Skip to content

Commit bf2a488

Browse files
onprem: 2.1-alpha.1 pre-release (#1091)
1 parent 416a51d commit bf2a488

36 files changed

+2622
-930
lines changed

.github/PULL_REQUEST_TEMPLATE.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,4 +6,4 @@
66

77
## CI
88

9-
To trigger `onprem-ci` pipeline add `/test` commend in your PR
9+
To trigger `onprem-ci` pipeline add `/test` comment in your PR

codefresh/.ci/values/cfapi-roles-hpa.yaml

Lines changed: 10 additions & 24 deletions
Original file line numberDiff line numberDiff line change
@@ -1,33 +1,19 @@
1+
seed-e2e:
2+
enabled: true
3+
4+
secrets:
5+
# default mongouri conn string for e2e
6+
e2e-mongo-uri:
7+
enabled: true
8+
stringData:
9+
mongo-uri: mongodb://cfuser:mTiXcU2wafr9@cf-mongodb:27017/codefresh
10+
111
ingress:
212
enabled: true
313
tls:
414
enabled: true
515
cert: "" # placeholder for ${WEB_TLS_CERT}
616
key: "" # placeholder for ${WEB_TLS_KEY}
7-
services:
8-
cfapi: null
9-
cfapi-endpoints:
10-
- /api/
11-
cfapi-downloadlogmanager:
12-
- /api/progress/download
13-
- /api/public/progress/download
14-
cfapi-admin:
15-
- /api/admin/
16-
cfapi-ws:
17-
- /ws
18-
cfapi-teams:
19-
- /api/team
20-
cfapi-kubernetes-endpoints:
21-
- /api/kubernetes
22-
cfapi-test-reporting:
23-
- /api/testReporting
24-
cfapi-kubernetesresourcemonitor:
25-
- /api/k8s-monitor/
26-
cfapi-environments:
27-
- /api/environments-v2/argo/events
28-
cfapi-gitops-resource-receiver:
29-
- /api/gitops/resources
30-
- /api/gitops/rollout
3117

3218
global:
3319
appUrl: "" # placeholder for ${CF_APP_HOST}

codefresh/.ci/values/classic-only.yaml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,13 @@
1+
seed-e2e:
2+
enabled: true
3+
4+
secrets:
5+
# default mongouri conn string for e2e
6+
e2e-mongo-uri:
7+
enabled: true
8+
stringData:
9+
mongo-uri: mongodb://cfuser:mTiXcU2wafr9@cf-mongodb:27017/codefresh
10+
111
global:
212
appUrl: "" # placeholder for ${CF_APP_HOST}
313
firebaseSecret: "" # placeholder for ${FIREBASE_SECRET}

