volume" - value: '1Gi' -- name: CPU_REQUEST - displayName: Requested CPU - description: Requested CPU - required: true - value: '200m' -- name: CPU_LIMIT - displayName: CPU upper limit - description: CPU upper limit - required: true - value: '1000m' -- name: MEMORY_REQUEST - displayName: Requested memory - description: Requested memory - required: true - value: '256Mi' -- name: MEMORY_LIMIT - displayName: Memory upper limit - description: Memory upper limit - required: true - value: '2Gi' -- name: REPLICA - value: '2' -- name: POST_START_SLEEP - value: '120' -- name: STORAGE_CLASS - value: netapp-block-standard - -objects: - -# This service account is needed for rabbit_peer_discovery_k8s plugin to be able to discover -# cluster nodes -- apiVersion: v1 - kind: ServiceAccount - metadata: - name: ${NAME}${SUFFIX}-${SERVICE_ACCOUNT} - -- apiVersion: v1 - kind: RoleBinding - metadata: - name: ${NAME}${SUFFIX}-${SERVICE_ACCOUNT}-view - roleRef: - kind: Role - name: view - subjects: - - kind: ServiceAccount - name: ${NAME}${SUFFIX}-${SERVICE_ACCOUNT} - -- apiVersion: v1 - kind: Secret - metadata: - annotations: - as-copy-of: template.rabbitmq-secret - name: ${NAME}${SUFFIX}-${CLUSTER_NAME}-secret - stringData: - username: ${RABBITMQ_USER} - password: ${RABBITMQ_PASS} - cookie: ${ERLANG_COOKIE} - type: kubernetes.io/basic-auth - -- apiVersion: v1 - kind: ConfigMap - metadata: - name: ${NAME}${SUFFIX}-${CLUSTER_NAME}-config - app: rabbitmq-cluster - data: - rabbitmq.conf: | - ## Clustering - cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s - cluster_formation.k8s.host = kubernetes.default.svc.cluster.local - cluster_formation.k8s.address_type = hostname - cluster_formation.k8s.hostname_suffix = .${NAME}${SUFFIX}-${CLUSTER_NAME}.${NAMESPACE}.svc.cluster.local - cluster_formation.node_cleanup.interval = 10 - cluster_formation.node_cleanup.only_log_warning = true - cluster_partition_handling = autoheal - ## queue master locator - queue_master_locator=min-masters - ## policy.json is from image customized - ## management.load_definitions = /etc/rabbitmq/policy.json - enabled_plugins: | - [rabbitmq_management,rabbitmq_peer_discovery_k8s]. - -# Load balancer -#- kind: Service -# apiVersion: v1 -# metadata: -# name: ${NAME}${SUFFIX}-${CLUSTER_NAME}-balancer -# spec: -# type: ClusterIP -# ports: -# - name: web -# protocol: TCP -# port: 15672 -# targetPort: 15672 -# - name: amqp -# protocol: TCP -# port: 5672 -# targetPort: 5672 -# selector: -# app: ${NAME}${SUFFIX}-${CLUSTER_NAME} - -# Headless service that makes it possible to lookup individual rabbitmq nodes -- apiVersion: v1 - kind: Service - metadata: - name: ${NAME}${SUFFIX}-${CLUSTER_NAME} - spec: - selector: - app: ${NAME}${SUFFIX}-${CLUSTER_NAME} - clusterIP: None - ports: - - name: amqp - protocol: TCP - port: 5672 - targetPort: 5672 - - name: web - protocol: TCP - port: 15672 - targetPort: 15672 - -- apiVersion: apps/v1beta1 - kind: StatefulSet - metadata: - name: ${NAME}${SUFFIX}-${CLUSTER_NAME} - spec: - serviceName: ${NAME}${SUFFIX}-${CLUSTER_NAME} - replicas: ${{REPLICA}} - podManagementPolicy: OrderedReady - selector: - matchLabels: - app: ${NAME}${SUFFIX}-${CLUSTER_NAME} - template: - metadata: - labels: - app: ${NAME}${SUFFIX}-${CLUSTER_NAME} - spec: - serviceAccountName: ${NAME}${SUFFIX}-${SERVICE_ACCOUNT} - terminationGracePeriodSeconds: 30 - containers: - - name: rabbitmq - lifecycle: - postStart: - exec: - command: - - /bin/sh - - '-c' - - |- - sleep 120 - rabbitmqctl list_users | grep guest 2> /dev/null - if [ $? -ne 0 ]; - then - rabbitmqctl add_user guest guest - rabbitmqctl set_user_tags guest administrator - rabbitmqctl set_policy --vhost /zeva ha-all ".