diff --git a/README.md b/README.md index ad97f42a..b12141cb 100644 --- a/README.md +++ b/README.md @@ -11,7 +11,8 @@ Repository contains mock implementations for eSignet. Only for non-production us |[Postgres Init](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/postgres) | 12.0.1-B3 | |[mock-identity-softhsm](https://github.com/mosip/esignet/blob/v1.0.0/helm/install-all.sh) | 12.0.1-B2 | -### Install Pe-req for mock identity service + +### Install Pe-req for mock services * Install `kubectl` and `helm` utilities. * Run `prereq.sh` to setup below mentioned pre-requisites for mock services. * Setup softhsm for mock-identity in `Softhsm` namespace. @@ -57,7 +58,7 @@ Repository contains mock implementations for eSignet. Only for non-production us ``` ## Partner onboarder -* Perform Partner onboarding for esignet mock using [steps](partner-onboarder/README.md). +* Perform Partner onboarding for esignet mock relying party using [steps](partner-onboarder/README.md) only if mosip-identity plugin is used. ## License -This project is licensed under the terms of [Mozilla Public License 2.0](LICENSE). \ No newline at end of file +This project is licensed under the terms of [Mozilla Public License 2.0](LICENSE). diff --git a/deploy/delete-mock.sh b/deploy/delete-mock.sh index 6efa9455..e76ca9e6 100755 --- a/deploy/delete-mock.sh +++ b/deploy/delete-mock.sh @@ -1,26 +1,29 @@ #!/bin/bash -# Uninstalls esignet mock services. -## Usage: ./delete.sh [kubeconfig] +# Uninstalls all esignet mock service helm charts +## Usage: ./delete-mock.sh [kubeconfig] if [ $# -ge 1 ] ; then export KUBECONFIG=$1 fi -Deleting_All() { - MOCK_NS=mockid - NS=esignet - while true; do - read -p "Are you sure you want to delete esignet mock service helm charts?(Y/n) " yn - if [[ $yn = "Y" ]] || [[ $yn = "y" ]]; - then - helm -n $NS delete mock-relying-party-service || true - helm -n $NS delete mock-relying-party-ui || true - helm -n $MOCK_NS delete mock-identity-system || true - break - else - break - fi +ROOT_DIR=`pwd` + +function deleting_mock() { + + declare -a module=("mock-identity-system" + "mock-relying-party-service" + "mock-relying-party-ui" + ) + + echo Installing esignet mock services + + for i in "${module[@]}" + do + cd $ROOT_DIR/"$i" + ./delete.sh done + + echo All esignet mock services deleted sucessfully. return 0 } @@ -30,4 +33,5 @@ set -o errexit ## set -e : exit the script if any statement returns a non-true set -o nounset ## set -u : exit the script if you try to use an uninitialised variable set -o errtrace # trace ERR through 'time command' and other functions set -o pipefail # trace ERR through pipes -Deleting_All # calling function +deleting_mock # calling function + diff --git a/deploy/mock-identity-system/install.sh b/deploy/mock-identity-system/install.sh index 89b97069..8fa29595 100755 --- a/deploy/mock-identity-system/install.sh +++ b/deploy/mock-identity-system/install.sh @@ -7,7 +7,7 @@ if [ $# -ge 1 ] ; then fi NS=mockid -CHART_VERSION=0.0.1-develop +CHART_VERSION=0.10.0-develop echo Create $NS namespace kubectl create ns $NS diff --git a/deploy/mock-relying-party-service/install.sh b/deploy/mock-relying-party-service/install.sh index d92ae4ef..9cd73a9b 100755 --- a/deploy/mock-relying-party-service/install.sh +++ b/deploy/mock-relying-party-service/install.sh @@ -6,13 +6,28 @@ if [ $# -ge 1 ] ; then export KUBECONFIG=$1 fi -NS=esignet -CHART_VERSION=0.0.1-develop +function installing_mock-relying-party-service() { -echo Create $NS namespace -kubectl create ns $NS + while true; do + read -p "Do you want to install mock relying party service? (y/n): " response + if [[ "$response" == "y" || "$response" == "Y" ]]; then + break + elif [[ "$response" == "n" || "$response" == "N" ]]; then + exit + else + echo "Not a correct response. Please respond with y (yes) or n (no)." + fi + done + + helm repo add mosip https://mosip.github.io/mosip-helm + helm repo update + + NS=esignet + CHART_VERSION=0.10.0-develop + + echo Create $NS namespace + kubectl create ns $NS || true -function installing_mock-relying-party-service() { echo Istio label kubectl label ns $NS istio-injection=enabled --overwrite @@ -36,12 +51,11 @@ function installing_mock-relying-party-service() { ESIGNET_SERVICE_URL=${USER_PROVIDED_ESIGNET_SERVICE_URL:-$DEFAULT_ESIGNET_SERVICE_URL} echo Installing Mock Relying Party Service -# helm -n $NS install mock-relying-party-service mosip/mock-relying-party-service \ - helm -n $NS install mock-relying-party-service ../../helm/mock-relying-party-service/ \ - --set mock_relying_party_service.ESIGNET_SERVICE_URL="$ESIGNET_SERVICE_URL" \ - --set mock_relying_party_service.ESIGNET_AUD_URL="https://$ESIGNET_HOST/v1/esignet/oauth/v2/token" \ - --version $CHART_VERSION $ENABLE_INSECURE \ - -f values.yaml --wait + helm -n $NS install mock-relying-party-service mosip/mock-relying-party-service \ + --set mock_relying_party_service.ESIGNET_SERVICE_URL="$ESIGNET_SERVICE_URL" \ + --set mock_relying_party_service.ESIGNET_AUD_URL="https://$ESIGNET_HOST/v1/esignet/oauth/v2/token" \ + --version $CHART_VERSION $ENABLE_INSECURE \ + -f values.yaml --wait kubectl -n $NS get deploy mock-relying-party-service -o name | xargs -n1 -t kubectl -n $NS rollout status diff --git a/deploy/mock-relying-party-ui/install.sh b/deploy/mock-relying-party-ui/install.sh index 10a00b25..b9c3d8a0 100755 --- a/deploy/mock-relying-party-ui/install.sh +++ b/deploy/mock-relying-party-ui/install.sh @@ -6,26 +6,40 @@ if [ $# -ge 1 ] ; then export KUBECONFIG=$1 fi -NS=esignet -CHART_VERSION=0.0.1-develop +function installing_mock-relying-party-ui() { -read -p "Please provide mock relying party ui domain (eg: healthservices.sandbox.xyz.net ) : " MOCK_UI_HOST + while true; do + read -p "Do you want to install mock relying party ui? (y/n): " response + if [[ "$response" == "y" || "$response" == "Y" ]]; then + break + elif [[ "$response" == "n" || "$response" == "N" ]]; then + exit + else + echo "Not a correct response. Please respond with y (yes) or n (no)." + fi + done -if [ -z "$MOCK_UI_HOST" ]; then - echo "Mock relying party UI Host not provided; EXITING;" - exit 0; -fi + helm repo add mosip https://mosip.github.io/mosip-helm + helm repo update -CHK_MOCK_UI_HOST=$( nslookup "$MOCK_UI_HOST" ) -if [ $? -gt 0 ]; then - echo "Mock relying party UI Host does not exists; EXITING;" - exit 0; -fi + NS=esignet + CHART_VERSION=0.10.0-develop -echo Create $NS namespace -kubectl create ns $NS + read -p "Please provide mock relying party ui domain (eg: healthservices.sandbox.xyz.net ) : " MOCK_UI_HOST + if [ -z "$MOCK_UI_HOST" ]; then + echo "Mock relying party UI Host not provided; EXITING;" + exit 1; + fi + + CHK_MOCK_UI_HOST=$( nslookup "$MOCK_UI_HOST" ) + if [ $? -gt 0 ]; then + echo "Mock relying party UI Host does not exists; EXITING;" + exit 1; + fi + + echo Create $NS namespace + kubectl create ns $NS || true -function installing_mock-relying-party-ui() { echo Istio label kubectl label ns $NS istio-injection=enabled --overwrite diff --git a/deploy/prereq.sh b/deploy/prereq.sh index db8be9d9..d041cf53 100755 --- a/deploy/prereq.sh +++ b/deploy/prereq.sh @@ -8,9 +8,12 @@ fi ROOT_DIR=`pwd` NS=mockid +ESIGNET_NS=esignet SOFTHSM_NS=softhsm SOFTHSM_CHART_VERSION=12.0.1 +kubectl create ns $NS || true +kubectl create ns $ESIGNET_NS || true function prereq_mockid () { echo Create $SOFTHSM_NS namespace @@ -38,10 +41,10 @@ function prereq_mockid () { function prereq_mockrp () { echo "Create secret for mock-relying-party-service-secrets and jwe-userinfo-private-key delete if exists" - kubectl -n $NS delete --ignore-not-found=true secrets mock-relying-party-private-key-jwk - kubectl -n $NS delete --ignore-not-found=true secrets jwe-userinfo-service-secrets - kubectl -n $NS create secret generic mock-relying-party-private-key-jwk --from-literal=client-private-key='' --dry-run=client -o yaml | kubectl apply -f - - kubectl -n $NS create secret generic jwe-userinfo-service-secrets --from-literal=JWE_USERINFO_PRIVATE_KEY='' --dry-run=client -o yaml | kubectl apply -f - + kubectl -n $ESIGNET_NS delete --ignore-not-found=true secrets mock-relying-party-private-key-jwk + kubectl -n $ESIGNET_NS delete --ignore-not-found=true secrets jwe-userinfo-service-secrets + kubectl -n $ESIGNET_NS create secret generic mock-relying-party-private-key-jwk --from-literal=client-private-key='' --dry-run=client -o yaml | kubectl apply -f - + kubectl -n $ESIGNET_NS create secret generic jwe-userinfo-service-secrets --from-literal=jwe-userinfo-private-key='' --dry-run=client -o yaml | kubectl apply -f - return 0 } diff --git a/helm/mock-identity-system/.gitignore b/helm/mock-identity-system/.gitignore new file mode 100644 index 00000000..f791801b --- /dev/null +++ b/helm/mock-identity-system/.gitignore @@ -0,0 +1,2 @@ +charts/ +Chart.lock diff --git a/helm/mock-identity-system/Chart.yaml b/helm/mock-identity-system/Chart.yaml index d47d986b..c79399fa 100644 --- a/helm/mock-identity-system/Chart.yaml +++ b/helm/mock-identity-system/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mock-identity-system description: A Helm chart for MOSIP mock-identity-system module type: application -version: 0.0.1-develop +version: 0.10.0-develop appVersion: "" dependencies: - name: common diff --git a/helm/mock-identity-system/templates/clusterrolebinding.yaml b/helm/mock-identity-system/templates/clusterrolebinding.yaml deleted file mode 100644 index 081db147..00000000 --- a/helm/mock-identity-system/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -metadata: - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - name: {{ template "common.names.fullname" . }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "common.names.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "mock-identity-system.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} diff --git a/helm/mock-identity-system/values.yaml b/helm/mock-identity-system/values.yaml index dcfa02e8..60bf67a8 100644 --- a/helm/mock-identity-system/values.yaml +++ b/helm/mock-identity-system/values.yaml @@ -53,7 +53,7 @@ service: image: registry: docker.io repository: mosipdev/mock-identity-system - tag: develop + tag: release-0.10.x ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images diff --git a/helm/mock-relying-party-service/.gitignore b/helm/mock-relying-party-service/.gitignore new file mode 100644 index 00000000..e508fa59 --- /dev/null +++ b/helm/mock-relying-party-service/.gitignore @@ -0,0 +1,2 @@ +chart/ +Chart.lock diff --git a/helm/mock-relying-party-service/Chart.yaml b/helm/mock-relying-party-service/Chart.yaml index e2916f43..a98b9d45 100644 --- a/helm/mock-relying-party-service/Chart.yaml +++ b/helm/mock-relying-party-service/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mock-relying-party-service description: A Helm chart to file server application. type: application -version: 0.0.1-develop +version: 0.10.0-develop appVersion: "" dependencies: - name: common diff --git a/helm/mock-relying-party-service/templates/clusterrolebinding.yaml b/helm/mock-relying-party-service/templates/clusterrolebinding.yaml deleted file mode 100644 index ae9894a7..00000000 --- a/helm/mock-relying-party-service/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -metadata: - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - name: {{ template "common.names.fullname" . }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "common.names.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "mock-relying-party-service.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} diff --git a/helm/mock-relying-party-service/values.yaml b/helm/mock-relying-party-service/values.yaml index 5aadfe42..11efd837 100644 --- a/helm/mock-relying-party-service/values.yaml +++ b/helm/mock-relying-party-service/values.yaml @@ -51,8 +51,8 @@ service: image: registry: docker.io - repository: mosipqa/mock-relying-party-service - tag: develop + repository: mosipdev/mock-relying-party-service + tag: release-0.10.x ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images diff --git a/helm/mock-relying-party-ui/.gitignore b/helm/mock-relying-party-ui/.gitignore new file mode 100644 index 00000000..f791801b --- /dev/null +++ b/helm/mock-relying-party-ui/.gitignore @@ -0,0 +1,2 @@ +charts/ +Chart.lock diff --git a/helm/mock-relying-party-ui/Chart.yaml b/helm/mock-relying-party-ui/Chart.yaml index b7ba0e64..d1abca12 100644 --- a/helm/mock-relying-party-ui/Chart.yaml +++ b/helm/mock-relying-party-ui/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: mock-relying-party-ui description: A Helm chart for MOSIP OIDC UI module type: application -version: 0.0.1-develop +version: 0.10.0-develop appVersion: "" dependencies: - name: common diff --git a/helm/mock-relying-party-ui/templates/clusterrolebinding.yaml b/helm/mock-relying-party-ui/templates/clusterrolebinding.yaml deleted file mode 100644 index 4bb16d41..00000000 --- a/helm/mock-relying-party-ui/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,19 +0,0 @@ -kind: ClusterRoleBinding -apiVersion: {{ include "common.capabilities.rbac.apiVersion" . }} -metadata: - labels: {{- include "common.labels.standard" . | nindent 4 }} - {{- if .Values.commonLabels }} - {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} - {{- end }} - name: {{ template "common.names.fullname" . }} - {{- if .Values.commonAnnotations }} - annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} - {{- end }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: {{ template "common.names.fullname" . }} -subjects: - - kind: ServiceAccount - name: {{ template "mock-relying-party-ui.serviceAccountName" . }} - namespace: {{ .Release.Namespace }} diff --git a/helm/mock-relying-party-ui/values.yaml b/helm/mock-relying-party-ui/values.yaml index 308bf802..6d0e6289 100644 --- a/helm/mock-relying-party-ui/values.yaml +++ b/helm/mock-relying-party-ui/values.yaml @@ -51,8 +51,8 @@ service: image: registry: docker.io - repository: mosipqa/mock-relying-party-ui - tag: develop + repository: mosipdev/mock-relying-party-ui + tag: release-0.10.x ## Specify a imagePullPolicy ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent' diff --git a/partner-onboarder/install.sh b/partner-onboarder/install.sh index bb8953b4..604d8eb7 100755 --- a/partner-onboarder/install.sh +++ b/partner-onboarder/install.