diff --git a/config.tfvars b/config.tfvars index 7df97eb5..8786f1d7 100644 --- a/config.tfvars +++ b/config.tfvars @@ -504,13 +504,21 @@ bitbucket_db_name = "bitbucket" #bitbucket_nfs_limits_cpu = "" #bitbucket_nfs_limits_memory = "" -# Elasticsearch resource configuration for Bitbucket -#bitbucket_elasticsearch_requests_cpu = "" -#bitbucket_elasticsearch_requests_memory = "" -#bitbucket_elasticsearch_limits_cpu = "" -#bitbucket_elasticsearch_limits_memory = "" -#bitbucket_elasticsearch_storage = "" -#bitbucket_elasticsearch_replicas = "" +# OpenSearch resource configuration for Bitbucket +#bitbucket_opensearch_requests_cpu = "" +#bitbucket_opensearch_requests_memory = "" +#bitbucket_opensearch_limits_cpu = "" +#bitbucket_opensearch_limits_memory = "" +#bitbucket_opensearch_storage = "" +#bitbucket_opensearch_replicas = "" +#bitbucket_opensearch_java_opts = "" + +# Configure access to external OpenSearch (created outside Terraform modules) +#bitbucket_opensearch_endpoint = "" +#bitbucket_opensearch_secret_name = "" +#bitbucket_opensearch_secret_username_key = "" +#bitbucket_opensearch_secret_password_key = "" + # Dataset size. Used only when snapshots_json_file_path is defined. Defaults to large # bitbucket_dataset_size = "large" @@ -729,4 +737,4 @@ crowd_db_name = "crowd" #crowd_license = "" # A list of JVM arguments to be passed to the server. Defaults to an empty list. -# crowd_additional_jvm_args = ["-Dproperty=value", "-Dproperty1=value1"] \ No newline at end of file +# crowd_additional_jvm_args = ["-Dproperty=value", "-Dproperty1=value1"] diff --git a/dc-infrastructure.tf b/dc-infrastructure.tf index 71b3b465..fa18d921 100644 --- a/dc-infrastructure.tf +++ b/dc-infrastructure.tf @@ -19,11 +19,11 @@ module "base-infrastructure" { enable_https_ingress = var.enable_https_ingress create_external_dns = var.create_external_dns additional_namespaces = var.additional_namespaces - enable_ssh_tcp = local.install_bitbucket - osquery_secret_name = var.osquery_fleet_enrollment_secret_name - osquery_secret_region = var.osquery_fleet_enrollment_secret_region_aws - osquery_env = var.osquery_env - osquery_version = var.osquery_version + enable_ssh_tcp = local.install_bitbucket + osquery_secret_name = var.osquery_fleet_enrollment_secret_name + osquery_secret_region = var.osquery_fleet_enrollment_secret_region_aws + osquery_env = var.osquery_env + osquery_version = var.osquery_version kinesis_log_producers_role_arns = var.kinesis_log_producers_role_arns osquery_fleet_enrollment_host = var.osquery_fleet_enrollment_host @@ -242,11 +242,11 @@ module "confluence" { # If local Helm charts path is provided, Terraform will then install using local charts and ignores remote registry local_confluence_chart_path = local.local_confluence_chart_path - opensearch_enabled = var.confluence_opensearch_enabled - opensearch_requests_cpu = var.confluence_opensearch_requests_cpu - opensearch_requests_memory = var.confluence_opensearch_requests_memory - opensearch_snapshot_id = var.confluence_opensearch_snapshot_id - opensearch_persistence_size = var.confluence_opensearch_persistence_size + opensearch_enabled = var.confluence_opensearch_enabled + opensearch_requests_cpu = var.confluence_opensearch_requests_cpu + opensearch_requests_memory = var.confluence_opensearch_requests_memory + opensearch_snapshot_id = var.confluence_opensearch_snapshot_id + opensearch_persistence_size = var.confluence_opensearch_persistence_size opensearch_initial_admin_password = var.confluence_opensearch_initial_admin_password } @@ -296,12 +296,17 @@ module "bitbucket" { additional_jvm_args = var.bitbucket_additional_jvm_args - elasticsearch_requests_cpu = var.bitbucket_elasticsearch_requests_cpu - elasticsearch_requests_memory = var.bitbucket_elasticsearch_requests_memory - elasticsearch_limits_cpu = var.bitbucket_elasticsearch_limits_cpu - elasticsearch_limits_memory = var.bitbucket_elasticsearch_limits_memory - elasticsearch_storage = var.bitbucket_elasticsearch_storage - elasticsearch_replicas = var.bitbucket_elasticsearch_replicas + opensearch_requests_cpu = var.bitbucket_opensearch_requests_cpu + opensearch_requests_memory = var.bitbucket_opensearch_requests_memory + opensearch_limits_cpu = var.bitbucket_opensearch_limits_cpu + opensearch_limits_memory = var.bitbucket_opensearch_limits_memory + opensearch_storage = var.bitbucket_opensearch_storage + opensearch_replicas = var.bitbucket_opensearch_replicas + opensearch_java_opts = var.bitbucket_opensearch_java_opts + deploy_opensearch = var.bitbucket_deploy_opensearch + opensearch_secret_name = var.bitbucket_opensearch_secret_name + opensearch_secret_username_key = var.bitbucket_opensearch_secret_username_key + opensearch_secret_password_key = var.bitbucket_opensearch_secret_password_key shared_home_snapshot_id = local.bitbucket_ebs_snapshot_id diff --git a/docs/docs/userguide/configuration/BITBUCKET_CONFIGURATION.md b/docs/docs/userguide/configuration/BITBUCKET_CONFIGURATION.md index c27ae9e9..7aec518d 100644 --- a/docs/docs/userguide/configuration/BITBUCKET_CONFIGURATION.md +++ b/docs/docs/userguide/configuration/BITBUCKET_CONFIGURATION.md @@ -153,7 +153,7 @@ If you restore the database, you need to provide the db name from the snapshot. bitbucket_db_name = "bitbucket" ``` -## NFS and Elasticsearch Configuration +## NFS and OpenSearch Configuration ### NFS resource configuration @@ -168,18 +168,24 @@ bitbucket_nfs_limits_cpu = "2" bitbucket_nfs_limits_memory = "2Gi" ``` -### Elasticsearch Configuration +### OpenSearch Configuration -The following variables set the request for number of CPU, amount of memory, amount of storage, and the number of instances in elasticsearch cluster. (Used default values as example.) +The following variables set the request for number of CPU, amount of memory, amount of storage, and the number of instances in elasticsearch cluster. ```terraform # Elasticsearch resource configuration for Bitbucket -bitbucket_elasticsearch_requests_cpu = "0.5" -bitbucket_elasticsearch_requests_memory = "0.5Gi" -bitbucket_elasticsearch_limits_cpu = "1" -bitbucket_elasticsearch_limits_memory = "1Gi" -bitbucket_elasticsearch_storage = 10 -bitbucket_elasticsearch_replicas = 2 +bitbucket_opensearch_requests_cpu = "2" +bitbucket_opensearch_requests_memory = "2Gi" +bitbucket_opensearch_limits_cpu = "4" +bitbucket_opensearch_limits_memory = "4Gi" +bitbucket_opensearch_storage = "20" +bitbucket_opensearch_replicas = "3" +bitbucket_opensearch_java_opts = "-Xmx=1024" +#Configure access to external OpenSearch (created outside Terraform modules) +bitbucket_opensearch_endpoint = "https://myopensearch.com" +bitbucket_opensearch_secret_name = "os-creds" +bitbucket_opensearch_secret_username_key = "user" +bitbucket_opensearch_secret_password_key = "pass" ``` diff --git a/modules/AWS/ingress/main.tf b/modules/AWS/ingress/main.tf index 861f136e..0fdf40db 100644 --- a/modules/AWS/ingress/main.tf +++ b/modules/AWS/ingress/main.tf @@ -93,7 +93,7 @@ resource "helm_release" "ingress" { "service.beta.kubernetes.io/aws-load-balancer-backend-protocol" : "http" # LoadBalancer is created by AWS not Terraform, so we need to add resource tags to it - "service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags": local.resource_tags + "service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags" : local.resource_tags } } } diff --git a/modules/AWS/ingress/variables.tf b/modules/AWS/ingress/variables.tf index 34f57f7d..7ab95f5b 100644 --- a/modules/AWS/ingress/variables.tf +++ b/modules/AWS/ingress/variables.tf @@ -38,5 +38,5 @@ variable "additional_namespaces" { variable "tags" { description = "Additional tags for all resources to be created." - type = map(string) + type = map(string) } diff --git a/modules/products/bitbucket/elasticsearch.tf b/modules/products/bitbucket/elasticsearch.tf deleted file mode 100644 index eb9889f7..00000000 --- a/modules/products/bitbucket/elasticsearch.tf +++ /dev/null @@ -1,40 +0,0 @@ -# Create the elasticsearch based on Elasticsearch Helm charts (https://github.com/elastic/helm-charts/tree/main/elasticsearch) - -resource "helm_release" "elasticsearch" { - count = var.elasticsearch_endpoint == null ? 