diff --git a/.github/readme.md b/.github/workflow-readme.md
similarity index 100%
rename from .github/readme.md
rename to .github/workflow-readme.md
diff --git a/.github/workflows/dev-cicd.yaml b/.github/workflows/dev-cicd.yaml
index 0cc2021b..9b30b606 100644
--- a/.github/workflows/dev-cicd.yaml
+++ b/.github/workflows/dev-cicd.yaml
@@ -1,6 +1,6 @@
## For each release, the value of workflow name, branches and PR_NUMBER need to be adjusted accordingly
-name: ITVR Dev release-1.21.0
+name: ITVR Dev release-1.22.0
on:
pull_request:
@@ -8,6 +8,12 @@ on:
paths:
- frontend/**
- backend/**
+ workflow_dispatch:
+ inputs:
+ pull_request:
+ description: 'Tracking pull request number'
+ required: true
+ default: 608
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
@@ -58,3 +64,20 @@ jobs:
openshift-server: ${{ secrets.OPENSHIFT_SERVER }}
openshift-token: ${{ secrets.OPENSHIFT_TOKEN }}
+ zap-frontend-baseline-scan:
+ runs-on: ubuntu-latest
+ needs: deploy-on-dev
+ steps:
+ - name: Frontend Baseline Scan
+ uses: zaproxy/action-baseline@v0.10.0
+ with:
+ target: 'https://itvr-dev.apps.silver.devops.gov.bc.ca'
+
+ zap-backend-baseline-scan:
+ runs-on: ubuntu-latest
+ needs: deploy-on-dev
+ steps:
+ - name: Backend Baseline Scan
+ uses: zaproxy/action-baseline@v0.10.0
+ with:
+ target: 'https://itvr-backend-dev.apps.silver.devops.gov.bc.ca'
\ No newline at end of file
diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml
index 595e22fa..55a528cf 100644
--- a/.github/workflows/release-build.yaml
+++ b/.github/workflows/release-build.yaml
@@ -1,4 +1,4 @@
-name: ITVR release-1.21.0
+name: ITVR release-1.22.0
on:
workflow_dispatch:
@@ -6,11 +6,11 @@ on:
pull_request:
description: 'Tracking pull request number'
required: true
- default: 590
+ default: 608
release_branch:
description: 'The name of the release branch'
required: true
- default: release-1.21.0
+ default: release-1.22.0
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
@@ -40,7 +40,7 @@ jobs:
uses: trstringer/manual-approval@v1.6.0
with:
secret: ${{ github.TOKEN }}
- approvers: AlexZorkin,emi-hi,tim738745,kuanfandevops,jig-patel,prv-proton,JulianForeman
+ approvers: emi-hi,tim738745,kuanfandevops,JulianForeman
minimum-approvals: 1
issue-title: "ITVR ${{ github.event.inputs.release_branch }} Test Deployment"
@@ -71,7 +71,7 @@ jobs:
uses: trstringer/manual-approval@v1.6.0
with:
secret: ${{ github.TOKEN }}
- approvers: AlexZorkin,emi-hi,tim738745,kuanfandevops,jig-patel,prv-proton,JulianForeman
+ approvers: emi-hi,tim738745,kuanfandevops,JulianForeman
minimum-approvals: 2
issue-title: "ITVR ${{ github.event.inputs.release_branch }} Prod Deployment"
diff --git a/.github/workflows/zap-baseline-scan.yaml b/.github/workflows/zap-baseline-scan.yaml
new file mode 100644
index 00000000..71fb56bd
--- /dev/null
+++ b/.github/workflows/zap-baseline-scan.yaml
@@ -0,0 +1,23 @@
+name: ZAP Baseline Scan
+on:
+ workflow_dispatch:
+ inputs:
+ envname:
+ description: 'dev or test'
+ required: true
+ default: dev
+jobs:
+
