From 123f4f8532307413ce8e8d223f65cad2990c1535 Mon Sep 17 00:00:00 2001 From: Hannah Smith <13995068+hannah38@users.noreply.github.com> Date: Mon, 8 Jul 2024 11:23:30 +0100 Subject: [PATCH] DTSSTCI-712: New ccd chart and chart java - with Persistent data (#1783) * test new ccd definition importer version, ccd chart release * updated em-ccdorc * update em-stitching * test with disabled em kvs * kv disabled * db hosts * globals * fix name * switch postgres * fix and test em auth * role assignment * data store * overwrite secrets fix (still an issue even with these updated versions) * clear * cleanup * switch sptribs * updated all dependencies in ccd-chart and testing with this new version * Bumping chart version/ fixing aliases * Update Chart.yaml Updated ccd chart version * logstash * temp * test userprofile importer * remove unneeded bit * try * old typo fixed * fix * revert importer change * Fix connection string --------- Co-authored-by: hmcts-jenkins-j-to-z <61242337+hmcts-jenkins-j-to-z[bot]@users.noreply.github.com> Co-authored-by: jessieharrigan <144362161+jessieharrigan@users.noreply.github.com> --- charts/sptribs-case-api/Chart.yaml | 12 +- .../values.preview.template.yaml | 136 +++++++++--------- 2 files changed, 72 insertions(+), 76 deletions(-) diff --git a/charts/sptribs-case-api/Chart.yaml b/charts/sptribs-case-api/Chart.yaml index a741db644d..ed837d86b8 100644 --- a/charts/sptribs-case-api/Chart.yaml +++ b/charts/sptribs-case-api/Chart.yaml @@ -3,15 +3,15 @@ appVersion: "1.0" description: A Helm chart for sptribs-case-api App name: sptribs-case-api home: https://github.com/hmcts/sptribs-case-api -version: 0.0.94 +version: 0.0.95 maintainers: - name: HMCTS sptribs team dependencies: - name: java - version: 5.0.0 + version: 5.2.1 repository: 'https://hmctspublic.azurecr.io/helm/v1/repo/' - name: ccd - version: 8.0.29 + version: 9.2.0 repository: 'https://hmctspublic.azurecr.io/helm/v1/repo/' tags: - ccd-idam-pr @@ -36,10 +36,14 @@ dependencies: repository: 'https://hmctspublic.azurecr.io/helm/v1/repo/' condition: ccd-case-document-am-api.enabled - name: em-ccdorc - version: 2.0.10 + version: 2.0.25 repository: 'https://hmctspublic.azurecr.io/helm/v1/repo/' condition: em-ccdorc.enabled - name: em-stitching version: 1.0.55 repository: 'https://hmctspublic.azurecr.io/helm/v1/repo/' condition: em-stitching.enabled + - name: postgresql + version: 1.0.2 + repository: 'https://hmctspublic.azurecr.io/helm/v1/repo/' + condition: postgresql.enabled diff --git a/charts/sptribs-case-api/values.preview.template.yaml b/charts/sptribs-case-api/values.preview.template.yaml index c32d202b94..af2a6fa32c 100644 --- a/charts/sptribs-case-api/values.preview.template.yaml +++ b/charts/sptribs-case-api/values.preview.template.yaml @@ -10,10 +10,9 @@ java: CASE_DOCUMENT_AM_BASEURL: http://${SERVICE_NAME}-ccd-case-document-am-api BUNDLING_API_URL: https://em-ccdorc-${SERVICE_FQDN} CITIZEN_UPDATE_CASE_STATE_ENABLED: true - POSTGRES_HOST: ${SERVICE_NAME}-postgresql - POSTGRES_NAME: sptribs-case-api - POSTGRES_USERNAME: ${SPTRIBS_POSTGRES_USERNAME_PREVIEW} - POSTGRES_PASSWORD: ${SPTRIBS_POSTGRES_PASSWORD_PREVIEW} + POSTGRES_HOST: sptribs-preview.postgres.database.azure.com + POSTGRES_NAME: "{{ .Values.global.databaseNamePrefix }}sptribs-case-api" + POSTGRES_USERNAME: hmcts POSTGRES_CONNECTION_OPTIONS: "" keyVaults: @@ -35,49 +34,11 @@ java: alias: IDAM_SYSTEM_UPDATE_PASSWORD - name: launchdarkly-sdk-key alias: LAUNCH_DARKLY_SDK_KEY - - name: sptribs-postgres-username-preview - alias: SPTRIBS_POSTGRES_USERNAME_PREVIEW - - name: sptribs-postgres-password-preview - alias: SPTRIBS_POSTGRES_PASSWORD_PREVIEW - - name: ccd-global-postgres-username-preview - alias: CCD_GLOBAL_POSTGRES_USERNAME_PREVIEW - - name: ccd-global-postgres-password-preview - alias: CCD_GLOBAL_POSTGRES_PASSWORD_PREVIEW - - name: ccd-data-store-db-username-preview - alias: CCD_DATA_STORE_DB_USERNAME_PREVIEW - - name: ccd-data-store-db-password-preview - alias: CCD_DATA_STORE_DB_PASSWORD_PREVIEW - - name: ccd-user-profile-db-username-preview - alias: CCD_USER_PROFILE_DB_USERNAME_PREVIEW - - name: ccd-user-profile-db-password-preview - alias: CCD_USER_PROFILE_DB_PASSWORD_PREVIEW - - name: em-spring-datasource-username-preview - alias: EM_SPRING_DATASOURCE_USERNAME_PREVIEW - - name: em-spring-datasource-password-preview - alias: EM_SPRING_DATASOURCE_PASSWORD_PREVIEW - - postgresql: - enabled: true - image: - tag: '11.6.0' - primary: - persistence: - enabled: false - resources: - requests: - cpu: 25m - initdb: - scripts: - init.sql: | - CREATE DATABASE "sptribs-case-api" WITH OWNER = hmcts ENCODING = 'UTF-8' CONNECTION LIMIT = -1; - CREATE DATABASE "data-store" WITH OWNER = hmcts ENCODING = 'UTF-8' CONNECTION LIMIT = -1; - CREATE DATABASE "definition-store" WITH OWNER = hmcts ENCODING = 'UTF-8' CONNECTION LIMIT = -1; - CREATE DATABASE "role_assignment" WITH OWNER = hmcts ENCODING = 'UTF-8' CONNECTION LIMIT = -1; - CREATE DATABASE "user-profile" WITH OWNER = hmcts ENCODING = 'UTF-8' CONNECTION LIMIT = -1; - CREATE DATABASE "emstitch" WITH OWNER = hmcts ENCODING = 'UTF-8' CONNECTION LIMIT = -1; - auth: - username: ${SPTRIBS_POSTGRES_USERNAME_PREVIEW} - password: ${SPTRIBS_POSTGRES_PASSWORD_PREVIEW} + secrets: + POSTGRES_PASSWORD: + secretRef: postgres + key: PASSWORD + disabled: false ccd: ccd: @@ -102,8 +63,13 @@ ccd: dmStoreUrl: http://dm-store-aat.service.core-compute-aat.internal ccdAdminWebIngress: admin-web-${SERVICE_FQDN} ccdApiGatewayIngress: gateway-${SERVICE_FQDN} - postgresUsername: ${CCD_GLOBAL_POSTGRES_USERNAME_PREVIEW} - postgresPassword: ${CCD_GLOBAL_POSTGRES_PASSWORD_PREVIEW} + ccdDataStoreUrl: http://${SERVICE_NAME}-ccd-data-store-api + ccdDefinitionStoreUrl: http://${SERVICE_NAME}-ccd-definition-store + ccdUserProfileUrl: http://${SERVICE_NAME}-ccd-user-profile-api + postgresUsername: hmcts + postgresHostname: "sptribs-preview.postgres.database.azure.com" + postgresSecret: postgres + databaseNamePrefix: "pr-${CHANGE_ID}-" s2sUrl: http://rpe-service-auth-provider-aat.service.core-compute-aat.internal ccd-api-gateway-web: @@ -123,9 +89,9 @@ ccd: imagePullPolicy: Always environment: CASE_DOCUMENT_AM_API_ATTACH_DOCUMENT_ENABLED: true - DATA_STORE_DB_HOST: ${SERVICE_NAME}-postgresql - DATA_STORE_DB_USERNAME: ${CCD_DATA_STORE_DB_USERNAME_PREVIEW} - DATA_STORE_DB_PASSWORD: ${CCD_DATA_STORE_DB_PASSWORD_PREVIEW} + DATA_STORE_DB_HOST: sptribs-preview.postgres.database.azure.com + DATA_STORE_DB_USERNAME: hmcts + DATA_STORE_DB_NAME: "pr-${CHANGE_ID}-data-store" DATA_STORE_IDAM_KEY: ${DATA_STORE_S2S_KEY} DATA_STORE_DEFAULT_LOG_LEVEL: info LOG_CALLBACK_DETAILS: "*" @@ -144,13 +110,14 @@ ccd: IDAM_DATA_STORE_SYSTEM_USER_USERNAME: ${IDAM_DATA_STORE_SYSTEM_USER_USERNAME} IDAM_DATA_STORE_SYSTEM_USER_PASSWORD: ${IDAM_DATA_STORE_SYSTEM_USER_PASSWORD} ROLE_ASSIGNMENT_URL: http://sptribs-case-api-pr-${CHANGE_ID}-am-role-assignment-service + secrets: + DATA_STORE_DB_PASSWORD: + secretRef: postgres + key: PASSWORD + disabled: false keyVaults: ccd: secrets: - - name: data-store-api-POSTGRES-USER-V15 - alias: DATA_STORE_DB_USERNAME - - name: data-store-api-POSTGRES-PASS-V15 - alias: DATA_STORE_DB_PASSWORD - name: data-store-api-draft-key alias: CCD_DRAFT_ENCRYPTION_KEY - name: ccd-data-s2s-secret @@ -179,17 +146,22 @@ ccd: environment: CCD_DATA_STORE_URL: http://{{ .Release.Name }}-ccd-data-store-api RUN_LD_ON_STARTUP: false + ROLE_ASSIGNMENT_DB_HOST: sptribs-preview.postgres.database.azure.com + ROLE_ASSIGNMENT_DB_NAME: "pr-${CHANGE_ID}-role_assignment" + ROLE_ASSIGNMENT_DB_OPTIONS: "?stringtype=unspecified&ssl=disable&gssEncMode=disable" + keyVaults: [ ] ccd-definition-store-api: java: disableKeyVaults: true imagePullPolicy: Always environment: - DEFINITION_STORE_DB_HOST: ${SERVICE_NAME}-postgresql + DEFINITION_STORE_DB_HOST: '{{ tpl .Values.global.postgresHostname $}}' DEFINITION_STORE_IDAM_KEY: ${DEFINITION_STORE_S2S_KEY} IDAM_USER_URL: https://idam-web-public.aat.platform.hmcts.net ELASTIC_SEARCH_ENABLED: true ELASTIC_SEARCH_HOST: ${SERVICE_NAME}-es-master + keyVaults: [ ] ingressHost: ccd-definition-store-${SERVICE_FQDN} autoscaling: enabled: false @@ -201,8 +173,8 @@ ccd: java: disableKeyVaults: true imagePullPolicy: Always - enviroment: - USER_PROFILE_DB_HOST: ${SERVICE_NAME}-postgresql + environment: + USER_PROFILE_DB_HOST: '{{ tpl .Values.global.postgresHostname $}}' ingressHost: ccd-user-profile-api-${SERVICE_FQDN} ccd-admin-web: @@ -211,7 +183,7 @@ ccd: image: hmctspublic.azurecr.io/ccd/admin-web:latest ingressHost: admin-web-${SERVICE_FQDN} environment: - USER_PROFILE_DB_HOST: ${SERVICE_NAME}-postgresql + USER_PROFILE_DB_HOST: '{{ tpl .Values.global.postgresHostname $}}' IDAM_ADMIN_WEB_SERVICE_KEY: ${ADMIN_S2S_KEY} IDAM_OAUTH2_AW_CLIENT_SECRET: ${ADMIN_WEB_IDAM_SECRET} @@ -224,13 +196,12 @@ ccd: - st_caseworker@mailinator.com|ST_CIC|CIC|Submitted - st_solicitor@mailinator.com|ST_CIC|CIC|Submitted - st_super@mailinator.com|ST_CIC|CIC|Submitted - userProfileDatabaseHost: ${SERVICE_NAME}-ccd-postgres + userProfileDatabaseHost: '{{ tpl .Values.global.postgresHostname $}}' userProfileDatabasePort: 5432 - userProfileDatabaseUser: ${CCD_USER_PROFILE_DB_USERNAME_PREVIEW} - userProfileDatabasePassword: ${CCD_USER_PROFILE_DB_PASSWORD_PREVIEW} - userProfileDatabaseName: user-profile - - + userProfileDatabaseUser: hmcts + userProfileDatabasePassword: hmcts + userProfileDatabaseName: "pr-${CHANGE_ID}-user-profile" + elasticsearch: nameOverride: ${SERVICE_NAME}-es clusterName: "es" @@ -273,9 +244,15 @@ ccd: extraVolumes: | - name: logstash-lib emptyDir: {} + - name: database-secret-volume + secret: + secretName: postgres extraVolumeMounts: | - name: logstash-lib mountPath: /usr/share/logstash/ccd + - name: database-secret-volume + mountPath: /etc/logstash/secrets + readOnly: true logstashConfig: logstash.yml: | http.host: 0.0.0.0 @@ -291,9 +268,9 @@ ccd: 01_input.conf: | input { jdbc { - jdbc_connection_string => "jdbc:postgresql://{{ .Release.Name }}-postgresql:5432/data-store?stringtype=unspecified" + jdbc_connection_string => "jdbc:postgresql://sptribs-preview.postgres.database.azure.com:5432/pr-${CHANGE_ID}-data-store?sslmode-require&stringtype=unspecified" jdbc_user => "hmcts" - jdbc_password => "hmcts" + jdbc_password_filepath => "/etc/logstash/secrets/PASSWORD" jdbc_validate_connection => true jdbc_driver_library => "/usr/share/logstash/ccd/postgresql.jar" jdbc_driver_class => "org.postgresql.Driver" @@ -548,14 +525,29 @@ em-stitching: S2S_BASE_URI: http://rpe-service-auth-provider-aat.service.core-compute-aat.internal DM_STORE_APP_URL: http://dm-store-aat.service.core-compute-aat.internal CDAM_URL: http://${SERVICE_NAME}-ccd-case-document-am-api - SPRING_DATASOURCE_HOST: ${SERVICE_NAME}-postgresql - SPRING_DATASOURCE_NAME: emstitch + SPRING_DATASOURCE_HOST: sptribs-preview.postgres.database.azure.com + SPRING_DATASOURCE_NAME: "pr-${CHANGE_ID}-emstitch" SPRING_DATASOURCE_OPTIONS: "?ssl=disable" SPRING_DATASOURCE_PORT: 5432 - SPRING_DATASOURCE_USERNAME: ${EM_SPRING_DATASOURCE_USERNAME_PREVIEW} - SPRING_DATASOURCE_PASSWORD: ${EM_SPRING_DATASOURCE_PASSWORD_PREVIEW} + SPRING_DATASOURCE_USERNAME: hmcts ENABLE_DB_MIGRATE: true RUN_DB_MIGRATION_ON_STARTUP: true FLYWAY_POSTGRESQL_TRANSACTIONAL_LOCK: false LOGGING_LEVEL_UK_GOV_HMCTS_REFORM_EM: DEBUG + secrets: + SPRING_DATASOURCE_PASSWORD: + secretRef: postgres + key: PASSWORD + disabled: false +postgresql: + enabled: true + flexibleserver: sptribs-preview + setup: + databases: + - name: "pr-${CHANGE_ID}-sptribs-case-api" + - name: "pr-${CHANGE_ID}-data-store" + - name: "pr-${CHANGE_ID}-definition-store" + - name: "pr-${CHANGE_ID}-user-profile" + - name: "pr-${CHANGE_ID}-role_assignment" + - name: "pr-${CHANGE_ID}-emstitch"