1 : 0 - - name = "${local.elasticsearch_name}-${var.environment_name}" - namespace = var.namespace - repository = local.elasticsearch_helm_chart_repository - chart = "elasticsearch" - version = local.elasticsearch_helm_chart_version - - values = [ - yamlencode({ - name = local.elasticsearch_name, - imageTag = local.elasticsearch_helm_chart_version - - antiAffinity = local.elasticsearch_antiAffinity - replicas = var.elasticsearch_replicas, - minimumMasterNodes = local.minimumMasterNodes - - resources = { - requests = { - cpu = var.elasticsearch_requests_cpu - memory = var.elasticsearch_requests_memory - } - limits = { - cpu = var.elasticsearch_limits_cpu - memory = var.elasticsearch_limits_memory - } - }, - volumeClaimTemplate = { - resources = { - requests = { - storage = "${var.elasticsearch_storage}G" - } - }, - } - }) - ] -} diff --git a/modules/products/bitbucket/helm.tf b/modules/products/bitbucket/helm.tf index f4ffc4c4..e634b397 100644 --- a/modules/products/bitbucket/helm.tf +++ b/modules/products/bitbucket/helm.tf @@ -35,9 +35,6 @@ resource "helm_release" "bitbucket" { } } } - elasticSearch = { - baseUrl = local.elasticsearch_endpoint - } additionalJvmArgs = concat(local.dcapt_analytics_property) } database = { @@ -75,6 +72,32 @@ resource "helm_release" "bitbucket" { enabled = false } } + opensearch = { + install = var.opensearch_endpoint == null ? true : false + baseUrl = local.opensearch_endpoint + credentials = { + secretName = var.opensearch_secret_name + usernameSecretKey = var.opensearch_secret_username_key + passwordSecretKey = var.opensearch_secret_password_key + } + singleNode = var.opensearch_replicas == 1 ? true : false + replicas = var.opensearch_replicas + resources = { + requests = { + cpu = var.opensearch_requests_cpu + memory = var.opensearch_requests_memory + } + limits = { + cpu = var.opensearch_limits_cpu + memory = var.opensearch_limits_memory + } + } + opensearchJavaOpts = var.opensearch_java_opts + persistence = { + side = "${var.opensearch_storage}Gi" + } + terminationGracePeriod = "0" + } }), local.ingress_settings, local.context_path_settings, diff --git a/modules/products/bitbucket/locals.tf b/modules/products/bitbucket/locals.tf index 139806ce..a1b6d7c8 100644 --- a/modules/products/bitbucket/locals.tf +++ b/modules/products/bitbucket/locals.tf @@ -60,21 +60,8 @@ locals { } }) : yamlencode({}) - # Elasticsearch - elasticsearch_name = "elasticsearch" - elasticsearch_helm_chart_repository = "https://helm.elastic.co" - elasticsearch_helm_chart_version = "7.17.3" - elasticsearch_antiAffinity = "soft" + opensearch_endpoint = var.opensearch_endpoint == null ? "http://opensearch-cluster-master:9200" : var.opensearch_endpoint - elasticsearch_endpoint = var.elasticsearch_endpoint == null ? "http://${local.elasticsearch_name}-master:9200" : var.elasticsearch_endpoint - minimumMasterNodes = var.elasticsearch_replicas == 1 ? 1 : 2 - - single_mode_elasticsearch = var.elasticsearch_replicas > 1 ? yamlencode({}) : yamlencode({ - extraEnvs = [ - { name = "discovery.type", value = "single-node" }, - { name = "cluster.initial_master_nodes", value = "" } - ] - }) # Bitbucket display name display_name = var.display_name != null ? yamlencode({ diff --git a/modules/products/bitbucket/outputs.tf b/modules/products/bitbucket/outputs.tf index fcf322f4..f240c4d7 100644 --- a/modules/products/bitbucket/outputs.tf +++ b/modules/products/bitbucket/outputs.tf @@ -18,6 +18,6 @@ output "kubernetes_rds_secret_name" { value = kubernetes_secret.rds_secret.metadata[0].name } -output "elasticsearch_endpoint" { - value = local.elasticsearch_endpoint +output "opensearch_endpoint" { + value = local.opensearch_endpoint } diff --git a/modules/products/bitbucket/variables.tf b/modules/products/bitbucket/variables.tf index 85ff5b8f..56a8f3eb 100644 --- a/modules/products/bitbucket/variables.tf +++ b/modules/products/bitbucket/variables.tf @@ -115,44 +115,71 @@ variable "shared_home_size" { default = "10Gi" } -# If an external elasticsearch is not provided, Bitbucket will provision an elasticsearch cluster in k8s -variable "elasticsearch_endpoint" { - description = "The external elasticsearch endpoint to be use by Bitbucket." +variable "deploy_opensearch" { + description = "Install OpenSearch sub-chart with Bitbucket Helm chart" + type = bool + default = true +} + +# If an external OpenSearch is not provided, Bitbucket will provision an OpenSearch cluster in k8s +variable "opensearch_endpoint" { + description = "The external OpenSearch endpoint to be used by Bitbucket." + type = string + default = null +} + +variable "opensearch_secret_name" { + description = "Secret name with OpenSearch credentials." type = string default = null } -variable "elasticsearch_requests_cpu" { - description = "Number of CPUs requested for elasticsearch instance." +variable "opensearch_secret_username_key" { + description = "Username key in the opensearch secret" + type = string +} + +variable "opensearch_secret_password_key" { + description = "Password key in the opensearch secret" + type = string +} + +variable "opensearch_requests_cpu" { + description = "Number of CPUs requested for opensearch instance." + type = string +} + +variable "opensearch_requests_memory" { + description = "Amount of memory requested for opensearch instance." type = string } -variable "elasticsearch_requests_memory" { - description = "Amount of memory requested for elasticsearch instance." +variable "opensearch_limits_cpu" { + description = "CPU limit for opensearch instance." type = string } -variable "elasticsearch_limits_cpu" { - description = "CPU limit for elasticsearch instance." +variable "opensearch_limits_memory" { + description = "Memory limit for opensearch instance." type = string } -variable "elasticsearch_limits_memory" { - description = "Memory limit for elasticsearch instance." +variable "opensearch_java_opts" { + description = "JAVA_OPTS passed to OpenSearch JVM." type = string } -variable "elasticsearch_storage" { - description = "Storage size for elasticsearch instance in Gib." +variable "opensearch_storage" { + description = "Storage size for opensearch instance in Gib." type = number } -variable "elasticsearch_replicas" { - description = "Number of nodes for elasticsearch instance." +variable "opensearch_replicas" { + description = "Number of nodes for opensearch instance." type = number validation { - condition = can(regex("^[2-8]$", var.elasticsearch_replicas)) - error_message = "Invalid elasticsearch replicas. Valid replicas is a positive integer in range of [2,8]." + condition = can(regex("^[1-8]$", var.opensearch_replicas)) + error_message = "Invalid opensearch replicas. Valid replicas is a positive integer in range of [2,8]." } } diff --git a/modules/products/confluence/provider_version.tf b/modules/products/confluence/provider_version.tf index dcd1848a..6a371b9d 100644 --- a/modules/products/confluence/provider_version.tf +++ b/modules/products/confluence/provider_version.tf @@ -10,7 +10,7 @@ terraform { version = "~> 2.4" } random = { - source = "hashicorp/random" + source = "hashicorp/random" version = "3.6.1" } } diff --git a/outputs.tf b/outputs.tf index 91feb85b..4944506c 100644 --- a/outputs.tf +++ b/outputs.tf @@ -102,9 +102,9 @@ output "synchrony_url" { value = var.confluence_collaborative_editing_enabled && length(module.confluence) == 1 ? module.confluence[0].synchrony_url : null } -output "elasticsearch_url" { +output "opensearch_url" { description = "URL to access the Bitbucket elasticsearch" - value = local.install_bitbucket && length(module.bitbucket) == 1 ? module.bitbucket[0].elasticsearch_endpoint : null + value = local.install_bitbucket && length(module.bitbucket) == 1 ? module.bitbucket[0].opensearch_endpoint : null } output "confluence_s3_bucket" { diff --git a/provider_version.tf b/provider_version.tf index 39b9d310..b977a0ee 100644 --- a/provider_version.tf +++ b/provider_version.tf @@ -10,7 +10,7 @@ terraform { version = "~> 2.4" } random = { - source = "hashicorp/random" + source = "hashicorp/random" version = "3.6.1" } } diff --git a/test/e2etest/bitbucket_test.go b/test/e2etest/bitbucket_test.go index 384c9c1e..53344863 100644 --- a/test/e2etest/bitbucket_test.go +++ b/test/e2etest/bitbucket_test.go @@ -2,6 +2,7 @@ package e2etest import ( "bytes" + "encoding/base64" "encoding/json" "fmt" "io/ioutil" @@ -23,7 +24,7 @@ func bitbucketHealthTests(t *testing.T, testConfig TestConfig, productUrl string assertBitbucketStatusEndpoint(t, productUrl) assertBitbucketNfsConnectivity(t, testConfig) assertBitbucketSshConnectivity(t, testConfig, productUrl) - assertEsIndexes(t, testConfig) + assertOpenSearchIndexes(t, testConfig) } func assertBitbucketStatusEndpoint(t *testing.T, productUrl string) { @@ -170,19 +171,21 @@ func cloneRepo(t *testing.T, host string) { assert.Equal(t, "remote repository is empty", err.Error()) } -func assertEsIndexes(t *testing.T, testConfig TestConfig) { - println("Asserting ElasticSearch indexes ...") +func assertOpenSearchIndexes(t *testing.T, testConfig TestConfig) { + println("Asserting OpenSearch indexes ...") // give Bitbucket enough time to create project and repo indexes - time.Sleep(15 * time.Second) + time.Sleep(25 * time.Second) kubectlOptions := getKubectlOptions(t, testConfig) expectedDocCount := "1" + openSearchPassword, err := getSecretDataByKey(t, kubectlOptions, "opensearch-initial-password", "OPENSEARCH_INITIAL_ADMIN_PASSWORD") + assert.NoError(t, err) for _, index := range []string{"bitbucket-project", "bitbucket-repository"} { - docCount, err := getEsIndexByName(t, kubectlOptions, index) + docCount, err := getOpenSearchIndexByName(t, kubectlOptions, index, openSearchPassword) assert.NoError(t, err) if docCount != expectedDocCount { fmt.Printf("DocCount in %s index is %s, expecting %s. Trying again in 20 seconds", index, docCount, expectedDocCount) time.Sleep(20 * time.Second) - docCount, _ = getEsIndexByName(t, kubectlOptions, index) + docCount, _ = getOpenSearchIndexByName(t, kubectlOptions, index, openSearchPassword) } assert.Equal(t, expectedDocCount, docCount) } @@ -192,7 +195,7 @@ func getHostFrom(productUrl string) string { return strings.Split(productUrl, "/")[2] } -type ESIndex []struct { +type OpenSearchIndex []struct { Health string `json:"health"` Status string `json:"status"` Index string `json:"index"` @@ -205,22 +208,22 @@ type ESIndex []struct { PriStoreSize string `json:"pri.store.size"` } -func getEsIndexByName(t *testing.T, kubectlOptions *k8s.KubectlOptions, index string) (docCount string, err error) { - esOutput, err := k8s.RunKubectlAndGetOutputE(t, kubectlOptions, - "exec", "elasticsearch-master-0", "-c", "elasticsearch", +func getOpenSearchIndexByName(t *testing.T, kubectlOptions *k8s.KubectlOptions, index string, password string) (docCount string, err error) { + command := fmt.Sprintf("curl -s -u admin:%s http://opensearch-cluster-master:9200/_cat/indices/%s?format=json", password, index) + osOutput, err := k8s.RunKubectlAndGetOutputE(t, kubectlOptions, + "exec", "bitbucket-0", "-c", "bitbucket", "--", "/bin/bash", - "-c", "curl -s http://localhost:9200/_cat/indices?format=json") + "-c", command) if err != nil { return "0", err } else { - var esIndex ESIndex - err := json.Unmarshal([]byte(esOutput), &esIndex) + var osIndex OpenSearchIndex + err := json.Unmarshal([]byte(osOutput), &osIndex) if err != nil { return "0", err } else { - for _, v := range esIndex { + for _, v := range osIndex { if v.Index == index { - assert.Equal(t, v.Health, "green") return v.DocsCount, nil } } @@ -228,3 +231,17 @@ func getEsIndexByName(t *testing.T, kubectlOptions *k8s.KubectlOptions, index st } } } + +func getSecretDataByKey(t *testing.T, kubectlOptions *k8s.KubectlOptions, secretName string, key string) (secretValue string, err error) { + jsonPath := fmt.Sprintf("jsonpath={.data.