*" '{"ha-mode":"all"}' - fi - command: - - sh - args: - - -c - - cp -v /etc/rabbitmq/rabbitmq.conf ${RABBITMQ_CONFIG_FILE}.conf; exec docker-entrypoint.sh rabbitmq-server - image: ${ISTAG} - imagePullPolicy: IfNotPresent - volumeMounts: - - name: config-volume - mountPath: /etc/rabbitmq - - name: rabbitmq-storage - mountPath: /var/lib/rabbitmq - ports: - - name: web - protocol: TCP - containerPort: 15672 - - name: amqp - protocol: TCP - containerPort: 5672 - resources: - limits: - cpu: ${CPU_LIMIT} - memory: ${MEMORY_LIMIT} - requests: - cpu: ${CPU_REQUEST} - memory: ${MEMORY_REQUEST} - livenessProbe: - exec: - command: ["rabbitmqctl", "node_health_check", "--timeout", "30"] - failureThreshold: 3 - initialDelaySeconds: 45 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - readinessProbe: - exec: - command: ["rabbitmqctl", "node_health_check", "--timeout", "9"] - failureThreshold: 3 - initialDelaySeconds: 45 - periodSeconds: 10 - successThreshold: 1 - timeoutSeconds: 10 - env: - - name: RABBITMQ_DEFAULT_USER - valueFrom: - secretKeyRef: - name: ${NAME}${SUFFIX}-${CLUSTER_NAME}-secret - key: username - - name: RABBITMQ_DEFAULT_PASS - valueFrom: - secretKeyRef: - name: ${NAME}${SUFFIX}-${CLUSTER_NAME}-secret - key: password - - name: RABBITMQ_ERLANG_COOKIE - valueFrom: - secretKeyRef: - name: ${NAME}${SUFFIX}-${CLUSTER_NAME}-secret - key: cookie - - name: K8S_SERVICE_NAME - value: ${NAME}${SUFFIX}-${CLUSTER_NAME} - - name: POD_IP - valueFrom: - fieldRef: - fieldPath: status.podIP - - name: POD_NAME - valueFrom: - fieldRef: - fieldPath: metadata.name - - name: POD_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: RABBITMQ_USE_LONGNAME - value: "true" - - name: RABBITMQ_NODENAME - value: "rabbit@$(POD_NAME).${NAME}${SUFFIX}-${CLUSTER_NAME}.$(POD_NAMESPACE).svc.cluster.local" - - name: RABBITMQ_CONFIG_FILE - value: /var/lib/rabbitmq/rabbitmq - - name: RABBITMQ_DEFAULT_VHOST - value: /zeva - volumes: - - name: config-volume - configMap: - name: ${NAME}${SUFFIX}-${CLUSTER_NAME}-config - items: - - key: rabbitmq.conf - path: rabbitmq.conf - - key: enabled_plugins - path: enabled_plugins - volumeClaimTemplates: - - metadata: - name: rabbitmq-storage - spec: - storageClassName: ${STORAGE_CLASS} - accessModes: [ "ReadWriteOnce" ] - resources: - requests: - storage: ${VOLUME_SIZE} - -## faster http test -# livenessProbe: -# failureThreshold: 3 -# httpGet: -# httpHeaders: -# - name: Authorization -# value: Basic -# path: /api/healthchecks/node -# port: 15672 -# scheme: HTTP -# initialDelaySeconds: 35 -# periodSeconds: 10 -# successThreshold: 1 -# timeoutSeconds: 20 -# readinessProbe: -# failureThreshold: 3 -# httpGet: -# httpHeaders: -# - name: Authorization -# value: Basic -# path: /api/healthchecks/node -# port: 15672 -# scheme: HTTP -# initialDelaySeconds: 35 -# periodSeconds: 10 -# successThreshold: 1 -# timeoutSeconds: 20 \ No newline at end of file diff --git a/openshift-v3/templates/rabbitmq/rabbitmq-secret-configmap-only.yaml b/openshift-v3/templates/rabbitmq/rabbitmq-secret-configmap-only.yaml deleted file mode 100644 index ca3d7b6d1..000000000 --- a/openshift-v3/templates/rabbitmq/rabbitmq-secret-configmap-only.yaml +++ /dev/null @@ -1,62 +0,0 @@ -apiVersion: v1 -kind: Template -metadata: - name: rabbitmq-cluster - annotations: - description: "Deploys a RabbitMQ cluster" - iconClass: icon-rabbitmq - tags: rabbitmq,mq,messaging -parameters: -- name: NAME - displayName: - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true -- name: ENV_NAME - displayName: - description: sample is dev, test and prod - required: true -- name: SUFFIX - displayName: - description: sample is -dev-161 - required: true -- name: NAMESPACE - description: "OpenShift project (current namespace)" - value: tbiwaq-dev - required: true -- name: CLUSTER_NAME - description: "Name of the RabbitMQ cluster" - value: rabbitmq-cluster -objects: -- apiVersion: v1 - kind: Secret - metadata: - annotations: - as-copy-of: template.rabbitmq-secret - name: ${NAME}${SUFFIX}-${CLUSTER_NAME}-secret - stringData: - username: ${RABBITMQ_USER} - password: ${RABBITMQ_PASS} - cookie: ${ERLANG_COOKIE} - type: kubernetes.io/basic-auth - -- apiVersion: v1 - kind: ConfigMap - metadata: - name: ${NAME}${SUFFIX}-${CLUSTER_NAME}-config - app: rabbitmq-cluster - data: - rabbitmq.conf: | - ## Clustering - cluster_formation.peer_discovery_backend = rabbit_peer_discovery_k8s - cluster_formation.k8s.host = kubernetes.default.svc.cluster.local - cluster_formation.k8s.address_type = hostname - cluster_formation.k8s.hostname_suffix = .${NAME}${SUFFIX}-${CLUSTER_NAME}.