diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml index 5a8ed638ac..39a6441b54 100644 --- a/.github/workflows/push.yml +++ b/.github/workflows/push.yml @@ -112,6 +112,9 @@ jobs: --set mocks.oauth=True \ --set development=True \ --set general.port=8080 \ + --set database.backend.internal.password="secret" \ + --set database.guacamole.internal.password="secret" \ + --set valkey.password="secret" \ --set backend.authentication.oauth.endpoints.wellKnown="http://test-oauth-mock:8080/default/.well-known/openid-configuration" \ ./helm - name: Wait for all containers to be ready diff --git a/Makefile b/Makefile index def8736bde..3e5129369a 100644 --- a/Makefile +++ b/Makefile @@ -103,6 +103,11 @@ helm-deploy: --set cluster.ingressClassName=traefik \ --set cluster.ingressNamespace=kube-system \ --set backend.k8sSessionNamespace="$(SESSION_NAMESPACE)" \ + --set loki.gateway.basicAuth.password="localLokiPassword" \ + --set grafana.adminPassword="admin" \ + --set database.backend.internal.password="secret" \ + --set database.guacamole.internal.password="secret" \ + --set valkey.password="secret" \ $(RELEASE) $$HELM_PACKAGE_DIR/collab-manager-*.tgz rm -rf "$$HELM_PACKAGE_DIR" $(MAKE) provision-guacamole wait diff --git a/README.md b/README.md index 7c1803809a..f40532d781 100644 --- a/README.md +++ b/README.md @@ -71,6 +71,11 @@ https://github.com/DSD-DBS/capella-collab-manager/assets/23395732/01c5dc34-7792- ### Running Locally with k3d +The following instructions are not suitable for a production deployment, but +can be used to try out the features of the Collaboration Manager locally. You +can find the installation guide for a production deployment in the +[general documentation](https://dsd-dbs.github.io/capella-collab-manager/admin/installation/). + #### Prerequisites To deploy the application you need: @@ -182,11 +187,6 @@ Once the cluster is installed and all services are running [Getting started guide](https://dsd-dbs.github.io/capella-collab-manager/admin/getting_started/getting_started/) and be up and running in a few minutes. -### Deployment - -You can find the installation guide for a production deployment in the -[general documentation](https://dsd-dbs.github.io/capella-collab-manager/admin/installation/). - ## How it Works The Capella Collaboration Manager consists of a couple of components: diff --git a/helm/config/backend.yaml b/helm/config/backend.yaml index 35137d6ccf..88bbaaa3f1 100644 --- a/helm/config/backend.yaml +++ b/helm/config/backend.yaml @@ -24,8 +24,8 @@ k8s: promtail: lokiEnabled: {{ .Values.loki.enabled }} lokiURL: http://loki-gateway.{{- .Release.Namespace -}}.svc.cluster.local/loki/api/v1 - lokiUsername: {{ .Values.definitions.loki.username }} - lokiPassword: {{ .Values.definitions.loki.password }} + lokiUsername: {{ .Values.loki.gateway.basicAuth.username }} + lokiPassword: {{ .Values.loki.gateway.basicAuth.password }} serverPort: 3101 general: diff --git a/helm/templates/backend/postgres.deployment.yaml b/helm/templates/backend/postgres.deployment.yaml index 0bec8b49f0..49492a9373 100644 --- a/helm/templates/backend/postgres.deployment.yaml +++ b/helm/templates/backend/postgres.deployment.yaml @@ -42,7 +42,7 @@ spec: - name: POSTGRES_DB value: backend - name: POSTGRES_PASSWORD - value: {{ .Values.database.backend.internal.password }} + value: {{ .Values.database.backend.internal.password | required ".Values.database.backend.internal.password is required. Please generate a random password and set it in the values.yaml." }} - name: POSTGRES_USER value: backend ports: diff --git a/helm/templates/grafana/grafana.configmap.yaml b/helm/templates/grafana/grafana.configmap.yaml index 5014e0b1a2..d33612c1ab 100644 --- a/helm/templates/grafana/grafana.configmap.yaml +++ b/helm/templates/grafana/grafana.configmap.yaml @@ -13,8 +13,7 @@ data: grafana.ini: | [security] admin_user = {{ .Values.grafana.adminUser }} - admin_password = {{ .Values.grafana.adminPassword }} - + admin_password = {{ .Values.grafana.adminPassword | required ".Values.grafana.adminPassword is required. Please generate a random password and set it in the values.yaml." }} [paths] data = /var/lib/grafana/ logs = /var/log/grafana @@ -64,9 +63,9 @@ data: orgId: 1 url: http://loki-gateway.