+ zap-baseline-scan:
+ runs-on: ubuntu-latest
+ steps:
+ - name: ZAP Baseline Scan on Frontend
+ uses: zaproxy/action-full-scan@v0.8.0
+ with:
+ target: "https://itvr-${{ github.event.inputs.envname }}.apps.silver.devops.gov.bc.ca"
+ issue_title: "ZAP ${{ github.event.inputs.envname }} Frontend Baseline Scan Report"
+ - name: ZAP Baseline Scan on Backend
+ uses: zaproxy/action-full-scan@v0.8.0
+ with:
+ target: 'https://itvr-backend-${{ github.event.inputs.envname }}.apps.silver.devops.gov.bc.ca'
+ issue_title: "ZAP ${{ github.event.inputs.envname }} Backend Baseline Scan Report"
\ No newline at end of file
diff --git a/.github/workflows/zap-full-scan.yaml b/.github/workflows/zap-full-scan.yaml
new file mode 100644
index 00000000..fba7db82
--- /dev/null
+++ b/.github/workflows/zap-full-scan.yaml
@@ -0,0 +1,32 @@
+name: ZAP Full Scan
+on:
+ workflow_dispatch:
+jobs:
+
+ approval-zap-full-scan:
+ name: Approve the ZAP Full Scan on Test URLS
+ runs-on: ubuntu-latest
+ timeout-minutes: 60
+ steps:
+ - name: Ask for approval for ITVR Prod deployment
+ uses: trstringer/manual-approval@v1.6.0
+ with:
+ secret: ${{ github.TOKEN }}
+ approvers: emi-hi,tim738745,kuanfandevops,JulianForeman
+ minimum-approvals: 1
+ issue-title: "Please communicate with Platform Team for Zap Full Scan for the ITVR Test URLs and approve this request"
+
+ zap-full-scan:
+ runs-on: ubuntu-latest
+ needs: approval-zap-full-scan
+ steps:
+ - name: ZAP Full Scan on Frontend
+ uses: zaproxy/action-full-scan@v0.8.0
+ with:
+ target: 'https://itvr-test.apps.silver.devops.gov.bc.ca'
+ issue_title: ZAP Test Frontend Baseline Scan Report
+ - name: ZAP Full Scan on Backend
+ uses: zaproxy/action-full-scan@v0.8.0
+ with:
+ target: 'https://itvr-backend-test.apps.silver.devops.gov.bc.ca'
+ issue_title: ZAP Test Backend Baseline Scan Report
\ No newline at end of file
diff --git a/README.md b/README.md
index 8503eaa2..623f14a8 100644
--- a/README.md
+++ b/README.md
@@ -1,8 +1,23 @@
[](https://sonarcloud.io/summary/new_code?id=bcgov_itvr)
-# itvr
+# ITVR
[](https://goelectricbc.gov.bc.ca/)
+## Project description
+
+The Clean Transportation Branch within the Ministry of Energy, Mines and Low Carbon Innovation instructed the build of the ITVR application. The instruction was to build an online portal to allow the public to apply for pre-approval, based on their income level, to receive a provincial rebate on the purchase of a new zero-emission vehicle. The application was launched to the public in August 2022.
+
+The provincial program providing rebates has been running for several years and was open to anyone regardless of income. Changes to means-test the program created the need for a pre-approval process where applicants identities are verified, and their incomes checked with Canada Revenue Agency (CRA).
+
+The program is managed by a government appointed delivery agent, the New Car Dealers Association (NCDA). They are responsible for working with car dealerships to provide the actual vehicle rebates to the public.
