Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat/dev/openshift #297

Merged
merged 20 commits into from
May 6, 2024
Merged

feat/dev/openshift #297

merged 20 commits into from
May 6, 2024

Conversation

roivaz
Copy link
Member

@roivaz roivaz commented May 3, 2024
edited
Loading

Several features that improve the local-setup to make it usable also in a publicly accessible Openshift cluster:

  • Adds an option to retrieve secret values from a known seed secret. This finally breaks the dependence of saas-operator from Vault. The override option was only usable in a local environment because secrets shouldn't be hard coded in a setup where the endpoints are published to the internet. Example usage:

saas-operator/config/local-setup/workloads/backend.yaml

Lines 2 to 20 in 3c91c7e

apiVersion: saas.3scale.net/v1alpha1
kind: Backend
metadata:
name: backend
spec:
image:
name: REPLACE
tag: REPLACE
pullSecretName: pull-secrets
pullPolicy: Always
config:
masterServiceID: 1
internalAPIPassword: {fromSeed: {}}
internalAPIUser: {fromSeed: {}}
rackEnv: preview
redisQueuesDSN: "redis://backend-redis:6379/1"
redisStorageDSN: "redis://backend-redis:6379/0"
systemEventsHookPassword: {}
systemEventsHookURL: {override: https://REPLACE/master/events/import }

  • Reworks the local-setup to use a tekton pipeline for database setup. See:

saas-operator/config/local-setup/workloads/system.yaml

Lines 115 to 164 in 3c91c7e

tasks:
- name: system-db-setup
description: |-
Creates the database, loads the schema, and initializes with the
seed data (use system-db-drop to drop the database first). It drops
the current database if one exists.
config:
command: ["container-entrypoint"]
args: ["bundle", "exec", "rake", "db:drop", "db:setup"]
extraEnv:
- name: MASTER_DOMAIN
value: multitenant-admin
- name: MASTER_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: saas-seed
key: system-master-access-token
- name: MASTER_PASSWORD
valueFrom:
secretKeyRef:
name: saas-seed
key: system-master-password
- name: MASTER_USER
valueFrom:
secretKeyRef:
name: saas-seed
key: system-master-user
- name: TENANT_NAME
value: provider
- name: PROVIDER_NAME
value: "3scale SaaS Dev Provider"
- name: USER_LOGIN
valueFrom:
secretKeyRef:
name: saas-seed
key: system-tenant-user
- name: USER_PASSWORD
valueFrom:
secretKeyRef:
name: saas-seed
key: system-tenant-password
- name: ADMIN_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: saas-seed
key: system-tenant-token
- name: USER_EMAIL
value: "admin@cluster.local"
- name: DISABLE_DATABASE_ENVIRONMENT_CHECK
value: "1"

/kind feature
/priority important-soon
/assign

@3scale-robot 3scale-robot added do-not-merge/work-in-progress kind/feature Categorizes issue or PR as related to a new feature. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next sprint. labels May 3, 2024
@3scale-robot 3scale-robot added needs-size Indicates a PR or issue lacks a `size/foo` label and requires one. size/L Requires few days to complete the PR or the issue. size/XL Requires about a week to complete the PR or the issue. and removed needs-size Indicates a PR or issue lacks a `size/foo` label and requires one. size/L Requires few days to complete the PR or the issue. labels May 3, 2024
@roivaz roivaz force-pushed the feat/dev/openshift branch 7 times, most recently from a022ae3 to 6196a42 Compare May 6, 2024 15:02
@roivaz
Copy link
Member Author

roivaz commented May 6, 2024

/retitle feat/dev/openshift

@3scale-robot 3scale-robot changed the title WIP - feat/dev/openshift feat/dev/openshift May 6, 2024
@3scale-robot 3scale-robot added the lgtm Indicates that a PR is ready to be merged. label May 6, 2024
@3scale-robot
Copy link
Contributor

LGTM label has been added.

Git tree hash: 74267bbaf444e57b9b820dcbfa97ed087dc1d896

@roivaz
Copy link
Member Author

roivaz commented May 6, 2024

/approve

@3scale-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: roivaz

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@3scale-robot 3scale-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 6, 2024
@3scale-robot 3scale-robot merged commit 27e3c2c into main May 6, 2024
4 checks passed
@3scale-robot 3scale-robot deleted the feat/dev/openshift branch May 6, 2024 16:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@raelga raelga raelga approved these changes

@slopezz slopezz Awaiting requested review from slopezz

Assignees

@raelga raelga

@roivaz roivaz

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. kind/feature Categorizes issue or PR as related to a new feature. lgtm Indicates that a PR is ready to be merged. priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next sprint. size/XL Requires about a week to complete the PR or the issue.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@roivaz @3scale-robot @raelga