diff --git a/cluster-applications/000-job-cleaner/templates/04-jobcleaner_CronJob.yaml b/cluster-applications/000-job-cleaner/templates/04-jobcleaner_CronJob.yaml index c0bc4c3a5..3893c523b 100644 --- a/cluster-applications/000-job-cleaner/templates/04-jobcleaner_CronJob.yaml +++ b/cluster-applications/000-job-cleaner/templates/04-jobcleaner_CronJob.yaml @@ -1,7 +1,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- $ns := "job-cleaner" }} diff --git a/cluster-applications/010-redhat-cert-manager/templates/04-postsync-update-sm_Job.yaml b/cluster-applications/010-redhat-cert-manager/templates/04-postsync-update-sm_Job.yaml index 95527f8f5..6c1060cdb 100644 --- a/cluster-applications/010-redhat-cert-manager/templates/04-postsync-update-sm_Job.yaml +++ b/cluster-applications/010-redhat-cert-manager/templates/04-postsync-update-sm_Job.yaml @@ -17,7 +17,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/cluster-applications/020-ibm-dro/templates/08-postsync-update-sm_Job.yaml b/cluster-applications/020-ibm-dro/templates/08-postsync-update-sm_Job.yaml index 41cf2ff9d..5aec5b594 100644 --- a/cluster-applications/020-ibm-dro/templates/08-postsync-update-sm_Job.yaml +++ b/cluster-applications/020-ibm-dro/templates/08-postsync-update-sm_Job.yaml @@ -9,7 +9,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/cluster-applications/021-ibm-dro-cleanup/templates/postdelete-MarketplaceConfigs.yaml b/cluster-applications/021-ibm-dro-cleanup/templates/postdelete-MarketplaceConfigs.yaml index 245a92501..e47ddd82d 100644 --- a/cluster-applications/021-ibm-dro-cleanup/templates/postdelete-MarketplaceConfigs.yaml +++ b/cluster-applications/021-ibm-dro-cleanup/templates/postdelete-MarketplaceConfigs.yaml @@ -2,7 +2,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $job_name := "postdelete-delete-marketplaceconfigs-job" }} diff --git a/cluster-applications/041-cis-compliance-cleanup/templates/postdelete-ProfileBundles.yaml b/cluster-applications/041-cis-compliance-cleanup/templates/postdelete-ProfileBundles.yaml index 0e302a19e..167fc8b72 100644 --- a/cluster-applications/041-cis-compliance-cleanup/templates/postdelete-ProfileBundles.yaml +++ b/cluster-applications/041-cis-compliance-cleanup/templates/postdelete-ProfileBundles.yaml @@ -2,7 +2,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $job_name := "postdelete-delete-profilebundles-job" }} diff --git a/cluster-applications/055-instana-agent-operator/templates/08-CronJob.yaml b/cluster-applications/055-instana-agent-operator/templates/08-CronJob.yaml index c66b78f2b..ca1d80d18 100644 --- a/cluster-applications/055-instana-agent-operator/templates/08-CronJob.yaml +++ b/cluster-applications/055-instana-agent-operator/templates/08-CronJob.yaml @@ -2,7 +2,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} --- diff --git a/cluster-applications/060-custom-sa/templates/04-postsync-update-sm_Job.yaml b/cluster-applications/060-custom-sa/templates/04-postsync-update-sm_Job.yaml index b45a9499b..a205d61b8 100644 --- a/cluster-applications/060-custom-sa/templates/04-postsync-update-sm_Job.yaml +++ b/cluster-applications/060-custom-sa/templates/04-postsync-update-sm_Job.yaml @@ -9,7 +9,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/cluster-applications/200-cluster-promotion/templates/02-cluster-verify_Job.yaml b/cluster-applications/200-cluster-promotion/templates/02-cluster-verify_Job.yaml index ab174f286..34a59fae3 100644 --- a/cluster-applications/200-cluster-promotion/templates/02-cluster-verify_Job.yaml +++ b/cluster-applications/200-cluster-promotion/templates/02-cluster-verify_Job.yaml @@ -7,7 +7,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/cluster-applications/200-cluster-promotion/templates/03-cluster-promoter_Job.yaml b/cluster-applications/200-cluster-promotion/templates/03-cluster-promoter_Job.yaml index b12142197..a236d04ca 100644 --- a/cluster-applications/200-cluster-promotion/templates/03-cluster-promoter_Job.yaml +++ b/cluster-applications/200-cluster-promotion/templates/03-cluster-promoter_Job.yaml @@ -7,7 +7,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/010-ibm-sync-jobs/templates/00-aws-docdb-add-user_Job.yaml b/instance-applications/010-ibm-sync-jobs/templates/00-aws-docdb-add-user_Job.yaml index 8fdcf6e4c..55b7f03d8 100644 --- a/instance-applications/010-ibm-sync-jobs/templates/00-aws-docdb-add-user_Job.yaml +++ b/instance-applications/010-ibm-sync-jobs/templates/00-aws-docdb-add-user_Job.yaml @@ -9,7 +9,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/010-ibm-sync-jobs/templates/01-ibm-mas_suite_certs_Job.yaml b/instance-applications/010-ibm-sync-jobs/templates/01-ibm-mas_suite_certs_Job.yaml index 8ce1c72e3..574703eb1 100644 --- a/instance-applications/010-ibm-sync-jobs/templates/01-ibm-mas_suite_certs_Job.yaml +++ b/instance-applications/010-ibm-sync-jobs/templates/01-ibm-mas_suite_certs_Job.yaml @@ -10,7 +10,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:834dffd4da534c01daea4e0a6d9db7d00a9ad9b18b054cc034985fcaceedeacd" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/010-ibm-sync-jobs/templates/01-ibm-mas_suite_dns_Job.yaml b/instance-applications/010-ibm-sync-jobs/templates/01-ibm-mas_suite_dns_Job.yaml index 7530ab617..863c856d0 100644 --- a/instance-applications/010-ibm-sync-jobs/templates/01-ibm-mas_suite_dns_Job.yaml +++ b/instance-applications/010-ibm-sync-jobs/templates/01-ibm-mas_suite_dns_Job.yaml @@ -9,7 +9,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:834dffd4da534c01daea4e0a6d9db7d00a9ad9b18b054cc034985fcaceedeacd" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/010-ibm-sync-jobs/templates/PostDelete-aws-docdb-remove-user_Job.yaml b/instance-applications/010-ibm-sync-jobs/templates/PostDelete-aws-docdb-remove-user_Job.yaml index 88c9b335c..1d9ae67d6 100644 --- a/instance-applications/010-ibm-sync-jobs/templates/PostDelete-aws-docdb-remove-user_Job.yaml +++ b/instance-applications/010-ibm-sync-jobs/templates/PostDelete-aws-docdb-remove-user_Job.yaml @@ -5,7 +5,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} # Deletes user "masinst_${MAS_INSTANCE_ID}" from docdb an deletes the acc/cluster/instance/mongo#password secret from AWS SM diff --git a/instance-applications/100-ibm-sls/templates/07-postsync-update-sm_Job.yaml b/instance-applications/100-ibm-sls/templates/07-postsync-update-sm_Job.yaml index d17d15dfc..7482ba6db 100644 --- a/instance-applications/100-ibm-sls/templates/07-postsync-update-sm_Job.yaml +++ b/instance-applications/100-ibm-sls/templates/07-postsync-update-sm_Job.yaml @@ -9,7 +9,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/101-ibm-sync-jobs-cp4d/templates/00-ibm-cp4d-presync.yaml b/instance-applications/101-ibm-sync-jobs-cp4d/templates/00-ibm-cp4d-presync.yaml index d9c75a8d1..a0d55d203 100644 --- a/instance-applications/101-ibm-sync-jobs-cp4d/templates/00-ibm-cp4d-presync.yaml +++ b/instance-applications/101-ibm-sync-jobs-cp4d/templates/00-ibm-cp4d-presync.yaml @@ -9,7 +9,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/110-ibm-cp4d-operators/templates/04-ibm-cp4d_prereqs_ops.yaml b/instance-applications/110-ibm-cp4d-operators/templates/04-ibm-cp4d_prereqs_ops.yaml index ab58c798f..265ee372a 100644 --- a/instance-applications/110-ibm-cp4d-operators/templates/04-ibm-cp4d_prereqs_ops.yaml +++ b/instance-applications/110-ibm-cp4d-operators/templates/04-ibm-cp4d_prereqs_ops.yaml @@ -7,7 +7,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/110-ibm-cp4d-operators/templates/04-ibm-cp4d_upg_cleanup.yaml b/instance-applications/110-ibm-cp4d-operators/templates/04-ibm-cp4d_upg_cleanup.yaml index 4bd8398aa..0bbc274b3 100644 --- a/instance-applications/110-ibm-cp4d-operators/templates/04-ibm-cp4d_upg_cleanup.yaml +++ b/instance-applications/110-ibm-cp4d-operators/templates/04-ibm-cp4d_upg_cleanup.yaml @@ -7,7 +7,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/110-ibm-cp4d/templates/03-ibm-cp4d-mcs_patch_sa.yaml b/instance-applications/110-ibm-cp4d/templates/03-ibm-cp4d-mcs_patch_sa.yaml index 49f09ba26..cd90a4cda 100644 --- a/instance-applications/110-ibm-cp4d/templates/03-ibm-cp4d-mcs_patch_sa.yaml +++ b/instance-applications/110-ibm-cp4d/templates/03-ibm-cp4d-mcs_patch_sa.yaml @@ -14,7 +14,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/110-ibm-cp4d/templates/07-ibm-cp4d_patch_zenservice.yaml b/instance-applications/110-ibm-cp4d/templates/07-ibm-cp4d_patch_zenservice.yaml index fa51f3717..65549492f 100644 --- a/instance-applications/110-ibm-cp4d/templates/07-ibm-cp4d_patch_zenservice.yaml +++ b/instance-applications/110-ibm-cp4d/templates/07-ibm-cp4d_patch_zenservice.yaml @@ -8,7 +8,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/110-ibm-cp4d/templates/08-ibm-cp4d-post-verify.yaml b/instance-applications/110-ibm-cp4d/templates/08-ibm-cp4d-post-verify.yaml index 492fde560..0e8a35fdb 100644 --- a/instance-applications/110-ibm-cp4d/templates/08-ibm-cp4d-post-verify.yaml +++ b/instance-applications/110-ibm-cp4d/templates/08-ibm-cp4d-post-verify.yaml @@ -7,7 +7,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/110-ibm-cp4d/templates/09-ibm-cp4d_services_base.yaml b/instance-applications/110-ibm-cp4d/templates/09-ibm-cp4d_services_base.yaml index 870c94c49..6848393d8 100644 --- a/instance-applications/110-ibm-cp4d/templates/09-ibm-cp4d_services_base.yaml +++ b/instance-applications/110-ibm-cp4d/templates/09-ibm-cp4d_services_base.yaml @@ -7,7 +7,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/112-ibm-odh/Chart.yaml b/instance-applications/112-ibm-odh/Chart.yaml new file mode 100644 index 000000000..f2df6fd80 --- /dev/null +++ b/instance-applications/112-ibm-odh/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: ibm-odh +description: IBM ODH +type: application +version: 1.0.0 + +dependencies: +- name: junitreporter + version: 1.0.0 + repository: "file://../../sub-charts/junitreporter/" + condition: junitreporter.devops_mongo_uri != "" \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/README.md b/instance-applications/112-ibm-odh/README.md new file mode 100644 index 000000000..976ceae80 --- /dev/null +++ b/instance-applications/112-ibm-odh/README.md @@ -0,0 +1,3 @@ +IBM ODH +=============================================================================== +Deploy and configure ODH with configurable version \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/01-odh-pipeline-operator-subcription.yaml b/instance-applications/112-ibm-odh/templates/01-odh-pipeline-operator-subcription.yaml new file mode 100644 index 000000000..d197c17cc --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/01-odh-pipeline-operator-subcription.yaml @@ -0,0 +1,16 @@ +--- + +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: {{ .Values.odh_pipeline_name }} + namespace: {{ .Values.odh_pipeline_namespace}} + annotations: + argocd.argoproj.io/sync-wave: "116" +spec: + channel: {{ .Values.odh_pipeline_channel }} + installPlanApproval: {{ .Values.odh_pipeline_installplan }} + name: {{ .Values.odh_pipeline_operatorName }} + source: {{ .Values.odh_pipeline_source }} + sourceNamespace: {{ .Values.odh_pipeline_sourceNamespace }} + diff --git a/instance-applications/112-ibm-odh/templates/02-odh-serverless-subscription.yaml b/instance-applications/112-ibm-odh/templates/02-odh-serverless-subscription.yaml new file mode 100644 index 000000000..5bbb2f4c3 --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/02-odh-serverless-subscription.yaml @@ -0,0 +1,37 @@ +--- + +apiVersion: v1 +kind: Namespace +metadata: + name: {{ .Values.serverless_namespace}} + annotations: + argocd.argoproj.io/sync-wave: "117" + +--- + +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: operatorgroup + namespace: {{ .Values.serverless_namespace}} + annotations: + argocd.argoproj.io/sync-wave: "117" +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: {{ .Values.serverless_operator_name}} + namespace: {{ .Values.serverless_namespace}} + annotations: + argocd.argoproj.io/sync-wave: "118" +spec: + channel: stable + installPlanApproval: Automatic + name: {{ .Values.serverless_operator_name}} + source: {{ .Values.serverless_operator_source}} + sourceNamespace: {{ .Values.serverless_operator_sourceNamespace}} + + + + + diff --git a/instance-applications/112-ibm-odh/templates/03-odh-servicemesh-operator-sa.yaml b/instance-applications/112-ibm-odh/templates/03-odh-servicemesh-operator-sa.yaml new file mode 100644 index 000000000..5d84a8cfc --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/03-odh-servicemesh-operator-sa.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: servicemeshoperator + namespace: openshift-operators + annotations: + argocd.argoproj.io/sync-wave: "118" +spec: + channel: stable + installPlanApproval: Automatic + name: servicemeshoperator + source: redhat-operators + sourceNamespace: openshift-marketplace + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: istio-operator + namespace: openshift-operators + annotations: + argocd.argoproj.io/sync-wave: "119" + diff --git a/instance-applications/112-ibm-odh/templates/04-odh-authorino-operator.yaml b/instance-applications/112-ibm-odh/templates/04-odh-authorino-operator.yaml new file mode 100644 index 000000000..49c2e8280 --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/04-odh-authorino-operator.yaml @@ -0,0 +1,13 @@ +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: authorino-operator + namespace: openshift-operators + annotations: + argocd.argoproj.io/sync-wave: "121" +spec: + channel: stable + name: authorino-operator + source: community-operators + sourceNamespace: openshift-marketplace \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/05-odh-operator-job.yaml b/instance-applications/112-ibm-odh/templates/05-odh-operator-job.yaml new file mode 100644 index 000000000..27e21b4f4 --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/05-odh-operator-job.yaml @@ -0,0 +1,148 @@ +{{- $_job_name_prefix := "installplanpatch" }} + +{{- /* +Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. +Included in $_job_hash (see below). +*/}} +{{- $_cli_image_digest := "sha256:934706a7173d45ea53c3d191afa6d75b4e41d25422e6a3685f1c57d1ddf49a00" }} + +{{- /* +A dict of values that influence the behaviour of the job in some way. +Any changes to values in this dict will trigger a rerun of the job. +Since jobs must be idemopotent, it's generally safe to pass in values here that are not +strictly necessary (i.e. including some values that don't actually influence job behaviour). +We may want to refine this further though for jobs that can take a long time to complete. +Included in $_job_hash (see below). +*/}} +{{- $_job_config_values := omit .Values "junitreporter" }} + +{{- /* +Increment this value whenever you make a change to an immutable field of the Job resource. +E.g. passing in a new environment variable. +Included in $_job_hash (see below). +*/}} +{{- $_job_version := "v3" }} + +{{- /* +10 char hash appended to the job name taking into account $_job_config_values, $_job_version and $_cli_image_digest +This is to ensure ArgoCD will create a new job resource intead of attempting (and failing) to update an +immutable field of any existing Job resource. +*/}} +{{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image_digest $_job_version | adler32sum }} + +{{- $_job_name := join "-" (list $_job_name_prefix $_job_hash )}} + + +{{- /* +Set as the value for the mas.ibm.com/job-cleanup-group label on the Job resource. + +When the auto_delete flag is not set on the root application, a CronJob in the cluster uses this label +to identify old Job resources that should be pruned on behalf of ArgoCD. + +Any Job resources in the same namespace that have the mas.ibm.com/job-cleanup-group with this value +will be considered to belong to the same cleanup group. All but the most recent (i.e. with the latest "creation_timestamp") +Jobs will be automatically deleted. + +$_job_cleanup_group can usually just be based on $_job_name_prefix. There are some special cases +where multiple Jobs are created in our templates using a Helm loop. In those cases, additional descriminators +must be added to $_job_cleanup_group. + +By convention, we sha1sum this value to guarantee we never exceed the 63 char limit regardless of which discriminators +are required here. + +*/}} +{{- $_job_cleanup_group := cat $_job_name_prefix | sha1sum }} + +--- +apiVersion: v1 +kind: Namespace +metadata: + name: {{ .Values.odh_namespace }} + annotations: + argocd.argoproj.io/sync-wave: "122" +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: installplan-approver + namespace: {{ .Values.odh_namespace }} + annotations: + argocd.argoproj.io/sync-wave: "123" +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: installplan-approver + namespace: {{ .Values.odh_namespace }} + annotations: + argocd.argoproj.io/sync-wave: "124" +rules: + - apiGroups: ["operators.coreos.com"] + resources: ["installplans"] + verbs: ["get", "list", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: installplan-approver + namespace: {{ .Values.odh_namespace }} + annotations: + argocd.argoproj.io/sync-wave: "125" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: installplan-approver +subjects: + - kind: ServiceAccount + name: installplan-approver + namespace: {{ .Values.odh_namespace }} +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ $_job_name }}-{{ .Values.odh_operator_version }} + namespace: {{ .Values.odh_namespace }} + annotations: + argocd.argoproj.io/sync-wave: "127" + labels: + mas.ibm.com/job-cleanup-group: {{ $_job_cleanup_group }} +spec: + template: + spec: + serviceAccountName: installplan-approver + containers: + - name: installplanjob + image: quay.io/ibmmas/cli@{{ $_cli_image_digest }} + imagePullPolicy: IfNotPresent + resources: + limits: + cpu: 200m + memory: 512Mi + requests: + cpu: 10m + memory: 64Mi + env: + - name: ODH_NAMESPACE + value: "{{ .Values.odh_namespace }}" + - name: ODH_VERSION + value: "{{ .Values.odh_operator_version }}" + command: + - /bin/sh + - -c + - | + echo "Waiting for InstallPlans to be created..." + sleep 60 + + for i in $(seq 1 20); do + IP=$(oc get installplan -n "${ODH_NAMESPACE}" -o json \ + | jq -r --arg ODH_VERSION "$ODH_VERSION" '.items[] | select(.spec.clusterServiceVersionNames[] == $ODH_VERSION) | .metadata.name') + + if [ "$IP" ]; then + echo "Approving InstallPlan for ODH: $IP" + oc patch installplan $IP -n ${ODH_NAMESPACE} --type merge --patch '{"spec":{"approved":true}}' + break + fi + echo "InstallPlan not found. Retry $i..." + sleep 15 + done + restartPolicy: OnFailure \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/05-odh-operator-subcription.yaml b/instance-applications/112-ibm-odh/templates/05-odh-operator-subcription.yaml new file mode 100644 index 000000000..1494b2672 --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/05-odh-operator-subcription.yaml @@ -0,0 +1,23 @@ +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: {{ .Values.opendatahub_OperatorGroup_name}} + namespace: {{ .Values.opendatahub_namespace}} + annotations: + argocd.argoproj.io/sync-wave: "126" +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: {{ .Values.opendatahub_name}} + namespace: {{ .Values.opendatahub_namespace}} + annotations: + argocd.argoproj.io/sync-wave: "127" +spec: + channel: {{ .Values.opendatahub_channel}} + installPlanApproval: {{ .Values.opendatahub_installPlanApproval}} + name: {{ .Values.opendatahub_name}} + source: {{ .Values.opendatahub_source}} + sourceNamespace: {{ .Values.opendatahub__sourceNamespace}} + startingCSV: {{ .Values.odh_operator_version }} \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/06-odh-namespace.yaml b/instance-applications/112-ibm-odh/templates/06-odh-namespace.yaml new file mode 100644 index 000000000..5e49909bb --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/06-odh-namespace.