From eb1521622da2505953309f34ee0ab68a0706fff4 Mon Sep 17 00:00:00 2001 From: Jawad Qureshi Date: Thu, 1 Aug 2024 19:48:40 +0200 Subject: [PATCH 1/3] Dynamically configure env vars for frontend-framework and reload on change --- .secrets.baseline | 6 +++--- helm/common/README.md | 2 +- helm/fence/Chart.yaml | 2 +- helm/fence/README.md | 8 ++++---- helm/frontend-framework/Chart.yaml | 4 ++-- helm/frontend-framework/README.md | 5 +++-- helm/frontend-framework/templates/configMap.yaml | 10 ++++++++++ helm/frontend-framework/templates/deployment.yaml | 8 ++++++-- helm/frontend-framework/values.yaml | 3 +++ helm/gen3/Chart.yaml | 6 +++--- helm/gen3/README.md | 8 ++++---- 11 files changed, 40 insertions(+), 22 deletions(-) create mode 100644 helm/frontend-framework/templates/configMap.yaml diff --git a/.secrets.baseline b/.secrets.baseline index dad0a32c..d85e0cff 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "^.secrets.baseline$", "lines": null }, - "generated_at": "2024-07-02T16:36:02Z", + "generated_at": "2024-08-01T17:42:56Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -330,14 +330,14 @@ "hashed_secret": "2546383b95bb44732e9be6a877fd476c0442fdab", "is_secret": false, "is_verified": false, - "line_number": 51, + "line_number": 52, "type": "Secret Keyword" }, { "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900", "is_secret": false, "is_verified": false, - "line_number": 53, + "line_number": 54, "type": "Secret Keyword" } ], diff --git a/helm/common/README.md b/helm/common/README.md index 1fe4bdf7..64833c45 100644 --- a/helm/common/README.md +++ b/helm/common/README.md @@ -1,6 +1,6 @@ # common -![Version: 0.1.11](https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for provisioning databases in gen3 diff --git a/helm/fence/Chart.yaml b/helm/fence/Chart.yaml index e145f4a4..9bb1464d 100644 --- a/helm/fence/Chart.yaml +++ b/helm/fence/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.20 +version: 0.1.21 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/fence/README.md b/helm/fence/README.md index cd1c7821..1e38aa2e 100644 --- a/helm/fence/README.md +++ b/helm/fence/README.md @@ -1,6 +1,6 @@ # fence -![Version: 0.1.19](https://img.shields.io/badge/Version-0.1.19-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.21](https://img.shields.io/badge/Version-0.1.21-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Fence @@ -8,7 +8,7 @@ A Helm chart for gen3 Fence | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.11 | +| file://../common | common | 0.1.12 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | ## Values @@ -187,7 +187,7 @@ A Helm chart for gen3 Fence | serviceAccount.create | bool | `true` | Specifies whether a service account should be created. | | serviceAccount.name | string | `"fence-sa"` | The name of the service account | | tolerations | list | `[]` | Tolerations for the pods | -| usersync | map | `{"addDbgap":false,"custom_image":null,"onlyDbgap":false,"schedule":"*/30 * * * *","slack_send_dbgap":false,"slack_webhook":"None","syncFromDbgap":false,"userYamlS3Path":"s3://cdis-gen3-users/helm-test/user.yaml","usersync":true}` | Configuration options for usersync cronjob. | +| usersync | map | `{"addDbgap":false,"custom_image":null,"onlyDbgap":false,"schedule":"*/30 * * * *","slack_send_dbgap":false,"slack_webhook":"None","syncFromDbgap":false,"userYamlS3Path":"s3://cdis-gen3-users/helm-test/user.yaml","usersync":false}` | Configuration options for usersync cronjob. | | usersync.addDbgap | bool | `false` | Force attempting a dbgap sync if "true", falls back on user.yaml | | usersync.custom_image | string | `nil` | To set a custom image for pulling the user.yaml file from S3. Default