Skip to content

Commit

Permalink
feature: create helm chart using the Azure KeyVault variant (#279)
Browse files Browse the repository at this point in the history
* feat: add Helm chart that utilized Azure KeyVault + Postgres

* pr remarks

* Update charts/tractusx-connector-azure-vault/README.md.gotmpl

Co-authored-by: Florian Rusch (ZF Friedrichshafen AG) <[email protected]>

* use cUrl instead of wget do satisfy SonarCloud

---------

Co-authored-by: Florian Rusch (ZF Friedrichshafen AG) <[email protected]>
  • Loading branch information
paullatzelsperger and florianrusch-zf committed May 16, 2023
1 parent aba8306 commit 6932a70
Show file tree
Hide file tree
Showing 43 changed files with 2,222 additions and 28 deletions.
2 changes: 1 addition & 1 deletion .github/dependabot.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ updates:
-
package-ecosystem: "docker"
target-branch: main
directory: ./edc-controlplane/edc-controlplane-postgresql/src/main/docker/
directory: ./edc-controlplane/edc-controlplane-postgresql-azure-vault/src/main/docker/
labels:
- "dependabot"
- "docker"
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -78,7 +78,7 @@ jobs:
variant: [ { dir: edc-controlplane, img: edc-runtime-memory },
{ dir: edc-controlplane, img: edc-controlplane-memory-hashicorp-vault },
{ dir: edc-controlplane, img: edc-controlplane-postgresql-hashicorp-vault },
{ dir: edc-controlplane, img: edc-controlplane-postgresql },
{ dir: edc-controlplane, img: edc-controlplane-postgresql-azure-vault },
{ dir: edc-dataplane, img: edc-dataplane-azure-vault },
{ dir: edc-dataplane, img: edc-dataplane-hashicorp-vault } ]
permissions:
Expand Down
45 changes: 45 additions & 0 deletions .github/workflows/deployment-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,21 @@ concurrency:

jobs:

secret-presence:
runs-on: ubuntu-latest
outputs:
AZURE_KV_CREDS: ${{ steps.secret-presence.outputs.AZURE_KV_CREDS }}
steps:
- name: Check whether secrets exist
id: secret-presence
run: |
[ ! -z "${{ secrets.AZURE_TENANT_ID }}" ] &&
[ ! -z "${{ secrets.AZURE_CLIENT_ID }}" ] &&
[ ! -z "${{ secrets.AZURE_CLIENT_SECRET }}" ] &&
[ ! -z "${{ secrets.AZURE_VAULT_NAME }}" ] &&
echo "AZURE_KV_CREDS=true" >> $GITHUB_OUTPUT
exit 0
test-prepare:
runs-on: ubuntu-latest
steps:
Expand Down Expand Up @@ -99,3 +114,33 @@ jobs:
# execute the helm test
helm test tx-prod --logs
test-azure-vault-postgres:
runs-on: ubuntu-latest
needs: [ test-prepare, secret-presence ]
if: |
needs.secret-presence.outputs.AZURE_KV_CREDS
steps:
- name: Checkout
uses: actions/[email protected]
- uses: ./.github/actions/run-deployment-test
name: "Run deployment test using KinD and Helm"
with:
imagename: "edc-controlplane-postgresql-azure-vault edc-dataplane-azure-vault"
rootDir: "."
helm_command: |-
helm install tx-prod charts/tractusx-connector-azure-vault \
-f edc-tests/deployment/src/main/resources/helm/tractusx-connector-azure-vault-test.yaml \
--dependency-update \
--set vault.azure.name=${{ secrets.AZURE_VAULT_NAME }} \
--set vault.azure.client=${{ secrets.AZURE_CLIENT_ID }} \
--set vault.azure.secret=${{ secrets.AZURE_CLIENT_SECRET }} \
--set vault.azure.tenant=${{ secrets.AZURE_TENANT_ID }} \
--wait-for-jobs --timeout=120s
# wait for the pod to become ready
kubectl rollout status deployment tx-prod-controlplane
kubectl rollout status deployment tx-prod-dataplane
# execute the helm test
helm test tx-prod --logs
2 changes: 1 addition & 1 deletion .github/workflows/publish-docker.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ jobs:
variant: [ { dir: edc-controlplane, img: edc-runtime-memory },
{ dir: edc-controlplane, img: edc-controlplane-memory-hashicorp-vault },
{ dir: edc-controlplane, img: edc-controlplane-postgresql-hashicorp-vault },
{ dir: edc-controlplane, img: edc-controlplane-postgresql },
{ dir: edc-controlplane, img: edc-controlplane-postgresql-azure-vault },
{ dir: edc-dataplane, img: edc-dataplane-azure-vault },
{ dir: edc-dataplane, img: edc-dataplane-hashicorp-vault } ]
permissions:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/publish-new-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ jobs:
variant: [{dir: edc-controlplane, img: edc-runtime-memory},
{dir: edc-controlplane, img: edc-controlplane-memory-hashicorp-vault},
{dir: edc-controlplane, img: edc-controlplane-postgresql-hashicorp-vault},
{dir: edc-controlplane, img: edc-controlplane-postgresql},
{dir: edc-controlplane, img: edc-controlplane-postgresql-azure-vault},
{dir: edc-dataplane, img: edc-dataplane-azure-vault},
{dir: edc-dataplane, img: edc-dataplane-hashicorp-vault}]

