diff --git a/deployment/README.md b/deployment/README.md index ddab7b7..d19ab18 100644 --- a/deployment/README.md +++ b/deployment/README.md @@ -15,7 +15,13 @@ The following command line utilities. ```sh ./deploy.sh deploy.properties ``` -- Create a new transaction type `OPENCRVS_NEW` in `mosip_regprc/transaction_type` database table. +- Create a new transaction type, 'OPENCRVS_NEW,' in the 'mosip_regprc/transaction_type' database table: +``` + INSERT INTO regprc.transaction_type( + code, descr, lang_code, is_active, cr_by, cr_dtimes, upd_by, upd_dtimes, is_deleted, del_dtimes) + VALUES + ('OPENCRVS_NEW', 'OPENCRVS_NEW', 'eng', true, 'MOSIP_SYSTEM', CURRENT_TIMESTAMP, 'some_upd_by_value', CURRENT_TIMESTAMP, false, DEFAULT); +``` - Sync the OpenCRVS masterdata with MOSIP. (WIP. For now add some _states_ and _districts_ from OpenCRVS to MOSIP masterdata manually). - Onboard a new credential type partner (using [partner onboarding scripts](https://github.com/mosip/mosip-onboarding/tree/master), or via MOSIP PMP UI), with; - name like `opencrvs-partner` @@ -37,13 +43,18 @@ The following command line utilities. - `SUBSCRIBE_CREDENTIAL_ISSUED_INDIVIDUAL` - `PUBLISH_CREDENTIAL_STATUS_UPDATE_GENERAL` - Apart from creating the partner keycloak client, create a new user with the same username as the partner name (that was previously given), with any password. + +- Run the `keycloak-init.sh` script to create a client and user, as described above + ``` + ./keycloak-init.sh + ``` - Get certificate from OpenCRVS. - Run the following to install the mediator and components (The script will prompt for inputs): - ```sh + ``` ./install.sh ``` - OR Pass the following environment variables to the above script, if it is not desired to prompt for inputs: - ```sh + ``` export OPENCRVS_AUTH_URL= export OPENCRVS_LOCATIONS_URL= export OPENCRVS_RECEIVE_CREDENTIAL_URL= diff --git a/deployment/install.sh b/deployment/install.sh index b3f1214..6a54719 100755 --- a/deployment/install.sh +++ b/deployment/install.sh @@ -9,21 +9,6 @@ fi NS=opencrvs CHART_VERSION=12.0.2 -if [ -z $OPENCRVS_AUTH_URL ]; then read -p "Give Opencrvs Auth Url : " OPENCRVS_AUTH_URL ; fi -if [ -z $OPENCRVS_RECEIVE_CREDENTIAL_URL ]; then read -p "Give Opencrvs Receive Uin on Birth Url : " OPENCRVS_RECEIVE_CREDENTIAL_URL ; fi -if [ -z $OPENCRVS_LOCATIONS_URL ]; then read -p "Give OpenCRVS Country Config Locations Url : " OPENCRVS_LOCATIONS_URL ; fi - -if [ -z $OPENCRVS_CLIENT_ID ]; then read -p "Give Opencrvs Client id : " OPENCRVS_CLIENT_ID; fi -if [ -z $OPENCRVS_CLIENT_SECRET ]; then read -p "Give Opencrvs Client secret : " OPENCRVS_CLIENT_SECRET; fi -if [ -z $OPENCRVS_CLIENT_SHA_SECRET ]; then read -p "Give Opencrvs Client sha secret : " OPENCRVS_CLIENT_SHA_SECRET; fi - -if [ -z $MOSIP_OPENCRVS_PARTNER_CLIENT_ID ]; then read -p "Give MOSIP OpenCRVS Partner Client id : " MOSIP_OPENCRVS_PARTNER_CLIENT_ID; fi -if [ -z $MOSIP_OPENCRVS_PARTNER_CLIENT_SECRET ]; then read -p "Give MOSIP OpenCRVS