From f3da667e2fdf4568be002e5c87d4530cdb0d220d Mon Sep 17 00:00:00 2001 From: VineetBala-AOT <90332175+VineetBala-AOT@users.noreply.github.com> Date: Tue, 2 Apr 2024 18:57:28 -0700 Subject: [PATCH] [To Main] DESENG-503: Updating deployment configurations (#2435) * Updating deployment configurations to add new configs --- CHANGELOG.MD | 5 ++ openshift/analytics-api.dc.yml | 24 +++++++ openshift/api.dc.yml | 122 ++++++++++++++++++++++++++++++++- openshift/cron.dc.yml | 74 ++++++++++++-------- openshift/notify-api.dc.yml | 8 ++- openshift/web.dc.yml | 25 +++++-- 6 files changed, 221 insertions(+), 37 deletions(-) diff --git a/CHANGELOG.MD b/CHANGELOG.MD index 8087bb30e..bec8f62c7 100644 --- a/CHANGELOG.MD +++ b/CHANGELOG.MD @@ -1,3 +1,8 @@ +## April 02, 2024 + +- **Task**: DEV clean up [DESENG-503](https://apps.itsm.gov.bc.ca/jira/browse/DESENG-503) + - Updated deployment configurations to add new configs. + ## March 28, 2024 - **Bug Fix**: Feedback fixes [DESENG-524](https://apps.itsm.gov.bc.ca/jira/browse/DESENG-524) diff --git a/openshift/analytics-api.dc.yml b/openshift/analytics-api.dc.yml index d06ab0ef7..c6faca048 100644 --- a/openshift/analytics-api.dc.yml +++ b/openshift/analytics-api.dc.yml @@ -64,11 +64,19 @@ objects: name: ${DB_APP_NAME} - name: DATABASE_HOST value: ${DB_APP_NAME} + - name: DATABASE_PORT + value: ${DB_APP_PORT} - name: S3_SECRET_ACCESS_KEY valueFrom: secretKeyRef: key: secret-access-key name: s3 + - name: CORS_ORIGINS + value: ${CORS_ORIGINS} + - name: KEYCLOAK_BASE_URL + value: ${KEYCLOAK_BASE_URL} + - name: KEYCLOAK_REALMNAME + value: ${KEYCLOAK_REALMNAME} envFrom: - configMapRef: name: jwt-oidc @@ -178,6 +186,22 @@ parameters: description: "The postgresql application name" required: true value: met-patroni + - name: DB_APP_PORT + description: "The postgresql application port" + required: true + value: '5432' + - name: CORS_ORIGINS + description: "Allowable origins for Cross-Origin Resource Sharing" + required: true + value: 'http://localhost:3000' + - name: KEYCLOAK_BASE_URL + description: "Keycloak base url" + required: true + value: '' + - name: KEYCLOAK_REALMNAME + description: "Realm name for the project" + required: true + value: 'standard' - name: IMAGE_TAG description: "The image tag to deploy" required: true diff --git a/openshift/api.dc.yml b/openshift/api.dc.yml index fed696112..395bd8230 100644 --- a/openshift/api.dc.yml +++ b/openshift/api.dc.yml @@ -64,11 +64,19 @@ objects: name: ${DB_APP_NAME} - name: DATABASE_HOST value: ${DB_APP_NAME} + - name: DATABASE_PORT + value: ${DB_APP_PORT} - name: S3_SECRET_ACCESS_KEY valueFrom: secretKeyRef: key: secret-access-key name: s3 + - name: CORS_ORIGINS + value: ${CORS_ORIGINS} + - name: KEYCLOAK_BASE_URL + value: ${KEYCLOAK_BASE_URL} + - name: DEFAULT_TENANT_SHORT_NAME + value: ${DEFAULT_TENANT_SHORT_NAME} envFrom: - configMapRef: name: ${APP} @@ -202,15 +210,22 @@ objects: name: ${APP} data: ACCESS_REQUEST_EMAIL_ADDRESS: ${ACCESS_REQUEST_EMAIL_ADDRESS} + ACCESS_REQUEST_EMAIL_TEMPLATE_ID: ${ACCESS_REQUEST_EMAIL_TEMPLATE_ID} + CORS_MAX_AGE: ${CORS_MAX_AGE} + CSS_API_ENVIRONMENT: ${CSS_API_ENVIRONMENT} + CSS_API_INTEGRATION_ID: ${CSS_API_INTEGRATION_ID} + CSS_API_URL: ${CSS_API_URL} + EMAIL_ENVIRONMENT: ${EMAIL_ENVIRONMENT} NOTIFICATIONS_EMAIL_ENDPOINT: ${NOTIFICATIONS_EMAIL_ENDPOINT} SITE_URL: ${SITE_URL} VERIFICATION_EMAIL_TEMPLATE_ID: ${VERIFICATION_EMAIL_TEMPLATE_ID} SUBSCRIBE_EMAIL_TEMPLATE_ID: ${SUBSCRIBE_EMAIL_TEMPLATE_ID} + SUBMISSION_RESPONSE_EMAIL_TEMPLATE_ID: ${SUBMISSION_RESPONSE_EMAIL_TEMPLATE_ID} REJECTED_EMAIL_TEMPLATE_ID: ${REJECTED_EMAIL_TEMPLATE_ID} CLOSED_ENGAGEMENT_REJECTED_EMAIL_TEMPLATE_ID: ${CLOSED_ENGAGEMENT_REJECTED_EMAIL_TEMPLATE_ID} - ACCESS_REQUEST_EMAIL_TEMPLATE_ID: ${ACCESS_REQUEST_EMAIL_TEMPLATE_ID} KEYCLOAK_REALMNAME: ${KEYCLOAK_REALMNAME} KEYCLOAK_BASE_URL: ${KEYCLOAK_BASE_URL} + KEYCLOAK_ADMIN_TOKEN_URL: ${KEYCLOAK_ADMIN_TOKEN_URL} - kind: Secret apiVersion: v1 type: Opaque @@ -232,6 +247,40 @@ objects: app-group: met-app stringData: secret-access-key: ${S3_ACCESS_KEY} +- kind: Secret + apiVersion: v1 + type: Opaque + metadata: + name: met-cdogs-secret + labels: + app: met-cdogs-secret + app-group: met-app + stringData: + CDOGS_BASE_URL: ${CDOGS_BASE_URL} + CDOGS_SERVICE_CLIENT: ${CDOGS_SERVICE_CLIENT} + CDOGS_SERVICE_CLIENT_SECRET: ${CDOGS_SERVICE_CLIENT_SECRET} + CDOGS_TOKEN_URL: ${CDOGS_TOKEN_URL} +- kind: Secret + apiVersion: v1 + type: Opaque + metadata: + name: email-secret-key + labels: + app: email-secret-key + app-group: met-app + stringData: + EMAIL_SECRET_KEY: ${EMAIL_SECRET_KEY} +- kind: Secret + apiVersion: v1 + type: Opaque + metadata: + name: keycloak-admin-credentials + labels: + app: keycloak-admin-credentials + app-group: met-app + stringData: + KEYCLOAK_ADMIN_CLIENT_ID: ${KEYCLOAK_ADMIN_CLIENT_ID} + KEYCLOAK_ADMIN_CLIENT_SECRET: ${KEYCLOAK_ADMIN_CLIENT_SECRET} parameters: - name: APP description: "The application name" @@ -269,6 +318,10 @@ parameters: description: "The subscribe email verification template id" required: true value: '9cd4942b-8ac9-49ae-a869-c800c57a7472' + - name: SUBMISSION_RESPONSE_EMAIL_TEMPLATE_ID + description: "The response to submission email template id" + required: true + value: '07f0f037-5ccb-44c5-89c6-9fe86078323e' - name: REJECTED_EMAIL_TEMPLATE_ID description: "The rejected comment email template id" required: true @@ -281,6 +334,25 @@ parameters: description: "The access request email template id" required: true value: '41afa792-4c75-425a-9ad9-c558561d6669' + - name: CORS_MAX_AGE + description: "Set CORS pre-flight cache duration" + required: true + value: '7200' + - name: CSS_API_ENVIRONMENT + description: "CSS API environment" + required: true + value: dev + - name: CSS_API_INTEGRATION_ID + description: "CSS API integration number" + required: true + value: '0000' + - name: CSS_API_URL + description: "CSS API URL" + required: true + value: '' + - name: EMAIL_ENVIRONMENT + description: "Environment from which email is sent" + value: 'You are using a DEV environment' - name: S3_BUCKET description: "The s3 object store bucket" required: true @@ -297,6 +369,18 @@ parameters: description: "The postgresql application name" required: true value: met-patroni + - name: DB_APP_PORT + description: "The postgresql application port" + required: true + value: '5432' + - name: CORS_ORIGINS + description: "Allowable origins for Cross-Origin Resource Sharing" + required: true + value: 'http://localhost:3000' + - name: DEFAULT_TENANT_SHORT_NAME + description: "Short name for default tenant" + required: true + value: 'DEFAULT' - name: IMAGE_TAG description: "The image tag to deploy" required: true @@ -311,8 +395,40 @@ parameters: - name: KEYCLOAK_BASE_URL description: "Keycloak base url" required: true - value: 'https://met-oidc-dev.apps.gold.devops.gov.bc.ca' + value: '' - name: KEYCLOAK_REALMNAME description: "Realm name for the project" required: true - value: 'met' \ No newline at end of file + value: 'standard' + - name: KEYCLOAK_ADMIN_TOKEN_URL + description: "Keycloak url to get admin token" + required: true + value: '' + - name: CDOGS_BASE_URL + description: "Base url to access CDOGS" + required: true + value: '' + - name: CDOGS_SERVICE_CLIENT + description: "Client for CDOGS Service" + required: true + value: 'CDOGS_SERVICE_CLIENT' + - name: CDOGS_SERVICE_CLIENT_SECRET + description: "Secret for CDOGS Service" + required: true + value: 'CDOGS_SERVICE_CLIENT_SECRET' + - name: CDOGS_TOKEN_URL + description: "Token url for CDOGS" + required: true + value: '' + - name: EMAIL_SECRET_KEY + description: "Secret key for email" + required: true + value: 'notASecureKey' + - name: KEYCLOAK_ADMIN_CLIENT_ID + description: "Admin Client ID for Keycloak authentication" + required: true + value: 'CLIENT_ID' + - name: KEYCLOAK_ADMIN_CLIENT_SECRET + description: "Admin Client Secret for Keycloak authentication" + required: true + value: 'CLIENT_SECRET' \ No newline at end of file diff --git a/openshift/cron.dc.yml b/openshift/cron.dc.yml index 4007851db..aaadedd93 100644 --- a/openshift/cron.dc.yml +++ b/openshift/cron.dc.yml @@ -73,13 +73,13 @@ objects: - name: DATABASE_USERNAME valueFrom: secretKeyRef: - key: analytics-username + key: met-username name: met-database-users - name: DATABASE_PASSWORD valueFrom: secretKeyRef: name: met-database-users - key: analytics-password + key: met-password - name: DATABASE_NAME valueFrom: secretKeyRef: @@ -89,25 +89,6 @@ objects: value: ${DATABASE_HOST} - name: DATABASE_PORT value: ${DATABASE_PORT} - - name: MET_DATABASE_USERNAME - valueFrom: - secretKeyRef: - key: met-username - name: met-database-users - - name: MET_DATABASE_PASSWORD - valueFrom: - secretKeyRef: - key: met-password - name: met-database-users - - name: MET_DB_NAME - valueFrom: - secretKeyRef: - key: app-db-name - name: ${DATABASE_HOST} - - name: MET_DATABASE_HOST - value: ${DATABASE_HOST} - - name: MET_DATABASE_PORT - value: ${DATABASE_PORT} envFrom: - configMapRef: name: ${NAME} @@ -172,9 +153,15 @@ objects: app-group: met-app name: ${NAME} data: - ENGAGEMENT_CLOSEOUT_EMAIL_TEMPLATE_ID: ${ENGAGEMENT_CLOSEOUT_EMAIL_TEMPLATE_ID} + CLOSEOUT_EMAIL_TEMPLATE_ID: ${CLOSEOUT_EMAIL_TEMPLATE_ID} + CLOSING_SOON_EMAIL_TEMPLATE_ID: ${CLOSING_SOON_EMAIL_TEMPLATE_ID} + EMAIL_ENVIRONMENT: ${EMAIL_ENVIRONMENT} + EMAIL_FROM_ADDRESS: ${EMAIL_FROM_ADDRESS} + KEYCLOAK_BASE_URL: ${KEYCLOAK_BASE_URL} + KEYCLOAK_REALMNAME: ${KEYCLOAK_REALMNAME} NOTIFICATIONS_EMAIL_ENDPOINT: ${NOTIFICATIONS_EMAIL_ENDPOINT} - PUBLISH_ENGAGEMENT_EMAIL_TEMPLATE_ID: ${PUBLISH_ENGAGEMENT_EMAIL_TEMPLATE_ID} + OFFSET_DAYS: ${OFFSET_DAYS} + PUBLISH_EMAIL_TEMPLATE_ID: ${PUBLISH_EMAIL_TEMPLATE_ID} SITE_URL: ${SITE_URL} - kind: Secret apiVersion: v1 @@ -187,6 +174,16 @@ objects: stringData: MET_ADMIN_CLIENT_ID: ${MET_ADMIN_CLIENT_ID} MET_ADMIN_CLIENT_SECRET: ${MET_ADMIN_CLIENT_SECRET} +- kind: Secret + apiVersion: v1 + type: Opaque + metadata: + name: email-secret-key + labels: + app: email-secret-key + app-group: met-app + stringData: + EMAIL_SECRET_KEY: ${EMAIL_SECRET_KEY} parameters: - name: NAME description: "The name assigned to all of the OpenShift resources associated to the server instance." @@ -201,11 +198,11 @@ parameters: required: true value: dev - name: DATABASE_HOST - description: "The analytics postgresql application name." + description: "The met postgresql application name." required: true value: met-patroni - name: DATABASE_PORT - description: "The analytics postgresql application port." + description: "The met postgresql application port." required: true value: '5432' - name: CPU_REQUEST @@ -242,10 +239,29 @@ parameters: description: "The email notification endpoint" required: true value: 'https://met-notify-api-dev.apps.gold.devops.gov.bc.ca/api/v1/notifications/email' -- name: ENGAGEMENT_CLOSEOUT_EMAIL_TEMPLATE_ID +- name: OFFSET_DAYS + description: "Days in which the engagement closing soon email is sent" + required: true + value: '2' +- name: CLOSEOUT_EMAIL_TEMPLATE_ID description: "The engagement closeout email template id" value: 'b7ea041b-fc30-4ad3-acb2-82119dd4f95d' -- name: PUBLISH_ENGAGEMENT_EMAIL_TEMPLATE_ID +- name: CLOSING_SOON_EMAIL_TEMPLATE_ID + description: "The engagement closing soon email template id to send email n days before closing" + value: '30344886-ea33-4ca2-83e1-e5ebe9c3457d' +- name: EMAIL_ENVIRONMENT + description: "Environment from which email is sent" + value: 'You are using a DEV environment' +- name: EMAIL_FROM_ADDRESS + description: "Email from address" + value: 'met-example@gov.bc.ca' +- name: KEYCLOAK_BASE_URL + description: "Keycloak base url" + value: '' +- name: KEYCLOAK_REALMNAME + description: "Realm name for the project" + value: 'standard' +- name: PUBLISH_EMAIL_TEMPLATE_ID description: "The publish engagement email template id" value: '7bf2ffcd-d69e-4c3f-9aa0-e8e89b491e92' - name: MET_ADMIN_CLIENT_ID @@ -255,3 +271,7 @@ parameters: - name: MET_ADMIN_CLIENT_SECRET description: "The MET admin service account secret" required: true +- name: EMAIL_SECRET_KEY + description: "Secret key for email" + required: true + value: 'notASecureKey' \ No newline at end of file diff --git a/openshift/notify-api.dc.yml b/openshift/notify-api.dc.yml index 723bb4362..84dd5c84f 100644 --- a/openshift/notify-api.dc.yml +++ b/openshift/notify-api.dc.yml @@ -40,6 +40,8 @@ objects: - env: - name: FLASK_ENV value: production + - name: JWT_OIDC_AUDIENCE + value: account envFrom: - configMapRef: name: ${APP} @@ -152,6 +154,7 @@ objects: stringData: GC_NOTIFY_API_KEY: "${GC_NOTIFY_API_KEY}" GC_NOTIFY_API_BASE_URL: "${GC_NOTIFY_API_BASE_URL}" + GC_NOTIFY_EMAIL_TEMPLATE_ID: "${GC_NOTIFY_EMAIL_TEMPLATE_ID}" CHES_SSO_TOKEN_URL: "${CHES_SSO_TOKEN_URL}" CHES_SSO_CLIENT_ID: "${CHES_SSO_CLIENT_ID}" CHES_SSO_CLIENT_SECRET: "${CHES_SSO_CLIENT_SECRET}" @@ -182,7 +185,10 @@ parameters: value: - name: GC_NOTIFY_API_BASE_URL description: "GC Notify API URL" - value: https://api.notification.canada.ca/v2 + value: https://api.notification.canada.ca/v2 + - name: GC_NOTIFY_EMAIL_TEMPLATE_ID + description: "GC Notify email template id" + value: 'c4cc1633-321a-4400-8a22-272acecd836a' - name: CHES_SSO_TOKEN_URL description: "CHES Token Url" value: https://dev.oidc.gov.bc.ca/auth/realms/jbd6rnxw/protocol/openid-connect/token diff --git a/openshift/web.dc.yml b/openshift/web.dc.yml index ac9ae5b55..95dd44b21 100644 --- a/openshift/web.dc.yml +++ b/openshift/web.dc.yml @@ -25,13 +25,23 @@ objects: "NODE_ENV": "production", "REACT_APP_API_URL": "https://${APP}-${ENV}.apps.gold.devops.gov.bc.ca/api/", "REACT_APP_ANALYTICS_API_URL": "https://analytics-api-${ENV}.apps.gold.devops.gov.bc.ca/api/", + // Formio + "REACT_APP_API_PROJECT_URL": "https://formio-${PROJECT}-${ENV}.apps.gold.devops.gov.bc.ca", + "REACT_APP_FORM_ID": "", + "REACT_APP_FORMIO_JWT_SECRET": "", + "REACT_APP_USER_RESOURCE_FORM_ID": "", + "REACT_APP_ANONYMOUS_ID": "", // Keycloak - "REACT_APP_KEYCLOAK_URL": "https://met-oidc.apps.gold.devops.gov.bc.ca/auth", + "REACT_APP_KEYCLOAK_URL": "http://example.com/auth", "REACT_APP_KEYCLOAK_CLIENT": "${KC_CLIENT}", "REACT_APP_KEYCLOAK_REALM": "${KC_REALM}", - // Redash - "REACT_APP_REDASH_PUBLIC_URL": "https://met-analytics.apps.gold.devops.gov.bc.ca/public/dashboards/?p_Engagement%20Name=", - "REACT_APP_REDASH_COMMENTS_PUBLIC_URL": "https://met-analytics.apps.gold.devops.gov.bc.ca/public/dashboards/?p_Engagement%20Name=", + // App constans + "REACT_APP_ENGAGEMENT_PROJECT_TYPES": "", + + // Tenant + "REACT_APP_DEFAULT_TENANT": "DEFAULT", + "REACT_APP_DEFAULT_LANGUAGE": "en", + "REACT_APP_IS_SINGLE_TENANT_ENVIRONMENT": "false", } - apiVersion: apps.openshift.io/v1 kind: DeploymentConfig @@ -184,12 +194,15 @@ parameters: - name: ENV description: "The selected environment (dev, test, prod)" value: dev + - name: PROJECT + description: "The selected project" + value: 'e903c2' - name: KC_CLIENT description: "The keycloak client id" - value: met-web + value: KC_CLIENT - name: KC_REALM description: "The keycloak realm" - value: met + value: standard - name: IMAGE_TAG description: "The image tag to deploy" value: latest