diff --git a/api-gateway/src/main/resources/application-kubernetes.properties b/api-gateway/src/main/resources/application-kubernetes.properties new file mode 100644 index 0000000000..4628a4eb19 --- /dev/null +++ b/api-gateway/src/main/resources/application-kubernetes.properties @@ -0,0 +1,9 @@ +gateway.backend.url=http://backend +gateway.frontend.url=http://frontend +gateway.demo-cpg.url=http://demo-cpg +gateway.demo.url=http://demo +server.shutdown=graceful +management.endpoints.web.exposure.include=* +management.server.port=5301 +logging.level.org.springframework=DEBUG +logging.level.com.saveourtool=DEBUG \ No newline at end of file diff --git a/api-gateway/src/main/resources/application.yml b/api-gateway/src/main/resources/application.yml index cee958d482..e8c5fa8949 100644 --- a/api-gateway/src/main/resources/application.yml +++ b/api-gateway/src/main/resources/application.yml @@ -47,7 +47,7 @@ spring: - id: api_route uri: ${gateway.backend.url} predicates: - - Host=**.${hosts.save}:5300 + - Host=**.${hosts.save} - Path=/api/** filters: # If SESSION cookie is passed to downstream, it is then removed, because downstream discards it @@ -56,7 +56,7 @@ spring: - id: cosv_api_route uri: ${gateway.backend-cosv.url} predicates: - - Host=**.${hosts.cosv}:5300 + - Host=**.${hosts.cosv} - Path=/api/** filters: # If SESSION cookie is passed to downstream, it is then removed, because downstream discards it @@ -71,7 +71,7 @@ spring: - id: resource_route uri: ${gateway.frontend.url} predicates: - - Host=**.${hosts.save}:5300 + - Host=**.${hosts.save} - Path=/*.html,/*.js*,/*.css,/img/**,/*.ico,/*.png filters: # If SESSION cookie is passed to downstream, it is then removed, because downstream discards it @@ -79,7 +79,7 @@ spring: - id: index_route uri: ${gateway.frontend.url}/index.html predicates: - - Host=**.${hosts.save}:5300 + - Host=**.${hosts.save} - Path=/** filters: # If SESSION cookie is passed to downstream, it is then removed, because downstream discards it @@ -87,7 +87,7 @@ spring: - id: resource_route_cosv uri: ${gateway.frontend-cosv.url} predicates: - - Host=**.${hosts.cosv}:5300 + - Host=**.${hosts.cosv} - Path=/*.html,/*.js*,/*.css,/img/**,/*.ico,/*.png filters: # If SESSION cookie is passed to downstream, it is then removed, because downstream discards it @@ -95,7 +95,7 @@ spring: - id: index_route_cosv uri: ${gateway.frontend-cosv.url}/index.html predicates: - - Host=**.${hosts.cosv}:5300 + - Host=**.${hosts.cosv} - Path=/** filters: # If SESSION cookie is passed to downstream, it is then removed, because downstream discards it diff --git a/save-backend/src/main/resources/application-kubernetes.properties b/save-backend/src/main/resources/application-kubernetes.properties new file mode 100644 index 0000000000..a206426e5d --- /dev/null +++ b/save-backend/src/main/resources/application-kubernetes.properties @@ -0,0 +1,11 @@ +backend.preprocessor-url=http://preprocessor +backend.orchestrator-url=http://orchestrator +backend.demo-url=http://demo +backend.loki.url=http://loki:3100 +backend.loki.labels.agent-container-name=pod +backend.loki.labels.application-name=app +backend.agent-settings.backend-url=http://save-backend +server.shutdown=graceful +management.endpoints.web.exposure.include=* +management.server.port=5801 +spring.datasource.url=${spring.datasource.backend-url} diff --git a/save-backend/src/main/resources/application.properties b/save-backend/src/main/resources/application.properties index a5fb83abef..e8c54a7800 100644 --- a/save-backend/src/main/resources/application.properties +++ b/save-backend/src/main/resources/application.properties @@ -34,3 +34,5 @@ backend.s3-storage.prefix=cnb/files backend.s3-storage.credentials.accessKeyId=${s3-storage.credentials.accessKeyId} backend.s3-storage.credentials.secretAccessKey=${s3-storage.credentials.secretAccessKey} backend.working-dir=/home/cnb/working-dir +logging.level.org.springframework=DEBUG +logging.level.com.saveourtool=DEBUG diff --git a/save-cloud-charts/save-cloud/README.md b/save-cloud-charts/save-cloud/README.md index c1d71d8cae..a80c3b8b1d 100644 --- a/save-cloud-charts/save-cloud/README.md +++ b/save-cloud-charts/save-cloud/README.md @@ -5,8 +5,7 @@ It will also create a Service for an external MySQL database. api-gateway acts as an entrypoint and svc/gateway is actually a LoadBalancer. ## Prerequisites -* **save-backend** expects the following secrets to be set under the secret `db-secrets` (`kubectl create secret generic db-secrets <...>`, - also see Secrets section in dev profile in [mysql-deployment.yaml](templates/mysql-deployment.yaml) as a reference): +* **save-backend** expects the following secrets to be set under the secret `db-secrets` (`kubectl create secret generic db-secrets <...>` * `spring.datasource.username` * `spring.datasource.password` * `spring.datasource.backend-url` @@ -73,7 +72,3 @@ command line using `--set` flag. ```bash $ helm --kube-context=minikube --namespace=save-cloud upgrade -i save-cloud save-cloud-0.1.0.tgz/ --values values-minikube.yaml --values=values-images.yaml ``` -* Database migrations can be run by setting value `mysql.migrations.enabled` to `true` (no additional setup, migrations - are executed by init container, but may be too slow with constant recreations of backend pods) - or port 3306 of mysql pod can be forwarded and `liquibaseUpdate` can be executed manually. If needed, don't forget that - JDBC URL for liquibase in dev profile is read from `application-dev.properties` value `dev.datasource.url`. diff --git a/save-cloud-charts/save-cloud/templates/agent-backend-service.yaml b/save-cloud-charts/save-cloud/templates/agent-backend-service.yaml deleted file mode 100644 index 4a47b15150..0000000000 --- a/save-cloud-charts/save-cloud/templates/agent-backend-service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{ if .Values.agentNamespace }} - -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.backend.name }} - namespace: {{ .Values.agentNamespace }} -spec: - type: ExternalName - externalName: {{ .Values.backend.name }}.{{ .Values.namespace }}.svc.cluster.local - ports: - - port: {{ .Values.backend.containerPort }} - -{{ end }} diff --git a/save-cloud-charts/save-cloud/templates/agent-demo-service.yaml b/save-cloud-charts/save-cloud/templates/agent-demo-service.yaml deleted file mode 100644 index 38071fa5ac..0000000000 --- a/save-cloud-charts/save-cloud/templates/agent-demo-service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{ if .Values.agentNamespace }} - -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.demo.name }} - namespace: {{ .Values.agentNamespace }} -spec: - type: ExternalName - externalName: {{ .Values.demo.name }}.{{ .Values.namespace }}.svc.cluster.local - ports: - - port: {{ .Values.demo.containerPort }} - -{{ end }} diff --git a/save-cloud-charts/save-cloud/templates/agent-namespace.yaml b/save-cloud-charts/save-cloud/templates/agent-namespace.yaml deleted file mode 100644 index df2e85c5ff..0000000000 --- a/save-cloud-charts/save-cloud/templates/agent-namespace.yaml +++ /dev/null @@ -1,8 +0,0 @@ -{{ if .Values.agentNamespace }} - -apiVersion: v1 -kind: Namespace -metadata: - name: {{ .Values.agentNamespace }} - -{{ end }} \ No newline at end of file diff --git a/save-cloud-charts/save-cloud/templates/agent-network-policy-demo.yaml b/save-cloud-charts/save-cloud/templates/agent-network-policy-demo.yaml deleted file mode 100644 index 6f796a4cd9..0000000000 --- a/save-cloud-charts/save-cloud/templates/agent-network-policy-demo.