Partner Client secret : " MOSIP_OPENCRVS_PARTNER_CLIENT_SECRET; fi -if [ -z $MOSIP_OPENCRVS_PARTNER_CLIENT_SHA_SECRET ]; then read -p "Give a random MOSIP OpenCRVS Partner Client sha secret : " MOSIP_OPENCRVS_PARTNER_CLIENT_SHA_SECRET; fi - -if [ -z $MOSIP_PRIVATE_KEY_PATH ]; then read -p "Give MOSIP OpenCRVS Mediator Private Key Path : " MOSIP_PRIVATE_KEY_PATH; fi -if [ -z $OPENCRVS_PUBLIC_KEY_PATH ]; then read -p "Give OpenCRVS Public Cert Path : " OPENCRVS_PUBLIC_KEY_PATH; fi - echo Create $NS namespace kubectl create ns $NS @@ -37,35 +22,11 @@ echo Copy Configmaps. echo Copy Secrets. ./copy_secrets.sh -kubectl -n $NS delete --ignore-not-found=true secret opencrvs-client-creds -kubectl -n $NS create secret generic opencrvs-client-creds \ - --from-literal=opencrvs_client_id=$OPENCRVS_CLIENT_ID \ - --from-literal=opencrvs_client_secret_key=$OPENCRVS_CLIENT_SECRET \ - --from-literal=opencrvs_client_sha_secret=$OPENCRVS_CLIENT_SHA_SECRET - -kubectl -n $NS delete --ignore-not-found=true secret opencrvs-partner-client-creds -kubectl -n $NS create secret generic opencrvs-partner-client-creds \ - --from-literal=mosip_opencrvs_partner_client_id=$MOSIP_OPENCRVS_PARTNER_CLIENT_ID \ - --from-literal=mosip_opencrvs_partner_client_secret=$MOSIP_OPENCRVS_PARTNER_CLIENT_SECRET \ - --from-literal=mosip_opencrvs_partner_client_sha_secret=$MOSIP_OPENCRVS_PARTNER_CLIENT_SHA_SECRET - -kubectl -n $NS delete --ignore-not-found=true secret opencrvs-partner-certs-keys -kubectl -n $NS create secret generic opencrvs-partner-certs-keys \ - --from-file=opencrvs-pub.key=$OPENCRVS_PUBLIC_KEY_PATH \ - --from-file=mosip-priv.key=$MOSIP_PRIVATE_KEY_PATH echo Installing mosip-side opencrvs-mediator... helm -n $NS install opencrvs-mediator mosip/opencrvs-mediator \ --version $CHART_VERSION \ - --set mediator.opencrvs.authUrl=$OPENCRVS_AUTH_URL \ - --set mediator.opencrvs.clientSecretName="opencrvs-client-creds" \ - --set mediator.opencrvs.partnerClientSecretName="opencrvs-partner-client-creds" \ - --set mediator.opencrvs.receiveCredentialUrl=$OPENCRVS_RECEIVE_CREDENTIAL_URL \ - --set mediator.opencrvs.locationsUrl=$OPENCRVS_LOCATIONS_URL \ - --set mediator.opencrvs.certsKeysSecretName="opencrvs-partner-certs-keys" \ - --set mediator.mosipOpencrvsKeycloakClientId="mosip-resident-client" \ - --set mediator.mosipOpencrvsDeathClientId="mosip-idrepo-client" \ - --set istio.existingGateway="istio-system/public" \ + -f values.yaml \ --wait echo Installing regproc-opencrvs-stage... diff --git a/deployment/values.yaml b/deployment/values.yaml new file mode 100755 index 0000000..a2178e6 --- /dev/null +++ b/deployment/values.yaml @@ -0,0 +1,9 @@ +mediator: + opencrvs: + authUrl: https://auth.farajaland.opencrvs.org/authenticateSystemClient + receiveCredentialUrl: http://opencrvs-side-mediator.opencrvs-side-mediator/birthReceiveNid + locationsUrl: https://gateway.farajaland.opencrvs.org/location + clientId: "opencrvs" + clientSecret: "1234" + clientShaSecret: "12345" +