+
+The ITVR application consists of these main elements:
+* Online public application form, accessed using BCeID or Services Card app
+* Internal console for government to search, review and process applications
+* Ability to send/receive applicant data with CRA to check incomes (using FTP)
+* Ability to send/receive income approved applicant data with NCDA (using API)
+* Automated email functionality to provide applicants with information on their application
+
## System
ITVR system statuses and workflow can be [found documented in the flowchart](https://preview.uxpin.com/7f6104a26108508bb185e1b602677a5f91f49724#/pages/148655810/simulate/no-panels?mode=mf)
diff --git a/chart/itvr-apps/charts/itvr-backend/Chart.yaml b/chart/itvr-apps/charts/itvr-backend/Chart.yaml
index f157cf41..7605c948 100644
--- a/chart/itvr-apps/charts/itvr-backend/Chart.yaml
+++ b/chart/itvr-apps/charts/itvr-backend/Chart.yaml
@@ -15,7 +15,8 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.0
+# 1.0.1 update for autoscalling
+version: 1.0.1
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
diff --git a/chart/itvr-apps/charts/itvr-backend/templates/deploymentconfig.yaml b/chart/itvr-apps/charts/itvr-backend/templates/deploymentconfig.yaml
index a14f91d2..77211b81 100644
--- a/chart/itvr-apps/charts/itvr-backend/templates/deploymentconfig.yaml
+++ b/chart/itvr-apps/charts/itvr-backend/templates/deploymentconfig.yaml
@@ -81,16 +81,20 @@ spec:
- name: DB_ENGINE
value: django.db.backends.postgresql
- name: DB_HOST
- {{ if eq .Values.suffix "-test" }}
- value: itvr-spilo
+ {{ if eq .Values.suffix "-dev" }}
+ value: itvr-crunchy-dev-pgbouncer
+ {{ else if eq .Values.suffix "-test" }}
+ value: itvr-crunchy-test-pgbouncer
{{ else if eq .Values.suffix "-prod" }}
value: itvr-spilo
{{ else }}
value: itvr-spilo{{ .Values.suffix }}
{{ end }}
- name: DB_HOST_READONLY
- {{ if eq .Values.suffix "-test" }}
- value: itvr-spilo-readonly
+ {{ if eq .Values.suffix "-dev" }}
+ value: itvr-crunchy-dev-replicas
+ {{ else if eq .Values.suffix "-test" }}
+ value: itvr-crunchy-test-replicas
{{ else if eq .Values.suffix "-prod" }}
value: itvr-spilo-readonly
{{ else }}
diff --git a/chart/itvr-apps/charts/itvr-backend/templates/hpa.yaml b/chart/itvr-apps/charts/itvr-backend/templates/hpa.yaml
index 2f320c7a..6b85fc79 100644
--- a/chart/itvr-apps/charts/itvr-backend/templates/hpa.yaml
+++ b/chart/itvr-apps/charts/itvr-backend/templates/hpa.yaml
@@ -1,5 +1,5 @@
{{- if .Values.autoscaling.enabled }}
-apiVersion: autoscaling/v2beta2
+apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "itvr-backend.fullname" . }}
@@ -7,7 +7,7 @@ metadata:
{{- include "itvr-backend.labels" . | nindent 4 }}
spec:
scaleTargetRef:
- apiVersion: apps.openshift.io/v1
+ apiVersion: apps/v1
kind: DeploymentConfig
name: {{ include "itvr-backend.fullname" . }}
minReplicas: {{ .Values.autoscaling.minReplicas }}
diff --git a/chart/itvr-apps/charts/itvr-frontend/Chart.yaml b/chart/itvr-apps/charts/itvr-frontend/Chart.yaml
index 8e7b13f8..81294e66 100644
--- a/chart/itvr-apps/charts/itvr-frontend/Chart.yaml
+++ b/chart/itvr-apps/charts/itvr-frontend/Chart.yaml
@@ -15,7 +15,8 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.0.0
+# 1.0.1 update for autoscalling
+version: 1.0.1
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
diff --git a/chart/itvr-apps/charts/itvr-frontend/templates/hpa.yaml b/chart/itvr-apps/charts/itvr-frontend/templates/hpa.yaml
index cd9f5d67..8f82b729 100644
--- a/chart/itvr-apps/charts/itvr-frontend/templates/hpa.yaml
+++ b/chart/itvr-apps/charts/itvr-frontend/templates/hpa.yaml
@@ -1,5 +1,5 @@
{{- if .Values.autoscaling.enabled }}
-apiVersion: autoscaling/v2beta2
+apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: {{ include "itvr-frontend.fullname" . }}
@@ -7,7 +7,7 @@ metadata:
{{- include "itvr-frontend.labels" . | nindent 4 }}
spec:
scaleTargetRef:
- apiVersion: apps.openshift.io/v1
+ apiVersion: apps/v1
kind: DeploymentConfig
name: {{ include "itvr-frontend.fullname" . }}
minReplicas: {{ .Values.autoscaling.minReplicas }}
diff --git a/chart/itvr-apps/charts/itvr-task-queue/templates/deploymentconfig.yaml b/chart/itvr-apps/charts/itvr-task-queue/templates/deploymentconfig.yaml
index 06082d6e..aae212e7 100644
--- a/chart/itvr-apps/charts/itvr-task-queue/templates/deploymentconfig.yaml
