diff --git a/.devops/deploy-argocd-apps.yml b/.devops/deploy-argocd-apps.yml index 3887510..cf7be1f 100644 --- a/.devops/deploy-argocd-apps.yml +++ b/.devops/deploy-argocd-apps.yml @@ -26,11 +26,24 @@ parameters: - uat - prod -- name: APPS - displayName: ArgoCD Apps +- name: APPS_TOP + displayName: Top ArgoCD Apps type: object default: - - arc-be + - one-color + - four-color + +- name: APPS_MID + displayName: Mid ArgoCD Apps + type: object + default: + - two-color + +- name: APPS_BASE + displayName: Base ArgoCD Apps + type: object + default: + - three-color - name: POSTMAN_BRANCH displayName: Postman branch @@ -41,10 +54,8 @@ variables: # Variabili statiche - name: directoryPattern value: 'helm/${{ parameters.ENV }}' - - name: isPullRequestTrigger - value: $[eq(variables['Build.Reason'], 'PullRequest')] - name: area - value: arc-cittadini + value: p4pa-payhub - ${{ if eq(parameters.ENV, 'dev') }}: - name: argocdServer @@ -101,371 +112,78 @@ stages: echo "agentPoolName: ${{variables['agentPoolName']}}" echo "agentPoolName: ${{variables['argocdServer']}}" - # - # Calculate changes from PR - # - - stage: calculate_pr_git_changes - condition: and(succeeded(), eq(variables.isPullRequestTrigger, true)) - jobs: - - job: FindGitChangedFolder - pool: - vmImage: 'ubuntu-latest' - steps: - - checkout: self - fetchDepth: 0 - name: checkoutCode - displayName: 'Checkout Code' - - - task: UsePythonVersion@0 - inputs: - versionSpec: '3.x' - addToPath: true - name: setupPython - displayName: 'Setup Python' - - # Migliorato script Python con gestione errori e logging - - task: PythonScript@0 - name: grep_git_folders - displayName: 'Process String and Convert to JSON' - inputs: - scriptSource: 'inline' - script: | - import json - import subprocess - import sys - - try: - print("Starting the process...") - - command = "git diff --name-only --diff-filter=d origin/main...HEAD | xargs -I {} dirname {} | sort -u" - print(f"Executing command: {command}") - - result = subprocess.run(command, shell=True, capture_output=True, text=True) - if result.returncode != 0: - raise Exception(f"Git command failed: {result.stderr}") - - str_output = result.stdout.strip() - print(f"Command output: {str_output}") - - if not str_output: - print("No changes detected") - filtered_list = [] - else: - filtered_list = [item for item in str_output.split('\n') if "helm/dev" in item] - print(f"Filtered list: {filtered_list}") - - cleaned_list = [item.replace("helm/dev/", "") for item in filtered_list] - print(f"Cleaned list: {cleaned_list}") - - result_json = json.dumps(cleaned_list) - print(f"Final JSON result: {result_json}") - - print(f'##vso[task.setvariable variable=resultJson;isOutput=true]{result_json}') - print("Process completed successfully") - - except Exception as e: - print(f"Error occurred: {str(e)}", file=sys.stderr) - sys.exit(1) - - - task: Bash@3 - name: EchoBashJson - displayName: 'Echo Result JSON Array' - inputs: - targetType: 'inline' - script: | - echo "JSON Array Result:" - echo '$(grep_git_folders.resultJson)' - echo "##vso[task.setvariable variable=savedResultJsonArray;isOutput=true]$(grep_git_folders.resultJson)" - # # ArgoCD # - stage: sync_argo_apps - condition: > - or( - succeeded(), - in(dependencies.calculate_pr_git_changes.result, 'Succeeded', 'Skipped') - ) - variables: - ${{ if eq(variables.isPullRequestTrigger, true) }}: - resultJsonArrayPython: $[ stageDependencies.calculate_pr_git_changes.FindGitChangedFolder.outputs['grep_git_folders.resultJson'] ] - resultJsonArrayBash: $[ stageDependencies.calculate_pr_git_changes.FindGitChangedFolder.outputs['EchoBashJson.savedResultJsonArray'] ] - ${{ else }}: - resultJsonArrayPython: '${{ convertToJson(parameters.APPS) }}' - resultJsonArrayBash: '${{ convertToJson(parameters.APPS) }}' + condition: succeeded() jobs: - # Deploy delle singole applicazioni - - ${{ each item in parameters.APPS }}: - - deployment: deploy_${{ replace(item, '-', '_') }} - displayName: 'Deploy ${{ item }}' - pool: - name: $(agentPoolName) - environment: ${{ parameters.ENV }} - condition: > - and( - succeeded(), - or( - and( - eq(variables.isPullRequestTrigger, false), - contains(variables.resultJsonArrayPython, '${{ item }}') - ), - eq(variables.isPullRequestTrigger, true) - ) - ) - strategy: - runOnce: - deploy: - steps: - - bash: | - echo "Deploying: ${{ item }}" - name: displayDeploymentInfo - displayName: 'Display Deployment Info' - - - bash: | - function login_argocd() { - if ! argocd login "$ARGOCD_SERVER" --username "$ARGOCD_USERNAME" --password "$ARGOCD_PASSWORD" --insecure --grpc-web; then - echo "❌ Failed to login to ArgoCD" - return 1 - fi - return 0 - } - - function check_app_health() { - local app_name=$1 - local max_retries=30 - local retry_count=0 - local wait_seconds=10 - - while [ $retry_count -lt $max_retries ]; do - if health_status=$(argocd app get "$app_name" -o json | jq -r '.status.health.status') && \ - sync_status=$(argocd app get "$app_name" -o json | jq -r '.status.sync.status'); then - - if [ "$health_status" = "Healthy" ] && [ "$sync_status" = "Synced" ]; then - echo "✅ Application $app_name is healthy and synced" - return 0 - fi - - echo "Status - Health ${health_status}, Sync: ${sync_status}" - else - echo "❌ Failed to get application status" - fi - - sleep $wait_seconds - ((retry_count++)) - done - - echo "❌ Health check timed out for $app_name" - return 1 - } - - # Main execution - set -e - app_name="${ARGOCD_APP_NAME}" - - echo "🔨 Starting deployment for $app_name..." - - if ! login_argocd; then - exit 1 - fi - - if ! argocd app sync "$app_name" --prune --timeout 180; then - echo "❌ Sync failed for $app_name" - exit 1 - fi - - if ! check_app_health "$app_name"; then - echo "❌ Health check failed for $app_name" - exit 1 - fi - - if ! argocd app actions run "$app_name" restart --kind Deployment --all --grpc-web; then - echo "❌ Failed to restart deployments for $app_name" - exit 1 - fi - - echo "✅ Deployment completed successfully for $app_name" - name: syncArgoApp - displayName: 'Sync ArgoCD App: ${{ item }}' - env: - ARGOCD_SERVER: $(argocdServer) - ARGOCD_USERNAME: $(argocdUsername) - ARGOCD_PASSWORD: $(argocdPassword) - ARGOCD_APP_NAME: "$(area)-${{item}}" - - # - # Postman - # - - stage: postman_tests - displayName: Run Postman Tests + # top Apps + - template: templates/deploy-argo-template.yml + parameters: + applicationsList: ${{ parameters.APPS_TOP }} + deploymentType: 'top' + environment: ${{ parameters.ENV }} + argocdServerUrl: $(argocdServer) + argocdUserName: $(argocdUsername) + argocdUserPassword: $(argocdPassword) + agentPoolName: $(agentPoolName) + applicationPrefix: $(area) + + # mid Apps + - template: templates/deploy-argo-template.yml + parameters: + applicationsList: ${{ parameters.APPS_MID }} + deploymentType: 'mid' + environment: ${{ parameters.ENV }} + argocdServerUrl: $(argocdServer) + argocdUserName: $(argocdUsername) + argocdUserPassword: $(argocdPassword) + agentPoolName: $(agentPoolName) + applicationPrefix: $(area) + dependsOnJob: 'deploy_top' + + # base Apps + - template: templates/deploy-argo-template.yml + parameters: + applicationsList: ${{ parameters.APPS_BASE }} + deploymentType: 'base' + environment: ${{ parameters.ENV }} + argocdServerUrl: $(argocdServer) + argocdUserName: $(argocdUsername) + argocdUserPassword: $(argocdPassword) + agentPoolName: $(agentPoolName) + applicationPrefix: $(area) + dependsOnJob: 'deploy_mid' + + # Stage separato per i test Postman + - stage: run_postman_tests + condition: and(succeeded(), or(${{eq(parameters.ENV, 'dev')}}, ${{eq(parameters.ENV, 'uat')}})) dependsOn: sync_argo_apps - condition: or(${{eq(parameters.ENV, 'dev')}}, ${{eq(parameters.ENV, 'uat')}}) jobs: - - ${{ each item in parameters.APPS }}: - - job: postman_tests_${{ replace(item, '-', '_') }} - displayName: '${{ item }} > postman' - pool: - name: $(agentPoolName) - variables: - stageOutcome: 'Succeeded' - steps: - - checkout: self - name: checkoutSourceCode - displayName: 'Checkout Source Code' - # Verifica se i test Postman possono essere eseguiti - - task: Bash@3 - name: canRunPostmanTests - displayName: 'Check Postman Tests Requirements' - inputs: - targetType: 'inline' - script: | - echo "🔨 Checking Postman configuration..." - rootPostman=$(yq '.postman-test' $(Build.Repository.LocalPath)/helm/${{parameters.ENV}}/${{item}}/values.yaml) - runPostmanTests=$(yq '.postman-test.run' $(Build.Repository.LocalPath)/helm/${{parameters.ENV}}/${{item}}/values.yaml) - - echo "rootPostman: $rootPostman" - echo "runPostmanTests: $runPostmanTests" - - function is_valid() { - [ ! -z "$1" ] && [ "$1" != "null" ] - } - - if ! is_valid "$rootPostman" || ! is_valid "$runPostmanTests" || [ "$runPostmanTests" != "true" ]; then - echo "##vso[task.logissue type=warning]Skipping Postman tests - Configuration not valid or tests disabled" - echo "##vso[task.setvariable variable=runPostmanTest;isOutput=true]false" - exit 0 - fi - - echo "All checks passed. Proceeding with Postman tests." - echo "##vso[task.setvariable variable=runPostmanTest;isOutput=true]true" - - echo "✅ Postman tests configuration valid" - echo "##vso[task.setvariable variable=runPostmanTest;isOutput=true]true" - - # Setup delle variabili Postman - - task: Bash@3 - name: setupPostmanVariables - displayName: 'Setup Postman Variables' - condition: and(succeeded(), eq(variables['canRunPostmanTests.runPostmanTest'], 'true')) - inputs: - targetType: 'inline' - script: | - echo "🔨 Setting up Postman variables..." - - # Estrazione variabili da values.yaml - repoName=$(yq '.postman-test.repoName' $(Build.Repository.LocalPath)/helm/${{parameters.ENV}}/${{item}}/values.yaml) - dir=$(yq '.postman-test.dir' $(Build.Repository.LocalPath)/helm/${{parameters.ENV}}/${{item}}/values.yaml) - collectionName=$(yq '.postman-test.collectionName' $(Build.Repository.LocalPath)/helm/${{parameters.ENV}}/${{item}}/values.yaml) - #envVariablesFile=$(yq '.postman-test.envVariablesFile' $(Build.Repository.LocalPath)/helm/${{parameters.ENV}}/${{item}}/values.yaml) - - # Log delle variabili (senza valori sensibili) - echo "📝 Configuration:" - echo "Repository: $repoName" - echo "Directory: $dir" - echo "Collection: $collectionName" - echo "Environment Variables File: inside library secure file" - echo "Branch: ${{ parameters.POSTMAN_BRANCH }}" - - # Validazione variabili - function is_valid() { - [ ! -z "$1" ] && [ "$1" != "null" ] - } - - # Validazione e setting delle variabili - declare -a required_vars=( - "repoName:$repoName" - "dir:$dir" - "collectionName:$collectionName" - ) - - missing_vars=() - for var in "${required_vars[@]}"; do - name="${var%%:*}" - value="${var#*:}" - - if is_valid "$value"; then - echo "##vso[task.setvariable variable=$name]$value" - else - missing_vars+=("$name") - fi - done - - # Gestione errori - if [ ${#missing_vars[@]} -gt 0 ]; then - echo "❌ Missing required variables: ${missing_vars[*]}" - echo "##vso[task.logissue type=warning]Postman configuration incomplete" - echo "##vso[task.setvariable variable=runPostmanTest;isOutput=true]false" - else - echo "✅ All required variables validated successfully" - echo "##vso[task.setvariable variable=runPostmanTest;isOutput=true]true" - fi - - # Esecuzione dei test Postman - - task: NodeTool@0 - inputs: - versionSpec: '16.x' - - task: Npm@1.238.1 - displayName: Install newman - inputs: - command: custom - customCommand: install -g newman - - task: DownloadSecureFile@1 - displayName: 'Download postman secret environment' - name: postman_env_secret_file - inputs: - secureFile: "arc_${{ upper(parameters.ENV) }}.postman_environment.json" - - task: Bash@3 - name: run_postman_tests - displayName: 'Run Postman Tests' - condition: and(succeeded(), eq(variables['setupPostmanVariables.runPostmanTest'], 'true')) - continueOnError: true - inputs: - targetType: inline - script: | - set -e - echo "🚀 Starting Postman tests execution..." - - # Log delle variabili configurate - echo "📝 Test Configuration:" - echo "Repository: $(repoName)" - echo "Directory: $(dir)" - echo "Collection: $(collectionName)" - echo "Branch: ${{ parameters.POSTMAN_BRANCH }}" - #echo "envVariablesFile: $(envVariablesFile)" - - # Clone del repository - echo "🔄 Cloning repository..." - if ! git clone -b ${{ parameters.POSTMAN_BRANCH }} https://github.com/pagopa/$(repoName).git; then - echo "❌ Failed to clone repository" - exit 1 - fi - - # Navigazione nella directory corretta - cd $(repoName)/$(dir) || { - echo "❌ Failed to navigate to test directory" - exit 1 - } - - if ! newman run $(collectionName) -e $(postman_env_secret_file.secureFilePath) --reporters cli,junit --reporter-junit-export result/test-result.xml ; then - echo "❌ Postman tests failed" - exit 1 - fi - - echo "✅ Postman test setup completed successfully" - - - task: PublishTestResults@2 - inputs: - testResultsFormat: 'JUnit' - testResultsFiles: '**/test-*.xml' - searchFolder: '$(System.DefaultWorkingDirectory)/$(repoName)/$(dir)/result/' - testRunTitle: 'Publish Newman Test Results' - - bash: | - if [ "$(stageOutcome)" == "SucceededWithIssues" ]; then - echo "⚠️ Stage completed with issues" - echo "##vso[task.logissue type=warning]Stage completed with issues, marking as successful" - else - echo "✅ Stage completed successfully" - fi - echo "##vso[task.complete result=Succeeded;]" - name: forceStageSuccess - displayName: 'Finalize Stage' - condition: always() + # Top Apps Tests + - template: templates/postman-tests-template.yml + parameters: + appsList: ${{ parameters.APPS_TOP }} + jobSuffix: 'top' + env: ${{ parameters.ENV }} + agentPoolName: $(agentPoolName) + postmanBranch: ${{ parameters.POSTMAN_BRANCH }} + + # Mid Apps Tests + - template: templates/postman-tests-template.yml + parameters: + appsList: ${{ parameters.APPS_MID }} + jobSuffix: 'mid' + env: ${{ parameters.ENV }} + agentPoolName: $(agentPoolName) + postmanBranch: ${{ parameters.POSTMAN_BRANCH }} + + # Base Apps Tests + - template: templates/postman-tests-template.yml + parameters: + appsList: ${{ parameters.APPS_BASE }} + jobSuffix: 'base' + env: ${{ parameters.ENV }} + agentPoolName: $(agentPoolName) + postmanBranch: ${{ parameters.POSTMAN_BRANCH }} diff --git a/.devops/templates/deploy-argo-template.yml b/.devops/templates/deploy-argo-template.yml new file mode 100644 index 0000000..69bde1a --- /dev/null +++ b/.devops/templates/deploy-argo-template.yml @@ -0,0 +1,186 @@ +# Template for deploying applications through ArgoCD with graceful error handling +parameters: + # List of applications to deploy + - name: applicationsList + displayName: 'Applications List' + type: object + default: [] + # List of applications to be deployed through ArgoCD + # Example: ['app1', 'app2', 'app3'] + + # Target environment + - name: environment + displayName: 'Target Environment' + type: string + # The environment to deploy to (dev, uat, prod) + + # ArgoCD server connection details + - name: argocdServerUrl + displayName: 'ArgoCD Server URL' + type: string + # The URL of the ArgoCD server + + - name: argocdUserName + displayName: 'ArgoCD Username' + type: string + # Username for ArgoCD authentication + + - name: argocdUserPassword + displayName: 'ArgoCD Password' + type: string + # Password for ArgoCD authentication + + # Azure DevOps agent configuration + - name: agentPoolName + displayName: 'Agent Pool Name' + type: string + # The name of the Azure DevOps agent pool to use + + # Application prefix for ArgoCD + - name: applicationPrefix + displayName: 'Application Name Prefix' + type: string + # Prefix used for ArgoCD application names (e.g., 'p4pa-payhub') + + # Job identifier + - name: deploymentType + displayName: 'Deployment Type' + type: string + # Type of deployment + + # Dependency configuration + - name: dependsOnJob + displayName: 'Depends On Job' + type: string + default: '' + # Name of the job this deployment depends on + + # Configuration for health checks and retries + - name: healthCheckRetries + displayName: 'Health Check Retries' + type: number + default: 30 + # Number of retries for health checks + + - name: healthCheckInterval + displayName: 'Health Check Interval' + type: number + default: 10 + # Interval in seconds between health checks + + - name: syncTimeout + displayName: 'Sync Timeout' + type: number + default: 180 + # Timeout in seconds for sync operations + +jobs: +- job: deploy_${{ parameters.deploymentType }} + displayName: '🚀 ${{ parameters.deploymentType }}' + dependsOn: ${{ parameters.dependsOnJob }} + condition: succeeded() + strategy: + matrix: + ${{ each item in parameters.applicationsList }}: + ${{ replace(item, '-', '_') }}: + appName: ${{ item }} + pool: + name: ${{ parameters.agentPoolName }} + steps: + - bash: | + echo "Starting deployment for: $(appName)" + echo "Environment: ${{ parameters.environment }}" + echo "Deployment Type: ${{ parameters.deploymentType }}" + name: displayDeploymentInfo + displayName: 'Display Deployment Information' + + - bash: | + # Function to handle errors gracefully + function handle_error() { + local error_message=$1 + echo "⚠️ $error_message" + echo "##vso[task.logissue type=warning]$error_message" + echo "##vso[task.complete result=SucceededWithIssues;]" + return 0 + } + + function login_argocd() { + if ! argocd login "$ARGOCD_SERVER" --username "$ARGOCD_USERNAME" --password "$ARGOCD_PASSWORD" --insecure --grpc-web; then + handle_error "Failed to login to ArgoCD" + return 1 + fi + echo "✅ Successfully logged in to ArgoCD" + return 0 + } + + function check_app_health() { + local app_name=$1 + local max_retries=${{ parameters.healthCheckRetries }} + local retry_count=0 + local wait_seconds=${{ parameters.healthCheckInterval }} + + while [ $retry_count -lt $max_retries ]; do + if health_status=$(argocd app get "$app_name" -o json | jq -r '.status.health.status') && \ + sync_status=$(argocd app get "$app_name" -o json | jq -r '.status.sync.status'); then + + if [ "$health_status" = "Healthy" ] && [ "$sync_status" = "Synced" ]; then + echo "✅ Application $app_name is healthy and synced" + return 0 + fi + + echo "Current Status - Health: ${health_status}, Sync: ${sync_status}" + else + echo "⚠️ Failed to get application status" + fi + + echo "Attempt $((retry_count + 1)) of $max_retries. Waiting ${wait_seconds}s before retry..." + sleep $wait_seconds + ((retry_count++)) + done + + handle_error "Health check timed out for $app_name" + return 1 + } + + # Main execution + set +e # Don't exit on error + app_name="${ARGOCD_APP_NAME}" + + echo "🔨 Starting deployment process for $app_name..." + + # Login to ArgoCD + if ! login_argocd; then + handle_error "ArgoCD login failed for $app_name" + exit 0 + fi + + # Sync application + echo "🔄 Syncing application..." + if ! argocd app sync "$app_name" --prune --timeout ${{ parameters.syncTimeout }}; then + handle_error "Sync failed for $app_name" + exit 0 + fi + + # Check application health + echo "🏥 Checking application health..." + if ! check_app_health "$app_name"; then + handle_error "Health check failed for $app_name" + exit 0 + fi + + # Restart deployments + echo "🔄 Restarting deployments..." + if ! argocd app actions run "$app_name" restart --kind Deployment --all --grpc-web; then + handle_error "Failed to restart deployments for $app_name" + exit 0 + fi + + echo "✅ Deployment completed successfully for $app_name" + name: syncArgoApp + displayName: 'Sync ArgoCD App: $(appName)' + env: + ARGOCD_SERVER: ${{ parameters.argocdServerUrl }} + ARGOCD_USERNAME: ${{ parameters.argocdUserName }} + ARGOCD_PASSWORD: ${{ parameters.argocdUserPassword }} + ARGOCD_APP_NAME: "${{ parameters.applicationPrefix }}-$(appName)" + continueOnError: true diff --git a/.devops/templates/postman-tests-template.yml b/.devops/templates/postman-tests-template.yml new file mode 100644 index 0000000..8b0c2fa --- /dev/null +++ b/.devops/templates/postman-tests-template.yml @@ -0,0 +1,274 @@ +# Template for executing Postman tests on specific applications +parameters: + # List of applications to test + - name: appsList + displayName: 'Applications List' + type: object + default: [] + # The list of applications to run Postman tests against + # Example: ['app1', 'app2', 'app3'] + + # Target environment + - name: env + displayName: 'Target Environment' + type: string + # The environment to run tests in (dev, uat, prod) + + # Azure DevOps agent pool name + - name: agentPoolName + displayName: 'Agent Pool Name' + type: string + # The name of the Azure DevOps agent pool to use + + # Job identifier suffix + - name: jobSuffix + displayName: 'Job Type Identifier' + type: string + # Application type identifier + + # Dependency job + - name: dependsOn + displayName: 'Dependent Job' + type: string + default: '' + # Name of the job this execution depends on + + # Postman tests branch + - name: postmanBranch + displayName: 'Postman Tests Branch' + type: string + default: 'develop' + # Branch containing the Postman tests + + # Max retry attempts for failed tests + - name: maxRetryAttempts + displayName: 'Max Retry Attempts' + type: number + default: 2 + # Maximum number of retry attempts for failed tests + + # Timeout for each collection + - name: collectionTimeout + displayName: 'Collection Timeout (seconds)' + type: number + default: 300 + # Timeout in seconds for collection execution + +jobs: +- job: postman_${{ parameters.jobSuffix }} + displayName: '🛃 ${{ parameters.jobSuffix }}' + timeoutInMinutes: 60 + dependsOn: ${{ parameters.dependsOn }} + condition: succeeded() + strategy: + matrix: + ${{ each item in parameters.appsList }}: + ${{ replace(item, '-', '_') }}: + appName: ${{ item }} + pool: + name: ${{ parameters.agentPoolName }} + variables: + testOutcome: 'Succeeded' + steps: + - checkout: self + name: checkoutSourceCode + displayName: 'Checkout Source Code' + + - task: Bash@3 + name: validatePostmanConfig + displayName: 'Validate Postman Configuration' + inputs: + targetType: 'inline' + script: | + echo "🔍 Validating Postman configuration..." + # Extract configuration from values.yaml + rootPostman=$(yq '.postman-test' $(Build.Repository.LocalPath)/helm/${{parameters.env}}/$(appName)/values.yaml) + runPostmanTests=$(yq '.postman-test.run' $(Build.Repository.LocalPath)/helm/${{parameters.env}}/$(appName)/values.yaml) + + echo "Configuration found:" + echo "- Root config: $rootPostman" + echo "- Run tests: $runPostmanTests" + + # Validate if configuration exists and is not null + function is_valid_config() { + [ ! -z "$1" ] && [ "$1" != "null" ] + } + + # Check if tests should be executed based on configuration + if ! is_valid_config "$rootPostman" || ! is_valid_config "$runPostmanTests" || [ "$runPostmanTests" != "true" ]; then + echo "##vso[task.logissue type=warning]⚠️ Skipping Postman tests - Configuration not valid or tests disabled" + echo "##vso[task.setvariable variable=runPostmanTest;isOutput=true]false" + exit 0 + fi + + echo "✅ Postman configuration validated successfully" + echo "##vso[task.setvariable variable=runPostmanTest;isOutput=true]true" + + - task: Bash@3 + name: setupTestEnvironment + displayName: 'Setup Test Environment' + condition: and(succeeded(), eq(variables['validatePostmanConfig.runPostmanTest'], 'true')) + inputs: + targetType: 'inline' + script: | + echo "🔧 Configuring test environment..." + + # Extract test configuration from values.yaml + repoName=$(yq '.postman-test.repoName' $(Build.Repository.LocalPath)/helm/${{parameters.env}}/$(appName)/values.yaml) + dir=$(yq '.postman-test.dir' $(Build.Repository.LocalPath)/helm/${{parameters.env}}/$(appName)/values.yaml) + collectionName=$(yq '.postman-test.collectionName' $(Build.Repository.LocalPath)/helm/${{parameters.env}}/$(appName)/values.yaml) + + echo "📋 Test Configuration:" + echo "- Repository: $repoName" + echo "- Directory: $dir" + echo "- Collection: $collectionName" + echo "- Branch: ${{ parameters.postmanBranch }}" + + # Validate individual configuration values + function validate_variable() { + [ ! -z "$1" ] && [ "$1" != "null" ] + } + + # Define required variables + declare -a required_vars=( + "repoName:$repoName" + "dir:$dir" + "collectionName:$collectionName" + ) + + # Check for missing required variables + missing_vars=() + for var in "${required_vars[@]}"; do + name="${var%%:*}" + value="${var#*:}" + + if validate_variable "$value"; then + echo "##vso[task.setvariable variable=$name]$value" + else + missing_vars+=("$name") + fi + done + + # Handle missing variables + if [ ${#missing_vars[@]} -gt 0 ]; then + echo "❌ Missing required variables: ${missing_vars[*]}" + echo "##vso[task.logissue type=warning]Configuration incomplete" + echo "##vso[task.setvariable variable=runPostmanTest;isOutput=true]false" + exit 0 + fi + + echo "✅ Test environment configured successfully" + echo "##vso[task.setvariable variable=runPostmanTest;isOutput=true]true" + + - task: NodeTool@0 + displayName: 'Install Node.js' + inputs: + versionSpec: '16.x' + + - task: Npm@1.238.1 + displayName: 'Install Newman CLI' + inputs: + command: custom + customCommand: install -g newman + + - task: DownloadSecureFile@1 + displayName: 'Download Environment Variables' + name: postman_env_secret_file + inputs: + secureFile: "p4pa_${{ upper(parameters.env) }}.postman_environment.json" + + - task: Bash@3 + name: executePostmanTests + displayName: 'Execute Postman Tests' + condition: and(succeeded(), eq(variables['setupTestEnvironment.runPostmanTest'], 'true')) + continueOnError: true + inputs: + targetType: inline + script: | + # Error handling function + function handle_error() { + local error_message=$1 + echo "❌ $error_message" + echo "##vso[task.logissue type=error]$error_message" + return 1 + } + + # Function to execute tests with retry mechanism + function execute_tests_with_retry() { + local max_attempts=${{ parameters.maxRetryAttempts }} + local attempt=1 + + while [ $attempt -le $max_attempts ]; do + echo "🔄 Attempt $attempt of $max_attempts..." + + # Run Newman with specified configuration + if newman run $(collectionName) \ + -e $(postman_env_secret_file.secureFilePath) \ + --reporters cli,junit \ + --reporter-junit-export result/test-result.xml \ + --timeout ${{ parameters.collectionTimeout }}000; then + return 0 + fi + + # Handle retry logic + ((attempt++)) + [ $attempt -le $max_attempts ] && { + echo "⏳ Waiting before retry..."; + sleep 10; + } + done + + return 1 + } + + set -e + echo "🚀 Starting test execution for $(appName)..." + + # Log test configuration + echo "📝 Test Configuration:" + echo "- Repository: $(repoName)" + echo "- Directory: $(dir)" + echo "- Collection: $(collectionName)" + echo "- Branch: ${{ parameters.postmanBranch }}" + + # Clone test repository + echo "📦 Cloning test repository..." + if ! git clone -b ${{ parameters.postmanBranch }} https://github.com/pagopa/$(repoName).git; then + handle_error "Failed to clone repository" + exit 1 + fi + + # Navigate to test directory + cd $(repoName)/$(dir) || { + handle_error "Failed to navigate to test directory" + exit 1 + } + + # Execute tests with retry mechanism + if ! execute_tests_with_retry; then + handle_error "Tests failed after ${{ parameters.maxRetryAttempts }} attempts" + exit 1 + fi + + echo "✅ Tests completed successfully" + + - task: PublishTestResults@2 + displayName: 'Publish Test Results' + inputs: + testResultsFormat: 'JUnit' + testResultsFiles: '**/test-*.xml' + searchFolder: '$(System.DefaultWorkingDirectory)/$(repoName)/$(dir)/result/' + testRunTitle: 'Postman Tests - ${{ parameters.jobSuffix }} - $(appName)' + + - bash: | + # Check test outcome and finalize execution + if [ "$(testOutcome)" == "SucceededWithIssues" ]; then + echo "⚠️ Tests completed with issues" + echo "##vso[task.logissue type=warning]Tests completed with issues, marking as successful" + else + echo "✅ Tests completed successfully" + fi + echo "##vso[task.complete result=Succeeded;]" + name: finalizeTests + displayName: 'Finalize Test Execution' + condition: always() diff --git a/.github/terraform/99_locals.tf b/.github/terraform/99_locals.tf index dea1b3c..07f1e2c 100644 --- a/.github/terraform/99_locals.tf +++ b/.github/terraform/99_locals.tf @@ -2,7 +2,7 @@ locals { # Repo github = { org = "pagopa" - repository = "arc-deploy-aks" + repository = "payhub-deploy-aks" } repo_secrets = var.env_short == "p" ? { @@ -14,8 +14,7 @@ locals { "prod" : "main" } - branches = ["develop", "uat"] - bypass_branch_rules_teams = ["arc-admins", "payments-cloud-admin"] + bypass_branch_rules_teams = ["payhub-admins", "payments-cloud-admin"] # this is use to lookup the id for each team team_name_to_id = { diff --git a/.github/terraform/env/dev/backend.ini b/.github/terraform/env/dev/backend.ini index 747b5ed..23b7e40 100644 --- a/.github/terraform/env/dev/backend.ini +++ b/.github/terraform/env/dev/backend.ini @@ -1 +1 @@ -subscription=DEV-ARC +subscription=DEV-p4pa diff --git a/.github/terraform/env/dev/backend.tfvars b/.github/terraform/env/dev/backend.tfvars index 1af43d4..29f6361 100644 --- a/.github/terraform/env/dev/backend.tfvars +++ b/.github/terraform/env/dev/backend.tfvars @@ -1,4 +1,4 @@ resource_group_name = "terraform-state-rg" -storage_account_name = "tfappdevarc" +storage_account_name = "tfappdevp4pa" container_name = "terraform-state" -key = "arc-deploy-aks.tfstate" +key = "p4pa-payhub-deploy-aks-dev.tfstate" diff --git a/.github/terraform/env/dev/terraform.tfvars b/.github/terraform/env/dev/terraform.tfvars index e2f0158..bb0fadd 100644 --- a/.github/terraform/env/dev/terraform.tfvars +++ b/.github/terraform/env/dev/terraform.tfvars @@ -1,4 +1,4 @@ -prefix = "arc" +prefix = "payhub" env = "dev" env_short = "d" location_short = "itn" @@ -6,7 +6,7 @@ location_short = "itn" tags = { CreatedBy = "Terraform" Environment = "DEV" - Owner = "ARC" - Source = "https://github.com/pagopa/arc-deploy-aks" + Owner = "payhub" + Source = "https://github.com/pagopa/payhub-deploy-aks" CostCenter = "TS310 - PAGAMENTI & SERVIZI" } diff --git a/.github/terraform/env/prod/backend.ini b/.github/terraform/env/prod/backend.ini index f6f5904..ca90612 100644 --- a/.github/terraform/env/prod/backend.ini +++ b/.github/terraform/env/prod/backend.ini @@ -1 +1 @@ -subscription=PROD-ARC +subscription=PROD-p4pa diff --git a/.github/terraform/env/prod/backend.tfvars b/.github/terraform/env/prod/backend.tfvars index f48bd8c..8ceaee2 100644 --- a/.github/terraform/env/prod/backend.tfvars +++ b/.github/terraform/env/prod/backend.tfvars @@ -1,4 +1,4 @@ resource_group_name = "terraform-state-rg" -storage_account_name = "tfappprodarc" +storage_account_name = "tfappprodp4pa" container_name = "terraform-state" -key = "arc-deploy-aks.tfstate" +key = "p4pa-payhub-deploy-aks-prod.tfstate" diff --git a/.github/terraform/env/prod/terraform.tfvars b/.github/terraform/env/prod/terraform.tfvars index d6db2f5..955dd2d 100644 --- a/.github/terraform/env/prod/terraform.tfvars +++ b/.github/terraform/env/prod/terraform.tfvars @@ -1,4 +1,4 @@ -prefix = "arc" +prefix = "payhub" env = "prod" env_short = "p" location_short = "itn" @@ -6,7 +6,7 @@ location_short = "itn" tags = { CreatedBy = "Terraform" Environment = "PROD" - Owner = "ARC" - Source = "https://github.com/pagopa/arc-deploy-aks" + Owner = "payhub" + Source = "https://github.com/pagopa/payhub-deploy-aks" CostCenter = "TS310 - PAGAMENTI & SERVIZI" } diff --git a/.github/terraform/env/uat/backend.ini b/.github/terraform/env/uat/backend.ini index 538067c..c09a33c 100644 --- a/.github/terraform/env/uat/backend.ini +++ b/.github/terraform/env/uat/backend.ini @@ -1 +1 @@ -subscription=UAT-ARC +subscription=UAT-p4pa diff --git a/.github/terraform/env/uat/backend.tfvars b/.github/terraform/env/uat/backend.tfvars index 32029b0..8ceaee2 100644 --- a/.github/terraform/env/uat/backend.tfvars +++ b/.github/terraform/env/uat/backend.tfvars @@ -1,4 +1,4 @@ resource_group_name = "terraform-state-rg" -storage_account_name = "tfappuatarc" +storage_account_name = "tfappprodp4pa" container_name = "terraform-state" -key = "arc-deploy-aks.tfstate" +key = "p4pa-payhub-deploy-aks-prod.tfstate" diff --git a/.github/terraform/env/uat/terraform.tfvars b/.github/terraform/env/uat/terraform.tfvars index d148252..85180d5 100644 --- a/.github/terraform/env/uat/terraform.tfvars +++ b/.github/terraform/env/uat/terraform.tfvars @@ -1,4 +1,4 @@ -prefix = "arc" +prefix = "payhub" env = "uat" env_short = "u" location_short = "itn" @@ -6,7 +6,7 @@ location_short = "itn" tags = { CreatedBy = "Terraform" Environment = "UAT" - Owner = "ARC" - Source = "https://github.com/pagopa/arc-deploy-aks" + Owner = "payhub" + Source = "https://github.com/pagopa/payhub-deploy-aks" CostCenter = "TS310 - PAGAMENTI & SERVIZI" } diff --git a/.gitignore b/.gitignore index e518b21..f0fc465 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,4 @@ .terraform .idea **/charts +**/Chart.lock diff --git a/ct.yaml b/ct.yaml index 461bd23..c2da89b 100644 --- a/ct.yaml +++ b/ct.yaml @@ -5,9 +5,15 @@ timeout: 600s # Chart directories to scan for changes recursively chart-dirs: - - helm/dev - - helm/uat - - helm/prod + - helm/dev/base + - helm/dev/mid + - helm/dev/top + - helm/uat/base + - helm/uat/mid + - helm/uat/top + - helm/prod/base + - helm/prod/mid + - helm/prod/top # Required Helm repositories for chart dependencies chart-repos: diff --git a/helm/dev/arc-be/.helmignore b/helm/dev/arc-be/.helmignore deleted file mode 100644 index 0e8a0eb..0000000 --- a/helm/dev/arc-be/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/helm/dev/arc-be/Chart.yaml b/helm/dev/arc-be/Chart.yaml deleted file mode 100644 index 7914def..0000000 --- a/helm/dev/arc-be/Chart.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v2 -name: pagopa-arc-be -description: pagopa-arc-be -type: application -version: 1.0.0 -appVersion: 1.0.0 -dependencies: - - name: microservice-chart - version: 7.3.1 - repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/dev/arc-be/values.yaml b/helm/dev/arc-be/values.yaml deleted file mode 100644 index f973b47..0000000 --- a/helm/dev/arc-be/values.yaml +++ /dev/null @@ -1,135 +0,0 @@ -microservice-chart: - namespace: "cittadini" - - image: - repository: ghcr.io/pagopa/arc-be - tag: develop-latest - pullPolicy: Always - - ingress: - create: true - host: "citizen.internal.dev.cittadini.pagopa.it" - path: /arcbe/(.*) - - resources: - requests: - memory: " 2048Mi" - cpu: "1000m" - limits: - memory: " 2048Mi" - cpu: "1000m" - - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - initialDelaySeconds: 60 - failureThreshold: 15 - periodSeconds: 10 - timeoutSeconds: 2 - - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - initialDelaySeconds: 60 - failureThreshold: 15 - periodSeconds: 10 - timeoutSeconds: 2 - - deployment: - create: true - - service: - create: true - type: ClusterIP - port: 8080 - - podAnnotations: {} - - podSecurityContext: - seccompProfile: - type: RuntimeDefault - - securityContext: - allowPrivilegeEscalation: false - runAsNonRoot: true - runAsUser: 65534 - runAsGroup: 65534 - - externalConfigMapFiles: - create: true - configMaps: - - name: appinsights-config - key: applicationinsights.json - - envConfig: - JAVA_TOOL_OPTIONS: "-Xms1024m -Xmx1024m -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" - APPLICATIONINSIGHTS_ROLE_NAME: "pagopaarcbe" - APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL: "OFF" - APPLICATIONINSIGHTS_INSTRUMENTATION_MICROMETER_ENABLED: "false" - APPLICATIONINSIGHTS_PREVIEW_PROFILER_ENABLED: "false" - ENABLE_AUDIT_APPENDER: "TRUE" - JWT_TOKEN_EXPIRATION_SECONDS: "28800" - REDIS_PORT: "6380" - REDIS_SSL_ENABLED: "true" - ENV: "DEV" - AUTH_CLIENT_REDIRECT_URI: https://dev.cittadini.pagopa.it/pagamenti/auth-callback - AUTH_ISSUER_URI: https://dev.oneid.pagopa.it - AUTH_CLIENT_AUTHORIZATION_URI: https://dev.oneid.pagopa.it/login - AUTH_CLIENT_TOKEN_URI: https://dev.oneid.pagopa.it/oidc/token - AUTH_CLIENT_JWK_URI: https://dev.oneid.pagopa.it/oidc/keys - - externalConfigMapValues: - rest-client: - BIZ_EVENTS_PAID_NOTICE_BASE_URL: bizevents-paids-base-url - PULL_PAYMENT_BASE_URL: pullpayment-base-url - GPD_SERVICE_BASE_URL: gpd-service-base-url - assistance: - ASSISTANCE_ZENDESK_PRODUCT_ID: assistance-arc-zendesk-product-id - ASSISTANCE_ZENDESK_ORGANIZATION: assistance-arc-zendesk-organization - HELP_CENTER_URL: arc-help-center-url - ZENDESK_ACTION_URL: zendesk-action-url - - envSecret: - APPLICATIONINSIGHTS_CONNECTION_STRING: appinsights-connection-string - BIZ_EVENTS_PAID_NOTICE_SERVICE_API_KEY: pagopa-bizevents-paids-trx-apimv1-subscription-key - PULL_PAYMENT_SERVICE_API_KEY: pagopa-pullpayment-apimv1-subscription-key - GPD_SERVICE_API_KEY: pagopa-gpd-debt-positions-apimv1-subscription-key - AUTH_CLIENT_ID: oneidentity-client-id - AUTH_CLIENT_SECRET: oneidentity-client-secret - JWT_TOKEN_PRIVATE_KEY: jwt-private-key - JWT_TOKEN_PUBLIC_KEY: jwt-public-key - JWT_TOKEN_ASSISTANCE_ZENDESK_PRIVATE_KEY: jwt-assistance-zendesk-private-key - WHITE_LIST_USERS: cf-whitelist - REDIS_HOST: cache-standalone-host - REDIS_PASSWORD: cache-password - - # nodeSelector: {} - - # tolerations: [] - - # affinity: {} - - autoscaling: - enable: false - # minReplica: 1 - # maxReplica: 1 - # pollingInterval: 30 # seconds - # cooldownPeriod: 300 # seconds - # triggers: - # - type: cpu - # metadata: - # type: Utilization # Allowed types are 'Utilization' or 'AverageValue' - # value: "50" - - keyvault: - name: "arc-d-itn-cittadini-kv" - tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" - -postman-test: - run: true - repoName: arc-be - dir: postman - collectionName: "pagopa-arc-E2E.postman_collection.json" - envVariablesFile: "arc_DEV.postman_environment.json" #inside azdo secure files diff --git a/helm/dev/base/three-color/Chart.yaml b/helm/dev/base/three-color/Chart.yaml new file mode 100644 index 0000000..25e6366 --- /dev/null +++ b/helm/dev/base/three-color/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: payhub-three-color +description: An example application with Java spring boot +type: application +version: 1.1.1 +appVersion: 1.1.1 +dependencies: +- name: microservice-chart + version: 7.3.1 + repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/dev/base/three-color/deploy.sh b/helm/dev/base/three-color/deploy.sh new file mode 100644 index 0000000..2cf5278 --- /dev/null +++ b/helm/dev/base/three-color/deploy.