Skip to content

Commit

Permalink
Merge pull request #1 from Rakshitha650/MOSIP-30135
Browse files Browse the repository at this point in the history
[MOSIP-30135]updated the existing scripts
  • Loading branch information
Rakshitha650 authored Jan 2, 2024
2 parents 8bac344 + 6ee1aa6 commit 5cab632
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 43 deletions.
17 changes: 14 additions & 3 deletions deployment/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,13 @@ The following command line utilities.
```sh
./deploy.sh deploy.properties
```
- Create a new transaction type `OPENCRVS_NEW` in `mosip_regprc/transaction_type` database table.
- Create a new transaction type, 'OPENCRVS_NEW,' in the 'mosip_regprc/transaction_type' database table:
```
INSERT INTO regprc.transaction_type(
code, descr, lang_code, is_active, cr_by, cr_dtimes, upd_by, upd_dtimes, is_deleted, del_dtimes)
VALUES
('OPENCRVS_NEW', 'OPENCRVS_NEW', 'eng', true, 'MOSIP_SYSTEM', CURRENT_TIMESTAMP, 'some_upd_by_value', CURRENT_TIMESTAMP, false, DEFAULT);
```
- Sync the OpenCRVS masterdata with MOSIP. (WIP. For now add some _states_ and _districts_ from OpenCRVS to MOSIP masterdata manually).
- Onboard a new credential type partner (using [partner onboarding scripts](https://github.com/mosip/mosip-onboarding/tree/master), or via MOSIP PMP UI), with;
- name like `opencrvs-partner`
Expand All @@ -37,13 +43,18 @@ The following command line utilities.
- `SUBSCRIBE_CREDENTIAL_ISSUED_INDIVIDUAL`
- `PUBLISH_CREDENTIAL_STATUS_UPDATE_GENERAL`
- Apart from creating the partner keycloak client, create a new user with the same username as the partner name (that was previously given), with any password.
- Run the `keycloak-init.sh` script to create a client and user, as described above
```
./keycloak-init.sh <cluster-kubeconfig-file>
```
- Get certificate from OpenCRVS.
- Run the following to install the mediator and components (The script will prompt for inputs):
```sh
```
./install.sh <cluster-kubeconfig-file>
```
- OR Pass the following environment variables to the above script, if it is not desired to prompt for inputs:
```sh
```
export OPENCRVS_AUTH_URL=
export OPENCRVS_LOCATIONS_URL=
export OPENCRVS_RECEIVE_CREDENTIAL_URL=
Expand Down
41 changes: 1 addition & 40 deletions deployment/install.sh
Original file line number Diff line number Diff line change
Expand Up @@ -9,21 +9,6 @@ fi
NS=opencrvs
CHART_VERSION=12.0.2

if [ -z $OPENCRVS_AUTH_URL ]; then read -p "Give Opencrvs Auth Url : " OPENCRVS_AUTH_URL ; fi
if [ -z $OPENCRVS_RECEIVE_CREDENTIAL_URL ]; then read -p "Give Opencrvs Receive Uin on Birth Url : " OPENCRVS_RECEIVE_CREDENTIAL_URL ; fi
if [ -z $OPENCRVS_LOCATIONS_URL ]; then read -p "Give OpenCRVS Country Config Locations Url : " OPENCRVS_LOCATIONS_URL ; fi

if [ -z $OPENCRVS_CLIENT_ID ]; then read -p "Give Opencrvs Client id : " OPENCRVS_CLIENT_ID; fi
if [ -z $OPENCRVS_CLIENT_SECRET ]; then read -p "Give Opencrvs Client secret : " OPENCRVS_CLIENT_SECRET; fi
if [ -z $OPENCRVS_CLIENT_SHA_SECRET ]; then read -p "Give Opencrvs Client sha secret : " OPENCRVS_CLIENT_SHA_SECRET; fi

if [ -z $MOSIP_OPENCRVS_PARTNER_CLIENT_ID ]; then read -p "Give MOSIP OpenCRVS Partner Client id : " MOSIP_OPENCRVS_PARTNER_CLIENT_ID; fi
if [ -z $MOSIP_OPENCRVS_PARTNER_CLIENT_SECRET ]; then read -p "Give MOSIP OpenCRVS Partner Client secret : " MOSIP_OPENCRVS_PARTNER_CLIENT_SECRET; fi
if [ -z $MOSIP_OPENCRVS_PARTNER_CLIENT_SHA_SECRET ]; then read -p "Give a random MOSIP OpenCRVS Partner Client sha secret : " MOSIP_OPENCRVS_PARTNER_CLIENT_SHA_SECRET; fi

if [ -z $MOSIP_PRIVATE_KEY_PATH ]; then read -p "Give MOSIP OpenCRVS Mediator Private Key Path : " MOSIP_PRIVATE_KEY_PATH; fi
if [ -z $OPENCRVS_PUBLIC_KEY_PATH ]; then read -p "Give OpenCRVS Public Cert Path : " OPENCRVS_PUBLIC_KEY_PATH; fi

echo Create $NS namespace
kubectl create ns $NS

Expand All @@ -37,35 +22,11 @@ echo Copy Configmaps.