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "128" + diff --git a/instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml b/instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml new file mode 100644 index 000000000..2ceb316ab --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml @@ -0,0 +1,11 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Values.mas_aibroker_db_secret_name }}" + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "129" +type: Opaque +stringData: + password: "{{ .Values.mas_aibroker_db_secret_value }}" diff --git a/instance-applications/112-ibm-odh/templates/08-odh-dsc-init.yaml b/instance-applications/112-ibm-odh/templates/08-odh-dsc-init.yaml new file mode 100644 index 000000000..2d748dbdc --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/08-odh-dsc-init.yaml @@ -0,0 +1,33 @@ +--- +apiVersion: dscinitialization.opendatahub.io/v1 +kind: DSCInitialization +metadata: + annotations: + argocd.argoproj.io/sync-wave: "130" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + finalizers: + - dscinitialization.opendatahub.io/finalizer + labels: + app.kubernetes.io/created-by: opendatahub-operator + app.kubernetes.io/instance: default + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: dscinitialization + app.kubernetes.io/part-of: opendatahub-operator + name: default-dsci +spec: + applicationsNamespace: "{{ .Values.odh_namespace }}" + monitoring: + managementState: Managed + namespace: "{{ .Values.odh_namespace }}" + serviceMesh: + auth: + audiences: + - 'https://kubernetes.default.svc' + controlPlane: + metricsCollection: Istio + name: data-science-smcp + namespace: istio-system + managementState: Managed + trustedCABundle: + customCABundle: '' + managementState: Managed \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/09-odh-data-science-cluster.yaml b/instance-applications/112-ibm-odh/templates/09-odh-data-science-cluster.yaml new file mode 100644 index 000000000..f78f04c59 --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/09-odh-data-science-cluster.yaml @@ -0,0 +1,26 @@ +--- +kind: DataScienceCluster +apiVersion: datasciencecluster.opendatahub.io/v1 +metadata: + annotations: + argocd.argoproj.io/sync-wave: "131" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + labels: + app.kubernetes.io/created-by: opendatahub-operator + app.kubernetes.io/instance: default + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: datasciencecluster + app.kubernetes.io/part-of: opendatahub-operator + name: default-dsc +spec: + components: + datasciencepipelines: + managementState: Managed + kserve: + managementState: Managed + serving: + ingressGateway: + certificate: + type: SelfSigned + managementState: Managed + name: knative-serving \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/10-odh-dspa-aws.yaml b/instance-applications/112-ibm-odh/templates/10-odh-dspa-aws.yaml new file mode 100644 index 000000000..b33c0152a --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/10-odh-dspa-aws.yaml @@ -0,0 +1,53 @@ +--- +{{- if eq .Values.mas_aibroker_storage_provider "aws" }} +apiVersion: v1 +kind: Secret +metadata: + name: ds-pipeline-s3-instance + namespace: "{{ .Values.aibroker_namespace }}" + labels: + opendatahub.io/dashboard: 'false' + opendatahub.io/managed: 'true' + annotations: + opendatahub.io/connection-type: s3 + openshift.io/display-name: AWS S3 Connection + argocd.argoproj.io/sync-wave: "132" +stringData: + accesskey: "{{ .Values.mas_aibroker_storage_accesskey }}" + secretkey: "{{ .Values.mas_aibroker_storage_secretkey }}" + host: "{{ .Values.mas_aibroker_storage_host }}" + region: "{{ .Values.mas_aibroker_storage_region }}" + ssl: "{{ .Values.mas_aibroker_storage_ssl }}" +--- +apiVersion: datasciencepipelinesapplications.opendatahub.io/v1alpha1 +kind: DataSciencePipelinesApplication +metadata: + name: instance + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "132" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + dspVersion: v1 + database: + disableHealthCheck: true + customExtraParams: '{"tls":"false"}' + externalDB: + host: "{{ .Values.mas_aibroker_db_host }}" + port: "{{ .Values.mas_aibroker_db_port }}" + username: "{{ .Values.mas_aibroker_db_user }}" + pipelineDBName: "{{ .Values.mas_aibroker_db_database }}" + passwordSecret: + name: "{{ .Values.mas_aibroker_db_secret_name }}" + key: password + objectStorage: + disableHealthCheck: true + externalStorage: + host: "{{ .Values.mas_aibroker_storage_host }}" + bucket: "{{ .Values.mas_aibroker_storage_pipelines_bucket }}" + s3CredentialsSecret: + accessKey: accesskey + secretKey: secretkey + secretName: ds-pipeline-s3-instance + scheme: https +{{- end }} \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/10-odh-dspa-local.yaml b/instance-applications/112-ibm-odh/templates/10-odh-dspa-local.yaml new file mode 100644 index 000000000..86193c624 --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/10-odh-dspa-local.yaml @@ -0,0 +1,21 @@ +--- +{{- if eq .Values.mas_aibroker_storage_provider "local" }} +apiVersion: datasciencepipelinesapplications.opendatahub.io/v1alpha1 +kind: DataSciencePipelinesApplication +metadata: + name: instance + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "132" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + database: + disableHealthCheck: true + objectStorage: + disableHealthCheck: true + minio: + deploy: true + image: 'quay.io/minio/minio' + pvcSize: 40Gi + storageClassName: "{{ .Values.primary_storage_class }}" +{{- end }} \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/10-odh-dspa-minio.yaml b/instance-applications/112-ibm-odh/templates/10-odh-dspa-minio.yaml new file mode 100644 index 000000000..1a91dbb42 --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/10-odh-dspa-minio.yaml @@ -0,0 +1,57 @@ +{{- if eq .Values.mas_aibroker_storage_provider "minio" }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: ds-pipeline-s3-instance + namespace: "{{ .Values.aibroker_namespace }}" + labels: + opendatahub.io/dashboard: "false" + opendatahub.io/managed: "true" + annotations: + argocd.argoproj.io/sync-wave: "132" + opendatahub.io/connection-type: s3 + openshift.io/display-name: Minio Data Connection +stringData: + accesskey: "{{ .Values.mas_aibroker_storage_accesskey }}" + secretkey: "{{ .Values.mas_aibroker_storage_secretkey }}" + host: "{{ .Values.mas_aibroker_storage_host }}" + port: "{{ .Values.mas_aibroker_storage_port }}" + ssl: "false" + #ssl: "{{ .Values.mas_aibroker_storage_ssl }}" +--- +apiVersion: datasciencepipelinesapplications.opendatahub.io/v1alpha1 +kind: DataSciencePipelinesApplication +metadata: + name: instance + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "133" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + dspVersion: v1 + database: + disableHealthCheck: true + customExtraParams: '{"tls":"false"}' + externalDB: + host: "{{ .Values.mas_aibroker_db_host }}" + port: "{{ .Values.mas_aibroker_db_port }}" + username: "{{ .Values.mas_aibroker_db_user }}" + pipelineDBName: "{{ .Values.mas_aibroker_db_database }}" + passwordSecret: + name: "{{ .Values.mas_aibroker_db_secret_name }}" + key: password + + objectStorage: + disableHealthCheck: true + externalStorage: + host: "{{ .Values.mas_aibroker_storage_host }}" + port: "{{ .Values.mas_aibroker_storage_port }}" + bucket: "{{ .Values.mas_aibroker_storage_pipelines_bucket }}" + s3CredentialsSecret: + accessKey: accesskey + secretKey: secretkey + secretName: ds-pipeline-s3-instance + scheme: http + +{{- end }} \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/11-odh.yaml b/instance-applications/112-ibm-odh/templates/11-odh.yaml new file mode 100644 index 000000000..6c4f6b94a --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/11-odh.yaml @@ -0,0 +1,189 @@ +{{- $_job_name_prefix := "odh-sa-patch-job-v1" }} + +{{- /* +Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. +Included in $_job_hash (see below). +*/}} +{{- $_cli_image_digest := "sha256:934706a7173d45ea53c3d191afa6d75b4e41d25422e6a3685f1c57d1ddf49a00" }} + +{{- /* +A dict of values that influence the behaviour of the job in some way. +Any changes to values in this dict will trigger a rerun of the job. +Since jobs must be idemopotent, it's generally safe to pass in values here that are not +strictly necessary (i.e. including some values that don't actually influence job behaviour). +We may want to refine this further though for jobs that can take a long time to complete. +Included in $_job_hash (see below). +*/}} +{{- $_job_config_values := omit .Values "junitreporter" }} + +{{- /* +Increment this value whenever you make a change to an immutable field of the Job resource. +E.g. passing in a new environment variable. +Included in $_job_hash (see below). +*/}} +{{- $_job_version := "v3" }} + +{{- /* +10 char hash appended to the job name taking into account $_job_config_values, $_job_version and $_cli_image_digest +This is to ensure ArgoCD will create a new job resource intead of attempting (and failing) to update an +immutable field of any existing Job resource. +*/}} +{{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image_digest $_job_version | adler32sum }} + +{{- $_job_name := join "-" (list $_job_name_prefix $_job_hash )}} + + +{{- /* +Set as the value for the mas.ibm.com/job-cleanup-group label on the Job resource. + +When the auto_delete flag is not set on the root application, a CronJob in the cluster uses this label +to identify old Job resources that should be pruned on behalf of ArgoCD. + +Any Job resources in the same namespace that have the mas.ibm.com/job-cleanup-group with this value +will be considered to belong to the same cleanup group. All but the most recent (i.e. with the latest "creation_timestamp") +Jobs will be automatically deleted. + +$_job_cleanup_group can usually just be based on $_job_name_prefix. There are some special cases +where multiple Jobs are created in our templates using a Helm loop. In those cases, additional descriminators +must be added to $_job_cleanup_group. + +By convention, we sha1sum this value to guarantee we never exceed the 63 char limit regardless of which discriminators +are required here. + +*/}} +{{- $_job_cleanup_group := cat $_job_name_prefix | sha1sum }} + + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: odh-sa + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "135" + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: patch-serviceaccount-role + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "136" +rules: + - apiGroups: [""] + resources: ["serviceaccounts"] + verbs: ["get", "patch"] + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: patch-serviceaccount-binding + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "137" +subjects: + - kind: ServiceAccount + name: odh-sa + namespace: "{{ .Values.aibroker_namespace }}" +roleRef: + kind: Role + name: patch-serviceaccount-role + apiGroup: rbac.authorization.k8s.io + + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: odh-sa-knative-patch-role + namespace: knative-serving + annotations: + argocd.argoproj.io/sync-wave: "136" +rules: + - apiGroups: [""] + resources: ["configmaps"] + verbs: ["get", "patch"] + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: odh-sa-knative-patch-binding + namespace: knative-serving + annotations: + argocd.argoproj.io/sync-wave: "137" +subjects: + - kind: ServiceAccount + name: odh-sa + namespace: "{{ .Values.aibroker_namespace }}" # Still referencing from your values +roleRef: + kind: Role + name: odh-sa-knative-patch-role + apiGroup: rbac.authorization.k8s.io + +--- +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ $_job_name }}-{{ omit .Values "junitreporter" | toYaml | adler32sum }} + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "138" + labels: + mas.ibm.com/job-cleanup-group: {{ $_job_cleanup_group }} +spec: + template: + spec: + containers: + - name: run + image: quay.io/ibmmas/cli@{{ $_cli_image_digest }} + imagePullPolicy: IfNotPresent + resources: + limits: + cpu: 200m + memory: 512Mi + requests: + cpu: 10m + memory: 64Mi + env: + - name: AIBROKER_NAMESPACE + value: "{{ .Values.aibroker_namespace }}" + command: + - /bin/sh + - -c + - | + set -e + echo + echo "================================================================================" + echo "Provide ibm-entitlement-key image pull secret for 'pipeline-runner-instance' service accounts" + echo "================================================================================" + echo + + sleep 60 + + RESOURCE_NAME=$(oc get serviceaccount pipeline-runner-instance -n ${AIBROKER_NAMESPACE} -o=jsonpath="{.metadata.name}" --ignore-not-found) + if [[ -n "${RESOURCE_NAME}" ]]; then + echo "Patching 'pipeline-runner-instance' sa..." + oc patch serviceaccount pipeline-runner-instance -n ${AIBROKER_NAMESPACE} --type='merge' -p '{"imagePullSecrets":[{"name":"ibm-entitlement"}]}' + else + echo "'pipeline-runner-instance' service account not found." + fi + + echo + echo "================================================================================" + echo "Patching config-features in knative-serving" + echo "================================================================================" + echo + + oc patch --namespace knative-serving configmap/config-features --type merge --patch '{"data":{"kubernetes.podspec-persistent-volume-claim":"enabled", "kubernetes.podspec-persistent-volume-write":"enabled"}}' + + echo "Finished patching config-features in knative-serving" + + restartPolicy: Never + serviceAccountName: odh-sa + automountServiceAccountToken: true + dnsPolicy: ClusterFirst + backoffLimit: 3 diff --git a/instance-applications/112-ibm-odh/values.yaml b/instance-applications/112-ibm-odh/values.yaml new file mode 100644 index 000000000..0bf0aef87 --- /dev/null +++ b/instance-applications/112-ibm-odh/values.yaml @@ -0,0 +1,67 @@ +--- +openshift_namespace: "openshift-operators" +odh_pipeline_channel: "latest" +odh_pipeline_installplan: "Automatic" +odh_namespace: "opendatahub" +service_mesh_namespace: "openshift-operators" +service_mesh_channel: "stable" +service_mesh_catalog_source: "redhat-operators" +service_mesh_sourceNamespace: "openshift-marketplace" +serverless_channel: "stable" +authorino_catalog_source: "community-operators" +odh_channel: "fast" +odh_catalog_source: "community-operators" +odh_operator_version: "opendatahub-operator.v2.19.0" +#Odh_Pipeline_operator +odh_pipeline_name: "openshift-pipelines-operator" +odh_pipeline_namespace: "openshift-operators" +odh_pipeline_operatorName: "openshift-pipelines-operator-rh" +odh_pipeline_source: "redhat_operators" +odh_pipeline_sourceNamespace: "openshift_marketplace" + +#Serverless Operator +serverless_namespace: "openshift-serverless" +serverless_operator_name: "serverless-operator" +serverless_operator_source: "redhat-operators" +serverless_operator_sourceNamespace: "openshift-marketplace" + +#opendatahub Operator +opendatahub_OperatorGroup_name: "opendatahub-operator-group" +opendatahub_name: "opendatahub-operator" +opendatahub_namespace: "opendatahub" +opendatahub_installPlanApproval: "Manual" +opendatahub_channel: "fast" +opendatahub_source: "community-operators" +opendatahub__sourceNamespace: "openshift-marketplace" + + + +namespace: "openshift-operators" +channel: "latest" +operatorName: "openshift-pipelines-operator-rh" +source: "redhat_operators" +sourceNamespace: "openshift_marketplace" + +aibroker_namespace: "mas_sremat_aibroker" +pull_secret_name: "ibm_entitlement" +# Storage vars +mas_aibroker_storage_provider: "aws" +mas_aibroker_storage_accesskey: "aibroker_storage_accesskey" +mas_aibroker_storage_secretkey: "aibroker_storage_secretkey" +mas_aibroker_storage_host: "mas_aibroker_storage_host" +mas_aibroker_storage_port: "mas_aibroker_storage_port" +mas_aibroker_storage_ssl: "mas_aibroker_storage_ssl" +mas_aibroker_storage_region: "mas_aibroker_storage_region" + +# MariaDB +mas_aibroker_db_host: "mas_aibroker_db_host" +mas_aibroker_db_port: "mas_aibroker_db_port" +mas_aibroker_db_user: "mas_aibroker_db_user" +mas_aibroker_db_database: "mas_aibroker_db_database" + +mas_aibroker_db_secret_key: "mas_aibroker_db_secret_key" +mas_aibroker_db_secret_name: "mas_aibroker_db_secret_name" +mas_aibroker_db_secret_value: "mas_aibroker_db_secret_value" + +mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" +primary_storage_class: "defaultStorageClasses" #"{{ defaultStorageClasses.rwx }}" diff --git a/instance-applications/113-ibm-aibroker/Chart.yaml b/instance-applications/113-ibm-aibroker/Chart.yaml new file mode 100644 index 000000000..71dc3d654 --- /dev/null +++ b/instance-applications/113-ibm-aibroker/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: ibm-aibroker +description: IBM AIBROKER +type: application +version: 1.0.0 + +dependencies: +- name: junitreporter + version: 1.0.0 + repository: "file://../../sub-charts/junitreporter/" + condition: junitreporter.devops_mongo_uri != "" \ No newline at end of file diff --git a/instance-applications/113-ibm-aibroker/README.md b/instance-applications/113-ibm-aibroker/README.md new file mode 100644 index 000000000..1c94d6fd6 --- /dev/null +++ b/instance-applications/113-ibm-aibroker/README.md @@ -0,0 +1,3 @@ +IBM AIBROKER +=============================================================================== +Deploy and configure AIBROKER with configurable version \ No newline at end of file diff --git a/instance-applications/113-ibm-aibroker/templates/01-aibroker-storage-secret.yaml b/instance-applications/113-ibm-aibroker/templates/01-aibroker-storage-secret.yaml new file mode 100644 index 000000000..5acd302d2 --- /dev/null +++ b/instance-applications/113-ibm-aibroker/templates/01-aibroker-storage-secret.