Simplification

Author: PYLochou

.secrets.baseline

@@ -3,7 +3,7 @@
     "files": "^.secrets.baseline$",
     "lines": null
   },
-  "generated_at": "2024-11-12T16:31:10Z",
+  "generated_at": "2024-11-13T08:35:31Z",
   "plugins_used": [
     {
       "name": "AWSKeyDetector"
@@ -292,15 +292,15 @@
         "hashed_secret": "d033e22ae348aeb5660fc2140aec35850c4da997",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 104,
+        "line_number": 113,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "c94cfbe098fb5c2eedde2bb22c78fe2cd7e9a0e8",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 162,
+        "line_number": 171,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1312,15 +1312,15 @@
         "hashed_secret": "dc081999b19ee322ee45e3d4451246b7c449db0a",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 142,
+        "line_number": 143,
         "type": "Secret Keyword",
         "verified_result": null
       },
       {
         "hashed_secret": "5a2ea68e9ea943ea31948fe51388c798e13346a9",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 189,
+        "line_number": 185,
         "type": "Secret Keyword",
         "verified_result": null
       }
@@ -1335,7 +1335,7 @@
         "verified_result": null
       },
       {
-        "hashed_secret": "8ce7feb4d1c89d5611541bafa8f7ea83a4039665",
+        "hashed_secret": "e6a8430b6dc3747f44d258a127b11f4705d9ee01",
         "is_secret": false,
         "is_verified": false,
         "line_number": 20,
@@ -1348,7 +1348,7 @@
         "hashed_secret": "b11974a9da0d56698df935ab86e19b127804d6d4",
         "is_secret": false,
         "is_verified": false,
-        "line_number": 71,
+        "line_number": 72,
         "type": "Secret Keyword",
         "verified_result": null
       }

platform/gcloud/README.md

@@ -119,8 +119,8 @@ Regions and zones (used below) can be listed respectively with `gcloud compute r
   ```
 
 > [!NOTE]
-  > You can also retrieve the command line to configure `kubectl` from the Google Cloud Console using the **Kubernetes Engine** > **Clusters** panel and clicking **Connect** on the dedicated cluster.
-  > ![Connection](images/connection.png)
+> You can also retrieve the command line to configure `kubectl` from the Google Cloud Console using the **Kubernetes Engine** > **Clusters** panel and clicking **Connect** on the dedicated cluster.
+> ![Connection](images/connection.png)
 
 - Check your environment
 
@@ -138,36 +138,32 @@ We will use the Google Cloud Platform console to create the database instance.
 
 - Go to the [SQL context](https://console.cloud.google.com/sql), and then click the **CREATE INSTANCE** button
 - Click **Choose PostgreSQL**
+  - Database version: `PostgreSQL 15`
   - Instance ID: ``<YourInstanceName>``
   - Password: ``<PASSWORD>`` - Take note of this password.
-  - Database version: `PostgreSQL 15`
   - Region: ``<REGION>`` (must be the same as the cluster for the communication to be optimal between the database and the ODM instance)
-  - Keep **Multiple zones** for Zonal availability to the highest availability
+  - Eventually select **Multiple zones** for Zonal availability for redundancy
   - Expand **Show customization option** and expand **Connections**
     - As *Public IP* is selected by default, in Authorized networks, click the **ADD NETWORK** button, put a name and add *0.0.0.0/0* for Network, then click **DONE**.
       > NOTE: It is not recommended to use a public IP. In a production environment, you should use a private IP.
 - Click **CREATE INSTANCE**
 
 After the database instance is created, you can drill on the SQL instance overview to retrieve needed information to connect to this instance, like the IP address and the connection name. Take note of the **Public IP address**.
 
-<img width="1000" height="630" src='./images/database_overview.png'/>
-
-> NOTE: A default *postgres* database is created with a default *postgres* user. You can change the password of the postgres user in the **Users** panel by selecting the *postgres* user, and then using the **Change password** menu:
-> <img width="1000" height="360" src='./images/database_changepassword.png'/>
+![Database overview](images/database_overview.png)
 
 #### b. Create the database secret for Google Cloud SQL PostgreSQL
 
 To secure access to the database, you must create a secret that encrypts the database user and password before you install the Helm release.
 
-```
-kubectl create secret generic <ODM_DB_SECRET> \
-  --from-literal=db-user=<USERNAME> \
-  --from-literal=db-password=<PASSWORD> 
+```shell
+kubectl create secret generic odmdbsecret \
+  --from-literal=db-user=postgres \
+  --from-literal=db-password=<PASSWORD>
 ```
 
 Where:
-- `<ODM_DB_SECRET>` is the secret name
-- `<USERNAME>` is the database username (default is *postgres*)
+
 - `<PASSWORD>` is the database password (PASSWORD set during the PostgreSQL instance creation above)
 
 ### 3. Prepare your environment for the ODM installation (10 min)
@@ -180,39 +176,39 @@ To get access to the ODM material, you need an IBM entitlement key to pull the i
 
 - In the Container software library tile, verify your entitlement on the **View library** page, and then go to **Get entitlement key** to retrieve the key.
 
