This is an automated email from the ASF dual-hosted git repository.

omartushevskyi pushed a commit to branch DLAB-1158
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git


The following commit(s) were added to refs/heads/DLAB-1158 by this push:
     new 7e0a03b  added step-ca
7e0a03b is described below

commit 7e0a03be035ea205b0babb3d809bf773debff612
Author: Oleh Martushevskyi <oleh_martushevs...@epam.com>
AuthorDate: Tue Dec 3 15:12:44 2019 +0200

    added step-ca
---
 .../helm_charts/dlab-ui-chart/templates/cert.yaml  |  1 +
 .../modules/helm_charts/dlab-ui-chart/values.yaml  |  9 ++-
 .../ssn-gke/main/modules/helm_charts/dlab-ui.tf    |  3 +-
 .../main/modules/helm_charts/external-dns.tf       | 35 +++++++++
 .../modules/helm_charts/external-dns/.helmignore   | 43 ++++++++++++
 .../modules/helm_charts/external-dns/Chart.yaml    | 26 +++++++
 .../helm_charts/external-dns/templates/NOTES.txt   | 27 +++++++
 .../external-dns/templates/_helpers.tpl            | 65 +++++++++++++++++
 .../external-dns/templates/externaldns.yaml        | 82 ++++++++++++++++++++++
 .../modules/helm_charts/external-dns/values.yaml   | 23 ++++++
 .../ssn-gke/main/modules/helm_charts/keycloak.tf   |  4 +-
 11 files changed, 312 insertions(+), 6 deletions(-)

diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui-chart/templates/cert.yaml
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui-chart/templates/cert.yaml
index 9285a2b..1836887 100644
--- 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui-chart/templates/cert.yaml
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui-chart/templates/cert.yaml
@@ -35,6 +35,7 @@ spec:
   # DNS SAN
   dnsNames:
     - localhost
+    - dlab-ui.k8s-gcp.dlabanalytics.com
   # IP Address SAN
   ipAddresses:
     - "127.0.0.1"
diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui-chart/values.yaml
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui-chart/values.yaml
index a75d1ab..0b679ad 100644
--- 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui-chart/values.yaml
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui-chart/values.yaml
@@ -41,7 +41,8 @@ ui:
     https_port: 443
   ingress:
     enabled: true
-    host: ${ssn_k8s_alb_dns_name}
+    host: dlab-ui.k8s-gcp.dlabanalytics.com
+    # ${ssn_k8s_alb_dns_name}
     annotations:
       kubernetes.io/ingress.class: nginx
       nginx.ingress.kubernetes.io/ssl-redirect: "true"
@@ -53,8 +54,10 @@ ui:
     username: ${mongo_user}
     db_name: ${mongo_db_name}
   keycloak:
-    auth_server_url: https://${ssn_k8s_alb_dns_name}/auth
-    redirect_uri: https://${ssn_k8s_alb_dns_name}/
+    auth_server_url: dlab-ui.k8s-gcp.dlabanalytics.com
+    # https://${ssn_k8s_alb_dns_name}/auth
+    redirect_uri: dlab-ui.k8s-gcp.dlabanalytics.com
+    # https://${ssn_k8s_alb_dns_name}/
 
   custom_certs:
     enabled: ${custom_certs_enabled}
diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui.tf
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui.tf
index 0f0fcb9..5dd911a 100644
--- 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui.tf
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/dlab-ui.tf
@@ -49,7 +49,8 @@ data "template_file" "dlab_ui_values" {
 resource "helm_release" "dlab_ui" {
     name       = "dlab-ui"
     chart      = "./modules/helm_charts/dlab-ui-chart"
-    depends_on = [helm_release.mongodb, 
kubernetes_secret.mongo_db_password_secret, null_resource.step_ca_issuer_delay]
+    depends_on = [helm_release.mongodb, 
kubernetes_secret.mongo_db_password_secret, null_resource.step_ca_issuer_delay,
+                  helm_release.external_dns]
     namespace  = kubernetes_namespace.dlab-namespace.metadata[0].name
     wait       = true
 
diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns.tf
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns.tf
new file mode 100644
index 0000000..3da1568
--- /dev/null
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns.tf
@@ -0,0 +1,35 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# 
******************************************************************************
+
+data "template_file" "external_dns_values" {
+  template = file("./modules/helm_charts/external-dns/values.yaml")
+}
+
+resource "helm_release" "external_dns" {
+    name       = "external-dns"
+    chart      = "./modules/helm_charts/external-dns"
+    namespace  = kubernetes_namespace.dlab-namespace.metadata[0].name
+    wait       = true
+    depends_on = [helm_release.nginx]
+    values     = [
+        data.template_file.step_issuer_values.rendered
+    ]
+}
\ No newline at end of file
diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/.helmignore
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/.helmignore
new file mode 100644
index 0000000..4976779
--- /dev/null
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/.helmignore
@@ -0,0 +1,43 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# 
******************************************************************************
+
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/Chart.yaml
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/Chart.yaml
new file mode 100644
index 0000000..89fe41a
--- /dev/null
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/Chart.yaml
@@ -0,0 +1,26 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# 
******************************************************************************
+
+apiVersion: v1
+appVersion: "1.0"
+description: A Helm chart for Kubernetes
+name: external-dns
+version: 0.1.0
diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/templates/NOTES.txt
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/templates/NOTES.txt
new file mode 100644
index 0000000..58e9f20
--- /dev/null
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/templates/NOTES.txt
@@ -0,0 +1,27 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# 
******************************************************************************
+
+Your release is named {{ .Release.Name }}.
+
+To learn more about the release, try:
+
+  $ helm status {{ .Release.Name }}
+  $ helm get {{ .Release.Name }}
\ No newline at end of file
diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/templates/_helpers.tpl
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/templates/_helpers.tpl
new file mode 100644
index 0000000..91e2a65
--- /dev/null
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/templates/_helpers.tpl
@@ -0,0 +1,65 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# 
******************************************************************************
+{{/* vim: set filetype=mustache: */}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "external-dns.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to 
this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "external-dns.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "external-dns.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | 
trimSuffix "-" -}}
+{{- end -}}
+
+{{/*
+Common labels
+*/}}
+{{- define "external-dns.labels" -}}
+app.kubernetes.io/name: {{ include "external-dns.name" . }}
+helm.sh/chart: {{ include "external-dns.chart" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end -}}
diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/templates/externaldns.yaml
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/templates/externaldns.yaml
new file mode 100644
index 0000000..dc44629
--- /dev/null
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/templates/externaldns.yaml
@@ -0,0 +1,82 @@
+{{- /*
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# 
******************************************************************************
+*/ -}}
+
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: external-dns
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRole
+metadata:
+  name: external-dns
+rules:
+- apiGroups: [""]
+  resources: ["services"]
+  verbs: ["get","watch","list"]
+- apiGroups: [""]
+  resources: ["pods"]
+  verbs: ["get","watch","list"]
+- apiGroups: ["extensions"]
+  resources: ["ingresses"]
+  verbs: ["get","watch","list"]
+- apiGroups: [""]
+  resources: ["nodes"]
+  verbs: ["list"]
+---
+apiVersion: rbac.authorization.k8s.io/v1beta1
+kind: ClusterRoleBinding
+metadata:
+  name: external-dns-viewer
+roleRef:
+  apiGroup: rbac.authorization.k8s.io
+  kind: ClusterRole
+  name: external-dns
+subjects:
+- kind: ServiceAccount
+  name: external-dns
+  namespace: default
+---
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: external-dns
+spec:
+  strategy:
+    type: Recreate
+  template:
+    metadata:
+      labels:
+        app: external-dns
+    spec:
+      serviceAccountName: external-dns
+      containers:
+      - name: external-dns
+        image: registry.opensource.zalan.do/teapot/external-dns:latest
+        args:
+        - --source=ingress
+        - --domain-filter=k8s-gcp.dlabanalytics.com
+        - --provider=google
+        - --google-project=or2-msq-epmc-dlab-t1iylu
+        - --registry=txt
+        - --txt-owner-id=my-identifier
\ No newline at end of file
diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/values.yaml
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/values.yaml
new file mode 100644
index 0000000..b2591c4
--- /dev/null
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/external-dns/values.yaml
@@ -0,0 +1,23 @@
+# *****************************************************************************
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# 
******************************************************************************
+
+replicaCount: 1
+
diff --git 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/keycloak.tf
 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/keycloak.tf
index a5ab90e..8c8eb06 100644
--- 
a/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/keycloak.tf
+++ 
b/infrastructure-provisioning/terraform/gcp/ssn-gke/main/modules/helm_charts/keycloak.tf
@@ -22,7 +22,7 @@
 data "template_file" "configure_keycloak" {
   template = file("./modules/helm_charts/files/configure_keycloak.sh")
   vars     = {
-    ssn_k8s_alb_dns_name   = local.ui_host
+    ssn_k8s_alb_dns_name   = "dlab-ui.k8s-gcp.dlabanalytics.com" # 
local.ui_host
     keycloak_user          = var.keycloak_user
     keycloak_password      = random_string.keycloak_password.result
     keycloak_client_secret = random_uuid.keycloak_client_secret.result
@@ -42,7 +42,7 @@ data "template_file" "keycloak_values" {
   vars = {
     keycloak_user           = var.keycloak_user
     keycloak_password       = random_string.keycloak_password.result
-    ssn_k8s_alb_dns_name    = local.ui_host
+    ssn_k8s_alb_dns_name    = "dlab-ui.k8s-gcp.dlabanalytics.com" # 
local.ui_host
     configure_keycloak_file = data.template_file.configure_keycloak.rendered
     mysql_db_name           = var.mysql_db_name
     mysql_user              = var.mysql_user


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@dlab.apache.org
For additional commands, e-mail: commits-h...@dlab.apache.org

Reply via email to