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Values.mas_aibroker_storage_secret }}" + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "140" +stringData: + username: "{{ .Values.mas_aibroker_storage_accesskey }}" + password: "{{ .Values.mas_aibroker_storage_secretkey }}" +type: Opaque \ No newline at end of file diff --git a/instance-applications/113-ibm-aibroker/templates/02-aibroker-mariadb-secret.yaml b/instance-applications/113-ibm-aibroker/templates/02-aibroker-mariadb-secret.yaml new file mode 100644 index 000000000..7d698bfd6 --- /dev/null +++ b/instance-applications/113-ibm-aibroker/templates/02-aibroker-mariadb-secret.yaml @@ -0,0 +1,12 @@ +--- +kind: Secret +apiVersion: v1 +metadata: + name: "{{ .Values.mas_aibroker_mariadb_secret }}" + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "141" +stringData: + username: "{{ .Values.mas_aibroker_db_user }}" + password: "{{ .Values.mas_aibroker_db_secret_value }}" +type: Opaque diff --git a/instance-applications/113-ibm-aibroker/templates/06-aibroker-dro.yaml b/instance-applications/113-ibm-aibroker/templates/06-aibroker-dro.yaml new file mode 100644 index 000000000..19bc09002 --- /dev/null +++ b/instance-applications/113-ibm-aibroker/templates/06-aibroker-dro.yaml @@ -0,0 +1,25 @@ +--- +kind: Secret +apiVersion: v1 +metadata: + name: "{{ .Values.mas_aibroker_dro_token_secret }}" + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "143" +stringData: + DRO_TOKEN: "{{ .Values.drocfg_registration_key }}" +type: Opaque + +--- +kind: Secret +apiVersion: v1 +metadata: + name: "{{ .Values.mas_aibroker_dro_cacert_secret }}" + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "144" +stringData: + ca.crt: "{{ .Values.drocfg_ca }}" +type: Opaque + + diff --git a/instance-applications/113-ibm-aibroker/templates/07-aibroker-jdbc.yaml b/instance-applications/113-ibm-aibroker/templates/07-aibroker-jdbc.yaml new file mode 100644 index 000000000..5a1a41a73 --- /dev/null +++ b/instance-applications/113-ibm-aibroker/templates/07-aibroker-jdbc.yaml @@ -0,0 +1,15 @@ +--- +kind: Secret +apiVersion: v1 +metadata: + name: "aibroker-jdbccfg" + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "145" +stringData: + username: "{{ .Values.jdbccfg_username }}" + password: "{{ .Values.jdbccfg_password }}" + url: "{{ .Values.jdbccfg_url }}" + sslenabled: "{{ .Values.jdbccfg_sslenabled }}" + certificate: "{{ .Values.jdbccfg_ca }}" +type: Opaque \ No newline at end of file diff --git a/instance-applications/113-ibm-aibroker/templates/08-aibroker-operator-subscription.yaml b/instance-applications/113-ibm-aibroker/templates/08-aibroker-operator-subscription.yaml new file mode 100644 index 000000000..381fb5867 --- /dev/null +++ b/instance-applications/113-ibm-aibroker/templates/08-aibroker-operator-subscription.yaml @@ -0,0 +1,40 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: ibm-entitlement + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "146" +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: "{{ .Values.artifactory_token}}" + +--- +apiVersion: operators.coreos.com/v1 +kind: OperatorGroup +metadata: + name: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "147" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + targetNamespaces: + - "{{ .Values.aibroker_namespace }}" + +--- +apiVersion: operators.coreos.com/v1alpha1 +kind: Subscription +metadata: + name: ibm-mas-aibroker + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "148" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + channel: "{{ .Values.mas_app_channel }}" + installPlanApproval: Automatic + name: ibm-mas-aibroker + source: "{{ .Values.mas_catalog_source }}" + sourceNamespace: openshift-marketplace \ No newline at end of file diff --git a/instance-applications/113-ibm-aibroker/templates/09-aibroker-app.yaml b/instance-applications/113-ibm-aibroker/templates/09-aibroker-app.yaml new file mode 100644 index 000000000..08cf58b16 --- /dev/null +++ b/instance-applications/113-ibm-aibroker/templates/09-aibroker-app.yaml @@ -0,0 +1,47 @@ +--- +apiVersion: apps.mas.ibm.com/v1 +kind: AiBrokerApp +metadata: + name: "{{ .Values.aibroker_instance_id }}" + namespace: "{{ .Values.aibroker_namespace }}" + labels: + mas.ibm.com/applicationId: aibroker + mas.ibm.com/instanceId: "{{ .Values.aibroker_instance_id }}" + app.kubernetes.io/instance: "{{ .Values.aibroker_instance_id }}" + annotations: + argocd.argoproj.io/sync-wave: "149" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + settings: + icr: + cp: "{{ .Values.mas_icr_cp }}" + cpopen: "{{ .Values.mas_icr_cpopen }}" + dro: + url: "{{ .Values.drocfg_url }}" + dro_token_secret: "{{ .Values.drocfg_registration_key }}" + ca: "{{ .Values.drocfg_ca_tenant }}" + jdbc: + url: "{{ .Values.jdbccfg_url }}" + credentials_secret: "{{ .Values.mas_aibroker_db2_jdbc_secret }}" + ca: "{{ .Values.jdbccfg_ca }}" + cluster_domain: "{{ .Values.cluster_domain }}" + in_saas_env: "{{ .Values.in_saas_env }}" + is_external_route: "{{ .Values.is_external_route }}" + + minio: + host: "{{ .Values.mas_aibroker_storage_host }}" + port: "{{ .Values.mas_aibroker_storage_port }}" + credentials_secret: "{{ .Values.mas_aibroker_storage_secret }}" + mariadb: + host: "{{ .Values.mas_aibroker_db_host }}" + port: "{{ .Values.mas_aibroker_db_port }}" + credentials_secret: "{{ .Values.mas_aibroker_mariadb_secret }}" + database_name: "{{ .Values.mas_aibroker_db_secret_name }}" + # Optional shared S3 config. Tenant-level config takes precedence over this + # + s3: + bucketPrefix: "{{ .Values.mas_aibroker_s3_bucket_prefix }}" + region: "{{ .Values.mas_aibroker_s3_region }}" + endpointUrl: "{{ .Values.mas_aibroker_s3_endpoint_url }}" + environment_type: "{{ .Values.environment_type }}" + use_aws_db2: true \ No newline at end of file diff --git a/instance-applications/113-ibm-aibroker/values.yaml b/instance-applications/113-ibm-aibroker/values.yaml new file mode 100644 index 000000000..543a0e723 --- /dev/null +++ b/instance-applications/113-ibm-aibroker/values.yaml @@ -0,0 +1,85 @@ +--- +mas_instance_id: "sremat" +aibroker_namespace: 'mas-{{ mas_instance_id }}-aibroker' +aibroker_instance_id: "AIBROKER_INSTANCE_ID" + +# Minio +mas_aibroker_minio_secret: "{{ mas_app_id }}-miniocfg" + +# MariaDB +mas_aibroker_mariadb_secret: "{{ mas_app_id }}-mariadbcfg" +mas_aibroker_db_user: "MAS_AIBROKER_DB_USER" +mas_aibroker_db_secret_value: "MAS_AIBROKER_DB_SECRET_VALUE" + +# WatsonX +mas_aibroker_watsonx_secret: "{{ mas_app_id }}-watsonxcfg" +mas_aibroker_watsonxai_apikey: "MAS_AIBROKER_WATSONXAI_APIKEY" +mas_aibroker_watsonxai_url: "MAS_AIBROKER_WATSONXAI_URL" +mas_aibroker_watsonxai_project_id: "MAS_AIBROKER_WATSONXAI_PROJECT_ID" + + +# S3 +s3_apikey: "S3_APIKEY" +mas_aibroker_storage_accesskey: "true" +mas_aibroker_storage_secretkey: "MAS_AIBROKER_STORAGE_SECRETKEY" + +mas_aibroker_storage_host: "true" +mas_aibroker_storage_port: "true" + +# SLS +mas_aibroker_sls_registration_key_secret: "sls-registration-key" + + +mas_aibroker_db_host: "MAS_AIBROKER_DB_HOST" +mas_aibroker_db_port: "MAS_AIBROKER_DB_PORT" +mas_aibroker_db_secret_name: "MAS_AIBROKER_DB_SECRET_NAME" + +# Bucket names +mas_aibroker_storage_pipelines_bucket: "MAS_AIBROKER_STORAGE_PIPELINES_BUCKET" +mas_aibroker_storage_tenants_bucket: "MAS_AIBROKER_STORAGE_TENANTS_BUCKET" +mas_aibroker_storage_templates_bucket: "MAS_AIBROKER_STORAGE_TEMPLATES_BUCKET" + +slscfg_registration_key: "slscfg_registration_key" + +# DRO +mas_aibroker_dro_token_secret: "dro-token" +mas_aibroker_dro_cacert_secret: "dro-certificates" + +drocfg_ca: "ca.crt" +drocfg_registration_key: "DRO_TOKEN" +drocfg_url: "drocfg_url" + +# JDBC +mas_aibroker_db2_jdbc_secret: "aibroker-jdbccfg" + +jdbccfg_username: "username" +jdbccfg_password: "password" +jdbccfg_url: "url" +jdbccfg_sslenabled: "sslenabled" +jdbccfg_ca: "ca" + + +# MAS Entitlement +mas_entitlement_username: "cp" +mas_entitlement_key: "MAS_ENTITLEMENT_KEY" + +# Development Registry Entitlement +artifactory_username: "ARTIFACTORY_USERNAME" +artifactory_token: "ARTIFACTORY_TOKEN" + +# Environment Variable: +mas_app_channel: "mas_app_channel" + +# aibroker vars +mas_catalog_source: "MAS_CATALOG_SOURCE" + +# Source container registry +# ----------------------------------------------------------------------------- +mas_icr_cp: "cp.icr.io/cp" +mas_icr_cpopen: "icr.io/cpopen" + +cluster_domain: "_cluster_dns.resources[0].spec.baseDomain" +in_saas_env: "false" + +#TENANT +mas_aibroker_tenant_name: "aibroker-{{ mas_aibroker_tenant_name }}" \ No newline at end of file diff --git a/instance-applications/114-ibm-kmodels/Chart.yaml b/instance-applications/114-ibm-kmodels/Chart.yaml new file mode 100644 index 000000000..21648d971 --- /dev/null +++ b/instance-applications/114-ibm-kmodels/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: ibm-kmodels +description: IBM KMODELS +type: application +version: 1.0.0 + +dependencies: +- name: junitreporter + version: 1.0.0 + repository: "file://../../sub-charts/junitreporter/" + condition: junitreporter.devops_mongo_uri != "" \ No newline at end of file diff --git a/instance-applications/114-ibm-kmodels/README.md b/instance-applications/114-ibm-kmodels/README.md new file mode 100644 index 000000000..07e700255 --- /dev/null +++ b/instance-applications/114-ibm-kmodels/README.md @@ -0,0 +1,3 @@ +IBM Kmodel +=============================================================================== +Deploy and configure kmodel with configurable version \ No newline at end of file diff --git a/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml b/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml new file mode 100644 index 000000000..19481a32a --- /dev/null +++ b/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml @@ -0,0 +1,36 @@ +--- +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: km-s3-secret + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "161" + {{- if eq .Values.mas_aibroker_storage_provider "aws" }} + serving.kserve.io/s3-endpoint: "{{ .Values.mas_aibroker_storage_host }}" + {{- else if eq .Values.mas_aibroker_storage_provider "minio" }} + serving.kserve.io/s3-endpoint: "{{ .Values.mas_aibroker_storage_host }}:{{ .Values.mas_aibroker_storage_port }}" + {{- end }} + {{- if eq .Values.mas_aibroker_storage_ssl "false" }} + serving.kserve.io/s3-usehttps: "0" + {{- else }} + serving.kserve.io/s3-usehttps: "1" + {{- end }} + {{- if and (eq .Values.mas_aibroker_storage_provider "minio") (not .Values.mas_aibroker_storage_region | empty) }} + serving.kserve.io/s3-region: "{{ .Values.mas_aibroker_storage_region }}" + {{- end }} +stringData: + AWS_ACCESS_KEY_ID: "{{ .Values.mas_aibroker_storage_accesskey}}" + AWS_SECRET_ACCESS_KEY: "{{ .Values.mas_aibroker_storage_secretkey}}" + S3_ACCESS_KEY: "{{ .Values.mas_aibroker_storage_accesskey}}" + S3_SECRET_KEY: "{{ .Values.mas_aibroker_storage_secretkey}}" + S3_HOST: "{{ .Values.mas_aibroker_storage_host}}" + {{- if eq .Values.mas_aibroker_storage_provider "minio" }} + S3_PORT: "{{ .Values.mas_aibroker_storage_port}}" + {{- else }} + S3_PORT: "" + {{- end }} + S3_REGION: "{{ .Values.mas_aibroker_storage_region}}" + S3_SSL: "{{ .Values.mas_aibroker_storage_ssl}}" + diff --git a/instance-applications/114-ibm-kmodels/templates/03-kmodel-istio.yaml b/instance-applications/114-ibm-kmodels/templates/03-kmodel-istio.yaml new file mode 100644 index 000000000..1ba455fc6 --- /dev/null +++ b/instance-applications/114-ibm-kmodels/templates/03-kmodel-istio.yaml @@ -0,0 +1,50 @@ +--- +apiVersion: security.istio.io/v1beta1 +kind: PeerAuthentication +metadata: + name: default + namespace: opendatahub + annotations: + argocd.argoproj.io/sync-wave: "139" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + mtls: + mode: PERMISSIVE + +--- + +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: ds-pipeline-instance + namespace: opendatahub + annotations: + argocd.argoproj.io/sync-wave: "162" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + host: ds-pipeline-instance.opendatahub.svc.cluster.local + trafficPolicy: + portLevelSettings: + - port: + number: 8888 + tls: + mode: DISABLE + +--- + +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: minio-instance + namespace: opendatahub + annotations: + argocd.argoproj.io/sync-wave: "163" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + host: minio-instance.opendatahub.svc.cluster.local + trafficPolicy: + portLevelSettings: + - port: + number: 9000 + tls: + mode: DISABLE diff --git a/instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml b/instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml new file mode 100644 index 000000000..d2edfaacb --- /dev/null +++ b/instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml @@ -0,0 +1,43 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: km-instance + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "164" +spec: + podSelector: + matchLabels: + kmodels: instance + part-of: kmodels + policyTypes: + - Ingress + ingress: + - ports: + - port: 3000 + - port: 8443 + +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + name: ds-pipelines-km-instance + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "165" +spec: + podSelector: + matchLabels: + app: ds-pipeline-instance + component: data-science-pipelines + ingress: + - ports: + - protocol: TCP + port: 8888 + from: + - podSelector: + matchLabels: + app: km-controller + policyTypes: + - Ingress diff --git a/instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml b/instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml new file mode 100644 index 000000000..6efdbe42d --- /dev/null +++ b/instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml @@ -0,0 +1,126 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: km-store + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "169" + labels: + app: km-store +data: + STORE_BUCKET: "{{ .Values.mas_aibroker_storage_templates_bucket }}" + # Certificate files folder (default: /etc/ssl/certs) + CERTS_PATH: "/etc/ssl/certs" + # Private key (default: tls.key) + CERT_PRIVATE_KEY: "tls.key" + # Public certificate (default: tls.crt) + CERT_PUBLIC_CERTIFICATE: "tls.crt" + # Set to true to enable https server (default: true) + SUPPORT_HTTPS: "true" + +--- +apiVersion: v1 +kind: Service +metadata: + name: km-store + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "170" +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + app: km-store + type: ClusterIP + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: km-store + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "171" + labels: + app: km-store + component: store + kmodels: instance + part-of: kmodels +spec: + replicas: 1 + selector: + matchLabels: + app: km-store + kmodels: instance + part-of: kmodels + template: + metadata: + labels: + app: km-store + component: store + kmodels: instance + part-of: kmodels + spec: + restartPolicy: Always + volumes: + - name: ssh-key + secret: + secretName: "{{ .Values.aibroker_internal_tls }}" + - name: workspace-volume + emptyDir: {} + imagePullSecrets: + - name: "{{ .Values.pullSecretName }}" + containers: + - name: store + image: "{{ .Values.image_store }}" + imagePullPolicy: Always + securityContext: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + privileged: false + runAsNonRoot: true + capabilities: + drop: + - ALL + ports: + - name: http + containerPort: 3000 + - name: https + containerPort: 8443 + envFrom: + - configMapRef: + name: km-store + - secretRef: + name: km-s3-secret + resources: + requests: + memory: "64Mi" + cpu: "50m" + ephemeral-storage: "1Gi" + limits: + memory: "256Mi" + cpu: "100m" + ephemeral-storage: "2Gi" + livenessProbe: + httpGet: + path: /version + port: 8443 + scheme: HTTPS + initialDelaySeconds: 15 + periodSeconds: 500 + readinessProbe: + httpGet: + path: /version + port: 8443 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 500 + volumeMounts: + - mountPath: "/etc/ssl/certs" + name: ssh-key + readOnly: true + - name: workspace-volume + mountPath: /workspace diff --git a/instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml b/instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml new file mode 100644 index 000000000..88b8136a4 --- /dev/null +++ b/instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml @@ -0,0 +1,144 @@ +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: km-watcher + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "172" +--- +kind: Role +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: km-watcher-role + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "173" +rules: + - verbs: + - list + - watch + apiGroups: + - '' + resources: + - events + - pods +--- +kind: RoleBinding +apiVersion: rbac.authorization.k8s.io/v1 +metadata: + name: km-watcher-binding + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "174" +subjects: + - kind: ServiceAccount + name: km-watcher + namespace: "{{ .Values.aibroker_namespace }}" +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: km-watcher-role + +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: km-watcher + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "175" + labels: + app: km-watcher +data: + EXCLUDE_POD_NAMESPACES: "openshift-operators,openshift-pipelines" + WATCHER_SENDER_DELAY: "5" + EXCLUDE_JOB_NAMESPACES: "ibm-cpd" + CONTROLLER_URL: "https://km-controller:8443" + TENANTS_BUCKET: {{ .Values.mas_aibroker_storage_tenants_bucket }} + PIPELINES: "{{ .Values.aibroker_namespace }}" +--- +apiVersion: v1 +kind: Service +metadata: + name: km-watcher + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "176" +spec: + ports: + - name: http + port: 3000 + targetPort: http + selector: + app: km-watcher + type: ClusterIP + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: km-watcher + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "177" + labels: + app: km-watcher + component: watcher +spec: + replicas: 1 + selector: + matchLabels: + app: km-watcher + template: + metadata: + labels: + app: km-watcher + component: watcher + spec: + serviceAccountName: km-watcher + imagePullSecrets: + - name: "{{ .Values.pullSecretName }}" + containers: + - name: watcher + image: "{{ .Values.image_watcher }}" + imagePullPolicy: Always + securityContext: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + privileged: false + runAsNonRoot: true + capabilities: + drop: + - ALL + ports: + - name: http + containerPort: 3000 + resources: + requests: + memory: "64Mi" + cpu: "50m" + ephemeral-storage: "1Gi" + limits: + memory: "256Mi" + cpu: "100m" + ephemeral-storage: "2Gi" + livenessProbe: + httpGet: + path: /version + port: 3000 + scheme: HTTP + initialDelaySeconds: 15 + periodSeconds: 500 + readinessProbe: + httpGet: + path: /version + port: 3000 + scheme: HTTP + initialDelaySeconds: 5 + periodSeconds: 500 + envFrom: + - configMapRef: + name: km-watcher + - secretRef: + name: km-s3-secret diff --git a/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml b/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml new file mode 100644 index 000000000..2218aa925 --- /dev/null +++ b/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml @@ -0,0 +1,167 @@ +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: km-controller + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "178" + labels: + app: km-controller +data: + CONTAINER_REGISTRY: "{{ .Values.mas_icr_cp }}/aibroker" + #DOCKER_SERVER: "{{ .Values.mas_icr_cp }}/aibroker" + PIPELINES_BUCKET: "{{ .Values.mas_aibroker_storage_pipelines_bucket }}" + TENANTS_BUCKET: "{{ .Values.mas_aibroker_storage_tenants_bucket }}" + DOCKER_SECRETS_NAME: "ibm-entitlement" + CONNECTOR_IMAGE_PREFIX: '' + PIPELINE_STEP_IMAGE_PREFIX: '' + PIPELINE_DEFAULT_STEP_TAG: "{{ .Values.mas_aibroker_pipeline_steps_tag }}" + CONNECTOR_DEFAULT_TAG: "{{ .Values.mas_aibroker_connector_tag }}" + DEFAULT_TENANTS: "{{ .Values.mas_aibroker_provision_tenant }}" + PLATFORM: openshift + PVC_STORAGE_CLASS_NAME: "{{ .Values.primary_storage_class }}" + LOG_FORMAT: "json" + MODEL_ID_UNIQUE_LENGTH: "{{ .Values.model_id_unique_length }}" + MODEL_ID_PREFIX: "{{ .Values.model_id_prefix }}" + AFFINITY_ENABLED: "false" + CONNECTOR_TTL: "10" + + +--- +apiVersion: v1 +kind: Service +metadata: + name: km-controller + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "179" +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + app: km-controller + type: ClusterIP + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: km-controller-pvc + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "180" +spec: + accessModes: + - ReadWriteOnce + volumeMode: Filesystem + resources: + requests: + storage: 1Gi + storageClassName: "{{ .Values.primary_storage_class }}" + + +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: km-controller + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "181" + + +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: km-controller + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "182" + labels: + app: km-controller + component: controller +spec: + replicas: 1 + revisionHistoryLimit: 1 + selector: + matchLabels: + app: km-controller + template: + metadata: + labels: + app: km-controller + component: controller + spec: + serviceAccountName: km-controller + volumes: + - name: workspace-volume + emptyDir: {} + - name: ssh-key + secret: + secretName: "{{ .Values.aibroker_internal_tls }}" + imagePullSecrets: + - name: "{{ .Values.pullSecretName }}" + containers: + - name: controller + image: "{{ .Values.image_controller }}" + imagePullPolicy: Always + securityContext: + readOnlyRootFilesystem: false + allowPrivilegeEscalation: false + privileged: false + runAsNonRoot: true + capabilities: + drop: + - ALL + ports: + - name: http + containerPort: 3000 + - name: https + containerPort: 8443 + resources: + requests: + memory: "128Mi" + cpu: "100m" + ephemeral-storage: "1Gi" + limits: + memory: "256Mi" + cpu: "200m" + ephemeral-storage: "2Gi" + livenessProbe: + httpGet: + path: /api/v1/version + port: 8443 + scheme: HTTPS + initialDelaySeconds: 15 + periodSeconds: 500 + readinessProbe: + httpGet: + path: /api/v1/version + port: 8443 + scheme: HTTPS + initialDelaySeconds: 5 + periodSeconds: 500 + env: + - name: KMODELS_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: KMODELS_ID + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: km-controller + - secretRef: + name: km-s3-secret + volumeMounts: + - name: workspace-volume + mountPath: /workspace + - name: ssh-key + mountPath: "/etc/ssl/certs" + readOnly: true diff --git a/instance-applications/114-ibm-kmodels/values.yaml b/instance-applications/114-ibm-kmodels/values.yaml new file mode 100644 index 000000000..caa8a79f0 --- /dev/null +++ b/instance-applications/114-ibm-kmodels/values.yaml @@ -0,0 +1,49 @@ +--- +run_sync_hooks: true +mas_instance_id: "sremat" +aibroker_internal_tls: "{{ mas_instance_id }}-internal-aibroker-tls" +aibroker_namespace: "mas-sremat-aibroker" + +mas_aibroker_storage_provider: "aws" +mas_aibroker_storage_ssl: "false" + +# following are the variable need to injected via environment variable +mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" +mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" +mas_aibroker_storage_host: "mas_aibroker_storage_host" +mas_aibroker_storage_port: "mas_aibroker_storage_port" +mas_aibroker_storage_region: "mas_aibroker_storage_region" + +ssh_secret_name: "sremat-kmodel-aibroker-tls" +ssh_secret_password: "sremat" +# vars file for kmodels +pullSecretName: "ibm-entitlement" + +docker_server: "MAS_ICR_CP/aibroker" + +tenantNamespace: "aibroker-MAS_AIBROKER_TENANT_NAME" +# mas_aibroker_provision_tenant: "MAS_AIBROKER_PROVISION_TENANT" +primary_storage_class: "PRIMARY_STORAGE_CLASS" + +# Bucket names +mas_aibroker_storage_templates_bucket: "MAS_AIBROKER_STORAGE_TEMPLATES_BUCKET" +mas_aibroker_storage_tenants_bucket: "MAS_AIBROKER_STORAGE_TENANTS_BUCKET" +mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" + +#container images +image_store: "MAS_ICR_CP/aibroker/store:1.0.2" +image_watcher: "MAS_ICR_CP/aibroker/watcher:1.0.2-pre.dev10x" +image_controller: "MAS_ICR_CP/aibroker/controller:1.0.2-pre.dev10x" + +mas_aibroker_pipeline_steps_tag: 1.0.0 +mas_aibroker_connector_tag: 1.0.0 + +# model +# model_id_unique_length: "8" +# model_id_prefix: "m" + + +# Source container registry +# ----------------------------------------------------------------------------- +# mas_icr_cp: "cp.icr.io/cp" +mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" \ No newline at end of file diff --git a/instance-applications/115-ibm-aibroker-tenant/Chart.yaml b/instance-applications/115-ibm-aibroker-tenant/Chart.yaml new file mode 100644 index 000000000..276ee7e13 --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/Chart.yaml @@ -0,0 +1,11 @@ +apiVersion: v2 +name: ibm-aibroker-tenant +description: IBM AIBROKER TENANT +type: application +version: 1.0.0 + +dependencies: +- name: junitreporter + version: 1.0.0 + repository: "file://../../sub-charts/junitreporter/" + condition: junitreporter.devops_mongo_uri != "" \ No newline at end of file diff --git a/instance-applications/115-ibm-aibroker-tenant/README.md b/instance-applications/115-ibm-aibroker-tenant/README.md new file mode 100644 index 000000000..6ebd88b32 --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/README.md @@ -0,0 +1,3 @@ +IBM Aibroker Tenant +=============================================================================== +Deploy and configure aibroker tenant with configurable version \ No newline at end of file diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/00-aibroker-tenent-namespace.yaml b/instance-applications/115-ibm-aibroker-tenant/templates/00-aibroker-tenent-namespace.yaml new file mode 100644 index 000000000..f52cf4072 --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/templates/00-aibroker-tenent-namespace.yaml @@ -0,0 +1,53 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: "{{ .Values.tenantNamespace }}" + annotations: + argocd.argoproj.io/sync-wave: "289" + +--- +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: km-s3-secret + namespace: "{{ .Values.tenantNamespace }}" + annotations: + argocd.argoproj.io/sync-wave: "299" + {{- if eq .Values.mas_aibroker_storage_provider "aws" }} + serving.kserve.io/s3-endpoint: "{{ .Values.mas_aibroker_storage_host }}" + {{- else if eq .Values.mas_aibroker_storage_provider "minio" }} + serving.kserve.io/s3-endpoint: "{{ .Values.mas_aibroker_storage_host }}:{{ .Values.mas_aibroker_storage_port }}" + {{- end }} + {{- if eq .Values.mas_aibroker_storage_ssl "false" }} + serving.kserve.io/s3-usehttps: "0" + {{- else }} + serving.kserve.io/s3-usehttps: "1" + {{- end }} + {{- if and (eq .Values.mas_aibroker_storage_provider "minio") (not .Values.mas_aibroker_storage_region | empty) }} + serving.kserve.io/s3-region: "{{ .Values.mas_aibroker_storage_region }}" + {{- end }} +stringData: + AWS_ACCESS_KEY_ID: "{{ .Values.mas_aibroker_storage_accesskey}}" + AWS_SECRET_ACCESS_KEY: "{{ .Values.mas_aibroker_storage_secretkey}}" + S3_ACCESS_KEY: "{{ .Values.mas_aibroker_storage_accesskey}}" + S3_SECRET_KEY: "{{ .Values.mas_aibroker_storage_secretkey}}" + S3_HOST: "{{ .Values.mas_aibroker_storage_host}}" + S3_PORT: "{{ .Values.mas_aibroker_storage_port}}" + S3_REGION: "{{ .Values.mas_aibroker_storage_region}}" + S3_SSL: "{{ .Values.mas_aibroker_storage_ssl}}" + +--- + +kind: Secret +apiVersion: v1 +metadata: + name: ibm-entitlement + namespace: "{{ .Values.tenantNamespace }}" + annotations: + argocd.argoproj.io/sync-wave: "300" +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: "{{ .Values.artifactory_token}}" + diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/01-aibroker-sls-secret.yaml b/instance-applications/115-ibm-aibroker-tenant/templates/01-aibroker-sls-secret.yaml new file mode 100644 index 000000000..7e1ee6818 --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/templates/01-aibroker-sls-secret.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Values.tenantNamespace }}----sls-secret" + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "301" + labels: + mas.ibm.com/applicationId: aibroker + mas.ibm.com/instanceId: "{{ .Values.aibroker_instance_id }}" + {{- if .Values.custom_labels }} + {{- range $key, $val := .Values.custom_labels }} + {{ $key | quote }}: {{ $val | quote }} + {{- end }} + {{- end }} +type: Opaque +stringData: + SLS_REGISTRATION_KEY: "{{ .Values.slscfg_registration_key }}" \ No newline at end of file diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/02-aibroker-rsl-secret.yaml b/instance-applications/115-ibm-aibroker-tenant/templates/02-aibroker-rsl-secret.yaml new file mode 100644 index 000000000..0ba45edfa --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/templates/02-aibroker-rsl-secret.yaml @@ -0,0 +1,22 @@ +--- + +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: "{{ .Values.tenantNamespace }}----rsl-secret" + namespace: "{{ .Values.tenantNamespace }}" + labels: + mas.ibm.com/applicationId: aibroker + mas.ibm.com/instanceId: "{{ .Values.aibroker_instance_id }}" +{{- if .Values.custom_labels }} +{{- range $key, $value := .Values.custom_labels }} + {{ $key | quote }}: {{ $value | quote }} +{{- end }} +{{- end }} + annotations: + argocd.argoproj.io/sync-wave: "302" +stringData: + rsl_org_id: "{{ .Values.rsl_org_id }}" + rsl_url: "{{ .Values.rsl_url }}" + rsl_token: "{{ .Values.rsl_token }}" diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/03-aibroker-dro-secret.yaml b/instance-applications/115-ibm-aibroker-tenant/templates/03-aibroker-dro-secret.yaml new file mode 100644 index 000000000..9d5676e1d --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/templates/03-aibroker-dro-secret.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Values.tenantNamespace }}----dro-secret" + namespace: "{{ .Values.aibroker_namespace }}" + labels: + mas.ibm.com/applicationId: aibroker + mas.ibm.com/instanceId: "{{ .Values.aibroker_instance_id }}" + {{- if .Values.custom_labels }} + {{- range $key, $val := .Values.custom_labels }} + {{ $key | quote }}: {{ $val | quote }} + {{- end }} + {{- end }} + annotations: + argocd.argoproj.io/sync-wave: "303" +type: Opaque +stringData: + DRO_TOKEN: "{{ .Values.drocfg_registration_key }}" diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/04-aibroker-s3-secret.yaml b/instance-applications/115-ibm-aibroker-tenant/templates/04-aibroker-s3-secret.yaml new file mode 100644 index 000000000..c178a9c01 --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/templates/04-aibroker-s3-secret.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Values.tenantNamespace }}----s3-secret" + namespace: "{{ .Values.aibroker_namespace }}" + {{- if .Values.custom_labels }} + labels: + {{- range $key, $val := .Values.custom_labels }} + {{ $key | quote }}: {{ $val | quote }} + {{- end }} + {{- end }} + annotations: + argocd.argoproj.io/sync-wave: "304" +type: Opaque +stringData: + ACCESS-KEY: "{{ .Values.mas_aibroker_storage_accesskey }}" + SECRET-KEY: "{{ .Values.mas_aibroker_storage_secretkey }}" + {{- if eq .Values.mas_aibroker_storage_provider "aws" }} + URL: "{{ .Values.mas_aibroker_storage_host }}" + {{- else if eq .Values.mas_aibroker_storage_provider "minio" }} + URL: "http://{{ .Values.mas_aibroker_storage_host }}:{{ .Values.mas_aibroker_storage_port }}" + {{- end }} + REGION: "{{ .Values.mas_aibroker_storage_region }}" diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/05-aibroker-wx.yaml b/instance-applications/115-ibm-aibroker-tenant/templates/05-aibroker-wx.yaml new file mode 100644 index 000000000..28b74c246 --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/templates/05-aibroker-wx.yaml @@ -0,0 +1,41 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Values.tenantNamespace }}----wx-secret" + namespace: "{{ .Values.aibroker_namespace }}" + {{- if .Values.custom_labels }} + labels: + {{- range $key, $val := .Values.custom_labels }} + {{ $key | quote }}: {{ $val | quote }} + {{- end }} + {{- end }} + annotations: + argocd.argoproj.io/sync-wave: "305" +type: Opaque +stringData: + wx_apikey: "{{ .Values.mas_aibroker_watsonxai_apikey }}" + wx_url: "{{ .Values.mas_aibroker_watsonxai_url }}" + wx_project_id: "{{ .Values.mas_aibroker_watsonxai_project_id }}" + + +# Copy secrets to tenant namespace +--- +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Values.tenantNamespace }}----wx-secret" + namespace: "{{ .Values.tenantNamespace }}" + {{- if .Values.custom_labels }} + labels: + {{- range $key, $val := .Values.custom_labels }} + {{ $key | quote }}: {{ $val | quote }} + {{- end }} + {{- end }} + annotations: + argocd.argoproj.io/sync-wave: "306" +type: Opaque +stringData: + wx_apikey: "{{ .Values.mas_aibroker_watsonxai_apikey }}" + wx_url: "{{ .Values.mas_aibroker_watsonxai_url }}" + wx_project_id: "{{ .Values.mas_aibroker_watsonxai_project_id }}" diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/06-aibroker-workspace.yaml b/instance-applications/115-ibm-aibroker-tenant/templates/06-aibroker-workspace.yaml new file mode 100644 index 000000000..b4d6d1993 --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/templates/06-aibroker-workspace.yaml @@ -0,0 +1,53 @@ +--- +apiVersion: apps.mas.ibm.com/v1 +kind: AiBrokerWorkspace +metadata: + name: "{{ .Values.tenantNamespace }}" + namespace: "{{ .Values.aibroker_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "307" + labels: + mas.ibm.com/applicationId: "aibroker" + mas.ibm.com/instanceId: "{{ .Values.aibroker_instance_id }}" + {{- if .Values.custom_labels }} + {{- range $key, $val := .Values.custom_labels }} + {{ $key | quote }}: {{ $val | quote }} + {{- end }} + {{- end }} +spec: + settings: + # cluster_domain: "{{ .Values.cluster_domain }}" + # in_saas_env: "{{ .Values.in_saas_env }}" + icr: + cp: "{{ .Values.mas_icr_cp }}" + cpopen: "{{ .Values.mas_icr_cpopen }}" + dro: + url: "{{ .Values.drocfg_url }}" + secretName: "{{ .Values.tenantNamespace }}----dro-secret" + ca: "{{ .Values.drocfg_ca }}" + sls: + url: "{{ .Values.slscfg_url }}" + secretName: "{{ .Values.tenantNamespace }}----sls-secret" + ca: "{{ .Values.slscfg_ca_tenant }}" + # rsl added new in ansible ##review what is value of gitops-envs + rsl: + url: "{{ .Values.rsl_url }}" + orgId: "{{ .Values.rsl_org_id }}" + secretName: "{{ .Values.tenantNamespace }}----rsl-secret" + watsonxai: + url: "{{ .Values.mas_aibroker_watsonxai_url }}" + secretName: "{{ .Values.tenantNamespace }}----wx-secret" + project_id: "{{ .Values.mas_aibroker_watsonxai_project_id }}" + tenant: + tenant_id: "{{ .Values.tenantNamespace }}" + subscription_id: "{{ .Values.mas_aibroker_sls_subscription_id }}" + instance_id: "{{ .Values.aibroker_instance_id }}" + entitlement: + type: "{{ .Values.tenant_entitlement_type }}" + startDate: "{{ .Values.tenant_entitlement_start_date }}" + endDate: "{{ .Values.tenant_entitlement_end_date }}" + s3: + region: "{{ .Values.mas_aibroker_s3_region }}" + bucketPrefix: "{{ .Values.mas_aibroker_s3_bucket_prefix }}" + endpointUrl: "{{ .Values.mas_aibroker_s3_endpoint_url }}" + secretName: "{{ .Values.tenantNamespace }}----s3-secret" \ No newline at end of file diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/07-aibroker-ingress-allow-isvc.yaml b/instance-applications/115-ibm-aibroker-tenant/templates/07-aibroker-ingress-allow-isvc.yaml new file mode 100644 index 000000000..e4c8882c2 --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/templates/07-aibroker-ingress-allow-isvc.yaml @@ -0,0 +1,16 @@ +--- +kind: NetworkPolicy +apiVersion: networking.k8s.io/v1 +metadata: + name: allow-to-isvc + namespace: "{{ .Values.tenantNamespace }}" + annotations: + argocd.argoproj.io/sync-wave: "308" +spec: + podSelector: + matchLabels: + component: predictor + ingress: + - {} + policyTypes: + - Ingress diff --git a/instance-applications/115-ibm-aibroker-tenant/values.yaml b/instance-applications/115-ibm-aibroker-tenant/values.yaml new file mode 100644 index 000000000..0f67d4b87 --- /dev/null +++ b/instance-applications/115-ibm-aibroker-tenant/values.yaml @@ -0,0 +1,64 @@ +--- +mas_instance_id: "MAS_INSTANCE_ID" +aibroker_namespace: "mas-{{ mas_instance_id }}-aibroker" +ibm_entitlement_key: "" + +# SAAS +aibroker_saas_apikey: "AIBROKER_SAAS_APIKEY" +in_saas_env: "true" +mas_aibroker_saas: "false" +mas_aibroker_provision_tenant: "provision-tenant" + +# Tenant +artifactory_token: "ARTIFACTORY_TOKEN" + +mas_aibroker_tenant_name: "user" +tenant_action: "true" +tenantNamespace: 'aibroker-{{ mas_aibroker_tenant_name }}' + +# cluster_domain: "" +mas_icr_cp: "cp.icr.io/cp" +mas_icr_cpopen: "icr.io/cpopen" + +# DRO +# mas_aibroker_dro_token_secret: "dro-token" +mas_aibroker_dro_cacert_secret: "dro-certificates" +drocfg_url: "{{ drocfg[1].spec.config.url }}" +drocfg_ca: "ca.crt" +drocfg_registration_key: "DRO_TOKEN" + +#sls +slscfg_registration_key: "registration_key" +slscfg_url: "{{ config.url }}" +# instanceIdentifier: 88abcdefghijkl +# slscfg_clientId: "aibroker-88s55n4n7obrkn" +# slscfg_ca: "aibroker-88s55n4n7obrkn-ca.crt" +# slscfg_tls: "aibroker-88s55n4n7obrkn-tls.crt" +# slscfg_key: "aibroker-88s55n4n7obrkn-tls.key" + +# WatsonX +mas_aibroker_watsonxai_apikey: MAS_AIBROKER_WATSONXAI_APIKEY +mas_aibroker_watsonxai_url: MAS_AIBROKER_WATSONXAI_URL +mas_aibroker_watsonxai_project_id: MAS_AIBROKER_WATSONXAI_PROJECT_ID + +# SLS +#mas_aibroker_sls_registration_key_secret: "sls-registration-key" +mas_aibroker_sls_subscription_id: "001" + +# S3 +mas_aibroker_storage_provider: "minio" +mas_aibroker_storage_ssl: "true" +# following are the variable need to injected via environment variable +mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" +mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" +mas_aibroker_storage_host: "mas_aibroker_storage_host" +mas_aibroker_storage_port: "mas_aibroker_storage_port" +mas_aibroker_storage_region: "mas_aibroker_storage_region" +# mas_aibroker_storage_pipelines_bucket: "aibrokeruser-training-bucket" +mas_aibroker_s3_endpoint_url: "MAS_AIBROKER_TENANT_S3_ENDPOINT_URL" +mas_aibroker_s3_region: "MAS_AIBROKER_TENANT_S3_REGION" +mas_aibroker_s3_bucket_prefix: "MAS_AIBROKER_TENANT_S3_BUCKET_PREFIX" + +tenant_entitlement_type: "MAS_AIBROKER_TENANT_ENTITLEMENT_TYPE" +tenant_entitlement_start_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_START_DATE" +tenant_entitlement_end_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_END_DATE" diff --git a/instance-applications/120-ibm-db2u-database/templates/00-presync-await-crd_Job.yaml b/instance-applications/120-ibm-db2u-database/templates/00-presync-await-crd_Job.yaml index 70054684d..a9312adc0 100644 --- a/instance-applications/120-ibm-db2u-database/templates/00-presync-await-crd_Job.yaml +++ b/instance-applications/120-ibm-db2u-database/templates/00-presync-await-crd_Job.yaml @@ -1,7 +1,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} --- # Service account that is authorized to read k8s secrets (needed by the job) diff --git a/instance-applications/120-ibm-db2u-database/templates/04-db2u-Backup_Cron.yaml b/instance-applications/120-ibm-db2u-database/templates/04-db2u-Backup_Cron.yaml index 1ffc8366c..d85d82daa 100644 --- a/instance-applications/120-ibm-db2u-database/templates/04-db2u-Backup_Cron.yaml +++ b/instance-applications/120-ibm-db2u-database/templates/04-db2u-Backup_Cron.