Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* #58 fix: changed keyUsage to nonRepudiation, digitalSignature, keyEncipherment (#59) * #55 Application overriding introduced * #54 Remove reference to other projects * #55 Implement directory merge to build images * #55 Use merge strategy * #55 Instantiate docker client only on run * #55 Fix merging * #55 Remove / from registry in helm chart * #55 Fix ingress for domain * #55 Fix auto-gatekeeper * #55 Fix dpaths typo in directorymerge operation * #55 Fix dpaths typo in directorymerge operation * #55 Debug CF pipeline * #55 Test if CF is caching docker layers * #54 Allow private keys as build-args * #55 Polish PR * #55 Polish PR Co-authored-by: rodriguez-facundo <[email protected]> Co-authored-by: Filippo Ledda <[email protected]> * chore: added application specific secrets to deploy/values.yaml and cloudharness utilities e.g. config harness: ... secrets: - name: secret_1 value: value_1 - name: secret_2 value: value_2 ... e.g. usage from cloudharness.utils.secrets import get_secret value_1 = get_secret("secret_1") print(f"Secret 1 value: {value_1}" * #62 Enable workflow tasks to mount an existing PVC (merge PR #63) * #63 chore: add zip extract to download task and use the default CH base image so all CH tools are present in the container * #62 chore: enable mounting existing PVC in an argo workflow * #62 fix: remove debug print() statement * #61 chore: rework so application secrets need to be created on deployment and not on install * #64 Bind gatekeeper to port 80, update docker image for gatekeeper * Workflow fixes * Default registry removed * #66 fix: added argo-service to proxy to the argo ui and changed the argo port * #66 chore: removed extra argo service entry and fixed argo values.yaml * #67 fix: issue with events not working * #68 fix: issue sentry handler not connecting to common rest api * #69 chore: added EventClient.async_consume for async consuming events from a topic * chore: changed loglevel to INFO * #69 fix: fix issues, added more robust exception handling, added new image notify-queue for doing queue notification * #70 SSL redirect option added * #71 fix: replace double or more trialing slashes for registry to only one slash * #71 fix: replace double or more trialing slashes for registry to only one slash * Improved deploy robustness on missing applications * #73 fix: add extra try except and sleep(10) to the thread when the kafka client is disconnected * #78 Add option to disable tls (#79) * #78 option to disable tls added * #78 add tls option to accounts configuration * #76 chore: added create kafka cluster on init * Feature/78 (#81) * #78 option to disable tls added * #78 revert unrelated change * #78 add tls option to accounts configuration * #78 Fix no-http with jupyterhub * #78 fix set auto gatekeeper secure cookie to false if tls is disabled * Fix letsencrypt error * fix letsencrypt * fix letsencrypt * #83 removed default reference to accounts application (#84) * #82 chore: add uri role mapping for auto gk pods to (un)secure uri paths * #86: added namespace to letsencrypt issuer name * #86: removed doulbe - from ClusterIssuer name letsencrypt * #88 add namespace to cluster default zookeeper hosts (#89) * #90 make ingress listen to the naked domain * #91 chore: added third parameter (folder) to the download extract task (#92) * #94 chore: changed ClusterRole to Cluster and added namespace * #100 fix: issue with filtering on getting applications by boolean filter True/False (#101) * Feature/96 Support multiple paths in codefresh generate script (#98) * #96 Support added to multiple directory in codefresh generator * #102 chore: add get Keycloak user, group and users support to CH (#103) * #102 chore: add get Keycloak user, group and users support to CH * #102 fix: added missing HOST variable * #102 chore: added get_current_user to get the current logged in user * #97 New directory merge implementation (#104) * #97 Directory merge do not change current deployment anymore * #97 Fix build with merge * #97 Fix build/codefresh with merge * #97 Add create merge directory if does not exist * #97 Merge copy preserving file attributes for better caching * #97 Fix build include regression * #105 chore: reworked keycloak client and added members to get_groups * #105 fix: replaced ifn credentials/url by mnp credentials/url * #105 chore: made get group and get admin client publicable * #105 chore: added python-keycloak==0.22.0 to setup requirements * #105 chore: reworked AuthClient to to use instance functions instead of static, added user has client role tests * #105 fix: replaced wrong values for default realm, host and user in CH keycloak client * #105 chore: some additions and bugfixes to CH keycloak library * Feature/110 (#112) * #110 Copy deployment-configuration with merge * #111 run codefresh generation with harness-deployment * Fix build parameter * fix: replace .get[...] by .get(...) * #113 chore: add keycloak create client and client role to ch common python lib * Version update * #115 chore: add/update/delete kc user attributes * #115 fix: removed try except for add, update and delete user attributes * #115 chore: add get users for client with a specific role * build(deps): Bump urllib3 in /libraries/cloudharness-common Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.24.1 to 1.24.2. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst) - [Commits](urllib3/urllib3@1.24.1...1.24.2) Signed-off-by: dependabot[bot] <[email protected]> * build(deps): Bump cryptography in /libraries/cloudharness-common Bumps [cryptography](https://github.com/pyca/cryptography) from 2.6.1 to 3.2. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst) - [Commits](pyca/cryptography@2.6.1...3.2) Signed-off-by: dependabot[bot] <[email protected]> * chore: added query parameter to keycloak get_users * #122 fix: point Louketo image to gcr.io/metacellllc/louketo-proxy:1.0.0 because of EOL Louketo * #124 fix: removed non-existing scope vpn-user from auto gatekeeper * #126 chore: upgrade to keycloak 11 * #128 fix: add missing pyjwt package dependency * hotfix: kafka NEEDS clusterroles because it needs access to the nodes * hotfix: fixed missing eventclient exception * hotfix: fix issue with missing self. for getting the consumer * hotfix: stop events threads on sig int * hotfix: fixed issue missing domain postfix for hostname * hotfix fixes issue connecting to kc outside the kubernetes cluster (eg for development) * hotfix: add namespace to the kafka clusterrole naming node-reader * hotfix fix for duplicate kafka-node-reader adding namespace as prefix * hotfix fix for duplicate kafka-node-reader adding namespace as prefix * #109 codefresh dev and production deployment generation implemented (#140) * #143 chore: reworked the keycloak refresh token usage (#144) * hotfix: fix to reconnect when authclient has no session * #131 start refactoring application generation * #135 chore: mongodb auto database implementation * #135 chore: add auto database postgresql support * #135 chore: paramterized the database images * #137 chore: optimalizations of helm template * #135 chore: add neo4j support * #135 chore: updated comment about supported database types * Feature/145 fix new deployment (#147) * #141 argo added as part of the installation * #141 argo gatekeeper enabled * #141 argo service accounts renamed to avoid cluster name clashes * #145 Fix deployment issues * #145 fix deployment overriding * #145 adjust quotes for codefresh variables * adjust quotes for codefresh variables * adjust quotes for codefresh variables * Exclude useless paths from build * Fix push step * Fix push step * Fix push step * Fix push step * Add approval stage on prod pipeline * Fix use build id in deployment creation * Fix deployment creation order * Fix deployment creation order * Remove cluster role(bindings) * #141 add argo chart * #23 revert cluster role on argo * Upgrade helm version on codefresh * #141 revert argo roles * Fix prod deploy * Fix prod deploy * #141 rollback argo * Update chart version * Fix publish registry url * #145 fix: reverted change Role and RoleBinding to ClusterRole and ClusterRoleBinding * #145 update argo version to fix issue behind gatekeeper * #241 Fix codefresh prod step override issue * #145 git tag step fixed * #241 git tag step fixed Co-authored-by: Zoran Sinnema <[email protected]> * #131 start refactoring application generation * #131 backend application template-based creation added * #131 backend application with unicorn * #131 updated samples application with gunicorn * Logging errors fixed * #131 samples application missing files * Feature/145: new deployment and argo fixes (#148) * #141 argo added as part of the installation * #141 argo gatekeeper enabled * #141 argo service accounts renamed to avoid cluster name clashes * #145 Fix deployment issues * #145 fix deployment overriding * #145 adjust quotes for codefresh variables * adjust quotes for codefresh variables * adjust quotes for codefresh variables * Exclude useless paths from build * Fix push step * Add approval stage on prod pipeline * Fix use build id in deployment creation * Fix deployment creation order * Fix deployment creation order * Remove cluster role(bindings) * #141 add argo chart * #23 revert cluster role on argo * Upgrade helm version on codefresh * #141 revert argo roles * Fix prod deploy * Fix prod deploy * #141 rollback argo * Update chart version * Fix publish registry url * #145 fix: reverted change Role and RoleBinding to ClusterRole and ClusterRoleBinding * #145 update argo version to fix issue behind gatekeeper * #241 Fix codefresh prod step override issue * #145 git tag step fixed * #241 git tag step fixed * git tag step fixed * #145 argo cluster roles clashes fixed Co-authored-by: Zoran Sinnema <[email protected]> * #131 samples application backend + frontend * #131 samples application backend + frontend * #131 Webapp base images * #131 Webapp application generation logic and templates * #131 Webapp application generation fixes * #131 Sample application new files * #131 Database application generation * Add cluster initialization script * Move client library * #131 improve interactive generation * fix base images * hotfix: changed the admin user name from mnp to admin * Temporarily revert ingress proxy * Workflows refactoring * #149 chore: implement extra paths for proxies to other services * #131 namespaced argo instance * Reduce minimum applications requests * Fix application retrieval * Reduce minimum applications requests * #132 samples api link * cleaning useless files * Improve extract-download chmod * Improve logging * #132 small improvement on application generation * #154 PR fixes * #72 Deployment dependencies implemented * #72 Fix deployment dependency templates * Web application scaffolding (#154) * #131 start refactoring application generation * #131 backend application template-based creation added * #131 backend application with gunicorn * #131 updated samples application with gunicorn * #132 Logging errors fixed * #131 samples application missing files * #131 samples application backend + frontend * #131 Webapp base images * #131 Webapp application generation logic and templates * #131 Sample application new files * #131 Database application generation * #132 Add cluster initialization script * #132 Move client library * #131 improve interactive generation * #132 fix base images * #132 Temporarily revert ingress proxy * #132 Workflows refactoring * #131 namespaced argo instance * #132 Reduce minimum applications requests * #132 Fix application retrieval * #132 Reduce minimum applications requests * #132 samples api link * #132 cleaning useless files * #132 Improve extract-download chmod * #132 Improve logging * #132 small improvement on application generation * #154 PR fixes * #149 chore: PR comment fix, added [] to the use_services * #159 fix main ingress assignment (#160) * #159 fix main ingress assignment * #159 set accounts as the main application * #159 Fix ingress control condition * #159 Fix ingress control condition * #159 Fix ingress control condition * hotfix: fixes ch utilities setup missing harness-deployment script, update README.md reflecting the fix * #136 Base environment specific variables implementation (#163) * #136 Environment specific values implemented * #136 Environment specific values on codefresh templates * #76 fix codefresh build dependencies * Fix -dtls parameter in deployment * #157 Add template for postgres backup deployment * #157 Run postgres backup pod as postgres user * #157 Add PVC for postgres backups * Fix commands in README * #157 Set resources of db backup by values.yaml * #166 add user roles to the single and all user(s) getters * #137 WIP: Example for CronJob DB backup * Use Kubernetes CronJob * Use DB specific backup tool * Compress and store as single on backup volume * Missing command to cleanup all backups older than X days if mor than Y backups are present * #155 Add liveness and readiness probe * #166 changes requested per PR * #166 changes as per PR review * #157 Move backup switch and schedule to global level * #157 Define separate DB/backup yaml files * #137 Add cleanup logic to mongo backup script * Use multiline strings with "|" and "heredoc" functionality to pass complete script as input * #157 Configure Postgres backup as CronJob * #137 Adapt retention logic of postgres backup to mongo * #137 Extract backup script to separate files * Use .Files object to inject backup.sh * #137 #157 Move backup options to global level * Except for resources, since we might want to configure this depending on the DB and depending on the data size * #137 Cleanup script * #171 Fix readinessProbe config (#172) * #157 #137 Move backup resources to global level * #137 Improve backup bash script * #176 chore: add a more elegant way to create topics, don't raise errors in case a topic exists * #168 chore: implement external smtp server and remove postfix from repo also some code cleanup (#174) * #168 chore: implement external smtp server and remove postfix from repo also some code cleanup * #168 chore: added global sentry dsn support to common * #168 fix: fixes issue with sentry redis deployment * #176 fix: removed obsolete return * #176 chore: update event client topic error handling * #176 chore: optimized topic creation * #178 chore: add DOMAIN as sentry environment (#179) * hotfix: add max version <2 to pyjwt, we don't support v2 * #181 Improvements to template loading and overriding (#182) * Restored broken legacy values setting * #134 Auto-generate docs with helm-docs * Add instructions to README * Annotate values.yaml with comments * Add generated docs file * Fix tls secret name (#184) * Remove dist folder exclusion * chore: set basic format for logger * Optional tagging on stage/production * Optional tagging on stage/production (#185) * Optional tagging on stage/production * Useless codefresh variable removed * REPO_TOKEN conditional added * Feature/optional tagging (#187) * Optional tagging on stage/production * Useless codefresh variable removed * REPO_TOKEN conditional added * #186 Don't require TLS in Keycloak if TLS is deactivated * Small fix on workflows api * #190 refactor auth api (#193) * #190 small hotfix * #164 Set Python module name in Dockerfile * #164 Restrict application name by regex * #164 Restrict application name by regex * Namespace assignment hotfix * hotfix: fixed AttributeError: 'dict' object has no attribute 'user' on CH auth keycloak * hotfix: added missing /auth/ to SERVER_URL for keycloak client * hotfix namespace parametrization in helm chart * hotfix registry default specification on codefresh build added * hotfix: fix for ingress warning/error message when not using http/tls * #197 Add first draft of resource map for auto deployments * chore: added accounts auth config to common * hotfix: fixes KeyError when TLS is not present * #200 Add command and args specification on auto deployment (#201) * #197 Use subPath and set mount to readOnly * We decided to use subPath since it's sufficient for pods to be restarted in order to receive configmap changes and to enable us to inject configuration files inside specific directories actively used by the application (e.g. Nginx config directory) * Add yaml example * #198 Migrate accounts app to cloudharness template * #198 Resolve & cleanup todos * #203 Add target port for auto-services (#204) * #205 fix: broken build ch base image, added installation of rust and cargo for building cryptography 3.4.5 on linux * #198 Cleanup attributes in accounts values.yaml * #208 adding auth to SERVER_URL (#209) * #152 Replace deprecated TTLSecondsAfterFinished with ttlStrategy * #152 Fix PEP 8 violations * #211 Improve build error messaging (#212) * #152 Cleanup test_workflow * #152 Fix broken workflow example * cloudharness library was used without being available. Use cloudharness-base image to make it available * #218 fix: fixes issue with conflicting jwt and pyjwt * #217 chore: migrated creation of events to default ch way * Update values.yaml * Add user and pw attribute back * #207 Convert Argo workflow to str * #196 Remove duplicated copy * #224 fix: increased resource (limits) of keycloak/accounts * Fix values overriding - gatekeeper discovery url (#227) * Feature/fix values override (#228) * Fix values overriding - gatekeeper discovery url * Fix values overriding - gatekeeper discovery url * Feature/199 (#229) * #192 Update volumemanager * #192 Update workflows to use gunicorn * #192 Update common application to use gunicorn * #192 Reduce cpu resource request * #199 #17 add auto config: skaffold and vscode debug * #192 Clean Dockerfile * #192 Remove unneeded routes * #199 Fix value names in skaffold generation * #199 #192 refactor application creation * #199 #192 refactor application creation * #199 Added Skaffold docs * #199 Update gitignore * #199 Update application generator templates * #199 Update flask applications post refactoring * Fix helm overriding with hyphens * #199 update volumemanager Dockerfile * #199 remove setup.py from default .dockerignore * #199 skaffold support improved. Jupyterhub fixes * #199 handle task images with Skaffold * #199 #229 PR adjustments * #199 fix configuration passing * #199 chore: remove sentry as dependency from common Co-authored-by: Lucas Rebscher <[email protected]> Co-authored-by: Zoran Sinnema <[email protected]> * Feature/233 (#236) * #233 Fix template merging regression * #233 Unit tests and small fixing * #233 Unit tests tox environment * #233 fix test * #233 add badge to prs * #233 improve helm tests * #233 fix default value assignment * #233 fix helm values overriding bug * #226 chore: accounts set max heap size * #226 chore: set max heapsize to max mem - 12.5% * #242 adding userGroups and realmRoles to members * Feature/234 (#238) * #233 Fix template merging regression * #233 Unit tests and small fixing * #233 Unit tests tox environment * #233 fix test * #233 add badge to prs * #233 improve helm tests * #233 fix default value assignment * #233 fix helm values overriding bug * #234 set retain reclaim policy to databases * #234 Change default backup schedule to 5 minutes * #234 Remove storage class from deployment * #234 revert database volume claim * #234 add affinity to db pods * Version update Co-authored-by: Zoran Sinnema <[email protected]> Co-authored-by: Facu <[email protected]> Co-authored-by: rodriguez-facundo <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Lucas Rebscher <[email protected]> Co-authored-by: Dario Del Piano <[email protected]> Co-authored-by: Dario <[email protected]> Co-authored-by: Lucas Rebscher <[email protected]> Co-authored-by: Lucas Rebscher <[email protected]>
- Loading branch information
10 people
authored
Mar 1, 2021
1 parent
28b217d
commit 197e20f