${NAMESPACE}.svc.cluster.local - cluster_formation.node_cleanup.interval = 10 - cluster_formation.node_cleanup.only_log_warning = true - cluster_partition_handling = autoheal - ## queue master locator - queue_master_locator=min-masters - ## policy.json is from image customized - ## management.load_definitions = /etc/rabbitmq/policy.json - enabled_plugins: | - [rabbitmq_management,rabbitmq_peer_discovery_k8s]. diff --git a/openshift-v3/templates/rabbitmq/rabbitmq-web-route.yaml b/openshift-v3/templates/rabbitmq/rabbitmq-web-route.yaml deleted file mode 100644 index 8c5db45e1..000000000 --- a/openshift-v3/templates/rabbitmq/rabbitmq-web-route.yaml +++ /dev/null @@ -1,53 +0,0 @@ -apiVersion: v1 -kind: Template -metadata: - name: rabbitmq-web-route - annotations: - description: "Deploys a RabbitMQ web route" - iconClass: icon-rabbitmq - tags: rabbitmq,mq,messaging -parameters: -- name: NAME - displayName: the module name - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true -- name: ENV_NAME - displayName: environment name - description: sample is dev, test and prod - required: true -- name: SUFFIX - displayName: suffix - description: sample is -dev-161 - required: true -- name: CLUSTER_NAME - displayName: rabbitmq cluster name - description: rabbitmq cluster name - value: rabbitmq-cluster - required: true -- name: OCP_NAME - displayName: openshift name - description: openshift name - required: true -objects: -- apiVersion: route.openshift.io/v1 - kind: Route - metadata: - creationTimestamp: null - labels: - name: rabbitmq - app: zeva - role: rabbitmq - env: ${ENV_NAME} - name: ${NAME}-rabbitmq-web${SUFFIX} - spec: - host: ${NAME}-rabbitmq-web${SUFFIX}.${OCP_NAME}.gov.bc.ca - port: - targetPort: web - tls: - insecureEdgeTerminationPolicy: Redirect - termination: edge - to: - kind: Service - name: ${NAME}${SUFFIX}-${CLUSTER_NAME} - weight: 100 - wildcardPolicy: None \ No newline at end of file diff --git a/openshift-v3/templates/rabbitmq/secret-template.yaml b/openshift-v3/templates/rabbitmq/secret-template.yaml deleted file mode 100644 index 96daba190..000000000 --- a/openshift-v3/templates/rabbitmq/secret-template.yaml +++ /dev/null @@ -1,27 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -parameters: -- name: RABBITMQ_USER - description: "Username for the RabbitMQ instance" - value: rabbitmq -- name: RABBITMQ_PASS - description: "Password securing the RabbitMQ instance" - from: '[a-zA-Z0-9]{16}' - generate: expression - required: true -- name: ERLANG_COOKIE - description: "Cookie used for authentication of cluster nodes" - from: '[a-zA-Z0-9]{16}' - generate: expression - required: true -objects: -- apiVersion: v1 - kind: Secret - metadata: - annotations: null - name: template.rabbitmq-secret - stringData: - username: ${RABBITMQ_USER} - password: ${RABBITMQ_PASS} - cookie: ${ERLANG_COOKIE} - type: Opaque \ No newline at end of file diff --git a/openshift-v3/templates/rabbitmq/zeva-rabbitmq-secret.yaml b/openshift-v3/templates/rabbitmq/zeva-rabbitmq-secret.yaml deleted file mode 100644 index b73bab730..000000000 --- a/openshift-v3/templates/rabbitmq/zeva-rabbitmq-secret.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -parameters: -- name: ADMIN_PASSWORD - from: '[a-zA-Z0-9]{8}' - generate: expression - required: true -- name: ZEVA_PASSWORD - from: '[a-zA-Z0-9]{16}' - generate: expression - required: true -objects: -- apiVersion: v1 - kind: Secret - metadata: - annotations: null - name: zeva-rabbitmq - stringData: - ADMIN_PASSWORD: ${ADMIN_PASSWORD} - ZEVA_PASSWORD: ${ZEVA_PASSWORD} - type: Opaque \ No newline at end of file diff --git a/openshift-v3/templates/redirect/Caddyfile b/openshift-v3/templates/redirect/Caddyfile deleted file mode 100644 index 0fb410a64..000000000 --- a/openshift-v3/templates/redirect/Caddyfile +++ /dev/null @@ -1,18 +0,0 @@ -0.0.0.0:2015 - -root /var/www/html - -log stdout - -errors stdout - -rewrite / { - regexp .* - to /migrated.html -} - -header / { - Cache-Control "no-cache, no-store, must-revalidate" - Pragma "no-cache" - Expires "0" -} diff --git a/openshift-v3/templates/redirect/migrated.html b/openshift-v3/templates/redirect/migrated.html deleted file mode 100644 index 65daecb9b..000000000 --- a/openshift-v3/templates/redirect/migrated.html +++ /dev/null @@ -1,20 +0,0 @@ - - - - - - - - -

    Zero-Emission Vehicles Reporting System has been migrated to a new platform.

    -

    If you are not redirected in five seconds, please click here.