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Onboards mock relying party OIDC helm +# Installs mock relying party onboarder OIDC helm ## Usage: ./install.sh [kubeconfig] if [ $# -ge 1 ] ; then @@ -21,7 +21,7 @@ if [ "$flag" = "n" ]; then fi NS=esignet -CHART_VERSION=0.0.1-develop +CHART_VERSION=1.5.0-es-develop echo Create $NS namespace kubectl create ns $NS || true @@ -91,7 +91,7 @@ function installing_onboarder() { echo "Istio label" kubectl label ns $NS istio-injection=disabled --overwrite -# helm repo update + helm repo update echo "Copy configmaps" COPY_UTIL=../deploy/copy_cm_func.sh @@ -101,12 +101,8 @@ function installing_onboarder() { $COPY_UTIL secret keycloak keycloak $NS $COPY_UTIL secret keycloak-client-secrets keycloak $NS - echo $NFS_OPTION - echo $S3_OPTION - echo $push_reports_to_s3 - echo "Onboarding Mock Relying Party OIDC client" - helm -n $NS install esignet-mock-rp-onboarder ../../mosip-onboarding/helm/partner-onboarder/ \ + helm -n $NS install esignet-mock-rp-onboarder mosip/partner-onboarder \ $NFS_OPTION \ $S3_OPTION \ --set onboarding.variables.push_reports_to_s3=$push_reports_to_s3 \ @@ -115,8 +111,10 @@ function installing_onboarder() { --set extraEnvVarsCM[2]=keycloak-host \ $ENABLE_INSECURE \ -f values.yaml \ - --debug --wait --wait-for-jobs - echo "Partner onboarded successfully and reports are moved to S3 or NFS" + --version $CHART_VERSION \ + --wait --wait-for-jobs + echo "Partner onboarder executed and reports are moved to S3 or NFS please check the same to make sure partner was onboarded sucessfully." + kubectl rollout restart deployment mock-relying-party-service -n esignet return 0 fi } diff --git a/partner-onboarder/values.yaml b/partner-onboarder/values.yaml index 856a24f2..d1344857 100644 --- a/partner-onboarder/values.yaml +++ b/partner-onboarder/values.yaml @@ -1,38 +1,26 @@ -image: - registry: docker.io - repository: mosipdev/partner-onboarder - tag: MOSIP-35987 +#image: +# registry: docker.io +# repository: mosipdev/partner-onboarder +# tag: MOSIP-35987 onboarding: modules: - - name: ida - enabled: false - - name: print - enabled: false - - name: abis - enabled: false - - name: resident - enabled: false - - name: mobileid - enabled: false - - name: digitalcard - enabled: false - - name: esignet - enabled: false - - name: resident-oidc - enabled: false - name: mock-rp-oidc enabled: true - - name: mimoto-keybinding - enabled: false - - name: mimoto-oidc - enabled: false - - name: signup-oidc - enabled: false - +# configmaps: +# s3: +# s3-host: 'http://minio.minio:9000' +# s3-user-key: 'admin' +# s3-region: '' +# onboarder-namespace: +# ns_mimoto: mimoto +# ns_esignet: esignet +# ns_signup: signup +# secrets: +# s3: +# s3-user-secret: 'password' # volumes: # reports: -# enabled: true # name: onboarder-reports # storageClass: nfs-client # accessModes: @@ -40,9 +28,9 @@ onboarding: # size: 10Mi # existingClaim: # # Dir where config and keys are written inside container -# mountDir: "/home/mosip/reports" +# mountDir: /home/mosip/reports # nfs: -# path: '' # Dir within the nfs server where config repo is cloned/maintained locally. -# server: '' # Ip address of nfs server. +# path: "/srv/nfs/sandbox/onboarding" # Dir within the nfs server where config repo is cloned/maintained locally. +# server: "nfs-server" # Ip address of nfs server. # variables: -# push-reports-to-s3: true +# push_reports_to_s3: true \ No newline at end of file