From 57ff7404580fb1348063ab113f0f314850c0f62b Mon Sep 17 00:00:00 2001
From: Nicolas Marcq <nico.marcq@gmail.com>
Date: Thu, 7 Dec 2023 16:11:53 +0100
Subject: [PATCH] fix redis

---
 k8s/inventory/group_vars/all/squest.yml | 23 +++++++++++----------
 k8s/squest_k8s/tasks/02-db.yml          | 15 ++++++++++++++
 k8s/squest_k8s/tasks/04-redis.yml       | 27 +++++++++++++++++++++++++
 k8s/squest_k8s/tasks/05-django.yml      | 14 +++++++++++++
 k8s/squest_k8s/tasks/main.yml           |  1 +
 5 files changed, 69 insertions(+), 11 deletions(-)

diff --git a/k8s/inventory/group_vars/all/squest.yml b/k8s/inventory/group_vars/all/squest.yml
index 35aecb50b..8690b344d 100644
--- a/k8s/inventory/group_vars/all/squest.yml
+++ b/k8s/inventory/group_vars/all/squest.yml
@@ -1,12 +1,9 @@
 # Kubernetes
-k8s_kubeconfig_path: "/home/nico/Documents/tools4ocp-clusters/talos-test.k8s.glabs.hpecorp.net/kubeconfig"
-k8s_cluster_fqdn: "talos-test.k8s.glabs.hpecorp.net"
-#k8s_kubeconfig_path: "/path/to/kubeconfig"
-#k8s_cluster_fqdn: k8s.domain.local
+k8s_kubeconfig_path: "/path/to/kubeconfig"
+k8s_cluster_fqdn: "k8s.domain.local"
 squest_namespace: "squest"
 k8s_storage_class: "thin"
 
-
 # DATABASE
 squest_db:
   database: "squest_db"
@@ -36,9 +33,12 @@ squest_rabbitmq:
   user: rabbitmq
   password: rabbitmq
 
+squest_redis:
+  password: redis_secret_password
+
 # Django
 squest_django:
-  image: "quay.io/hewlettpackardenterprise/squest:dev"
+  image: "quay.io/hewlettpackardenterprise/squest:latest"
   ingress:
     enabled: true
     host: "squest.{{ k8s_cluster_fqdn }}"
@@ -52,17 +52,18 @@ squest_django:
     TZ: "Europe/Paris"
     DB_HOST: "mariadb"
     DB_PORT: "3306"
-    REDIS_CACHE_HOST: "redis"
+    REDIS_CACHE_HOST: "rfrm-redis"
+    DEBUG: "true"
     DB_USER: "{{ squest_db.user }}"
     DB_PASSWORD: "{{ squest_db.password }}"
     WAIT_HOSTS: "mariadb:3306,rabbitmq:5672"
   backup:
-    enabled: true
+    enabled: false
     crontab: "0 1 * * *"
   externalize_backup_via_rsync:
-    enabled: true
+    enabled: false
     crontab: "30 1 * * *"
-    private_ssh_key: "{{ lookup('file', '/home/nico/Desktop/id_ed25519_squest_k8s_dev') + '\n' }}"
+    private_ssh_key: "{{ lookup('file', '/path/to/id_ed25519_squest_k8s_dev') + '\n' }}"
     ssh_user: "squest_k8s_dev"
-    ssh_server: "siam017.gre.hpecorp.net"
+    ssh_server: "remote.server.ssh.net"
     remote_path: "/backup/squest_k8s_dev/"
diff --git a/k8s/squest_k8s/tasks/02-db.yml b/k8s/squest_k8s/tasks/02-db.yml
index 1e7885b8b..c88b46dcb 100644
--- a/k8s/squest_k8s/tasks/02-db.yml
+++ b/k8s/squest_k8s/tasks/02-db.yml
@@ -93,6 +93,21 @@
           periodSeconds: 10
           timeoutSeconds: 5
 
+- name: Wait until MariaDB deployment available
+  kubernetes.core.k8s_info:
+    kubeconfig: "{{ k8s_kubeconfig_path }}"
+    api_version: "mariadb.mmontes.io/v1alpha1"
+    kind: "MariaDB"
+    name: "mariadb"
+    namespace: "{{ squest_namespace }}"
+    wait: yes
+    wait_sleep: 10
+    wait_timeout: 600
+    wait_condition:
+      type: Ready
+      status: "True"
+
+
 - when: squest_phpmyadmin.enabled
   block:
     - name: Deploy PHPMyAdmin configmap environment
diff --git a/k8s/squest_k8s/tasks/04-redis.yml b/k8s/squest_k8s/tasks/04-redis.yml
index 6b408a46c..6f3f5c09a 100644
--- a/k8s/squest_k8s/tasks/04-redis.yml
+++ b/k8s/squest_k8s/tasks/04-redis.yml
@@ -38,6 +38,23 @@
       type: Available
       status: "True"
 
+- name: Redis password secret
+  kubernetes.core.k8s:
+    kubeconfig: "{{ k8s_kubeconfig_path }}"
+    state: present
+    namespace: "{{ squest_namespace }}"
+    definition:
+      apiVersion: v1
+      kind: Secret
+      metadata:
+        name: redis-password
+        labels:
+          app: squest
+          service: redis
+      type: Opaque
+      stringData:
+        password: "{{ squest_redis.password }}"
+
 - name: Deploy Redis
   kubernetes.core.k8s:
     kubeconfig: "{{ k8s_kubeconfig_path }}"
@@ -52,6 +69,8 @@
           app: squest
           service: redis
       spec:
+        auth:
+          secretPath: redis-password
         sentinel:
           replicas: 3
           resources:
@@ -60,7 +79,15 @@
             limits:
               memory: 100Mi
         redis:
+#          env:
+#            - name: REDIS_PASSWORD
+#              value: "{{ squest_redis.password }}"
           replicas: 3
+#          extraVolumes:
+#            - name: redis-password
+#              secret:
+#                secretName: redis-user-secret
+#                optional: false
           resources:
             requests:
               cpu: 100m
diff --git a/k8s/squest_k8s/tasks/05-django.yml b/k8s/squest_k8s/tasks/05-django.yml
index fca17d5f5..65986e3bb 100644
--- a/k8s/squest_k8s/tasks/05-django.yml
+++ b/k8s/squest_k8s/tasks/05-django.yml
@@ -150,6 +150,20 @@
                 persistentVolumeClaim:
                   claimName: django-static
 
+- name: Wait until migration job done
+  kubernetes.core.k8s_info:
+    kubeconfig: "{{ k8s_kubeconfig_path }}"
+    api_version: "batch/v1"
+    kind: Job
+    name: "django-migrations"
+    namespace: "{{ squest_namespace }}"
+    wait: yes
+    wait_sleep: 10
+    wait_timeout: 600
+    wait_condition:
+      type: Complete
+      status: "True"
+
 - name: Nginx config
   kubernetes.core.k8s:
     kubeconfig: "{{ k8s_kubeconfig_path }}"
diff --git a/k8s/squest_k8s/tasks/main.yml b/k8s/squest_k8s/tasks/main.yml
index f3f7450ac..5f5b62546 100644
--- a/k8s/squest_k8s/tasks/main.yml
+++ b/k8s/squest_k8s/tasks/main.yml
@@ -7,6 +7,7 @@
       kind: Namespace
       metadata:
         name: "{{ squest_namespace }}"
+  tags: ["namespace"]
 
 - name: K8S utils
   ansible.builtin.include_tasks: