Merge pull request #1953 from bcgov/chore/pgbackrest-and-certificate-…

…fixes

Chore/pgbackrest and certificate fixes

Makefile

@@ -246,14 +246,7 @@ install:
 	@set -euo pipefail; \
 	dagConfig=$$(echo '{"org": "bcgov", "repo": "cas-cif", "ref": "$(GIT_SHA1)", "path": "dags/cas_cif_dags.py"}' | base64 -w0); \
 	helm dep up $(CHART_DIR); \
-	if ! helm status --namespace $(NAMESPACE) $(CHART_INSTANCE); then \
-		echo 'Installing the application and issuing SSL certificate'; \
-		helm install --set certbot.manualRun=true $(HELM_OPTS) $(CHART_INSTANCE) $(CHART_DIR); \
-	elif [ $(ISSUE_CERT) ]; then \
-		helm upgrade --set certbot.manualRun=true $(HELM_OPTS) $(CHART_INSTANCE) $(CHART_DIR); \
-	else \
-		helm upgrade $(HELM_OPTS) $(CHART_INSTANCE) $(CHART_DIR); \
-	fi;
+	helm install $(HELM_OPTS) $(CHART_INSTANCE) $(CHART_DIR);
 
 
 restore_prereq: ## Prerequisites for the restore target

chart/cas-cif/Chart.lock

@@ -8,8 +8,5 @@ dependencies:
 - name: cas-airflow-dag-trigger
   repository: https://bcgov.github.io/cas-airflow
   version: 1.0.7
-- name: certbot
-  repository: https://bcdevops.github.io/certbot
-  version: 0.1.3
-digest: sha256:d2da5fb2e1380ca061fdadb0e4cbe54137f1e3d43f90afe245339ddb320a771b
-generated: "2024-12-16T11:23:41.617911-08:00"
+digest: sha256:0693261c3831cac56b20a88001ce8492535570768f78c9a46f1eb89d7280818c
+generated: "2025-01-15T14:35:44.502894429-08:00"

chart/cas-cif/Chart.yaml

@@ -18,7 +18,3 @@ dependencies:
     repository: https://bcgov.github.io/cas-airflow
     alias: deploy-db
     condition: deploy-db.enabled
-  - name: certbot
-    version: 0.1.3
-    repository: https://bcdevops.github.io/certbot
-    condition: certbot.enabled

chart/cas-cif/templates/postgres.yaml

@@ -48,7 +48,6 @@ spec:
                   postgres-operator.crunchydata.com/instance-set: pgha1
   proxy:
     pgBouncer:
-      image: artifacts.developer.gov.bc.ca/bcgov-docker-local/crunchy-pgbouncer:ubi8-1.18-0
       resources:
         requests:
           cpu: 10m
@@ -83,7 +82,6 @@ spec:
         - cif
   backups:
     pgbackrest:
-      image: artifacts.developer.gov.bc.ca/bcgov-docker-local/crunchy-pgbackrest:ubi8-2.41-4
     {{- if .Values.db.restore.enabled }}
       restore:
         enabled: true
@@ -114,7 +112,6 @@ spec:
   monitoring:
     pgmonitor:
       exporter:
-        image: artifacts.developer.gov.bc.ca/bcgov-docker-local/crunchy-postgres-exporter:ubi8-5.3.1-0
         resources:
           requests:
             cpu: 50m

chart/cas-cif/templates/route.yaml

@@ -1,21 +1,10 @@
 {{- if not (hasSuffix "-prod" .Release.Namespace)}}
 
-{{- $route := (lookup "route.openshift.io/v1" "Route" .Release.Namespace "cas-cif" ) }}
-{{- $certificate := "" }}
-{{- $key := "" }}
-{{- $caCertificate := "" }}
-{{- if $route }}
-{{- $certificate = $route.spec.tls.certificate }}
-{{- $key = $route.spec.tls.key }}
-{{- $caCertificate = $route.spec.tls.caCertificate }}
-{{- end -}}
-
 apiVersion: route.openshift.io/v1
 kind: Route
 metadata:
   name: {{ template "cas-cif.fullname" . }}
   labels: {{ include "cas-cif.labels" . | nindent 4 }}
-    certbot-managed: "true"
 
 spec:
   host: {{ .Values.hostName }}
@@ -24,11 +13,6 @@ spec:
   tls:
     termination: edge
     insecureEdgeTerminationPolicy: Redirect
-    {{- if $certificate }}
-    certificate: {{ $certificate | quote }}
-    key: {{ $key | quote }}
-    caCertificate: {{ $caCertificate | quote }}
-    {{- end }}
   to:
     kind: Service
     name: {{ template "cas-cif.fullname" . }}

chart/cas-cif/values-dev.yaml

@@ -3,7 +3,7 @@ app:
   sitewide_notice:
     content: <div class="alert alert-warning">This is the DEV environment.</div>
 
-hostName: dev.cif.gov.bc.ca
+hostName: cas-cif-dev.apps.silver.devops.gov.bc.ca
 
 db:
   preUpgradeCommand: |
@@ -18,6 +18,3 @@ deploy-db:
 
 download-dags:
   airflowEndpoint: https://cas-airflow-dev.apps.silver.devops.gov.bc.ca
-
-certbot:
-  enabled: true

chart/cas-cif/values-prod.yaml

@@ -1,8 +1,5 @@
 hostName: cif.gov.bc.ca
 
-certbot:
-  enabled: false
-
 deploy-db:
   airflowEndpoint: https://cas-airflow-prod.apps.silver.devops.gov.bc.ca
 

chart/cas-cif/values-test.yaml

@@ -2,7 +2,7 @@ app:
   sitewide_notice:
     content: <div class="alert alert-warning">This is the TEST environment.</div>
 
-hostName: test.cif.gov.bc.ca
+hostName: cas-cif-test.apps.silver.devops.gov.bc.ca
 
 db:
   postUpgradeCommandEnv: |
@@ -28,6 +28,3 @@ deploy-db:
 
 download-dags:
   airflowEndpoint: https://cas-airflow-test.apps.silver.devops.gov.bc.ca
-
-certbot:
-  enabled: true

chart/cas-cif/values.yaml

@@ -37,12 +37,6 @@ db:
 
 hostName: ~
 
-certbot:
-  image:
-    pullPolicy: IfNotPresent
-  certbot:
-    email: [email protected]
-
 resources:
   limits:
     cpu: 800m

database_backup_test/backup-test/templates/postgres.yaml

@@ -48,7 +48,6 @@ spec:
                   postgres-operator.crunchydata.com/instance-set: pgha1
   proxy:
     pgBouncer:
-      image: artifacts.developer.gov.bc.ca/bcgov-docker-local/crunchy-pgbouncer:ubi8-1.18-0
       resources:
         requests:
           cpu: 10m
@@ -83,7 +82,6 @@ spec:
         - cif
   backups:
     pgbackrest:
-      image: artifacts.developer.gov.bc.ca/bcgov-docker-local/crunchy-pgbackrest:ubi8-2.41-4
     {{- if .Values.db.restore.enabled }}
       restore:
         enabled: true

shipit.yml

@@ -12,12 +12,3 @@ deploy:
 ci:
   allow_failures:
     - "yarn-audit"
-
-tasks:
-  renew_cert:
-    action: "Renew SSL Certificate"
-    description: "Send a request via certbot to issue an SSL certificate"
-    steps:
-      - export ISSUE_CERT=true
-      - make install:
-          timeout: 5000