is the Gen3 Awshelper image. | | usersync.onlyDbgap | bool | `false` | Forces ONLY a dbgap sync if "true", IGNORING user.yaml | @@ -196,7 +196,7 @@ A Helm chart for gen3 Fence | usersync.slack_webhook | string | `"None"` | Slack webhook endpoint used with certain jobs. | | usersync.syncFromDbgap | bool | `false` | Whether to sync data from dbGaP. | | usersync.userYamlS3Path | string | `"s3://cdis-gen3-users/helm-test/user.yaml"` | Path to the user.yaml file in S3. | -| usersync.usersync | bool | `true` | Whether to run Fence usersync or not. | +| usersync.usersync | bool | `false` | Whether to run Fence usersync or not. | | volumeMounts | list | `[{"mountPath":"/var/www/fence/local_settings.py","name":"old-config-volume","readOnly":true,"subPath":"local_settings.py"},{"mountPath":"/var/www/fence/fence_credentials.json","name":"json-secret-volume","readOnly":true,"subPath":"fence_credentials.json"},{"mountPath":"/var/www/fence/creds.json","name":"creds-volume","readOnly":true,"subPath":"creds.json"},{"mountPath":"/var/www/fence/config_helper.py","name":"config-helper","readOnly":true,"subPath":"config_helper.py"},{"mountPath":"/fence/fence/static/img/logo.svg","name":"logo-volume","readOnly":true,"subPath":"logo.svg"},{"mountPath":"/fence/fence/static/privacy_policy.md","name":"privacy-policy","readOnly":true,"subPath":"privacy_policy.md"},{"mountPath":"/var/www/fence/fence-config-secret.yaml","name":"config-volume","readOnly":true,"subPath":"fence-config.yaml"},{"mountPath":"/var/www/fence/yaml_merge.py","name":"yaml-merge","readOnly":true,"subPath":"yaml_merge.py"},{"mountPath":"/var/www/fence/fence_google_app_creds_secret.json","name":"fence-google-app-creds-secret-volume","readOnly":true,"subPath":"fence_google_app_creds_secret.json"},{"mountPath":"/var/www/fence/fence_google_storage_creds_secret.json","name":"fence-google-storage-creds-secret-volume","readOnly":true,"subPath":"fence_google_storage_creds_secret.json"},{"mountPath":"/fence/keys/key/jwt_private_key.pem","name":"fence-jwt-keys","readOnly":true,"subPath":"jwt_private_key.pem"},{"mountPath":"/var/www/fence/fence-config-public.yaml","name":"config-volume-public","readOnly":true,"subPath":"fence-config-public.yaml"}]` | Volumes to mount to the container. | | volumes | list | `[{"name":"old-config-volume","secret":{"secretName":"fence-secret"}},{"name":"json-secret-volume","secret":{"optional":true,"secretName":"fence-json-secret"}},{"name":"creds-volume","secret":{"secretName":"fence-creds"}},{"configMap":{"name":"config-helper","optional":true},"name":"config-helper"},{"configMap":{"name":"logo-config"},"name":"logo-volume"},{"name":"config-volume","secret":{"secretName":"fence-config"}},{"name":"fence-google-app-creds-secret-volume","secret":{"secretName":"fence-google-app-creds-secret"}},{"name":"fence-google-storage-creds-secret-volume","secret":{"secretName":"fence-google-storage-creds-secret"}},{"name":"fence-jwt-keys","secret":{"secretName":"fence-jwt-keys"}},{"configMap":{"name":"privacy-policy"},"name":"privacy-policy"},{"configMap":{"name":"fence-yaml-merge","optional":false},"name":"yaml-merge"},{"configMap":{"name":"manifest-fence","optional":true},"name":"config-volume-public"}]` | Volumes to attach to the container. | diff --git a/helm/frontend-framework/Chart.yaml b/helm/frontend-framework/Chart.yaml index a86f9eb1..0bc88e54 100644 --- a/helm/frontend-framework/Chart.yaml +++ b/helm/frontend-framework/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.1 +version: 0.1.2 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to @@ -25,5 +25,5 @@ appVersion: "develop" dependencies: - name: common - version: 0.1.10 + version: 0.1.12 repository: file://../common