Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[MOSIP-35160] added helm and installation script for admin-ui #326

Merged
merged 5 commits into from
Sep 10, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
62 changes: 62 additions & 0 deletions .github/workflows/chart-lint-publish.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
name: Validate / Publish helm charts

on:
release:
types: [published]
pull_request:
types: [opened, reopened, synchronize]
paths:
- 'helm/**'
workflow_dispatch:
inputs:
IGNORE_CHARTS:
description: 'Provide list of charts to be ignored separated by pipe(|)'
required: false
default: '""'
type: string
CHART_PUBLISH:
description: 'Chart publishing to gh-pages branch'
required: false
default: 'NO'
type: string
options:
- YES
- NO
INCLUDE_ALL_CHARTS:
description: 'Include all charts for Linting/Publishing (YES/NO)'
required: false
default: 'NO'
type: string
options:
- YES
- NO
push:
branches:
- '!release-branch'
- '!master'
- 1.*
- 0.*
- develop
- release*
paths:
- 'helm/**'

jobs:
chart-lint-publish:
uses: mosip/kattu/.github/workflows/chart-lint-publish.yml@master
with:
CHARTS_DIR: ./helm
CHARTS_URL: https://mosip.github.io/mosip-helm
REPOSITORY: mosip-helm
BRANCH: gh-pages
INCLUDE_ALL_CHARTS: "${{ inputs.INCLUDE_ALL_CHARTS || 'NO' }}"
IGNORE_CHARTS: "${{ inputs.IGNORE_CHARTS || '\"\"' }}"
CHART_PUBLISH: "${{ inputs.CHART_PUBLISH || 'YES' }}"
LINTING_CHART_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-schema.yaml"
LINTING_LINTCONF_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/lintconf.yaml"
LINTING_CHART_TESTING_CONFIG_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/chart-testing-config.yaml"
LINTING_HEALTH_CHECK_SCHEMA_YAML_URL: "https://raw.githubusercontent.com/mosip/kattu/master/.github/helm-lint-configs/health-check-schema.yaml"
DEPENDENCIES: "mosip,https://mosip.github.io/mosip-helm;"
secrets:
TOKEN: ${{ secrets.ACTION_PAT }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
29 changes: 0 additions & 29 deletions .github/workflows/release-changes.yml

This file was deleted.

35 changes: 0 additions & 35 deletions .github/workflows/tag.yml

This file was deleted.

23 changes: 23 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,29 @@ Run `ng test` to execute the unit tests via [Karma](https://karma-runner.github.

Run `ng e2e` to execute the end-to-end tests via [Protractor](http://www.protractortest.org/).

## Deployment in K8 cluster with other MOSIP services:
### Pre-requisites
* Set KUBECONFIG variable to point to existing K8 cluster kubeconfig file:
* ```
export KUBECONFIG=~/.kube/<my-cluster.config>
```
### Install
```
$ cd deploy
$ ./install.sh
```
### Delete
```
$ cd deploy
$ ./delete.sh
```
### Restart
```
$ cd deploy
$ ./restart.sh
```


## Further help

To get more help on the Angular CLI use `ng help` or go check out the [Angular CLI README](https://github.com/angular/angular-cli/blob/master/README.md).
Expand Down
37 changes: 37 additions & 0 deletions deploy/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# Admin module

## Install
```
./install.sh
```
## Admin proxy
Admin service accesses other services like Materdata and Keymanager and currently there is only one URL that is used to connect to both these services. This will get fixed in future versions, but as a an interim solution, Admin Proxy docker has been created, which is basically an Nginx proxy connecting to the above services with these URLs:
```
http://admin-proxy/v1/masterdata
http://admin-proxy/v1/keymanager
```
The proxy is installed as part of `install.sh` script.

## Admin user
1. In Keycloak, create a user in `mosip` realm called `globaladmin` and assign role `GLOBAL_ADMIN`. Make sure this user has strong credentials.
2. Use this user to login into Admin portal via Keycloak. (Note that this user is already on-boarded as default user while uploading masterdata XLS in Kernel module)
3. _Strongly Recommended_: Create another user in keycloak with authentic name, email, details, strong password and `GLOBAL_ADMIN` role. Assign global zone to this user via Admin portal, and then delete `globaladmin` from Keycloak and masterdata DB.

## Admin portal
Access the portal with following URL:
```
https://<your-internal-api-host>/admin-ui/

Example:
https://api-internal.sandbox.xyz.net/admin-ui/
```
Your wireguard client must be running for this access.

## Onboarding
Use the portal to onboard user, machine, center.

Note that for onboarding a user (like a Zonal Admin or Registration Officer),
1. Create user in Keycloak with appropriate role.
1. Map the user to a Zone using Admin portal.
1. Map user to a registration center (in case of Registration Officer/Supervisor) using Admin portal.