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks three-color diff --git a/helm/dev/base/three-color/force-deploy b/helm/dev/base/three-color/force-deploy new file mode 100644 index 0000000..f70509d --- /dev/null +++ b/helm/dev/base/three-color/force-deploy @@ -0,0 +1 @@ +1601 diff --git a/helm/dev/base/three-color/values.yaml b/helm/dev/base/three-color/values.yaml new file mode 100644 index 0000000..d5268b6 --- /dev/null +++ b/helm/dev/base/three-color/values.yaml @@ -0,0 +1,89 @@ +microservice-chart: + namespace: "payhub" + + deployment: + create: true + replicas: 1 + + envConfig: + APP: basic + MY_APP_COLOR: "green" + + envSecret: + MY_KV_SECRET: argocd-server-url + + image: + repository: ghcr.io/pagopa/devops-java-springboot-color + tag: latest + pullPolicy: Always + + tmpVolumeMount: + create: true + mounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /app/logs + + livenessProbe: + httpGet: + path: /status/live + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /status/ready + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + service: + create: true + type: ClusterIP + ports: + - 8080 + + ingress: + create: true + host: hub.internal.dev.p4pa.pagopa.it + path: /payhub/three-color(/|$)(.*) + rewriteTarget: /$2 + servicePort: 8080 + + resources: + requests: + memory: "256Mi" + cpu: "150m" + limits: + memory: "256Mi" + cpu: "150m" + + keyvault: + name: "p4pa-d-payhub-kv" + tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" + + podDisruptionBudget: + create: false + +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.azure.com/mode +# operator: In +# values: +# - user +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchLabels: +# aadpodidbinding: payhub-pod-identity +# namespaces: ["payhub"] +# topologyKey: topology.kubernetes.io/zthree diff --git a/helm/dev/mid/two-color/Chart.yaml b/helm/dev/mid/two-color/Chart.yaml new file mode 100644 index 0000000..51cc437 --- /dev/null +++ b/helm/dev/mid/two-color/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: payhub-two-color +description: An example application with Java spring boot +type: application +version: 1.1.1 +appVersion: 1.1.1 +dependencies: +- name: microservice-chart + version: 7.3.1 + repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/dev/mid/two-color/deploy.sh b/helm/dev/mid/two-color/deploy.sh new file mode 100644 index 0000000..b6bd5ce --- /dev/null +++ b/helm/dev/mid/two-color/deploy.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks two-color diff --git a/helm/dev/mid/two-color/force-deploy b/helm/dev/mid/two-color/force-deploy new file mode 100644 index 0000000..f70509d --- /dev/null +++ b/helm/dev/mid/two-color/force-deploy @@ -0,0 +1 @@ +1601 diff --git a/helm/dev/mid/two-color/values.yaml b/helm/dev/mid/two-color/values.yaml new file mode 100644 index 0000000..67ee22f --- /dev/null +++ b/helm/dev/mid/two-color/values.yaml @@ -0,0 +1,90 @@ +microservice-chart: + namespace: "payhub" + + deployment: + create: true + replicas: 1 + + envConfig: + APP: basic + MY_APP_COLOR: "green" + + envSecret: + MY_KV_SECRET: argocd-server-url + + image: + repository: ghcr.io/pagopa/devops-java-springboot-color + tag: latest + pullPolicy: Always + + tmpVolumeMount: + create: true + mounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /app/logs + + livenessProbe: + httpGet: + path: /status/live + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /status/ready + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + service: + create: true + type: ClusterIP + ports: + - 8080 + + ingress: + create: true + host: hub.internal.dev.p4pa.pagopa.it + path: /payhub/two-color(/|$)(.*) + rewriteTarget: /$2 + servicePort: 8080 + + resources: + requests: + memory: "256Mi" + cpu: "150m" + limits: + memory: "256Mi" + cpu: "150m" + + keyvault: + name: "p4pa-d-payhub-kv" + tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" + + podDisruptionBudget: + create: false + minAvailable: 1 + +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.azure.com/mode +# operator: In +# values: +# - user +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchLabels: +# aadpodidbinding: payhub-pod-identity +# namespaces: ["payhub"] +# topologyKey: topology.kubernetes.io/ztwo diff --git a/helm/dev/top/four-color/Chart.yaml b/helm/dev/top/four-color/Chart.yaml new file mode 100644 index 0000000..bc331c3 --- /dev/null +++ b/helm/dev/top/four-color/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: payhub-four-color +description: An example application with Java spring boot +type: application +version: 1.1.1 +appVersion: 1.1.1 +dependencies: +- name: microservice-chart + version: 7.3.1 + repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/dev/top/four-color/deploy.sh b/helm/dev/top/four-color/deploy.sh new file mode 100644 index 0000000..cd57a3a --- /dev/null +++ b/helm/dev/top/four-color/deploy.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks four-color diff --git a/helm/dev/top/four-color/force-deploy b/helm/dev/top/four-color/force-deploy new file mode 100644 index 0000000..047d57f --- /dev/null +++ b/helm/dev/top/four-color/force-deploy @@ -0,0 +1 @@ +1658 diff --git a/helm/dev/top/four-color/values.yaml b/helm/dev/top/four-color/values.yaml new file mode 100644 index 0000000..56ec162 --- /dev/null +++ b/helm/dev/top/four-color/values.yaml @@ -0,0 +1,96 @@ +#postman-test: +# run: true +# nameRepo: devops-java-springboot-color +# dir: src/test/postman +# collectionName: mil-papos.postman_collection.json +# envVariables: dev.postman_environment.json + +microservice-chart: + namespace: "payhub" + + deployment: + create: true + replicas: 1 + + envConfig: + APP: basic + MY_APP_COLOR: "green" + + envSecret: + MY_KV_SECRET: argocd-server-url + + image: + repository: ghcr.io/pagopa/devops-java-springboot-color + tag: develop-latest + pullPolicy: Always + + tmpVolumeMount: + create: true + mounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /app/logs + + livenessProbe: + httpGet: + path: /status/live + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /status/ready + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + service: + create: true + type: ClusterIP + ports: + - 8080 + + ingress: + create: true + host: hub.internal.dev.p4pa.pagopa.it + path: /payhub/four-color(/|$)(.*) + rewriteTarget: /$2 + servicePort: 8080 + + resources: + requests: + memory: "256Mi" + cpu: "150m" + limits: + memory: "256Mi" + cpu: "150m" + + keyvault: + name: "p4pa-d-payhub-kv" + tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" + + podDisruptionBudget: + create: false + +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.azure.com/mode +# operator: In +# values: +# - user +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchLabels: +# aadpodidbinding: payhub-pod-identity +# namespaces: ["payhub"] +# topologyKey: topology.kubernetes.io/zfour diff --git a/helm/dev/top/one-color/Chart.yaml b/helm/dev/top/one-color/Chart.yaml new file mode 100644 index 0000000..0b353fd --- /dev/null +++ b/helm/dev/top/one-color/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: payhub-one-color +description: An example application with Java spring boot +type: application +version: 1.1.1 +appVersion: 1.1.1 +dependencies: +- name: microservice-chart + version: 7.3.1 + repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/dev/top/one-color/deploy.sh b/helm/dev/top/one-color/deploy.sh new file mode 100644 index 0000000..0dea881 --- /dev/null +++ b/helm/dev/top/one-color/deploy.