    - - - \ No newline at end of file diff --git a/openshift-v3/templates/redirect/openshift/redirect-bc.yaml b/openshift-v3/templates/redirect/openshift/redirect-bc.yaml deleted file mode 100644 index 5a660350d..000000000 --- a/openshift-v3/templates/redirect/openshift/redirect-bc.yaml +++ /dev/null @@ -1,58 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: redirect -objects: -- apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the redirect image - labels: - shared: "true" - creationTimestamp: null - generation: 643 - name: redirect - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" -- apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - creationTimestamp: null - labels: - app: redirect - name: redirect - spec: - failedBuildsHistoryLimit: 5 - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: redirect:latest - postCommit: {} - resources: {} - runPolicy: SerialLatestOnly - source: - contextDir: openshift-v3/templates/redirect - git: - ref: update-redirect-url-on-v3 - uri: https://github.com/bcgov/zeva.git - type: Git - strategy: - sourceStrategy: - from: - kind: ImageStreamTag - name: bcgov-s2i-caddy:latest - namespace: openshift - type: Source - successfulBuildsHistoryLimit: 5 - triggers: - - type: ConfigChange - - imageChange: {} - type: ImageChange - status: - lastVersion: 0 diff --git a/openshift-v3/templates/redirect/openshift/redirect-dc.yaml b/openshift-v3/templates/redirect/openshift/redirect-dc.yaml deleted file mode 100644 index 049d58058..000000000 --- a/openshift-v3/templates/redirect/openshift/redirect-dc.yaml +++ /dev/null @@ -1,100 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: redirect-dc -objects: -- apiVersion: v1 - kind: Service - metadata: - creationTimestamp: null - labels: - app: redirect - name: redirect - spec: - ports: - - name: 2015-tcp - port: 2015 - protocol: TCP - targetPort: 2015 - selector: - app: redirect - deploymentconfig: redirect - sessionAffinity: None - type: ClusterIP - status: - loadBalancer: {} -- apiVersion: apps.openshift.io/v1 - kind: DeploymentConfig - metadata: - creationTimestamp: null - generation: 47 - labels: - app: redirect - name: redirect - spec: - replicas: 1 - revisionHistoryLimit: 10 - selector: - app: redirect - deploymentconfig: redirect - strategy: - activeDeadlineSeconds: 21600 - resources: {} - rollingParams: - intervalSeconds: 1 - maxSurge: 25% - maxUnavailable: 25% - timeoutSeconds: 600 - updatePeriodSeconds: 1 - type: Rolling - template: - metadata: - annotations: - openshift.io/generated-by: OpenShiftNewApp - creationTimestamp: null - labels: - app: redirect - deploymentconfig: redirect - spec: - containers: - - image: - imagePullPolicy: Always - name: redirect - ports: - - containerPort: 2015 - protocol: TCP - resources: - limits: - cpu: 100m - memory: 128Mi - requests: - cpu: 50m - memory: 128Mi - terminationMessagePath: /dev/termination-log - terminationMessagePolicy: File - dnsPolicy: ClusterFirst - restartPolicy: Always - schedulerName: default-scheduler - securityContext: {} - terminationGracePeriodSeconds: 30 - test: false - triggers: - - type: ConfigChange - - imageChangeParams: - automatic: true - containerNames: - - redirect - from: - kind: ImageStreamTag - name: redirect:latest - namespace: tbiwaq-tools - lastTriggeredImage: - type: ImageChange - status: - availableReplicas: 0 - latestVersion: 0 - observedGeneration: 0 - replicas: 0 - unavailableReplicas: 0 - updatedReplicas: 0 diff --git a/openshift-v3/templates/schemaspy/README.md b/openshift-v3/templates/schemaspy/README.md deleted file mode 100644 index 2b3bc08cf..000000000 --- a/openshift-v3/templates/schemaspy/README.md +++ /dev/null @@ -1,5 +0,0 @@ -### Files included - -* schemaspy-bc.yaml schemaspy build config -* schemaspy-dc.yaml schemaspy deployment config - diff --git a/openshift-v3/templates/schemaspy/schemaspy-bc.yaml b/openshift-v3/templates/schemaspy/schemaspy-bc.yaml deleted file mode 100644 index 829853f48..000000000 --- a/openshift-v3/templates/schemaspy/schemaspy-bc.yaml +++ /dev/null @@ -1,44 +0,0 @@ -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: schemaspy -objects: -- apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the schemaspy image - creationTimestamp: null - name: schemaspy - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: "" -- apiVersion: build.openshift.io/v1 - kind: BuildConfig - metadata: - creationTimestamp: null - name: schemaspy - spec: - nodeSelector: null - output: - to: - kind: ImageStreamTag - name: schemaspy:latest - namspace: tbiwaq-tools - postCommit: {} - resources: {} - runPolicy: Serial - source: - git: - uri: https://github.com/bcgov/SchemaSpy.git - type: Git - strategy: - dockerStrategy: {} - type: Docker - triggers: - - type: ConfigChange - status: - lastVersion: 0 diff --git a/openshift-v3/templates/schemaspy/schemaspy-dc.yaml b/openshift-v3/templates/schemaspy/schemaspy-dc.yaml deleted file mode 100644 index e928163c9..000000000 --- a/openshift-v3/templates/schemaspy/schemaspy-dc.yaml +++ /dev/null @@ -1,192 +0,0 @@ ---- -kind: Template -apiVersion: template.openshift.io/v1 -metadata: - name: schemaspy-dc - creationTimestamp: -parameters: - - name: SUFFIX - displayName: suffic - description: env name plus pr number, sample is -dev-120 - required: true - - name: ENV_NAME - value: dev - displayName: Environment name - description: 'Environment name, dev, test and