Merge pull request #40 from mosip/ckm007-patch-1

[MOSIP-35490] moved required helm and deploy scripts to modular repo

.github/workflows/chart-lint-publish.yml

@@ -0,0 +1,62 @@
+name: Validate / Publish helm charts
+
+on:
+  release:
+    types: [published]
+  pull_request:
+    types: [opened, reopened, synchronize]
+    paths:
+      - 'helm/**'
+  workflow_dispatch:
+    inputs:
+      IGNORE_CHARTS:
+        description: 'Provide list of charts to be ignored separated by pipe(|)'
+        required: false
+        default: '""'
+        type: string
+      CHART_PUBLISH:
+        description: 'Chart publishing to gh-pages branch'
+        required: false
+        default: 'NO'
+        type: string
+        options:
+          - YES
+          - NO
+      INCLUDE_ALL_CHARTS:
+        description: 'Include all charts for Linting/Publishing (YES/NO)'
+        required: false
+        default: 'NO'
+        type: string
+        options:
+          - YES
+          - NO
+  push:
+    branches:
+      - '!release-branch'
+      - '!master'
+      - 1.*
+      - 0.*
+      - develop
+      - MOSIP*
+      - release*
+    paths:
+      - './helm/**'
+
+jobs:
+  chart-lint-publish:
+    uses: mosip/kattu/.github/workflows/chart-lint-publish.yml@master
+    with:
+      CHARTS_DIR: ./helm
+      CHARTS_URL: https://mosip.github.io/mosip-helm
+      REPOSITORY: mosip-helm
+      BRANCH: gh-pages
+      INCLUDE_ALL_CHARTS: "${{ inputs.INCLUDE_ALL_CHARTS || 'NO' }}"
+      IGNORE_CHARTS: "${{ inputs.IGNORE_CHARTS || '\"\"' }}"
+      CHART_PUBLISH: "${{ inputs.CHART_PUBLISH || 'YES' }}"
+      LINTING_CHART_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-schema.yaml"
+      LINTING_LINTCONF_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/lintconf.yaml"
+      LINTING_CHART_TESTING_CONFIG_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-testing-config.yaml"
+      LINTING_HEALTH_CHECK_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/health-check-schema.yaml"
+    secrets:
+      TOKEN: ${{ secrets.ACTION_PAT }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

deploy/minio-client-util/README.md

@@ -0,0 +1,30 @@
+# Minio Client Utility
+
+## Context
+* This utility helps to clear objects from S3 buckets.
+* The utility is expected to clear objects that are older than specified no of retention days.
+
+## Prerequisites
+* S3 accessible using the Server URL.
+* ACCESS and SECRET Keys having delete role for the targeted bucket in S3.
+* Docker installed in respective server from where the tool will be executed.
+
+## Install
+```sh
+./install.sh
+```
+#### Run minio-client-util manually via Rancher UI
+* Select the minio-client-util cronjob and click the 'Run Now' option
+![mc-1.png](images/mc-1.png)
+
+#### Run minio-client-util manually via CLI
+* Download Kubernetes cluster `kubeconfig` file from `rancher dashboard` to your local.
+* Install `kubectl` package to your local machine.
+* Run minio-client-util manually via CLI by creating a new job from an existing k8s cronjob.
+  ```
+  kubectl --kubeconfig=<k8s-config-file> -n minio-client-util create job --from=cronjob/<cronjob-name> <job-name>
+  ```
+  Example:
+  ```
+  kubectl --kubeconfig=/home/xxx/Downloads/dev.config -n minio-client-util create job --from=cronjob/cronjob-minio-client-util cronjob-minio-client-util
+  ```

deploy/minio-client-util/copy_secrets.sh

@@ -0,0 +1,11 @@
+#!/bin/bash
+# Copy secrets from other namespaces
+# DST_NS: Destination namespace 
+  UTIL_URL=https:https://raw.githubusercontent.com/mosip/mosip-infra/master/deployment/v3/utils/copy_cm_func.sh
+  COPY_UTIL=./copy_cm_func.sh
+
+  wget -q $UTIL_URL -O copy_cm_func.sh && chmod +x copy_cm_func.sh
+
+  DST_NS=minio-client-util
+  $COPY_UTIL secret s3 s3 $DST_NS
+

deploy/minio-client-util/delete.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+# Uninstalls minio-client-util
+## Usage: ./delete.sh [kubeconfig]
+
+if [ $# -ge 1 ] ; then
+  export KUBECONFIG=$1
+fi
+
+function deleting_minio-client-util() {
+  NS=minio-client-util
+  while true; do
+      read -p "Are you sure you want to delete minio-client-util helm charts?(Y/n) " yn
+      if [ $yn = "Y" ]
+        then
+          helm -n $NS delete minio-client-util
+          break
+        else
+          break
+      fi
+  done
+  return 0
+}
+
+# set commands for error handling.
+set -e
+set -o errexit   ## set -e : exit the script if any statement returns a non-true return value
+set -o nounset   ## set -u : exit the script if you try to use an uninitialised variable
+set -o errtrace  # trace ERR through 'time command' and other functions
+set -o pipefail  # trace ERR through pipes
+deleting_minio-client-util   # calling function

deploy/minio-client-util/install.sh

@@ -0,0 +1,83 @@
+#!/bin/bash
+# Installs minio-client-util
+## Usage: ./install.sh [kubeconfig]
+
+if [ $# -ge 1 ] ; then
+  export KUBECONFIG=$1
+fi
+
+NS=minio-client-util
+CHART_VERSION=0.0.1-develop
+
+echo Create $NS namespace
+kubectl create ns $NS
+
+function installing_minio-client-util() {
+  helm repo update
+
+  read -p "Please enter the time(hr) to run the cronjob every day (time: 0-23) : " time
+  if [ -z "$time" ]; then
+     echo "ERROR: Time cannot be empty; EXITING;";
+     exit 1;
+  fi
+  if ! [ $time -eq $time ] 2>/dev/null; then
+     echo "ERROR: Time $time is not a number; EXITING;";
+     exit 1;
+  fi
+  if [ $time -gt 23 ] || [ $time -lt 0 ] ; then
+     echo "ERROR: Time should be in range ( 0-23 ); EXITING;";
+     exit 1;
+  fi
+
+  read -p "Please provide S3 Server URL " S3_SERVER_URL
+  if [ -z "$S3_SERVER_URL" ]; then
+      echo "ERROR: S3 Server URL not Specified; EXITING;";
+      exit 1;
+  fi
+
+  read -p "Please provide S3 Access Key " S3_ACCESS_KEY
+  if [ -z "$S3_ACCESS_KEY" ]; then
+      echo "ERROR: Access Key not Specified; EXITING;";
+      exit 1;
+  fi
+
+  echo "Please provide S3 Secret Key"
+  read -s S3_SECRET_KEY
+  if [ -z "$S3_SECRET_KEY" ]; then
+      echo "ERROR: Secret Key not Specified; EXITING;";
+      exit 1;
+  fi
+
+  read -p "Please provide number of days the objects needed to be cleared from minio [format:'no_of_days'd](eg:3d) : " S3_RETENTION_DAYS
+  if [ -z "$S3_RETENTION_DAYS" ]; then
+      echo "ERROR: Number of days to clear the test report cannot be empty; EXITING;";
+      exit 1;
+  fi
+
+  read -p "Please provide list of bucket names separated by double backward slash & comma (\\,) for which objects needs to be removed: (eg: bucket1\\,bucket2\\,bucket3\\,...\\,bucketN)" BUCKET_LIST
+  if [ -z "$BUCKET_LIST" ]; then
+      echo "ERROR: Bucket name cannot be empty; EXITING;";
+      exit 1;
+  fi
+
+  echo Installing minio-client-util
+  helm -n $NS install minio-client-util mosip/minio-client-util \
+  --set crontime="0 $time * * *" \
+  --set "minioclient.configmaps.s3.S3_BUCKET_LIST=$BUCKET_LIST" \
+  --set "minioclient.configmaps.s3.S3_SERVER_URL=$S3_SERVER_URL" \
+  --set "minioclient.configmaps.s3.S3_ACCESS_KEY=$S3_ACCESS_KEY" \
+  --set "minioclient.configmaps.s3.S3_RETENTION_DAYS=$S3_RETENTION_DAYS" \
+  --set "minioclient.secrets.s3.S3_SECRET_KEY=$S3_SECRET_KEY" \
+  --version $CHART_VERSION
+
+  echo Installed minio client utility
+  return 0
+}
+
+# set commands for error handling.
+set -e
+set -o errexit   ## set -e : exit the script if any statement returns a non-true return value
+set -o nounset   ## set -u : exit the script if you try to use an uninitialised variable
+set -o errtrace  # trace ERR through 'time command' and other functions
+set -o pipefail  # trace ERR through pipes
+installing_minio-client-util  # calling function

deploy/softhsm-backup/README.md

@@ -0,0 +1,12 @@
+# SOFTHSM Backup Utility
+
+This utility backs up SOFTHSM tokens to AWS S3 and removes tokens older than a specified number of days.
+
+
+## Install
+```sh
+./install.sh
+```
+
+
+

deploy/softhsm-backup/delete.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+# Uninstalls softhsm-backup
+## Usage: ./delete.sh [kubeconfig]
+
+if [ $# -ge 1 ] ; then
+  export KUBECONFIG=$1
+fi
+
+function deleting_softhsm-backup() {
+  NS=softhsm-backup
+  while true; do
+      read -p "Are you sure you want to delete softhsm-backup helm charts?(Y/n) " yn
+      if [ $yn = "Y" ]
+        then
+          helm -n $NS delete softhsm-backup
+          break
+        else
+          break
+      fi
+  done
+  return 0
+}
+
+# set commands for error handling.
+set -e
+set -o errexit   ## set -e : exit the script if any statement returns a non-true return value
+set -o nounset   ## set -u : exit the script if you try to use an uninitialised variable
+set -o errtrace  # trace ERR through 'time command' and other functions
+set -o pipefail  # trace ERR through pipes
+deleting_softhsm-backup   # calling function

