Skip to content

Commit

Permalink
fix: Update Cloud Pak for Security to 1.10.15
Browse files Browse the repository at this point in the history
Signed-off-by: Denilson Nastacio <[email protected]>
  • Loading branch information
nastacio committed Sep 9, 2023
1 parent 166d9dc commit 2d29562
Show file tree
Hide file tree
Showing 10 changed files with 32 additions and 5 deletions.
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ Supported versions:
| Cloud Pak for Business Automation | [22.0.2](https://www.ibm.com/docs/en/cloud-paks/cp-biz-automation/22.0.2) | Multi-pattern starter deployment |
| Cloud Pak for Data | [4.7.1](https://www.ibm.com/docs/en/cloud-paks/cp-data/4.7.x?topic=overview) | Online, specialized installation |
| Cloud Pak for Integration | [2023.2](https://www.ibm.com/docs/en/cloud-paks/cp-integration/2023.2) | Online installation |
| Cloud Pak for Security | [1.10.12](https://www.ibm.com/docs/en/cloud-paks/cp-security/1.10) | Online installation |
| Cloud Pak for Security | [1.10.15](https://www.ibm.com/docs/en/cloud-paks/cp-security/1.10) | Online installation |
| Cloud Pak for Watson AIOps | [4.1.0](https://www.ibm.com/docs/en/cloud-paks/cloud-pak-watson-aiops/4.1.0) | Online Installation |

### Shared cluster
Expand All @@ -47,7 +47,7 @@ Starting with the v0.22 release, it is possible to deploy Cloud Paks using dedic

At the root of this configuration, lies a pre-synchronization hook inside the `cp-shared` application, which creates a default "common-service-maps" ConfigMap under the `kube-public` namespace, according to the instructions listed under <https://www.ibm.com/docs/en/cloud-paks/1.0?topic=cfs-installing-cloud-pak-foundational-services-in-multiple-namespaces>

Note that if you want to enable this feature and customize the target namespaces for Cloud Paks, you must update the parameters to the `cp-shared-app` application to override that default location.
Note that if you want to enable this feature and customize the target namespaces for Cloud Paks, you must update the parameters to the `cp-shared-app` application to override that default location.

