Merge branch 'feature/DESCW-1863-notifybc5-merge' into development

docs/helm/index.yaml

@@ -0,0 +1,23 @@
+apiVersion: v1
+entries:
+  notify-bc:
+  - apiVersion: v2
+    appVersion: "5.0"
+    created: "2024-01-12T15:48:31.2306-08:00"
+    dependencies:
+    - name: mongodb
+      repository: https://charts.bitnami.com/bitnami
+      version: 14.3.2
+    - condition: redis.enabled
+      name: redis
+      repository: https://charts.bitnami.com/bitnami
+      version: 16.13.2
+    description: NotifyBC Helm chart for Kubernetes
+    digest: 8f2985912a30ca0429151dc5e8220b17ee261500e0149ddebcede3f74160d3a5
+    icon: https://raw.githubusercontent.com/bcgov/NotifyBC/main/favicon.ico
+    name: notify-bc
+    type: application
+    urls:
+    - notify-bc-2.0.0.tgz
+    version: 2.0.0
+generated: "2024-01-12T15:48:31.217156-08:00"

helm/README.md

@@ -0,0 +1,23 @@
+## Creating new versions of this chart
+1. Update the `version` property in `helm/Chart.yaml` to the desired version number.
+2. From the `helm/` directory, run the command `helm package ./` to create a `.tgz` package for the new version.
+3. Move the new `.tgz` file to the `docs/` directory (`mv notify-bc-[version].tgz ../docs/helm`).
+4. Update `docs/helm/index.yaml` to list the new package (`helm repo index ../docs/helm`).
+
+## Deploying to OpenShift
+1. In this example we will be deploying to `dev`, so a file named `values.dev.local.yaml` should exist and contain values specific to the `dev` instance.
+1. Run `helm install dev -f platform-specific/openshift.yaml -f values.yaml -f values.dev.local.yaml ./`
+    - If a deployment already exists, run `helm uninstall dev` to remove it, then repeat the command above.
+1. To deploy to `test`, replace `dev` with `test` in the above example.
+
+## Deploying BuildConfig and ImageStream for NotifyBC application
+```bash
+# Step 1 - Go to helm/ directory of repo
+cd helm
+# Step 2 - Login to OpenShift oc command line
+oc login --token=secret-token --server=https://myopnshift.com
+# Step 3 - Choose the tools folder
+oc project 12345-tools
+# step 4 - Apply deployment file
+oc apply -f deployments/openshift/notify-build.yaml
+```

helm/deployments/openshift/notify-build.yaml

@@ -0,0 +1,48 @@
+# ImageStream api-run
+apiVersion: image.openshift.io/v1
+kind: ImageStream
+metadata:
+  annotations:
+    description: Image for the notify application
+  labels:
+    role: app
+  name: notify-bc
+
+---
+# BuildConfig api-run
+apiVersion: build.openshift.io/v1
+kind: BuildConfig
+metadata:
+  annotations:
+    description: Image Build for notify bc application
+  labels:
+    role: app
+  name: notify-bc
+spec:
+  failedBuildsHistoryLimit: 1
+  successfulBuildsHistoryLimit: 2
+  strategy:
+    dockerStrategy:
+      from:
+        kind: DockerImage
+        name: node:20.9.0-slim
+      incremental: false
+    type: Docker
+  source:
+    contextDir: ./
+    git:
+      ref: main
+      uri: https://github.com/bcgov/NotifyBC.git
+    type: Git
+  output:
+    to:
+      kind: ImageStreamTag
+      name: notify-bc:latest
+  resources:
+    limits:
+      cpu: "2"
+      memory: 2Gi
+    requests:
+      cpu: "1.5"
+      memory: 1.5Gi
+  runPolicy: Serial

helm/templates/network-policy-app-ingress.yaml

@@ -0,0 +1,20 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-app-ingress
+  labels:
+    {{- include "NotifyBC.labels" . | nindent 4 }}
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: {{ include "NotifyBC.name" . }}-app
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 3000
+      from:
+        - namespaceSelector:
+            matchLabels:
+              network.openshift.io/policy-group: ingress
+  policyTypes:
+    - Ingress

helm/templates/network-policy-db-ingress.yaml

@@ -0,0 +1,16 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-db-ingress
+  labels:
+    {{- include "NotifyBC.labels" . | nindent 4 }}
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/component: mongodb
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 27017
+  policyTypes:
+    - Ingress

helm/templates/network-policy-redis-ingress.yaml

@@ -0,0 +1,22 @@
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: allow-redis-ingress
+  labels:
+    {{- include "NotifyBC.labels" . | nindent 4 }}
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: redis
+  ingress:
+    - ports:
+        - protocol: TCP
+          port: 6379
+        - protocol: TCP
+          port: 26379
+      from:
+        - podSelector:
+            matchLabels:
+              app.kubernetes.io/name: {{ include "NotifyBC.name" . }}-app
+  policyTypes:
+    - Ingress

helm/templates/route-smtp.yaml

@@ -1,3 +1,4 @@
+{{- if .Values.service.smtp.enabled -}}
 {{- if .Capabilities.APIVersions.Has "route.openshift.io/v1/Route" }}
 {{- $fullName := include "NotifyBC.fullname" . -}}
 apiVersion: route.openshift.io/v1
@@ -18,3 +19,4 @@ spec:
     kind: Service
     name: {{ $fullName }}
 {{- end }}
+{{- end }}