echo Copy Secrets.
./copy_secrets.sh
kubectl -n $NS delete --ignore-not-found=true secret opencrvs-client-creds
kubectl -n $NS create secret generic opencrvs-client-creds \
--from-literal=opencrvs_client_id=$OPENCRVS_CLIENT_ID \
--from-literal=opencrvs_client_secret_key=$OPENCRVS_CLIENT_SECRET \
--from-literal=opencrvs_client_sha_secret=$OPENCRVS_CLIENT_SHA_SECRET

kubectl -n $NS delete --ignore-not-found=true secret opencrvs-partner-client-creds
kubectl -n $NS create secret generic opencrvs-partner-client-creds \
--from-literal=mosip_opencrvs_partner_client_id=$MOSIP_OPENCRVS_PARTNER_CLIENT_ID \
--from-literal=mosip_opencrvs_partner_client_secret=$MOSIP_OPENCRVS_PARTNER_CLIENT_SECRET \
--from-literal=mosip_opencrvs_partner_client_sha_secret=$MOSIP_OPENCRVS_PARTNER_CLIENT_SHA_SECRET

kubectl -n $NS delete --ignore-not-found=true secret opencrvs-partner-certs-keys
kubectl -n $NS create secret generic opencrvs-partner-certs-keys \
--from-file=opencrvs-pub.key=$OPENCRVS_PUBLIC_KEY_PATH \
--from-file=mosip-priv.key=$MOSIP_PRIVATE_KEY_PATH

echo Installing mosip-side opencrvs-mediator...
helm -n $NS install opencrvs-mediator mosip/opencrvs-mediator \
--version $CHART_VERSION \
--set mediator.opencrvs.authUrl=$OPENCRVS_AUTH_URL \
--set mediator.opencrvs.clientSecretName="opencrvs-client-creds" \
--set mediator.opencrvs.partnerClientSecretName="opencrvs-partner-client-creds" \
--set mediator.opencrvs.receiveCredentialUrl=$OPENCRVS_RECEIVE_CREDENTIAL_URL \
--set mediator.opencrvs.locationsUrl=$OPENCRVS_LOCATIONS_URL \
--set mediator.opencrvs.certsKeysSecretName="opencrvs-partner-certs-keys" \
--set mediator.mosipOpencrvsKeycloakClientId="mosip-resident-client" \
--set mediator.mosipOpencrvsDeathClientId="mosip-idrepo-client" \
--set istio.existingGateway="istio-system/public" \
-f values.yaml \
--wait

echo Installing regproc-opencrvs-stage...
Expand Down
9 changes: 9 additions & 0 deletions deployment/values.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
mediator:
opencrvs:
authUrl: https://auth.farajaland.opencrvs.org/authenticateSystemClient
receiveCredentialUrl: http://opencrvs-side-mediator.opencrvs-side-mediator/birthReceiveNid
locationsUrl: https://gateway.farajaland.opencrvs.org/location
clientId: "opencrvs"
clientSecret: "1234"
clientShaSecret: "12345"

0 comments on commit 5cab632

Please sign in to comment.