diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..057bed4 --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +.vscode +*.egg-info +.tox diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst new file mode 100644 index 0000000..f2f8e6d --- /dev/null +++ b/CONTRIBUTING.rst @@ -0,0 +1,16 @@ +If you would like to contribute to the development of OpenStack, +you must follow the steps in this page: + + https://docs.openstack.org/infra/manual/developers.html + +Once those steps have been completed, changes to OpenStack +should be submitted for review via the Gerrit tool, following +the workflow documented at: + + https://docs.openstack.org/infra/manual/developers.html#development-workflow + +Pull requests submitted through GitHub will be ignored. + +Bugs should be filed in Launchpad: + + https://bugs.launchpad.net/starlingx diff --git a/HACKING.rst b/HACKING.rst new file mode 100644 index 0000000..52639c7 --- /dev/null +++ b/HACKING.rst @@ -0,0 +1,17 @@ +StarlingX SDO-rv-service Style Commandments +================================================================ + +- Step 1: Read the OpenStack style commandments + https://docs.openstack.org/hacking/latest/ +- Step 2: Read on + +SDO-rv-service Specific Commandments +--------------------------------------------------------- + +None so far + +Running tests +------------- +The approach to running tests is to simply run the command ``tox``. This will +create virtual environments, populate them with dependencies and run all of +the tests that OpenStack CI systems run. diff --git a/centos_build_layer.cfg b/centos_build_layer.cfg new file mode 100644 index 0000000..c581999 --- /dev/null +++ b/centos_build_layer.cfg @@ -0,0 +1 @@ +flock diff --git a/centos_iso_image.inc b/centos_iso_image.inc new file mode 100644 index 0000000..e69de29 diff --git a/centos_pkg_dirs b/centos_pkg_dirs new file mode 100644 index 0000000..70e2240 --- /dev/null +++ b/centos_pkg_dirs @@ -0,0 +1 @@ +stx-sdo-helm diff --git a/github_sync.trigger b/github_sync.trigger new file mode 100644 index 0000000..b8a4ee2 --- /dev/null +++ b/github_sync.trigger @@ -0,0 +1,2 @@ +# to trigger the upload job to sync to GitHub +1 diff --git a/stx-sdo-helm/centos/build_srpm.data b/stx-sdo-helm/centos/build_srpm.data new file mode 100644 index 0000000..157a923 --- /dev/null +++ b/stx-sdo-helm/centos/build_srpm.data @@ -0,0 +1,3 @@ +SRC_DIR="stx-sdo-helm" + +TIS_PATCH_VER=PKG_GITREVCOUNT diff --git a/stx-sdo-helm/centos/stx-sdo-helm.spec b/stx-sdo-helm/centos/stx-sdo-helm.spec new file mode 100644 index 0000000..35f2734 --- /dev/null +++ b/stx-sdo-helm/centos/stx-sdo-helm.spec @@ -0,0 +1,60 @@ +%global helm_folder /usr/lib/helm +%global armada_folder /usr/lib/armada +%global app_folder /usr/lib/application +%global toolkit_version 0.1.0 +%global helmchart_version 0.1.0 + +Summary: StarlingX SDO Application Helm charts +Name: stx-sdo-helm +Version: 1.0 +Release: %{tis_patch_ver}%{?_tis_dist} +License: Apache-2.0 +Group: base +Packager: Intel +URL: unknown + +Source0: %{name}-%{version}.tar.gz + +BuildArch: noarch + +BuildRequires: helm +BuildRequires: chartmuseum +BuildRequires: openstack-helm-infra + +%description +StarlingX SDO Application Helm charts + +%prep +%setup + +%build +# Stage helm-toolkit in the local repo +cp %{helm_folder}/helm-toolkit-%{toolkit_version}.tgz helm-charts/ + +# Host a server for the charts +chartmuseum --debug --port=8879 --context-path='/charts' --storage="local" --storage-local-rootdir="./helm-charts" & +sleep 2 +helm repo add local http://localhost:8879/charts + +# Make the charts. These produce a tgz file +cd helm-charts +make sdo +cd - + +# terminate helm server (the last backgrounded task) +kill %1 + +%install +# helm_folder