%s}", key) + base64EncodedValue, err := k8s.RunKubectlAndGetOutputE(t, kubectlOptions, + "get", "secret", secretName, "-o", jsonPath) + if err != nil { + return "", err + } + decodedPassword, err := base64.StdEncoding.DecodeString(base64EncodedValue) + if err != nil { + return "", err + } + return string(decodedPassword), nil +} diff --git a/test/unittest/bitbucket_test.go b/test/unittest/bitbucket_test.go index ed870d5c..58242f1b 100644 --- a/test/unittest/bitbucket_test.go +++ b/test/unittest/bitbucket_test.go @@ -36,7 +36,7 @@ func TestBitbucketVariablesPopulatedWithInvalidValues(t *testing.T) { assert.Contains(t, err.Error(), "Invalid environment name. Valid name is up to 25 characters starting with") assert.Contains(t, err.Error(), "Bitbucket configuration is not valid.") assert.Contains(t, err.Error(), "Bitbucket administrator configuration is not valid.") - assert.Contains(t, err.Error(), "Invalid elasticsearch replicas. Valid replicas is a positive integer in") + assert.Contains(t, err.Error(), "Invalid opensearch replicas. Valid replicas is a positive integer in") assert.Contains(t, err.Error(), "Bitbucket display name must be a non-empty value less than 255 characters.") assert.Contains(t, err.Error(), "Installation timeout needs to be a positive number.") } @@ -57,12 +57,12 @@ func TestBitbucketVariablesNotProvided(t *testing.T) { assert.Contains(t, err.Error(), "\"installation_timeout\" is not set") assert.Contains(t, err.Error(), "\"bitbucket_configuration\" is not set") assert.Contains(t, err.Error(), "\"admin_configuration\" is not set") - assert.Contains(t, err.Error(), "\"elasticsearch_requests_cpu\" is not set") - assert.Contains(t, err.Error(), "\"elasticsearch_requests_memory\" is not set") - assert.Contains(t, err.Error(), "\"elasticsearch_limits_cpu\" is not set") - assert.Contains(t, err.Error(), "\"elasticsearch_limits_memory\" is not set") - assert.Contains(t, err.Error(), "\"elasticsearch_storage\" is not set") - assert.Contains(t, err.Error(), "\"elasticsearch_replicas\" is not set") + assert.Contains(t, err.Error(), "\"opensearch_requests_cpu\" is not set") + assert.Contains(t, err.Error(), "\"opensearch_requests_memory\" is not set") + assert.Contains(t, err.Error(), "\"opensearch_limits_cpu\" is not set") + assert.Contains(t, err.Error(), "\"opensearch_limits_memory\" is not set") + assert.Contains(t, err.Error(), "\"opensearch_storage\" is not set") + assert.Contains(t, err.Error(), "\"opensearch_replicas\" is not set") assert.NotContains(t, err.Error(), "display_name") } @@ -115,13 +115,16 @@ var BitbucketCorrectVariables = map[string]interface{}{ "license": "dummy_license", "custom_values_file": "", }, - "shared_home_size": "10Gi", - "elasticsearch_requests_cpu": "1", - "elasticsearch_requests_memory": "1Gi", - "elasticsearch_limits_cpu": "1", - "elasticsearch_limits_memory": "1Gi", - "elasticsearch_storage": 10, - "elasticsearch_replicas": 2, - "termination_grace_period": 0, - "additional_jvm_args": []string{}, + "shared_home_size": "10Gi", + "opensearch_requests_cpu": "1", + "opensearch_requests_memory": "1Gi", + "opensearch_limits_cpu": "1", + "opensearch_limits_memory": "1Gi", + "opensearch_storage": 10, + "opensearch_replicas": 2, + "opensearch_java_opts": "JAVA_OPTS", + "opensearch_secret_username_key": nil, + "opensearch_secret_password_key": nil, + "termination_grace_period": 0, + "additional_jvm_args": []string{}, } diff --git a/test/unittest/test_variables.go b/test/unittest/test_variables.go index 45ed7dde..9185a152 100644 --- a/test/unittest/test_variables.go +++ b/test/unittest/test_variables.go @@ -407,14 +407,17 @@ var BitbucketInvalidVariables = map[string]interface{}{ "license": "dummy_license", "invalid": "bitbucket-configuration", }, - "elasticsearch_requests_cpu": "1", - "elasticsearch_requests_memory": "1Gi", - "elasticsearch_limits_cpu": "1", - "elasticsearch_limits_memory": "1Gi", - "elasticsearch_storage": 10, - "elasticsearch_replicas": 9, // invalid, should be [2,8] - "termination_grace_period": 0, - "additional_jvm_args": []string{}, + "opensearch_requests_cpu": "1", + "opensearch_requests_memory": "1Gi", + "opensearch_limits_cpu": "1", + "opensearch_limits_memory": "1Gi", + "opensearch_storage": 10, + "opensearch_replicas": 9, // invalid, should be [2,8] + "opensearch_java_opts": "JAVA_OPTS", + "opensearch_secret_username_key": nil, + "opensearch_secret_password_key": nil, + "termination_grace_period": 0, + "additional_jvm_args": []string{}, } var superLongStr = "Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam orci mauris, cursus sit amet tortor sit amet, aliquam dapibus magna. In sodales felis in ipsum euismod tempor. Phasellus mattis, justo id auctor lacinia, ipsum nulla sodales massa, ac porttitor arcu sem et quam." diff --git a/variables.tf b/variables.tf index 098256cd..a72f1a1b 100644 --- a/variables.tf +++ b/variables.tf @@ -970,38 +970,74 @@ variable "bitbucket_nfs_limits_memory" { default = "2Gi" } -variable "bitbucket_elasticsearch_requests_cpu" { - description = "Number of CPUs for Bitbucket elasticsearch instance." +variable "bitbucket_deploy_opensearch" { + description = "Install OpenSearch sub-chart with Bitbucket Helm chart" + type = bool + default = true +} + +variable "bitbucket_opensearch_endpoint" { + description = "The external opensearch endpoint to be use by Bitbucket." type = string - default = "0.25" + default = null +} + +variable "bitbucket_opensearch_secret_name" { + description = "Secret name with credentials for the external OpenSearch instance." + type = string + default = null +} + +variable "bitbucket_opensearch_secret_username_key" { + description = "Username key in the opensearch secret" + type = string + default = "username" +} + +variable "bitbucket_opensearch_secret_password_key" { + description = "Password key in the opensearch secret" + type = string + default = "password" } -variable "bitbucket_elasticsearch_requests_memory" { - description = "Amount of memory for Bitbucket elasticsearch instance." +variable "bitbucket_opensearch_requests_cpu" { + description = "Number of CPUs for Bitbucket opensearch instance." + type = string + default = "300m" +} + +variable "bitbucket_opensearch_requests_memory" { + description = "Amount of memory for Bitbucket opensearch instance." type = string default = "1Gi" } -variable "bitbucket_elasticsearch_limits_cpu" { - description = "CPUs limit for elasticsearch instance." +variable "bitbucket_opensearch_limits_cpu" { + description = "CPUs limit for opensearch instance." type = string - default = "0.5" + default = "500m" } -variable "bitbucket_elasticsearch_limits_memory" { - description = "Memory limit for elasticsearch instance." +variable "bitbucket_opensearch_limits_memory" { + description = "Memory limit for opensearch instance." type = string default = "2Gi" } -variable "bitbucket_elasticsearch_storage" { - description = "Storage size for Bitbucket elasticsearch in GiB." +variable "bitbucket_opensearch_java_opts" { + description = "JAVA_OPTS passed to OpenSearch JVM." + type = string + default = "-Xmx512M -Xms512M" +} + +variable "bitbucket_opensearch_storage" { + description = "Storage size for Bitbucket opensearch in GiB." type = number default = 10 } -variable "bitbucket_elasticsearch_replicas" { - description = "Number of nodes in Elasticsearch cluster" +variable "bitbucket_opensearch_replicas" { + description = "Number of nodes in opensearch cluster" type = number default = 2 }