Skip to content

Commit ddf0e4f

Browse files
amrityamroutamrityamrout
authored
Merge pull request #145 from abnamro/2526293-bug-fix-redis-and-vault
[#2526293] Fixed local deployment issue related to Redis cache and key vault
2 parents 1a1c757 + b788613 commit ddf0e4f

File tree

12 files changed

+43
-15
lines changed

12 files changed

+43
-15
lines changed

deployment/kubernetes/charts/resc-rabbitmq/templates/rabbitmq_job.yaml

+4
Original file line numberDiff line numberDiff line change
@@ -47,9 +47,11 @@ spec:
4747
name: {{ .Values.global.appName }}-rabbitmq-admin-secret
4848
{{ end }}
4949
volumeMounts:
50+
{{ if eq .Values.useKubernetesSecret "false"}}
5051
{{- with include "resc.mqInitAdditionalVolumeMounts" .}}
5152
{{- nindent 12 .}}
5253
{{- end }}
54+
{{ end }}
5355
securityContext:
5456
allowPrivilegeEscalation: false
5557
readOnlyRootFilesystem: false
@@ -62,9 +64,11 @@ spec:
6264
runAsNonRoot: true
6365
runAsUser: 10001
6466
volumes:
67+
{{ if eq .Values.useKubernetesSecret "false"}}
6568
{{- with include "resc.mqInitAdditionalVolumes" .}}
6669
{{- nindent 8 .}}
6770
{{- end }}
71+
{{ end }}
6872
restartPolicy: {{ .Values.mqInit.restartPolicy }}
6973
{{ if .Values.global.imagePullSecret }}
7074
imagePullSecrets:

deployment/kubernetes/charts/resc-rabbitmq/templates/rabbitmq_statefulset.yaml

+4
Original file line numberDiff line numberDiff line change
@@ -41,9 +41,11 @@ spec:
4141
- name: {{ .Values.global.appName }}-mq-pv-storage
4242
persistentVolumeClaim:
4343
claimName: {{ .Values.global.appName }}-mq-pv-volume-claim
44+
{{ if eq .Values.useKubernetesSecret "false"}}
4445
{{- with include "resc.mqAdditionalVolumes" .}}
4546
{{- nindent 8 .}}
4647
{{- end }}
48+
{{ end }}
4749
containers:
4850
- name: {{ .Values.global.appName }}-mq
4951
image: {{ .Values.rabbitMQ.image.repository }}{{ .Values.rabbitMQ.image.name }}:{{ .Values.rabbitMQ.image.tag }}
@@ -76,9 +78,11 @@ spec:
7678
- mountPath: "/var/lib/rabbitmq/mnesia"
7779
subPath: "var/lib/rabbitmq/mnesia"
7880
name: {{ .Values.global.appName }}-mq-pv-storage
81+
{{ if eq .Values.useKubernetesSecret "false"}}
7982
{{- with include "resc.mqAdditionalVolumeMounts" .}}
8083
{{- nindent 12 .}}
8184
{{- end }}
85+
{{ end }}
8286
securityContext:
8387
allowPrivilegeEscalation: false
8488
readOnlyRootFilesystem: false

deployment/kubernetes/charts/resc-redis/templates/redis_deployement.yaml

+8-6
Original file line numberDiff line numberDiff line change
@@ -37,12 +37,10 @@ spec:
3737
env:
3838
- name: MASTER
3939
value: "true"
40-
{{ if eq .Values.useKubernetesSecret "true"}}
41-
- name: REDIS_PASSWORD
42-
valueFrom:
43-
secretKeyRef:
44-
name: {{ .Values.global.appName }}-redis-secret
45-
key: REDIS_PASSWORD
40+
envFrom:
41+
{{ if eq .Values.useKubernetesSecret "true" }}
42+
- secretRef:
43+
name: {{ .Values.global.appName }}-redis-secret
4644
{{ end }}
4745
ports:
4846
- containerPort: {{ .Values.redis.config.port}}
@@ -55,9 +53,11 @@ spec:
5553
name: data
5654
- mountPath: /redis-master
5755
name: config
56+
{{ if eq .Values.useKubernetesSecret "false"}}
5857
{{- with include "resc.redisAdditionalVolumeMounts" .}}
5958
{{- nindent 8 .}}
6059
{{- end }}
60+
{{ end }}
6161
volumes:
6262
- name: data
6363
emptyDir: {}
@@ -67,8 +67,10 @@ spec:
6767
items:
6868
- key: redis-config
6969
path: redis.conf
70+
{{ if eq .Values.useKubernetesSecret "false"}}
7071
{{- with include "resc.redisAdditionalVolumes" .}}
7172
{{- nindent 8 .}}
7273
{{- end }}
74+
{{ end }}
7375

7476

deployment/kubernetes/charts/resc-vcs-scanner-secrets/templates/vcs_scanner_secrets_deployment.yaml

