From fad88de6e3eba8a721d61cacfea35a462e4f2369 Mon Sep 17 00:00:00 2001
From: Javier Evans <j.evans@f5.com>
Date: Tue, 14 Nov 2023 20:49:18 -0800
Subject: [PATCH] clean up

---
 bin/setup_venv.sh                                    |  7 -------
 docker/Dockerfile.debian                             |  8 +++-----
 pulumi/python/Pipfile                                |  6 +++---
 pulumi/python/automation/providers/aws.py            |  2 +-
 pulumi/python/infrastructure/aws/eks/__main__.py     |  6 ++----
 pulumi/python/infrastructure/aws/eks/iam.py          |  1 -
 pulumi/python/kubernetes/logstore/__main__.py        | 12 ------------
 .../kubernetes/nginx/ingress-controller/__main__.py  |  1 -
 8 files changed, 9 insertions(+), 34 deletions(-)

diff --git a/bin/setup_venv.sh b/bin/setup_venv.sh
index f6cfb3b8..d62cb441 100755
--- a/bin/setup_venv.sh
+++ b/bin/setup_venv.sh
@@ -206,9 +206,6 @@ pip3 install pipenv
 pip3 install wheel
 pip3 install nodeenv
 
-# `pipenv sync` uses only the information in the `Pipfile.lock` ensuring repeatable builds
-# PIPENV_VERBOSITY=-1 PIPENV_PIPFILE="${script_dir}/../pulumi/python/Pipfile" pipenv sync --dev
-
 # Install node.js into virtual environment so that it can be used by Python
 # modules that make call outs to it.
 if [ ! -x "${VIRTUAL_ENV}/bin/node" ]; then
@@ -217,14 +214,10 @@ else
 	echo "Node.js version $("${VIRTUAL_ENV}/bin/node" --version) is already installed"
 fi
 
-echo "About to install deps"
 # Install general package requirements
 # `pipenv sync` uses only the information in the `Pipfile.lock` ensuring repeatable builds
 PIPENV_VERBOSITY=-1 PIPENV_PIPFILE="${script_dir}/../pulumi/python/Pipfile" pipenv sync
 
-
-echo "about to install local pulumi utils"
-pip3 install setuptools
 # Install local common utilities module
 pip3 install "${script_dir}/../pulumi/python/utility/kic-pulumi-utils"
 
diff --git a/docker/Dockerfile.debian b/docker/Dockerfile.debian
index a2468122..9a96fecb 100644
--- a/docker/Dockerfile.debian
+++ b/docker/Dockerfile.debian
@@ -35,11 +35,9 @@ RUN set -eux; \
         nano \
         vim \
         wget \
-        zlib1g-dev;
-
-    RUN su --group runner runner --login --command '/pulumi/projects/kic-reference-architectures/bin/setup_venv.sh';
-
-    RUN echo 'source /pulumi/projects/kic-reference-architectures/pulumi/python/venv/bin/activate' >> /pulumi/projects/kic-reference-architectures/.bashrc; \
+        zlib1g-dev \
+    su --group runner runner --login --command '/pulumi/projects/kic-reference-architectures/bin/setup_venv.sh' \
+    echo 'source /pulumi/projects/kic-reference-architectures/pulumi/python/venv/bin/activate' >> /pulumi/projects/kic-reference-architectures/.bashrc; \
     apt-get purge --yes \
         gcc \
         libbz2-dev \
diff --git a/pulumi/python/Pipfile b/pulumi/python/Pipfile
index e0f6e766..83065bee 100644
--- a/pulumi/python/Pipfile
+++ b/pulumi/python/Pipfile
@@ -16,13 +16,13 @@ pycryptodome = "~=3.14.0"
 requests = "~=2.27.1"
 setuptools = "==49.6.0"
 setuptools-git-versioning = "==1.9.2"
-yamlreader = "*"
+yamlreader = "==3.0.4"
 pulumi-digitalocean = "==4.12.0"
 pulumi = "~=3.93"
-grpcio = "*"
+grpcio = "==1.56.2"
 PyYAML = "==6.0.1"
 wheel = "0.41.3"
 nodeenv = "~=1.6.0"
 
 [requires]
-python_version = "3.11"
\ No newline at end of file
+python_version = "3.11"
diff --git a/pulumi/python/automation/providers/aws.py b/pulumi/python/automation/providers/aws.py
index b7449d0d..52862d03 100644
--- a/pulumi/python/automation/providers/aws.py
+++ b/pulumi/python/automation/providers/aws.py
@@ -140,7 +140,7 @@ def validate_selected_azs(selected: List[str]) -> bool:
         print(f"AWS availability zones: {', '.join(config['vpc:azs'])}")
 