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} #apiVersion: batch/v1beta1 kind: CronJob diff --git a/instance-applications/120-ibm-db2u-database/templates/07-postsync-setup-db2_Job.yaml b/instance-applications/120-ibm-db2u-database/templates/07-postsync-setup-db2_Job.yaml index df2bf8ab6..d4d2b29d9 100644 --- a/instance-applications/120-ibm-db2u-database/templates/07-postsync-setup-db2_Job.yaml +++ b/instance-applications/120-ibm-db2u-database/templates/07-postsync-setup-db2_Job.yaml @@ -9,7 +9,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/120-ibm-db2u-database/templates/10-postsync-setup-hadr.yaml b/instance-applications/120-ibm-db2u-database/templates/10-postsync-setup-hadr.yaml index 8fb9123d1..d8f25611f 100644 --- a/instance-applications/120-ibm-db2u-database/templates/10-postsync-setup-hadr.yaml +++ b/instance-applications/120-ibm-db2u-database/templates/10-postsync-setup-hadr.yaml @@ -10,7 +10,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/120-ibm-spark/templates/02-ibm-spark-control-plane.yaml b/instance-applications/120-ibm-spark/templates/02-ibm-spark-control-plane.yaml index f16d486e2..710d43d55 100644 --- a/instance-applications/120-ibm-spark/templates/02-ibm-spark-control-plane.yaml +++ b/instance-applications/120-ibm-spark/templates/02-ibm-spark-control-plane.yaml @@ -7,7 +7,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/120-ibm-spss/templates/02-ibm-spss-post-verify.yaml b/instance-applications/120-ibm-spss/templates/02-ibm-spss-post-verify.yaml index af34cdd30..f718d966a 100644 --- a/instance-applications/120-ibm-spss/templates/02-ibm-spss-post-verify.yaml +++ b/instance-applications/120-ibm-spss/templates/02-ibm-spss-post-verify.yaml @@ -7,7 +7,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/120-ibm-wsl/templates/02-ibm-wsl-post-verify.yaml b/instance-applications/120-ibm-wsl/templates/02-ibm-wsl-post-verify.yaml index c41a7d1ff..09b1e9449 100644 --- a/instance-applications/120-ibm-wsl/templates/02-ibm-wsl-post-verify.yaml +++ b/instance-applications/120-ibm-wsl/templates/02-ibm-wsl-post-verify.yaml @@ -7,7 +7,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/130-ibm-jdbc-config/templates/00-presync-create-db2-user_Job.yaml b/instance-applications/130-ibm-jdbc-config/templates/00-presync-create-db2-user_Job.yaml index dd63cb193..841ba48ad 100644 --- a/instance-applications/130-ibm-jdbc-config/templates/00-presync-create-db2-user_Job.yaml +++ b/instance-applications/130-ibm-jdbc-config/templates/00-presync-create-db2-user_Job.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $ns := printf "mas-%s-core" .Values.instance_id }} {{ $prefix := printf "pre-jdbc-usr-%s" .Values.mas_config_name }} diff --git a/instance-applications/130-ibm-jdbc-config/templates/postdelete-delete-cr.yaml b/instance-applications/130-ibm-jdbc-config/templates/postdelete-delete-cr.yaml index fcaf02159..2d049351d 100644 --- a/instance-applications/130-ibm-jdbc-config/templates/postdelete-delete-cr.yaml +++ b/instance-applications/130-ibm-jdbc-config/templates/postdelete-delete-cr.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $cr_name := .Values.mas_config_name }} {{ $cr_kind := .Values.mas_config_kind }} diff --git a/instance-applications/130-ibm-jdbc-config/templates/postdelete-delete-db2-user_Job.yaml b/instance-applications/130-ibm-jdbc-config/templates/postdelete-delete-db2-user_Job.yaml index 14430e733..63c2b2c28 100644 --- a/instance-applications/130-ibm-jdbc-config/templates/postdelete-delete-db2-user_Job.yaml +++ b/instance-applications/130-ibm-jdbc-config/templates/postdelete-delete-db2-user_Job.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $ns := printf "mas-%s-syncres" .Values.instance_id }} {{ $prefix := printf "post-jdbc-usr-%s" .Values.mas_config_name }} diff --git a/instance-applications/130-ibm-kafka-config/templates/postdelete-delete-cr.yaml b/instance-applications/130-ibm-kafka-config/templates/postdelete-delete-cr.yaml index abb5c2775..ac634200e 100644 --- a/instance-applications/130-ibm-kafka-config/templates/postdelete-delete-cr.yaml +++ b/instance-applications/130-ibm-kafka-config/templates/postdelete-delete-cr.yaml @@ -18,7 +18,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} --- apiVersion: batch/v1 diff --git a/instance-applications/130-ibm-mas-bas-config/templates/postdelete-delete-cr.yaml b/instance-applications/130-ibm-mas-bas-config/templates/postdelete-delete-cr.yaml index 77d84ae46..bd1742270 100644 --- a/instance-applications/130-ibm-mas-bas-config/templates/postdelete-delete-cr.yaml +++ b/instance-applications/130-ibm-mas-bas-config/templates/postdelete-delete-cr.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $cr_name := .Values.mas_config_name }} {{ $cr_kind := .Values.mas_config_kind }} diff --git a/instance-applications/130-ibm-mas-idp-config/templates/postdelete-delete-cr.yaml b/instance-applications/130-ibm-mas-idp-config/templates/postdelete-delete-cr.yaml index 77d84ae46..bd1742270 100644 --- a/instance-applications/130-ibm-mas-idp-config/templates/postdelete-delete-cr.yaml +++ b/instance-applications/130-ibm-mas-idp-config/templates/postdelete-delete-cr.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $cr_name := .Values.mas_config_name }} {{ $cr_kind := .Values.mas_config_kind }} diff --git a/instance-applications/130-ibm-mas-mongo-config/templates/postdelete-delete-cr.yaml b/instance-applications/130-ibm-mas-mongo-config/templates/postdelete-delete-cr.yaml index 64b90042b..2c746f714 100644 --- a/instance-applications/130-ibm-mas-mongo-config/templates/postdelete-delete-cr.yaml +++ b/instance-applications/130-ibm-mas-mongo-config/templates/postdelete-delete-cr.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $cr_name := .Values.mas_config_name }} {{ $cr_kind := .Values.mas_config_kind }} diff --git a/instance-applications/130-ibm-mas-sls-config/templates/postdelete-delete-cr.yaml b/instance-applications/130-ibm-mas-sls-config/templates/postdelete-delete-cr.yaml index 77d84ae46..bd1742270 100644 --- a/instance-applications/130-ibm-mas-sls-config/templates/postdelete-delete-cr.yaml +++ b/instance-applications/130-ibm-mas-sls-config/templates/postdelete-delete-cr.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $cr_name := .Values.mas_config_name }} {{ $cr_kind := .Values.mas_config_kind }} diff --git a/instance-applications/130-ibm-mas-smtp-config/templates/postdelete-delete-cr.yaml b/instance-applications/130-ibm-mas-smtp-config/templates/postdelete-delete-cr.yaml index 77d84ae46..bd1742270 100644 --- a/instance-applications/130-ibm-mas-smtp-config/templates/postdelete-delete-cr.yaml +++ b/instance-applications/130-ibm-mas-smtp-config/templates/postdelete-delete-cr.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $cr_name := .Values.mas_config_name }} {{ $cr_kind := .Values.mas_config_kind }} diff --git a/instance-applications/130-ibm-mas-suite/templates/05-postsync-add-label_Job.yaml b/instance-applications/130-ibm-mas-suite/templates/05-postsync-add-label_Job.yaml index 7b9e6ff32..e6d30b6f9 100644 --- a/instance-applications/130-ibm-mas-suite/templates/05-postsync-add-label_Job.yaml +++ b/instance-applications/130-ibm-mas-suite/templates/05-postsync-add-label_Job.yaml @@ -8,7 +8,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/130-ibm-mas-suite/templates/06-postsync-configtool-oidc.yaml b/instance-applications/130-ibm-mas-suite/templates/06-postsync-configtool-oidc.yaml index bcba59d03..055ae843a 100644 --- a/instance-applications/130-ibm-mas-suite/templates/06-postsync-configtool-oidc.yaml +++ b/instance-applications/130-ibm-mas-suite/templates/06-postsync-configtool-oidc.yaml @@ -10,7 +10,7 @@ Meaningful prefix for the job resource name. Must be under 52 chars in length to Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/130-ibm-objectstorage-config/templates/postdelete-delete-cr.yaml b/instance-applications/130-ibm-objectstorage-config/templates/postdelete-delete-cr.yaml index 77d84ae46..bd1742270 100644 --- a/instance-applications/130-ibm-objectstorage-config/templates/postdelete-delete-cr.yaml +++ b/instance-applications/130-ibm-objectstorage-config/templates/postdelete-delete-cr.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $cr_name := .Values.mas_config_name }} {{ $cr_kind := .Values.mas_config_kind }} diff --git a/instance-applications/220-ibm-mas-workspace/templates/05-postsync-add-label_Job.yaml b/instance-applications/220-ibm-mas-workspace/templates/05-postsync-add-label_Job.yaml index 077c0f726..0f638da25 100644 --- a/instance-applications/220-ibm-mas-workspace/templates/05-postsync-add-label_Job.yaml +++ b/instance-applications/220-ibm-mas-workspace/templates/05-postsync-add-label_Job.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} --- # Permit outbound communication by the Job pods diff --git a/instance-applications/500-540-ibm-mas-suite-app-install/templates/00-presync-add-mvi-scc_Job.yaml b/instance-applications/500-540-ibm-mas-suite-app-install/templates/00-presync-add-mvi-scc_Job.yaml index 9b2d20ff8..71a509388 100644 --- a/instance-applications/500-540-ibm-mas-suite-app-install/templates/00-presync-add-mvi-scc_Job.yaml +++ b/instance-applications/500-540-ibm-mas-suite-app-install/templates/00-presync-add-mvi-scc_Job.yaml @@ -4,7 +4,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $ns := .Values.mas_app_namespace }} diff --git a/instance-applications/500-540-ibm-mas-suite-app-install/templates/06-postsync-add-mvi-scc_Job.yaml b/instance-applications/500-540-ibm-mas-suite-app-install/templates/06-postsync-add-mvi-scc_Job.yaml index 549aaa044..2ee0fa566 100644 --- a/instance-applications/500-540-ibm-mas-suite-app-install/templates/06-postsync-add-mvi-scc_Job.yaml +++ b/instance-applications/500-540-ibm-mas-suite-app-install/templates/06-postsync-add-mvi-scc_Job.yaml @@ -4,7 +4,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $ns := .Values.mas_app_namespace }} diff --git a/instance-applications/510-550-ibm-mas-suite-app-config/templates/02-ibm-manage-update_Job.yaml b/instance-applications/510-550-ibm-mas-suite-app-config/templates/02-ibm-manage-update_Job.yaml index bdb996566..b7eeaf9ba 100644 --- a/instance-applications/510-550-ibm-mas-suite-app-config/templates/02-ibm-manage-update_Job.yaml +++ b/instance-applications/510-550-ibm-mas-suite-app-config/templates/02-ibm-manage-update_Job.yaml @@ -5,7 +5,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $ns := .Values.mas_app_namespace }} {{ $prefix := printf "%s-manage-update" .Values.mas_workspace_id}} diff --git a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-add-label_Job.yaml b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-add-label_Job.yaml index 755334c82..9e90a4931 100644 --- a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-add-label_Job.yaml +++ b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-add-label_Job.yaml @@ -1,7 +1,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $ns := .Values.mas_app_namespace }} {{ $job_label := "mas-app-route-patch" }} diff --git a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-manage-sanity.yaml b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-manage-sanity.yaml index 605efdc51..ba89d1400 100644 --- a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-manage-sanity.yaml +++ b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-manage-sanity.yaml @@ -4,7 +4,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} # A sanity test is one that can be disruptive i.e. it can create new users, call authenticated apis, creates resources # in the application. This type of test should only be run in a downstream environment such as a dev or staging env diff --git a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-manage-verify.yaml b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-manage-verify.yaml index 1b376d71c..28ee02903 100644 --- a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-manage-verify.yaml +++ b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-manage-verify.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} # A verify test is one that is non disruptive i.e. it won't create new users, i won't call authenticated apis, and it won't creates resources # in the application. This type of test is run on every environment and allows a layer of verification of the app diff --git a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-maximoit-sanity.yaml b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-maximoit-sanity.yaml index d51467cb8..3171dca29 100644 --- a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-maximoit-sanity.yaml +++ b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-maximoit-sanity.yaml @@ -5,7 +5,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} # A sanity test is one that can be disruptive i.e. it can create new users, call authenticated apis, creates resources # in the application. This type of test should only be run in a downstream environment such as a dev or staging env diff --git a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-maximoit-verify.yaml b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-maximoit-verify.yaml index 33cf46dd9..5a17199e8 100644 --- a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-maximoit-verify.yaml +++ b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-maximoit-verify.yaml @@ -4,7 +4,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} # A verify test is one that is non disruptive i.e. it won't create new users, i won't call authenticated apis, and it won't creates resources # in the application. This type of test is run on every environment and allows a layer of verification of the app diff --git a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-mvi-sanity.yaml b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-mvi-sanity.yaml index bfd40b3e1..b7358f70c 100644 --- a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-mvi-sanity.yaml +++ b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-mvi-sanity.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $ns := .Values.mas_app_namespace }} {{ $np_name := "postsync-sanity-mvi-np" }} diff --git a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-mvi-verify.yaml b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-mvi-verify.yaml index 2ccc08146..c95c3407f 100644 --- a/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-mvi-verify.yaml +++ b/instance-applications/510-550-ibm-mas-suite-app-config/templates/04-postsync-mvi-verify.yaml @@ -4,7 +4,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $ns := .Values.mas_app_namespace }} diff --git a/instance-applications/510-550-ibm-mas-suite-app-config/templates/700-702-postsync-db2-manage.yaml b/instance-applications/510-550-ibm-mas-suite-app-config/templates/700-702-postsync-db2-manage.yaml index 33d2dae60..2fe64cd73 100644 --- a/instance-applications/510-550-ibm-mas-suite-app-config/templates/700-702-postsync-db2-manage.yaml +++ b/instance-applications/510-550-ibm-mas-suite-app-config/templates/700-702-postsync-db2-manage.yaml @@ -86,7 +86,7 @@ will take care of differentiating the jobs. Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. Included in $_job_hash (see below). */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/instance-applications/600-ibm-post-sync-jobs/templates/001-ibm-create-initial-users.yaml b/instance-applications/600-ibm-post-sync-jobs/templates/001-ibm-create-initial-users.yaml index a1ecc3393..3c0ba4a9b 100644 --- a/instance-applications/600-ibm-post-sync-jobs/templates/001-ibm-create-initial-users.yaml +++ b/instance-applications/600-ibm-post-sync-jobs/templates/001-ibm-create-initial-users.yaml @@ -11,7 +11,7 @@ Use the build/bin/set-cli-image-tag.sh script to update this value across all ch Included in $_job_hash (see below). 13.22.1-amd64 - includes mas-devops-create-initial-users script from https://github.com/ibm-mas/python-devops/pull/66 */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:3735885b3b9d46fcf6408c008768cc04faf2e28c1fa5f6da7c5f969931e2d3cd" }} {{- /* A dict of values that influence the behaviour of the job in some way. diff --git a/main.py b/main.py index 24f63c52c..62c4e1cc1 100644 --- a/main.py +++ b/main.py @@ -69,6 +69,9 @@ def instance_root_chart(): return gitops_repo_dir_link("root-applications/ibm-mas-instance-root", "Instance Root Chart") env.macro(instance_root_chart) + def tenant_root_chart(): + return gitops_repo_dir_link("root-applications/ibm-aibroker-tenant-root", "Tenant Root Chart") + env.macro(tenant_root_chart) def cluster_root_app_set(): @@ -79,3 +82,11 @@ def instance_root_app_set(): return gitops_repo_file_link("root-applications/ibm-mas-cluster-root/templates/099-instance-appset.yaml", "Instance Root Application Set") env.macro(instance_root_app_set) + def aibroker_instance_root_app_set(): + return gitops_repo_file_link("root-applications/ibm-mas-cluster-root/templates/099-aibroker-instance-appset.yaml", "AiBroker Instance Root Application Set") + env.macro(aibroker_instance_root_app_set) + + def aibroker_tenant_root_app_set(): + return gitops_repo_file_link("root-applications/ibm-aibroker-instance-root/templates/070-aibroker-tenant-appset.yaml", "AiBroker Tenant Root Application Set") + env.macro(aibroker_tenant_root_app_set) + diff --git a/root-applications/ibm-aibroker-instance-root/Chart.yaml b/root-applications/ibm-aibroker-instance-root/Chart.yaml new file mode 100644 index 000000000..ab5f07702 --- /dev/null +++ b/root-applications/ibm-aibroker-instance-root/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +name: ibm-aibroker-instance-root +description: IBM AIBroker instance root +type: application +version: 1.0.0 diff --git a/root-applications/ibm-aibroker-instance-root/README.md b/root-applications/ibm-aibroker-instance-root/README.md new file mode 100644 index 000000000..5db7af8f2 --- /dev/null +++ b/root-applications/ibm-aibroker-instance-root/README.md @@ -0,0 +1,3 @@ +IBM AIBroker Instance Root Application +=============================================================================== +Installs various ArgoCD Applications for managing instance-level AIBroker dependencies (e.g. Minio, ODH etc) and AIBroker Applications (e.g. kmodel, aibroker-tenant etc) on the target cluster. \ No newline at end of file diff --git a/root-applications/ibm-aibroker-instance-root/templates/030-ibm-odh-app.yaml b/root-applications/ibm-aibroker-instance-root/templates/030-ibm-odh-app.yaml new file mode 100644 index 000000000..9dffa6865 --- /dev/null +++ b/root-applications/ibm-aibroker-instance-root/templates/030-ibm-odh-app.yaml @@ -0,0 +1,114 @@ +{{- if not (empty .Values.ibm_odh) }} +--- +# IBM Maximo ODH +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: odh.