prod' - required: true - - name: CPU_REQUEST - displayName: Requested CPU - description: Requested CPU - required: true - value: '20m' - - name: CPU_LIMIT - displayName: CPU upper limit - description: CPU upper limit - required: true - value: '1000m' - - name: MEMORY_REQUEST - displayName: Requested memory - description: Requested memory - required: true - value: '250M' - - name: MEMORY_LIMIT - displayName: Memory upper limit - description: Memory upper limit - required: true - value: '1500M' - - name: HEALTH_CHECK_DELAY - value: '150' - displayName: - description: readyness and liveness initial delay seconds - required: true - - name: OCP_NAME - displayName: Openshift name - description: Openshift name - required: true -objects: - - kind: DeploymentConfig - apiVersion: apps.openshift.io/v1 - metadata: - name: schemaspy-public${SUFFIX} - creationTimestamp: - annotations: - description: Defines how to deploy the container. - spec: - strategy: - type: Recreate - recreateParams: - timeoutSeconds: 1100 - resources: {} - activeDeadlineSeconds: 1200 - triggers: - - type: ImageChange - imageChangeParams: - automatic: true - containerNames: - - schemaspy-public - from: - kind: ImageStreamTag - namespace: tbiwaq-tools - name: schemaspy:prod - lastTriggeredImage: - - type: ConfigChange - replicas: 1 - test: false - selector: - name: schemaspy-public${SUFFIX} - template: - metadata: - name: schemaspy-public${SUFFIX} - creationTimestamp: - labels: - name: schemaspy-public${SUFFIX} - spec: - initContainers: - - name: wait-for-database - image: toschneck/wait-for-it:latest - command: ['sh', '-c', './wait-for-it.sh -t 0 zeva-backend${SUFFIX}.tbiwaq-${ENV_NAME}.svc.cluster.local:8080'] - containers: - - name: schemaspy-public - image: - ports: - - containerPort: 8080 - protocol: TCP - env: - - name: DATABASE_SERVICE_NAME - value: patroni-master${SUFFIX} - - name: POSTGRESQL_DATABASE - valueFrom: - secretKeyRef: - key: app-db-name - name: patroni${SUFFIX} - - name: POSTGRESQL_USER - valueFrom: - secretKeyRef: - key: app-db-username - name: patroni${SUFFIX} - - name: POSTGRESQL_PASSWORD - valueFrom: - secretKeyRef: - key: app-db-password - name: patroni${SUFFIX} - - name: SCHEMASPY_ARGUMENTS - value: -desc zeva-${SUFFIX} - resources: - limits: - cpu: ${CPU_LIMIT} - memory: ${MEMORY_LIMIT} - requests: - cpu: ${CPU_REQUEST} - memory: ${MEMORY_REQUEST} - livenessProbe: - httpGet: - path: "/" - port: 8080 - scheme: HTTP - initialDelaySeconds: ${{HEALTH_CHECK_DELAY}} - timeoutSeconds: 3 - periodSeconds: 15 - successThreshold: 1 - failureThreshold: 70 - readinessProbe: - httpGet: - path: "/" - port: 8080 - scheme: HTTP - initialDelaySeconds: ${{HEALTH_CHECK_DELAY}} - timeoutSeconds: 3 - periodSeconds: 15 - successThreshold: 1 - failureThreshold: 70 - terminationMessagePath: "/dev/termination-log" - terminationMessagePolicy: File - imagePullPolicy: IfNotPresent - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler - status: - latestVersion: 0 - observedGeneration: 0 - replicas: 0 - updatedReplicas: 0 - availableReplicas: 0 - unavailableReplicas: 0 - - kind: Service - apiVersion: v1 - metadata: - name: schemaspy-public${SUFFIX} - creationTimestamp: - annotations: - description: Exposes and load balances the application pods - spec: - ports: - - name: 8080-tcp - protocol: TCP - port: 8080 - targetPort: 8080 - selector: - name: schemaspy-public${SUFFIX} - type: ClusterIP - sessionAffinity: None - status: - loadBalancer: {} - - kind: Route - apiVersion: route.openshift.io/v1 - metadata: - name: schemaspy-public${SUFFIX} - creationTimestamp: - spec: - host: schemaspy-public${SUFFIX}.${OCP_NAME}.gov.bc.ca - to: - kind: Service - name: schemaspy-public${SUFFIX} - weight: 100 - port: - targetPort: 8080-tcp - tls: - termination: edge - insecureEdgeTerminationPolicy: Allow - wildcardPolicy: None - status: diff --git a/openshift-v3/templates/unittest/README.md b/openshift-v3/templates/unittest/README.md deleted file mode 100644 index 51093dc0e..000000000 --- a/openshift-v3/templates/unittest/README.md +++ /dev/null @@ -1,7 +0,0 @@ -### Files included - -* backend-dc-unittest.yaml -* postgresql-dc-unittest.yaml -* zeva-postgresql-init.yaml configmap to init postgresql database, it is only used by postgresql not by patroni - -Pipeline creates unite test database and backend separately. \ No newline at end of file diff --git a/openshift-v3/templates/unittest/postgresql-dc-unittest.yaml b/openshift-v3/templates/unittest/postgresql-dc-unittest.yaml deleted file mode 100644 index 7ed0197cd..000000000 --- a/openshift-v3/templates/unittest/postgresql-dc-unittest.yaml +++ /dev/null @@ -1,193 +0,0 @@ ---- -kind: Template -apiVersion: v1 -labels: - template: zeva-postgresql-persistent-template -metadata: - name: postgresql-dc-unittest - creationTimestamp: -parameters: - - name: NAME - displayName: - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true - - name: SUFFIX - displayName: - description: sample is -dev-97 - required: true - - name: ENV_NAME - displayName: Environment Name - description: Environment Name - required: true - - name: ZEVA_DB_USER - description: Username for PostgreSQL user that will be used for accessing the database. - from: zevaunittest - generate: expression - required: true - - name: ZEVA_DB_PASSWORD - description: Password for the PostgreSQL connection user. - from: "[a-zA-Z0-9]{16}" - generate: expression - required: true - - name: CPU_REQUEST - value: 200m - displayName: Requested CPU - description: Requested CPU - required: true - - name: CPU_LIMIT - value: 400m - displayName: CPU upper limit - description: CPU upper limit - required: true - - name: MEMORY_REQUEST - value: 400M - displayName: Requested memory - description: Requested memory - required: true - - name: MEMORY_LIMIT - value: 700M - displayName: Memory upper limit - description: Memory upper limit - required: true - - name: DB_PVC_SIZE - value: 2G - displayName: PVC Size - description: PVC Size - required: true -objects: - - apiVersion: v1 - kind: Secret - metadata: - name: ${NAME}-postgresql-unittest${SUFFIX} - stringData: - DATABASE_USER: "${ZEVA_DB_USER}" - DATABASE_PASSWORD: "${ZEVA_DB_PASSWORD}" - - kind: Service - apiVersion: v1 - metadata: - name: ${NAME}-postgresql-unittest${SUFFIX} - labels: - name: postgresql - app: zeva - role: postgresql-unittest - env: ${ENV_NAME} - spec: - ports: - - name: postgresql - protocol: TCP - port: 5432 - targetPort: 5432 - selector: - name: ${NAME}-postgresql-unittest${SUFFIX} - type: ClusterIP - sessionAffinity: None - status: - loadBalancer: {} - - apiVersion: v1 - kind: PersistentVolumeClaim - metadata: - name: ${NAME}-postgresql-unittest${SUFFIX} - annotations: - volume.beta.kubernetes.io/storage-class: netapp-block-standard - template.openshift.io.bcgov/create: 'true' - spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: "${DB_PVC_SIZE}" - - kind: DeploymentConfig - apiVersion: v1 - metadata: - annotations: - template.alpha.openshift.io/wait-for-ready: 'true' - name: ${NAME}-postgresql-unittest${SUFFIX} - labels: - name: postgresql - app: zeva - role: postgresql-unittest - env: ${ENV_NAME} - spec: - replicas: 1 - strategy: - type: Recreate - triggers: - - imageChangeParams: - automatic: true - containerNames: - - postgresql-unittest - from: - kind: ImageStreamTag - namespace: tbiwaq-tools - name: postgresql:10-1-47 - lastTriggeredImage: - type: ImageChange - - type: ConfigChange - test: false - selector: - name: ${NAME}-postgresql-unittest${SUFFIX} - template: - metadata: - creationTimestamp: - labels: - name: ${NAME}-postgresql-unittest${SUFFIX} - spec: - volumes: - - name: postgresql-data - persistentVolumeClaim: - claimName: ${NAME}-postgresql-unittest${SUFFIX} - - configMap: - defaultMode: 420 - name: ${NAME}-postgresql-init${SUFFIX} - name: volume-vzqaq - containers: - - name: postgresql-unittest - image: " " - ports: - - containerPort: 5432 - protocol: TCP - env: - - name: POSTGRESQL_DATABASE - value: zeva - - name: POSTGRESQL_USER - valueFrom: - secretKeyRef: - name: ${NAME}-postgresql-unittest${SUFFIX} - key: DATABASE_USER - - name: POSTGRESQL_PASSWORD - valueFrom: - secretKeyRef: - name: ${NAME}-postgresql-unittest${SUFFIX} - key: DATABASE_PASSWORD - resources: - request: - cpu: "${CPU_REQUEST}" - memory: "${MEMORY_REQUEST}" - limits: - cpu: "${CPU_LIMIT}" - memory: "${MEMORY_LIMIT}" - volumeMounts: - - mountPath: /var/lib/pgsql/data - name: postgresql-data - - mountPath: /opt/app-root/src/postgresql-start - name: volume-vzqaq - readinessProbe: - tcpSocket: - port: 5432 - initialDelaySeconds: 25 - timeoutSeconds: 1 - periodSeconds: 10 - successThreshold: 1 - failureThreshold: 3 - terminationMessagePath: "/dev/termination-log" - terminationMessagePolicy: File - imagePullPolicy: IfNotPresent - securityContext: - capabilities: {} - privileged: false - restartPolicy: Always - terminationGracePeriodSeconds: 30 - dnsPolicy: ClusterFirst - securityContext: {} - schedulerName: default-scheduler - status: {} diff --git a/openshift-v3/templates/unittest/zeva-postgresql-init.yaml b/openshift-v3/templates/unittest/zeva-postgresql-init.yaml deleted file mode 100644 index a042bdd12..000000000 --- a/openshift-v3/templates/unittest/zeva-postgresql-init.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# This template only used for creating postgresql unit test database -apiVersion: template.openshift.io/v1 -kind: Template -metadata: - creationTimestamp: null - name: zeva-postgresql-init -parameters: - - name: NAME - displayName: - description: the module name entered when run yo bcdk:pipeline, which is zeva - required: true - - name: SUFFIX - displayName: - description: sample is -dev-97 - required: true -objects: -- apiVersion: v1 - data: - create-extension.sh: |- - psql -U postgres -q -c "ALTER USER $POSTGRESQL_USER Superuser CREATEDB" - prepare-init-scripts: |- - #!/bin/bash - DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" - set -x - mkdir -p "${APP_DATA}/src/postgresql-init" - find -L "$DIR" -maxdepth 1 -type f -name "*.sh" -exec cp {} "${APP_DATA}/src/postgresql-init/" \; - set +x - exec "$@" - kind: ConfigMap - metadata: - creationTimestamp: null - name: ${NAME}-postgresql-init${SUFFIX} diff --git a/openshift-v3/v4-migration/Readme.md b/openshift-v3/v4-migration/Readme.md deleted file mode 100644 index 255e2ca49..000000000 --- a/openshift-v3/v4-migration/Readme.md +++ /dev/null @@ -1,62 +0,0 @@ -# Openshift V4 Migration Plan - -## Challenges: -* Namespaces for V3 and V4 are different -* Production has been running on V3 and prod database needs to be migration from V3 to V4 - -## Status of Openshift V4 for Zeva - -* All three environments are up and running with Pull Request 365. -* Jenkins is up and running with GitHub webhooks disabled, it is not