DBC22-1096: Updated site logo to desired

.gitignore

@@ -17,3 +17,4 @@
 
 src/media/
 src/static/
+infrastructure/yaml

infrastructure/README.md

@@ -0,0 +1,64 @@
+# DriveBC Infrastructure
+
+The new DriveBC site has a number of components that work together to serve the website. This infrastructure folder contains all the components required to build the infrastructure to support the site. Following the steps in the Deployments Steps section should quickly setup your environment from scratch.
+
+Here are the components that are in this folder:
+- Init
+  - Sets up the Secrets and ConfigMaps prior to building the other components
+- CrunchDB Postgres
+  - Based off: https://github.com/bcgov/crunchy-postgres/ with a few notable changes to support our environment.
+- Django
+- Tasks
+- Redis
+- Static
+- Image Caching
+
+## Deployment Steps
+### New Environment
+Follow these steps to setup a brand new environment.
+1. Download the Drivebc.ca repository to your PC
+1. Navigate to the infrastructure folder in command line
+1. Login to OpenShift using the command line oc utility
+1. Select the project you would like to deploy to using `oc project NAMESPACE`
+1. `helm install ENV-drivebc-init -f .\init\values-ENV.yaml .\init`
+    1. NOTE: Do not install this again as it will overwrite all values. May need to find a better way to handle this in the future.
+1. Set the values in th `dev-drivebc-django` ConfigMap and Secret (In the future `dev-drivebc-static` ConfigMap and Secret too)
+1. `helm install ENV-drivebc-crunchy-postgres -f .\crunchy-postgres\values-ENV.yaml .\crunchy-postgres`
+1. `helm install ENV-drivebc -f .\main\values-ENV.yaml .\main`
+1. Now that all components are installed you need to go to GitHub actions and run `Build & Deploy Image Caching Image` & `Deploy main to dev` and then all the pods should start-up. If any issues confirm the configmaps are updated.
+1. If you want to quickly get the cameras and events on a fresh db, run  `python manage.py populate_webcams` and `python manage.py populate_events` in the terminal of the tasks pod
+
+### Upgrades
+
+## Other
+
+### Dependency Updates
+If one of the underlying HELM charts gets updated you may need to run a dependency update which will update the Chart.lock file
+1. Navigate to the main folder in command line
+2. Run `helm dependency update`
+
+### Dry Run
+If you want to confirm the install or upgrade will work, you can do a dry run without making the actual changes in your environment. Just swap install with upgrade as needed
+1. `helm install --dry-run ENV-drivebc-crunchy-postgres -f .\crunchy-postgres\values-ENV.yaml .\crunchy-postgres`
+1. `helm install --dry-run ENV-drivebc -f .\main\values-ENV.yaml .\main`
+
+### Template (YAML) Extract
+If you want to see what the YAML files that HELM will generate look like prior to the install/upgrade you can run the following commands:
+
+1. `helm template --output-dir yaml ENV-drivebc-crunchy-postgres -f .\crunchy-postgres\values-ENV.yaml .\crunchy-postgres`
+1. `helm template --output-dir yaml ENV-drivebc -f .\main\values-ENV.yaml .\main`
+
+### Uninstall
+If you need to uninstall the Helm Charts follow these steps:
+1. `helm uninstall ENV-drivebc`
+1. `helm uninstall ENV-drivebc-crunchy-postgres`
+1. `helm uninstall ENV-drivebc-init`
+
+
+
+# to-do
+- Build a Make file to speed up this process even more
+- Once we know what versioning looks like, integrate that change. Will probably need to use another repo such as GitHub, Artifactory, or imagestream on Tools namespace
+- Build a HELM chart for Postgres Monitoring
+- Add liveness checks to the pods
+- Create values files for all environments

infrastructure/READMECrunchy.md

@@ -0,0 +1,68 @@
+# Crunchy Postgres helm chart
+
+This is based off: https://github.com/bcgov/crunchy-postgres/ with a number of changes including:
+- Custom values yaml files for dev and test environments
+- To allow migration scripts to run I created a superuser so I modified the original PostgresCluster.yaml file and changed the permission to SUPERUSER from CREATEROLE
+- I added the required Role, RoleBinding and NetworkPolicy to allow the monitoring tool on the tools namespace to connect to the crunchydb instance if monitoring is set to enabled.
+
+## Charts
+
+### Crunchy Postgres chart
+
+A chart to deploy a high availability Crunchy Postgres cluster
+
+
+#### Values are located in the documentation here:
+
+[Crunchy Postgres Documentation](charts/crunchy-postgres/README.md)
+
+### Crunchy Postgres tools chart
+
+A set of standard service accounts and networking templates that were needed to deploy a Crunchy Postgres cluster but are kept separate from the main Crunchy Postgres chart.
+
+#### Values are located in the documentation here:
+
+[Crunchy Postgres Tools Documentation](charts/crunchy-tools/README.md)
+
+## Release Process (WIP)
+
+1. Pull the repo down to your PC
+2. Open CMD or Powershell and login to OC
+3. Go to the project you want to install using 'oc project NAMESPACE' command
+4. If a fresh install enter something like this depending on where the values.yaml file is located: 
+
+      `helm install dbc-crunchy-postgres -f C:\Data\DriveBC.ca\infrastructure\charts\crunchy-postgres\values-ENVIRONMENT.yaml C:\Data\DriveBC.ca\infrastructure\charts\crunchy-postgres`
+
+      `helm install dbc-crunchy-postgres-tools -f C:\Data\DriveBC.ca\infrastructure\charts\crunchy-tools\values.yaml C:\Data\DriveBC.ca\infrastructure\charts\crunchy-tools`
+
+5. If you made modifications and you want to upgrade the helm chart in the environment, simply change 'install' to 'upgrade'
+Now you have a functioning crunchydb instance running in your namespace. To get django working:
+1. Django should automatically pull in the HOST URL, and PW from the secret that was created. 
+4. Restart the django deployment to get it to run the migration scripts. 
+5. If you want to quickly get the cameras and events on a fresh db, run  `python manage.py populate_webcams` and `python manage.py populate_events` in the terminal of the tasks pod
+
+If you have a user with adequate permissions on the DB and you want to use something like pgadmin on your PC to view the DB you can run this in cmd or powershell `oc -n c59ecc-dev port-forward service/drivebc-pgbouncer 15436:5432`
+
+## Raw YAML files
+
+An archive of the latest releases raw YAML files can be found in the [releases](https://github.com/bcgov/crunchy-postgres/releases) section. These are bundled together unlike the Helm charts which are released separately.
+
+Alternatively you can save them with the [helm template](https://helm.sh/docs/helm/helm_template/) command:
+
+`helm template --output-dir yaml charts/crunchy-postgres`
+
+`helm template --output-dir yaml charts/crunchy-tools`
+
+## Contact Info
+
+[#crunchydb on Rocket.Chat](https://chat.developer.gov.bc.ca/channel/crunchydb)
+
+## Vendor Info
+
+[PGO, the Postgres Operator from Crunchy Data](https://access.crunchydata.com/documentation/postgres-operator/v5/)
+
+## Future Work
+
+- Create a helm chart to automatically deploy the monitoring stack to the tools namespace. For the time being I used this how to to deploy it: https://github.com/bcgov/how-to-workshops/tree/master/crunchydb/monitoring
+  - You can go to the tools namespace and find the crunch-grafana route to see the current dashboards.
+- If needed, we can add more users to the DB using something like this: https://github.com/bcgov/crunchy-postgres/pull/19/files

infrastructure/_django/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

infrastructure/_django/Chart.yaml

@@ -0,0 +1,25 @@
+apiVersion: v2
+name: django
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 0.1.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+
+appVersion: "0.1.0"

infrastructure/_django/README.md

@@ -0,0 +1,32 @@
+# Django chart
+
+A chart to provision a Django instance 
+
+## Configuration
+
+### Django Options
+
+| Parameter          | Description                        | Default                 |
+| ------------------ | ---------------------------------- | ------------------      |
+| `fullnameOverride `| Instance Name if other than default| ``                |
+| `djangoImage`      | Image Source (if not imageStream)  |                         |
+| `CPU Request`      | CPU Request Amount                 | `50`                    |
+| `CPU Limit`        | CPU Limit Amount                   | `250`                   |
+| `Memory Request`   | Memory Requests Amount             | `128`                   |
+| `Memory Limit`     | Memory Limit Amount                | `256`                   |
+| `Replicas`         | Replicas                           | `1`                     |
+| `Postgres Secret`  | The pguser secret name             |                         |
+| `Django Config Map`| The name of the Django Config Map  |                         |
+| `Namespace`        | To support the image registry      |                         |
+| `PVC Size`         | What size should the PVC be        | `1Gi`                   |
+| `Host`             | What hostname do you want          |                         |
+
+## Components
+### OpenShift
+- ImageStream 
+- PVC 
+- Service 
+- Route 
+- Deployment
+
+### Other

infrastructure/_django/templates/_helpers.tpl

@@ -0,0 +1,51 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "app.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "app.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "app.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "app.labels" -}}
+helm.sh/chart: {{ include "app.chart" . }}
+{{ include "app.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "app.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "app.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}

infrastructure/_django/templates/django-deployment.yaml

@@ -0,0 +1,107 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "app.fullname" . }}
+  labels: {{ include "app.labels" . | nindent 4 }}
+  annotations:
+    image.openshift.io/triggers: >-
+      [{"from":{"kind":"ImageStreamTag","name":"{{ template "app.fullname" . }}:latest","namespace":"{{ .Values.namespace  }}"},"fieldPath":"spec.template.spec.containers[?(@.name==\"{{ template "app.fullname" . }}\")].image","pause":"false"}]
+
+spec:
+  replicas: {{ .Values.deployment.replicas  }}
+  selector:
+    matchLabels:
+      {{ include "app.selectorLabels" . | nindent 6 }}
+  template:
+    metadata:
+      labels:
+        {{ include "app.selectorLabels" . | nindent 8 }}
+    spec:
+      volumes:
+        - name: django-media-volume
+          persistentVolumeClaim:
+            claimName: {{ include "app.fullname" . }}
+      containers:
+        - resources:
+            limits:
+              cpu: {{ .Values.deployment.resources.limits.cpu  }}
+              memory: {{ .Values.deployment.resources.limits.memory  }}
+            requests:
+              cpu: {{ .Values.deployment.resources.requests.cpu  }}
+              memory: {{ .Values.deployment.resources.requests.memory  }}
+          name: {{ include "app.fullname" . }}
+          command:
+            - /start.sh
+          env:
+            - name: DB_HOST
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.deployment.env.postgresSecret  }}
+                  key: host
+            - name: DB_PORT
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.deployment.env.postgresSecret  }}
+                  key: port
+            - name: DB_USER
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.deployment.env.postgresSecret  }}
+                  key: user
+            - name: POSTGRES_USER
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.deployment.env.postgresSecret  }}
+                  key: user
+            - name: DB_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.deployment.env.postgresSecret  }}
+                  key: password
+            - name: POSTGRES_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.deployment.env.postgresSecret  }}
+                  key: password
+            - name: DB_NAME
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.deployment.env.postgresSecret  }}
+                  key: dbname
+            - name: POSTGRES_DB
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.deployment.env.postgresSecret  }}
+                  key: dbname
+            - name: DRIVEBC_ROUTE_PLANNER_API_AUTH_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.deployment.env.djangoSecret  }}
+                  key: DRIVEBC_ROUTE_PLANNER_API_AUTH_KEY
+            - name: SECRET_KEY
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.deployment.env.djangoSecret  }}
+                  key: SECRET_KEY
+          ports:
+            - containerPort: 8080
+              protocol: TCP
+          imagePullPolicy: IfNotPresent
+          volumeMounts:
+            - name: django-media-volume
+              mountPath: /app/media
+          terminationMessagePolicy: File
+          envFrom:
+            - configMapRef:
+                name: {{ .Values.deployment.env.djangoConfigMap  }}
+          image: >-
+            image-registry.openshift-image-registry.svc:5000/{{ .Values.namespace  }}/{{ template "app.fullname" . }}
+      affinity:
+        podAntiAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+          - weight: 1
+            podAffinityTerm:
+              topologyKey: "app.kubernetes.io/instance"
+              labelSelector:
+                matchLabels:
+                  app.kubernetes.io/name: {{ template "app.name" . }}

infrastructure/_django/templates/django-imageStream.yaml

@@ -0,0 +1,6 @@
+apiVersion: image.openshift.io/v1
+kind: ImageStream
+metadata:
+  name: {{ template "app.fullname" . }}
+  labels: {{ include "app.labels" . | nindent 4 }}
+