+4
Original file line numberDiff line numberDiff line change
@@ -57,9 +57,11 @@ spec:
5757
- name: config-volume
5858
mountPath: {{ .Values.config.vcs_instance_file_path }}
5959
subPath: vcs_instances_config.json
60+
{{ if eq .Values.useKubernetesSecret "false"}}
6061
{{- with include "resc.vcsScannerSecretsAdditionalVolumeMounts" .}}
6162
{{- nindent 12 .}}
6263
{{- end }}
64+
{{ end }}
6365
env:
6466
- name: GET_HOSTS_FROM
6567
value: dns
@@ -78,9 +80,11 @@ spec:
7880
- name: config-volume
7981
configMap:
8082
name: {{ .Values.global.appName }}-vcs-instances-config
83+
{{ if eq .Values.useKubernetesSecret "false"}}
8184
{{- with include "resc.vcsScannerSecretsAdditionalVolumes" .}}
8285
{{- nindent 8 .}}
8386
{{- end }}
87+
{{ end }}
8488
restartPolicy: {{ .Values.restartPolicy }}
8589
{{ if .Values.global.imagePullSecret }}
8690
imagePullSecrets:

deployment/kubernetes/charts/resc-vcs-scraper-projects/templates/vcs_scraper_projects_cron_job.yaml

+4
Original file line numberDiff line numberDiff line change
@@ -57,9 +57,11 @@ spec:
5757
- name: config-volume
5858
mountPath: {{ .Values.config.vcs_instance_file_path }}
5959
subPath: vcs_instances_config.json
60+
{{ if eq .Values.useKubernetesSecret "false"}}
6061
{{- with include "resc.vcsScraperProjectsAdditionalVolumeMounts" .}}
6162
{{- nindent 14 .}}
6263
{{- end }}
64+
{{ end }}
6365
env:
6466
- name: GET_HOSTS_FROM
6567
value: dns
@@ -78,9 +80,11 @@ spec:
7880
- name: config-volume
7981
configMap:
8082
name: {{ .Values.global.appName }}-vcs-instances-config
83+
{{ if eq .Values.useKubernetesSecret "false"}}
8184
{{- with include "resc.vcsScraperProjectsAdditionalVolumes" .}}
8285
{{- nindent 12 .}}
8386
{{- end }}
87+
{{ end }}
8488
restartPolicy: {{ .Values.restartPolicy }}
8589
{{ if .Values.global.imagePullSecret }}
8690
imagePullSecrets:

deployment/kubernetes/charts/resc-vcs-scraper-repositories/templates/vcs_scraper_repositories_deployment.yaml

+4
Original file line numberDiff line numberDiff line change
@@ -59,9 +59,11 @@ spec:
5959
- name: config-volume
6060
mountPath: {{ .Values.config.vcs_instance_file_path }}
6161
subPath: vcs_instances_config.json
62+
{{ if eq .Values.useKubernetesSecret "false"}}
6263
{{- with include "resc.vcsScraperRepositoriesAdditionalVolumeMounts" .}}
6364
{{- nindent 10 .}}
6465
{{- end }}
66+
{{ end }}
6567
env:
6668
- name: GET_HOSTS_FROM
6769
value: dns
@@ -84,9 +86,11 @@ spec:
8486
- name: config-volume
8587
configMap:
8688
name: {{ .Values.global.appName }}-vcs-instances-config
89+
{{ if eq .Values.useKubernetesSecret "false"}}
8790
{{- with include "resc.vcsScraperRepositoriesAdditionalVolumes" .}}
8891
{{- nindent 8 .}}
8992
{{- end }}
93+
{{ end }}
9094
restartPolicy: {{ .Values.restartPolicy }}
9195
{{ if .Values.global.imagePullSecret }}
9296
imagePullSecrets:

deployment/kubernetes/charts/resc-web-service-no-auth/values.yaml

+1
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ resc:
2727
dbPass:
2828
odbcDriver: "ODBC Driver 18 for SQL Server"
2929
dbDSN: "rescdb"
30+
redisPass:
3031
authRequired: "false"
3132
ssoConfig:
3233
ssoAccessTokenIssuerUrl: "notApplicable"

deployment/kubernetes/charts/resc-web-service/templates/web_service_secret.yaml

+3
Original file line numberDiff line numberDiff line change
@@ -11,4 +11,7 @@ data:
1111
{{ end }}
1212
{{ if and (eq .Values.useKubernetesSecret "true") (.Values.resc.config.dbPass) }}
1313
MSSQL_PASSWORD: "{{ .Values.resc.config.dbPass | b64enc }}"
14+
{{ end }}
15+
{{ if and (eq .Values.useKubernetesSecret "true") (.Values.resc.config.redisPass) }}
16+
REDIS_PASSWORD: "{{ .Values.resc.config.redisPass | b64enc }}"
1417
{{ end }}

deployment/kubernetes/charts/resc-web-service/values.yaml

+1
Original file line numberDiff line numberDiff line change
@@ -28,6 +28,7 @@ resc:
2828
dbPass:
2929
odbcDriver: "ODBC Driver 18 for SQL Server"
3030
dbDSN: "rescdb"
31+
redisPass:
3132
authRequired: "true"
3233
ssoConfig:
3334
ssoAccessTokenIssuerUrl: ""