{{ .Values.cluster.id }}.{{ .Values.instance.id }} + namespace: {{ .Values.argo.namespace }} + labels: + environment: '{{ .Values.account.id }}' + region: '{{ .Values.region.id }}' + cluster: '{{ .Values.cluster.id }}' + instance: '{{ .Values.instance.id }}' + annotations: + argocd.argoproj.io/sync-wave: "030" + healthCheckTimeout: "1800" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} + {{- end }} + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: "{{ .Values.argo.projects.apps }}" + destination: + server: {{ .Values.cluster.url }} + namespace: "{{ .Values.ibm_odh.openshift_namespace }}" + source: + repoURL: "{{ .Values.source.repo_url }}" + path: instance-applications/112-ibm-odh + targetRevision: "{{ .Values.source.revision }}" + plugin: + name: {{ .Values.avp.name }} + env: + - name: {{ .Values.avp.values_varname }} + value: | + openshift_namespace: "{{ .Values.ibm_odh.openshift_namespace }}" + odh_pipeline_name: "{{ .Values.ibm_odh.odh_pipeline_name }}" + odh_pipeline_namespace: "{{ .Values.ibm_odh.odh_pipeline_namespace }}" + odh_pipeline_operatorName: "{{ .Values.ibm_odh.odh_pipeline_operatorName }}" + odh_pipeline_source: "{{ .Values.ibm_odh.odh_pipeline_source }}" + odh_pipeline_sourceNamespace: "{{ .Values.ibm_odh.odh_pipeline_sourceNamespace }}" + serverless_namespace: "{{ .Values.ibm_odh.serverless_namespace }}" + serverless_operator_name: "{{ .Values.ibm_odh.serverless_operator_name }}" + serverless_operator_source: "{{ .Values.ibm_odh.serverless_operator_source }}" + serverless_operator_sourceNamespace: "{{ .Values.ibm_odh.serverless_operator_sourceNamespace }}" + opendatahub_OperatorGroup_name: "{{ .Values.ibm_odh.opendatahub_OperatorGroup_name }}" + opendatahub_name: "{{ .Values.ibm_odh.opendatahub_name }}" + opendatahub_channel: "{{ .Values.ibm_odh.opendatahub_channel }}" + opendatahub_namespace: "{{ .Values.ibm_odh.opendatahub_namespace }}" + opendatahub_installPlanApproval: "{{ .Values.ibm_odh.opendatahub_installPlanApproval }}" + opendatahub_source: "{{ .Values.ibm_odh.opendatahub_source }}" + opendatahub__sourceNamespace: "{{ .Values.ibm_odh.opendatahub__sourceNamespace }}" + + odh_pipeline_channel: "{{ .Values.ibm_odh.odh_pipeline_channel }}" + odh_pipeline_installplan: "{{ .Values.ibm_odh.odh_pipeline_installplan }}" + odh_namespace: "{{ .Values.ibm_odh.odh_namespace }}" + service_mesh_namespace: "{{ .Values.ibm_odh.service_mesh_namespace }}" + service_mesh_channel: "{{ .Values.ibm_odh.service_mesh_channel }}" + service_mesh_catalog_source: "{{ .Values.ibm_odh.service_mesh_catalog_source }}" + serverless_channel: "{{ .Values.ibm_odh.serverless_channel }}" + authorino_catalog_source: "{{ .Values.ibm_odh.authorino_catalog_source }}" + odh_channel: "{{ .Values.ibm_odh.odh_channel }}" + odh_catalog_source: "{{ .Values.ibm_odh.odh_catalog_source }}" + odh_operator_version: "{{ .Values.ibm_odh.odh_operator_version }}" + aibroker_namespace: "{{ .Values.ibm_odh.aibroker_namespace }}" + pull_secret_name: "{{ .Values.ibm_odh.pull_secret_name }}" + mas_aibroker_storage_provider: "{{ .Values.ibm_odh.mas_aibroker_storage_provider }}" + mas_aibroker_storage_accesskey: "{{ .Values.ibm_odh.mas_aibroker_storage_accesskey }}" + mas_aibroker_storage_secretkey: "{{ .Values.ibm_odh.mas_aibroker_storage_secretkey }}" + mas_aibroker_storage_host: "{{ .Values.ibm_odh.mas_aibroker_storage_host }}" + mas_aibroker_storage_port: "{{ .Values.ibm_odh.mas_aibroker_storage_port }}" + mas_aibroker_storage_ssl: "{{ .Values.ibm_odh.mas_aibroker_storage_ssl }}" + mas_aibroker_storage_region: "{{ .Values.ibm_odh.mas_aibroker_storage_region }}" + mas_aibroker_db_host: "{{ .Values.ibm_odh.mas_aibroker_db_host }}" + mas_aibroker_db_port: "{{ .Values.ibm_odh.mas_aibroker_db_port }}" + mas_aibroker_db_user: "{{ .Values.ibm_odh.mas_aibroker_db_user }}" + mas_aibroker_db_database: "{{ .Values.ibm_odh.mas_aibroker_db_database }}" + mas_aibroker_db_secret_key: "{{ .Values.ibm_odh.mas_aibroker_db_secret_key }}" + mas_aibroker_db_secret_name: "{{ .Values.ibm_odh.mas_aibroker_db_secret_name }}" + mas_aibroker_db_secret_value: "{{ .Values.ibm_odh.mas_aibroker_db_secret_value }}" + mas_aibroker_storage_pipelines_bucket: "{{ .Values.ibm_odh.mas_aibroker_storage_pipelines_bucket }}" + primary_storage_class: "{{ .Values.ibm_odh.primary_storage_class }}" + {{- if .Values.custom_labels }} + custom_labels: {{ .Values.custom_labels | toYaml | nindent 14 }} + {{- end }} + junitreporter: + reporter_name: "ibm-odh-{{ .Values.instance.id }}" + cluster_id: "{{ .Values.cluster.id }}" + devops_mongo_uri: "{{ .Values.devops.mongo_uri }}" + devops_build_number: "{{ .Values.devops.build_number }}" + gitops_version: "{{ .Values.source.revision }}" + - name: ARGOCD_APP_NAME + value: odh + {{- if not (empty .Values.avp.secret) }} + - name: AVP_SECRET + value: {{ .Values.avp.secret }} + {{- end }} + syncPolicy: + automated: + {{- if .Values.auto_delete }} + prune: true + {{- end }} + selfHeal: true + retry: + limit: 20 + syncOptions: + - CreateNamespace=true + managedNamespaceMetadata: + labels: +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} +{{- end }} diff --git a/root-applications/ibm-aibroker-instance-root/templates/040-ibm-aibroker-app.yaml b/root-applications/ibm-aibroker-instance-root/templates/040-ibm-aibroker-app.yaml new file mode 100644 index 000000000..7951919b1 --- /dev/null +++ b/root-applications/ibm-aibroker-instance-root/templates/040-ibm-aibroker-app.yaml @@ -0,0 +1,129 @@ +{{- if not (empty .Values.ibm_aibroker) }} +--- +# IBM Maximo aibroker +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: aibroker.{{ .Values.cluster.id }}.{{ .Values.instance.id }} + namespace: {{ .Values.argo.namespace }} + labels: + environment: '{{ .Values.account.id }}' + region: '{{ .Values.region.id }}' + cluster: '{{ .Values.cluster.id }}' + instance: '{{ .Values.instance.id }}' + annotations: + argocd.argoproj.io/sync-wave: "040" + healthCheckTimeout: "1800" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} + {{- end }} + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: "{{ .Values.argo.projects.apps }}" + destination: + server: {{ .Values.cluster.url }} + namespace: "{{ .Values.ibm_aibroker.aibroker_namespace }}" + source: + repoURL: "{{ .Values.source.repo_url }}" + path: instance-applications/113-ibm-aibroker + targetRevision: "{{ .Values.source.revision }}" + plugin: + name: {{ .Values.avp.name }} + env: + - name: {{ .Values.avp.values_varname }} + value: | + aibroker_namespace: "{{ .Values.ibm_aibroker.aibroker_namespace }}" + aibroker_instance_id: "{{ .Values.ibm_aibroker.aibroker_instance_id }}" + + mas_aibroker_storage_secret: "{{ .Values.ibm_aibroker.mas_aibroker_storage_secret }}" + mas_aibroker_mariadb_secret: "{{ .Values.ibm_aibroker.mas_aibroker_mariadb_secret }}" + mas_aibroker_db_user: "{{ .Values.ibm_aibroker.mas_aibroker_db_user }}" + mas_aibroker_db_secret_value: "{{ .Values.ibm_aibroker.mas_aibroker_db_secret_value }}" + + mas_aibroker_watsonx_secret: "{{ .Values.ibm_aibroker.mas_aibroker_watsonx_secret }}" + mas_aibroker_watsonxai_apikey: "{{ .Values.ibm_aibroker.mas_aibroker_watsonxai_apikey }}" + mas_aibroker_watsonxai_url: "{{ .Values.ibm_aibroker.mas_aibroker_watsonxai_url }}" + mas_aibroker_watsonxai_project_id: "{{ .Values.ibm_aibroker.mas_aibroker_watsonxai_project_id }}" + + s3_apikey: "{{ .Values.ibm_aibroker.s3_apikey }}" + mas_aibroker_storage_accesskey: "{{ .Values.ibm_aibroker.mas_aibroker_storage_accesskey }}" + mas_aibroker_storage_secretkey: "{{ .Values.ibm_aibroker.mas_aibroker_storage_secretkey }}" + + mas_aibroker_storage_host: "{{ .Values.ibm_aibroker.mas_aibroker_storage_host }}" + mas_aibroker_storage_port: "{{ .Values.ibm_aibroker.mas_aibroker_storage_port }}" + + mas_aibroker_sls_registration_key_secret: "{{ .Values.ibm_aibroker.mas_aibroker_sls_registration_key_secret }}" + slscfg_registration_key: "{{ .Values.ibm_aibroker.slscfg_registration_key }}" + + mas_aibroker_db_host: "{{ .Values.ibm_aibroker.mas_aibroker_db_host }}" + mas_aibroker_db_port: "{{ .Values.ibm_aibroker.mas_aibroker_db_port }}" + mas_aibroker_db_secret_name: "{{ .Values.ibm_aibroker.mas_aibroker_db_secret_name }}" + + mas_aibroker_storage_pipelines_bucket: "{{ .Values.ibm_aibroker.mas_aibroker_storage_pipelines_bucket }}" + mas_aibroker_storage_tenants_bucket: "{{ .Values.ibm_aibroker.mas_aibroker_storage_tenants_bucket }}" + mas_aibroker_storage_templates_bucket: "{{ .Values.ibm_aibroker.mas_aibroker_storage_templates_bucket }}" + + mas_aibroker_dro_token_secret: "{{ .Values.ibm_aibroker.mas_aibroker_dro_token_secret }}" + mas_aibroker_dro_cacert_secret: "{{ .Values.ibm_aibroker.mas_aibroker_dro_cacert_secret }}" + + drocfg_ca: "{{ .Values.ibm_aibroker.drocfg_ca }}" + drocfg_ca_tenant: "{{ .Values.ibm_aibroker.drocfg_ca_tenant }}" + drocfg_registration_key: "{{ .Values.ibm_aibroker.drocfg_registration_key }}" + drocfg_url: "{{ .Values.ibm_aibroker.drocfg_url }}" + mas_aibroker_db2_jdbc_secret: "{{ .Values.ibm_aibroker.mas_aibroker_db2_jdbc_secret }}" + + jdbccfg_username: "{{ .Values.ibm_aibroker.jdbccfg_username }}" + jdbccfg_password: "{{ .Values.ibm_aibroker.jdbccfg_password }}" + jdbccfg_url: "{{ .Values.ibm_aibroker.jdbccfg_url }}" + jdbccfg_sslenabled: "{{ .Values.ibm_aibroker.jdbccfg_sslenabled }}" + jdbccfg_ca: "{{ .Values.ibm_aibroker.jdbccfg_ca }}" + + mas_entitlement_username: "{{ .Values.ibm_aibroker.mas_entitlement_username }}" + mas_entitlement_key: "{{ .Values.ibm_aibroker.mas_entitlement_key }}" + artifactory_username: "{{ .Values.ibm_aibroker.artifactory_username }}" + artifactory_token: "{{ .Values.ibm_aibroker.artifactory_token }}" + mas_app_channel: "{{ .Values.ibm_aibroker.mas_app_channel }}" + + mas_catalog_source: "{{ .Values.ibm_aibroker.mas_catalog_source }}" + + mas_icr_cp: "{{ .Values.ibm_aibroker.mas_icr_cp }}" + mas_icr_cpopen: "{{ .Values.ibm_aibroker.mas_icr_cpopen }}" + in_saas_env: "{{ .Values.ibm_aibroker.in_saas_env }}" + is_external_route: "{{ .Values.ibm_aibroker.is_external_route }}" + cluster_domain: "{{ .Values.ibm_aibroker.cluster_domain }}" + environment_type: "{{ .Values.ibm_aibroker.environment_type }}" + mas_aibroker_s3_endpoint_url: "{{ .Values.ibm_aibroker.mas_aibroker_s3_endpoint_url }}" + mas_aibroker_s3_region: "{{ .Values.ibm_aibroker.mas_aibroker_s3_region }}" + mas_aibroker_s3_bucket_prefix: "{{ .Values.ibm_aibroker.mas_aibroker_s3_bucket_prefix }}" + + + junitreporter: + reporter_name: "ibm-aibroker-{{ .Values.instance.id }}" + cluster_id: "{{ .Values.cluster.id }}" + devops_mongo_uri: "{{ .Values.devops.mongo_uri }}" + devops_build_number: "{{ .Values.devops.build_number }}" + gitops_version: "{{ .Values.source.revision }}" + - name: ARGOCD_APP_NAME + value: aibrokerapp + {{- if not (empty .Values.avp.secret) }} + - name: AVP_SECRET + value: {{ .Values.avp.secret }} + {{- end }} + syncPolicy: + automated: + {{- if .Values.auto_delete }} + prune: true + {{- end }} + selfHeal: true + retry: + limit: 20 + syncOptions: + - CreateNamespace=true + managedNamespaceMetadata: + labels: +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/root-applications/ibm-aibroker-instance-root/templates/050-ibm-kmodels-app.yaml b/root-applications/ibm-aibroker-instance-root/templates/050-ibm-kmodels-app.yaml new file mode 100644 index 000000000..6b3e1bbd8 --- /dev/null +++ b/root-applications/ibm-aibroker-instance-root/templates/050-ibm-kmodels-app.yaml @@ -0,0 +1,95 @@ +{{- if not (empty .Values.ibm_kmodel) }} +--- +# IBM Maximo Kmodels +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: kmodel.{{ .Values.cluster.id }}.{{ .Values.instance.id }} + namespace: {{ .Values.argo.namespace }} + labels: + environment: '{{ .Values.account.id }}' + region: '{{ .Values.region.id }}' + cluster: '{{ .Values.cluster.id }}' + instance: '{{ .Values.instance.id }}' + annotations: + argocd.argoproj.io/sync-wave: "050" + healthCheckTimeout: "1800" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} + {{- end }} + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: "{{ .Values.argo.projects.apps }}" + destination: + server: {{ .Values.cluster.url }} + namespace: "{{ .Values.ibm_kmodel.openshift_namespace }}" + source: + repoURL: "{{ .Values.source.repo_url }}" + path: instance-applications/114-ibm-kmodels + targetRevision: "{{ .Values.source.revision }}" + plugin: + name: {{ .Values.avp.name }} + env: + - name: {{ .Values.avp.values_varname }} + value: | + openshift_namespace: "{{ .Values.ibm_kmodel.openshift_namespace }}" + run_sync_hooks: "{{ .Values.ibm_kmodel.run_sync_hooks }}" + aibroker_namespace: "{{ .Values.ibm_kmodel.aibroker_namespace }}" + mas_aibroker_storage_provider: "{{ .Values.ibm_kmodel.mas_aibroker_storage_provider }}" + mas_aibroker_storage_ssl: "{{ .Values.ibm_kmodel.mas_aibroker_storage_ssl }}" + mas_aibroker_storage_accesskey: "{{ .Values.ibm_kmodel.mas_aibroker_storage_accesskey }}" + mas_aibroker_storage_secretkey: "{{ .Values.ibm_kmodel.mas_aibroker_storage_secretkey }}" + mas_aibroker_storage_host: "{{ .Values.ibm_kmodel.mas_aibroker_storage_host }}" + mas_aibroker_storage_port: "{{ .Values.ibm_kmodel.mas_aibroker_storage_port }}" + mas_aibroker_storage_region: "{{ .Values.ibm_kmodel.mas_aibroker_storage_region }}" + ssh_secret_name: "{{ .Values.ibm_kmodel.ssh_secret_name }}" + pullSecretName: "{{ .Values.ibm_kmodel.pullSecretName }}" + docker_server: "{{ .Values.ibm_kmodel.docker_server }}" + tenantNamespace: "{{ .Values.ibm_kmodel.tenantNamespace }}" + mas_aibroker_provision_tenant: "{{ .Values.ibm_kmodel.mas_aibroker_provision_tenant }}" + primary_storage_class: "{{ .Values.ibm_kmodel.primary_storage_class }}" + mas_aibroker_storage_templates_bucket: "{{ .Values.ibm_kmodel.mas_aibroker_storage_templates_bucket }}" + mas_aibroker_storage_tenants_bucket: "{{ .Values.ibm_kmodel.mas_aibroker_storage_tenants_bucket }}" + mas_aibroker_storage_pipelines_bucket: "{{ .Values.ibm_kmodel.mas_aibroker_storage_pipelines_bucket }}" + image_store: "{{ .Values.ibm_kmodel.image_store }}" + image_watcher: "{{ .Values.ibm_kmodel.image_watcher }}" + image_controller: "{{ .Values.ibm_kmodel.image_controller }}" + mas_aibroker_pipeline_steps_tag: "{{ .Values.ibm_kmodel.mas_aibroker_pipeline_steps_tag }}" + mas_aibroker_connector_tag: "{{ .Values.ibm_kmodel.mas_aibroker_connector_tag }}" + aibroker_internal_tls: "{{ .Values.ibm_kmodel.aibroker_internal_tls }}" + mas_instance_id: "{{ .Values.ibm_kmodel.mas_instance_id }}" + model_id_unique_length: "{{ .Values.ibm_kmodel.model_id_unique_length }}" + model_id_prefix: "{{ .Values.ibm_kmodel.model_id_prefix }}" + + mas_icr_cp: "{{ .Values.ibm_aibroker.mas_icr_cp }}" + + junitreporter: + reporter_name: "ibm-kmodel-{{ .Values.instance.id }}" + cluster_id: "{{ .Values.cluster.id }}" + devops_mongo_uri: "{{ .Values.devops.mongo_uri }}" + devops_build_number: "{{ .Values.devops.build_number }}" + gitops_version: "{{ .Values.source.revision }}" + - name: ARGOCD_APP_NAME + value: kmodelapp + {{- if not (empty .Values.avp.secret) }} + - name: AVP_SECRET + value: {{ .Values.avp.secret }} + {{- end }} + syncPolicy: + automated: + {{- if .Values.auto_delete }} + prune: true + {{- end }} + selfHeal: true + retry: + limit: 20 + syncOptions: + - CreateNamespace=true + managedNamespaceMetadata: + labels: +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} +{{- end }} diff --git a/root-applications/ibm-aibroker-instance-root/templates/070-aibroker-tenant-appset.yaml b/root-applications/ibm-aibroker-instance-root/templates/070-aibroker-tenant-appset.yaml new file mode 100644 index 000000000..ec137b7c9 --- /dev/null +++ b/root-applications/ibm-aibroker-instance-root/templates/070-aibroker-tenant-appset.yaml @@ -0,0 +1,121 @@ + +--- +# IBM AiBroker Instance Application Set +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: ai-tenant-appset.{{ .Values.cluster.id }}.{{ .Values.instance.id }} + namespace: {{ .Values.argo.namespace }} + labels: + environment: '{{ .Values.account.id }}' + cluster: '{{ .Values.cluster.id }}' + instance: '{{ .Values.instance.id}}' + annotations: + argocd.argoproj.io/sync-wave: "070" +spec: + goTemplate: true + generators: + - merge: + mergeKeys: + # Would love to use ".path.path" here to merge the configs together + # but this is not possible currently with goTemplate: true - see https://github.com/argoproj/argo-cd/issues/12836 + # (and we really want goTemplate: true so we can dump the entire config file into HELM_VALUES using toPrettyJson) + # instead, we are forced to explicitly provide a merge key in all of our config files to make them line up + - 'merge-key' + generators: + # This is the "base" generator, it *must* be first in the list + - git: + repoURL: "{{ .Values.generator.repo_url }}" + revision: "{{ .Values.generator.revision }}" + files: + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/{{ .Values.instance.id }}/*/ibm-aibroker-tenant-base.yaml" + - git: + repoURL: "{{ .Values.generator.repo_url }}" + revision: "{{ .Values.generator.revision }}" + files: + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/{{ .Values.instance.id }}/*/ibm-aibroker-tenant.yaml" + syncPolicy: + applicationsSync: "{{- if .Values.auto_delete }}sync{{- else }}create-update{{- end }}" + template: + metadata: + name: "ai-tenant.{{ .Values.cluster.id }}.{{ .Values.instance.id }}.