diff --git a/charts/helm-install/Chart.yaml b/charts/helm-install/Chart.yaml index 81eacad..202c741 100644 --- a/charts/helm-install/Chart.yaml +++ b/charts/helm-install/Chart.yaml @@ -6,7 +6,7 @@ apiVersion: v2 name: helm-install -version: "1.0.7" +version: "1.0.8" appVersion: "1.0.0" description: helm-install type: application diff --git a/charts/helm-install/scripts/_funcs_helm.sh b/charts/helm-install/scripts/_funcs_helm.sh index 6b12ed1..7e06e7d 100644 --- a/charts/helm-install/scripts/_funcs_helm.sh +++ b/charts/helm-install/scripts/_funcs_helm.sh @@ -7,7 +7,7 @@ ######################################### _download_funcs.sh ######################################### -# download_public_helm_chart download chart from a given repo, The url must contain https:// as protocol +# pull_helm_chart download chart from a given repo, The url must contain https:// as protocol # this is used for the following recipe #- name: ingress-nginx # chart name # version: 4.0.5 # chart version @@ -15,13 +15,30 @@ # helm: # url: https://kubernetes.github.io/ingress-nginx # sample helm pull --repo https://kubernetes.github.io/ingress-nginx ingress-nginx --version 4.0.3 -function download_public_helm_chart() { - local _url=${1} +# add optional username and password field +function pull_helm_chart() { + local _chart_repo_helm_section=${1} local _name=${2} local _version=${3} + + local _url="" + _url=$(echo "${_chart_repo_helm_section}" | common::yq4-get '.url') + local _username="" + _username="$(echo "${_chart_repo_helm_section}" | common::yq4-get '.username')" + local _password="" + _password="$(echo "${_chart_repo_helm_section}" | common::yq4-get '.password')" common::debug "downloading chart ${_name} form ${_url} with version ${_version}" - if ! "${HELM_COMMAND_LINE}" pull --repo "${_url}" "${_name}" --version "${_version}"; then + _cmd="${HELM_COMMAND_LINE} pull --repo ${_url} ${_name} --version ${_version}" + if [[ -n "${_username}" ]]; then + _cmd="${_cmd} --username ${_username}" + fi + + if [[ -n "${_password}" ]]; then + _cmd="${_cmd} --password ${_password}" + fi + + if ! eval "${_cmd}"; then common::err "${HELM_COMMAND_LINE} pull error" return 1 fi @@ -134,20 +151,21 @@ function pull_github_chart() { fi } -# downloadChart this will download chart +# downloadChart this will download chart based on the recipe .helmCharts[].repo section function downloadChart() { local _repo_section=${1} local _chart_name=${2} local _chart_version=${3} - local _chart_repo_helm="" - _chart_repo_helm=$(echo "${_repo_section}" | common::yq4-get '.helm') - local _chart_repo_ecr="" - _chart_repo_ecr=$(echo "${_repo_section}" | common::yq4-get '.ecr') - local _chart_git_ecr="" - _chart_git_ecr=$(echo "${_repo_section}" | common::yq4-get '.git') - if [[ -n ${_chart_repo_helm} ]]; then - download_public_helm_chart "$(echo "${_chart_repo_helm}" | common::yq4-get '.url')" "${_chart_name}" "${_chart_version}" + local _chart_repo_helm_section="" + _chart_repo_helm_section=$(echo "${_repo_section}" | common::yq4-get '.helm') + local _chart_repo_ecr_section="" + _chart_repo_ecr_section=$(echo "${_repo_section}" | common::yq4-get '.ecr') + local _chart_repo_git_section="" + _chart_repo_git_section=$(echo "${_repo_section}" | common::yq4-get '.git') + + if [[ -n ${_chart_repo_helm_section} ]]; then + pull_helm_chart "${_chart_repo_helm_section}" "${_chart_name}" "${_chart_version}" _res=$? if [ ${_res} -ne 0 ]; then common::err "download public helm chart error" @@ -155,8 +173,8 @@ function downloadChart() { fi fi - if [[ -n ${_chart_repo_ecr} ]]; then - pull_ecr_chart "$(echo "${_chart_repo_ecr}" | common::yq4-get '.region')" "$(echo "${_chart_repo_ecr}" | common::yq4-get '.host')" "$(echo "${_chart_repo_ecr}" | common::yq4-get '.name')" "${_chart_version}" "${_chart_name}" "." + if [[ -n ${_chart_repo_ecr_section} ]]; then + pull_ecr_chart "$(echo "${_chart_repo_ecr_section}" | common::yq4-get '.region')" "$(echo "${_chart_repo_ecr_section}" | common::yq4-get '.host')" "$(echo "${_chart_repo_ecr_section}" | common::yq4-get '.name')" "${_chart_version}" "${_chart_name}" "." _res=$? if [ ${_res} -ne 0 ]; then common::err "pull ECR error" @@ -164,8 +182,8 @@ function downloadChart() { fi fi - if [[ -n ${_chart_git_ecr} ]]; then - pull_github_chart "$(echo "${_chart_git_ecr}" | common::yq4-get '.github'.repo)" "${_chart_version}" "$(echo "${_chart_git_ecr}" | common::yq4-get '.github.path')" "$(echo "${_chart_git_ecr}" | common::yq4-get '.github.hash')" + if [[ -n ${_chart_repo_git_section} ]]; then + pull_github_chart "$(echo "${_chart_repo_git_section}" | common::yq4-get '.github'.repo)" "${_chart_version}" "$(echo "${_chart_repo_git_section}" | common::yq4-get '.github.path')" "$(echo "${_chart_repo_git_section}" | common::yq4-get '.github.hash')" _res=$? if [ ${_res} -ne 0 ]; then common::err "pull from git error" diff --git a/charts/helm-install/scripts/check.cue b/charts/helm-install/scripts/check.cue index 4274aa3..23e6271 100644 --- a/charts/helm-install/scripts/check.cue +++ b/charts/helm-install/scripts/check.cue @@ -14,7 +14,9 @@ package recipe // helm upgrade ... --repo ${repo.helm.url} ... // the version will be the chart version helm?: { - url!: string + url!: string + username?: string + password?: string } // {repo.ecr.host}/${repo.ecr.name}:${version} // The version will be the image tag diff --git a/charts/provisioner-config-local/Chart.yaml b/charts/provisioner-config-local/Chart.yaml index c2af640..b280676 100644 --- a/charts/provisioner-config-local/Chart.yaml +++ b/charts/provisioner-config-local/Chart.yaml @@ -8,7 +8,7 @@ apiVersion: v2 name: provisioner-config-local description: Platform Provisioner local config type: application -version: "1.0.73" +version: "1.0.83" appVersion: "2.0.0" home: https://github.com/TIBCOSoftware/tp-helm-charts maintainers: diff --git a/charts/provisioner-config-local/config/pp-deploy-cp-core-on-prem.yaml b/charts/provisioner-config-local/config/pp-deploy-cp-core-on-prem.yaml index 0ea19ba..fd56994 100644 --- a/charts/provisioner-config-local/config/pp-deploy-cp-core-on-prem.yaml +++ b/charts/provisioner-config-local/config/pp-deploy-cp-core-on-prem.yaml @@ -65,7 +65,8 @@ options: guiType: input reference: "meta.guiEnv.GUI_CP_CHART_REPO" description: | - The helm chart repository to deploy CP. The default value is public repo. To use private repo set: https://${GITHUB_TOKEN}@raw.githubusercontent.com/tibco/tp-helm-charts/gh-pages + The helm chart repository to deploy CP. The default value is public repo. + To use private repo set: https://raw.githubusercontent.com/tibco/tp-helm-charts/gh-pages and set `GUI_CP_CHART_REPO_TOKEN` OR use https://${GITHUB_TOKEN}@raw.githubusercontent.com/tibco/tp-helm-charts/gh-pages - name: "CP Chart repo user name" groupIndex: 1 type: string diff --git a/charts/provisioner-config-local/config/pp-deploy-cp-core-upgrade.yaml b/charts/provisioner-config-local/config/pp-deploy-cp-core-upgrade.yaml index 9f99146..c1e3beb 