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: agent-network-policy-demo - namespace: {{ .Values.agentNamespace }} -spec: - # Should be applied to save-demo-agents only - podSelector: - matchLabels: - io.kompose.service: save-demo-agent - policyTypes: - - Egress - egress: - - to: - # Allow traffic to save-demo - - namespaceSelector: - matchLabels: - name: {{ .Values.namespace }} - - podSelector: - matchLabels: - io.kompose.service: demo - ports: - - protocol: TCP - port: {{ .Values.demo.containerPort }} \ No newline at end of file diff --git a/save-cloud-charts/save-cloud/templates/agent-network-policy-general.yaml b/save-cloud-charts/save-cloud/templates/agent-network-policy-general.yaml deleted file mode 100644 index c553faa31a..0000000000 --- a/save-cloud-charts/save-cloud/templates/agent-network-policy-general.yaml +++ /dev/null @@ -1,29 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: agent-network-policy-general - namespace: {{ .Values.agentNamespace }} -spec: - # Should be applied to all pods in namespace - podSelector: {} - policyTypes: - - Egress - egress: - - to: - # https://stackoverflow.com/q/73049535 - - ipBlock: - cidr: 0.0.0.0/0 - # Forbid private IP ranges effectively allowing only egress to the Internet - except: - # - 12.0.0.0/8 - - 10.0.0.0/8 - - 172.16.0.0/12 - - 192.168.0.0/16 - - to: - # Allow traffic to kubernetes DNS service - - namespaceSelector: - matchLabels: - kubernetes.io/metadata.name: "kube-system" - - podSelector: - matchLabels: - k8s-app: "kube-dns" diff --git a/save-cloud-charts/save-cloud/templates/agent-network-policy-orchestrator.yaml b/save-cloud-charts/save-cloud/templates/agent-network-policy-orchestrator.yaml deleted file mode 100644 index b82e0d9e43..0000000000 --- a/save-cloud-charts/save-cloud/templates/agent-network-policy-orchestrator.yaml +++ /dev/null @@ -1,48 +0,0 @@ -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: agent-network-policy-orchestrator - namespace: {{ .Values.agentNamespace }} -spec: - # Should be applied to save-agents only - # - # As for now, there is no way to tell orchestrator pod so need to allow connection to orchestrator. - podSelector: - matchLabels: - io.kompose.service: save-agent - policyTypes: - - Egress - egress: - - to: - # Allow traffic to save-orchestrator - - namespaceSelector: - matchLabels: - name: {{ .Values.namespace }} - - podSelector: - matchLabels: - io.kompose.service: orchestrator - ports: - - protocol: TCP - port: {{ .Values.orchestrator.containerPort }} - - to: - # Allow traffic to save-backend - - namespaceSelector: - matchLabels: - name: {{ .Values.namespace }} - - podSelector: - matchLabels: - io.kompose.service: backend - ports: - - protocol: TCP - port: {{ .Values.backend.containerPort }} - - to: - # Allow traffic to save-backend-cosv - - namespaceSelector: - matchLabels: - name: {{ .Values.namespace }} - - podSelector: - matchLabels: - io.kompose.service: backend-cosv - ports: - - protocol: TCP - port: {{ .Values.backend_cosv.containerPort }} \ No newline at end of file diff --git a/save-cloud-charts/save-cloud/templates/agent-orchestrator-service.yaml b/save-cloud-charts/save-cloud/templates/agent-orchestrator-service.yaml deleted file mode 100644 index d9ba3de5e2..0000000000 --- a/save-cloud-charts/save-cloud/templates/agent-orchestrator-service.yaml +++ /dev/null @@ -1,14 +0,0 @@ -{{ if .Values.agentNamespace }} - -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.orchestrator.name }} - namespace: {{ .Values.agentNamespace }} -spec: - type: ExternalName - externalName: {{ .Values.orchestrator.name }}.{{ .Values.namespace }}.svc.cluster.local - ports: - - port: {{ .Values.orchestrator.containerPort }} - -{{ end }} diff --git a/save-cloud-charts/save-cloud/templates/agent.yaml b/save-cloud-charts/save-cloud/templates/agent.yaml new file mode 100644 index 0000000000..01e9aa0a9e --- /dev/null +++ b/save-cloud-charts/save-cloud/templates/agent.yaml @@ -0,0 +1,144 @@ +{{ if .Values.agentNamespace }} +# Namespace config for agent service +apiVersion: v1 +kind: Namespace +metadata: + name: {{ .Values.agentNamespace }} +--- +#agent services +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.backend_cosv.name }} + namespace: {{ .Values.agentNamespace }} +spec: + type: ExternalName + externalName: {{ .Values.backend_cosv.name }}.{{ .Values.namespace }}.svc.cluster.local + ports: + - port: {{ .Values.backend_cosv.containerPort }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.backend.name }} + namespace: {{ .Values.agentNamespace }} +spec: + type: ExternalName + externalName: {{ .Values.backend.name }}.{{ .Values.namespace }}.svc.cluster.local + ports: + - port: {{ .Values.backend.containerPort }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.orchestrator.name }} + namespace: {{ .Values.agentNamespace }} +spec: + type: ExternalName + externalName: {{ .Values.orchestrator.name }}.{{ .Values.namespace }}.svc.cluster.local + ports: + - port: {{ .Values.orchestrator.containerPort }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.demo.name }} + namespace: {{ .Values.agentNamespace }} +spec: + type: ExternalName + externalName: {{ .Values.demo.name }}.{{ .Values.namespace }}.svc.cluster.local + ports: + - port: {{ .Values.demo.containerPort }} +--- +# General network policy for agent service +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: agent-network-policy-general + namespace: {{ .Values.agentNamespace }} +spec: + # Should be applied to all pods in namespace + podSelector: {} + policyTypes: + - Egress + egress: + - to: + # https://stackoverflow.com/q/73049535 + - ipBlock: + cidr: 0.0.0.0/0 + # Forbid private IP ranges effectively allowing only egress to the Internet + except: + - 10.0.0.0/8 + - 172.16.0.0/12 + - 192.168.0.0/16 + - to: + # Allow traffic to kubernetes DNS service + - namespaceSelector: + matchLabels: + kubernetes.io/metadata.name: "kube-system" + - podSelector: + matchLabels: + k8s-app: "kube-dns" + +--- +# agent network policy for services +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: agent-network-policy-services + namespace: {{ .Values.agentNamespace }} +spec: + # Should be applied to save-agents only + # + # As for now, there is no way to tell orchestrator pod so need to allow connection to orchestrator. + podSelector: + matchLabels: + io.kompose.service: save-agent + policyTypes: + - Egress + egress: + - to: + # Allow traffic to save-orchestrator + - namespaceSelector: + matchLabels: + name: {{ .Values.namespace }} + - podSelector: + matchLabels: + io.kompose.service: orchestrator + ports: + - protocol: TCP + port: {{ .Values.orchestrator.containerPort }} + - to: + # Allow traffic to save-backend + - namespaceSelector: + matchLabels: + name: {{ .Values.namespace }} + - podSelector: + matchLabels: + io.kompose.service: backend + ports: + - protocol: TCP + port: {{ .Values.backend.containerPort }} + - to: + # Allow traffic to save-backend-cosv + - namespaceSelector: + matchLabels: + name: {{ .Values.namespace }} + - podSelector: + matchLabels: + io.kompose.service: backend-cosv + ports: + - protocol: TCP + port: {{ .Values.backend_cosv.containerPort }} + - to: + # Allow traffic to save-demo + - namespaceSelector: + matchLabels: + name: {{ .Values.namespace }} + - podSelector: + matchLabels: + io.kompose.service: demo + ports: + - protocol: TCP + port: {{ .Values.demo.containerPort }} +{{ end }} \ No newline at end of file diff --git a/save-cloud-charts/save-cloud/templates/backend-configmap.yaml b/save-cloud-charts/save-cloud/templates/backend-configmap.yaml deleted file mode 100644 index 873e48ff2d..0000000000 --- a/save-cloud-charts/save-cloud/templates/backend-configmap.yaml +++ /dev/null @@ -1,19 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Values.backend.name }}-config -data: - application.properties: | - backend.preprocessor-url=http://preprocessor - backend.orchestrator-url=http://orchestrator - backend.demo-url=http://demo - backend.loki.url=http://loki:3100 - backend.loki.labels.agent-container-name=pod - backend.loki.labels.application-name=app - backend.agent-settings.backend-url=http://{{ .Values.backend.name }} - server.shutdown=graceful - management.endpoints.web.exposure.include=* - management.server.port={{ .Values.backend.managementPort }} - spring.datasource.url=${spring.datasource.backend-url} - logging.level.org.springframework=DEBUG - logging.level.com.saveourtool=DEBUG diff --git a/save-cloud-charts/save-cloud/templates/backend-cosv-deployment.yaml b/save-cloud-charts/save-cloud/templates/backend-cosv-deployment.yaml index 5c82095fb8..02f447ece5 100644 --- a/save-cloud-charts/save-cloud/templates/backend-cosv-deployment.yaml +++ b/save-cloud-charts/save-cloud/templates/backend-cosv-deployment.yaml @@ -48,7 +48,7 @@ spec: - name: git-cloner image: alpine/git env: - {{ if .Values.proxy.enabled }} + {{ if .Values.proxy.enabled | default false }} {{- with .Values.proxy.extraEnv }} {{- toYaml . | nindent 12 }} {{- end }} @@ -57,7 +57,7 @@ spec: - clone - --progress - --verbose - {{ if .Values.proxy.enabled }} + {{ if .Values.proxy.enabled | default false }} {{- with .Values.proxy.