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks one-color diff --git a/helm/dev/top/one-color/force-deploy b/helm/dev/top/one-color/force-deploy new file mode 100644 index 0000000..047d57f --- /dev/null +++ b/helm/dev/top/one-color/force-deploy @@ -0,0 +1 @@ +1658 diff --git a/helm/dev/top/one-color/values.yaml b/helm/dev/top/one-color/values.yaml new file mode 100644 index 0000000..bba7481 --- /dev/null +++ b/helm/dev/top/one-color/values.yaml @@ -0,0 +1,96 @@ +#postman-test: +# run: true +# nameRepo: devops-java-springboot-color +# dir: src/test/postman +# collectionName: mil-papos.postman_collection.json +# envVariables: dev.postman_environment.json + +microservice-chart: + namespace: "payhub" + + deployment: + create: true + replicas: 1 + + envConfig: + APP: basic + MY_APP_COLOR: "green" + + envSecret: + MY_KV_SECRET: argocd-server-url + + image: + repository: ghcr.io/pagopa/devops-java-springboot-color + tag: develop-latest + pullPolicy: Always + + tmpVolumeMount: + create: true + mounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /app/logs + + livenessProbe: + httpGet: + path: /status/live + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /status/ready + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + service: + create: true + type: ClusterIP + ports: + - 8080 + + ingress: + create: true + host: hub.internal.dev.p4pa.pagopa.it + path: /payhub/one-color(/|$)(.*) + rewriteTarget: /$2 + servicePort: 8080 + + resources: + requests: + memory: "256Mi" + cpu: "150m" + limits: + memory: "256Mi" + cpu: "150m" + + keyvault: + name: "p4pa-d-payhub-kv" + tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" + + podDisruptionBudget: + create: false + +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.azure.com/mode +# operator: In +# values: +# - user +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchLabels: +# aadpodidbinding: payhub-pod-identity +# namespaces: ["payhub"] +# topologyKey: topology.kubernetes.io/zone diff --git a/helm/prod/arc-be/.helmignore b/helm/prod/arc-be/.helmignore deleted file mode 100644 index 0e8a0eb..0000000 --- a/helm/prod/arc-be/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/helm/prod/arc-be/Chart.yaml b/helm/prod/arc-be/Chart.yaml deleted file mode 100644 index 7914def..0000000 --- a/helm/prod/arc-be/Chart.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v2 -name: pagopa-arc-be -description: pagopa-arc-be -type: application -version: 1.0.0 -appVersion: 1.0.0 -dependencies: - - name: microservice-chart - version: 7.3.1 - repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/prod/arc-be/values.yaml b/helm/prod/arc-be/values.yaml deleted file mode 100644 index 0310d26..0000000 --- a/helm/prod/arc-be/values.yaml +++ /dev/null @@ -1,128 +0,0 @@ -microservice-chart: - namespace: "cittadini" - - image: - repository: ghcr.io/pagopa/arc-be - tag: v1.2.0@sha256:cbcbbde7ade1c5e15ed2fd934433795ca52203139811a670968673f31abf9453 - pullPolicy: Always - - autoscaling: - enable: true - minReplica: 3 - maxReplica: 3 - pollingInterval: 30 # seconds - cooldownPeriod: 300 # seconds - triggers: - - type: cpu - metadata: - type: Utilization # Allowed types are 'Utilization' or 'AverageValue' - value: "50" - - ingress: - host: "citizen.internal.cittadini.pagopa.it" - create: true - path: /arcbe/(.*) - - envConfig: - ENV: "PROD" - JAVA_TOOL_OPTIONS: "-Xms1024m -Xmx1024m -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" - AUTH_CLIENT_REDIRECT_URI: https://cittadini.pagopa.it/pagamenti/auth-callback - AUTH_ISSUER_URI: https://oneid.pagopa.it - AUTH_CLIENT_AUTHORIZATION_URI: https://oneid.pagopa.it/login - AUTH_CLIENT_TOKEN_URI: https://oneid.pagopa.it/oidc/token - AUTH_CLIENT_JWK_URI: https://oneid.pagopa.it/oidc/keys - APPLICATIONINSIGHTS_ROLE_NAME: "pagopaarcbe" - APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL: "OFF" - APPLICATIONINSIGHTS_INSTRUMENTATION_MICROMETER_ENABLED: "false" - APPLICATIONINSIGHTS_PREVIEW_PROFILER_ENABLED: "false" - ENABLE_AUDIT_APPENDER: "TRUE" - JWT_TOKEN_EXPIRATION_SECONDS: "28800" - REDIS_PORT: "6380" - REDIS_SSL_ENABLED: "true" - - externalConfigMapValues: - rest-client: - BIZ_EVENTS_PAID_NOTICE_BASE_URL: bizevents-paids-base-url - PULL_PAYMENT_BASE_URL: pullpayment-base-url - GPD_SERVICE_BASE_URL: gpd-service-base-url - assistance: - ASSISTANCE_ZENDESK_PRODUCT_ID: assistance-arc-zendesk-product-id - ASSISTANCE_ZENDESK_ORGANIZATION: assistance-arc-zendesk-organization - HELP_CENTER_URL: arc-help-center-url - ZENDESK_ACTION_URL: zendesk-action-url - - envSecret: - APPLICATIONINSIGHTS_CONNECTION_STRING: appinsights-connection-string - BIZ_EVENTS_PAID_NOTICE_SERVICE_API_KEY: pagopa-bizevents-paids-trx-apimv1-subscription-key - PULL_PAYMENT_SERVICE_API_KEY: pagopa-pullpayment-apimv1-subscription-key - GPD_SERVICE_API_KEY: pagopa-gpd-debt-positions-apimv1-subscription-key - AUTH_CLIENT_ID: oneidentity-client-id - AUTH_CLIENT_SECRET: oneidentity-client-secret - JWT_TOKEN_PRIVATE_KEY: jwt-private-key - JWT_TOKEN_PUBLIC_KEY: jwt-public-key - JWT_TOKEN_ASSISTANCE_ZENDESK_PRIVATE_KEY: jwt-assistance-zendesk-private-key - WHITE_LIST_USERS: cf-whitelist - REDIS_HOST: cache-standalone-host - REDIS_PASSWORD: cache-password - - externalConfigMapFiles: - create: true - configMaps: - - name: appinsights-config - key: applicationinsights.json - - resources: - requests: - memory: " 2048Mi" - cpu: "1000m" - limits: - memory: " 2048Mi" - cpu: "1000m" - - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - initialDelaySeconds: 60 - failureThreshold: 15 - periodSeconds: 10 - timeoutSeconds: 2 - - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - initialDelaySeconds: 60 - failureThreshold: 15 - periodSeconds: 10 - timeoutSeconds: 2 - - deployment: - create: true - - service: - create: true - type: ClusterIP - port: 8080 - - podAnnotations: {} - - podSecurityContext: - seccompProfile: - type: RuntimeDefault - - securityContext: - allowPrivilegeEscalation: false - runAsNonRoot: true - runAsUser: 65534 - runAsGroup: 65534 - - # nodeSelector: {} - - # tolerations: [] - - # affinity: {} - - keyvault: - name: "arc-p-itn-cittadini-kv" - tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" diff --git a/helm/prod/base/three-color/Chart.yaml b/helm/prod/base/three-color/Chart.yaml new file mode 100644 index 0000000..25e6366 --- /dev/null +++ b/helm/prod/base/three-color/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: payhub-three-color +description: An example application with Java spring boot +type: application +version: 1.1.1 +appVersion: 1.1.1 +dependencies: +- name: microservice-chart + version: 7.3.1 + repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/prod/base/three-color/deploy.sh b/helm/prod/base/three-color/deploy.sh new file mode 100644 index 0000000..2cf5278 --- /dev/null +++ b/helm/prod/base/three-color/deploy.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks three-color diff --git a/helm/prod/base/three-color/force-deploy b/helm/prod/base/three-color/force-deploy new file mode 100644 index 0000000..f70509d --- /dev/null +++ b/helm/prod/base/three-color/force-deploy @@ -0,0 +1 @@ +1601 diff --git a/helm/prod/base/three-color/values.yaml b/helm/prod/base/three-color/values.yaml new file mode 100644 index 0000000..d5268b6 --- /dev/null +++ b/helm/prod/base/three-color/values.yaml @@ -0,0 +1,89 @@ +microservice-chart: + namespace: "payhub" + + deployment: + create: true + replicas: 1 + + envConfig: + APP: basic + MY_APP_COLOR: "green" + + envSecret: + MY_KV_SECRET: argocd-server-url + + image: + repository: ghcr.io/pagopa/devops-java-springboot-color + tag: latest + pullPolicy: Always + + tmpVolumeMount: + create: true + mounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /app/logs + + livenessProbe: + httpGet: + path: /status/live + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /status/ready + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + service: + create: true + type: ClusterIP + ports: + - 8080 + + ingress: + create: true + host: hub.internal.dev.p4pa.pagopa.it + path: /payhub/three-color(/|$)(.*) + rewriteTarget: /$2 + servicePort: 8080 + + resources: + requests: + memory: "256Mi" + cpu: "150m" + limits: + memory: "256Mi" + cpu: "150m" + + keyvault: + name: "p4pa-d-payhub-kv" + tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" + + podDisruptionBudget: + create: false + +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.azure.com/mode +# operator: In +# values: +# - user +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchLabels: +# aadpodidbinding: payhub-pod-identity +# namespaces: ["payhub"] +# topologyKey: topology.kubernetes.io/zthree diff --git a/helm/prod/force-prod b/helm/prod/force-prod new file mode 100644 index 0000000..6cb3869 --- /dev/null +++ b/helm/prod/force-prod @@ -0,0 +1 @@ +1009 diff --git a/helm/prod/mid/two-color/Chart.yaml b/helm/prod/mid/two-color/Chart.yaml new file mode 100644 index 0000000..51cc437 --- /dev/null +++ b/helm/prod/mid/two-color/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: payhub-two-color +description: An example application with Java spring boot +type: application +version: 1.1.1 +appVersion: 1.1.1 +dependencies: +- name: microservice-chart + version: 7.3.1 + repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/prod/mid/two-color/deploy.sh b/helm/prod/mid/two-color/deploy.sh new file mode 100644 index 0000000..b6bd5ce --- /dev/null +++ b/helm/prod/mid/two-color/deploy.