100644 --- a/charts/provisioner-config-local/config/pp-deploy-cp-core-upgrade.yaml +++ b/charts/provisioner-config-local/config/pp-deploy-cp-core-upgrade.yaml @@ -20,7 +20,18 @@ options: reference: "meta.guiEnv.GUI_CP_CHART_REPO" required: true description: | - The helm chart repository to deploy CP. The default value is public repo. To use private repo set: https://${GITHUB_TOKEN}@raw.githubusercontent.com/tibco/tp-helm-charts/gh-pages + The helm chart repository to deploy CP. The default value is public repo. + To use private repo set: https://raw.githubusercontent.com/tibco/tp-helm-charts/gh-pages and set `GUI_CP_CHART_REPO_TOKEN` OR use https://${GITHUB_TOKEN}@raw.githubusercontent.com/tibco/tp-helm-charts/gh-pages +- name: "CP Chart repo user name" + type: string + guiType: input + reference: "meta.guiEnv.GUI_CP_CHART_REPO_USER_NAME" + description: "The CP chart repository user name. (optional)" +- name: "CP Chart repo token" + type: password + guiType: input + reference: "meta.guiEnv.GUI_CP_CHART_REPO_TOKEN" + description: "" - name: "CP instance ID" type: string guiType: input @@ -60,6 +71,8 @@ recipe: | meta: guiEnv: note: "upgrade-cp" + GUI_CP_CHART_REPO_USER_NAME: "cp-test" + GUI_CP_CHART_REPO_TOKEN: "" GUI_CP_INSTANCE_ID: "cp1" GUI_CP_NAMESPACE: "cp1-ns" GUI_CP_PLATFORM_BOOTSTRAP_VERSION: ^1.0.0 @@ -92,6 +105,8 @@ recipe: | repo: helm: url: ${CP_CHART_REPO} + username: ${CP_CHART_REPO_USER_NAME} + password: ${CP_CHART_REPO_TOKEN} values: keepPrevious: true content: | @@ -110,6 +125,8 @@ recipe: | repo: helm: url: ${CP_CHART_REPO} + username: ${CP_CHART_REPO_USER_NAME} + password: ${CP_CHART_REPO_TOKEN} values: keepPrevious: true content: | diff --git a/charts/provisioner-config-local/config/pp-deploy-tp-base-on-prem-cert.yaml b/charts/provisioner-config-local/config/pp-deploy-tp-base-on-prem-cert.yaml index c8c9222..1004724 100644 --- a/charts/provisioner-config-local/config/pp-deploy-tp-base-on-prem-cert.yaml +++ b/charts/provisioner-config-local/config/pp-deploy-tp-base-on-prem-cert.yaml @@ -24,16 +24,16 @@ groups: * MicroK8s: `microk8s-hostpath` (support ReadWriteMany) * OpenShift: `crc-csi-hostpath-provisioner` (Don't support ReadWriteMany) * NFS server provisioner: `nfs` (support ReadWriteMany) -- title: "Cluster tools" +- title: "Database" index: 8 description: | - Cluster tools specific configurations. - * Postgres database is optional if you only want to create a DP Cluster. - * Install provisioner UI ingress for the on-prem setup. You can then access provisioner UI at [https://provisioner.localhost.dataplanes.pro](https://provisioner.localhost.dataplanes.pro) + DB specific configurations. The default value is for postgres pod. - title: "Flow control" index: 10 description: | Change the installation flow control options. + * Postgres database is optional if you only want to create a DP Cluster. + * Install provisioner UI ingress for the on-prem setup. You can then access provisioner UI at [https://provisioner.localhost.dataplanes.pro](https://provisioner.localhost.dataplanes.pro) options: # groupIndex: 1 Cluster Ingress Configuration - name: "TP ingress DNS domain" @@ -120,58 +120,88 @@ options: description: | The size of the NFS server provisioner storage. -# groupIndex: 8 Cluster tools -- name: "Install cert-manager" +# groupIndex: 8 Database +- name: "DB user name" + groupIndex: 8 + type: string + guiType: input + reference: "meta.guiEnv.GUI_TP_DB_USER_NAME" + required: true + description: | + The DB user