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} @@ -108,7 +108,7 @@ spec: secretKeyRef: name: db-secrets key: spring.datasource.password - {{ if .Values.proxy.enabled }} + {{ if .Values.proxy.enabled | default false }} {{- with .Values.proxy.extraEnv }} {{- toYaml . | nindent 12 }} {{- end }} diff --git a/save-cloud-charts/save-cloud/templates/backend-cosv.yaml b/save-cloud-charts/save-cloud/templates/backend-cosv.yaml new file mode 100644 index 0000000000..30aa3911d9 --- /dev/null +++ b/save-cloud-charts/save-cloud/templates/backend-cosv.yaml @@ -0,0 +1,159 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: backend-cosv + labels: + {{- include "common.labels" (merge (dict "service" .Values.backend_cosv) .) | nindent 4 }} +spec: + selector: + matchLabels: + io.kompose.service: backend-cosv + strategy: + # Because of shared volume with multi-attach problem + type: Recreate + template: + metadata: + labels: + {{- include "pod.common.labels" (merge (dict "service" .Values.backend_cosv ) .) | nindent 8 }} + annotations: + {{- include "pod.common.annotations" (dict "service" .Values.backend_cosv ) | nindent 8 }} + spec: + restartPolicy: Always + {{- include "cnb.securityContext" . | nindent 6 }} + containers: + - name: backend-cosv + {{- include "spring-boot.common" (merge (dict "service" .Values.backend_cosv) .) | nindent 10 }} + env: + {{- include "spring-boot.common.env" (merge (dict "service" .Values.backend_cosv) .) | nindent 12 }} + - name: DATABASE_SECRETS_PATH + value: {{ .Values.mysql.dbPasswordFile }} + - name: S3_SECRETS_PATH + value: {{ .Values.s3.secretFile }} + - name: JAVA_TOOL_OPTIONS + value: -XX:ReservedCodeCacheSize=48M + volumeMounts: + - {{ include "spring-boot.config-volume-mount" . | indent 14 | trim }} + - name: database-secret + mountPath: {{ .Values.mysql.dbPasswordFile }} + - name: s3-secrets + mountPath: {{ .Values.s3.secretFile }} + {{- include "spring-boot.management" .Values.backend_cosv | nindent 10 }} + resources: + limits: + memory: 2G + requests: + memory: 1G + initContainers: + - name: git-cloner + image: alpine/git + env: + {{ if .Values.proxy.enabled | default false }} + {{- with .Values.proxy.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{ end }} + args: + - clone + - --progress + - --verbose + {{ if .Values.proxy.enabled | default false }} + {{- with .Values.proxy.extraArgs }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{ end }} + - --single-branch + - --branch + - {{ .Values.mysql.migrations.branch | default "master" }} + - -- + - https://github.com/saveourtool/save-cloud.git + - /data + volumeMounts: + - mountPath: /data + name: migrations-data + - name: liquibase-runner + image: liquibase/liquibase:4.20 + securityContext: + runAsUser: 1001 + runAsGroup: 1001 + args: + - --url=$(DB_URL)?createDatabaseIfNotExist=true + - --changeLogFile=db/db.changelog-master.xml + - --username=$(DB_USERNAME) + - --password=$(DB_PASSWORD) + - --log-level=info + - --contexts={{ .Values.profile }} + - update + resources: + requests: + memory: 100M + limits: + memory: 300M + env: + # See https://hub.docker.com/r/liquibase/liquibase, section 'Notice for MySQL Users' + - name: INSTALL_MYSQL + value: 'true' + - name: DB_URL + valueFrom: + secretKeyRef: + name: db-secrets + key: spring.datasource.backend-url + - name: DB_USERNAME + valueFrom: + secretKeyRef: + name: db-secrets + key: spring.datasource.username + - name: DB_PASSWORD + valueFrom: + secretKeyRef: + name: db-secrets + key: spring.datasource.password + {{ if .Values.proxy.enabled | default false }} + {{- with .Values.proxy.extraEnv }} + {{- toYaml . | nindent 12 }} + {{- end }} + {{ end }} + volumeMounts: + - mountPath: /liquibase/changelog + name: migrations-data + - mountPath: {{ .Values.mysql.dbPasswordFile }} + name: database-secret + - mountPath: /etc/ssl/certs/ca-certificates.crt + name: ca-certs + subPath: cert-check.crt + readOnly: false + volumes: + - {{ include "spring-boot.config-volume" (dict "service" .Values.backend_cosv) | indent 10 | trim }} + - name: database-secret + secret: + secretName: db-secrets + - name: s3-secrets + secret: + secretName: s3-secrets + - name: migrations-data + emptyDir: {} + - name: ca-certs + configMap: + name: ca-certs +--- +apiVersion: v1 +kind: Service +metadata: +{{- include "service.common.metadata" (dict "service" .Values.backend_cosv) | nindent 2 }} +spec: + {{ if .Values.backend_cosv.clusterIP }} + clusterIP: {{ .Values.backend_cosv.clusterIP }} + {{ end }} + ports: + {{- include "service.common.ports" (dict "service" .Values.backend_cosv) | nindent 4 }} + selector: + {{- include "service.common.selectors" (dict "service" .Values.backend_cosv) | nindent 4 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.backend_cosv.name }}-config +data: + application.properties: | + {{ if .Values.backend_cosv.applicationProperties }} + {{- .Values.backend_cosv.applicationProperties | nindent 4 }} + {{ end }} diff --git a/save-cloud-charts/save-cloud/templates/backend-service.yaml b/save-cloud-charts/save-cloud/templates/backend-service.yaml deleted file mode 100644 index 54007f782c..0000000000 --- a/save-cloud-charts/save-cloud/templates/backend-service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: -{{- include "service.common.metadata" (dict "service" .Values.backend) | nindent 2 }} -spec: - {{ if .Values.backend.clusterIP }} - clusterIP: {{ .Values.backend.clusterIP }} - {{ end }} - ports: - {{- include "service.common.ports" (dict "service" .Values.backend) | nindent 4 }} - selector: - {{- include "service.common.selectors" (dict "service" .Values.backend) | nindent 4 }} diff --git a/save-cloud-charts/save-cloud/templates/backend-deployment.yaml b/save-cloud-charts/save-cloud/templates/backend.yaml similarity index 83% rename from save-cloud-charts/save-cloud/templates/backend-deployment.yaml rename to save-cloud-charts/save-cloud/templates/backend.yaml index f0f6f3000e..80a3149ae3 100644 --- a/save-cloud-charts/save-cloud/templates/backend-deployment.yaml +++ b/save-cloud-charts/save-cloud/templates/backend.yaml @@ -43,12 +43,11 @@ spec: memory: 2G requests: memory: 1G - {{ if .Values.mysql.migrations.enabled }} initContainers: - name: git-cloner image: alpine/git env: - {{ if .Values.proxy.enabled }} + {{ if .Values.proxy.enabled | default false }} {{- with .Values.proxy.extraEnv }} {{- toYaml . | nindent 12 }} {{- end }} @@ -57,7 +56,7 @@ spec: - clone - --progress - --verbose - {{ if .Values.proxy.enabled }} + {{ if .Values.proxy.enabled | default false }} {{- with .Values.proxy.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} @@ -108,7 +107,7 @@ spec: secretKeyRef: name: db-secrets key: spring.datasource.password - {{ if .Values.proxy.enabled }} + {{ if .Values.proxy.enabled | default false }} {{- with .Values.proxy.extraEnv }} {{- toYaml . | nindent 12 }} {{- end }} @@ -118,7 +117,6 @@ spec: name: migrations-data - mountPath: {{ .Values.mysql.dbPasswordFile }} name: database-secret - {{ end }} volumes: - {{ include "spring-boot.config-volume" (dict "service" .Values.backend) | indent 10 | trim }} - name: database-secret @@ -128,4 +126,27 @@ spec: secret: secretName: s3-secrets - name: migrations-data - emptyDir: {} \ No newline at end of file + emptyDir: {} +--- +apiVersion: v1 +kind: Service +metadata: +{{- include "service.common.metadata" (dict "service" .Values.backend) | nindent 2 }} +spec: + {{ if .Values.backend.clusterIP }} + clusterIP: {{ .Values.backend.clusterIP }} + {{ end }} + ports: + {{- include "service.common.ports" (dict "service" .Values.backend) | nindent 4 }} + selector: + {{- include "service.common.selectors" (dict "service" .Values.backend) | nindent 4 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.backend.name }}-config +data: + application.properties: | + {{ if .Values.backend.applicationProperties }} + {{- .Values.backend.applicationProperties | nindent 4 }} + {{ end }} diff --git a/save-cloud-charts/save-cloud/templates/demo-agent-service.yaml b/save-cloud-charts/save-cloud/templates/demo-agent-service.yaml deleted file mode 100644 index 46471b4bbf..0000000000 --- a/save-cloud-charts/save-cloud/templates/demo-agent-service.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{ .Values.demo.agentSubdomainName }} -spec: - selector: - io.kompose.service: save-demo-agent - clusterIP: None - ports: - - port: {{ .Values.demo.agentPort }} - name: web-server diff --git a/save-cloud-charts/save-cloud/templates/demo-configmap.yaml b/save-cloud-charts/save-cloud/templates/demo-configmap.yaml deleted file mode 100644 index 5a197dd2d0..0000000000 --- a/save-cloud-charts/save-cloud/templates/demo-configmap.yaml +++ /dev/null @@ -1,24 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Values.demo.name }}-config -data: - application.properties: | - demo.kubernetes.apiServerUrl=http://kubernetes.default.svc - demo.kubernetes.serviceAccount=${POD_SERVICE_ACCOUNT} - demo.kubernetes.current-namespace=${POD_NAMESPACE} - demo.kubernetes.agent-namespace={{ .Values.agentNamespace }} - demo.kubernetes.agentPort={{ .Values.demo.agentPort }} - demo.kubernetes.agentSubdomainName={{ .Values.demo.agentSubdomainName }} - - management.endpoints.web.exposure.include=* - management.server.port={{ .Values.demo.managementPort }} - logging.level.org.springframework=DEBUG - spring.datasource.url=${spring.datasource.demo-url} - - {{ if .Values.demo.applicationProperties }} - {{- .Values.demo.applicationProperties | nindent 4 }} - {{ end }} - - demo.backend-url=http://backend/internal - demo.agent-config.demo-url=http://demo diff --git a/save-cloud-charts/save-cloud/templates/demo-cpg-configmap.yaml b/save-cloud-charts/save-cloud/templates/demo-cpg-configmap.yaml deleted file mode 100644 index 98c71f0015..0000000000 --- a/save-cloud-charts/save-cloud/templates/demo-cpg-configmap.