+++ b/chart/itvr-apps/charts/itvr-task-queue/templates/deploymentconfig.yaml
@@ -44,16 +44,20 @@ spec:
- name: DB_ENGINE
value: django.db.backends.postgresql
- name: DB_HOST
- {{ if eq .Values.suffix "-test" }}
- value: itvr-spilo
+ {{ if eq .Values.suffix "-dev" }}
+ value: itvr-crunchy-dev-pgbouncer
+ {{ else if eq .Values.suffix "-test" }}
+ value: itvr-crunchy-test-pgbouncer
{{ else if eq .Values.suffix "-prod" }}
value: itvr-spilo
{{ else }}
value: itvr-spilo{{ .Values.suffix }}
{{ end }}
- name: DB_HOST_READONLY
- {{ if eq .Values.suffix "-test" }}
- value: itvr-spilo-readonly
+ {{ if eq .Values.suffix "-dev" }}
+ value: itvr-crunchy-dev-replicas
+ {{ else if eq .Values.suffix "-test" }}
+ value: itvr-crunchy-test-replicas
{{ else if eq .Values.suffix "-prod" }}
value: itvr-spilo-readonly
{{ else }}
diff --git a/chart/itvr-clamav/Chart.yaml b/chart/itvr-clamav/Chart.yaml
deleted file mode 100644
index 884cddd9..00000000
--- a/chart/itvr-clamav/Chart.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-apiVersion: v2
-name: itvr-clamav
-description: A Helm chart for Kubernetes
-
-# A chart can be either an 'application' or a 'library' chart.
-#
-# Application charts are a collection of templates that can be packaged into versioned archives
-# to be deployed.
-#
-# Library charts provide useful utilities or functions for the chart developer. They're included as
-# a dependency of application charts to inject those utilities and functions into the rendering
-# pipeline. Library charts do not define any templates and therefore cannot be deployed.
-type: application
-
-# This is the chart version. This version number should be incremented each time you make changes
-# to the chart and its templates, including the app version.
-# Versions are expected to follow Semantic Versioning (https://semver.org/)
-version: 1.2.0
-
-# This is the version number of the application being deployed. This version number should be
-# incremented each time you make changes to the application. Versions are not expected to
-# follow Semantic Versioning. They should reflect the version the application is using.
-# It is recommended to use it with quotes.
-appVersion: "1.105_base"
-
-## version history
-# initial version
-# version: 1.0.0 appVersion: "1.105_base"
-# add network policies
-# version: 1.1.0 appVersion: "1.105_base"
-# increase livenessProbe and readinessProbe initialDelaySeconds and failureThreshold
-# version: 1.2.0 appVersion: "1.105_base"
diff --git a/django/api/apps.py b/django/api/apps.py
index dcba4b19..f844f05b 100644
--- a/django/api/apps.py
+++ b/django/api/apps.py
@@ -15,12 +15,14 @@ def ready(self):
schedule_send_rebates_to_ncda,
schedule_get_ncda_redeemed_rebates,
schedule_expire_expired_applications,
+ schedule_send_expiry_emails,
)
if settings.RUN_JOBS and "qcluster" in sys.argv:
schedule_send_rebates_to_ncda()
schedule_get_ncda_redeemed_rebates()
schedule_expire_expired_applications()
+ schedule_send_expiry_emails()
class ITVRAdminConfig(AdminConfig):
diff --git a/django/api/scheduled_jobs.py b/django/api/scheduled_jobs.py
index 7caabeaa..4c4d5498 100644
--- a/django/api/scheduled_jobs.py
+++ b/django/api/scheduled_jobs.py
@@ -37,6 +37,7 @@ def schedule_expire_expired_applications():
schedule(
"api.tasks.expire_expired_applications",
50,
+ 15,
name="expire_expired_applications",
schedule_type="C",
cron="45 * * * *",
@@ -44,3 +45,17 @@ def schedule_expire_expired_applications():
)
except IntegrityError:
pass
+
+
+def schedule_send_expiry_emails():
+ try:
+ schedule(
+ "api.tasks.send_expiry_emails",
+ 14,
+ name="send_expiry_emails",
+ schedule_type="C",
+ cron="00 15 * * *",
+ q_options={"timeout": 1200, "ack_failure": True},
+ )
+ except IntegrityError:
+ pass
diff --git a/django/api/tasks.py b/django/api/tasks.py
index 4e7e83d1..965cc6e7 100644
--- a/django/api/tasks.py
+++ b/django/api/tasks.py
@@ -26,6 +26,7 @@
from django_q.tasks import async_task
from func_timeout import func_timeout, FunctionTimedOut
from django.db import transaction
+from django.db.models import Q
def get_email_service_token() -> str:
@@ -422,7 +423,7 @@ def send_expired(recipient_email, application_id):
You are receiving this email as it has been one year since you were approved for a Passenger Vehicle Rebate.