codefresh/.ci/values/defaults-hpa.yaml

Lines changed: 105 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,105 @@
1+
seed-e2e:
2+
enabled: true
3+
4+
# kinda external secrets
5+
secrets:
6+
ext-mongo:
7+
enabled: true
8+
stringData:
9+
mongodb-host: cf-mongodb:27017
10+
mongodb-password: mTiXcU2wafr9
11+
mongodb-user: cfuser
12+
mongodb-root-user: root
13+
mongodb-root-password: XT9nmM8dZD
14+
ext-postgres:
15+
enabled: true
16+
stringData:
17+
postgres-hostname: cf-postgresql
18+
postgres-password: eC9arYka4ZbH
19+
postgres-user: postgres
20+
ext-redis:
21+
enabled: true
22+
stringData:
23+
redis-url: cf-redis-master
24+
redis-password: hoC9szf7NtrU
25+
ext-rabbitmq:
26+
enabled: true
27+
stringData:
28+
rabbitmq-hostname: cf-rabbitmq:5672
29+
rabbitmq-password: cVz9ZdJKYm7u
30+
rabbitmq-username: user
31+
ext-firebase:
32+
enabled: true
33+
stringData:
34+
firebase-url: "" # placeholder for ${FIRBASE_URL}
35+
firebase-secret: "" # placeholder for ${FIREBASE_SECRET}
36+
e2e-mongo-uri:
37+
enabled: true
38+
stringData:
39+
mongo-uri: mongodb://cfuser:mTiXcU2wafr9@cf-mongodb:27017/codefresh
40+
41+
seed:
42+
mongoSeedJob:
43+
mongodbRootUserSecretKeyRef:
44+
name: cf-codefresh-ext-mongo
45+
key: mongodb-root-user
46+
mongodbRootPasswordSecretKeyRef:
47+
name: cf-codefresh-ext-mongo
48+
key: mongodb-root-password
49+
50+
postgresSeedJob:
51+
postgresUserSecretKeyRef:
52+
name: cf-codefresh-ext-postgres
53+
key: postgres-user
54+
postgresPasswordSecretKeyRef:
55+
name: cf-codefresh-ext-postgres
56+
key: postgres-password
57+
158
global:
259
appUrl: "" # placeholder for ${CF_APP_HOST}
3-
firebaseSecret: "" # placeholder for ${FIREBASE_SECRET}
60+
firebaseUrlSecretKeyRef:
61+
name: cf-codefresh-ext-firebase
62+
key: firebase-url
63+
firebaseSecretSecretKeyRef:
64+
name: cf-codefresh-ext-firebase
65+
key: firebase-secret
66+
67+
mongodbUserSecretKeyRef:
68+
name: cf-codefresh-ext-mongo
69+
key: mongodb-user
70+
mongodbPasswordSecretKeyRef:
71+
name: cf-codefresh-ext-mongo
72+
key: mongodb-password
73+
mongodbHostSecretKeyRef:
74+
name: cf-codefresh-ext-mongo
75+
key: mongodb-host
76+
77+
postgresHostnameSecretKeyRef:
78+
name: cf-codefresh-ext-postgres
79+
key: postgres-hostname
80+
postgresPasswordSecretKeyRef:
81+
name: cf-codefresh-ext-postgres
82+
key: postgres-password
83+
postgresUserSecretKeyRef:
84+
name: cf-codefresh-ext-postgres
85+
key: postgres-user
86+
87+
rabbitmqHostnameSecretKeyRef:
88+
name: cf-codefresh-ext-rabbitmq
89+
key: rabbitmq-hostname
90+
rabbitmqPasswordSecretKeyRef:
91+
name: cf-codefresh-ext-rabbitmq
92+
key: rabbitmq-password
93+
rabbitmqUsernameSecretKeyRef:
94+
name: cf-codefresh-ext-rabbitmq
95+
key: rabbitmq-username
96+
97+
redisPasswordSecretKeyRef:
98+
name: cf-codefresh-ext-redis
99+
key: redis-password
100+
redisUrlSecretKeyRef:
101+
name: cf-codefresh-ext-redis
102+
key: redis-url
4103

5104
cfapi:
6105
hpa:
@@ -28,6 +127,10 @@ argo-platform:
28127
hpa:
29128
enabled: true
30129

130+
cron-executor:
131+
hpa:
132+
enabled: true
133+
31134
event-handler:
32135
hpa:
33136
enabled: true
@@ -42,4 +145,4 @@ argo-platform:
42145

43146
abac:
44147
hpa:
45-
enabled: true
148+
enabled: true

codefresh/.ci/values/mtls-mongodb-redis.yaml

Lines changed: 3 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -7,10 +7,8 @@ global:
77
firebaseSecret: "" # placeholder for ${FIREBASE_SECRET}
88

99
mongoURI: "mongodb://cf-mongodb:27017/?ssl=true&authMechanism=MONGODB-X509&authSource=$external"
10-
runtimeMongoURI: "mongodb://cf-mongodb:27017/?ssl=true&authMechanism=MONGODB-X509&authSource=$external"
1110

1211
redisUrl: cf-redis-master.codefresh.svc.cluster.local
13-
runtimeRedisHost: cf-redis-master.codefresh.svc.cluster.local
1412

