From e5688898ed293bc64eb740a5035212f42efd73b9 Mon Sep 17 00:00:00 2001 From: Alan Bridgeman Date: Mon, 12 May 2025 19:42:10 -0500 Subject: [PATCH 01/10] Correcting value issue with one of the templates. Again... --- templates/deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/deployment.yaml b/templates/deployment.yaml index a554e45..388836f 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -353,7 +353,7 @@ spec: - name: VAULT_NAME valueFrom: secretKeyRef: - name: {{ .Release.Name }}-pass-vault-secret + name: {{ .Release.Name }}-vault-secret key: vault-name - name: VAULT_SNAPSHOT_SERVER_PORT valueFrom: @@ -388,7 +388,7 @@ spec: secretKeyRef: name: {{ .Release.Name }}-cache-credentials key: password - {{- if .Values.passVault.create.snapshotServer.enabled }} + {{- if .Values.vault.create.snapshotServer.enabled }} volumeMounts: # Mount for a shared volume for Vault credentials # This is separate from the app's `role vars` volume because it includes other credentials From d298262e7a16831ddb38d48cb83b7c0bb64a1bf5 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Tue, 13 May 2025 00:42:28 +0000 Subject: [PATCH 02/10] [Github Actions] Update Helm chart version to 1.5.4 --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index fe3da37..68df9ce 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -8,4 +8,4 @@ maintainers: name: services-dashboard sources: - https://github.com/Bridgeman-Accessible/services.bridgemanaccessible.ca -version: "1.5.3" +version: "1.5.4" From b5236c9942b4741099fe312d10371738ee3bbed4 Mon Sep 17 00:00:00 2001 From: Alan Bridgeman Date: Mon, 12 May 2025 19:46:50 -0500 Subject: [PATCH 03/10] Attempting to fix inconsistency with ciam-service-dashboard versus ciam-services-dashboard --- .github/workflows/deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 2c33dcb..b12e34a 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -119,7 +119,7 @@ jobs: backup-created: ${{ steps.backup.outputs.created }} restore-time: ${{ steps.deploy-helm-chart.outputs.RESTORE_TIME }} env: - NAMESPACE: ciam-service-dashboard + NAMESPACE: ciam-services-dashboard RELEASE_NAME: services CHART_NAME: ${{ needs.build.outputs.chart-name }} steps: From 15007dfcddc3fc022629472b07dd695d9ad49bef Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Tue, 13 May 2025 00:47:05 +0000 Subject: [PATCH 04/10] [Github Actions] Update Helm chart version to 1.5.5 --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 68df9ce..a0e34e2 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -8,4 +8,4 @@ maintainers: name: services-dashboard sources: - https://github.com/Bridgeman-Accessible/services.bridgemanaccessible.ca -version: "1.5.4" +version: "1.5.5" From 513d7d193e0513d3d105c943635192efe421181e Mon Sep 17 00:00:00 2001 From: Alan Bridgeman Date: Mon, 12 May 2025 20:40:17 -0500 Subject: [PATCH 05/10] Changing the name of persistent volume stuff because of should have had a missing prefix I think... --- .github/workflows/deploy.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b12e34a..a9ce163 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -193,7 +193,7 @@ jobs: k8s-delete \ --namespace ${{ env.NAMESPACE }} \ --release-name ${{ env.RELEASE_NAME }} \ - --rwx-volumes vault-role-vars + --rwx-volumes services-vault-role-vars # Deploy the resources to the cluster - name: Deploy Helm Chart @@ -229,7 +229,7 @@ jobs: --release-name ${{ env.RELEASE_NAME }} \ --filled-values-file $FILLED_VALUES_FILE \ --chart-name $CHART_NAME \ - --rwx-volumes vault-role-vars + --rwx-volumes services-vault-role-vars # Once deployed, we want to restore it to it's previous state (if applicable) restore: From b503f2fe997a386b3f8b3d543d64ebdcb4d9f75c Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Tue, 13 May 2025 01:41:21 +0000 Subject: [PATCH 06/10] [Github Actions] Update Helm chart version to 1.5.6 --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index a0e34e2..1f15f97 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -8,4 +8,4 @@ maintainers: name: services-dashboard sources: - https://github.com/Bridgeman-Accessible/services.bridgemanaccessible.ca -version: "1.5.5" +version: "1.5.6" From d7ea6a2f58958abffa0b8ee4350ef854555d0944 Mon Sep 17 00:00:00 2001 From: GitHub Actions Date: Tue, 13 May 2025 01:47:39 +0000 Subject: [PATCH 07/10] [Github Actions] Update Helm chart version to 1.5.7 --- Chart.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Chart.yaml b/Chart.yaml index 1f15f97..5aaafd6 100644 --- a/Chart.yaml +++ b/Chart.yaml @@ -8,4 +8,4 @@ maintainers: name: services-dashboard sources: - https://github.com/Bridgeman-Accessible/services.bridgemanaccessible.ca -version: "1.5.6" +version: "1.5.7" From 777a6bb69701cf41f958f5081f9c68c90b242f73 Mon Sep 17 00:00:00 2001 From: Alan Bridgeman Date: Thu, 15 May 2025 01:18:14 -0500 Subject: [PATCH 08/10] Small stuff mostly I think... --- .github/workflows/deploy.yml | 4 ++-- templates/deployment.yaml | 2 ++ values.yaml | 4 ++++ 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index a9ce163..04a4880 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -332,7 +332,7 @@ jobs: # Verify that the site starts up after the restore - name: Verify Restore run: | - SITE_REQUEST_STATUS_CODE=$(curl -sSL https://$SITE_HOSTNAME -w '%{http_code}' -o /dev/null) + SITE_REQUEST_STATUS_CODE=$(curl -sSL https://${{ env.SITE_HOSTNAME }} -w '%{http_code}' -o /dev/null) MAX_RETRIES=5 RETRY_INTERVAL=30 @@ -344,7 +344,7 @@ jobs: sleep $RETRY_INTERVAL # Get the current status of the site - SITE_REQUEST_STATUS_CODE=$(curl -sSL http://account.bridgemanaccessible.ca -w '%{http_code}' -o /dev/null) + SITE_REQUEST_STATUS_CODE=$(curl -sSL http://${{ env.SITE_HOSTNAME }} -w '%{http_code}' -o /dev/null) # Increment the retry count RETRY_COUNT=$((RETRY_COUNT + 1)) diff --git a/templates/deployment.yaml b/templates/deployment.yaml index 388836f..5ec4e94 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -388,6 +388,8 @@ spec: secretKeyRef: name: {{ .Release.Name }}-cache-credentials key: password + - name: INITIAL_USER_ID + value: {{ .Values.initialUserID | quote }} {{- if .Values.vault.create.snapshotServer.enabled }} volumeMounts: # Mount for a shared volume for Vault credentials diff --git a/values.yaml b/values.yaml index 8a03758..6a95525 100644 --- a/values.yaml +++ b/values.yaml @@ -26,6 +26,10 @@ container: # The timestamp of the backup that the entrypoint script should wait for a restore to complete restoreFromBackup: "" +# The ID of the first/initial user +# This is because AT LEAST one user must be setup to setup everything else +initialUserID: + ingress: # We want an ingress resource if we are deploying to a cluster that has a ingress controller/load balancer # This includes most public cloud providers like EKS, GKE, and AKS From 80fc5b4f56a2028a9e5ecd1e66a9df7fc3158e52 Mon Sep 17 00:00:00 2001 From: Alan Bridgeman Date: Wed, 11 Jun 2025 17:45:40 -0500 Subject: [PATCH 09/10] Added an initial user ID environment variable --- templates/deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/deployment.yaml