Your rebate approval has expired.
- If you want to purchase an EV and receive a rebate over the next year, you will need to apply for a new rebate approval.
+ You can reapply for another rebate approval 15 days from today. If you want to reapply within the next 15 days, please contact ZEVPrograms@gov.bc.ca
https://goelectricbc.gov.bc.ca/
@@ -443,6 +444,37 @@ def send_expired(recipient_email, application_id):
)
+def send_expiry_warning(recipient_email, application_id):
+ message = """\
+
+
+
+ This email was generated by the CleanBC Go Electric Passenger
+ Vehicle Rebate program application.
+
+ You are receiving this email as it has nearly been one year since you were approved for a Passenger Vehicle Rebate. Your rebate approval will expire in 2 weeks.
+
+ If you do not purchase an EV and receive a rebate within the next 2 weeks, you will need to apply for a new rebate approval on the program website:
+
+ https://goelectricbc.gov.bc.ca/
+
+ Please note that rebates are available until the program funds are exhausted.
+
+ Questions?
+
+ Please feel free to contact us at ZEVPrograms@gov.bc.ca
+
+
+ """
+ send_email(
+ recipient_email,
+ application_id,
+ message,
+ cc_list=[],
+ optional_subject=" – Will expire in 2 weeks",
+ )
+
+
def send_rebates_to_ncda(max_number_of_rebates=100):
def inner():
rebates = GoElectricRebate.objects.filter(ncda_id__isnull=True)[
@@ -516,7 +548,7 @@ def inner():
raise Exception
-def expire_expired_applications(max_number_of_rebates=50):
+def expire_expired_applications(max_number_of_rebates=50, days_offset=15):
expired_application_ids = []
@transaction.atomic
@@ -531,17 +563,12 @@ def expire_rebate(rebate):
rebate.delete()
delete_rebate(ncda_id)
try:
- async_task(
- "api.tasks.send_expired",
- application.email,
- application.id,
- )
expired_application_ids.append(application.id)
except Exception:
pass
def inner():
- threshold = timezone.now().date() - timedelta(days=2)
+ threshold = timezone.now().date() - timedelta(days=days_offset)
expired_rebates = (
GoElectricRebate.objects.filter(redeemed=False)
.filter(expiry_date__lte=threshold)
@@ -562,3 +589,42 @@ def inner():
except FunctionTimedOut:
print("expire applications job timed out")
raise Exception
+
+
+def send_expiry_emails(days_offset=14):
+ def inner():
+ expiry_email_application_ids = []
+ warning_email_application_ids = []
+ now_date = timezone.now().date()
+ future_date = now_date + timedelta(days=days_offset)
+ rebates = (
+ GoElectricRebate.objects.filter(redeemed=False)
+ .filter(Q(expiry_date__exact=now_date) | Q(expiry_date__exact=future_date))
+ .filter(application__status=GoElectricRebateApplication.Status.APPROVED)
+ )
+ for rebate in rebates:
+ application = rebate.application
+ expiry_date = rebate.expiry_date
+ if application:
+ if expiry_date == now_date:
+ async_task(
+ "api.tasks.send_expired",
+ application.email,
+ application.id,
+ )
+ expiry_email_application_ids.append(application.id)
+ elif expiry_date == future_date:
+ async_task(
