WIP: Improve hydra chart

RADAR-base · Jul 12, 2024 · 30e7467 · 30e7467
1 parent 9b82693
commit 30e7467
Show file tree

Hide file tree

Showing 9 changed files with 160 additions and 191 deletions.
diff --git a/.github/ci_config/ci-config.yaml b/.github/ci_config/ci-config.yaml
@@ -0,0 +1,57 @@
+atomicInstall: false
+base_timeout: 180
+
+elasticsearch:
+  resources:
+    requests:
+      cpu: "100m"
+      memory: "500Mi"
+
+kafka_manager:
+  _install: false
+
+confluent_cloud:
+  enabled: false
+
+cp_kafka:
+  persistence:
+    size: 1Gi
+
+postgresql:
+  primary:
+    resources:
+      requests:
+        cpu: 50m
+    persistence:
+      size: 1Gi
+
+radar_appserver_postgresql:
+  primary:
+    resources:
+      requests:
+        cpu: 50m
+    persistence:
+      size: 1Gi
+
+timescaledb:
+  primary:
+    resources:
+      requests:
+        cpu: 50m
+    persistence:
+      size: 1Gi
+
+minio:
+  persistence:
+    size: 1Gi
+
+radar_upload_postgresql:
+  primary:
+    resources:
+      requests:
+        cpu: 50m
+    persistence:
+      size: 1Gi
+
+ccSchemaRegistryProxy:
+  _install: false
diff --git a/.github/ci_config/install-all.yaml b/.github/ci_config/install-all.yaml
diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml
@@ -47,10 +47,11 @@ jobs:
         run: |
           ./.github/ci_config/bin/install-dependencies
 
-      - name: Prepare the environment
+      - name: Prepare the environment (add secrets and enable installation of all components)
         run: |
           DNAME='CN=CI,O=TheHyve,L=Utrecht,C=NL' ./bin/init
-          yq -i -f process '.environments.default.values += ["../.github/ci_config/install-all.yaml", "../.github/ci_config/secrets.yaml.gotmpl"]' environments.yaml
+          yq -i -f process '.environments.default.values += ["../.github/ci_config/ci-config.yaml", "../.github/ci_config/secrets.yaml.gotmpl"]' environments.yaml
+          sed -i '/_install: /s/false/true/' etc/production.yaml
 
       - name: Run helmfile template
         env:

diff --git a/etc/base.yaml b/etc/base.yaml
@@ -56,7 +56,7 @@ cert_manager:
 # kubectl --context <my-context> apply --force-conflicts --server-side -f etc/kube-prometheus-stack/files/crds.yaml
 kube_prometheus_stack:
   _install: true
-  _chart_version: 0.4.2
+  _chart_version: 0.4.3
   _extra_timeout: 0
   kube-prometheus-stack:
     prometheus:
@@ -89,7 +89,7 @@ kube_prometheus_stack:
 # Always needed
 nginx_ingress:
   _install: true
-  _chart_version: 4.1.0
+  _chart_version: 4.10.1
   _extra_timeout: 0
   controller:
     replicaCount: 1
@@ -280,13 +280,13 @@ radar_oura_connector:
 
 radar_rest_sources_authorizer:
   _install: false
-  _chart_version: 1.1.2
+  _chart_version: 1.1.4
   _extra_timeout: 0
   replicaCount: 1
 
 radar_rest_sources_backend:
   _install: false
-  _chart_version: 1.1.2
+  _chart_version: 1.1.3
   _extra_timeout: 0
   replicaCount: 1
   postgres:
@@ -425,7 +425,7 @@ radar_integration:
 
 redis:
   _install: true
-  _chart_version: 16.8.7
+  _chart_version: 19.1.6
   _extra_timeout: 0
   metrics:
     enabled: true

diff --git a/etc/cp-ksql-server/questionnaire_app_event_observations.sql b/etc/cp-ksql-server/questionnaire_app_event_observations.sql
@@ -19,8 +19,8 @@ SELECT
     q.userId AS SUBJECT,
     q.sourceId AS SOURCE,
     'questionnaire_app_event' as TOPIC_NAME,
-    CAST(NULL as VARCHAR) as CATEGORY,
-    q.questionnaireName as VARIABLE,
+    q.questionnaireName as CATEGORY,
+    q.eventType as VARIABLE,
     FROM_UNIXTIME(CAST(q.time * 1000 AS BIGINT)) as OBSERVATION_TIME,
     CAST(NULL as TIMESTAMP) as OBSERVATION_TIME_END,
     'STRING_JSON' as TYPE,

diff --git a/etc/hydra-ui/values.yaml b/etc/hydra-ui/values.yaml
@@ -1,17 +1,17 @@
 hydraAdminUrl: http://hydra-admin:4445
 hydraPublicUrl: http://hydra-public:4444
-baseUrl: https://radar-k3s-test.thehyve.net/hydra-ui/
+baseUrl: https://localhost/hydra-ui/
 
 ingress:
   enabled: true
   className: nginx
   annotations:
     nginx.ingress.kubernetes.io/rewrite-target: /$1
   hosts:
-    - host: radar-k3s-test.thehyve.net
+    - host: localhost
       paths:
         - path: "/hydra-ui/?(.*)"
           pathType: ImplementationSpecific
   tls:
-    - hosts: [radar-k3s-test.thehyve.net]
+    - hosts: [localhost]
       secretName: radar-base-tls
diff --git a/etc/hydra/values.yaml b/etc/hydra/values.yaml
@@ -10,38 +10,35 @@ ingress:
           - path: "/admin/hydra/?(.*)"
             pathType: ImplementationSpecific
     tls:
-      - secretName: hydra-admin-tls
-        host:
-          - radar-k3s-test.thehyve.net
+      - secretName: radar-base-tls
+        hosts:
+          - localhost
   public:
     enabled: true
     className: "nginx"
     annotations:
       nginx.ingress.kubernetes.io/rewrite-target: /$1
       cert-manager.io/cluster-issuer: letsencrypt-prod
     hosts:
-      - host: radar-k3s-test.thehyve.net
+      - host: localhost
         paths:
           - path: "/hydra/?(.*)"
             pathType: ImplementationSpecific
     tls:
       - secretName: hydra-public-tls
         hosts:
-          - radar-k3s-test.thehyve.net
+          - localhost
 hydra:
   automigration:
     enabled: true
   config:
     urls:
       self:
-        issuer: https://radar-k3s-test.thehyve.net/hydra/
-      login: https://radar-k3s-test.thehyve.net/hydra-ui/login
-      consent: https://radar-k3s-test.thehyve.net/hydra-ui/consent
+        issuer: https://localhost/hydra/
+      login: https://localhost/login
+      consent: https://localhost/hydra-ui/consent
 
     log:
       level: debug
       format: text
-      leak_sensitive_values: true
-
-
-#https://www.ory.sh/docs/hydra/reference/configuration
+      leak_sensitive_values: false