New NS deploy through circleci

.circleci/config.yml

@@ -13,18 +13,20 @@ jobs:
       TERM: dumb
     steps:
       - checkout
-      - run: rm -f helm/g2p-sandbox-fynarfin-SIT/Chart.lock helm/g2p-sandbox-fynarfin-SIT/requirements.lock helm/g2p-sandbox-fynarfin-SIT/charts/*
+      - run: rm -f helm/g2p-sandbox-fynarfin-SIT-NS2/Chart.lock helm/g2p-sandbox-fynarfin-SIT-NS2/requirements.lock helm/g2p-sandbox-fynarfin-SIT-NS2/charts/*
       - helm/install-helm-client:
           version: "v3.8.2"
-      # - run: "sed -i '12s/.*/version: 0.0.0/' helm/g2p-sandbox-fynarfin-SIT/Chart.yaml"
-      - run: cat helm/g2p-sandbox-fynarfin-SIT/Chart.yaml
-      - run: helm dep up helm/g2p-sandbox-fynarfin-SIT
-      - run: helm package helm/g2p-sandbox-fynarfin-SIT
+      # - run: "sed -i '12s/.*/version: 0.0.0/' helm/g2p-sandbox-fynarfin-SIT-NS2/Chart.yaml"
+      - run: cat helm/g2p-sandbox-fynarfin-SIT-NS2/Chart.yaml
+      - run: helm dep up helm/g2p-sandbox-fynarfin-SIT-NS2
+      - run: helm package helm/g2p-sandbox-fynarfin-SIT-NS2
       - run: helm repo index .
       - run: echo "$CERT_FILE" | base64 --decode > b64encoded.pem
       - run: chmod 400 b64encoded.pem
-      - run: scp -o StrictHostKeyChecking=No -i b64encoded.pem index.yaml ph-ee-g2psandbox-fynarfin-0.2.0.tgz ec2-user@13.233.68.128:~/
-      - run: ssh -i b64encoded.pem -o StrictHostKeyChecking=No ec2-user@13.233.68.128 sudo mv -t /apps/apache-tomcat-7.0.82/webapps/ROOT/images/ph-ee-g2psandbox-fynarfin index.yaml ph-ee-g2psandbox-fynarfin-0.2.0.tgz
+      - run: scp -o StrictHostKeyChecking=No -i b64encoded.pem index.yaml /home/circleci/repo/ph-ee-g2psandbox-fynarfin-SIT-NS-0.2.0.tgz ec2-user@13.233.68.128:~/      
+      - run: ssh -i b64encoded.pem -o StrictHostKeyChecking=No ec2-user@13.233.68.128 sudo mv -t /apps/apache-tomcat-7.0.82/webapps/ROOT/images/ph-ee-g2psandbox-fynarfin-NS index.yaml ph-ee-g2psandbox-fynarfin-SIT-NS-0.2.0.tgz
+
+
 
   upgrade-g2psandbox-helm-chart:
     docker:
@@ -39,11 +41,11 @@ jobs:
           aws-region: "$REGION"
       - helm/install-helm-client:
           version: "v3.8.2"
-      - run: helm ls --namespace=paymenthub
+      - run: helm ls --namespace=paymenthub-ns
       - helm/upgrade-helm-chart:
-          chart: "https://fynarfin.io/images/ph-ee-g2psandbox-fynarfin/ph-ee-g2psandbox-fynarfin-0.2.0.tgz"
+          chart: "https://fynarfin.io/images/ph-ee-g2psandbox-fynarfin-NS/ph-ee-g2psandbox-fynarfin-SIT-NS-0.2.0.tgz"
           release-name: "g2p-sandbox"
-          namespace: paymenthub
+          namespace: paymenthub-ns
           recreate-pods: true
           add-repo: "https://fynarfin.io/images/ph-ee-g2psandbox-fynarfin"
           wait: true
@@ -59,7 +61,7 @@ jobs:
 
       # kubectl delete secrets elastic-certificates elastic-certificate-pem elastic-certificate-crt|| true
 
-  create-secret-paymenthub-namespace:
+  create-secret-namespace:
     docker:
       - image: cimg/base:2022.06
     steps:
@@ -71,139 +73,75 @@ jobs:
           cluster-name: "sit"
           aws-region: "$REGION"
       - run: |
-          export ENV_NAMESPACE=paymenthub
+          export ENV_NAMESPACE=paymenthub-ns
           kubectl config use-context arn:aws:eks:$REGION:419830066942:cluster/sit
           kubectl config get-contexts
           cd helm/kibana-secret/
           make secrets || echo "kibana" already exists
 
       - run: |
-          export ENV_NAMESPACE=paymenthub
+          export ENV_NAMESPACE=paymenthub-ns
           kubectl config use-context arn:aws:eks:$REGION:419830066942:cluster/sit
           kubectl config get-contexts
           cd helm/es-secret/
           make secrets || echo "elastic-certificates" already exists
 
       - run: |
-          export ENV_NAMESPACE=paymenthub
+          export ENV_NAMESPACE=paymenthub-ns
           kubectl delete secret bulk-processor-secret -n $ENV_NAMESPACE || echo "delete the secret if exist"
           kubectl create secret generic bulk-processor-secret \
           --from-literal=aws-access-key="$S3_ACCESS_KEY_ID" \
           --from-literal=aws-secret-key="$S3_SECRET_ACCESS_KEY" -n $ENV_NAMESPACE
 