diff --git a/helm/frontend-framework/README.md b/helm/frontend-framework/README.md index 8c515bb3..da8e909a 100644 --- a/helm/frontend-framework/README.md +++ b/helm/frontend-framework/README.md @@ -1,6 +1,6 @@ # frontend-framework -![Version: 0.1.1](https://img.shields.io/badge/Version-0.1.1-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: develop](https://img.shields.io/badge/AppVersion-develop-informational?style=flat-square) +![Version: 0.1.2](https://img.shields.io/badge/Version-0.1.2-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: develop](https://img.shields.io/badge/AppVersion-develop-informational?style=flat-square) A Helm chart for the gen3 frontend framework @@ -8,7 +8,7 @@ A Helm chart for the gen3 frontend framework | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.10 | +| file://../common | common | 0.1.12 | ## Values @@ -32,6 +32,7 @@ A Helm chart for the gen3 frontend framework | datadogLogsInjection | bool | `false` | If enabled, the Datadog Agent will automatically inject Datadog-specific metadata into your application logs. | | datadogProfilingEnabled | bool | `false` | If enabled, the Datadog Agent will collect profiling data for your application using the Continuous Profiler. This data can be used to identify performance bottlenecks and optimize your application. | | datadogTraceSampleRate | int | `1` | A value between 0 and 1, that represents the percentage of requests that will be traced. For example, a value of 0.5 means that 50% of requests will be traced. | +| env | list | `[]` | List of environment variables to add to the deployment. | | fullnameOverride | string | `""` | Override the full name of the deployment. | | global | map | `{"aws":{"awsAccessKeyId":null,"awsSecretAccessKey":null,"enabled":false},"ddEnabled":false,"dev":true,"dictionaryUrl":"https://s3.amazonaws.com/dictionary-artifacts/datadictionary/develop/schema.json","dispatcherJobNum":10,"environment":"default","hostname":"localhost","kubeBucket":"kube-gen3","logsBucket":"logs-gen3","netPolicy":true,"portalApp":"gitops","postgres":{"dbCreate":true,"master":{"host":null,"password":null,"port":"5432","username":"postgres"}},"publicDataSets":true,"revproxyArn":"arn:aws:acm:us-east-1:123456:certificate","syncFromDbgap":false,"tierAccessLevel":"libre","userYamlS3Path":"s3://cdis-gen3-users/test/user.yaml"}` | Global configuration options. | | global.aws | map | `{"awsAccessKeyId":null,"awsSecretAccessKey":null,"enabled":false}` | AWS configuration | diff --git a/helm/frontend-framework/templates/configMap.yaml b/helm/frontend-framework/templates/configMap.yaml new file mode 100644 index 00000000..f8cd1c23 --- /dev/null +++ b/helm/frontend-framework/templates/configMap.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "frontend-framework.fullname" . }}-configmap + labels: + {{- include "frontend-framework.labels" . | nindent 4 }} +data: + {{- range $key, $val := .Values.env }} + {{ $key }}: {{ $val | quote }} + {{- end }} \ No newline at end of file diff --git a/helm/frontend-framework/templates/deployment.yaml b/helm/frontend-framework/templates/deployment.yaml index ccb18398..67699b85 100644 --- a/helm/frontend-framework/templates/deployment.yaml +++ b/helm/frontend-framework/templates/deployment.yaml @@ -12,13 +12,13 @@ spec: matchLabels: {{- include "frontend-framework.selectorLabels" . | nindent 6 }} revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} - strategy: {{- toYaml .Values.strategy | nindent 8 }} template: metadata: - {{- with .Values.podAnnotations }} annotations: + checksum/config: {{ include (print $.Template.BasePath "/configMap.