deploy/softhsm-backup/install.sh

@@ -0,0 +1,86 @@
+#!/bin/bash
+# Installs softhsm-backup
+## Usage: ./install.sh [kubeconfig]
+
+if [ $# -ge 1 ] ; then
+  export KUBECONFIG=$1
+fi
+
+NS=softhsm-backup
+CHART_VERSION=0.0.1-develop
+
+echo Create $NS namespace
+kubectl create ns $NS
+
+function installing_softhsm-backup() {
+  helm repo update
+
+  read -p "Please provide S3 Bucket Name: " S3_BUCKET
+  if [ -z "S3_BUCKET" ]; then
+     echo "ERROR: S3 Bucket Name not Specified; EXITING;";
+     exit 1;
+  fi
+
+  read -p "Please provide AWS ACCESS KEY ID: " AWS_ACCESS_KEY_ID
+  if [ -z "AWS_ACCESS_KEY_ID" ]; then
+      echo "ERROR: AWS ACCESS KEY ID not Specified; EXITING;";
+      exit 1;
+  fi
+
+
+  echo "Please provide AWS SECRET ACCESS KEY"
+  read -s AWS_SECRET_ACCESS_KEY
+  if [ -z "AWS_SECRET_ACCESS_KEY" ]; then
+      echo "ERROR: AWS SECRET ACCESS KEY not Specified; EXITING;";
+      exit 1;
+  fi
+
+
+  read -p "Please provide AWS REGION: " AWS_REGION
+  if [ -z "AWS_REGION" ]; then
+      echo "ERROR: AWS REGION not Specified; EXITING;";
+      exit 1;
+  fi
+
+  read -p "Please provide number of days the objects needed to be cleared from s3 bucket (eg:15) : " S3_RETENTION_DAYS
+    if [ -z "$S3_RETENTION_DAYS" ]; then
+        echo "ERROR: Number of days to clear the objects empty; EXITING;";
+        exit 1;
+    fi
+
+  read -p "Please enter the time(hr) to run the cronjob every day (time: 0-23) : " time
+  if [ -z "$time" ]; then
+     echo "ERROR: Time cannot be empty; EXITING;";
+     exit 1;
+  fi
+  if ! [ $time -eq $time ] 2>/dev/null; then
+     echo "ERROR: Time $time is not a number; EXITING;";
+     exit 1;
+  fi
+  if [ $time -gt 23 ] || [ $time -lt 0 ] ; then
+     echo "ERROR: Time should be in range ( 0-23 ); EXITING;";
+     exit 1;
+  fi
+
+
+  echo Installing softhsm-backup
+  helm -n $NS install softhsm-backup mosip/softhsmbackup \
+  --set crontime="0 $time * * *" \
+  --set "softhsmbackup.configmaps.s3.S3_BUCKET=$S3_BUCKET" \
+  --set "softhsmbackup.configmaps.s3.AWS_ACCESS_KEY_ID=$AWS_ACCESS_KEY_ID" \
+  --set "softhsmbackup.configmaps.s3.AWS_REGION=$AWS_REGION" \
+  --set "softhsmbackup.configmaps.s3.S3_RETENTION_DAYS=$S3_RETENTION_DAYS" \
+  --set "softhsmbackup.secrets.s3.AWS_SECRET_ACCESS_KEY=$AWS_SECRET_ACCESS_KEY" \
+  --version $CHART_VERSION
+
+  echo Installed softhsm backup utility
+  return 0
+}
+
+# set commands for error handling.
+set -e
+set -o errexit   ## set -e : exit the script if any statement returns a non-true return value
+set -o nounset   ## set -u : exit the script if you try to use an uninitialised variable
+set -o errtrace  # trace ERR through 'time command' and other functions
+set -o pipefail  # trace ERR through pipes
+installing_softhsm-backup  # calling function

helm/minio-client-util/Chart.yaml

@@ -0,0 +1,19 @@
+apiVersion: v2
+name: minio-client-util
+description: A Helm chart to deploy s3 utility to remove apitestrig reports from minio
+type: application
+version: 0.0.1-develop
+appVersion: ""
+dependencies:
+  - name: common
+    repository: https://charts.bitnami.com/bitnami
+    tags:
+      - bitnami-common
+    version: 1.x.x
+home: https://mosip.io
+keywords:
+  - mosip
+  - minioclient
+maintainers:
+  - email: [email protected]
+    name: MOSIP