25 changes: 25 additions & 0 deletions deploy/copy_cm.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
#!/bin/bash
# Copy configmaps from other namespaces
# DST_NS: Destination namespace

function copying_cm() {
UTIL_URL=https://raw.githubusercontent.com/mosip/mosip-infra/master/deployment/v3/utils/copy_cm_func.sh
COPY_UTIL=./copy_cm_func.sh
DST_NS=admin

wget -q $UTIL_URL -O copy_cm_func.sh && chmod +x copy_cm_func.sh

$COPY_UTIL configmap global default $DST_NS
$COPY_UTIL configmap artifactory-share artifactory $DST_NS
$COPY_UTIL configmap config-server-share config-server $DST_NS
return 0
}

# set commands for error handling.
set -e
set -o errexit ## set -e : exit the script if any statement returns a non-true return value
set -o nounset ## set -u : exit the script if you try to use an uninitialised variable
set -o errtrace # trace ERR through 'time command' and other functions
set -o pipefail # trace ERR through pipes
copying_cm # calling function

30 changes: 30 additions & 0 deletions deploy/delete.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
#!/bin/bash
# Uninstalls all admin-ui helm charts
## Usage: ./delete.sh [kubeconfig]

if [ $# -ge 1 ] ; then
export KUBECONFIG=$1
fi

function deleting_admin_ui() {
NS=admin
while true; do
read -p "Are you sure you want to delete ALL Admin-ui helm charts?(Y/n) " yn
if [ $yn = "Y" ]
then
helm -n $NS delete admin-ui
break
else
break
fi
done
return 0
}

# set commands for error handling.
set -e
set -o errexit ## set -e : exit the script if any statement returns a non-true return value
set -o nounset ## set -u : exit the script if you try to use an uninitialised variable
set -o errtrace # trace ERR through 'time command' and other functions
set -o pipefail # trace ERR through pipes
deleting_admin_ui # calling function
45 changes: 45 additions & 0 deletions deploy/install.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
#!/bin/bash
# Installs the admin-ui module
# Make sure you have updated ui_values.yaml
## Usage: ./install.sh [kubeconfig]

if [ $# -ge 1 ] ; then
export KUBECONFIG=$1
fi

NS=admin
CHART_VERSION=0.0.1-develop

echo Create $NS namespace
kubectl create ns $NS

function installing_admin_ui() {
echo Istio label
kubectl label ns $NS istio-injection=enabled --overwrite
helm repo update

echo Copy configmaps
sed -i 's/\r$//' copy_cm.sh
./copy_cm.sh

API_HOST=$(kubectl get cm global -o jsonpath={.data.mosip-api-internal-host})
ADMIN_HOST=$(kubectl get cm global -o jsonpath={.data.mosip-admin-host})

echo Installing admin-ui
helm -n $NS install admin-ui mosip/admin-ui --set admin.apiUrl=https://$API_HOST/v1/ --set istio.hosts\[0\]=$ADMIN_HOST --version $CHART_VERSION

kubectl -n $NS get deploy -o name | xargs -n1 -t kubectl -n $NS rollout status

echo Installed admin services

echo "Admin portal URL: https://$ADMIN_HOST/admin-ui/"
return 0
}

# set commands for error handling.
set -e
set -o errexit ## set -e : exit the script if any statement returns a non-true return value
set -o nounset ## set -u : exit the script if you try to use an uninitialised variable
set -o errtrace # trace ERR through 'time command' and other functions
set -o pipefail # trace ERR through pipes
installing_admin_ui # calling function
25 changes: 25 additions & 0 deletions deploy/restart.sh
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
#!/bin/bash
# Restarts the admin_ui
## Usage: ./restart.sh [kubeconfig]

if [ $# -ge 1 ] ; then
export KUBECONFIG=$1
fi

function Restarting_admin_ui() {
NS=admin
kubectl -n $NS rollout restart deploy

kubectl -n $NS get deploy -o name | xargs -n1 -t kubectl -n $NS rollout status

echo Restarted admin_ui
return 0
}

# set commands for error handling.
set -e
set -o errexit ## set -e : exit the script if any statement returns a non-true return value
set -o nounset ## set -u : exit the script if you try to use an uninitialised variable
set -o errtrace # trace ERR through 'time command' and other functions
set -o pipefail # trace ERR through pipes
Restarting_admin_ui # calling function
1 change: 1 addition & 0 deletions helm/admin-ui/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
charts/
21 changes: 21 additions & 0 deletions helm/admin-ui/.helmignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
20 changes: 20 additions & 0 deletions helm/admin-ui/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
apiVersion: v2
name: admin-ui
description: A Helm chart for MOSIP Admin UI module
type: application
version: 0.0.1-develop
appVersion: ""
dependencies:
- name: common
repository: https://charts.bitnami.com/bitnami
tags:
- bitnami-common
version: 1.x.x
home: https://mosip.io
keywords:
- mosip
- admin
- kernel
maintainers:
- email: [email protected]
name: MOSIP
10 changes: 10 additions & 0 deletions helm/admin-ui/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
# Admin-ui

Helm chart for installing MOSIP Admin UI module

## TL;DR

```console
$ helm repo add mosip https://mosip.github.io
$ helm install my-release mosip/admin-ui
```
1 change: 1 addition & 0 deletions helm/admin-ui/templates/NOTES.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@

Loading
Loading