1513
volumes:
1614
mongodb-tls:
@@ -35,6 +33,7 @@ global:
3533

3634
env:
3735
# Mongo MTLS
36+
MONGODB_SSL_ENABLED: true
3837
MTLS_CERT_PATH: /etc/ssl/mongodb/ca.pem
3938
RUNTIME_MTLS_CERT_PATH: /etc/ssl/mongodb/ca.pem
4039
RUNTIME_MONGO_TLS: "true"
@@ -73,12 +72,12 @@ mongodb:
7372
"gitops-dashboard-manager"
7473
"k8s-monitor"
7574
"pipeline-manager"
76-
"platform-analytics"
75+
"platform-analytics-postgres"
7776
"read-models"
7877
"runtime-environment-manager"
7978
)
8079
81-
mongosh "$MONGODB_ROOT_URI" --eval 'db.getSiblingDB("\$external").runCommand( { createUser: "CN=cfuser,O=Internet Widgits Pty Ltd,ST=Some-State,C=AU", roles: [ { role: "readWrite", db: "test" }, { role: "userAdminAnyDatabase", db: "admin" }, { role: "readWrite", db: "codefresh" }, { role: "readWrite", db: "pipeline-manager" }, { role: "readWrite", db: "runtime-environment-manager" }, { role: "readWrite", db: "context-manager" }, { role: "readWrite", db: "cluster-providers" }, { role: "readWrite", db: "charts-manager" }, { role: "readWrite", db: "k8s-monitor" }, { role: "readWrite", db: "read-models" }, { role: "readWrite", db: "audit" } ], writeConcern: { w: "majority" , wtimeout: 5000 } } )'
80+
mongosh "$MONGODB_ROOT_URI" --eval 'db.getSiblingDB("\$external").runCommand( { createUser: "CN=cfuser,O=Internet Widgits Pty Ltd,ST=Some-State,C=AU", roles: [ { role: "readWrite", db: "test" }, { role: "userAdminAnyDatabase", db: "admin" }, { role: "readWrite", db: "codefresh" }, { role: "readWrite", db: "pipeline-manager" }, { role: "readWrite", db: "runtime-environment-manager" }, { role: "readWrite", db: "context-manager" }, { role: "readWrite", db: "cluster-providers" }, { role: "readWrite", db: "charts-manager" }, { role: "readWrite", db: "k8s-monitor" }, { role: "readWrite", db: "read-models" }, { role: "readWrite", db: "audit" }, { role: "readWrite", db: "platform-analytics-postgres" } ], writeConcern: { w: "majority" , wtimeout: 5000 } } )'
8281
8382
for MONGODB_DATABASE in ${MONGODB_DATABASES[@]}; do
8483
mongosh ${MONGODB_ROOT_URI} --eval "db.getSiblingDB('${MONGODB_DATABASE}').createCollection('test')"
@@ -116,6 +115,3 @@ secrets:
116115
enabled: true
117116
data:
118117
ca.pem: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUM4akNDQWRvQ0ZDcUpqc3pFSVNVSDhUSU9hV1RmS0JxeVhFT01NQTBHQ1NxR1NJYjNEUUVCQ3dVQU1CVXgKRXpBUkJnTlZCQU1UQ20xNVRXOXVaMjh0WTJFd0hoY05Nakl4TVRBeU1UZ3hNVE0yV2hjTk1qUXdNekUyTVRneApNVE0yV2pCV01Rc3dDUVlEVlFRR0V3SkJWVEVUTUJFR0ExVUVDQXdLVTI5dFpTMVRkR0YwWlRFaE1COEdBMVVFCkNnd1lTVzUwWlhKdVpYUWdWMmxrWjJsMGN5QlFkSGtnVEhSa01ROHdEUVlEVlFRRERBWmpablZ6WlhJd2dnRWkKTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFERlk5T2E4bG5JMmtPaHBXZStScENQQ1BqSgpVbUFEUjUrUnVPRHpaSG5sdUsrd3ByTXkwcFB6RTJTblJXcHlXRHZNaVV6RGFhNUl6dWIySGZSVFNuRVgyTUliCnNkZkY1UGFJTmhnd0RiTFJRUEhXcE5Da1dCRFQvN0tiUnN0dmZVc0k0TllYenFnLys0U05qQWxDdi9rY0NRVUMKekhZc2NUZitta3JpYVNzOWZIemxWYWZWRWY5cUFWSGFlakhDWnd2NkoxTjAzS08yRjM0dmRXS1JPUEZVM00xaQpVWklSYTZoN0FQbGxmZmt1S0doS0t2R3hDRzJENFlLSGJ1WG0zeXBpYjk1QTUrUFA0MUJWeWc2ZnlpRWhXazNSCllSWGoybWZWd1JLeWYyQTE4L2pqS1NQVG1Eck51andTTnZ0cWp2WWdrV01LN2JrdHAxcHV5RVVNZlQyTkFnTUIKQUFFd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFFSGlOczZjZnl2UjNqODQzSEFKamE4Q2xKalJFdlZ1TXBIUAp4Y1RuQzdaOEF2Z3dOVDFFczd1OTFhVExicThSeDBiblRPYTJzZU9nb2VKM0lyd0pTOVFTeEtOQWpha3lnY2Q5ClBzM2tURXZFTVNBVTlRRU83cXNTNjh1aFdRMXRXM29KaktObVVnVDA5QzBEcVpZWTlrV3BQZzJENmIrUm1FWDgKUmYyUncrRGpLRXlHYkpRenJtRmNYMVlDcUV0MkpMR1RiZkM4NHpnb25YTS90d201cFlXL3JpSTVBd2lNWXB6ZApWR1p0d0lpSi9ZVWNrZWkrNlpscDczZHpiMUw0RHEzVjY5Y29VejVBZHhpVlRBRHlCcW1wM1VQbnZadTBsOCtuClM5Y3dZbkdaOTZLM3ZwQzZHTk5GY1QrbXdiZ25qK2JMaHVVTDMrck52R3BSclpKei9lQT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQotLS0tLUJFR0lOIFJTQSBQUklWQVRFIEtFWS0tLS0tCk1JSUVvd0lCQUFLQ0FRRUF4V1BUbXZKWnlOcERvYVZudmthUWp3ajR5VkpnQTBlZmtiamc4MlI1NWJpdnNLYXoKTXRLVDh4TmtwMFZxY2xnN3pJbE13Mm11U003bTloMzBVMHB4RjlqQ0c3SFh4ZVQyaURZWU1BMnkwVUR4MXFUUQpwRmdRMC8reW0wYkxiMzFMQ09EV0Y4Nm9QL3VFall3SlFyLzVIQWtGQXN4MkxIRTMvcHBLNG1rclBYeDg1VlduCjFSSC9hZ0ZSMm5veHdtY0wraWRUZE55anRoZCtMM1Zpa1RqeFZOek5ZbEdTRVd1b2V3RDVaWDM1TGlob1NpcngKc1FodGcrR0NoMjdsNXQ4cVltL2VRT2ZqeitOUVZjb09uOG9oSVZwTjBXRVY0OXBuMWNFU3NuOWdOZlA0NHlragowNWc2emJvOEVqYjdhbzcySUpGakN1MjVMYWRhYnNoRkRIMDlqUUlEQVFBQkFvSUJBR0piOFNqSDFRZXFBNE44Ckdhc09IS0M1MXNiekhsYmtETmFmYXJDK0E2UCtHTVlNKzBTNisvQm5YSU9ocW41YUMwcExySTIvanBKSFQzMmEKeFpIdmlWVlp0TGY2TWN3eDRNdFZNVTVZdFI5aW5sL1g5d085d256eGNIM0JsRVAxQ2p2ZFZiRzlUOGU2UEg0UQpKdGsxTWh2UFBzajdPM08vNHlnaW1HZ2tBZUQ3MUM3WUQ1RzAraC9jeTllYVRUUURUMFJ4ZEQ3dkE0d2g2MHhOCmgybTQxK0NyUFArTnNqM2FRNUNET09laUgyMk9UVmdEVllEb1RoUi9rRFdtNmg3eU55bEowMjM2SVk3WU5taEoKUzNWQURieXpJT0xhUWtBSWJmNVZBZ2JvRzZMaFhvN3hGdkQ3eHFKWENlRVlWOEZRV0UweEZJMkhKMFloaDhLNApSdXB3Q3AwQ2dZRUE3Q2t6bDZwRmgrNk1md3VHcnR0ZUY4UWVxQ1BuYXhWRmNpU2prZzMxd0swWTNyRXQ0UHM2CnJ5RkI2anVxVjBtNkE2M3FrdjdGcVdvNE9sM1U2aTB6aUpQMjJmMWFPWEtqdzRwYjl0bnRhRFBvOHV0dW5tQVAKaW4xWGUyR2s3S2p2emhrcjF0a0FtUXJBQUxiZEFEbi9GQjI1UWdOdmFSTytTbjZveUg4eGZ5TUNnWUVBMWZqVQpOZFBzQ1RJalpzcDdXUllreDhmL3prQjZhU3FlbkpPMjM3ZnlYVjJEVDFGWk8rMStxK1VHUkJRQXBzOVdwRGJICkJHMS9oTThyWlpTdW1BMkRxdTlobElFSDIwR3lIYVFLaC9JTUEvY0I2eGNHdk9OZVl6ajhWZHBCVmE4anYwd20KNFVVS3dsMEVkOHQreVdnVDB6THREN0UrR3RFaVY5UDIvaXBEODQ4Q2dZQVJQd2tIZ0dYSGdZSTlIT2hmQ0tJYwpkalFPNzJCTkQ2YWNxVlJRckRoUU05UG5IMlZNVXN4OFVaOXdyWjdJOVJkaWdXYnFDVFVDSkVHcThZTkUvcndPCnMwK0pwOWpZN1NoTWRXUTE2TUJQcGNyVFFxSTNhcWgzNHFOcTNUeWdFODQvYk5Nb3czd3BzUUZJakJJam5CaW0KclcwRUJ5QXh1a0ZoUzFLa0liWEpwUUtCZ0QrWTJNSXkvZW54ekJIbVJ1bEFxcWZ5cXZhTHRaYUNnMmc0ZzFkVgpYaVVnQVVKWEJIWEtiaWI3U0hSOW1YLzdDbDUrcFlLTVpTVjlTZ0hFUW15UlA3eFRzQ1lxZjhKTWNYdGI0WUZzCmtPT3d6QklxNHViTGthZGVMYW42MkFaMnF1SlY2UXgxcisvN0k3UFRlUmkxNVlhVmtWNWpxUGpoaGhxaXRydnUKcGduREFvR0JBTDlrUTdqV3FPTnB2Q2RtZFMwK0Voam5zcU1ta21ycWxhdEZjM2F2b0Jod3EyR0kxbWRNVDFmYwpHYjZIdlNsMWdDeG0vVGszMGpiZHI2eTJmWHl4UTdXc1FxWGNQRTZHYUFuWFE0d1l0ckZuY3BxTGR4Z0IzMmZmCkZEQ3p2bjRJZjBKUHAxdXNuZUpDclVpanlsTWhpcnBWSWdGUXY0cHdWV0g1T3JSeFVDS3cKLS0tLS1FTkQgUlNBIFBSSVZBVEUgS0VZLS0tLS0K"
119-
120-
argo-platform:
121-
enabled: false