name. If you provisioner postgres pod; you can use "postgres". If you create RDS; you need to use the RDS master user name. +- name: "DB password" groupIndex: 8 + type: password + guiType: input + reference: "meta.guiEnv.GUI_TP_DB_PASSWORD" + # required: true # cannot set required because of bug + description: | + The DB password. If you provisioner postgres pod; you can use "postgres". If you create RDS; you need to use the RDS master password. +- name: "DB name" + groupIndex: 8 + type: string + guiType: input + reference: "meta.guiEnv.GUI_TP_DB_NAME" + description: | + The Database name +- name: "Enable Postgres TLS" + groupIndex: 8 + type: boolean + guiType: checkbox + reference: "meta.guiEnv.GUI_TP_DB_TLS_ENABLED" + description: | + Enable TLS for Postgres + +# groupIndex: 10 Flow control +- name: "Install cert-manager" + groupIndex: 10 type: boolean guiType: checkbox reference: "meta.guiEnv.GUI_TP_INSTALL_CERT_MANAGER" description: | Install cert-manager for TP Cluster - name: "Install metrics-server" - groupIndex: 8 + groupIndex: 10 type: boolean guiType: checkbox reference: "meta.guiEnv.GUI_TP_INSTALL_METRICS_SERVER" description: | Install metrics-server for TP Cluster - name: "Install nfs-server-provisioner" - groupIndex: 8 + groupIndex: 10 type: boolean guiType: checkbox reference: "meta.guiEnv.GUI_TP_INSTALL_NFS_SERVER_PROVISIONER" description: | Install NFS server provisioner for TP Cluster - name: "Install Postgres" - groupIndex: 8 + groupIndex: 10 type: boolean guiType: checkbox reference: "meta.guiEnv.GUI_TP_INSTALL_POSTGRES" description: | Install Postgres database for TP Cluster - name: "Install Provisioner UI Ingress object" - groupIndex: 8 + groupIndex: 10 type: boolean guiType: checkbox reference: "meta.guiEnv.GUI_TP_INSTALL_PROVISIONER_UI" description: | This will update Provisioner UI ingress - name: "Provisioner UI Ingress class name" - groupIndex: 8 + groupIndex: 10 type: string guiType: input reference: "meta.guiEnv.GUI_TP_PROVISIONER_UI_INGRESS_CLASSNAME" description: | Ingress class name for Provisioner UI. Default is `nginx` - name: "Provisioner UI namespace" - groupIndex: 8 + groupIndex: 10 type: string guiType: input reference: "meta.guiEnv.GUI_TP_PROVISIONER_UI_NAMESPACE" description: | Namespace for Provisioner UI. Default is `tekton-tasks` - -# groupIndex: 10 Flow control - name: "Enable pipline debug logs" groupIndex: 10 type: boolean diff --git a/charts/provisioner-config-local/config/pp-deploy-tp-base-on-prem.yaml b/charts/provisioner-config-local/config/pp-deploy-tp-base-on-prem.yaml index 511a935..284cda4 100644 --- a/charts/provisioner-config-local/config/pp-deploy-tp-base-on-prem.yaml +++ b/charts/provisioner-config-local/config/pp-deploy-tp-base-on-prem.yaml @@ -24,16 +24,16 @@ groups: * MicroK8s: `microk8s-hostpath` (support ReadWriteMany) * OpenShift: `crc-csi-hostpath-provisioner` (Don't support ReadWriteMany) * NFS server provisioner: `nfs` (support ReadWriteMany) -- title: "Cluster tools" +- title: "Database" index: 8 description: | - Cluster tools specific configurations. - * Postgres database is optional if you only want to create a DP Cluster. - * Install provisioner UI ingress for the on-prem setup. You can then access provisioner UI at [https://provisioner.localhost.dataplanes.pro](https://provisioner.localhost.dataplanes.pro) + DB specific configurations. The default value is for postgres pod. - title: "Flow control" index: 10 description: | Change the installation flow control