### GitOps

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -123,10 +123,12 @@ spec:
oc get configmap "${config_map_name}" \
--namespace "${ARGOCD_NAMESPACE}" > /dev/null 2>&1 \
&& oc patch configmap "${config_map_name}" \
--patch "{\"data\":{\"cluster_domain\":\"${ocp_domain}\", \"roks_authentication\":\"${cp4s_roks_auth}\", \"serviceaccount.argocd_application_controller\":\"{{.Values.serviceaccount.argocd_application_controller}}\", \"storageclass.rwo\":\"${storage_class_rwo}\" }}" \
--patch "{\"data\":{\"cluster_domain\":\"${ocp_domain}\", \"dedicated_cs_enabled\":\"{{.Values.dedicated_cs.enabled}}\", \"dedicated_cs_namespace\":\"{{.Values.dedicated_cs.control_namespace}}\", \"roks_authentication\":\"${cp4s_roks_auth}\", \"serviceaccount.argocd_application_controller\":\"{{.Values.serviceaccount.argocd_application_controller}}\", \"storageclass.rwo\":\"${storage_class_rwo}\" }}" \
--namespace "${ARGOCD_NAMESPACE}" \
|| oc create configmap "${config_map_name}" \
--from-literal=cluster_domain="${ocp_domain}" \
--from-literal=dedicated_cs_enabled="{{.Values.dedicated_cs.enabled}}" \
--from-literal=dedicated_cs_namespace="{{.Values.dedicated_cs.enabled}}" \
--from-literal=roks_authentication="${cp4s_roks_auth}" \
--from-literal=serviceaccount.argocd_application_controller="{{.Values.serviceaccount.argocd_application_controller}}" \
--from-literal=storageclass.rwo="${storage_class_rwo}"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,11 @@ spec:
roks_authentication=$(oc get configmap argocd-cp4s-config \
--namespace "${ARGOCD_NAMESPACE}" -o jsonpath='{.data.roks_authentication}')
dedicated_cs_enabled=$(oc get configmap argocd-cp4s-config \
--namespace "${ARGOCD_NAMESPACE}" -o jsonpath='{.data.dedicated_cs_enabled}')
dedicated_cs_namespace=$(oc get configmap argocd-cp4s-config \
--namespace "${ARGOCD_NAMESPACE}" -o jsonpath='{.data.dedicated_cs_namespace}')
echo "INFO: Install Argo CLI."
# Install it from cluster, not from Internet, so airgap scenarios still work
argo_route=openshift-gitops-server
Expand All @@ -66,6 +71,8 @@ spec:
app_name=cp4s-app
echo "INFO: Patching storage for ${app_name}." \
&& "${argo_cmd}" app set "${app_name}" \
--helm-set-string dedicated_cs.enabled="${dedicated_cs_enabled}" \
--helm-set-string dedicated_cs.namespace="${dedicated_cs_namespace}" \
--helm-set-string cluster_domain="${cluster_domain}" \
--helm-set-string roks_authentication="${roks_authentication}" \
--helm-set-string storageclass.rwo="${storage_class_rwo}" \
Expand Down
4 changes: 4 additions & 0 deletions config/argocd-cloudpaks/cp4s/templates/cp4s-all-app.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,10 @@ spec:
value: {{.Values.admin_user}}
- name: cluster_domain
value: {{.Values.cluster_domain}}
- name: dedicated_cs.control_namespace
value: "{{.Values.dedicated_cs.control_namespace}}"
- name: dedicated_cs.enabled
value: "{{.Values.dedicated_cs.enabled}}"
- name: metadata.argocd_app_namespace
value: {{.Values.metadata.argocd_app_namespace}}
- name: repoURL
Expand Down
4 changes: 4 additions & 0 deletions config/argocd-cloudpaks/cp4s/templates/cp4s-app.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,10 @@ spec:
value: {{.Values.admin_user}}
- name: cluster_domain
value: {{.Values.cluster_domain}}
- name: dedicated_cs.control_namespace
value: "{{.Values.dedicated_cs.control_namespace}}"
- name: dedicated_cs.enabled
value: "{{.Values.dedicated_cs.enabled}}"
- name: metadata.argocd_app_namespace
value: {{.Values.metadata.argocd_app_namespace}}
- name: metadata.operators_namespace
Expand Down
3 changes: 3 additions & 0 deletions config/argocd-cloudpaks/cp4s/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,5 +9,8 @@ serviceaccount:
metadata:
argocd_app_namespace: cp4s
argocd_namespace: openshift-gitops
dedicated_cs:
control_namespace: cs-control
enabled: false
storageclass:
rwo: ocs-storagecluster-ceph-rbd
4 changes: 2 additions & 2 deletions config/cloudpaks/cp4s/Chart.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,9 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.3.2
version: 0.3.3

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
appVersion: 1.10.12
appVersion: 1.10.15
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,16 @@ spec:
storageClass: {{.Values.storageclass.rwo}}
extendedDeploymentConfiguration:
airgapInstall: false
clusterProxy: false
backupStorageClass: {{.Values.storageclass.rwo}}
backupStorageSize: ""
imagePullPolicy: IfNotPresent
repository: cp.icr.io/cp/cp4s
repositoryType: entitled
roksAuthentication: {{.Values.roks_authentication}}
{{ if eq ( default "false" .Values.dedicated_cs.enabled ) "true" }}
CSNamespace: "{{.Values.metadata.argocd_app_namespace}}-cs"
{{ end }}
threatManagementCapabilities:
deployDRC: true
deployRiskManager: true
Expand Down
3 changes: 3 additions & 0 deletions config/cloudpaks/cp4s/values.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@ cluster_domain: "to_be_set_by_presync_job"
metadata:
argocd_app_namespace: ibm-cloudpaks
argocd_namespace: openshift-gitops
dedicated_cs:
control_namespace: cs-control
enabled: false
serviceaccount:
argocd_application_controller: openshift-gitops-argocd-application-controller
ibm_cloudpaks_installer: ibm-cloudpaks-installer
Expand Down
1 change: 1 addition & 0 deletions tests/prebuild/yamllint-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ ignore: |
config/cloudpaks/cp4a/operators/templates/0100-operator-group.yaml
config/cloudpaks/cp4i/install-prereqs/templates/0000-namespace.yaml
config/cloudpaks/cp4i/install-prereqs/templates/0100-operator-group.yaml
config/cloudpaks/cp4s/templates/resources/200-cp4s-threat-mgmt.yaml
config/cloudpaks/cp4s/templates/subscriptions/050-cp4s-operator-group.yaml
config/cloudpaks/cp4waiops/install-aimgr/templates/subscriptions/050-operator-group.yaml
config/rhacm/cloudpaks/templates/placement-argocd.yaml
Expand Down

0 comments on commit 2d29562

Please sign in to comment.