From 3fa8382c986133251a8fc396bc9e8c5ecd3ad368 Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Mon, 28 Oct 2024 12:21:46 -0700 Subject: [PATCH 1/6] chore: add params to make crunchy optional, and document the steps needed. Signed-off-by: OMPRAKASH MISHRA --- .github/workflows/.dbdeployer.yml | 7 +++++++ .github/workflows/pr-close.yml | 5 ++++- README.md | 4 ++++ charts/app/templates/secret.yaml | 2 ++ charts/app/values.yaml | 4 ++-- 5 files changed, 19 insertions(+), 3 deletions(-) diff --git a/.github/workflows/.dbdeployer.yml b/.github/workflows/.dbdeployer.yml index dfb07054a..2d824a19d 100644 --- a/.github/workflows/.dbdeployer.yml +++ b/.github/workflows/.dbdeployer.yml @@ -26,6 +26,12 @@ on: default: 'values.yaml' required: false type: string + enabled: + description: 'Enable the deployment of the crunchy database, easy switch to turn it on/off' + default: false + required: false + type: boolean + secrets: oc_namespace: description: OpenShift namespace @@ -48,6 +54,7 @@ on: jobs: deploy_db: runs-on: ubuntu-24.04 + if: ${{ inputs.enabled }} name: Deploy Or Upgrade Crunchy DB environment: ${{ inputs.environment }} steps: diff --git a/.github/workflows/pr-close.yml b/.github/workflows/pr-close.yml index 8e50ecc81..053ca1aed 100644 --- a/.github/workflows/pr-close.yml +++ b/.github/workflows/pr-close.yml @@ -40,7 +40,10 @@ jobs: - name: Remove PR user and database from crunchy. shell: bash run: | - + # check if postgres-crunchy exists or else exit + oc get PostgresCluster/postgres-crunchy || exit 0 + + # Remove the user from the crunchy cluster yaml and apply the changes USER_TO_REMOVE='{"databases":["app-${{ github.event.number }}"],"name":"app-${{ github.event.number }}"}' echo 'getting current users from crunchy' diff --git a/README.md b/README.md index cf3b77835..afc1d0b72 100644 --- a/README.md +++ b/README.md @@ -363,6 +363,10 @@ Crunchy is the default choice for HA postgres/postgis DB in BCGov. provided char * For specifying different resources for different envs, just add values-test.yml and values-prod.yml , then provide them to the [DB Deployer in GHA](.github/workflows/.dbdeployer.yml#L24). * For enabling S3 backups/recovery, please enable in [values file](./charts/crunchy/values.yaml#L62), and in the [DB Deployer in GHA](.github/workflows/.dbdeployer.yml#L20), then provide necessary secret values which are prefixed with `s3` [DB Deployer in GHA](.github/workflows/.dbdeployer.yml#L36) +* To disable crunchy deployment, make the following changes + * make crunchy enabled to false in [values.yaml](./charts/app/values.yaml#L117) + * make bitnami postgis enabled to true in [values.yaml](./charts/app/values.yaml#L120) + * make the db-deployer false in gha workflow [.dbdeployer.yaml](./.github/workflows/.dbdeployer.yml#L31) ## Alternative Backends diff --git a/charts/app/templates/secret.yaml b/charts/app/templates/secret.yaml index ed13d7756..fbb4a8b15 100644 --- a/charts/app/templates/secret.yaml +++ b/charts/app/templates/secret.yaml @@ -63,6 +63,7 @@ data: FLYWAY_PASSWORD: {{ $databasePassword | quote }} --- +{{- if not .Values.crunchy.enabled}} # only when it is bitnami-postgres apiVersion: v1 kind: Secret metadata: @@ -76,3 +77,4 @@ data: postgres-password: {{ $databasePassword | quote }} password: {{ $databasePassword | quote }} {{- end }} +{{- end }} diff --git a/charts/app/values.yaml