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/trivy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -66,7 +66,7 @@ jobs:
image:
- edc-runtime-memory
- edc-controlplane-memory-hashicorp-vault
- edc-controlplane-postgresql
- edc-controlplane-postgresql-azure-vault
- edc-controlplane-postgresql-hashicorp-vault
- edc-dataplane-azure-vault
- edc-dataplane-hashicorp-vault
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/veracode.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
variant: [ { dir: edc-controlplane, name: edc-runtime-memory },
{ dir: edc-controlplane, name: edc-controlplane-memory-hashicorp-vault },
{ dir: edc-controlplane, name: edc-controlplane-postgresql-hashicorp-vault },
{ dir: edc-controlplane, name: edc-controlplane-postgresql },
{ dir: edc-controlplane, name: edc-controlplane-postgresql-azure-vault },
{ dir: edc-dataplane, name: edc-dataplane-azure-vault },
{ dir: edc-dataplane, name: edc-dataplane-hashicorp-vault } ]
steps:
Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ The Data-Plane does the heavy lifting of transferring and receiving data streams

Depending on your environment there are different derivatives of the control-plane prepared:

- [edc-controlplane-postgresql](edc-controlplane/edc-controlplane-postgresql) with dependency onto
- [edc-controlplane-postgresql-azure-vault](edc-controlplane/edc-controlplane-postgresql-azure-vault) with dependency onto
- [Azure Key Vault](https://azure.microsoft.com/en-us/services/key-vault/#product-overview)
- [PostgreSQL 8.2 or newer](https://www.postgresql.org/)
- [edc-controlplane-postgresql-hashicorp-vault](edc-controlplane/edc-controlplane-postgresql-hashicorp-vault) with
Expand Down
51 changes: 51 additions & 0 deletions charts/tractusx-connector-azure-vault/Chart.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
#
# Copyright (c) 2023 ZF Friedrichshafen AG
# Copyright (c) 2023 Mercedes-Benz Tech Innovation GmbH
# Copyright (c) 2023 Bayerische Motoren Werke Aktiengesellschaft (BMW AG)
# Copyright (c) 2021, 2023 Contributors to the Eclipse Foundation
#
# See the NOTICE file(s) distributed with this work for additional
# information regarding copyright ownership.
#
# This program and the accompanying materials are made available under the
# terms of the Apache License, Version 2.0 which is available at
# https://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# SPDX-License-Identifier: Apache-2.0
#

---
apiVersion: v2
name: tractusx-connector-azure-vault
description: |
A Helm chart for Tractus-X Eclipse Data Space Connector. The connector deployment consists of two runtime consists of a
Control Plane and a Data Plane. Note that _no_ external dependencies such as a PostgreSQL database and Azure KeyVault are included.
This chart is intended for use with an _existing_ PostgreSQL database and an _existing_ Azure KeyVault.
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 0.3.3
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
# follow Semantic Versioning. They should reflect the version the application is using.
# It is recommended to use it with quotes.
appVersion: "0.3.3"
home: https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector
sources:
- https://github.com/eclipse-tractusx/tractusx-edc/tree/main/charts/tractusx-connector
Loading

0 comments on commit 6932a70

Please sign in to comment.