codefresh/.ci/values/openshift.yaml

Lines changed: 90 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,90 @@
1+
global:
2+
appUrl: "" # placeholder for ${CF_APP_HOST}
3+
firebaseSecret: "" # placeholder for ${FIREBASE_SECRET}
4+
dnsService: dns-default
5+
dnsNamespace: openshift-dns
6+
clusterDomain: cluster.local
7+
8+
ingress:
9+
enabled: true
10+
ingressClassName: openshift-default
11+
tls:
12+
enabled: true
13+
existingSecret: "{{ .Release.Name }}-codefresh-star-selfsigned"
14+
15+
builder:
16+
enabled: false
17+
18+
cfapi:
19+
podSecurityContext:
20+
enabled: false
21+
22+
cf-platform-analytics-platform:
23+
redis:
24+
master:
25+
podSecurityContext:
26+
enabled: false
27+
containerSecurityContext:
28+
enabled: false
29+
30+
cfsign:
31+
podSecurityContext:
32+
enabled: false
33+
initContainers:
34+
volume-permissions:
35+
enabled: false
36+
37+
cfui:
38+
podSecurityContext:
39+
enabled: false
40+
41+
internal-gateway:
42+
podSecurityContext:
43+
enabled: false
44+
45+
helm-repo-manager:
46+
chartmuseum:
47+
securityContext:
48+
enabled: false
49+
50+
consul:
51+
podSecurityContext:
52+
enabled: false
53+
containerSecurityContext:
54+
enabled: false
55+
56+
cronus:
57+
podSecurityContext:
58+
enabled: false
59+
60+
ingress-nginx:
61+
enabled: false
62+
63+
mongodb:
64+
podSecurityContext:
65+
enabled: false
66+
containerSecurityContext:
67+
enabled: false
68+
69+
postgresql:
70+
primary:
71+
podSecurityContext:
72+
enabled: false
73+
containerSecurityContext:
74+
enabled: false
75+
76+
redis:
77+
master:
78+
podSecurityContext:
79+
enabled: false
80+
containerSecurityContext:
81+
enabled: false
82+
83+
rabbitmq:
84+
podSecurityContext:
85+
enabled: false
86+
containerSecurityContext:
87+
enabled: false
88+
89+
runner:
90+
enabled: false

0 commit comments

Comments
 (0)