b/charts/app/values.yaml index 85a8d7f62..fdc43b496 100644 --- a/charts/app/values.yaml +++ b/charts/app/values.yaml @@ -114,10 +114,10 @@ frontend: minAvailable: 1 # the minimum number of pods that must be available during the disruption budget. crunchy: - enabled: true # make this false and bitnami-pg true to switch from crunchy to bitnami single postgis. + enabled: false # make this false and bitnami-pg true to switch from crunchy to bitnami single postgis. bitnamiPostgis: - enabled: false + enabled: true image: registry: ghcr.io repository: bcgov/nr-containers/bitnami/postgresql From 5aad814a8ad4175104e0ec768e471eed042b1bfc Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Mon, 28 Oct 2024 12:30:19 -0700 Subject: [PATCH 2/6] remove db deploy from deploy needs Signed-off-by: OMPRAKASH MISHRA --- .github/workflows/pr-open.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pr-open.yml b/.github/workflows/pr-open.yml index 2598186b0..4bb59c5be 100644 --- a/.github/workflows/pr-open.yml +++ b/.github/workflows/pr-open.yml @@ -36,7 +36,7 @@ jobs: # https://github.com/bcgov/quickstart-openshift-helpers deploys: name: Deploys - needs: [builds, deploy_db] + needs: [builds] uses: ./.github/workflows/.deployer.yml secrets: oc_namespace: ${{ secrets.OC_NAMESPACE }} From d25bb7cd204f03ce31e4a95f473b913e7bcdda12 Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Mon, 28 Oct 2024 12:38:10 -0700 Subject: [PATCH 3/6] fix alias for bitnami postgres Signed-off-by: OMPRAKASH MISHRA --- charts/app/Chart.yaml | 4 ++-- charts/app/templates/_helpers.tpl | 4 ++-- charts/app/values.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/charts/app/Chart.yaml b/charts/app/Chart.yaml index 6beb725b8..15b38864f 100644 --- a/charts/app/Chart.yaml +++ b/charts/app/Chart.yaml @@ -26,10 +26,10 @@ appVersion: "1.16.0" dependencies: - name: postgresql - condition: bitnamiPostgis.enabled + condition: bitnamipg.enabled version: 16.0.4 repository: https://charts.bitnami.com/bitnami - alias: bitnamiPostgis + alias: bitnamipg maintainers: - name: Om Mishra email: omprakash.2.mishra@gov.bc.ca diff --git a/charts/app/templates/_helpers.tpl b/charts/app/templates/_helpers.tpl index f81e36456..e6278f4a5 100644 --- a/charts/app/templates/_helpers.tpl +++ b/charts/app/templates/_helpers.tpl @@ -46,10 +46,10 @@ app.kubernetes.io/instance: {{ .Release.Name }} {{- end }} {{- define "validation" -}} -{{- if and (not .Values.crunchy.enabled) (not .Values.bitnamiPostgis.enabled ) }} +{{- if and (not .Values.crunchy.enabled) (not .Values.bitnamipg.enabled ) }} {{- fail "Both Database options are disabled" }} {{- end }} -{{- if and (.Values.crunchy.enabled) (.Values.bitnamiPostgis.enabled) }} +{{- if and (.Values.crunchy.enabled) (.Values.bitnamipg.enabled) }} {{- fail "Both Database options are enabled" }} {{- end }} {{- if and (.Values.crunchy.enabled) (not .Values.global.config.databaseUser) }} diff --git a/charts/app/values.yaml b/charts/app/values.yaml index fdc43b496..073d0cf9c 100644 --- a/charts/app/values.yaml +++ b/charts/app/values.yaml @@ -21,7 +21,7 @@ global: #-- domain of the application, it is required, apps.silver.devops.gov.bc.ca for silver cluster and apps.devops.gov.bc.ca for gold cluster domain: "apps.silver.devops.gov.bc.ca" # it is apps.gold.devops.gov.bc.ca for gold cluster #-- the database Alias gives a nice way to switch to different