b/templates/deployment.yaml index 5ec4e94..3d60fb2 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -268,6 +268,8 @@ spec: name: {{ .Release.Name }}-moneris-secret key: test-app-secret {{- end }} + - name: INITIAL_USER_ID + value: {{ .Values.initialUserID | quote }} # Logging Sidecar related environment variables {{- if .Values.loggingSidecar.enabled }} - name: LOGGING_SIDE_CAR_PORT @@ -388,8 +390,6 @@ spec: secretKeyRef: name: {{ .Release.Name }}-cache-credentials key: password - - name: INITIAL_USER_ID - value: {{ .Values.initialUserID | quote }} {{- if .Values.vault.create.snapshotServer.enabled }} volumeMounts: # Mount for a shared volume for Vault credentials From 4590c84e202f36717bf23c7c59d6d6159de1e2fe Mon Sep 17 00:00:00 2001 From: Alan Bridgeman Date: Mon, 23 Jun 2025 07:59:00 -0500 Subject: [PATCH 10/10] Changed automation to match platform that are move towards --- {.github => .forgejo}/workflows/deploy.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) rename {.github => .forgejo}/workflows/deploy.yml (96%) diff --git a/.github/workflows/deploy.yml b/.forgejo/workflows/deploy.yml similarity index 96% rename from .github/workflows/deploy.yml rename to .forgejo/workflows/deploy.yml index 04a4880..0629f49 100644 --- a/.github/workflows/deploy.yml +++ b/.forgejo/workflows/deploy.yml @@ -29,7 +29,7 @@ jobs: echo "Chart Name: $CHART_NAME" - # Note, this depends on the [Harbor Helm Index](https://github.com/AlanBridgeman/harbor-helm-index) pretty heavily + # Note, this depends on the [Harbor Helm Index](https://git.bridgemanaccessible.ca/Bridgeman-Accessible/harbor-helm-index) pretty heavily # In particular, that tool allows us to treat what is an OCI registry as a Helm repository (which includes using `helm search repo`) helm repo add BridgemanAccessible https://helm.bridgemanaccessible.ca @@ -92,15 +92,15 @@ jobs: LOCAL_VERSION=$NEW_LOCAL_VERSION # Update remote URL to use the GITHUB_TOKEN for authentication - git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@github.com/${{ github.repository }}.git + git remote set-url origin https://x-access-token:${{ secrets.GITHUB_TOKEN }}@git.bridgemanaccessible.ca/${{ github.repository }}.git # Setup git user details for committing the version change and tag - git config user.name "GitHub Actions" - git config user.email "actions@github.com" + git config user.name "Forgejo Actions" + git config user.email "actions@git.bridgemanaccessible.ca" # Commit the version change to the `package.json` file git add Chart.yaml - git commit -m "[Github Actions] Update Helm chart version to $(yq -r '.version' Chart.yaml)" + git commit -m "[Forgejo Actions] Update Helm chart version to $(yq -r '.version' Chart.yaml)" # Push the changes to the repository git push origin HEAD:main @@ -202,7 +202,7 @@ jobs: FILLED_VALUES_FILE="values.filled.yaml" # Download a filled version of the `values.yaml` file from a secure location - DOWNLOAD_FILE=$(curl -sSL https://secure-storage.bridgemanaccessible.ca/services-dashboard/filled-values?token=${{ secrets.SECURE_STORAGE_TOKEN }} -o $FILLED_VALUES_FILE || echo "Failed to download filled values file.") + DOWNLOAD_FILE=$(curl -sSL https://secure-storage.bridgemanaccessible.ca/services-dashboard/values.filled.yaml?token=${{ secrets.SECURE_STORAGE_TOKEN }} -o $FILLED_VALUES_FILE || echo "Failed to download filled values file.") if [ "$DOWNLOAD_FILE" == "Failed to download filled values file." ]; then echo "Error: $DOWNLOAD_FILE" exit 1