is created by openstack-helm-infra +install -d -m 755 ${RPM_BUILD_ROOT}%{app_folder} +install -p -D -m 755 files/metadata.yaml ${RPM_BUILD_ROOT}%{app_folder} +install -d -m 755 ${RPM_BUILD_ROOT}%{helm_folder} +install -p -D -m 755 helm-charts/*.tgz ${RPM_BUILD_ROOT}%{helm_folder} +install -d -m 755 ${RPM_BUILD_ROOT}%{armada_folder} +install -p -D -m 755 manifests/*.yaml ${RPM_BUILD_ROOT}%{armada_folder} + +%files +%defattr(-,root,root,-) +%{helm_folder}/* +%{armada_folder}/* +%{app_folder}/* diff --git a/stx-sdo-helm/stx-sdo-helm/README b/stx-sdo-helm/stx-sdo-helm/README new file mode 100644 index 0000000..b773ef4 --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/README @@ -0,0 +1,5 @@ +This directory contains all StarlingX charts that need to be built for this +application. Some charts are common across applications. These common charts +reside in the stx-config/kubernetes/helm-charts directory. To include these in +this application update the build_srpm.data file and use the COPY_LIST_TO_TAR +mechanism to populate these common charts. diff --git a/stx-sdo-helm/stx-sdo-helm/files/index.yaml b/stx-sdo-helm/stx-sdo-helm/files/index.yaml new file mode 100644 index 0000000..36db709 --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/files/index.yaml @@ -0,0 +1,3 @@ +apiVersion: v1 +entries: {} +generated: 2019-01-07T12:33:46.098166523-06:00 diff --git a/stx-sdo-helm/stx-sdo-helm/files/metadata.yaml b/stx-sdo-helm/stx-sdo-helm/files/metadata.yaml new file mode 100644 index 0000000..d319a57 --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/files/metadata.yaml @@ -0,0 +1 @@ +maintain_user_overrides: true diff --git a/stx-sdo-helm/stx-sdo-helm/files/repositories.yaml b/stx-sdo-helm/stx-sdo-helm/files/repositories.yaml new file mode 100644 index 0000000..fe1299f --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/files/repositories.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +generated: 2019-01-02T15:19:36.215111369-06:00 +repositories: +- caFile: "" + cache: /builddir/.helm/repository/cache/local-index.yaml + certFile: "" + keyFile: "" + name: local + password: "" + url: http://127.0.0.1:8879/charts + username: "" diff --git a/stx-sdo-helm/stx-sdo-helm/helm-charts/Makefile b/stx-sdo-helm/stx-sdo-helm/helm-charts/Makefile new file mode 100644 index 0000000..50d6906 --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/helm-charts/Makefile @@ -0,0 +1,43 @@ +# +# Copyright 2017 The Openstack-Helm Authors. +# +# Copyright (c) 2020 Intel Corporation, Inc. +# +# SPDX-License-Identifier: Apache-2.0 +# +# It's necessary to set this because some environments don't link sh -> bash. +SHELL := /bin/bash +TASK := build + +EXCLUDES := helm-toolkit doc tests tools logs tmp +CHARTS := helm-toolkit $(filter-out $(EXCLUDES), $(patsubst %/.,%,$(wildcard */.))) + +.PHONY: $(EXCLUDES) $(CHARTS) + +all: $(CHARTS) + +$(CHARTS): + @if [ -d $@ ]; then \ + echo; \ + echo "===== Processing [$@] chart ====="; \ + make $(TASK)-$@; \ + fi + +init-%: + if [ -f $*/Makefile ]; then make -C $*; fi + if [ -f $*/requirements.yaml ]; then helm dep up $*; fi + +lint-%: init-% + if [ -d $* ]; then helm lint $*; fi + +build-%: + if [ -d $* ]; then helm package $*; fi + +clean: + @echo "Clean all build artifacts" + rm -f */templates/_partials.tpl */templates/_globals.tpl + rm -f *tgz */charts/*tgz */requirements.lock + rm -rf */charts */tmpcharts + +%: + @: diff --git a/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/.helmignore b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/.helmignore new file mode 100755 index 0000000..50af031 --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/.helmignore @@ -0,0 +1,22 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/Chart.yaml