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: @@ -62,6 +62,10 @@ spec: - containerPort: 80 name: http protocol: TCP + envFrom: + - configMapRef: + name: {{ include "frontend-framework.fullname" . }}-configmap + optional: true env: {{- if .Values.global.ddEnabled }} {{- include "common.datadogEnvVar" . | nindent 12 }} diff --git a/helm/frontend-framework/values.yaml b/helm/frontend-framework/values.yaml index 03bb3777..c69fc102 100644 --- a/helm/frontend-framework/values.yaml +++ b/helm/frontend-framework/values.yaml @@ -122,6 +122,9 @@ autoscaling: targetCPUUtilizationPercentage: 80 # targetMemoryUtilizationPercentage: 80 +# -- (list) List of environment variables to add to the deployment. +env: [] + # -- (map) Node selector to apply to the pod nodeSelector: {} diff --git a/helm/gen3/Chart.yaml b/helm/gen3/Chart.yaml index 75acff50..0ed8ea56 100644 --- a/helm/gen3/Chart.yaml +++ b/helm/gen3/Chart.yaml @@ -32,11 +32,11 @@ dependencies: repository: file://../etl condition: etl.enabled - name: frontend-framework - version: 0.1.1 + version: 0.1.2 repository: "file://../frontend-framework" condition: frontend-framework.enabled - name: fence - version: 0.1.20 + version: 0.1.21 repository: "file://../fence" condition: fence.enabled - name: guppy @@ -128,7 +128,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.39 +version: 0.1.40 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/gen3/README.md b/helm/gen3/README.md index fa6ed288..6f85d44d 100644 --- a/helm/gen3/README.md +++ b/helm/gen3/README.md @@ -1,6 +1,6 @@ # gen3 -![Version: 0.1.38](https://img.shields.io/badge/Version-0.1.38-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.40](https://img.shields.io/badge/Version-0.1.40-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) Helm chart to deploy Gen3 Data Commons @@ -23,10 +23,10 @@ Helm chart to deploy Gen3 Data Commons | file://../argo-wrapper | argo-wrapper | 0.1.7 | | file://../audit | audit | 0.1.12 | | file://../aws-es-proxy | aws-es-proxy | 0.1.9 | -| file://../common | common | 0.1.11 | +| file://../common | common | 0.1.12 | | file://../etl | etl | 0.1.1 | -| file://../fence | fence | 0.1.19 | -| file://../frontend-framework | frontend-framework | 0.1.1 | +| file://../fence | fence | 0.1.21 | +| file://../frontend-framework | frontend-framework | 0.1.2 | | file://../guppy | guppy | 0.1.12 | | file://../hatchery | hatchery | 0.1.9 | | file://../indexd | indexd | 0.1.14 | From e0a5c28108548854c073b1ae2e665e6a6a334742 Mon Sep 17 00:00:00 2001 From: Jawad Qureshi Date: Thu, 1 Aug 2024 19:52:40 +0200 Subject: [PATCH 2/3] Bump common chart --- helm/common/Chart.yaml | 2 +- helm/common/README.md | 2 +- helm/frontend-framework/Chart.yaml | 2 +- helm/frontend-framework/README.md | 2 +- helm/gen3/Chart.yaml | 2 +- helm/gen3/README.md | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/helm/common/Chart.yaml b/helm/common/Chart.yaml index 768bff1f..5b93f896 100644 --- a/helm/common/Chart.yaml +++ b/helm/common/Chart.yaml @@ -15,7 +15,7 @@ type: library # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.12 +version: 0.1.13 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/common/README.md b/helm/common/README.md index 64833c45..18560be1 100644 --- a/helm/common/README.md +++ b/helm/common/README.md @@ -1,6 +1,6 @@ # common -![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.13](https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square) ![Type: library](https://img.shields.io/badge/Type-library-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for provisioning databases in gen3 diff --git a/helm/frontend-framework/Chart.yaml b/helm/frontend-framework/Chart.yaml index 0bc88e54..69ce52da 100644 --- a/helm/frontend-framework/Chart.yaml +++ b/helm/frontend-framework/Chart.yaml @@ -25,5 +25,5 @@ appVersion: "develop" dependencies: - name: common - version: 0.1.12 + version: 0.1.13 repository: file://../common diff --git a/helm/frontend-framework/README.md b/helm/frontend-framework/README.md index da8e909a..27d8eeca 100644 --- a/helm/frontend-framework/README.md +++ b/helm/frontend-framework/README.md @@ -8,7 +8,7 @@ A Helm chart for the gen3 frontend framework | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.12 | +| file://../common | common | 0.1.13 | ## Values diff --git a/helm/gen3/Chart.yaml b/helm/gen3/Chart.yaml index 0ed8ea56..f893dc62 100644 --- a/helm/gen3/Chart.yaml +++ b/helm/gen3/Chart.yaml @@ -25,7 +25,7 @@ dependencies: repository: "file://../aws-es-proxy" condition: aws-es-proxy.enabled - name: common - version: 0.1.12 + version: 0.1.13 repository: file://../common - name: etl version: 0.1.1 diff --git a/helm/gen3/README.md b/helm/gen3/README.md index 6f85d44d..309c628d 100644 --- a/helm/gen3/README.md +++ b/helm/gen3/README.md @@ -23,7 +23,7 @@ Helm chart to deploy Gen3 Data Commons | file://../argo-wrapper | argo-wrapper | 0.1.7 | | file://../audit | audit | 0.1.12 | | file://../aws-es-proxy | aws-es-proxy | 0.1.9 | -| file://../common | common | 0.1.12 | +| file://../common | common | 0.1.13 | | file://../etl | etl | 0.1.1 | | file://../fence | fence | 0.1.21 | | file://../frontend-framework | frontend-framework | 0.1.2 | From 7c66bdd237747ca844dba6fb29b0e790351e6bba Mon Sep 17 00:00:00 2001 From: Jawad Qureshi Date: Thu, 1 Aug 2024 20:00:33 +0200 Subject: [PATCH 3/3] Bump common chart --- .secrets.baseline | 14 +++++++------- helm/fence/Chart.yaml | 2 +- helm/fence/README.md | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.secrets.baseline b/.secrets.baseline index d85e0cff..b4c8ad20 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "^.secrets.baseline$", "lines": null }, - "generated_at": "2024-08-01T17:42:56Z", + "generated_at": "2024-08-01T18:00:24Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -229,35 +229,35 @@ "hashed_secret": "7f57cb0116aa983d9844a39f6da9244cf98036b1", "is_secret": false, "is_verified": false, - "line_number": 92, + "line_number": 93, "type": "Secret Keyword" }, { "hashed_secret": "b266a6d0f00bb36f6b98134bf4cec71f2d7943a3", "is_secret": false, "is_verified": false, - "line_number": 102, + "line_number": 103, "type": "Secret Keyword" }, { "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900", "is_secret": false, "is_verified": false, - "line_number": 127, + "line_number": 128, "type": "Secret Keyword" }, { "hashed_secret": "f09dd6e359833a12f48c4c4255d6e87a6e55cfe9", "is_secret": false, "is_verified": false, - "line_number": 154, + "line_number": 155, "type": "Secret Keyword" }, { - "hashed_secret": "9d8fada0e01336e865c461bb3549084d206fe6da", + "hashed_secret": "5c5a68077af6fa84424411537dda76467f993a83", "is_secret": false, "is_verified": false, - "line_number": 200, + "line_number": 201, "type": "Secret Keyword" } ], diff --git a/helm/fence/Chart.yaml b/helm/fence/Chart.yaml index 9bb1464d..99bafac4 100644 --- a/helm/fence/Chart.yaml +++ b/helm/fence/Chart.yaml @@ -24,7 +24,7 @@ appVersion: "master" dependencies: - name: common - version: 0.1.12 + version: 0.1.13 repository: file://../common - name: postgresql version: 11.9.13 diff --git a/helm/fence/README.md b/helm/fence/README.md index 1e38aa2e..3b650cc7 100644 --- a/helm/fence/README.md +++ b/helm/fence/README.md @@ -8,7 +8,7 @@ A Helm chart for gen3 Fence | Repository | Name | Version | |------------|------|---------| -| file://../common | common | 0.1.12 | +| file://../common | common | 0.1.13 | | https://charts.bitnami.com/bitnami | postgresql | 11.9.13 | ## Values