being triggered by pull requests. -* The dependencies have been setup to support BCDK pipeline. They include secrets, network security policies, pre-required base images and etc. -* The infrastructure team has setup DNS record for production domain zeroemissionvehicles.gov.bc.ca. The matching certificate has been ordered. Once it is received, the production migration process can be started. - -## Migration plan -### 1. Dev and Test migration -Dev and test will be migrated first at the early of the sprint. Once they are migrated, all development work can be tested on V4 but unfortunately the changes can't be moved to production until production is ready on V4. - -A branch has created specifically for v4 migration. The changes for the migration are located under .jenkins-v4, .pipeline-v4, openshift-v4 and .yo-rc.json-v4 on the branch. Follow the below steps when migration begins, they are all based on Openshift V4 -* Merge the pull requests as long as they are approved -* From the branch, copy the files over to the original locations and quickly scan the changes. -* Notify team Openshift V3 will be down -* Disable the GitHub webhooks to stop the notification to Jenkins on V3 -* Run ".jenkins/.pipeline/npm run clean" to delete the Jenkins 365 deployment on tools project as Jenkins prod instance is up and running. -* Run ".pipeline/npm run clean" to delete pull request 365 deployment on dev -* Run ".pipeline/npm run deploy" to deploy an existing pull request. -* Load the test data to database. -* Enable the webhooks in Zeva repo to open the notification to Jenkins on V4 -* Trigger the repo scan in Jenkins and verify if the pipeline is started. Only allow the Tracking PR gets deployed on Dev and terminate the other deployments. -* Create a test pull request and observe if pipeline is triggered to deploy this pull request on Dev -* If the deployment on Dev is successfully, go to Jenkins to let it deploy on Test -* Verify the deployment on Test - -At this point, both Dev and Test migrations are completed. Team can start to use V4 Dev and Test URLs. Remember to showdown all Dev and Test apps on V3. - -### 2. Production migration - -Production migration is planned at the end of the sprint. - -### 2.1 Production application migration -* Make sure database secrets are in sync between V3 and V4 -* Make sure the certificate is received and approved domain name has been applied in the routes. -* Make sure no clients are using prod on V3 other than product owner. -* Ask product owner to screen shot few most recent transactions to be used to verify after migration completes. -* Notify the team that our production migration will begin and shutdown all production applications other than database and backup container on V3. -* Run ".pipeline/npm run clean" to delete the existing prod deployment on V4 -* Run ".pipeline/npm run deploy" to deploy the current Tracking Pull Request to production. -* Apply the certificate to frontend route. -* Verify the deployment by browsing the home page. The alert should say you have no permission to access the app. - -### 2.2 Production database Migration -* Shutdown the frontend pods on prod to make sure no one can reach the app. -* The database secrets should have been synced at previous step. -* Run a backup on backup container on V3, then shutdown patroni on V3 -* Sync the backup to to the backup container on V4 -* Restore the database from the back on backup container on V4, sample command is listed as below - * ./backup.sh -r patroni-master-prod/zeva -f /backups/ -* Login v4 patroni pod to verify the database -* Use backup container on V4 to run the first production backup -* Bring up the frontend pods on V4 -* Ask product owner to verify the most recent transactions - -At this point, production migration is completed. diff --git a/openshift/templates/backend/README.md b/openshift/templates/backend/README.md index 3ffc45c15..8a33e2a63 100644 --- a/openshift/templates/backend/README.md +++ b/openshift/templates/backend/README.md @@ -23,3 +23,17 @@ 1. After pipeline completes, create autoscaler for backend * oc process -f backend-autoscaler.yaml | oc create -f - -n [project namespace] +2. Add new separate pod for testing upload process + * oc process -f upload-process-dc.yaml \ + NAME=zeva \ + SUFFIX=-test\ + VERSION=test-1.0.0 \ + ENV_NAME=test \ + BACKEND_HOST_NAME=zeva-backend-test.apps.silver.devops.gov.bc.ca \ + RABBITMQ_CLUSTER_NAME=rabbitmq-cluster + CPU_REQUEST=200m \ + CPU_LIMIT=700m \ + MEMORY_REQUEST=2Gi \ + MEMORY_LIMIT=5Gi \ + HEALTH_CHECK_DELAY=30 \ + REPLICAS=1 \ No newline at end of file diff --git a/openshift-v3/templates/unittest/backend-dc-unittest.yaml b/openshift/templates/backend/upload-process-dc.yaml similarity index 83% rename from openshift-v3/templates/unittest/backend-dc-unittest.yaml rename to openshift/templates/backend/upload-process-dc.yaml index 2bbeb15ce..82ae03c68 100644 --- a/openshift-v3/templates/unittest/backend-dc-unittest.yaml +++ b/openshift/templates/backend/upload-process-dc.yaml @@ -2,7 +2,7 @@ apiVersion: template.openshift.io/v1 kind: Template metadata: creationTimestamp: null - name: zeva-backend-dc-unittest + name: zeva-upload-dc parameters: - name: NAME displayName: null @@ -53,67 +53,33 @@ parameters: - name: REPLICAS value: '1' required: true - - name: DJANGO_SECRET - description: "Cookie used for authentication of