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks two-color diff --git a/helm/prod/mid/two-color/force-deploy b/helm/prod/mid/two-color/force-deploy new file mode 100644 index 0000000..f70509d --- /dev/null +++ b/helm/prod/mid/two-color/force-deploy @@ -0,0 +1 @@ +1601 diff --git a/helm/prod/mid/two-color/values.yaml b/helm/prod/mid/two-color/values.yaml new file mode 100644 index 0000000..67ee22f --- /dev/null +++ b/helm/prod/mid/two-color/values.yaml @@ -0,0 +1,90 @@ +microservice-chart: + namespace: "payhub" + + deployment: + create: true + replicas: 1 + + envConfig: + APP: basic + MY_APP_COLOR: "green" + + envSecret: + MY_KV_SECRET: argocd-server-url + + image: + repository: ghcr.io/pagopa/devops-java-springboot-color + tag: latest + pullPolicy: Always + + tmpVolumeMount: + create: true + mounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /app/logs + + livenessProbe: + httpGet: + path: /status/live + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /status/ready + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + service: + create: true + type: ClusterIP + ports: + - 8080 + + ingress: + create: true + host: hub.internal.dev.p4pa.pagopa.it + path: /payhub/two-color(/|$)(.*) + rewriteTarget: /$2 + servicePort: 8080 + + resources: + requests: + memory: "256Mi" + cpu: "150m" + limits: + memory: "256Mi" + cpu: "150m" + + keyvault: + name: "p4pa-d-payhub-kv" + tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" + + podDisruptionBudget: + create: false + minAvailable: 1 + +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.azure.com/mode +# operator: In +# values: +# - user +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchLabels: +# aadpodidbinding: payhub-pod-identity +# namespaces: ["payhub"] +# topologyKey: topology.kubernetes.io/ztwo diff --git a/helm/prod/top/one-color/Chart.yaml b/helm/prod/top/one-color/Chart.yaml new file mode 100644 index 0000000..0b353fd --- /dev/null +++ b/helm/prod/top/one-color/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: payhub-one-color +description: An example application with Java spring boot +type: application +version: 1.1.1 +appVersion: 1.1.1 +dependencies: +- name: microservice-chart + version: 7.3.1 + repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/prod/top/one-color/deploy.sh b/helm/prod/top/one-color/deploy.sh new file mode 100644 index 0000000..0dea881 --- /dev/null +++ b/helm/prod/top/one-color/deploy.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks one-color diff --git a/helm/prod/top/one-color/force-deploy b/helm/prod/top/one-color/force-deploy new file mode 100644 index 0000000..047d57f --- /dev/null +++ b/helm/prod/top/one-color/force-deploy @@ -0,0 +1 @@ +1658 diff --git a/helm/prod/top/one-color/values.yaml b/helm/prod/top/one-color/values.yaml new file mode 100644 index 0000000..bba7481 --- /dev/null +++ b/helm/prod/top/one-color/values.yaml @@ -0,0 +1,96 @@ +#postman-test: +# run: true +# nameRepo: devops-java-springboot-color +# dir: src/test/postman +# collectionName: mil-papos.postman_collection.json +# envVariables: dev.postman_environment.json + +microservice-chart: + namespace: "payhub" + + deployment: + create: true + replicas: 1 + + envConfig: + APP: basic + MY_APP_COLOR: "green" + + envSecret: + MY_KV_SECRET: argocd-server-url + + image: + repository: ghcr.io/pagopa/devops-java-springboot-color + tag: develop-latest + pullPolicy: Always + + tmpVolumeMount: + create: true + mounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /app/logs + + livenessProbe: + httpGet: + path: /status/live + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /status/ready + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + service: + create: true + type: ClusterIP + ports: + - 8080 + + ingress: + create: true + host: hub.internal.dev.p4pa.pagopa.it + path: /payhub/one-color(/|$)(.*) + rewriteTarget: /$2 + servicePort: 8080 + + resources: + requests: + memory: "256Mi" + cpu: "150m" + limits: + memory: "256Mi" + cpu: "150m" + + keyvault: + name: "p4pa-d-payhub-kv" + tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" + + podDisruptionBudget: + create: false + +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.azure.com/mode +# operator: In +# values: +# - user +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchLabels: +# aadpodidbinding: payhub-pod-identity +# namespaces: ["payhub"] +# topologyKey: topology.kubernetes.io/zone diff --git a/helm/uat/arc-be/.helmignore b/helm/uat/arc-be/.helmignore deleted file mode 100644 index 0e8a0eb..0000000 --- a/helm/uat/arc-be/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ diff --git a/helm/uat/arc-be/Chart.yaml b/helm/uat/arc-be/Chart.yaml deleted file mode 100644 index 7914def..0000000 --- a/helm/uat/arc-be/Chart.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v2 -name: pagopa-arc-be -description: pagopa-arc-be -type: application -version: 1.0.0 -appVersion: 1.0.0 -dependencies: - - name: microservice-chart - version: 7.3.1 - repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/uat/arc-be/values.yaml b/helm/uat/arc-be/values.yaml deleted file mode 100644 index 33637bb..0000000 --- a/helm/uat/arc-be/values.yaml +++ /dev/null @@ -1,135 +0,0 @@ -microservice-chart: - namespace: "cittadini" - - image: - repository: ghcr.io/pagopa/arc-be - tag: uat-latest - pullPolicy: Always - - autoscaling: - enable: false - # minReplica: 1 - # maxReplica: 1 - # pollingInterval: 30 # seconds - # cooldownPeriod: 300 # seconds - # triggers: - # - type: cpu - # metadata: - # type: Utilization # Allowed types are 'Utilization' or 'AverageValue' - # value: "70" - - ingress: - host: "citizen.internal.uat.cittadini.pagopa.it" - create: true - path: /arcbe/(.*) - - resources: - requests: - memory: "2048Mi" - cpu: "1000m" - limits: - memory: "2048Mi" - cpu: "1000m" - - envConfig: - ENV: "UAT" - JAVA_TOOL_OPTIONS: "-Xms1024m -Xmx1024m -Djava.util.concurrent.ForkJoinPool.common.parallelism=7 -javaagent:/app/applicationinsights-agent.jar -Dapplicationinsights.configuration.file=/mnt/file-config-external/appinsights-config/applicationinsights.json -agentlib:jdwp=transport=dt_socket,server=y,address=8001,suspend=n -Dcom.sun.management.jmxremote=true -Dcom.sun.management.jmxremote.port=3002 -Dcom.sun.management.jmxremote.rmi.port=3003 -Djava.rmi.server.hostname=127.0.0.1 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false" - AUTH_CLIENT_REDIRECT_URI: https://uat.cittadini.pagopa.it/pagamenti/auth-callback - AUTH_ISSUER_URI: https://uat.oneid.pagopa.it - AUTH_CLIENT_AUTHORIZATION_URI: https://uat.oneid.pagopa.it/login - AUTH_CLIENT_TOKEN_URI: https://uat.oneid.pagopa.it/oidc/token - AUTH_CLIENT_JWK_URI: https://uat.oneid.pagopa.it/oidc/keys - APPLICATIONINSIGHTS_ROLE_NAME: "pagopaarcbe" - APPLICATIONINSIGHTS_INSTRUMENTATION_LOGGING_LEVEL: "OFF" - APPLICATIONINSIGHTS_INSTRUMENTATION_MICROMETER_ENABLED: "false" - APPLICATIONINSIGHTS_PREVIEW_PROFILER_ENABLED: "false" - ENABLE_AUDIT_APPENDER: "TRUE" - JWT_TOKEN_EXPIRATION_SECONDS: "28800" - REDIS_PORT: "6380" - REDIS_SSL_ENABLED: "true" - - externalConfigMapValues: - rest-client: - BIZ_EVENTS_PAID_NOTICE_BASE_URL: bizevents-paids-base-url - PULL_PAYMENT_BASE_URL: pullpayment-base-url - GPD_SERVICE_BASE_URL: gpd-service-base-url - assistance: - ASSISTANCE_ZENDESK_PRODUCT_ID: assistance-arc-zendesk-product-id - ASSISTANCE_ZENDESK_ORGANIZATION: assistance-arc-zendesk-organization - HELP_CENTER_URL: arc-help-center-url - ZENDESK_ACTION_URL: zendesk-action-url - - envSecret: - APPLICATIONINSIGHTS_CONNECTION_STRING: appinsights-connection-string - BIZ_EVENTS_PAID_NOTICE_SERVICE_API_KEY: pagopa-bizevents-paids-trx-apimv1-subscription-key - PULL_PAYMENT_SERVICE_API_KEY: pagopa-pullpayment-apimv1-subscription-key - GPD_SERVICE_API_KEY: pagopa-gpd-debt-positions-apimv1-subscription-key - AUTH_CLIENT_ID: oneidentity-client-id - AUTH_CLIENT_SECRET: oneidentity-client-secret - JWT_TOKEN_PRIVATE_KEY: jwt-private-key - JWT_TOKEN_PUBLIC_KEY: jwt-public-key - JWT_TOKEN_ASSISTANCE_ZENDESK_PRIVATE_KEY: jwt-assistance-zendesk-private-key - WHITE_LIST_USERS: cf-whitelist - REDIS_HOST: cache-standalone-host - REDIS_PASSWORD: cache-password - - externalConfigMapFiles: - create: true - configMaps: - - name: appinsights-config - key: applicationinsights.json - - livenessProbe: - httpGet: - path: /actuator/health/liveness - port: 8080 - initialDelaySeconds: 60 - failureThreshold: 15 - periodSeconds: 10 - timeoutSeconds: 2 - - readinessProbe: - httpGet: - path: /actuator/health/readiness - port: 8080 - initialDelaySeconds: 60 - failureThreshold: 15 - periodSeconds: 10 - timeoutSeconds: 2 - - deployment: - create: true - - service: - create: true - type: ClusterIP - port: 8080 - - podAnnotations: {} - - podSecurityContext: - seccompProfile: - type: RuntimeDefault - - securityContext: - allowPrivilegeEscalation: false - runAsNonRoot: true - runAsUser: 65534 - runAsGroup: 65534 - - # nodeSelector: {} - - # tolerations: [] - - # affinity: {} - - keyvault: - name: "arc-u-itn-cittadini-kv" - tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" - -postman-test: - run: true - repoName: arc-be - dir: postman - collectionName: "pagopa-arc-E2E.postman_collection.json" - envVariablesFile: "arc_UAT.postman_environment.json" #inside azdo secure files diff --git a/helm/uat/base/three-color/Chart.yaml b/helm/uat/base/three-color/Chart.yaml new file mode 100644 index 0000000..25e6366 --- /dev/null +++ b/helm/uat/base/three-color/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: payhub-three-color +description: An example application with Java spring boot +type: application +version: 1.1.1 +appVersion: 1.1.1 +dependencies: +- name: microservice-chart + version: 7.3.1 + repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/uat/base/three-color/deploy.sh b/helm/uat/base/three-color/deploy.sh new file mode 100644 index 0000000..2cf5278 --- /dev/null +++ b/helm/uat/base/three-color/deploy.