-  host-g2-sandbox-security-fynarfin-chart:
-    docker:
-      - image: cimg/python:3.10
-    working_directory: ~/repo
-    environment:
-      TERM: dumb
-    steps:
-      - checkout
-      - run: rm -f helm/g2p-sandbox-security-fynarfin-SIT/Chart.lock helm/g2p-sandbox-security-fynarfin-SIT/requirements.lock helm/g2p-sandbox-security-fynarfin-SIT/charts/*
-      - helm/install-helm-client:
-          version: "v3.8.2"
-      - run: cat helm/g2p-sandbox-security-fynarfin-SIT/Chart.yaml
-      - run: helm dep up helm/g2p-sandbox-security-fynarfin-SIT
-      - run: helm package helm/g2p-sandbox-security-fynarfin-SIT
-      - run: helm repo index .
-      - run: echo "$CERT_FILE" | base64 --decode > b64encoded.pem
-      - run: chmod 400 b64encoded.pem
-      - run: ssh -i b64encoded.pem -o StrictHostKeyChecking=No ec2-user@13.233.68.128 sudo mkdir -p /apps/apache-tomcat-7.0.82/webapps/ROOT/images/ph-ee-g2psandbox-security-fynarfin
-      - run: scp -o StrictHostKeyChecking=No -i b64encoded.pem index.yaml ph-ee-g2psandbox-security-fynarfin-0.0.0.tgz ec2-user@13.233.68.128:~/
-      - run: ssh -i b64encoded.pem -o StrictHostKeyChecking=No ec2-user@13.233.68.128 sudo mv -t /apps/apache-tomcat-7.0.82/webapps/ROOT/images/ph-ee-g2psandbox-security-fynarfin index.yaml ph-ee-g2psandbox-security-fynarfin-0.0.0.tgz
-
-  upgrade-g2psandbox-security-helm-chart:
-    docker:
-      - image: cimg/python:3.10
-    parameters:
-      cluster-name:
-        description: "sit"
-        type: string        
-    steps:
-      - aws-eks/update-kubeconfig-with-authenticator:
-          cluster-name: "sit"
-          aws-region: "$REGION"
-      - helm/install-helm-client:
-          version: "v3.8.2"
-      - kubernetes/install-kubectl
-      - run: |
-          if ! kubectl get ns ph-infrastructure > /dev/null 2>&1; then
-              kubectl create namespace ph-infrastructure
-          fi
-      - run: helm ls --namespace=ph-infrastructure
-      - helm/upgrade-helm-chart:
-          chart: "https://fynarfin.io/images/ph-ee-g2psandbox-security-fynarfin/ph-ee-g2psandbox-security-fynarfin-0.0.0.tgz"
-          release-name: "g2p-sandbox-security"
-          namespace: ph-infrastructure
-          recreate-pods: true
-          add-repo: "https://fynarfin.io/images/ph-ee-g2psandbox-security"
-          wait: true
-          timeout: "300s"
-
-  host-dpga-compliance-barebone-chart:
-    docker:
-      - image: cimg/python:3.10
-    working_directory: ~/repo
-    environment:
-      TERM: dumb
-    steps:
-      - checkout
-      - run: |
-          if [[ -n $(git show --name-only $CIRCLE_SHA1 | grep "^helm/dpga-compliance-barebone/") ]]; then
-            echo "Directory has changed. Running the job."
-          else
-            echo "Directory has not changed. Skipping the job."
-            circleci step halt
-          fi
-      - run: rm -f helm/dpga-compliance-barebone/Chart.lock helm/dpga-compliance-barebone/charts/*
-      - helm/install-helm-client:
-          version: "v3.8.2"
-      - run: cat helm/dpga-compliance-barebone/Chart.yaml
-      - run: helm dep up helm/dpga-compliance-barebone
-      - run: helm package helm/dpga-compliance-barebone
-      - run: helm repo index .
-      - run: echo "$CERT_FILE" | base64 --decode > b64encoded.pem
-      - run: chmod 400 b64encoded.pem
-      - run: ssh -i b64encoded.pem -o StrictHostKeyChecking=No ec2-user@13.233.68.128 sudo mkdir -p /apps/apache-tomcat-7.0.82/webapps/ROOT/images/dpga-barebone
-      - run: scp -o StrictHostKeyChecking=No -i b64encoded.pem index.yaml dpga-barebone-1.0.0.tgz ec2-user@13.233.68.128:~/
-      - run: ssh -i b64encoded.pem -o StrictHostKeyChecking=No ec2-user@13.233.68.128 sudo mv -t /apps/apache-tomcat-7.0.82/webapps/ROOT/images/dpga-barebone index.yaml dpga-barebone-1.0.0.tgz
-
-  upgrade-dpga-compliance-barebone-chart:
-    docker:
-      - image: cimg/python:3.10
-    parameters:
-      cluster-name:
-        description: "sit"
-        type: string
-    steps:
-      - checkout
-      - run: |
-          if [[ -n $(git show --name-only $CIRCLE_SHA1 | grep "^helm/dpga-compliance-barebone/") ]]; then
-            echo "Directory has changed. Running the job."
-          else
-            echo "Directory has not changed. Skipping the job."
-            circleci step halt
-          fi
-      - aws-eks/update-kubeconfig-with-authenticator:
-          cluster-name: "sit"
-          aws-region: "$REGION"
-      - helm/install-helm-client:
-          version: "v3.8.2"
-      - kubernetes/install-kubectl
-      - run: |
-          if ! kubectl get ns paymenthub-dpg > /dev/null 2>&1; then
-              kubectl create namespace paymenthub-dpg
-          fi
-      - run: helm ls --namespace=paymenthub-dpg
-      - helm/upgrade-helm-chart:
-          chart: "https://fynarfin.io/images/dpga-barebone/dpga-barebone-1.0.0.tgz"
-          release-name: "dpga-release"
-          namespace: paymenthub-dpg
-          recreate-pods: true
-          add-repo: "https://fynarfin.io/images/dpga-barebone"
-          wait: true
-          timeout: "300s"
+  # host-g2-sandbox-security-fynarfin-chart:
+  #   docker:
+  #     - image: cimg/python:3.10
+  #   working_directory: ~/repo
+  #   environment:
+  #     TERM: dumb
+  #   steps:
+  #     - checkout
+  #     - run: rm -f helm/g2p-sandbox-security-fynarfin-SIT/Chart.lock helm/g2p-sandbox-security-fynarfin-SIT/requirements.lock helm/g2p-sandbox-security-fynarfin-SIT/charts/*
+  #     - helm/install-helm-client:
+  #         version: "v3.8.2"
+  #     - run: cat helm/g2p-sandbox-security-fynarfin-SIT/Chart.yaml
+  #     - run: helm dep up helm/g2p-sandbox-security-fynarfin-SIT
+  #     - run: helm package helm/g2p-sandbox-security-fynarfin-SIT
+  #     - run: helm repo index .
+  #     - run: echo "$CERT_FILE" | base64 --decode > b64encoded.pem
+  #     - run: chmod 400 b64encoded.pem
+  #     - run: ssh -i b64encoded.pem -o StrictHostKeyChecking=No ec2-user@13.233.68.128 sudo mkdir -p /apps/apache-tomcat-7.0.82/webapps/ROOT/images/ph-ee-g2psandbox-security-fynarfin
+  #     - run: scp -o StrictHostKeyChecking=No -i b64encoded.pem index.yaml ph-ee-g2psandbox-security-fynarfin-0.0.0.tgz ec2-user@13.233.68.128:~/
+  #     - run: ssh -i b64encoded.pem -o StrictHostKeyChecking=No ec2-user@13.233.68.128 sudo mv -t /apps/apache-tomcat-7.0.82/webapps/ROOT/images/ph-ee-g2psandbox-security-fynarfin index.yaml ph-ee-g2psandbox-security-fynarfin-0.0.0.tgz
 
+  # upgrade-g2psandbox-security-helm-chart:
+  #   docker:
+  #     - image: cimg/python:3.10
+  #   parameters:
+  #     cluster-name:
+  #       description: "sit"
+  #       type: string        
+  #   steps:
+  #     - aws-eks/update-kubeconfig-with-authenticator:
+  #         cluster-name: "sit"
+  #         aws-region: "$REGION"
+  #     - helm/install-helm-client:
+  #         version: "v3.8.2"
+  #     - kubernetes/install-kubectl
+  #     - run: |
+  #         if ! kubectl get ns ph-infrastructure > /dev/null 2>&1; then
+  #             kubectl create namespace ph-infrastructure
+  #         fi
+  #     - run: helm ls --namespace=ph-infrastructure
+  #     - helm/upgrade-helm-chart:
+  #         chart: "https://fynarfin.io/images/ph-ee-g2psandbox-security-fynarfin/ph-ee-g2psandbox-security-fynarfin-0.0.0.tgz"
+  #         release-name: "g2p-sandbox-security"
+  #         namespace: ph-infrastructure
+  #         recreate-pods: true
+  #         add-repo: "https://fynarfin.io/images/ph-ee-g2psandbox-security"
+  #         wait: true
+  #         timeout: "300s"     
+
   deploying-bpmns:
     docker:
       - image: 'curlimages/curl:8.1.2' 
@@ -238,40 +176,40 @@ workflows:
             - AWS
             - Helm
             - slack
-      - host-g2-sandbox-security-fynarfin-chart:
-          requires:
-            - build
-          context:
-            - AWS
-            - Helm
-            - slack
+      # - host-g2-sandbox-security-fynarfin-chart:
+      #     requires:
+      #       - build
+      #     context:
+      #       - AWS
+      #       - Helm
+      #       - slack
       - upgrade-g2psandbox-helm-chart:
           cluster-name: sit
           requires:
             - build
-            - upgrade-g2psandbox-security-helm-chart
+            # - upgrade-g2psandbox-security-helm-chart
           context:
             - AWS
             - Helm
             - slack
             - Secrets        
-      - create-secret-paymenthub-namespace:
+      - create-secret-namespace:
           requires: 
             - upgrade-g2psandbox-helm-chart
           context: 
             - AWS
             - Helm
             - slack
             - Secrets  
-      - upgrade-g2psandbox-security-helm-chart:
-          cluster-name: sit
-          requires:
-            - host-g2-sandbox-security-fynarfin-chart
-          context:
-            - AWS
-            - Helm
-            - slack
-            - Secrets 
+      # - upgrade-g2psandbox-security-helm-chart:
+      #     cluster-name: sit
+      #     requires:
+      #       - host-g2-sandbox-security-fynarfin-chart
+      #     context:
+      #       - AWS
+      #       - Helm
+      #       - slack
+      #       - Secrets 
       - deploying-bpmns:
           requires:
             - upgrade-g2psandbox-helm-chart
@@ -281,34 +219,34 @@ workflows:
             - slack
       - test-chart-gov:
           requires:
-            - create-secret-paymenthub-namespace
+            - create-secret-namespace
             - deploying-bpmns
           context: 
             - AWS
             - Helm
             - slack
       - test-chart-ams:
           requires:
-            - create-secret-paymenthub-namespace
+            - create-secret-namespace
             - deploying-bpmns
           context:
             - AWS
             - Helm
             - slack
-      - host-dpga-compliance-barebone-chart:
-          context:
-            - AWS
-            - Helm
-            - slack
-      - upgrade-dpga-compliance-barebone-chart:
-          cluster-name: sit
-          requires:
-            - host-dpga-compliance-barebone-chart
-          context:
-            - AWS
-            - Helm
-            - slack
-            - Secrets
+      # - host-dpga-compliance-barebone-chart:
+      #     context:
+      #       - AWS
+      #       - Helm
+      #       - slack
+      # - upgrade-dpga-compliance-barebone-chart:
+      #     cluster-name: sit
+      #     requires:
+      #       - host-dpga-compliance-barebone-chart
+      #     context:
+      #       - AWS
+      #       - Helm
+      #       - slack
+      #       - Secrets
       # - install-helm-chart:
       #     cluster-name: sit
       # - delete-helm-release:

helm/g2p-sandbox-fynarfin-SIT-NS2/Chart.yaml

@@ -0,0 +1,12 @@
+apiVersion: v2
+name: ph-ee-g2psandbox-fynarfin-SIT-NS
+description: PaymentHub EE Barebone Edition
+
+type: application
+version: 0.2.0
+appVersion: 1.16.0
+
+dependencies:
+- name: ph-ee-g2psandbox
+  repository: https://fynarfin.io/images/ph-ee-g2psandbox-0.0.0
+  version: 0.0.0

helm/g2p-sandbox-fynarfin-SIT-NS2/README.md

@@ -0,0 +1,21 @@
+Helm Upgrade command ---->
+helm upgrade -f helm/g2p-sandbox/values.yaml g2pconnect helm/g2p-sandbox --install --create-namespace --namespace paymenthub
+
+Known Issue 
+Migration script race condition Operation app startup issue work around
+1. Port forward operationsmysqlpodname -3307 (kubectl get operationsmysql pod name)
+2. Connect to mysql with root passwrod (kubectl get secret operationsmysql, take root password and base64 decode it, mysql -uroot -P3307 -p)
+3. Delete tenants (drop database tenants;)
+4. Run the SQL scripts which didn’t run successfully
+
+4a. CREATE DATABASE `tenants`;
+
+4b. GRANT ALL PRIVILEGES ON `tenants`.* TO 'mifos';
+
+4c. GRANT ALL PRIVILEGES ON `rhino`.* TO 'mifos';
+
+4d. GRANT ALL PRIVILEGES ON `gorilla`.* TO 'mifos';
+
+4e. GRANT ALL ON *.* TO 'root'@'%';
+
+5. Restart ops-app pod

helm/g2p-sandbox-fynarfin-SIT-NS2/config/application-bb.properties

@@ -0,0 +1,9 @@
+store.local.interop.host=https://rhino.mifos.g2pconnect.io
+store.local.customer.host=https://rhino.mifos.g2pconnect.io
+zeebe.broker.contactpoint=g2p-sandbox-zeebe-gateway:26500
+
+security.oauth2.resource.jwt.key-uri=http://ops-bk.mifos.g2pconnect.io/oauth/token_key
+rest.authorization.enabled=false
+rest.authorization.host=http://ops-bk.mifos.g2pconnect.io
+
+dfspids=rhino, gorilla