b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/Chart.yaml new file mode 100755 index 0000000..1260c57 --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: "1.0" +description: SDO RV service +name: sdo +version: 1.0.0 diff --git a/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/NOTES.txt b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/NOTES.txt new file mode 100755 index 0000000..e69de29 diff --git a/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/_helpers.tpl b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/_helpers.tpl new file mode 100755 index 0000000..c92b480 --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/_helpers.tpl @@ -0,0 +1,33 @@ +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "sdo.name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this +(by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "sdo.fullname" -}} +{{- if .Values.fullnameOverride -}} +{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- if contains $name .Release.Name -}} +{{- .Release.Name | trunc 63 | trimSuffix "-" -}} +{{- else -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- end -}} +{{- end -}} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "sdo.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/redis.yml b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/redis.yml new file mode 100755 index 0000000..832f006 --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/redis.yml @@ -0,0 +1,36 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: redis +spec: + replicas: 1 + selector: + matchLabels: + app: redis + template: + metadata: + name: redis + labels: + app: redis + spec: + containers: + - name: redis + image: {{ .Values.images.tags.redisimage }} + ports: + - containerPort: 6379 + +--- +apiVersion: v1 +kind: Service +metadata: + name: redis +spec: + type: NodePort + selector: + app: redis + ports: + - name: redis-port + port: 6379 + targetPort: 6379 + nodePort: 31118 + diff --git a/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/u-rendezvous-service.yml b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/u-rendezvous-service.yml new file mode 100755 index 0000000..46cbfef --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/templates/u-rendezvous-service.yml @@ -0,0 +1,87 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: rv.deploy + labels: + app: sdo-rv + release: {{ .Release.Name }} +spec: + replicas: 1 + selector: + matchLabels: + app: RV-Service + template: + metadata: + name: rv.pod + labels: + app: RV-Service + spec: + initContainers: + - name: init-redis + image: busybox:1.28 + command: ['sh', '-c', "until nslookup redis.$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace).svc.cluster.local; do echo waiting for redis; sleep 2; done"] + containers: + - name: u-rendezvous-service + image: {{ .Values.images.tags.rv }} + imagePullPolicy: IfNotPresent + ports: + - containerPort: 8000 + - containerPort: 8001 + env: + - name: RENDEZVOUS_SIGNATUREVERIFICATION + value: {{ .Values.env.rv_var.RV_SIGNATUREVERIFICATION | quote }} + - name: RENDEZVOUS_OPKEYVERIFICATION + value: {{ .Values.env.rv_var.RV_OPKEYVERIFICATION | quote }} + - name: RENDEZVOUS_TOTOKENEXPIRATIONTIME + value: {{ .Values.env.rv_var.RV_TOTOKENEXPIRATIONTIME | quote }} + - name: RENDEZVOUS_OWNERSHIPVOUCHERMAXENTRIES + value: {{ .Values.env.rv_var.RV_OWNERSHIPVOUCHERMAXENTRIES | quote }} + - name: RENDEZVOUS_WAITSECONDSLIMIT + value: {{ .Values.env.rv_var.RV_WAITSECONDSLIMIT | quote }} + - name: REDIS_HOST + value: {{ .Values.env.rv_var.REDIS_HOST | quote }} + - name: REDIS_PORT + value: {{ .Values.env.rv_var.REDIS_PORT | quote }} + - name: RENDEZVOUS_VERIFICATIONSERVICEHOST + value: {{ .Values.env.rv_var.RV_VERIFICATIONSERVICEHOST | quote }} + - name: SSL_TRUST_STORE_PASSWORD + value: {{ .Values.env.rv_var.SSL_TRUST_STORE_PASSWORD | quote }} + - name: SSL_KEY_STORE_PASSWORD + value: {{ .Values.env.rv_var.SSL_KEY_STORE_PASSWORD | quote }} + - name: http_proxy + value: + - name: https_proxy + value: + volumeMounts: + - name: sdo-trust-store-config + mountPath: /home/sdouser/certs/trustedRootCA.jks + - name: sdo-key-store-config + mountPath: /home/sdouser/certs/ssl.jks + + volumes: + - name: sdo-trust-store-config + configMap: + hostPath: + path: /home/sysadmin/certs/rendezvous-trusterRootCA.jks + - name: sdo-key-store-config + configMap: + hostPath: + path: /home/sysadmin/certs/rendezvous-keystore.jks + +--- +apiVersion: v1 +kind: Service +metadata: + name: rvdeploy-int +spec: + type: NodePort + selector: + app: RV-Service + ports: + - name: rendezvous-port + port: 8000 + targetPort: 8000 + - name: rendezvous-port2 + port: 8001 + targetPort: 8001 + nodePort: 31117 diff --git a/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/values.yaml b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/values.yaml new file mode 100755 index 0000000..0c47988 --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/helm-charts/sdo/values.yaml @@ -0,0 +1,30 @@ +images: + tags: + rv: 15201086/rendezvous-service:1.10 + redisimage: 15201086/redis:050220213WKAgo +env: + rv_var: + RV_SIGNATUREVERIFICATION: "true" + RV_OPKEYVERIFICATION: "true" + RV_TOTOKENEXPIRATIONTIME: "15" + RV_OWNERSHIPVOUCHERMAXENTRIES: "10" + RV_WAITSECONDSLIMIT: "2419200" + REDIS_HOST: "redis" + REDIS_PORT: "6379" + SSL_TRUST_STORE_PASSWORD: "123456" + SSL_KEY_STORE_PASSWORD: "123456" + + # To use Verification Service in the Cloud change RENDEZVOUS_VERIFICATIONSERVICEHOST variable to point to proper address and set PROXY for SDO service if needed +# Do not set http_proxy and https_proxy if you use local Verification Service +# Non-production environment cloud verification sevice:(commented for now)re-enable when required +#RV_VERIFICATIONSERVICEHOST: "https://verify.epid-sbx.trustedservices.intel.com" +# Production environment cloud verification sevice: +# RENDEZVOUS_VERIFICATIONSERVICEHOST=https://verify.epid.trustedservices.intel.com:443 +# RENDEZVOUS_VERIFICATIONSERVICEHOST=https://u-verification-service:1180 +# http_proxy= +# https_proxy= + +# Default values for helm. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + diff --git a/stx-sdo-helm/stx-sdo-helm/manifests/sdo_manifest.yaml b/stx-sdo-helm/stx-sdo-helm/manifests/sdo_manifest.yaml new file mode 100644 index 0000000..0763b33 --- /dev/null +++ b/stx-sdo-helm/stx-sdo-helm/manifests/sdo_manifest.yaml @@ -0,0 +1,45 @@ +--- +schema: armada/Chart/v1 +metadata: + schema: metadata/Document/v1 + name: sdo +data: + chart_name: sdo + release: sdo + namespace: stx-sdo + source: + location: http://172.17.0.1:8080/helm_charts/starlingx/sdo-1.0.0.tgz + subpath: sdo + type: tar + reference: master + wait: + timeout: 1800 + install: + no_hooks: false + upgrade: + no_hooks: false + pre: + delete: + - type: job + labels: + app: sdo + dependencies: [] +--- +schema: armada/ChartGroup/v1 +metadata: + schema: metadata/Document/v1 + name: sdo +data: + description: "StarlingX SDO" + sequenced: false + chart_group: + - sdo +--- +schema: armada/Manifest/v1 +metadata: + schema: metadata/Document/v1 + name: sdo-manifest +data: + release_prefix: rv + chart_groups: + - sdo diff --git a/test-requirements.txt b/test-requirements.txt index 8ae3e22..c117d98 100644 --- a/test-requirements.txt +++ b/test-requirements.txt @@ -1,3 +1,2 @@ -# hacking pulls in flake8 -hacking!=0.13.0,<0.14,>=0.12.0 # Apache-2.0 -bashate >= 0.2 +# nothing +#To be added If there are one