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Values.demo_cpg.name }}-config -data: - application.properties: | - management.endpoints.web.exposure.include=* - management.server.port={{ .Values.demo_cpg.managementPort }} - logging.level.org.springframework=DEBUG - spring.neo4j.uri=bolt://save-cloud:7687 - spring.neo4j.authentication.username=neo4j - spring.neo4j.authentication.password={{ .Values.neo4j.neo4j.password }} diff --git a/save-cloud-charts/save-cloud/templates/demo-cpg-service.yaml b/save-cloud-charts/save-cloud/templates/demo-cpg-service.yaml deleted file mode 100644 index 48c3ba2a07..0000000000 --- a/save-cloud-charts/save-cloud/templates/demo-cpg-service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: -{{- include "service.common.metadata" (dict "service" .Values.demo_cpg) | nindent 2 }} -spec: - {{ if .Values.demo_cpg.clusterIP }} - clusterIP: {{ .Values.demo_cpg.clusterIP }} - {{ end }} - ports: - {{- include "service.common.ports" (dict "service" .Values.demo_cpg) | nindent 4 }} - selector: - {{- include "service.common.selectors" (dict "service" .Values.demo_cpg) | nindent 4 }} diff --git a/save-cloud-charts/save-cloud/templates/demo-cpg-deployment.yaml b/save-cloud-charts/save-cloud/templates/demo-cpg.yaml similarity index 70% rename from save-cloud-charts/save-cloud/templates/demo-cpg-deployment.yaml rename to save-cloud-charts/save-cloud/templates/demo-cpg.yaml index f5e47223cb..db2aa5a5bc 100644 --- a/save-cloud-charts/save-cloud/templates/demo-cpg-deployment.yaml +++ b/save-cloud-charts/save-cloud/templates/demo-cpg.yaml @@ -41,3 +41,26 @@ spec: memory: 300M volumes: - {{ include "spring-boot.config-volume" (dict "service" .Values.demo_cpg) | indent 10 | trim }} +--- +apiVersion: v1 +kind: Service +metadata: +{{- include "service.common.metadata" (dict "service" .Values.demo_cpg) | nindent 2 }} +spec: + {{ if .Values.demo_cpg.clusterIP }} + clusterIP: {{ .Values.demo_cpg.clusterIP }} + {{ end }} + ports: + {{- include "service.common.ports" (dict "service" .Values.demo_cpg) | nindent 4 }} + selector: + {{- include "service.common.selectors" (dict "service" .Values.demo_cpg) | nindent 4 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.demo_cpg.name }}-config +data: + application.properties: | + {{ if .Values.demo_cpg.applicationProperties }} + {{- .Values.demo_cpg.applicationProperties | nindent 4 }} + {{ end }} diff --git a/save-cloud-charts/save-cloud/templates/demo-service-account.yaml b/save-cloud-charts/save-cloud/templates/demo-service-account.yaml deleted file mode 100644 index 48fe1bde21..0000000000 --- a/save-cloud-charts/save-cloud/templates/demo-service-account.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: demo-sa - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: demo-jobs-binding - {{ if .Values.agentNamespace }} - namespace: {{ .Values.agentNamespace }} - {{ end }} -subjects: - - kind: ServiceAccount - name: demo-sa - namespace: {{ .Values.namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: jobs-executor diff --git a/save-cloud-charts/save-cloud/templates/demo-service.yaml b/save-cloud-charts/save-cloud/templates/demo-service.yaml deleted file mode 100644 index d0d4f72313..0000000000 --- a/save-cloud-charts/save-cloud/templates/demo-service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: -{{- include "service.common.metadata" (dict "service" .Values.demo) | nindent 2 }} -spec: - {{ if .Values.demo.clusterIP }} - clusterIP: {{ .Values.demo.clusterIP }} - {{ end }} - ports: - {{- include "service.common.ports" (dict "service" .Values.demo) | nindent 4 }} - selector: - {{- include "service.common.selectors" (dict "service" .Values.demo) | nindent 4 }} diff --git a/save-cloud-charts/save-cloud/templates/demo-deployment.yaml b/save-cloud-charts/save-cloud/templates/demo.yaml similarity index 76% rename from save-cloud-charts/save-cloud/templates/demo-deployment.yaml rename to save-cloud-charts/save-cloud/templates/demo.yaml index 68e8e6b384..ff8ebc9f88 100644 --- a/save-cloud-charts/save-cloud/templates/demo-deployment.yaml +++ b/save-cloud-charts/save-cloud/templates/demo.yaml @@ -63,12 +63,11 @@ spec: memory: 1000M requests: memory: 800M - {{ if .Values.mysql.migrations.enabled }} initContainers: - name: git-cloner image: alpine/git env: - {{ if .Values.proxy.enabled }} + {{ if .Values.proxy.enabled | default false }} {{- with .Values.proxy.extraEnv }} {{- toYaml . | nindent 12 }} {{- end }} @@ -77,7 +76,7 @@ spec: - clone - --progress - --verbose - {{ if .Values.proxy.enabled }} + {{ if .Values.proxy.enabled | default false }} {{- with .Values.proxy.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} @@ -127,7 +126,7 @@ spec: secretKeyRef: name: db-secrets key: spring.datasource.password - {{ if .Values.proxy.enabled }} + {{ if .Values.proxy.enabled | default false }} {{- with .Values.proxy.extraEnv }} {{- toYaml . | nindent 12 }} {{- end }} @@ -137,7 +136,6 @@ spec: name: migrations-data - mountPath: {{ .Values.mysql.dbPasswordFile }} name: database-secret - {{ end }} volumes: - {{ include "spring-boot.config-volume" (dict "service" .Values.demo) | indent 10 | trim }} - name: database-secret @@ -148,3 +146,60 @@ spec: secretName: s3-secrets - name: migrations-data emptyDir: { } +--- +apiVersion: v1 +kind: Service +metadata: +{{- include "service.common.metadata" (dict "service" .Values.demo) | nindent 2 }} +spec: + {{ if .Values.demo.clusterIP }} + clusterIP: {{ .Values.demo.clusterIP }} + {{ end }} + ports: + {{- include "service.common.ports" (dict "service" .Values.demo) | nindent 4 }} + selector: + {{- include "service.common.selectors" (dict "service" .Values.demo) | nindent 4 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.demo.name }}-config +data: + application.properties: | + {{ if .Values.demo.applicationProperties }} + {{- .Values.demo.applicationProperties | nindent 4 }} + {{ end }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: demo-sa +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: demo-jobs-binding + {{ if .Values.agentNamespace }} + namespace: {{ .Values.agentNamespace }} + {{ end }} +subjects: + - kind: ServiceAccount + name: demo-sa + namespace: {{ .Values.namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: jobs-executor +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ .Values.demo.agentSubdomainName }} +spec: + selector: + io.kompose.service: save-demo-agent + clusterIP: None + ports: + - port: {{ .Values.demo.agentPort }} + name: web-server + diff --git a/save-cloud-charts/save-cloud/templates/frontend-cosv.yaml b/save-cloud-charts/save-cloud/templates/frontend-cosv.yaml new file mode 100644 index 0000000000..2ad621bd23 --- /dev/null +++ b/save-cloud-charts/save-cloud/templates/frontend-cosv.yaml @@ -0,0 +1,40 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: frontend-cosv + labels: + {{- include "common.labels" (merge (dict "service" .Values.frontend_cosv) .) | nindent 4 }} +spec: + selector: + matchLabels: + io.kompose.service: frontend-cosv + strategy: + type: RollingUpdate + template: + metadata: + labels: + {{- include "pod.common.labels" (merge (dict "service" .Values.frontend_cosv ) .) | nindent 8 }} + spec: + restartPolicy: Always + {{- include "cnb.securityContext" . | nindent 6 }} + containers: + - name: frontend-cosv + {{- include "spring-boot.common" (merge (dict "service" .Values.frontend_cosv) .) | nindent 10 }} + env: + - name: PORT + value: '{{ .Values.frontend_cosv.containerPort | toString }}' + resources: + limits: + memory: 200M + requests: + memory: 100M +--- +apiVersion: v1 +kind: Service +metadata: +{{- include "service.common.metadata" (dict "service" .Values.frontend_cosv) | nindent 2 }} +spec: + ports: + {{- include "service.common.ports" (dict "service" .Values.frontend_cosv) | nindent 4 }} + selector: + {{- include "service.common.selectors" (dict "service" .Values.frontend_cosv) | nindent 4 }} diff --git a/save-cloud-charts/save-cloud/templates/frontend-service.yaml b/save-cloud-charts/save-cloud/templates/frontend-service.yaml deleted file mode 100644 index c3a18e2b3e..0000000000 --- a/save-cloud-charts/save-cloud/templates/frontend-service.