{{ .Release.Namespace }}.svc.cluster.local basicAuth: true - basicAuthUser: {{ .Values.definitions.loki.username }} + basicAuthUser: {{ .Values.loki.gateway.basicAuth.username }} secureJsonData: - basicAuthPassword: {{ .Values.definitions.loki.password }} + basicAuthPassword: {{ .Values.loki.gateway.basicAuth.password | required ".Values.loki.gateway.basicAuth.password is required. Please generate a random password and set it in the values.yaml." }} version: 1 editable: false {{ end }} diff --git a/helm/templates/guacamole/postgres.deployment.yaml b/helm/templates/guacamole/postgres.deployment.yaml index b5166fdb96..72e5760ad0 100644 --- a/helm/templates/guacamole/postgres.deployment.yaml +++ b/helm/templates/guacamole/postgres.deployment.yaml @@ -47,7 +47,7 @@ spec: - name: POSTGRES_DB value: guacamole - name: POSTGRES_PASSWORD - value: {{ .Values.database.guacamole.internal.password }} + value: {{ .Values.database.guacamole.internal.password | required ".Values.database.guacamole.internal.password is required. Please generate a random password and set it in the values.yaml." }} - name: POSTGRES_USER value: guacamole - name: POSTGRES_HOST_AUTH_METHOD diff --git a/helm/templates/promtail/_promtail.tpl b/helm/templates/promtail/_promtail.tpl index 0179002327..4fa145db35 100644 --- a/helm/templates/promtail/_promtail.tpl +++ b/helm/templates/promtail/_promtail.tpl @@ -5,8 +5,8 @@ clients: - url: http://loki-gateway.{{- .Release.Namespace -}}.svc.cluster.local/loki/api/v1/push basic_auth: - username: {{ .Values.definitions.loki.username }} - password: {{ .Values.definitions.loki.password }} + username: {{ .Values.loki.gateway.basicAuth.username }} + password: {{ .Values.loki.gateway.basicAuth.password }} server: http_listen_port: 3101 {{- end }} diff --git a/helm/templates/valkey/valkey.secret.yaml b/helm/templates/valkey/valkey.secret.yaml index ae4b1bf422..6e72d99f17 100644 --- a/helm/templates/valkey/valkey.secret.yaml +++ b/helm/templates/valkey/valkey.secret.yaml @@ -10,4 +10,4 @@ metadata: type: Opaque stringData: valkey.conf: | - requirepass {{ .Values.valkey.password }} + requirepass {{ .Values.valkey.password | required ".Values.valkey.password is required. Please generate a random password and set it in the values.yaml." }} diff --git a/helm/values.yaml b/helm/values.yaml index d3fed5a4ec..6ad495fbd0 100644 --- a/helm/values.yaml +++ b/helm/values.yaml @@ -100,7 +100,7 @@ database: ###### IF database.guacamole.deploy == True ###### # Admin password of the database - password: secret + password: null external: ###### IF database.guacamole.deploy == False ###### @@ -135,7 +135,7 @@ database: ###### IF database.backend.deploy == True ###### # Admin password of the database - password: secret + password: null external: ###### IF database.backend.deploy == False ###### @@ -144,7 +144,7 @@ database: uri: postgresql://user:password@url:port/db_name valkey: - password: secret + password: null backend: authentication: @@ -258,16 +258,10 @@ promtail: storageAccessMode: ReadWriteOnce storageClassName: local-path -definitions: - loki: - # Default username & password for Loki - username: &lokiUsername localLokiUser - password: &lokiPassword localLokiPassword - # Default passwords for Grafana grafana: adminUser: admin - adminPassword: admin + adminPassword: null # https://github.com/grafana/loki/blob/main/production/helm/loki/values.yaml loki: @@ -284,8 +278,8 @@ loki: gateway: basicAuth: enabled: True - username: *lokiUsername - password: *lokiPassword + username: localLokiUser + password: null resources: &resourcesLoki limits: cpu: '1'