cluster nodes" - from: "[a-zA-Z0-9]{50}" - generate: expression objects: - - apiVersion: v1 - kind: Secret - metadata: - labels: - app: ${NAME}${SUFFIX} - annotations: null - name: ${NAME}-django-unittest${SUFFIX} - stringData: - DJANGO_SECRET_KEY: ${DJANGO_SECRET} - - apiVersion: image.openshift.io/v1 - kind: ImageStream - metadata: - annotations: - description: Keeps track of changes in the backend image - labels: - shared: "true" - creationTimestamp: null - name: '${NAME}-backend' - spec: - lookupPolicy: - local: false - status: - dockerImageRepository: '' - apiVersion: apps.openshift.io/v1 kind: DeploymentConfig metadata: annotations: description: Defines how to deploy the application server creationTimestamp: null - labels: - name: backend - app: zeva - role: backend-unittest - env: ${ENV_NAME} - name: ${NAME}-backend-unittest${SUFFIX} + name: ${NAME}-upload${SUFFIX} spec: replicas: ${{REPLICAS}} revisionHistoryLimit: 10 selector: - name: ${NAME}-backend-unittest${SUFFIX} + name: ${NAME}-upload${SUFFIX} strategy: activeDeadlineSeconds: 800 + recreateParams: + timeoutSeconds: 600 resources: {} type: Recreate template: metadata: creationTimestamp: null labels: - name: ${NAME}-backend-unittest${SUFFIX} + name: ${NAME}-upload${SUFFIX} spec: - initContainers: - - name: wait-for-database - image: toschneck/wait-for-it:latest - command: ['sh', '-c', './wait-for-it.sh -t 0 ${NAME}-postgresql-unittest${SUFFIX}.tbiwaq-${ENV_NAME}.svc.cluster.local:5432'] containers: - - name: backend-unittest + - name: upload image: null imagePullPolicy: IfNotPresent env: @@ -122,24 +88,33 @@ objects: - name: DATABASE_USER valueFrom: secretKeyRef: - name: ${NAME}-postgresql-unittest${SUFFIX} - key: DATABASE_USER + name: patroni${SUFFIX} + key: app-db-username - name: DATABASE_PASSWORD valueFrom: secretKeyRef: - name: ${NAME}-postgresql-unittest${SUFFIX} - key: DATABASE_PASSWORD + name: patroni${SUFFIX} + key: app-db-password - name: DATABASE_ENGINE valueFrom: configMapKeyRef: name: ${NAME}-config${SUFFIX} key: database_engine - name: DATABASE_SERVICE_NAME - value: ${NAME}-postgresql-unittest${SUFFIX} + valueFrom: + configMapKeyRef: + name: ${NAME}-config${SUFFIX} + key: database_service_name - name: POSTGRESQL_SERVICE_HOST - value: ${NAME}-postgresql-unittest${SUFFIX}.tbiwaq-${SUFFIX}.svc.cluster.local + valueFrom: + configMapKeyRef: + name: ${NAME}-config${SUFFIX} + key: postgresql_service_host - name: POSTGRESQL_SERVICE_PORT - value: '5432' + valueFrom: + configMapKeyRef: + name: ${NAME}-config${SUFFIX} + key: postgresql_service_port - name: KEYCLOAK_CERTS_URL valueFrom: configMapKeyRef: @@ -203,7 +178,7 @@ objects: - name: DJANGO_SECRET_KEY valueFrom: secretKeyRef: - name: ${NAME}-django-unittest${SUFFIX} + name: ${NAME}-django${SUFFIX} key: DJANGO_SECRET_KEY - name: RABBITMQ_VHOST valueFrom: @@ -264,6 +239,26 @@ objects: configMapKeyRef: name: ${NAME}-config${SUFFIX} key: minio_endpoint + - name: EMAIL_SERVICE_CLIENT_ID + valueFrom: + secretKeyRef: + name: email-service + key: EMAIL_SERVICE_CLIENT_ID + - name: EMAIL_SERVICE_CLIENT_SECRET + valueFrom: + secretKeyRef: + name: email-service + key: EMAIL_SERVICE_CLIENT_SECRET + - name: CHES_AUTH_URL + valueFrom: + secretKeyRef: + name: email-service + key: CHES_AUTH_URL + - name: CHES_EMAIL_URL + valueFrom: + secretKeyRef: + name: email-service + key: CHES_EMAIL_URL livenessProbe: failureThreshold: 30 tcpSocket: @@ -302,7 +297,7 @@ objects: - imageChangeParams: automatic: true containerNames: - - backend-unittest + - upload from: kind: ImageStreamTag name: ${NAME}-backend:${VERSION} From f2566371c57bbb78a3c54afeba821d4aae8429c8 Mon Sep 17 00:00:00 2001 From: Emily <44536222+emi-hi@users.noreply.github.com> Date: Thu, 7 Jan 2021 13:41:17 -0800 Subject: [PATCH 6/7] added condition for displaying credit transaction tab in navbar to idir users (#489) --- frontend/src/app/components/Navbar.js | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/frontend/src/app/components/Navbar.js b/frontend/src/app/components/Navbar.js index 387b20dfc..d446d22d7 100644 --- a/frontend/src/app/components/Navbar.js +++ b/frontend/src/app/components/Navbar.js @@ -194,7 +194,8 @@ class Navbar extends Component { {CONFIG.FEATURES.CREDIT_TRANSACTIONS.ENABLED && typeof user.hasPermission === 'function' - && user.hasPermission('EDIT_SALES') + && ((!user.isGovernment && user.hasPermission('EDIT_SALES')) + || (user.isGovernment && user.hasPermission('VIEW_SALES'))) && (
  • Date: Thu, 7 Jan 2021 14:13:16 -0800 Subject: [PATCH 7/7] fixed condition for showing button on transfer modal (#490) --- frontend/src/credits/components/CreditTransfersForm.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/frontend/src/credits/components/CreditTransfersForm.js b/frontend/src/credits/components/CreditTransfersForm.js index a41d33958..8a0d2e915 100644 --- a/frontend/src/credits/components/CreditTransfersForm.js +++ b/frontend/src/credits/components/CreditTransfersForm.js @@ -45,8 +45,8 @@ const CreditTransfersForm = (props) => { handleSubmit={() => { setShowModal(false); handleSubmit(modalType.type); }} modalClass="w-75" showModal={showModal} - confirmClass={modalType === 'SUBMITTED' ? 'button primary' : 'btn-outline-danger'} - icon={modalType === 'SUBMITTED' ? : } + confirmClass={modalType.type === 'SUBMITTED' ? 'button primary' : 'btn-outline-danger'} + icon={modalType.type === 'SUBMITTED' ? : } >