         # EKS version
-        default_version = defaults['eks:k8s_version']
+        default_version = defaults['eks:k8s_version'] or '1.28'
         config['eks:k8s_version'] = input(f'EKS Kubernetes version [{default_version}]: ').strip() or default_version
         print(f"EKS Kubernetes version: {config['eks:k8s_version']}")
 
diff --git a/pulumi/python/infrastructure/aws/eks/__main__.py b/pulumi/python/infrastructure/aws/eks/__main__.py
index 0834caa9..89a28428 100644
--- a/pulumi/python/infrastructure/aws/eks/__main__.py
+++ b/pulumi/python/infrastructure/aws/eks/__main__.py
@@ -122,14 +122,13 @@ def retrieve_vpc_and_subnets(vpc) -> VPCDefinition:
         )
     )
 
+# This gives the EBS CSI Driver role permissions to manage volumes on the ec2 instance
 aws.iam.RolePolicyAttachment(
     'eks-ebs-csi-driver-policy-attachment',
     role=csi_role.id,
     policy_arn='arn:aws:iam::aws:policy/service-role/AmazonEBSCSIDriverPolicy'
 )
 
-# TODO: Do I need to assign the role to the CSI Driver?  Most likely?
-
 # Creating an EKS Addon for the CSI Driver
 csi_addon = aws.eks.Addon("aws-ebs-csi-driver",
                            cluster_name=cluster.eks_cluster.name,
@@ -139,5 +138,4 @@ def retrieve_vpc_and_subnets(vpc) -> VPCDefinition:
 # Export the clusters' kubeconfig
 pulumi.export("cluster_name", cluster.eks_cluster.name)
 pulumi.export("kubeconfig", cluster.kubeconfig)
-pulumi.export("csi_iam_role", csi_role)
-pulumi.export("csi_addon", csi_addon)
+
diff --git a/pulumi/python/infrastructure/aws/eks/iam.py b/pulumi/python/infrastructure/aws/eks/iam.py
index 0c9a3146..9e9cc33a 100644
--- a/pulumi/python/infrastructure/aws/eks/iam.py
+++ b/pulumi/python/infrastructure/aws/eks/iam.py
@@ -68,4 +68,3 @@
     role=ec2_role.id,
     policy_arn='arn:aws:iam::aws:policy/AmazonEC2ContainerRegistryReadOnly',
 )
-
diff --git a/pulumi/python/kubernetes/logstore/__main__.py b/pulumi/python/kubernetes/logstore/__main__.py
index 020e9bb0..aaf48da8 100644
--- a/pulumi/python/kubernetes/logstore/__main__.py
+++ b/pulumi/python/kubernetes/logstore/__main__.py
@@ -83,16 +83,8 @@ def project_name_from_project_dir(dirname: str):
 
     # Values from Chart's parameters specified hierarchically,
     values={
-        # "image": {
-        #     "debug": True
-        # },
-        # "diagnosticMode": {
-        #     "enabled": True
-        # },
         "master": {
             "replicas": master_replicas,
-            # "livenessProbe": 300,
-            # "readinessProbe": 180,
             "resources": {
                 "requests": {},
                 "limits": {}
@@ -103,8 +95,6 @@ def project_name_from_project_dir(dirname: str):
         },
         "data": {
             "replicas": data_replicas,
-            # "livenessProbe": 300,
-            # "readinessProbe": 180,
             "resources": {
                 "requests": {},
                 "limits": {}
@@ -116,8 +106,6 @@ def project_name_from_project_dir(dirname: str):
         "ingest": {
             "enabled": True,
             "replicas": ingest_replicas,
-            # "livenessProbe": 300,
-            # "readinessProbe": 180,
             "resources": {
                 "requests": {},
                 "limits": {}
diff --git a/pulumi/python/kubernetes/nginx/ingress-controller/__main__.py b/pulumi/python/kubernetes/nginx/ingress-controller/__main__.py
index 74370a31..4186c007 100644
--- a/pulumi/python/kubernetes/nginx/ingress-controller/__main__.py
+++ b/pulumi/python/kubernetes/nginx/ingress-controller/__main__.py
@@ -219,7 +219,6 @@ def namespace_by_name(name):
                                                                               provider=k8s_provider))
 
 pstatus = kic_chart.status
-pstatus.apply(lambda status: pulumi.log.info(f"[DEBUG]: Helm chart status: {status}"))
 srv = Service.get(resource_name="nginx-ingress",
                   id=Output.concat("nginx-ingress", "/", pstatus.name, "-nginx-ingress-controller"),
                   opts=pulumi.ResourceOptions(provider=k8s_provider))