options. + * Postgres database is optional if you only want to create a DP Cluster. + * Install provisioner UI ingress for the on-prem setup. You can then access provisioner UI at [https://provisioner.localhost.dataplanes.pro](https://provisioner.localhost.dataplanes.pro) options: # groupIndex: 1 Cluster Ingress Configuration - name: "TP ingress DNS domain" @@ -104,58 +104,88 @@ options: description: | The size of the NFS server provisioner storage. -# groupIndex: 8 Cluster tools -- name: "Install cert-manager" +# groupIndex: 8 Database +- name: "DB user name" + groupIndex: 8 + type: string + guiType: input + reference: "meta.guiEnv.GUI_TP_DB_USER_NAME" + required: true + description: | + The DB user name. If you provisioner postgres pod; you can use "postgres". If you create RDS; you need to use the RDS master user name. +- name: "DB password" groupIndex: 8 + type: password + guiType: input + reference: "meta.guiEnv.GUI_TP_DB_PASSWORD" + # required: true # cannot set required because of bug + description: | + The DB password. If you provisioner postgres pod; you can use "postgres". If you create RDS; you need to use the RDS master password. +- name: "DB name" + groupIndex: 8 + type: string + guiType: input + reference: "meta.guiEnv.GUI_TP_DB_NAME" + description: | + The Database name +- name: "Enable Postgres TLS" + groupIndex: 8 + type: boolean + guiType: checkbox + reference: "meta.guiEnv.GUI_TP_DB_TLS_ENABLED" + description: | + Enable TLS for Postgres + +# groupIndex: 10 Flow control +- name: "Install cert-manager" + groupIndex: 10 type: boolean guiType: checkbox reference: "meta.guiEnv.GUI_TP_INSTALL_CERT_MANAGER" description: | Install cert-manager for TP Cluster - name: "Install metrics-server" - groupIndex: 8 + groupIndex: 10 type: boolean guiType: checkbox reference: "meta.guiEnv.GUI_TP_INSTALL_METRICS_SERVER" description: | Install metrics-server for TP Cluster - name: "Install nfs-server-provisioner" - groupIndex: 8 + groupIndex: 10 type: boolean guiType: checkbox reference: "meta.guiEnv.GUI_TP_INSTALL_NFS_SERVER_PROVISIONER" description: | Install NFS server provisioner for TP Cluster - name: "Install Postgres" - groupIndex: 8 + groupIndex: 10 type: boolean guiType: checkbox reference: "meta.guiEnv.GUI_TP_INSTALL_POSTGRES" description: | Install Postgres database for TP Cluster - name: "Install Provisioner UI Ingress object" - groupIndex: 8 + groupIndex: 10 type: boolean guiType: checkbox reference: "meta.guiEnv.GUI_TP_INSTALL_PROVISIONER_UI" description: | This will update Provisioner UI ingress - name: "Provisioner UI Ingress class name" - groupIndex: 8 + groupIndex: 10 type: string guiType: input reference: "meta.guiEnv.GUI_TP_PROVISIONER_UI_INGRESS_CLASSNAME" description: | Ingress class name for Provisioner UI. Default is `nginx` - name: "Provisioner UI namespace" - groupIndex: 8 + groupIndex: 10 type: string guiType: input reference: "meta.guiEnv.GUI_TP_PROVISIONER_UI_NAMESPACE" description: | Namespace for Provisioner UI. Default is `tekton-tasks` - -# groupIndex: 10 Flow control - name: "Enable pipline debug logs" groupIndex: 10 type: boolean diff --git a/charts/provisioner-config-local/recipes/pp-deploy-cp-core-on-prem.yaml b/charts/provisioner-config-local/recipes/pp-deploy-cp-core-on-prem.yaml index 8dcb200..40c88c6 100644 --- a/charts/provisioner-config-local/recipes/pp-deploy-cp-core-on-prem.yaml +++ b/charts/provisioner-config-local/recipes/pp-deploy-cp-core-on-prem.yaml @@ -455,6 +455,8 @@ helmCharts: repo: helm: url: ${CP_CHART_REPO} + username: ${CP_CHART_REPO_USER_NAME} + password: ${CP_CHART_REPO_TOKEN} values: keepPrevious: false content: | @@ -730,6 +732,8 @@ helmCharts: repo: helm: url: ${CP_CHART_REPO} + username: ${CP_CHART_REPO_USER_NAME} + password: ${CP_CHART_REPO_TOKEN} values: keepPrevious: false content: | diff --git a/charts/provisioner-config-local/recipes/tp-base-on-prem-https.yaml b/charts/provisioner-config-local/recipes/tp-base-on-prem-https.yaml index d5ae6a7..4479333 100644 --- a/charts/provisioner-config-local/recipes/tp-base-on-prem-https.yaml +++ b/charts/provisioner-config-local/recipes/tp-base-on-prem-https.yaml @@ -28,6 +28,10 @@ meta: GUI_TP_PROVISIONER_UI_NAMESPACE: tekton-tasks GUI_TP_INSTALL_NFS_SERVER_PROVISIONER: false GUI_TP_INSTALL_POSTGRES: true + GUI_TP_DB_USER_NAME: postgres + GUI_TP_DB_PASSWORD: postgres + GUI_TP_DB_NAME: postgres + GUI_TP_DB_TLS_ENABLED: false GUI_TP_INSTALL_PROVISIONER_UI: true GUI_TP_INSTALL_CERT_MANAGER: true GUI_TP_INSTALL_METRICS_SERVER: true @@ -55,15 +59,15 @@ meta: TP_NFS_SERVER_PROVISIONER_STORAGE_CLASS_NAME: ${GUI_TP_NFS_SERVER_PROVISIONER_STORAGE_CLASS_NAME:-"nfs"} # third party TP_EXT_NAMESPACE: tibco-ext - TP_INSTALL_PROVISIONER_UI: ${GUI_TP_INSTALL_PROVISIONER_UI:-"true"} + TP_INSTALL_PROVISIONER_UI: ${GUI_TP_INSTALL_PROVISIONER_UI:-"false"} TP_PROVISIONER_UI_NAMESPACE: ${GUI_TP_PROVISIONER_UI_NAMESPACE:-"tekton-tasks"} TP_PROVISIONER_UI_INGRESS_CLASSNAME: ${GUI_TP_PROVISIONER_UI_INGRESS_CLASSNAME:-"nginx"} # CP DB setup env TP_INSTALL_POSTGRES: ${GUI_TP_INSTALL_POSTGRES:-"true"} - TP_DB_USER_NAME: ${GUI_TP_DB_USER_NAME:-"postgres"} # TP_RDS_USERNAME in create-rds.sh - TP_DB_PASSWORD: ${GUI_TP_DB_PASSWORD:-"postgres"} # TP_RDS_MASTER_PASSWORD in create-rds.sh - TP_DB_NAME: postgres - TP_DB_SECRET_NAME: provider-cp-database-credentials # not used + TP_DB_USER_NAME: ${GUI_TP_DB_USER_NAME:-"postgres"} + TP_DB_PASSWORD: ${GUI_TP_DB_PASSWORD:-"postgres"} + TP_DB_NAME: ${GUI_TP_DB_NAME:-"postgres"} + TP_DB_TLS_ENABLED: ${GUI_TP_DB_TLS_ENABLED:-"false"} # flow control TP_INSTALL_CERT_MANAGER: ${GUI_TP_INSTALL_CERT_MANAGER:-true} TP_INSTALL_METRICS_SERVER: ${GUI_TP_INSTALL_METRICS_SERVER:-true} @@ -270,6 +274,9 @@ helmCharts: database: "${TP_DB_NAME}" global: storageClass: ${TP_STORAGE_CLASS} + tls: + enabled: ${TP_DB_TLS_ENABLED} + autoGenerated: true flags: createNamespace: true timeout: 1h diff --git a/charts/provisioner-config-local/recipes/tp-base-on-prem.yaml b/charts/provisioner-config-local/recipes/tp-base-on-prem.yaml index 694a23e..3d0dc07 100644 --- a/charts/provisioner-config-local/recipes/tp-base-on-prem.yaml +++ b/charts/provisioner-config-local/recipes/tp-base-on-prem.yaml @@ -26,6 +26,10 @@ meta: GUI_TP_PROVISIONER_UI_NAMESPACE: tekton-tasks GUI_TP_INSTALL_NFS_SERVER_PROVISIONER: false GUI_TP_INSTALL_POSTGRES: true + GUI_TP_DB_USER_NAME: postgres + GUI_TP_DB_PASSWORD: postgres + GUI_TP_DB_NAME: postgres + GUI_TP_DB_TLS_ENABLED: false GUI_TP_INSTALL_PROVISIONER_UI: true GUI_TP_INSTALL_CERT_MANAGER: true GUI_TP_INSTALL_METRICS_SERVER: true @@ -51,15 +55,15 @@ meta: TP_NFS_SERVER_PROVISIONER_STORAGE_CLASS_NAME: ${GUI_TP_NFS_SERVER_PROVISIONER_STORAGE_CLASS_NAME:-"nfs"} # third party TP_EXT_NAMESPACE: tibco-ext - TP_INSTALL_PROVISIONER_UI: ${GUI_TP_INSTALL_PROVISIONER_UI:-"true"} + TP_INSTALL_PROVISIONER_UI: ${GUI_TP_INSTALL_PROVISIONER_UI:-"false"} TP_PROVISIONER_UI_NAMESPACE: ${GUI_TP_PROVISIONER_UI_NAMESPACE:-"tekton-tasks"} TP_PROVISIONER_UI_INGRESS_CLASSNAME: ${GUI_TP_PROVISIONER_UI_INGRESS_CLASSNAME:-"nginx"} # CP DB setup env TP_INSTALL_POSTGRES: ${GUI_TP_INSTALL_POSTGRES:-"true"} - TP_DB_USER_NAME: ${GUI_TP_DB_USER_NAME:-"postgres"} # TP_RDS_USERNAME in create-rds.sh - TP_DB_PASSWORD: ${GUI_TP_DB_PASSWORD:-"postgres"} # TP_RDS_MASTER_PASSWORD in create-rds.sh - TP_DB_NAME: postgres - TP_DB_SECRET_NAME: provider-cp-database-credentials # not used + TP_DB_USER_NAME: ${GUI_TP_DB_USER_NAME:-"postgres"} + TP_DB_PASSWORD: ${GUI_TP_DB_PASSWORD:-"postgres"} + TP_DB_NAME: ${GUI_TP_DB_NAME:-"postgres"} + TP_DB_TLS_ENABLED: ${GUI_TP_DB_TLS_ENABLED:-"false"} # flow control TP_INSTALL_CERT_MANAGER: ${GUI_TP_INSTALL_CERT_MANAGER:-true} TP_INSTALL_METRICS_SERVER: ${GUI_TP_INSTALL_METRICS_SERVER:-true} @@ -206,6 +210,9 @@ helmCharts: database: "${TP_DB_NAME}" global: storageClass: ${TP_STORAGE_CLASS} + tls: + enabled: ${TP_DB_TLS_ENABLED} + autoGenerated: true flags: createNamespace: true timeout: 1h diff --git a/docs/recipes/controlplane/tp-cp.yaml b/docs/recipes/controlplane/tp-cp.yaml index 59ab3b0..4bd4291 100644 --- a/docs/recipes/controlplane/tp-cp.yaml +++ b/docs/recipes/controlplane/tp-cp.yaml @@ -370,6 +370,8 @@ helmCharts: repo: helm: url: ${CP_CHART_REPO} + username: ${CP_CHART_REPO_USER_NAME} + password: ${CP_CHART_REPO_TOKEN} values: keepPrevious: false content: | @@ -645,6 +647,8 @@ helmCharts: repo: helm: url: ${CP_CHART_REPO} + username: ${CP_CHART_REPO_USER_NAME} + password: ${CP_CHART_REPO_TOKEN} values: keepPrevious: false content: | diff --git a/docs/recipes/k8s/cloud/deploy-tp-aks.yaml b/docs/recipes/k8s/cloud/deploy-tp-aks.yaml index 2fed18d..27695e8 100644 --- a/docs/recipes/k8s/cloud/deploy-tp-aks.yaml +++ b/docs/recipes/k8s/cloud/deploy-tp-aks.yaml @@ -15,7 +15,7 @@ meta: PIPELINE_CHECK_DOCKER_STATUS: false # github GITHUB_TOKEN: ${GUI_GITHUB_TOKEN} - TP_CHART_REPO: https://${GITHUB_TOKEN}@raw.githubusercontent.com/tibco/tp-helm-charts/gh-pages + TP_CHART_REPO: ${GUI_TP_CHART_REPO:-"https://tibcosoftware.github.io/tp-helm-charts"} PLATFORM_PROVISIONER_REPO: ${GUI_PLATFORM_PROVISIONER_REPO:-github.com/TIBCOSoftware/platform-provisioner} # Azure env diff --git a/docs/recipes/k8s/cloud/deploy-tp-eks.yaml b/docs/recipes/k8s/cloud/deploy-tp-eks.yaml index 0990efd..ab1d96f 100644 --- a/docs/recipes/k8s/cloud/deploy-tp-eks.yaml +++ b/docs/recipes/k8s/cloud/deploy-tp-eks.yaml @@ -15,7 +15,7 @@ meta: PIPELINE_CHECK_DOCKER_STATUS: false # github GITHUB_TOKEN: ${GUI_GITHUB_TOKEN} - TP_CHART_REPO: https://tibcosoftware.github.io/tp-helm-charts + TP_CHART_REPO: ${GUI_TP_CHART_REPO:-"https://tibcosoftware.github.io/tp-helm-charts"} PLATFORM_PROVISIONER_REPO: github.com/TIBCOSoftware/platform-provisioner # cluster TP_CLUSTER_NAME: ${GUI_TP_CLUSTER_NAME} diff --git a/docs/recipes/tp-base/tp-base-on-prem-https.yaml b/docs/recipes/tp-base/tp-base-on-prem-https.yaml index 73253e3..8a0b746 100644 --- a/docs/recipes/tp-base/tp-base-on-prem-https.yaml +++ b/docs/recipes/tp-base/tp-base-on-prem-https.yaml @@ -32,19 +32,19 @@ meta: TP_STORAGE_CLASS: ${GUI_TP_STORAGE_CLASS:-"standard"} # hostpath for docker desktop, standard for minikube and kind, microk8s-hostpath for microk8s TP_STORAGE_CLASS_FOR_NFS_SERVER_PROVISIONER: ${GUI_TP_STORAGE_CLASS_FOR_NFS_SERVER_PROVISIONER:-""} TP_INSTALL_NFS_SERVER_PROVISIONER: ${GUI_TP_INSTALL_NFS_SERVER_PROVISIONER:-"false"} - TP_NFS_SERVER_PROVISIONER_SIZE: ${GUI_TP_NFS_SERVER_PROVISIONER_SIZE:-"200Gi"} + TP_NFS_SERVER_PROVISIONER_SIZE: ${GUI_TP_NFS_SERVER_PROVISIONER_SIZE:-"50Gi"} TP_NFS_SERVER_PROVISIONER_STORAGE_CLASS_NAME: ${GUI_TP_NFS_SERVER_PROVISIONER_STORAGE_CLASS_NAME:-"nfs"} # third party TP_EXT_NAMESPACE: tibco-ext - TP_INSTALL_PROVISIONER_UI: ${GUI_TP_INSTALL_PROVISIONER_UI:-"true"} + TP_INSTALL_PROVISIONER_UI: ${GUI_TP_INSTALL_PROVISIONER_UI:-"false"} TP_PROVISIONER_UI_NAMESPACE: ${GUI_TP_PROVISIONER_UI_NAMESPACE:-"tekton-tasks"} TP_PROVISIONER_UI_INGRESS_CLASSNAME: ${GUI_TP_PROVISIONER_UI_INGRESS_CLASSNAME:-"nginx"} # CP DB setup env TP_INSTALL_POSTGRES: ${GUI_TP_INSTALL_POSTGRES:-"true"} - TP_DB_USER_NAME: ${GUI_TP_DB_USER_NAME:-"postgres"} # TP_RDS_USERNAME in create-rds.sh - TP_DB_PASSWORD: ${GUI_TP_DB_PASSWORD:-"postgres"} # TP_RDS_MASTER_PASSWORD in create-rds.sh - TP_DB_NAME: postgres - TP_DB_SECRET_NAME: provider-cp-database-credentials # not used + TP_DB_USER_NAME: ${GUI_TP_DB_USER_NAME:-"postgres"} + TP_DB_PASSWORD: ${GUI_TP_DB_PASSWORD:-"postgres"} + TP_DB_NAME: ${GUI_TP_DB_NAME:-"postgres"} + TP_DB_TLS_ENABLED: ${GUI_TP_DB_TLS_ENABLED:-"false"} # flow control TP_INSTALL_CERT_MANAGER: ${GUI_TP_INSTALL_CERT_MANAGER:-true} TP_INSTALL_METRICS_SERVER: ${GUI_TP_INSTALL_METRICS_SERVER:-true} @@ -251,6 +251,9 @@ helmCharts: database: "${TP_DB_NAME}" global: storageClass: ${TP_STORAGE_CLASS} + tls: + enabled: ${TP_DB_TLS_ENABLED} + autoGenerated: true flags: createNamespace: true timeout: 1h diff --git a/docs/recipes/tp-base/tp-base-on-prem.yaml b/docs/recipes/tp-base/tp-base-on-prem.yaml index 1618a4a..f740d5b 100644 --- a/docs/recipes/tp-base/tp-base-on-prem.yaml +++ b/docs/recipes/tp-base/tp-base-on-prem.yaml @@ -30,19 +30,19 @@ meta: TP_STORAGE_CLASS: ${GUI_TP_STORAGE_CLASS:-"standard"} # hostpath for docker desktop, standard for minikube and kind, microk8s-hostpath for microk8s TP_STORAGE_CLASS_FOR_NFS_SERVER_PROVISIONER: ${GUI_TP_STORAGE_CLASS_FOR_NFS_SERVER_PROVISIONER:-""} TP_INSTALL_NFS_SERVER_PROVISIONER: ${GUI_TP_INSTALL_NFS_SERVER_PROVISIONER:-"false"} - TP_NFS_SERVER_PROVISIONER_SIZE: ${GUI_TP_NFS_SERVER_PROVISIONER_SIZE:-"200Gi"} + TP_NFS_SERVER_PROVISIONER_SIZE: ${GUI_TP_NFS_SERVER_PROVISIONER_SIZE:-"50Gi"} TP_NFS_SERVER_PROVISIONER_STORAGE_CLASS_NAME: ${GUI_TP_NFS_SERVER_PROVISIONER_STORAGE_CLASS_NAME:-"nfs"} # third party TP_EXT_NAMESPACE: tibco-ext - TP_INSTALL_PROVISIONER_UI: ${GUI_TP_INSTALL_PROVISIONER_UI:-"true"} + TP_INSTALL_PROVISIONER_UI: ${GUI_TP_INSTALL_PROVISIONER_UI:-"false"} TP_PROVISIONER_UI_NAMESPACE: ${GUI_TP_PROVISIONER_UI_NAMESPACE:-"tekton-tasks"} TP_PROVISIONER_UI_INGRESS_CLASSNAME: ${GUI_TP_PROVISIONER_UI_INGRESS_CLASSNAME:-"nginx"} # CP DB setup env TP_INSTALL_POSTGRES: ${GUI_TP_INSTALL_POSTGRES:-"true"} - TP_DB_USER_NAME: ${GUI_TP_DB_USER_NAME:-"postgres"} # TP_RDS_USERNAME in create-rds.sh - TP_DB_PASSWORD: ${GUI_TP_DB_PASSWORD:-"postgres"} # TP_RDS_MASTER_PASSWORD in create-rds.sh - TP_DB_NAME: postgres - TP_DB_SECRET_NAME: provider-cp-database-credentials # not used + TP_DB_USER_NAME: ${GUI_TP_DB_USER_NAME:-"postgres"} + TP_DB_PASSWORD: ${GUI_TP_DB_PASSWORD:-"postgres"} + TP_DB_NAME: ${GUI_TP_DB_NAME:-"postgres"} + TP_DB_TLS_ENABLED: ${GUI_TP_DB_TLS_ENABLED:-"false"} # flow control TP_INSTALL_CERT_MANAGER: ${GUI_TP_INSTALL_CERT_MANAGER:-true} TP_INSTALL_METRICS_SERVER: ${GUI_TP_INSTALL_METRICS_SERVER:-true} @@ -189,6 +189,9 @@ helmCharts: database: "${TP_DB_NAME}" global: storageClass: ${TP_STORAGE_CLASS} + tls: + enabled: ${TP_DB_TLS_ENABLED} + autoGenerated: true flags: createNamespace: true timeout: 1h