+ "api.tasks.send_expiry_warning",
+ application.email,
+ application.id,
+ )
+ warning_email_application_ids.append(application.id)
+ print("expiry emails sent for: %s" % expiry_email_application_ids)
+ print("warning emails sent for: %s" % warning_email_application_ids)
+
+ try:
+ func_timeout(900, inner)
+ except FunctionTimedOut:
+ print("sending expiry emails job timed out")
+ raise Exception
diff --git a/frontend/Dockerfile-Openshift b/frontend/Dockerfile-Openshift
index 423725c1..8f10127a 100644
--- a/frontend/Dockerfile-Openshift
+++ b/frontend/Dockerfile-Openshift
@@ -1,5 +1,5 @@
# Stage 1: Use yarn to build the app
-FROM artifacts.developer.gov.bc.ca/docker-remote/node:16 as builder
+FROM artifacts.developer.gov.bc.ca/docker-remote/node:20-slim as builder
ENV NODE_ENV=production
WORKDIR /usr/src/app
COPY ./ ./
@@ -7,7 +7,7 @@ RUN npm install --production
RUN npm run build
# Stage 2: Copy the JS React SPA into the Nginx HTML directory
-FROM artifacts.developer.gov.bc.ca/docker-remote/bitnami/nginx:1.21.6
+FROM artifacts.developer.gov.bc.ca/docker-remote/bitnami/nginx:1.25.3
COPY ./nginx.conf /opt/bitnami/nginx/conf/
COPY --from=builder /usr/src/app/build /app
EXPOSE 8080
diff --git a/frontend/package.json b/frontend/package.json
index 29b518a7..db8d3d58 100644
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -1,6 +1,6 @@
{
"name": "frontend",
- "version": "1.21.0",
+ "version": "1.22.0",
"private": true,
"dependencies": {
"@date-io/date-fns": "^2.14.0",
diff --git a/openshift/templates/backend/Dockerfile-Backend-base b/openshift/templates/backend/Dockerfile-Backend-base
new file mode 100644
index 00000000..03e3ed02
--- /dev/null
+++ b/openshift/templates/backend/Dockerfile-Backend-base
@@ -0,0 +1,17 @@
+#FROM registry.access.redhat.com/ubi9/python-311:1-41
+FROM registry.redhat.io/ubi9/ubi:latest
+USER root
+
+RUN dnf search kernel-devel --showduplicates && \
+ dnf install -y kernel-devel
+
+# Install some packages and clean up
+RUN INSTALL_PKGS="libnghttp2.x86_64" && \
+ dnf repolist --disablerepo='*' && \
+ dnf upgrade -y --setopt=tsflags=nodocs $INSTALL_PKGS && \
+ rpm -V $INSTALL_PKGS && \
+ dnf -y clean all --enablerepo='*'
+
+RUN dnf list | grep libnghttp2
+
+USER 1001
\ No newline at end of file
diff --git a/openshift/templates/backend/backend-baseimage-bc.yaml b/openshift/templates/backend/backend-baseimage-bc.yaml
new file mode 100644
index 00000000..f836318c
--- /dev/null
+++ b/openshift/templates/backend/backend-baseimage-bc.yaml
@@ -0,0 +1,50 @@
+
+apiVersion: build.openshift.io/v1
+ kind: BuildConfig
+ metadata:
+ annotations:
+ description: Defines how to build the application
+ creationTimestamp: null
+ name: itvr-backend-base
+ spec:
+ nodeSelector: null
+ output:
+ to:
+ kind: ImageStreamTag
+ name: backend-base:ubi9-python-311-1-41
+ postCommit: {}
+ resources:
+ limits:
+ cpu: 1000m
+ memory: 2Gi
+ requests:
+ cpu: 500m
+ memory: 1Gi
+ runPolicy: SerialLatestOnly
+ source:
+ contextDir: openshift/templates/backend