-#### b. Create a pull secret by running a kubectl create secret command.
+#### b. Create a pull secret by running a kubectl create secret command
 
-```
-kubectl create secret docker-registry <REGISTRY_SECRET> \
+```shell
+kubectl create secret docker-registry registrysecret \
         --docker-server=cp.icr.io \
         --docker-username=cp \
-        --docker-password="<API_KEY_GENERATED>" \
+        --docker-password='<API_KEY_GENERATED>' \
         --docker-email=<USER_EMAIL>
 ```
 
 Where:
 
-* `<REGISTRY_SECRET>` is the secret name.
-* `<API_KEY_GENERATED>` is the entitlement key from the previous step. Make sure you enclose the key in double-quotes.
-* `<USER_EMAIL>` is the email address associated with your IBMid.
+- `<API_KEY_GENERATED>` is the entitlement key from the previous step. Make sure you enclose the key in quotes.
+- `<USER_EMAIL>` is the email address associated with your IBMid.
 
-> NOTE:  The `cp.icr.io` value for the docker-server parameter is the only registry domain name that contains the images. You must set the docker-username to `cp` to use an entitlement key as docker-password.
+> [!NOTE]
+> The `cp.icr.io` value for the docker-server parameter is the only registry domain name that contains the images. You must set the docker-username to `cp` to use an entitlement key as docker-password.
 
-Take note of the secret name so that you can set it for the *image.pullSecrets* parameter when you run a helm install command of your containers.  The *image.repository* parameter will later be set to `cp.icr.io/cp/cp4a/odm`.
+The *image.repository* parameter will later be set to `cp.icr.io/cp/cp4a/odm`.
 
 #### c. Add the public IBM Helm charts repository
 
-```
+```shell
 helm repo add ibm-helm https://raw.githubusercontent.com/IBM/charts/master/repo/ibm-helm
 helm repo update
 ```
 
 #### d. Check you can access ODM charts
 
-```
+```shell
 helm search repo ibm-odm-prod
-NAME                  	CHART VERSION   APP VERSION     DESCRIPTION
-ibm-helm/ibm-odm-prod	24.0.0          9.0.0.0        IBM Operational Decision Manager
+NAME                  CHART VERSION   APP VERSION     DESCRIPTION
+ibm-helm/ibm-odm-prod 24.1.0          9.0.0.1         IBM Operational Decision Manager
 ```
 
 ### 4. Manage a digital certificate (2 min)
@@ -245,8 +241,8 @@ It automatically creates an HTTPS GKE load balancer. We will disable the ODM int
 
 - Get the [gcp-values.yaml](./gcp-values.yaml) file and replace the following keys:
 
-  - `<REGISTRY_SECRET>`: the name of the secret containing the IBM Entitled Registry key
-  - `<ODM_DB_SECRET>`: the name of the secret containing the database user and password
+  - `registrysecret`: the name of the secret containing the IBM Entitled Registry key
+  - `odmdbsecret`: the name of the secret containing the database user and password
   - `<DB_ENDPOINT>`: the database IP
   - `<DATABASE_NAME>`: the database name (default is postgres)
 

platform/gcloud/gcp-values.yaml

@@ -4,7 +4,7 @@ usersPassword: "odmAdmin"
 image:
   repository: cp.icr.io/cp/cp4a/odm
   pullSecrets:
-  - <REGISTRY_SECRET>
+  - registrysecret
 
 service:
   enableTLS: false
@@ -17,11 +17,11 @@ service:
 
 externalDatabase:
   type: postgres
-  secretCredentials: <ODM_DB_SECRET>
+  secretCredentials: odmdbsecret
   port: 5432
   serverName: <DB_ENDPOINT>
   databaseName: <DATABASE_NAME>
   # You can get the last Google Cloud SQL PostgreSQL driver version
   # at https://github.com/GoogleCloudPlatform/cloud-sql-jdbc-socket-factory/releases
   driversUrl:
-  - https://storage.googleapis.com/cloud-sql-java-connector/v1.7.1/postgres-socket-factory-1.7.1-jar-with-driver-and-dependencies.jar
+  - https://storage.googleapis.com/cloud-sql-connectors-java/v1.13.1/postgres-socket-factory-1.13.1-jar-with-driver-and-dependencies.jar