deployment/kubernetes/example-values.yaml

+3-1
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,7 @@ resc-web-service:
6565
dbSchema: "master" # <enter database schema name here, default to master>
6666
dbUser: "sa" # <enter database username here, default to sa>
6767
dbPass: "Y0urStr0ngPassword" # <enter database password here, default to Y0urStr0ngPassword>
68+
redisPass: "Y0urStr0ngPassword" # <enter Redis password here for caching, default to Y0urStr0ngPassword>
6869
# To configure single sign on provide below values for ssoConfig attributes
6970
# These attributes will be used in the RESC API to validate access token
7071
ssoConfig:
@@ -85,6 +86,7 @@ resc-web-service-no-auth:
8586
dbSchema: "master" # <enter database schema name here, default to master>
8687
dbUser: "sa" # <enter database username here, default to sa>
8788
dbPass: "Y0urStr0ngPassword" # <enter database password here, default to Y0urStr0ngPassword>
89+
redisPass: "Y0urStr0ngPassword" # <enter Redis password here for caching, default to Y0urStr0ngPassword>
8890

8991
resc-database:
9092
hostOS: "windows" # possible values windows/linux
@@ -119,7 +121,7 @@ resc-redis:
119121
exposeToHostPort: 32379
120122
config:
121123
port: 6379
122-
password: "Y0urStr0ngPassword"
124+
password: "Y0urStr0ngPassword" # <enter Redis password here for caching, default to Y0urStr0ngPassword>
123125
resources:
124126
limits:
125127
cpu: 250m

deployment/kubernetes/templates/web_service_deployment.tpl

+4-7
Original file line numberDiff line numberDiff line change
@@ -48,13 +48,6 @@ spec:
4848
env:
4949
- name: GET_HOSTS_FROM
5050
value: dns
51-
{{ if eq .Values.useKubernetesSecret "true"}}
52-
- name: REDIS_PASSWORD
53-
valueFrom:
54-
secretKeyRef:
55-
name: {{ .Values.global.appName }}-redis-secret
56-
key: REDIS_PASSWORD
57-
{{ end }}
5851
envFrom:
5952
- configMapRef:
6053
name: {{ .Values.global.appName }}-web-service-config{{ .Values.nameSuffix }}
@@ -66,9 +59,11 @@ spec:
6659
- name: config-volume
6760
mountPath: /tmp/odbc.ini
6861
subPath: odbc.ini
62+
{{ if eq .Values.useKubernetesSecret "false"}}
6963
{{- with include "resc.rescWebserviceAdditionalVolumeMounts" .}}
7064
{{- nindent 12 .}}
7165
{{- end }}
66+
{{ end }}
7267
securityContext:
7368
allowPrivilegeEscalation: false
7469
readOnlyRootFilesystem: false
@@ -92,9 +87,11 @@ spec:
9287
- name: config-volume
9388
configMap:
9489
name: {{ .Values.global.appName }}-web-service-config{{ .Values.nameSuffix }}
90+
{{ if eq .Values.useKubernetesSecret "false"}}
9591
{{- with include "resc.rescWebserviceAdditionalVolumes" .}}
9692
{{- nindent 8 .}}
9793
{{- end }}
94+
{{ end }}
9895
{{ if .Values.global.imagePullSecret }}
9996
imagePullSecrets:
10097
- name: {{ .Values.global.imagePullSecret }}

deployment/resc-helm-wizard/src/resc_helm_wizard/config/example-values.yaml

+3-1
Original file line numberDiff line numberDiff line change
@@ -65,6 +65,7 @@ resc-web-service:
6565
dbSchema: "master" # <enter database schema name here, default to master>
6666
dbUser: "sa" # <enter database username here, default to sa>
6767
dbPass: "Y0urStr0ngPassword" # <enter database password here, default to Y0urStr0ngPassword>
68+
redisPass: "Y0urStr0ngPassword" # <enter Redis password here for caching, default to Y0urStr0ngPassword>
6869
# To configure single sign on provide below values for ssoConfig attributes
6970
# These attributes will be used in the RESC API to validate access token
7071
ssoConfig:
@@ -85,6 +86,7 @@ resc-web-service-no-auth:
8586
dbSchema: "master" # <enter database schema name here, default to master>
8687
dbUser: "sa" # <enter database username here, default to sa>
8788
dbPass: "Y0urStr0ngPassword" # <enter database password here, default to Y0urStr0ngPassword>
89+
redisPass: "Y0urStr0ngPassword" # <enter Redis password here for caching, default to Y0urStr0ngPassword>
8890

8991
resc-database:
9092
hostOS: "windows" # possible values windows/linux
@@ -119,7 +121,7 @@ resc-redis:
119121
exposeToHostPort: 32379
120122
config:
121123
port: 6379
122-
password: "Y0urStr0ngPassword"
124+
password: "Y0urStr0ngPassword" # <enter Redis password here for caching, default to Y0urStr0ngPassword>
123125
resources:
124126
limits:
125127
cpu: 250m

0 commit comments

Comments
 (0)