{{ `{{.tenant.id}}` }}" + labels: + environment: '{{ .Values.account.id }}' + cluster: '{{ .Values.cluster.id }}' + instance: '{{ .Values.instance.id }}' + tenant: '{{ `{{ .tenant.id }}` }}' +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} + annotations: + healthCheckTimeout: "1800" + argocd.argoproj.io/sync-wave: "070" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} + {{- end }} + spec: + project: "{{ .Values.argo.projects.rootapps }}" + source: + repoURL: "{{ .Values.source.repo_url }}" + targetRevision: "{{ .Values.source.revision }}" + path: root-applications/ibm-aibroker-tenant-root + helm: + releaseName: instanceappset + values: "{{ `{{ toYaml . }}` }}" + parameters: + - name: "generator.repo_url" + value: "{{ .Values.generator.repo_url }}" + - name: "generator.revision" + value: "{{ .Values.generator.revision }}" + - name: "source.revision" + value: "{{ .Values.source.revision }}" + - name: "source.repo_url" + value: "{{ .Values.source.repo_url }}" + - name: argo.namespace + value: "{{ .Values.argo.namespace }}" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + - name: "notifications.slack_channel_id" + value: "{{ .Values.notifications.slack_channel_id }}" + {{- end }} + - name: argo.projects.rootapps + value: "{{ .Values.argo.projects.rootapps }}" + - name: argo.projects.apps + value: "{{ .Values.argo.projects.apps }}" + - name: avp.name + value: "{{ .Values.avp.name }}" + - name: avp.secret + value: "{{ .Values.avp.secret }}" + - name: avp.values_varname + value: "{{ .Values.avp.values_varname }}" + - name: auto_delete + value: "{{ .Values.auto_delete }}" + - name: devops.mongo_uri + value: "{{ .Values.devops.mongo_uri }}" + - name: devops.build_number + value: "{{ .Values.devops.build_number }}" + destination: + server: 'https://kubernetes.default.svc' + namespace: {{ .Values.argo.namespace }} + syncPolicy: + automated: + {{- if .Values.auto_delete }} + prune: true + {{- end }} + selfHeal: true + syncOptions: + - CreateNamespace=false + - RespectIgnoreDifferences=true + retry: + limit: -1 + ignoreDifferences: + - group: '*' + kind: ServiceAccount + jsonPointers: + - /imagePullSecrets + - group: 'marketplace.redhat.com/v1alpha1' + kind: MarketplaceConfig + jsonPointers: + - /spec + # revisionHistoryLimit set to 1 due to size limit of what can be stored in etcd for anything larger + revisionHistoryLimit: 1 \ No newline at end of file diff --git a/root-applications/ibm-aibroker-instance-root/values.yaml b/root-applications/ibm-aibroker-instance-root/values.yaml new file mode 100644 index 000000000..59b5bef53 --- /dev/null +++ b/root-applications/ibm-aibroker-instance-root/values.yaml @@ -0,0 +1,326 @@ +--- + +avp: + name: "argocd-vault-plugin-helm" + secret: "" + values_varname: "HELM_VALUES" + +account: + id: dev + +cluster: + id: cluster1 + +region: + id: region1 + +instance: + id: inst1 + +tenant: + id: tenant1 + +generator: + repo_url: xxxx + +source: + repo_url: "https://github.com/ibm-mas/gitops" + revision: "poc" + +# Customers will definitely need to customise this (our gitops-envs/mas-dev repos are private), +# So deliberately not specifying defaults here; we want charts to refuse to render if these are not specified +# Both of these correspond to requirement arguments of the gitops-bootstrap CLI function (--github-url and --github-revision) +# generator: +# repo_url: "" +# revision: "" + +# These defaults align with the ArgoCD worker setup by gitops-bootstrap +# (openshift-gitops with a single ArgoCD project "mas") +argo: + namespace: "openshift-gitops" + projects: + rootapps: "mas" + apps: "mas" + + +auto_delete: false + +sm: + aws_access_key_id: xxxx + +run_sanity_test: false + +devops: + mongo_uri: + build_number: + +ibm_minio: + minio_namespace: "minio_namespace" + minio_instance_name: "minio" + minio_root_user: "minio" + minio_root_password: "" + minio_storage_class: "default" + minio_storage_size: "40Gi" + minio_image: "quay.io/minio/minio:latest" + + +ibm_odh: + openshift_namespace: "openshift-operators" + odh_pipeline_channel: "latest" + odh_pipeline_installplan: "Automatic" + service_mesh_namespace: "openshift-serverless" + service_mesh_channel: "stable" + service_mesh_catalog_source: "redhat-operators" + serverless_channel: "stable" + authorino_catalog_source: "community-operators" + odh_channel: "fast" + odh_catalog_source: "community-operators" + odh_operator_version: "opendatahub-operator.v2.11.1" + #Odh_Pipeline_operator + odh_pipeline_name: "openshift-pipelines-operator" + odh_pipeline_namespace: "openshift-operators" + odh_pipeline_operatorName: "openshift-pipelines-operator-rh" + odh_pipeline_source: "redhat_operators" + odh_pipeline_sourceNamespace: "openshift_marketplace" + + #Serverless Operator + serverless_namespace: "openshift-serverless" + serverless_operator_name: "serverless-operator" + serverless_operator_source: "redhat-operators" + serverless_operator_sourceNamespace: "openshift-marketplace" + + #opendatahub Operator + opendatahub_OperatorGroup_name: "opendatahub-operator-group" + opendatahub_name: "opendatahub-operator" + opendatahub_namespace: "opendatahub" + opendatahub_installPlanApproval: "Manual" + opendatahub_channel: "fast" + opendatahub_source: "community-operators" + opendatahub__sourceNamespace: "openshift-marketplace" + + aibroker_namespace: "mas_sremat_aibroker" + pull_secret_name: "ibm_entitlement" + mas_aibroker_storage_provider: "minio" + mas_aibroker_storage_accesskey: "" + mas_aibroker_storage_secretkey: "" + mas_aibroker_storage_host: "mas_aibroker_storage_host" + mas_aibroker_storage_port: "mas_aibroker_storage_port" + mas_aibroker_storage_ssl: "mas_aibroker_storage_ssl" + mas_aibroker_storage_region: "mas_aibroker_storage_region" + + # MariaDB + mas_aibroker_db_host: "mas_aibroker_db_host" + mas_aibroker_db_port: "mas_aibroker_db_port" + mas_aibroker_db_user: "mas_aibroker_db_user" + mas_aibroker_db_database: "mas_aibroker_db_database" + + mas_aibroker_db_secret_key: "mas_aibroker_db_secret_key" + mas_aibroker_db_secret_name: "mas_aibroker_db_secret_name" + mas_aibroker_db_secret_value: "mas_aibroker_db_secret_value" + + mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" + primary_storage_class: "nfs-client" + + +ibm_kmodel: + aibroker_instance_id: "aibroker_instance_id" + aibroker_internal_tls: "aibroker_internal_tls" + aibroker_namespace: "mas-sremat-aibroker" + + mas_aibroker_storage_provider: "minio" + mas_aibroker_storage_ssl: "false" + + openshift_namespace: "openshift-operators" + run_sync_hooks: true + + + # following are the variable need to injected via environment variable + mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" + mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" + mas_aibroker_storage_host: "mas_aibroker_storage_host" + mas_aibroker_storage_port: "mas_aibroker_storage_port" + mas_aibroker_storage_region: "mas_aibroker_storage_region" + ssh_secret_name: "sremat-kmodel-aibroker-tls" + # vars file for kmodels + pullSecretName: "pullSecretName" + docker_server: "MAS_ICR_CP/aibroker" + tenantNamespace: "aibroker-MAS_AIBROKER_TENANT_NAME" + # mas_aibroker_provision_tenant: "MAS_AIBROKER_PROVISION_TENANT" + primary_storage_class: "PRIMARY_STORAGE_CLASS" + # Bucket names + mas_aibroker_storage_templates_bucket: "mas_aibroker_storage_templates_bucket" + mas_aibroker_storage_tenants_bucket: "mas_aibroker_storage_tenants_bucket" + mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" + #container images + image_store: "MAS_ICR_CP/aibroker/store:1.0.2" + image_watcher: "MAS_ICR_CP/aibroker/watcher:1.0.2-pre.dev10x" + image_controller: "MAS_ICR_CP/aibroker/controller:1.0.2-pre.dev10x" + mas_aibroker_pipeline_steps_tag: 1.0.0 + mas_aibroker_connector_tag: 1.0.0 + + # model + # model_id_unique_length: "model_id_unique_length" + # model_id_prefix: "model_id_prefix" + + # Source container registry + # ----------------------------------------------------------------------------- + # mas_icr_cp: "cp.icr.io/cp" + mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + +ibm_aibroker: + aibroker_instance_id: aibroker_instance_id + aibroker_namespace: 'mas-{{ aibroker_instance_id }}-aibroker' + mas_aibroker_storage_secret: "mas_aibroker_storage_secret" + # Minio + mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" + mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" + # MariaDB + mas_aibroker_mariadb_secret: "mas_aibroker_mariadb_secret" + mas_aibroker_db_user: "mas_aibroker_db_user" + mas_aibroker_db_secret_value: "mas_aibroker_db_secret_value" + + # WatsonX + mas_aibroker_watsonx_secret: "mas_aibroker_watsonx_secret" + mas_aibroker_watsonxai_apikey: "MAS_AIBROKER_WATSONXAI_APIKEY" + mas_aibroker_watsonxai_url: "MAS_AIBROKER_WATSONXAI_URL" + mas_aibroker_watsonxai_project_id: "MAS_AIBROKER_WATSONXAI_PROJECT_ID" + + # S3 + s3_apikey: "S3_APIKEY" + mas_aibroker_storage_accesskey: "true" + mas_aibroker_storage_secretkey: "MAS_AIBROKER_STORAGE_SECRETKEY" + + mas_aibroker_storage_host: "true" + mas_aibroker_storage_port: "true" + + # SLS + mas_aibroker_sls_registration_key_secret: "sls-registration-key" + + mas_aibroker_db_host: "mas_aibroker_db_host" + mas_aibroker_db_port: "mas_aibroker_db_port" + mas_aibroker_db_secret_name: "mas_aibroker_db_secret_name" + + # Bucket names + mas_aibroker_storage_pipelines_bucket: "MAS_AIBROKER_STORAGE_PIPELINES_BUCKET" + mas_aibroker_storage_tenants_bucket: "mas_aibroker_storage_tenants_bucket" + mas_aibroker_storage_templates_bucket: "MAS_AIBROKER_STORAGE_TEMPLATES_BUCKET" + + slscfg_registration_key: "slscfg_registration_key" + + # DRO + mas_aibroker_dro_token_secret: "dro-token" + mas_aibroker_dro_cacert_secret: "dro-certificates" + + drocfg_ca: "drocfg_ca" + drocfg_registration_key: "drocfg_registration_key" + drocfg_url: "drocfg_url" + + + # JDBC + mas_aibroker_db2_jdbc_secret: "aibroker-jdbccfg" + + jdbccfg_username: "jdbccfg_username" + jdbccfg_password: "jdbccfg_password" + jdbccfg_url: "jdbccfg_url" + jdbccfg_sslenabled: "jdbccfg_sslenabled" + jdbccfg_ca: "jdbccfg_ca" + + # MAS Entitlement + #mas_entitlement_username: "cp" + mas_entitlement_username: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + mas_entitlement_key: "mas_entitlement_key" + + # Development Registry Entitlement + artifactory_username: "artifactory_username" + artifactory_token: "artifactory_token" + + # Environment Variable: + mas_app_channel: "mas_app_channel" + + # aibroker vars + mas_catalog_source: "mas_catalog_source" + + # Source container registry + # ----------------------------------------------------------------------------- + # mas_icr_cp: "cp.icr.io/cp" + # mas_icr_cpopen: "icr.io/cpopen" + mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + mas_icr_cpopen: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local/cpopen" + + cluster_domain: cluster_domain + in_saas_env: "in_saas_env" + route_type: "route_type" + mas_aibroker_s3_endpoint_url: "mas_aibroker_s3_endpoint_url" + mas_aibroker_s3_region: "mas_aibroker_s3_region" + mas_aibroker_s3_bucket_prefix: "mas_aibroker_s3_bucket_prefix" + environment_type: "environment_type" + +ibm_aibroker_tenant: + aibroker_instance_id: aibroker_instance_id + aibroker_namespace: 'mas-{{ aibroker_instance_id }}-aibroker' + ibm_entitlement_key: "" + openshift_namespace: "openshift-operators" + # SAAS + aibroker_saas_apikey: "AIBROKER_SAAS_APIKEY" + # in_saas_env: "true" + mas_aibroker_saas: "false" + mas_aibroker_provision_tenant: "mas_aibroker_provision_tenant" + + # Tenant + artifactory_token: "artifactory_token" + mas_aibroker_tenant_name: "user" + tenant_action: "true" + tenantNamespace: 'aibroker-{{ mas_aibroker_tenant_name }}' + + # cluster_domain: "" + mas_icr_cp: "cp.icr.io/cp" + mas_icr_cpopen: "icr.io/cpopen" + + # DRO + # mas_aibroker_dro_token_secret: "dro-token" + mas_aibroker_dro_cacert_secret: "dro-certificates" + + drocfg_ca: "drocfg_ca" + drocfg_registration_key: "drocfg_registration_key" + drocfg_url: "drocfg_url" + + #sls + slscfg_registration_key: "slscfg_registration_key" + slscfg_url: "slscfg_url" + # slscfg_clientId: "slscfg_clientId" + # slscfg_ca: "slscfg_ca" + # slscfg_tls: "slscfg_tls" + # slscfg_key: "slscfg_key" + #RSL ##review + rsl_url: "rsl_url" + rsl_org_id: "rsl_org_id" + mas_aibroker_rsl_secret: "mas_aibroker_rsl_secret" + + + # WatsonX + mas_aibroker_watsonxai_apikey: MAS_AIBROKER_WATSONXAI_APIKEY + mas_aibroker_watsonxai_url: MAS_AIBROKER_WATSONXAI_URL + mas_aibroker_watsonxai_project_id: MAS_AIBROKER_WATSONXAI_PROJECT_ID + + # SLS + #mas_aibroker_sls_registration_key_secret: "sls-registration-key" + mas_aibroker_sls_subscription_id: "001" + + # S3 + mas_aibroker_storage_provider: "aws" + mas_aibroker_storage_ssl: "true" + # following are the variable need to injected via environment variable + mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" + mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" + mas_aibroker_storage_host: "mas_aibroker_storage_host" + mas_aibroker_storage_port: "mas_aibroker_storage_port" + mas_aibroker_storage_region: "mas_aibroker_storage_region" + + # mas_aibroker_storage_pipelines_bucket: "aibrokeruser-training-bucket" + mas_aibroker_s3_endpoint_url: "MAS_AIBROKER_TENANT_S3_ENDPOINT_URL" + mas_aibroker_s3_region: "MAS_AIBROKER_TENANT_S3_REGION" + mas_aibroker_s3_bucket_prefix: "MAS_AIBROKER_TENANT_S3_BUCKET_PREFIX" + + tenant_entitlement_type: "MAS_AIBROKER_TENANT_ENTITLEMENT_TYPE" + tenant_entitlement_start_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_START_DATE" + tenant_entitlement_end_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_END_DATE" diff --git a/root-applications/ibm-aibroker-tenant-root/Chart.yaml b/root-applications/ibm-aibroker-tenant-root/Chart.yaml new file mode 100644 index 000000000..1ed6c0ab2 --- /dev/null +++ b/root-applications/ibm-aibroker-tenant-root/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +name: ibm-aibroker-tenant-root +description: IBM AIBroker tenant root +type: application +version: 1.0.0 diff --git a/root-applications/ibm-aibroker-tenant-root/README.md b/root-applications/ibm-aibroker-tenant-root/README.md new file mode 100644 index 000000000..f63a00c8e --- /dev/null +++ b/root-applications/ibm-aibroker-tenant-root/README.md @@ -0,0 +1,3 @@ +IBM AIBroker Tenant Root Application +=============================================================================== +Installs various ArgoCD Applications for managing instance-level AIBroker dependencies (e.g. Minio, ODH etc) and AIBroker Applications (e.g. kmodel, aibroker-tenant etc) on the target cluster. \ No newline at end of file diff --git a/root-applications/ibm-aibroker-tenant-root/templates/100-ibm-aibroker-tenant-app.yaml b/root-applications/ibm-aibroker-tenant-root/templates/100-ibm-aibroker-tenant-app.yaml new file mode 100644 index 000000000..ecc7ba095 --- /dev/null +++ b/root-applications/ibm-aibroker-tenant-root/templates/100-ibm-aibroker-tenant-app.yaml @@ -0,0 +1,133 @@ +{{- if not (empty .Values.ibm_aibroker_tenant) }} +--- +# IBM Maximo aibroker-tenant +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: aibroker-tenant.{{ .Values.cluster.id }}.{{ .Values.instance.id }}.{{ .Values.tenant.id }} + namespace: {{ .Values.argo.namespace }} + labels: + environment: '{{ .Values.account.id }}' + region: '{{ .Values.region.id }}' + cluster: '{{ .Values.cluster.id }}' + instance: '{{ .Values.instance.id }}' + tenant: '{{ .Values.tenant.id }}' + annotations: + argocd.argoproj.io/sync-wave: "100" + healthCheckTimeout: "1800" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} + {{- end }} + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: "{{ .Values.argo.projects.apps }}" + destination: + server: {{ .Values.cluster.url }} + namespace: "{{ .Values.ibm_aibroker_tenant.aibroker_namespace }}" + source: + repoURL: "{{ .Values.source.repo_url }}" + path: instance-applications/115-ibm-aibroker-tenant + targetRevision: "{{ .Values.source.revision }}" + plugin: + name: {{ .Values.avp.name }} + env: + - name: {{ .Values.avp.values_varname }} + value: | + tenant_id: "{{ .Values.ibm_aibroker_tenant.tenant_id }}" + aibroker_instance_id: "{{ .Values.ibm_aibroker_tenant.aibroker_instance_id }}" + aibroker_namespace: "{{ .Values.ibm_aibroker_tenant.aibroker_namespace }}" + ibm_entitlement_key: "{{ .Values.ibm_aibroker_tenant.ibm_entitlement_key }}" + + # SAAS + aibroker_saas_apikey: "{{ .Values.ibm_aibroker_tenant.aibroker_saas_apikey }}" + # in_saas_env: "{{ .Values.ibm_aibroker_tenant.in_saas_env }}" + mas_aibroker_saas: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_saas }}" + mas_aibroker_provision_tenant: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_provision_tenant }}" + + # Tenant + artifactory_token: "{{ .Values.ibm_aibroker_tenant.artifactory_token }}" + mas_aibroker_tenant_name: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_tenant_name }}" + tenant_action: "{{ .Values.ibm_aibroker_tenant.tenant_action }}" + tenantNamespace: "{{ .Values.ibm_aibroker_tenant.tenantNamespace }}" + + # cluster_domain: "{{ .Values.ibm_aibroker_tenant.cluster_domain }}" + mas_icr_cp: "{{ .Values.ibm_aibroker_tenant.mas_icr_cp }}" + mas_icr_cpopen: "{{ .Values.ibm_aibroker_tenant.mas_icr_cpopen }}" + + # DRO + # mas_aibroker_dro_token_secret: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_dro_token_secret }}" + mas_aibroker_dro_cacert_secret: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_dro_cacert_secret }}" + + drocfg_ca: "{{ .Values.ibm_aibroker_tenant.drocfg_ca }}" + drocfg_registration_key: "{{ .Values.ibm_aibroker_tenant.drocfg_registration_key }}" + drocfg_url: "{{ .Values.ibm_aibroker_tenant.drocfg_url }}" + + #sls + slscfg_registration_key: "{{ .Values.ibm_aibroker_tenant.slscfg_registration_key }}" + slscfg_url: "{{ .Values.ibm_aibroker_tenant.slscfg_url }}" + # slscfg_clientId: "{{ .Values.ibm_aibroker_tenant.slscfg_clientId }}" + slscfg_ca: "{{ .Values.ibm_aibroker_tenant.slscfg_ca }}" + slscfg_ca_tenant: "{{ .Values.ibm_aibroker_tenant.slscfg_ca_tenant }}" + # slscfg_tls: "{{ .Values.ibm_aibroker_tenant.slscfg_tls }}" + # slscfg_key: "{{ .Values.ibm_aibroker_tenant.slscfg_key }}" + + # WatsonX + mas_aibroker_watsonxai_apikey: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_watsonxai_apikey }}" + mas_aibroker_watsonxai_url: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_watsonxai_url }}" + mas_aibroker_watsonxai_project_id: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_watsonxai_project_id }}" + + # SLS + mas_aibroker_sls_subscription_id: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_sls_subscription_id }}" + + #rsl + rsl_url: "{{ .Values.ibm_aibroker_tenant.rsl_url }}" + rsl_org_id: "{{ .Values.ibm_aibroker_tenant.rsl_org_id }}" + rsl_token: "{{ .Values.ibm_aibroker_tenant.rsl_token }}" + + # S3 + mas_aibroker_storage_provider: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_provider }}" + mas_aibroker_storage_ssl: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_ssl }}" + mas_aibroker_storage_accesskey: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_accesskey }}" + mas_aibroker_storage_secretkey: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_secretkey }}" + mas_aibroker_storage_host: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_host }}" + mas_aibroker_storage_port: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_port }}" + mas_aibroker_storage_region: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_region }}" + # mas_aibroker_storage_pipelines_bucket: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_pipelines_bucket }}" + mas_aibroker_s3_endpoint_url: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_s3_endpoint_url }}" + mas_aibroker_s3_region: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_s3_region }}" + mas_aibroker_s3_bucket_prefix: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_s3_bucket_prefix }}" + tenant_entitlement_type: "{{ .Values.ibm_aibroker_tenant.tenant_entitlement_type }}" + tenant_entitlement_start_date: "{{ .Values.ibm_aibroker_tenant.tenant_entitlement_start_date }}" + tenant_entitlement_end_date: "{{ .Values.ibm_aibroker_tenant.tenant_entitlement_end_date }}" + + + junitreporter: + reporter_name: "ibm-aibroker-tenant-{{ .Values.instance.id }}" + cluster_id: "{{ .Values.cluster.id }}" + devops_mongo_uri: "{{ .Values.devops.mongo_uri }}" + devops_build_number: "{{ .Values.devops.build_number }}" + gitops_version: "{{ .Values.source.revision }}" + - name: ARGOCD_APP_NAME + value: aibrokertenantapp + {{- if not (empty .Values.avp.secret) }} + - name: AVP_SECRET + value: {{ .Values.avp.secret }} + {{- end }} + syncPolicy: + automated: + {{- if .Values.auto_delete }} + prune: true + {{- end }} + selfHeal: true + retry: + limit: 20 + syncOptions: + - CreateNamespace=true + managedNamespaceMetadata: + labels: +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/root-applications/ibm-aibroker-tenant-root/values.yaml b/root-applications/ibm-aibroker-tenant-root/values.yaml new file mode 100644 index 000000000..046d341b5 --- /dev/null +++ b/root-applications/ibm-aibroker-tenant-root/values.yaml @@ -0,0 +1,323 @@ +--- + +avp: + name: "argocd-vault-plugin-helm" + secret: "" + values_varname: "HELM_VALUES" + +account: + id: dev + +cluster: + id: cluster1 + +region: + id: region1 + +instance: + id: inst1 + +tenant: + id: aibroker-tenant01 + +source: + repo_url: "https://github.com/ibm-mas/gitops" + revision: "poc" + +# Customers will definitely need to customise this (our gitops-envs/mas-dev repos are private), +# So deliberately not specifying defaults here; we want charts to refuse to render if these are not specified +# Both of these correspond to requirement arguments of the gitops-bootstrap CLI function (--github-url and --github-revision) +# generator: +# repo_url: "" +# revision: "" + +# These defaults align with the ArgoCD worker setup by gitops-bootstrap +# (openshift-gitops with a single ArgoCD project "mas") +argo: + namespace: "openshift-gitops" + projects: + rootapps: "mas" + apps: "mas" + + +auto_delete: false + +sm: + aws_access_key_id: xxxx + +run_sanity_test: false + +devops: + mongo_uri: + build_number: + +ibm_minio: + minio_namespace: "minio_namespace" + minio_instance_name: "minio" + minio_root_user: "minio" + minio_root_password: "" + minio_storage_class: "default" + minio_storage_size: "40Gi" + minio_image: "quay.io/minio/minio:latest" + + +ibm_odh: + openshift_namespace: "openshift-operators" + odh_pipeline_channel: "latest" + odh_pipeline_installplan: "Automatic" + service_mesh_namespace: "openshift-serverless" + service_mesh_channel: "stable" + service_mesh_catalog_source: "redhat-operators" + serverless_channel: "stable" + authorino_catalog_source: "community-operators" + odh_channel: "fast" + odh_catalog_source: "community-operators" + odh_operator_version: "opendatahub-operator.v2.11.1" + #Odh_Pipeline_operator + odh_pipeline_name: "openshift-pipelines-operator" + odh_pipeline_namespace: "openshift-operators" + odh_pipeline_operatorName: "openshift-pipelines-operator-rh" + odh_pipeline_source: "redhat_operators" + odh_pipeline_sourceNamespace: "openshift_marketplace" + + #Serverless Operator + serverless_namespace: "openshift-serverless" + serverless_operator_name: "serverless-operator" + serverless_operator_source: "redhat-operators" + serverless_operator_sourceNamespace: "openshift-marketplace" + + #opendatahub Operator + opendatahub_OperatorGroup_name: "opendatahub-operator-group" + opendatahub_name: "opendatahub-operator" + opendatahub_namespace: "opendatahub" + opendatahub_installPlanApproval: "Manual" + opendatahub_channel: "fast" + opendatahub_source: "community-operators" + opendatahub__sourceNamespace: "openshift-marketplace" + + aibroker_namespace: "mas_sremat_aibroker" + pull_secret_name: "ibm_entitlement" + mas_aibroker_storage_provider: "minio" + mas_aibroker_storage_accesskey: "" + mas_aibroker_storage_secretkey: "" + mas_aibroker_storage_host: "mas_aibroker_storage_host" + mas_aibroker_storage_port: "mas_aibroker_storage_port" + mas_aibroker_storage_ssl: "mas_aibroker_storage_ssl" + mas_aibroker_storage_region: "mas_aibroker_storage_region" + + # MariaDB + mas_aibroker_db_host: "mas_aibroker_db_host" + mas_aibroker_db_port: "mas_aibroker_db_port" + mas_aibroker_db_user: "mas_aibroker_db_user" + mas_aibroker_db_database: "mas_aibroker_db_database" + + mas_aibroker_db_secret_key: "mas_aibroker_db_secret_key" + mas_aibroker_db_secret_name: "mas_aibroker_db_secret_name" + mas_aibroker_db_secret_value: "mas_aibroker_db_secret_value" + + mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" + primary_storage_class: "nfs-client" + + +ibm_kmodel: + mas_instance_id: "mas_instance_id" + aibroker_internal_tls: "aibroker_internal_tls" + aibroker_namespace: "mas-sremat-aibroker" + + mas_aibroker_storage_provider: "minio" + mas_aibroker_storage_ssl: "false" + + openshift_namespace: "openshift-operators" + run_sync_hooks: true + + + # following are the variable need to injected via environment variable + mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" + mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" + mas_aibroker_storage_host: "mas_aibroker_storage_host" + mas_aibroker_storage_port: "mas_aibroker_storage_port" + mas_aibroker_storage_region: "mas_aibroker_storage_region" + ssh_secret_name: "sremat-kmodel-aibroker-tls" + # vars file for kmodels + pullSecretName: "pullSecretName" + docker_server: "MAS_ICR_CP/aibroker" + tenantNamespace: "aibroker-MAS_AIBROKER_TENANT_NAME" + # mas_aibroker_provision_tenant: "MAS_AIBROKER_PROVISION_TENANT" + primary_storage_class: "PRIMARY_STORAGE_CLASS" + # Bucket names + mas_aibroker_storage_templates_bucket: "mas_aibroker_storage_templates_bucket" + mas_aibroker_storage_tenants_bucket: "mas_aibroker_storage_tenants_bucket" + mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" + #container images + image_store: "MAS_ICR_CP/aibroker/store:1.0.2" + image_watcher: "MAS_ICR_CP/aibroker/watcher:1.0.2-pre.dev10x" + image_controller: "MAS_ICR_CP/aibroker/controller:1.0.2-pre.dev10x" + mas_aibroker_pipeline_steps_tag: 1.0.0 + mas_aibroker_connector_tag: 1.0.0 + + # model + # model_id_unique_length: "model_id_unique_length" + # model_id_prefix: "model_id_prefix" + + # Source container registry + # ----------------------------------------------------------------------------- + # mas_icr_cp: "cp.icr.io/cp" + mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + +ibm_aibroker: + mas_instance_id: "mas_instance_id" + aibroker_namespace: 'mas-{{ mas_instance_id }}-aibroker' + mas_aibroker_minio_secret: "mas_aibroker_minio_secret" + # Minio + mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" + mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" + # MariaDB + mas_aibroker_mariadb_secret: "mas_aibroker_mariadb_secret" + mas_aibroker_db_user: "mas_aibroker_db_user" + mas_aibroker_db_secret_value: "mas_aibroker_db_secret_value" + + # WatsonX + mas_aibroker_watsonx_secret: "mas_aibroker_watsonx_secret" + mas_aibroker_watsonxai_apikey: "MAS_AIBROKER_WATSONXAI_APIKEY" + mas_aibroker_watsonxai_url: "MAS_AIBROKER_WATSONXAI_URL" + mas_aibroker_watsonxai_project_id: "MAS_AIBROKER_WATSONXAI_PROJECT_ID" + + # S3 + s3_apikey: "S3_APIKEY" + mas_aibroker_storage_accesskey: "true" + mas_aibroker_storage_secretkey: "MAS_AIBROKER_STORAGE_SECRETKEY" + + mas_aibroker_storage_host: "true" + mas_aibroker_storage_port: "true" + + # SLS + mas_aibroker_sls_registration_key_secret: "sls-registration-key" + + mas_aibroker_db_host: "mas_aibroker_db_host" + mas_aibroker_db_port: "mas_aibroker_db_port" + mas_aibroker_db_secret_name: "mas_aibroker_db_secret_name" + + # Bucket names + mas_aibroker_storage_pipelines_bucket: "MAS_AIBROKER_STORAGE_PIPELINES_BUCKET" + mas_aibroker_storage_tenants_bucket: "mas_aibroker_storage_tenants_bucket" + mas_aibroker_storage_templates_bucket: "MAS_AIBROKER_STORAGE_TEMPLATES_BUCKET" + + slscfg_registration_key: "slscfg_registration_key" + + # DRO + mas_aibroker_dro_token_secret: "dro-token" + mas_aibroker_dro_cacert_secret: "dro-certificates" + + drocfg_ca: "drocfg_ca" + drocfg_registration_key: "drocfg_registration_key" + drocfg_url: "drocfg_url" + + + # JDBC + mas_aibroker_db2_jdbc_secret: "aibroker-jdbccfg" + + jdbccfg_username: "jdbccfg_username" + jdbccfg_password: "jdbccfg_password" + jdbccfg_url: "jdbccfg_url" + jdbccfg_sslenabled: "jdbccfg_sslenabled" + jdbccfg_ca: "jdbccfg_ca" + + # MAS Entitlement + #mas_entitlement_username: "cp" + mas_entitlement_username: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + mas_entitlement_key: "mas_entitlement_key" + + # Development Registry Entitlement + artifactory_username: "artifactory_username" + artifactory_token: "artifactory_token" + + # Environment Variable: + mas_app_channel: "mas_app_channel" + + # aibroker vars + mas_catalog_source: "mas_catalog_source" + + # Source container registry + # ----------------------------------------------------------------------------- + # mas_icr_cp: "cp.icr.io/cp" + # mas_icr_cpopen: "icr.io/cpopen" + mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + mas_icr_cpopen: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local/cpopen" + + cluster_domain: cluster_domain + in_saas_env: "in_saas_env" + + mas_aibroker_s3_endpoint_url: "mas_aibroker_s3_endpoint_url" + mas_aibroker_s3_region: "mas_aibroker_s3_region" + mas_aibroker_s3_bucket_prefix: "mas_aibroker_s3_bucket_prefix" + environment_type: "environment_type" + +ibm_aibroker_tenant: + mas_instance_id: "MAS_INSTANCE_ID" + aibroker_namespace: 'mas-{{ mas_instance_id }}-aibroker' + ibm_entitlement_key: "" + + # SAAS + aibroker_saas_apikey: "AIBROKER_SAAS_APIKEY" + # in_saas_env: "true" + mas_aibroker_saas: "false" + mas_aibroker_provision_tenant: "mas_aibroker_provision_tenant" + + # Tenant + artifactory_token: "artifactory_token" + mas_aibroker_tenant_name: "user" + tenant_action: "true" + tenantNamespace: 'aibroker-{{ mas_aibroker_tenant_name }}' + + # cluster_domain: "" + mas_icr_cp: "cp.icr.io/cp" + mas_icr_cpopen: "icr.io/cpopen" + + # DRO + # mas_aibroker_dro_token_secret: "dro-token" + mas_aibroker_dro_cacert_secret: "dro-certificates" + + drocfg_ca: "drocfg_ca" + drocfg_registration_key: "drocfg_registration_key" + drocfg_url: "drocfg_url" + + #sls + slscfg_registration_key: "slscfg_registration_key" + slscfg_url: "slscfg_url" + # slscfg_clientId: "slscfg_clientId" + # slscfg_ca: "slscfg_ca" + # slscfg_tls: "slscfg_tls" + # slscfg_key: "slscfg_key" + #RSL ##review + rsl_url: "rsl_url" + rsl_org_id: "rsl_org_id" + mas_aibroker_rsl_secret: "mas_aibroker_rsl_secret" + + + # WatsonX + mas_aibroker_watsonxai_apikey: MAS_AIBROKER_WATSONXAI_APIKEY + mas_aibroker_watsonxai_url: MAS_AIBROKER_WATSONXAI_URL + mas_aibroker_watsonxai_project_id: MAS_AIBROKER_WATSONXAI_PROJECT_ID + + # SLS + #mas_aibroker_sls_registration_key_secret: "sls-registration-key" + mas_aibroker_sls_subscription_id: "001" + + # S3 + mas_aibroker_storage_provider: "aws" + mas_aibroker_storage_ssl: "true" + # following are the variable need to injected via environment variable + mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" + mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" + mas_aibroker_storage_host: "mas_aibroker_storage_host" + mas_aibroker_storage_port: "mas_aibroker_storage_port" + mas_aibroker_storage_region: "mas_aibroker_storage_region" + + # mas_aibroker_storage_pipelines_bucket: "aibrokeruser-training-bucket" + mas_aibroker_s3_endpoint_url: "MAS_AIBROKER_TENANT_S3_ENDPOINT_URL" + mas_aibroker_s3_region: "MAS_AIBROKER_TENANT_S3_REGION" + mas_aibroker_s3_bucket_prefix: "MAS_AIBROKER_TENANT_S3_BUCKET_PREFIX" + + tenant_entitlement_type: "MAS_AIBROKER_TENANT_ENTITLEMENT_TYPE" + tenant_entitlement_start_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_START_DATE" + tenant_entitlement_end_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_END_DATE" diff --git a/root-applications/ibm-mas-cluster-root/README.md b/root-applications/ibm-mas-cluster-root/README.md index 69501b008..6a3c21af5 100644 --- a/root-applications/ibm-mas-cluster-root/README.md +++ b/root-applications/ibm-mas-cluster-root/README.md @@ -3,3 +3,5 @@ IBM MAS Cluster Root Application Installs various ArgoCD Applications for managing dependencies shared by MAS instances on the target cluster. Also installs the MAS Instance Root ArgoCD ApplicationSet (`099-instance-appset.yaml`) responsible for generating a set of IBM MAS Instance Root ArgoCD Applications for managing MAS instances on the target cluster. + +Also installs the Aibroker Instance Root ArgoCD ApplicationSet (`099-Aibroker-instance-appset.yaml`) responsible for generating a set of IBM Aibroker Instance Root ArgoCD Applications for managing Aibroker instances on the target cluster. \ No newline at end of file diff --git a/root-applications/ibm-mas-cluster-root/templates/099-aibroker-instance-appset.yaml b/root-applications/ibm-mas-cluster-root/templates/099-aibroker-instance-appset.yaml new file mode 100644 index 000000000..5f7d15547 --- /dev/null +++ b/root-applications/ibm-mas-cluster-root/templates/099-aibroker-instance-appset.yaml @@ -0,0 +1,131 @@ + +--- +# IBM AiBroker Instance Application Set +apiVersion: argoproj.io/v1alpha1 +kind: ApplicationSet +metadata: + name: aibroker-instance-appset.{{ .Values.cluster.id }} + namespace: {{ .Values.argo.namespace }} + labels: + environment: '{{ .Values.account.id }}' +# region: '{{ .Values.region.id }}' + cluster: '{{ .Values.cluster.id }}' + annotations: + argocd.argoproj.io/sync-wave: "099" +spec: + goTemplate: true + generators: + - merge: + mergeKeys: + # Would love to use ".path.path" here to merge the configs together + # but this is not possible currently with goTemplate: true - see https://github.com/argoproj/argo-cd/issues/12836 + # (and we really want goTemplate: true so we can dump the entire config file into HELM_VALUES using toPrettyJson) + # instead, we are forced to explicitly provide a merge key in all of our config files to make them line up + - 'merge-key' + generators: + # This is the "base" generator, it *must* be first in the list + - git: + repoURL: "{{ .Values.generator.repo_url }}" + revision: "{{ .Values.generator.revision }}" + files: + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-aibroker-instance-base.yaml" + - git: + repoURL: "{{ .Values.generator.repo_url }}" + revision: "{{ .Values.generator.revision }}" + files: + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-mas-odh-install.yaml" + - git: + repoURL: "{{ .Values.generator.repo_url }}" + revision: "{{ .Values.generator.revision }}" + files: + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-aibroker.yaml" + - git: + repoURL: "{{ .Values.generator.repo_url }}" + revision: "{{ .Values.generator.revision }}" + files: + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-kmodel.yaml" + syncPolicy: + applicationsSync: "{{- if .Values.auto_delete }}sync{{- else }}create-update{{- end }}" + template: + metadata: + name: "aibroker-instance.{{ .Values.cluster.id }}.{{ `{{.instance.id}}` }}" + labels: + environment: '{{ .Values.account.id }}' + # region: '{{ .Values.region.id }}' + cluster: '{{ .Values.cluster.id }}' + instance: '{{ `{{.instance.id}}` }}' +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} + annotations: + healthCheckTimeout: "1800" + argocd.argoproj.io/sync-wave: "099" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} + {{- end }} + spec: + project: "{{ .Values.argo.projects.rootapps }}" + source: + repoURL: "{{ .Values.source.repo_url }}" + targetRevision: "{{ .Values.source.revision }}" + path: root-applications/ibm-aibroker-instance-root + helm: + releaseName: instanceappset + values: "{{ `{{ toYaml . }}` }}" + parameters: + - name: "generator.repo_url" + value: "{{ .Values.generator.repo_url }}" + - name: "generator.revision" + value: "{{ .Values.generator.revision }}" + - name: "source.revision" + value: "{{ .Values.source.revision }}" + - name: "source.repo_url" + value: "{{ .Values.source.repo_url }}" + - name: argo.namespace + value: "{{ .Values.argo.namespace }}" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + - name: "notifications.slack_channel_id" + value: "{{ .Values.notifications.slack_channel_id }}" + {{- end }} + - name: argo.projects.rootapps + value: "{{ .Values.argo.projects.rootapps }}" + - name: argo.projects.apps + value: "{{ .Values.argo.projects.apps }}" + - name: avp.name + value: "{{ .Values.avp.name }}" + - name: avp.secret + value: "{{ .Values.avp.secret }}" + - name: avp.values_varname + value: "{{ .Values.avp.values_varname }}" + - name: auto_delete + value: "{{ .Values.auto_delete }}" + - name: devops.mongo_uri + value: "{{ .Values.devops.mongo_uri }}" + - name: devops.build_number + value: "{{ .Values.devops.build_number }}" + destination: + server: 'https://kubernetes.default.svc' + namespace: {{ .Values.argo.namespace }} + syncPolicy: + automated: + {{- if .Values.auto_delete }} + prune: true + {{- end }} + selfHeal: true + syncOptions: + - CreateNamespace=false + - RespectIgnoreDifferences=true + retry: + limit: -1 + ignoreDifferences: + - group: '*' + kind: ServiceAccount + jsonPointers: + - /imagePullSecrets + - group: 'marketplace.redhat.com/v1alpha1' + kind: MarketplaceConfig + jsonPointers: + - /spec + # revisionHistoryLimit set to 1 due to size limit of what can be stored in etcd for anything larger + revisionHistoryLimit: 1 \ No newline at end of file diff --git a/sub-charts/junitreporter/templates/00-presync-report-starter.yaml b/sub-charts/junitreporter/templates/00-presync-report-starter.yaml index c6bd4a5ef..2365f966e 100644 --- a/sub-charts/junitreporter/templates/00-presync-report-starter.yaml +++ b/sub-charts/junitreporter/templates/00-presync-report-starter.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $prefix := printf "pre-jreporter-%s" .Values.reporter_name }} diff --git a/sub-charts/junitreporter/templates/10-postsync-report-starter.yaml b/sub-charts/junitreporter/templates/10-postsync-report-starter.yaml index d18c0a0a4..22effdd9e 100644 --- a/sub-charts/junitreporter/templates/10-postsync-report-starter.yaml +++ b/sub-charts/junitreporter/templates/10-postsync-report-starter.yaml @@ -3,7 +3,7 @@ {{- /* Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. */}} -{{- $_cli_image_digest := "sha256:c8e641b941a6f10cab9a8e3dec157120e85c9389d3b2d0ac4125b85e85e634a2" }} +{{- $_cli_image_digest := "sha256:b3ecce096368c967bbc6bac2f074473a65418462417b6e550ad4777427c3b06b" }} {{ $preprefix := printf "pre-jreporter-%s" .Values.reporter_name }} {{ $time_cm := printf "%s-synctime" $preprefix }}