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks three-color diff --git a/helm/uat/base/three-color/force-deploy b/helm/uat/base/three-color/force-deploy new file mode 100644 index 0000000..f70509d --- /dev/null +++ b/helm/uat/base/three-color/force-deploy @@ -0,0 +1 @@ +1601 diff --git a/helm/uat/base/three-color/values.yaml b/helm/uat/base/three-color/values.yaml new file mode 100644 index 0000000..d5268b6 --- /dev/null +++ b/helm/uat/base/three-color/values.yaml @@ -0,0 +1,89 @@ +microservice-chart: + namespace: "payhub" + + deployment: + create: true + replicas: 1 + + envConfig: + APP: basic + MY_APP_COLOR: "green" + + envSecret: + MY_KV_SECRET: argocd-server-url + + image: + repository: ghcr.io/pagopa/devops-java-springboot-color + tag: latest + pullPolicy: Always + + tmpVolumeMount: + create: true + mounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /app/logs + + livenessProbe: + httpGet: + path: /status/live + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /status/ready + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + service: + create: true + type: ClusterIP + ports: + - 8080 + + ingress: + create: true + host: hub.internal.dev.p4pa.pagopa.it + path: /payhub/three-color(/|$)(.*) + rewriteTarget: /$2 + servicePort: 8080 + + resources: + requests: + memory: "256Mi" + cpu: "150m" + limits: + memory: "256Mi" + cpu: "150m" + + keyvault: + name: "p4pa-d-payhub-kv" + tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" + + podDisruptionBudget: + create: false + +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.azure.com/mode +# operator: In +# values: +# - user +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchLabels: +# aadpodidbinding: payhub-pod-identity +# namespaces: ["payhub"] +# topologyKey: topology.kubernetes.io/zthree diff --git a/helm/uat/force-uat b/helm/uat/force-uat new file mode 100644 index 0000000..6cb3869 --- /dev/null +++ b/helm/uat/force-uat @@ -0,0 +1 @@ +1009 diff --git a/helm/uat/mid/two-color/Chart.yaml b/helm/uat/mid/two-color/Chart.yaml new file mode 100644 index 0000000..51cc437 --- /dev/null +++ b/helm/uat/mid/two-color/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: payhub-two-color +description: An example application with Java spring boot +type: application +version: 1.1.1 +appVersion: 1.1.1 +dependencies: +- name: microservice-chart + version: 7.3.1 + repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/uat/mid/two-color/deploy.sh b/helm/uat/mid/two-color/deploy.sh new file mode 100644 index 0000000..b6bd5ce --- /dev/null +++ b/helm/uat/mid/two-color/deploy.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks two-color diff --git a/helm/uat/mid/two-color/force-deploy b/helm/uat/mid/two-color/force-deploy new file mode 100644 index 0000000..f70509d --- /dev/null +++ b/helm/uat/mid/two-color/force-deploy @@ -0,0 +1 @@ +1601 diff --git a/helm/uat/mid/two-color/values.yaml b/helm/uat/mid/two-color/values.yaml new file mode 100644 index 0000000..67ee22f --- /dev/null +++ b/helm/uat/mid/two-color/values.yaml @@ -0,0 +1,90 @@ +microservice-chart: + namespace: "payhub" + + deployment: + create: true + replicas: 1 + + envConfig: + APP: basic + MY_APP_COLOR: "green" + + envSecret: + MY_KV_SECRET: argocd-server-url + + image: + repository: ghcr.io/pagopa/devops-java-springboot-color + tag: latest + pullPolicy: Always + + tmpVolumeMount: + create: true + mounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /app/logs + + livenessProbe: + httpGet: + path: /status/live + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /status/ready + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + service: + create: true + type: ClusterIP + ports: + - 8080 + + ingress: + create: true + host: hub.internal.dev.p4pa.pagopa.it + path: /payhub/two-color(/|$)(.*) + rewriteTarget: /$2 + servicePort: 8080 + + resources: + requests: + memory: "256Mi" + cpu: "150m" + limits: + memory: "256Mi" + cpu: "150m" + + keyvault: + name: "p4pa-d-payhub-kv" + tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" + + podDisruptionBudget: + create: false + minAvailable: 1 + +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.azure.com/mode +# operator: In +# values: +# - user +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchLabels: +# aadpodidbinding: payhub-pod-identity +# namespaces: ["payhub"] +# topologyKey: topology.kubernetes.io/ztwo diff --git a/helm/uat/top/one-color/Chart.yaml b/helm/uat/top/one-color/Chart.yaml new file mode 100644 index 0000000..0b353fd --- /dev/null +++ b/helm/uat/top/one-color/Chart.yaml @@ -0,0 +1,10 @@ +apiVersion: v2 +name: payhub-one-color +description: An example application with Java spring boot +type: application +version: 1.1.1 +appVersion: 1.1.1 +dependencies: +- name: microservice-chart + version: 7.3.1 + repository: "https://pagopa.github.io/aks-microservice-chart-blueprint" diff --git a/helm/uat/top/one-color/deploy.sh b/helm/uat/top/one-color/deploy.sh new file mode 100644 index 0000000..0dea881 --- /dev/null +++ b/helm/uat/top/one-color/deploy.sh @@ -0,0 +1,3 @@ +#!/bin/bash + +../../../scripts/deploy.sh values.yaml payhub p4pa-d-itn-dev-aks one-color diff --git a/helm/uat/top/one-color/force-deploy b/helm/uat/top/one-color/force-deploy new file mode 100644 index 0000000..047d57f --- /dev/null +++ b/helm/uat/top/one-color/force-deploy @@ -0,0 +1 @@ +1658 diff --git a/helm/uat/top/one-color/values.yaml b/helm/uat/top/one-color/values.yaml new file mode 100644 index 0000000..bba7481 --- /dev/null +++ b/helm/uat/top/one-color/values.yaml @@ -0,0 +1,96 @@ +#postman-test: +# run: true +# nameRepo: devops-java-springboot-color +# dir: src/test/postman +# collectionName: mil-papos.postman_collection.json +# envVariables: dev.postman_environment.json + +microservice-chart: + namespace: "payhub" + + deployment: + create: true + replicas: 1 + + envConfig: + APP: basic + MY_APP_COLOR: "green" + + envSecret: + MY_KV_SECRET: argocd-server-url + + image: + repository: ghcr.io/pagopa/devops-java-springboot-color + tag: develop-latest + pullPolicy: Always + + tmpVolumeMount: + create: true + mounts: + - name: tmp + mountPath: /tmp + - name: logs + mountPath: /app/logs + + livenessProbe: + httpGet: + path: /status/live + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + readinessProbe: + httpGet: + path: /status/ready + port: 8080 + initialDelaySeconds: 30 + failureThreshold: 6 + periodSeconds: 10 + + service: + create: true + type: ClusterIP + ports: + - 8080 + + ingress: + create: true + host: hub.internal.dev.p4pa.pagopa.it + path: /payhub/one-color(/|$)(.*) + rewriteTarget: /$2 + servicePort: 8080 + + resources: + requests: + memory: "256Mi" + cpu: "150m" + limits: + memory: "256Mi" + cpu: "150m" + + keyvault: + name: "p4pa-d-payhub-kv" + tenantId: "7788edaf-0346-4068-9d79-c868aed15b3d" + + podDisruptionBudget: + create: false + +# affinity: +# nodeAffinity: +# requiredDuringSchedulingIgnoredDuringExecution: +# nodeSelectorTerms: +# - matchExpressions: +# - key: kubernetes.azure.com/mode +# operator: In +# values: +# - user +# podAntiAffinity: +# preferredDuringSchedulingIgnoredDuringExecution: +# - weight: 100 +# podAffinityTerm: +# labelSelector: +# matchLabels: +# aadpodidbinding: payhub-pod-identity +# namespaces: ["payhub"] +# topologyKey: topology.kubernetes.io/zone diff --git a/scripts/deploy.sh b/scripts/deploy.sh new file mode 100644 index 0000000..1356443 --- /dev/null +++ b/scripts/deploy.sh @@ -0,0 +1,63 @@ +#!/bin/bash + +set -e # Exit the script if any command fails + +### How to use +# +# deploy.sh +# deploy.sh values.yaml mil cstar-d-weu-dev01-aks status +# +# + +# Function to handle errors +handle_error() { + echo "❌ Error: $1" >&2 + exit 1 +} + +# Parameter verification +VALUES_FILE_NAME=$1 +NAMESPACE=$2 +CLUSTER_NAME=$3 # New parameter for cluster name +APP_NAME=$4 + +if [ -z "$VALUES_FILE_NAME" ] || [ -z "$NAMESPACE" ] || [ -z "$APP_NAME" ] || [ -z "$CLUSTER_NAME" ]; then + handle_error "All parameters are required: VALUES_FILE_NAME NAMESPACE APP_NAME CLUSTER_NAME" +fi + +# Check if kubectl is installed +if ! command -v kubectl &> /dev/null; then + handle_error "kubectl is not installed. Please install it and try again." +fi + +# Check if helm is installed +if ! command -v helm &> /dev/null; then + handle_error "Helm is not installed. Please install it and try again." +fi + +echo "🔄 Switching Kubernetes context to cluster $CLUSTER_NAME" +if ! kubectl config use-context "$CLUSTER_NAME"; then + handle_error "Unable to switch context to $CLUSTER_NAME. Make sure the cluster exists in your kubeconfig." +fi + +echo "🪚 Deleting charts folder" +rm -rf charts || handle_error "Unable to delete charts folder" + +echo "🔨 Starting Helm Template" +helm dep build && helm template . -f "$VALUES_FILE_NAME" --debug + + +echo "🚀 Launch helm deploy" +# Execute helm upgrade/install command and capture output and exit code +helm upgrade --namespace "$NAMESPACE" \ + --install --values "$VALUES_FILE_NAME" \ + --wait --timeout 3m0s "$APP_NAME" . + +exit_code=$? + +# Check the command result +if [ $exit_code -ne 0 ]; then + handle_error "Failed to upgrade/install Helm chart" +else + echo "✅ Release installation completed successfully" +fi