+ git:
+ uri: https://github.com/bcgov/itvr.git
+ ref: release-1.22.0
+ type: Git
+ strategy:
+ dockerStrategy:
+ dockerfilePath: ./Dockerfile-Backend-base
+ env:
+ - name: ARTIFACTORY_USER
+ valueFrom:
+ secretKeyRef:
+ name: artifacts-default-pwpgbz
+ key: username
+ - name: ARTIFACTORY_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: artifacts-default-pwpgbz
+ key: password
+ type: Docker
+ triggers:
+ - imageChange: {}
+ type: ImageChange
+ - type: ConfigChange
+ status:
+ lastVersion: 0
\ No newline at end of file
diff --git a/openshift/templates/backend/backend-bc.yaml b/openshift/templates/backend/backend-bc.yaml
index 67b389ed..ee0c62e9 100644
--- a/openshift/templates/backend/backend-bc.yaml
+++ b/openshift/templates/backend/backend-bc.yaml
@@ -84,7 +84,7 @@ objects:
value: 'true'
from:
kind: ImageStreamTag
- name: python-39:1-18.1634036280
+ name: python-311:1-41
forcePull: true
noCache: true
type: Source
diff --git a/openshift/templates/backup-container-2.6.1/cronjob.md b/openshift/templates/backup-container-2.6.1/cronjob.md
index 8d52ed81..d8dac5e4 100644
--- a/openshift/templates/backup-container-2.6.1/cronjob.md
+++ b/openshift/templates/backup-container-2.6.1/cronjob.md
@@ -8,7 +8,7 @@ JOB_NAME=itvr-db-backup \
JOB_PERSISTENT_STORAGE_NAME=backup \
SCHEDULE="00 08,20 * * *" \
TAG_NAME=2.6.1 \
-DATABASE_SERVICE_NAME=itvr-spilo-readonly \
+DATABASE_SERVICE_NAME=itvr-crunchy-[env]-replicas \
DATABASE_DEFAULT_PORT=5432 \
DATABASE_NAME=itvr \
DATABASE_DEPLOYMENT_NAME=itvr-patroni-app \
diff --git a/openshift/templates/clamav/Dockerfile b/openshift/templates/clamav/Dockerfile
index 43d1d6bd..a7adb08c 100644
--- a/openshift/templates/clamav/Dockerfile
+++ b/openshift/templates/clamav/Dockerfile
@@ -1,4 +1,4 @@
-FROM artifacts.developer.gov.bc.ca/docker-remote/clamav/clamav:0.105_base
+FROM artifacts.developer.gov.bc.ca/docker-remote/clamav/clamav:1.2_base
RUN mkdir /run/clamav && \
chown clamav:clamav /run/clamav && \
chmod 750 /run/clamav
diff --git a/openshift/templates/clamav/clamav-bc.yaml b/openshift/templates/clamav/clamav-bc.yaml
index 01d66f68..ca7ef54d 100644
--- a/openshift/templates/clamav/clamav-bc.yaml
+++ b/openshift/templates/clamav/clamav-bc.yaml
@@ -12,7 +12,7 @@ parameters:
- name: GIT_REF
displayName:
description: itvr branch name of the pr
- value: clamav-1.3.0
+ value: release-1.22.0
required: true
objects:
- apiVersion: image.openshift.io/v1
@@ -40,7 +40,7 @@ objects:
output:
to:
kind: ImageStreamTag
- name: itvr-clamav:0.105_base
+ name: itvr-clamav:1.2_base
resources:
limits:
cpu: 1500m
diff --git a/openshift/templates/task-queue/task-queue-bc.yaml b/openshift/templates/task-queue/task-queue-bc.yaml
index c40e15e6..f89a7685 100644
--- a/openshift/templates/task-queue/task-queue-bc.yaml
+++ b/openshift/templates/task-queue/task-queue-bc.yaml
@@ -86,7 +86,7 @@ objects:
value: 'true'
from:
kind: ImageStreamTag
- name: python-39:1-18.1634036280
+ name: python-311:1-41
forcePull: true
noCache: true
type: Source