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: -{{- include "service.common.metadata" (dict "service" .Values.frontend) | nindent 2 }} -spec: - ports: - {{- include "service.common.ports" (dict "service" .Values.frontend) | nindent 4 }} - selector: - {{- include "service.common.selectors" (dict "service" .Values.frontend) | nindent 4 }} diff --git a/save-cloud-charts/save-cloud/templates/frontend-deployment.yaml b/save-cloud-charts/save-cloud/templates/frontend.yaml similarity index 70% rename from save-cloud-charts/save-cloud/templates/frontend-deployment.yaml rename to save-cloud-charts/save-cloud/templates/frontend.yaml index 2a022afc8c..6b5b5393e9 100644 --- a/save-cloud-charts/save-cloud/templates/frontend-deployment.yaml +++ b/save-cloud-charts/save-cloud/templates/frontend.yaml @@ -27,4 +27,14 @@ spec: limits: memory: 200M requests: - memory: 100M \ No newline at end of file + memory: 100M +--- +apiVersion: v1 +kind: Service +metadata: +{{- include "service.common.metadata" (dict "service" .Values.frontend) | nindent 2 }} +spec: + ports: + {{- include "service.common.ports" (dict "service" .Values.frontend) | nindent 4 }} + selector: + {{- include "service.common.selectors" (dict "service" .Values.frontend) | nindent 4 }} diff --git a/save-cloud-charts/save-cloud/templates/gateway-configmap.yaml b/save-cloud-charts/save-cloud/templates/gateway-configmap.yaml deleted file mode 100644 index 68a3c773c1..0000000000 --- a/save-cloud-charts/save-cloud/templates/gateway-configmap.yaml +++ /dev/null @@ -1,18 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Values.gateway.name }}-config -data: - application.properties: | - gateway.backend.url=http://backend - gateway.frontend.url=http://frontend - gateway.demo-cpg.url=http://demo-cpg - gateway.demo.url=http://demo - server.shutdown=graceful - management.endpoints.web.exposure.include=* - management.server.port={{ .Values.gateway.managementPort }} - logging.level.org.springframework=DEBUG - logging.level.com.saveourtool=DEBUG - {{ if .Values.gateway.applicationProperties }} - {{- .Values.gateway.applicationProperties | nindent 4 }} - {{ end }} diff --git a/save-cloud-charts/save-cloud/templates/gateway-service.yaml b/save-cloud-charts/save-cloud/templates/gateway-service.yaml deleted file mode 100644 index e2e7d04769..0000000000 --- a/save-cloud-charts/save-cloud/templates/gateway-service.yaml +++ /dev/null @@ -1,20 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - {{- include "service.common.metadata" (dict "service" .Values.gateway) | nindent 2 }} - {{- if .Values.gateway.svc.annotations }} - annotations: - {{- range $key, $value := .Values.gateway.svc.annotations }} - {{ $key }}: {{ $value }} - {{- end }} - {{- end }} -spec: - ports: - - name: http - port: 80 - targetPort: http - selector: - {{- include "service.common.selectors" (dict "service" .Values.gateway) | nindent 4 }} - {{- range $key, $value := .Values.gateway.svc.spec }} - {{ $key }}: {{ $value }} - {{- end }} diff --git a/save-cloud-charts/save-cloud/templates/gateway-deployment.yaml b/save-cloud-charts/save-cloud/templates/gateway.yaml similarity index 53% rename from save-cloud-charts/save-cloud/templates/gateway-deployment.yaml rename to save-cloud-charts/save-cloud/templates/gateway.yaml index f8b6b590b1..95f3e1fa49 100644 --- a/save-cloud-charts/save-cloud/templates/gateway-deployment.yaml +++ b/save-cloud-charts/save-cloud/templates/gateway.yaml @@ -41,22 +41,22 @@ spec: name: oauth-credentials {{ if .Values.gateway.initCerts.enabled }} initContainers: - - name: init-cacerts - image: ghcr.io/saveourtool/api-gateway:0.4.0-alpha.0.408-9b56d61 - command: - - bash - - -c - - | - cp -R /layers/paketo-buildpacks_bellsoft-liberica/jre/lib/security/* /home/cnb/cacerts - chmod 661 /home/cnb/cacerts/cacerts - find /layers -type f -name keytool -exec {} -import -noprompt -trustcacerts -alias HuaweiITRootCA -file /security/HuaweiITRootCA.pem -keystore /home/cnb/cacerts/cacerts -storepass changeit \; - find /layers -type f -name keytool -exec {} -import -noprompt -trustcacerts -alias HWITEnterpriseCA1 -file /security/HWITEnterpriseCA1.pem -keystore /home/cnb/cacerts/cacerts -storepass changeit \; - volumeMounts: - - mountPath: /home/cnb/cacerts - name: cacerts - - mountPath: /security - name: his-certs - {{ end }} + - name: init-cacerts + image: ghcr.io/saveourtool/api-gateway:0.4.0-alpha.0.408-9b56d61 + command: + - bash + - -c + - | + cp -R /layers/paketo-buildpacks_bellsoft-liberica/jre/lib/security/* /home/cnb/cacerts + chmod 661 /home/cnb/cacerts/cacerts + find /layers -type f -name keytool -exec {} -import -noprompt -trustcacerts -alias HuaweiITRootCA -file /security/HuaweiITRootCA.pem -keystore /home/cnb/cacerts/cacerts -storepass changeit \; + find /layers -type f -name keytool -exec {} -import -noprompt -trustcacerts -alias HWITEnterpriseCA1 -file /security/HWITEnterpriseCA1.pem -keystore /home/cnb/cacerts/cacerts -storepass changeit \; + volumeMounts: + - mountPath: /home/cnb/cacerts + name: cacerts + - mountPath: /security + name: his-certs + {{ end }} volumes: - {{ include "spring-boot.config-volume" (dict "service" .Values.gateway) | indent 10 | trim }} - name: oauth-credentials @@ -67,5 +67,34 @@ spec: secretName: his-certs - name: cacerts emptyDir: {} - - \ No newline at end of file +--- +apiVersion: v1 +kind: Service +metadata: + {{- include "service.common.metadata" (dict "service" .Values.gateway) | nindent 2 }} + {{- if .Values.gateway.svc.annotations }} + annotations: + {{- range $key, $value := .Values.gateway.svc.annotations }} + {{ $key }}: {{ $value }} + {{- end }} + {{- end }} +spec: + ports: + - name: http + port: 80 + targetPort: http + selector: + {{- include "service.common.selectors" (dict "service" .Values.gateway) | nindent 4 }} + {{- range $key, $value := .Values.gateway.svc.spec }} + {{ $key }}: {{ $value }} + {{- end }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.gateway.name }}-config +data: + application.properties: | + {{ if .Values.gateway.applicationProperties }} + {{- .Values.gateway.applicationProperties | nindent 4 }} + {{ end }} diff --git a/save-cloud-charts/save-cloud/templates/mysql-deployment.yaml b/save-cloud-charts/save-cloud/templates/mysql-deployment.yaml deleted file mode 100644 index 6b604a7191..0000000000 --- a/save-cloud-charts/save-cloud/templates/mysql-deployment.yaml +++ /dev/null @@ -1,48 +0,0 @@ -{{- if not .Values.mysql.external -}} - - {{- if eq .Values.profile "dev" -}} -apiVersion: v1 -kind: Secret -metadata: - name: db-secrets -stringData: - spring.datasource.backend-url: 'jdbc:mysql://mysql-service:3306/{{ .Values.mysql.backend_schema }}' - spring.datasource.demo-url: 'jdbc:mysql://mysql-service:3306/{{ .Values.mysql.demo_schema }}' - spring.datasource.username: root - spring.datasource.password: {{ .Values.mysql.root_password | quote }} - ---- - {{ end }} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mysql - annotations: - io.kompose.service: mysql -spec: - selector: - matchLabels: - io.kompose.service: mysql - template: - metadata: - labels: - io.kompose.service: mysql - spec: - containers: - - image: mysql:8.0.28-oracle - name: mysql - ports: - - containerPort: 3306 - name: mysql - env: - - name: MYSQL_ROOT_PASSWORD - value: {{ .Values.mysql.root_password | quote }} - volumeMounts: - - name: mysql-persistent-storage - mountPath: /var/lib/mysql - volumes: - - name: mysql-persistent-storage - hostPath: - path: /home/data/mysql -{{- end }} diff --git a/save-cloud-charts/save-cloud/templates/mysql-service.yaml b/save-cloud-charts/save-cloud/templates/mysql-service.yaml deleted file mode 100644 index 939fa39bf2..0000000000 --- a/save-cloud-charts/save-cloud/templates/mysql-service.yaml +++ /dev/null @@ -1,52 +0,0 @@ -{{- if .Values.mysql.external -}} -apiVersion: v1 -kind: Endpoints -metadata: - name: mysql-service -subsets: - - addresses: - - ip: {{ .Values.mysql.ip }} - ports: - - port: 3306 - ---- - -apiVersion: v1 -kind: Service -metadata: - name: mysql-service -spec: - ports: - - port: 3306 - targetPort: 3306 - protocol: TCP - selector: {} - type: ClusterIP - -{{- else }} - -apiVersion: v1 -kind: Service -metadata: - name: mysql-service -spec: - ports: - - port: 3306 - selector: - io.kompose.service: mysql - clusterIP: None - ---- - -apiVersion: v1 -kind: Service -metadata: - name: mysql-service-lb -spec: - ports: - - port: 3306 - selector: - io.kompose.service: mysql - type: LoadBalancer - -{{- end }} \ No newline at end of file diff --git a/save-cloud-charts/save-cloud/templates/orchestrator-configmap.yaml b/save-cloud-charts/save-cloud/templates/orchestrator-configmap.yaml deleted file mode 100644 index c90e2c9bbb..0000000000 --- a/save-cloud-charts/save-cloud/templates/orchestrator-configmap.yaml +++ /dev/null @@ -1,25 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Values.orchestrator.name }}-config -data: - application.properties: | - orchestrator.backend-url=http://backend/internal - - orchestrator.kubernetes.apiServerUrl=http://kubernetes.default.svc - orchestrator.kubernetes.serviceAccount=${POD_SERVICE_ACCOUNT} - orchestrator.kubernetes.current-namespace=${POD_NAMESPACE} - orchestrator.kubernetes.agent-namespace={{ .Values.agentNamespace }} - - server.shutdown=graceful - management.endpoints.web.exposure.include=* - management.server.port={{ .Values.orchestrator.managementPort }} - orchestrator.agent-settings.heartbeat-url=http://{{ .Values.orchestrator.name }}/heartbeat - orchestrator.agent-settings.debug=true - - logging.level.com.saveourtool.save.orchestrator.kubernetes=DEBUG - logging.level.org.springframework=DEBUG - - {{ if .Values.orchestrator.applicationProperties }} - {{- .Values.orchestrator.applicationProperties | nindent 4 }} - {{ end }} \ No newline at end of file diff --git a/save-cloud-charts/save-cloud/templates/orchestrator-service-account.yaml b/save-cloud-charts/save-cloud/templates/orchestrator-service-account.yaml deleted file mode 100644 index cd072df883..0000000000 --- a/save-cloud-charts/save-cloud/templates/orchestrator-service-account.yaml +++ /dev/null @@ -1,46 +0,0 @@ -apiVersion: v1 -kind: ServiceAccount -metadata: - name: orchestrator-sa - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: jobs-executor - {{ if .Values.agentNamespace }} - namespace: {{ .Values.agentNamespace }} - {{ end }} -rules: - - apiGroups: [""] # "" indicates the core API group - resources: [services] - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] - - apiGroups: [batch] - resources: [jobs] - verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] - - apiGroups: [""] # "" indicates the core API group - resources: [pods] - verbs: [list, get, delete, create] - # this rule is required for sprint-cloud-kubernetes-fabric8-config - - apiGroups: [""] # "" indicates the core API group - resources: [configmaps, secrets] - verbs: [list, get, watch] - ---- - -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: orchestrator-jobs-binding - {{ if .Values.agentNamespace }} - namespace: {{ .Values.agentNamespace }} - {{ end }} -subjects: - - kind: ServiceAccount - name: orchestrator-sa - namespace: {{ .Values.namespace }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: jobs-executor diff --git a/save-cloud-charts/save-cloud/templates/orchestrator-service.yaml b/save-cloud-charts/save-cloud/templates/orchestrator-service.yaml deleted file mode 100644 index dccb4c2d06..0000000000 --- a/save-cloud-charts/save-cloud/templates/orchestrator-service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: -{{- include "service.common.metadata" (dict "service" .Values.orchestrator) | nindent 2 }} -spec: - {{ if .Values.orchestrator.clusterIP }} - clusterIP: {{ .Values.orchestrator.clusterIP }} - {{ end }} - ports: - {{- include "service.common.ports" (dict "service" .Values.orchestrator) | nindent 4 }} - selector: - {{- include "service.common.selectors" (dict "service" .Values.orchestrator) | nindent 4 }} diff --git a/save-cloud-charts/save-cloud/templates/orchestrator-deployment.yaml b/save-cloud-charts/save-cloud/templates/orchestrator.yaml similarity index 52% rename from save-cloud-charts/save-cloud/templates/orchestrator-deployment.yaml rename to save-cloud-charts/save-cloud/templates/orchestrator.yaml index d13133ff71..2315a9a8e8 100644 --- a/save-cloud-charts/save-cloud/templates/orchestrator-deployment.yaml +++ b/save-cloud-charts/save-cloud/templates/orchestrator.yaml @@ -55,3 +55,71 @@ spec: memory: 600M volumes: - {{ include "spring-boot.config-volume" (dict "service" .Values.orchestrator) | indent 10 | trim }} +--- +apiVersion: v1 +kind: Service +metadata: +{{- include "service.common.metadata" (dict "service" .Values.orchestrator) | nindent 2 }} +spec: + {{ if .Values.orchestrator.clusterIP }} + clusterIP: {{ .Values.orchestrator.clusterIP }} + {{ end }} + ports: + {{- include "service.common.ports" (dict "service" .Values.orchestrator) | nindent 4 }} + selector: + {{- include "service.common.selectors" (dict "service" .Values.orchestrator) | nindent 4 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.orchestrator.name }}-config +data: + application.properties: | + {{ if .Values.orchestrator.applicationProperties }} + {{- .Values.orchestrator.applicationProperties | nindent 4 }} + {{ end }} +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: orchestrator-sa + +--- + +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: jobs-executor + {{ if .Values.agentNamespace }} + namespace: {{ .Values.agentNamespace }} + {{ end }} +rules: + - apiGroups: [""] # "" indicates the core API group + resources: [services] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: [batch] + resources: [jobs] + verbs: ["get", "list", "watch", "create", "update", "patch", "delete"] + - apiGroups: [""] # "" indicates the core API group + resources: [pods] + verbs: [list, get, delete, create] + # this rule is required for sprint-cloud-kubernetes-fabric8-config + - apiGroups: [""] # "" indicates the core API group + resources: [configmaps, secrets] + verbs: [list, get, watch] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: orchestrator-jobs-binding + {{ if .Values.agentNamespace }} + namespace: {{ .Values.agentNamespace }} + {{ end }} +subjects: + - kind: ServiceAccount + name: orchestrator-sa + namespace: {{ .Values.namespace }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: jobs-executor diff --git a/save-cloud-charts/save-cloud/templates/preprocessor-configmap.yaml b/save-cloud-charts/save-cloud/templates/preprocessor-configmap.yaml deleted file mode 100644 index a192b05872..0000000000 --- a/save-cloud-charts/save-cloud/templates/preprocessor-configmap.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ .Values.preprocessor.name }}-config -data: - application.properties: | - save.backend=http://backend/internal - save.orchestrator=http://orchestrator - server.shutdown=graceful - management.endpoints.web.exposure.include=* - management.server.port={{ .Values.preprocessor.managementPort }} diff --git a/save-cloud-charts/save-cloud/templates/preprocessor-service.yaml b/save-cloud-charts/save-cloud/templates/preprocessor-service.yaml deleted file mode 100644 index 57b049b786..0000000000 --- a/save-cloud-charts/save-cloud/templates/preprocessor-service.yaml +++ /dev/null @@ -1,12 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: -{{- include "service.common.metadata" (dict "service" .Values.preprocessor) | nindent 2 }} -spec: - {{ if .Values.preprocessor.clusterIP }} - clusterIP: {{ .Values.preprocessor.clusterIP }} - {{ end }} - ports: - {{- include "service.common.ports" (dict "service" .Values.preprocessor) | nindent 4 }} - selector: - {{- include "service.common.selectors" (dict "service" .Values.preprocessor) | nindent 4 }} diff --git a/save-cloud-charts/save-cloud/templates/preprocessor-deployment.yaml b/save-cloud-charts/save-cloud/templates/preprocessor.yaml similarity index 71% rename from save-cloud-charts/save-cloud/templates/preprocessor-deployment.yaml rename to save-cloud-charts/save-cloud/templates/preprocessor.yaml index fa0d861072..33c54097b9 100644 --- a/save-cloud-charts/save-cloud/templates/preprocessor-deployment.yaml +++ b/save-cloud-charts/save-cloud/templates/preprocessor.yaml @@ -44,3 +44,26 @@ spec: # and each pod of preprocessor can `git clone` on its own. emptyDir: sizeLimit: 100Mi +--- +apiVersion: v1 +kind: Service +metadata: +{{- include "service.common.metadata" (dict "service" .Values.preprocessor) | nindent 2 }} +spec: + {{ if .Values.preprocessor.clusterIP }} + clusterIP: {{ .Values.preprocessor.clusterIP }} + {{ end }} + ports: + {{- include "service.common.ports" (dict "service" .Values.preprocessor) | nindent 4 }} + selector: + {{- include "service.common.selectors" (dict "service" .Values.preprocessor) | nindent 4 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Values.preprocessor.name }}-config +data: + application.properties: | + {{ if .Values.preprocessor.applicationProperties }} + {{- .Values.preprocessor.applicationProperties | nindent 4 }} + {{ end }} diff --git a/save-cloud-charts/save-cloud/templates/s3-deployment.yaml b/save-cloud-charts/save-cloud/templates/s3-deployment.yaml deleted file mode 100644 index 83ffd41511..0000000000 --- a/save-cloud-charts/save-cloud/templates/s3-deployment.yaml +++ /dev/null @@ -1,102 +0,0 @@ -{{- if not .Values.s3.external -}} - -apiVersion: v1 -kind: Secret -metadata: - name: s3-secrets -stringData: - s3-storage.endpoint: {{ .Values.s3.endpoint | quote }} - s3-storage.bucketName: {{ .Values.s3.bucket_name | quote }} - s3-storage.credentials.accessKeyId: {{ .Values.s3.secret_user | quote }} - s3-storage.credentials.secretAccessKey: {{ .Values.s3.secret_pwd | quote }} - ---- - -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: minio-pvc -spec: - accessModes: - - ReadWriteOnce - resources: - requests: - storage: 3Gi ---- - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: s3 - annotations: - io.kompose.service: s3 -spec: - replicas: 1 - selector: - matchLabels: - io.kompose.service: s3 - template: - metadata: - labels: - io.kompose.service: s3 - spec: - containers: - - image: minio/minio:latest - name: minio - args: - - server - - /data - - --console-address - - {{ .Values.s3.ui_port | print ":" | quote }} - ports: - - containerPort: {{ .Values.s3.api_port }} - name: minio - - containerPort: {{ .Values.s3.ui_port }} - name: minio-ui - env: - - name: MINIO_ROOT_USER - value: {{ .Values.s3.secret_user | quote }} - - name: MINIO_ROOT_PASSWORD - value: {{ .Values.s3.secret_pwd | quote }} - volumeMounts: - - mountPath: /data - name: minio-persistent-storage - volumes: - - name: minio-persistent-storage - persistentVolumeClaim: - claimName: minio-pvc - ---- - -# This job is required for minio bucket creation -# initContainer is not suitable for that as when it configurating the minio, -# minio container is not yet available so no configuration happens - -apiVersion: batch/v1 -kind: Job -metadata: - name: minio-create-bucket -spec: - completions: 1 - ttlSecondsAfterFinished: 10 - template: - metadata: - name: minio-create-bucket - spec: - containers: - - name: minio-bucket - image: minio/mc - command: - - /bin/sh - args: - - -c - - | - sleep 30 - /usr/bin/mc alias set minio {{ .Values.s3.endpoint }} {{ .Values.s3.secret_user }} {{ .Values.s3.secret_pwd }} - /usr/bin/mc mb --ignore-existing minio/{{ .Values.s3.bucket_name }} - /usr/bin/mc policy set public minio/{{ .Values.s3.bucket_name }} - /usr/bin/mc anonymous set public minio/{{ .Values.s3.bucket_name }} - restartPolicy: OnFailure - backoffLimit: 5 - -{{ end }} \ No newline at end of file diff --git a/save-cloud-charts/save-cloud/templates/s3-service.yaml b/save-cloud-charts/save-cloud/templates/s3-service.yaml deleted file mode 100644 index 2d0d0511a4..0000000000 --- a/save-cloud-charts/save-cloud/templates/s3-service.yaml +++ /dev/null @@ -1,51 +0,0 @@ -{{- if not .Values.s3.external -}} - -# in order to access web ui, need to use command: -# minikube service s3-service-ui -n save-cloud --url -# where -n save-cloud -- setting a namespace - -apiVersion: v1 -kind: Service -metadata: - name: s3-service-ui -spec: - selector: - io.kompose.service: s3 - ports: - - port: {{ .Values.s3.ui_port }} - protocol: TCP - name: s3-ui - type: LoadBalancer - ---- - -apiVersion: v1 -kind: Service -metadata: - name: s3 -spec: - selector: - io.kompose.service: s3 - ports: - - port: 80 - targetPort: {{ .Values.s3.api_port }} - protocol: TCP - name: s3 - type: ClusterIP - ---- - -apiVersion: v1 -kind: Service -metadata: - name: s3-service-api -spec: - selector: - io.kompose.service: s3 - ports: - - port: {{ .Values.s3.api_port }} - protocol: TCP - name: s3-api - type: LoadBalancer - -{{- end }} \ No newline at end of file diff --git a/save-cloud-charts/save-cloud/templates/storage.yaml b/save-cloud-charts/save-cloud/templates/storage.yaml index bbe801f963..b128f71d3c 100644 --- a/save-cloud-charts/save-cloud/templates/storage.yaml +++ b/save-cloud-charts/save-cloud/templates/storage.yaml @@ -4,7 +4,7 @@ metadata: labels: app: "{{ .Values.neo4j.neo4j.name }}" helm.neo4j.com/volume-role: "data" - {{- with .Values.storage.annotations }} + {{- with .Values.storage.annotations }} annotations: {{ toYaml . | indent 4 }} {{- end }} diff --git a/save-cloud-charts/save-cloud/values-images.yaml b/save-cloud-charts/save-cloud/values-images.yaml deleted file mode 100644 index 1c729aa564..0000000000 --- a/save-cloud-charts/save-cloud/values-images.yaml +++ /dev/null @@ -1,23 +0,0 @@ -chartVersion: '0.2.1+1056' - -# The version from the "Build and push Docker images" action. -# -# Search the log for the "Successfully built image -# 'ghcr.io/saveourtool/api-gateway:master'" line, or simply -# look up the version of the latest published package at -# . -dockerTag: '0.4.0-alpha.0.379-70423bd' -gateway: - dockerTag: '0.4.0-alpha.0.379-70423bd' -backend: - dockerTag: '0.4.0-alpha.0.379-70423bd' -frontend: - dockerTag: '0.4.0-alpha.0.379-70423bd' -preprocessor: - dockerTag: '0.4.0-alpha.0.379-70423bd' -orchestrator: - dockerTag: '0.4.0-alpha.0.379-70423bd' -demo: - dockerTag: '0.4.0-alpha.0.379-70423bd' -demo_cpg: - dockerTag: '0.4.0-alpha.0.379-70423bd' diff --git a/save-cloud-charts/save-cloud/values-minikube.yaml b/save-cloud-charts/save-cloud/values-minikube.yaml index 385ee6f5a6..ce77ce6e2c 100644 --- a/save-cloud-charts/save-cloud/values-minikube.yaml +++ b/save-cloud-charts/save-cloud/values-minikube.yaml @@ -22,6 +22,8 @@ orchestrator: orchestrator.kubernetes.useGvisor=false demo_cpg: profile: dev + applicationProperties: |+ + spring.neo4j.authentication.password={{ .Values.neo4j.neo4j.password }} demo: profile: dev dockerHost: tcp://${HOST_IP}:2376 diff --git a/save-cloud-charts/save-cloud/values.yaml b/save-cloud-charts/save-cloud/values.yaml index 87e52708b4..2f20213444 100644 --- a/save-cloud-charts/save-cloud/values.yaml +++ b/save-cloud-charts/save-cloud/values.yaml @@ -18,6 +18,8 @@ backend: # Fixed ClusterIP can be assigned to make it easier to query backend from services outside Kubernetes. # Should be chosen depending on cluster's network configuration: https://kubernetes.io/docs/concepts/services-networking/service/#choosing-your-own-ip-address. clusterIP: null + # Additional properties for `application.properties` file that will be mounted as an optional property source. + applicationProperties: backend_cosv: name: backend-cosv profile: dev,secure,kubernetes @@ -25,6 +27,8 @@ backend_cosv: containerPort: 5700 managementPort: 5701 clusterIP: null + # Additional properties for `application.properties` file that will be mounted as an optional property source. + applicationProperties: frontend: name: frontend imageName: save-frontend @@ -41,6 +45,8 @@ orchestrator: # Fixed ClusterIP can be assigned to make it easier to query orchestrator from services outside Kubernetes clusterIP: null dockerHost: tcp://${HOST_IP}:2375 + # Additional properties for `application.properties` file that will be mounted as an optional property source. + applicationProperties: preprocessor: name: preprocessor imageName: save-preprocessor @@ -48,6 +54,8 @@ preprocessor: managementPort: 5201 # Fixed ClusterIP can be assigned to make it easier to query preprocessor from services outside Kubernetes clusterIP: null + # Additional properties for `application.properties` file that will be mounted as an optional property source. + applicationProperties: gateway: # Additional certs installation for internal CA case initCerts: @@ -63,30 +71,18 @@ gateway: annotations: {} # Any additional options for Service `spec` block spec: {} +storage: + size: 24Gi + annotations: {} s3: - external: true secretFile: /home/cnb/secrets/s3_secrets -storage: - size: 10Gi -reposStorage: - size: 2Gi -logsStorage: - size: 2Gi mysql: - # If true, a Service will be created to enable communication with an external DB by its IP. - # If false, a Deployment will be created for a MySQL pod. - external: true - # IP address of an external MySQL database. - # As an example, this is what may be a resolved IP of `host.minikube.internal`. - ip: 192.168.65.2 # Name of the database schema that will be used by save-cloud deployment backend_schema: save_cloud demo_schema: save_demo cosv_schema: cosv - root_password: '123' migrations: - # Whether database migrations should be executed while deploying the application - enabled: false + branch: {} dbPasswordFile: /home/cnb/secrets/db_secrets # Values for dependencies @@ -215,6 +211,8 @@ demo_cpg: containerPort: 5500 managementPort: 5501 clusterIP: null + applicationProperties: | + spring.neo4j.authentication.password={{ .Values.neo4j.neo4j.password }} demo: name: demo profile: dev @@ -224,6 +222,20 @@ demo: clusterIP: null agentSubdomainName: demo-agent-service agentPort: 23456 + # Additional properties for `application.properties` file that will be mounted as an optional property source. + applicationProperties: namespace: save-cloud agentNamespace: save-agent + +# optional proxy params +proxy: + enabled: false + extraEnv: + - name: http_proxy + value: {} + - name: HTTPS_PROXY + value: {} + - name: NO_PROXY + value: {} + extraArgs: {} diff --git a/save-cosv-frontend/src/main/resources/img/codehub.svg b/save-cosv-frontend/src/main/resources/img/codehub.svg new file mode 100644 index 0000000000..6153995a75 --- /dev/null +++ b/save-cosv-frontend/src/main/resources/img/codehub.svg @@ -0,0 +1,37 @@ + + logo + + + + + + + + + + + + + + + + + + + + + + + + Layer 1 + + + \ No newline at end of file diff --git a/save-cosv/src/main/resources/application-kubernetes.properties b/save-cosv/src/main/resources/application-kubernetes.properties new file mode 100644 index 0000000000..cc12d5135c --- /dev/null +++ b/save-cosv/src/main/resources/application-kubernetes.properties @@ -0,0 +1,13 @@ +backend.preprocessor-url=http://preprocessor +backend.orchestrator-url=http://orchestrator +backend.demo-url=http://demo +backend.loki.url=http://loki:3100 +backend.loki.labels.agent-container-name=pod +backend.loki.labels.application-name=app +backend.agent-settings.backend-cosv-url=http://backend-cosv +server.shutdown=graceful +management.endpoints.web.exposure.include=* +management.server.port=5701 +spring.datasource.url=${spring.datasource.backend-cosv-url} +logging.level.org.springframework=DEBUG +logging.level.com.saveourtool=DEBUG \ No newline at end of file diff --git a/save-demo-cpg/src/main/resources/application-kubernetes.properties b/save-demo-cpg/src/main/resources/application-kubernetes.properties new file mode 100644 index 0000000000..d66ccfbc7e --- /dev/null +++ b/save-demo-cpg/src/main/resources/application-kubernetes.properties @@ -0,0 +1,4 @@ +management.endpoints.web.exposure.include=* +management.server.port=5501 +spring.neo4j.uri=bolt://save-cloud:7687 +spring.neo4j.authentication.username=neo4j \ No newline at end of file diff --git a/save-demo-cpg/src/main/resources/application.properties b/save-demo-cpg/src/main/resources/application.properties index 680fbd666f..25e1315120 100644 --- a/save-demo-cpg/src/main/resources/application.properties +++ b/save-demo-cpg/src/main/resources/application.properties @@ -1,3 +1,4 @@ server.port=5500 server.shutdown=graceful management.health.neo4j.enabled=false +logging.level.org.springframework=DEBUG \ No newline at end of file diff --git a/save-demo/src/main/resources/application-kubernetes.properties b/save-demo/src/main/resources/application-kubernetes.properties new file mode 100644 index 0000000000..64c34fe13c --- /dev/null +++ b/save-demo/src/main/resources/application-kubernetes.properties @@ -0,0 +1,11 @@ +demo.kubernetes.apiServerUrl=http://kubernetes.default.svc +demo.kubernetes.serviceAccount=${POD_SERVICE_ACCOUNT} +demo.kubernetes.current-namespace=${POD_NAMESPACE} +demo.kubernetes.agent-namespace=save-agent +demo.kubernetes.agentPort=23456 +demo.kubernetes.agentSubdomainName=demo-agent-service +management.endpoints.web.exposure.include=* +management.server.port=5422 +spring.datasource.url=${spring.datasource.demo-url} +demo.backend-url=http://backend/internal +demo.agent-config.demo-url=http://demo \ No newline at end of file diff --git a/save-demo/src/main/resources/application.properties b/save-demo/src/main/resources/application.properties index f3f51037ff..a14cdf3ff4 100644 --- a/save-demo/src/main/resources/application.properties +++ b/save-demo/src/main/resources/application.properties @@ -17,3 +17,4 @@ demo.s3-storage.bucketName=${s3-storage.bucketName} demo.s3-storage.prefix=cnb/demo demo.s3-storage.credentials.accessKeyId=${s3-storage.credentials.accessKeyId} demo.s3-storage.credentials.secretAccessKey=${s3-storage.credentials.secretAccessKey} +logging.level.org.springframework=DEBUG \ No newline at end of file diff --git a/save-frontend-common/src/main/kotlin/com/saveourtool/save/frontend/common/components/views/vuln/VulnerabilityTableComponent.kt b/save-frontend-common/src/main/kotlin/com/saveourtool/save/frontend/common/components/views/vuln/VulnerabilityTableComponent.kt index 9c98454072..08519b8101 100644 --- a/save-frontend-common/src/main/kotlin/com/saveourtool/save/frontend/common/components/views/vuln/VulnerabilityTableComponent.kt +++ b/save-frontend-common/src/main/kotlin/com/saveourtool/save/frontend/common/components/views/vuln/VulnerabilityTableComponent.kt @@ -307,7 +307,7 @@ enum class VulnerabilityListTab { companion object : TabMenuBar { override val nameOfTheHeadUrlSection = "" override val defaultTab: VulnerabilityListTab = PUBLIC - override val regexForUrlClassification = "/${FrontendCosvRoutes.VULN}" + override val regexForUrlClassification = "https://cosv.gitlink.org.cn/${FrontendCosvRoutes.VULN}" override fun valueOf(elem: String): VulnerabilityListTab = VulnerabilityListTab.valueOf(elem) override fun values(): Array = entries.toTypedArray() } diff --git a/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/basic/projects/ProjectProblemView.kt b/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/basic/projects/ProjectProblemView.kt index 7d1a2e4172..75d681b0ab 100644 --- a/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/basic/projects/ProjectProblemView.kt +++ b/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/basic/projects/ProjectProblemView.kt @@ -206,7 +206,7 @@ val projectProblem: FC = FC {props -> className = ClassName("mt-2 pl-2") projectProblem.identifier?.let { Link { - to = "/${FrontendCosvRoutes.VULN}/${projectProblem.identifier}" + to = "https://cosv.gitlink.org.cn/${FrontendCosvRoutes.VULN}/${projectProblem.identifier}" +it } } ?: +"No known CVE" diff --git a/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexLogoButtons.kt b/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexLogoButtons.kt index 70e6568b81..74f11e13f6 100644 --- a/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexLogoButtons.kt +++ b/save-frontend/src/main/kotlin/com/saveourtool/save/frontend/components/views/index/IndexLogoButtons.kt @@ -41,7 +41,7 @@ val logoButtons: FC = FC { logo( "VULN", - "/${FrontendCosvRoutes.VULN}", + "https://cosv.gitlink.org.cn/${FrontendCosvRoutes.VULN}", "Archive of 1-Day Vulnerabilities Aggregated from Various Sources".t(), "/img/vuln-logo-bg.png", diff --git a/save-orchestrator/src/main/resources/application-kubernetes.properties b/save-orchestrator/src/main/resources/application-kubernetes.properties new file mode 100644 index 0000000000..54c8b9f0cb --- /dev/null +++ b/save-orchestrator/src/main/resources/application-kubernetes.properties @@ -0,0 +1,8 @@ +orchestrator.backend-url=http://backend/internal +orchestrator.kubernetes.apiServerUrl=http://kubernetes.default.svc +orchestrator.kubernetes.serviceAccount=${POD_SERVICE_ACCOUNT} +orchestrator.kubernetes.current-namespace=${POD_NAMESPACE} +orchestrator.kubernetes.agent-namespace=save-agent +server.shutdown=graceful +management.endpoints.web.exposure.include=* +management.server.port=5101 diff --git a/save-orchestrator/src/main/resources/application.properties b/save-orchestrator/src/main/resources/application.properties index a99e47f5ae..862a7899b8 100644 --- a/save-orchestrator/src/main/resources/application.properties +++ b/save-orchestrator/src/main/resources/application.properties @@ -1,2 +1,6 @@ server.port=5100 orchestrator.backend-url=http://backend:5800/internal +orchestrator.agent-settings.heartbeat-url=http://orchestrator/heartbeat +orchestrator.agent-settings.debug=true +logging.level.com.saveourtool.save.orchestrator.kubernetes=DEBUG +logging.level.org.springframework=DEBUG \ No newline at end of file diff --git a/save-preprocessor/src/main/resources/application-kubernetes.properties b/save-preprocessor/src/main/resources/application-kubernetes.properties new file mode 100644 index 0000000000..32e377d19e --- /dev/null +++ b/save-preprocessor/src/main/resources/application-kubernetes.properties @@ -0,0 +1,5 @@ +save.backend=http://backend/internal +save.orchestrator=http://orchestrator +server.shutdown=graceful +management.endpoints.web.exposure.include=* +management.server.port=5201 \ No newline at end of file