databases, crunchy, patroni ... etc. - databaseAlias: postgres-crunchy #bitnamiPostgis # when using crunchy make it postgres-crunchy + databaseAlias: bitnamipg #postgres-crunchy #bitnamipg # when using crunchy make it postgres-crunchy #-- the components of the application, backend. backend: @@ -116,7 +116,7 @@ frontend: crunchy: enabled: false # make this false and bitnami-pg true to switch from crunchy to bitnami single postgis. -bitnamiPostgis: +bitnamipg: enabled: true image: registry: ghcr.io From 9b4867d601f0c7bc697eb84006516ddf525f6ce8 Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Mon, 28 Oct 2024 12:49:09 -0700 Subject: [PATCH 4/6] fix secret.yaml Signed-off-by: OMPRAKASH MISHRA --- charts/app/templates/secret.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/app/templates/secret.yaml b/charts/app/templates/secret.yaml index fbb4a8b15..1c29b7c0d 100644 --- a/charts/app/templates/secret.yaml +++ b/charts/app/templates/secret.yaml @@ -14,9 +14,9 @@ {{- $databaseName = b64dec (get $secretData "dbname") }} {{- $host = printf "%s:%s" (b64dec (get $secretData "host")) (b64dec (get $secretData "port")) }} {{- $hostWithoutPort = printf "%s" (b64dec (get $secretData "host")) }} -{{- else}} +{{- else }} {{- $databaseUser = .Values.global.config.databaseUser| default "quickstart" }} - {{- $databasePassword := .Values.global.secrets.databasePassword | default (randAlphaNum 10) }} + {{- $databasePassword = .Values.global.secrets.databasePassword | default (randAlphaNum 10) }} {{- $secretName := printf "%s-database" .Release.Name }} {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace $secretName ) | default dict }} {{- $secretData := (get $secretObj "data") | default dict }} From 5a2a06ea6316b7553fe22fd6cdf29d1fa3b68e30 Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Mon, 28 Oct 2024 14:21:22 -0700 Subject: [PATCH 5/6] fix secret.yaml Signed-off-by: OMPRAKASH MISHRA --- charts/app/Chart.lock | 6 +++--- charts/app/Chart.yaml | 2 +- charts/app/templates/secret.yaml | 4 ++-- charts/app/values.yaml | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/charts/app/Chart.lock b/charts/app/Chart.lock index 86348bec1..2a0ee0984 100644 --- a/charts/app/Chart.lock +++ b/charts/app/Chart.lock @@ -1,6 +1,6 @@ dependencies: - name: postgresql repository: https://charts.bitnami.com/bitnami - version: 16.0.4 -digest: sha256:f35e9a099b4b8a5fb19be545d31397682125da77cbfcbdc7312da2a6d5858cce -generated: "2024-10-28T14:47:12.015716693Z" + version: 16.0.6 +digest: sha256:3de96304f1e196bad8c10cf426762b3e42eb88771cc1c11386ae459148720f1b +generated: "2024-10-28T14:15:45.2855055-07:00" diff --git a/charts/app/Chart.yaml b/charts/app/Chart.yaml index 15b38864f..73fcd66f9 100644 --- a/charts/app/Chart.yaml +++ b/charts/app/Chart.yaml @@ -27,7 +27,7 @@ appVersion: "1.16.0" dependencies: - name: postgresql condition: bitnamipg.enabled - version: 16.0.4 + version: 16.0.6 repository: https://charts.bitnami.com/bitnami alias: bitnamipg maintainers: diff --git a/charts/app/templates/secret.yaml b/charts/app/templates/secret.yaml index 1c29b7c0d..7031d2739 100644 --- a/charts/app/templates/secret.yaml +++ b/charts/app/templates/secret.yaml @@ -15,14 +15,14 @@ {{- $host = printf "%s:%s" (b64dec (get $secretData "host")) (b64dec (get $secretData "port")) }} {{- $hostWithoutPort = printf "%s" (b64dec (get $secretData "host")) }} {{- else }} - {{- $databaseUser = .Values.global.config.databaseUser| default "quickstart" }} + {{- $databaseUser = "quickstart" }} {{- $databasePassword = .Values.global.secrets.databasePassword | default (randAlphaNum 10) }} {{- $secretName := printf "%s-database" .Release.Name }} {{- $secretObj := (lookup "v1" "Secret" .Release.Namespace $secretName ) | default dict }} {{- $secretData := (get $secretObj "data") | default dict }} # set below to existing secret data or generate a random one when not exists {{- $databasePassword = (get $secretData "postgres-password") | default ($databasePassword | b64enc) }} - {{- $databaseName = .Values.global.secrets.databaseName| default "quickstart" }} + {{- $databaseName = "quickstart" }} {{- $host = printf "%s-%s:5432" .Release.Name .Values.global.databaseAlias }} {{- $hostWithoutPort = printf "%s-%s" .Release.Name .Values.global.databaseAlias }} diff --git a/charts/app/values.yaml b/charts/app/values.yaml index 073d0cf9c..e3f538aff 100644 --- a/charts/app/values.yaml +++ b/charts/app/values.yaml @@ -124,8 +124,8 @@ bitnamipg: tag: 15.8.0 auth: existingSecret: '{{ .Release.Name }}-database' - username: 'quickstart' - database: quickstart + username: 'quickstart' # make sure this is aligned with secret.yaml + database: quickstart # make sure this is aligned with secret.yaml shmVolume: enabled: false backup: From 68c5db534e2176eef66a926a81f1f188cde998f4 Mon Sep 17 00:00:00 2001 From: OMPRAKASH MISHRA Date: Mon, 28 Oct 2024 14:49:00 -0700 Subject: [PATCH 6/6] revert back to crunchy db Signed-off-by: OMPRAKASH MISHRA --- .github/workflows/.dbdeployer.yml | 2 +- charts/app/values.yaml | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/.dbdeployer.yml b/.github/workflows/.dbdeployer.yml index 2d824a19d..cb92d7762 100644 --- a/.github/workflows/.dbdeployer.yml +++ b/.github/workflows/.dbdeployer.yml @@ -28,7 +28,7 @@ on: type: string enabled: description: 'Enable the deployment of the crunchy database, easy switch to turn it on/off' - default: false + default: true required: false type: boolean diff --git a/charts/app/values.yaml b/charts/app/values.yaml index e3f538aff..f1af3c82e 100644 --- a/charts/app/values.yaml +++ b/charts/app/values.yaml @@ -21,7 +21,8 @@ global: #-- domain of the application, it is required, apps.silver.devops.gov.bc.ca for silver cluster and apps.devops.gov.bc.ca for gold cluster domain: "apps.silver.devops.gov.bc.ca" # it is apps.gold.devops.gov.bc.ca for gold cluster #-- the database Alias gives a nice way to switch to different databases, crunchy, patroni ... etc. - databaseAlias: bitnamipg #postgres-crunchy #bitnamipg # when using crunchy make it postgres-crunchy + #databaseAlias: bitnamipg #uncomment when using bitnami pg and comment below. + databaseAlias: postgres-crunchy #uncomment when using crunchy and comment above. #-- the components of the application, backend. backend: @@ -114,10 +115,10 @@ frontend: minAvailable: 1 # the minimum number of pods that must be available during the disruption budget. crunchy: - enabled: false # make this false and bitnami-pg true to switch from crunchy to bitnami single postgis. + enabled: true # make this false and bitnami-pg true to switch from crunchy to bitnami single postgis. bitnamipg: - enabled: true + enabled: false image: registry: ghcr.io repository: bcgov/nr-containers/bitnami/postgresql