From 358a88d709739f85b9e88beafc61c7591ecdc01a Mon Sep 17 00:00:00 2001 From: syed salman <72004356+syedsalman3753@users.noreply.github.com> Date: Tue, 11 Apr 2023 13:30:38 +0530 Subject: [PATCH 1/2] [ MOSIP-26666 ] updated README.md (#177) * [ MOSIP-26666 ] updated README.md * [ MOSIP-26666 ] updated README.md * [ MOSIP-26666 ] updated README.md * [ MOSIP-26666 ] updated README.md based on review changes requested * [ MOSIP-26666 ] updated README.md --------- Co-authored-by: syed-salman-technoforte --- README.md | 51 +++++++++++++++++++++++++++++++++++++++++ db_scripts/README.md | 29 +++++++++++++++++++---- helm/esignet/README.md | 6 ++--- helm/esignet/install.sh | 2 +- helm/oidc-ui/install.sh | 6 +++-- 5 files changed, 83 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index 5524b9525..d1de3fb9c 100644 --- a/README.md +++ b/README.md @@ -29,6 +29,57 @@ The project requires JDK 11. $ docker build -f Dockerfile ``` +## Installing in k8s cluster using helm +### Pre-requisites +1. Set the kube config file of the Mosip cluster having dependent services is set correctly in PC. +1. Make sure [DB setup](db_scripts/README.md#install-in-existing-mosip-k8-cluster) is done. +1. Add [esignet-default.properties](https://github.com/mosip/mosip-config/blob/v1.2.0.1-B3/esignet-default.properties) + and [application-default.properties](https://github.com/mosip/mosip-config/blob/v1.2.0.1-B3/application-default.properties) in required branch of config repo. +1. Below are the dependent services required for esignet service: + | Chart | Chart version | + |---|---| + |[Keycloak](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/iam) | 7.1.18 | + |[Keycloak-init](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/iam) | 12.0.1-B3 | + |[Postgres](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/postgres) | 10.16.2 | + |[Postgres Init](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/postgres) | 12.0.1-B3 | + |[Minio](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/object-store) | 10.1.6 | + |[Kafka](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/external/kafka) | 0.4.2 | + |[Config-server](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/config-server) | 12.0.1-B3 | + |[Websub](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/websub) | 12.0.1-B2 | + |[Artifactory server](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/artifactory) | 12.0.1-B3 | + |[Keymanager service](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/keymanager) | 12.0.1-B2 | + |[Kernel services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/kernel) | 12.0.1-B2 | + |[Biosdk service](https://github.com/mosip/mosip-infra/tree/v1.2.0.1-B3/deployment/v3/mosip/biosdk) | 12.0.1-B3 | + |[Idrepo services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/idrepo) | 12.0.1-B2 | + |[Pms services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/pms) | 12.0.1-B3 | + |[IDA services](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/ida) | 12.0.1-B3 | + +### Install +* Install `kubectl` and `helm` utilities. +* Run `install-all.sh` to deploy esignet services. + ``` + cd helm + ./install-all.sh + ``` + +### Delete +* Run `delete-all.sh` to remove esignet services. + ``` + cd helm + ./delete-all.sh + ``` + +### Restart +* Run `restart-all.sh` to restart esignet services. + ``` + cd helm + ./restart-all.sh + ``` + +## Onboard esignet +* Run onboarder's [install.sh](https://github.com/mosip/mosip-infra/blob/v1.2.0.1-B3/deployment/v3/mosip/partner-onboarder) script to exchange jwk certificates. + + ## APIs API documentation is available [here](https://mosip.stoplight.io/docs/identity-provider/branches/main/6f1syzijynu40-identity-provider). diff --git a/db_scripts/README.md b/db_scripts/README.md index db4348ca9..63dc97928 100644 --- a/db_scripts/README.md +++ b/db_scripts/README.md @@ -1,13 +1,32 @@ -# e-Signet +# e-Signet Database Open ID based Identity provider for large scale authentication. +## Overview +This folder containers various SQL scripts to create database and tables in postgres. +The tables are described under `/ddl/`. +Default data that's populated in the tables is present under `/dml` folder. + ## Prerequisites * Make sure DB changes for IDA and PMS are up to date. * If not upgraded, IDA DB using the [release script](https://github.com/mosip/id-authentication/tree/develop/db_release_scripts). * If not upgraded, PMS DB using the [release script](https://github.com/mosip/partner-management-services/tree/develop/db_release_scripts). - -## Initialize esignet DB -* To initialize esignet DB, run below script. +* Command line utilities: + - kubectl + - helm +* Helm repos: ```sh - ./init_db.sh + helm repo add bitnami https://charts.bitnami.com/bitnami + helm repo add mosip https://mosip.github.io/mosip-helm + ``` + +## Install in existing MOSIP K8 Cluster +These scripts are automatically run with below mentioned script in existing k8 cluster with Postgres installed. +### Install +* Set your kube_config file or kube_config variable on PC. +* Update `init_values.yaml` with db-common-password from the postgres namespace in the required field `dbUserPasswords.dbuserPassword` and ensure `databases.mosip_esignet` is enabled. + ``` + ./init_db.sh` ``` + +## Install for developers +Developers may run the SQLs using `/deploy.sh` script. diff --git a/helm/esignet/README.md b/helm/esignet/README.md index 729a382cd..7c5e2871c 100644 --- a/helm/esignet/README.md +++ b/helm/esignet/README.md @@ -11,7 +11,7 @@ $ helm install my-release mosip/esignet ## Introduction -esignet is part of the esignet modules, but has a separate Helm chart so as to install and manage it in a completely indepedent namespace. +esignet is part of the esignet modules, but has a separate Helm chart so as to install and manage it in a completely independent namespace. ## Prerequisites @@ -23,8 +23,8 @@ esignet is part of the esignet modules, but has a separate Helm chart so as to i ## Overview Refer [Commons](https://docs.mosip.io/1.2.0/modules/commons). -## Initialize keycloak for IDP -* To initialize keycloak for IDP, run below script. +## Initialize keycloak for esignet +* To initialize keycloak for esignet, run below script. ```sh ./keycloak-init.sh ``` diff --git a/helm/esignet/install.sh b/helm/esignet/install.sh index ec6318ee5..e67e2d10b 100755 --- a/helm/esignet/install.sh +++ b/helm/esignet/install.sh @@ -15,7 +15,7 @@ echo Copy configmaps ./copy_cm.sh echo Installing esignet -helm -n $NS install esignet . --version $CHART_VERSION +helm -n $NS install esignet mosip/esignet --version $CHART_VERSION kubectl -n $NS get deploy -o name | xargs -n1 -t kubectl -n $NS rollout status diff --git a/helm/oidc-ui/install.sh b/helm/oidc-ui/install.sh index b0cdf4d7c..4e1ffa705 100755 --- a/helm/oidc-ui/install.sh +++ b/helm/oidc-ui/install.sh @@ -14,7 +14,9 @@ kubectl create ns $NS echo Istio label kubectl label ns $NS istio-injection=enabled --overwrite -helm dependency build + +helm repo add mosip https://mosip.github.io/mosip-helm +helm repo update echo Copy configmaps ./copy_cm.sh @@ -26,7 +28,7 @@ kubectl -n $NS delete --ignore-not-found=true configmap oidc-ui-cm kubectl -n $NS create configmap oidc-ui-cm --from-literal="REACT_APP_API_BASE_URL=http://esignet.$NS/v1/esignet" --from-literal="REACT_APP_SBI_DOMAIN_URI=http://esignet.$NS" echo Installing OIDC UI -helm -n $NS install oidc-ui . --set istio.hosts\[0\]=$ESIGNET_HOST +helm -n $NS install oidc-ui mosip/oidc-ui --set istio.hosts\[0\]=$ESIGNET_HOST kubectl -n $NS get deploy -o name | xargs -n1 -t kubectl -n $NS rollout status From ff61caccd692010407877659f31bef9d9eab22bc Mon Sep 17 00:00:00 2001 From: syed-salman-technoforte Date: Wed, 12 Apr 2023 12:31:56 +0530 Subject: [PATCH 2/2] [ MOSIP-26666 ] Updated esignet scripts --- .github/workflows/release_chart.yml | 2 +- README.md | 5 +++-- helm/esignet/Chart.yaml | 2 +- helm/esignet/install.sh | 2 +- helm/oidc-ui/Chart.yaml | 2 +- helm/oidc-ui/install.sh | 2 +- helm/redis/install.sh | 2 +- 7 files changed, 9 insertions(+), 8 deletions(-) diff --git a/.github/workflows/release_chart.yml b/.github/workflows/release_chart.yml index 4c9e2158c..98c63f92b 100644 --- a/.github/workflows/release_chart.yml +++ b/.github/workflows/release_chart.yml @@ -19,6 +19,6 @@ jobs: with: token: ${{ secrets.ACTION_PAT }} charts_dir: ./helm - charts_url: https://github.com/mosip + charts_url: https://mosip.github.io/mosip-helm repository: mosip-helm branch: gh-pages diff --git a/README.md b/README.md index d1de3fb9c..6a7b17c22 100644 --- a/README.md +++ b/README.md @@ -33,8 +33,9 @@ The project requires JDK 11. ### Pre-requisites 1. Set the kube config file of the Mosip cluster having dependent services is set correctly in PC. 1. Make sure [DB setup](db_scripts/README.md#install-in-existing-mosip-k8-cluster) is done. -1. Add [esignet-default.properties](https://github.com/mosip/mosip-config/blob/v1.2.0.1-B3/esignet-default.properties) - and [application-default.properties](https://github.com/mosip/mosip-config/blob/v1.2.0.1-B3/application-default.properties) in required branch of config repo. +1. Add / merge below mentioned properties files into existing config branch: + * [esignet-default.properties](https://github.com/mosip/mosip-config/blob/v1.2.0.1-B3/esignet-default.properties) + * [application-default.properties](https://github.com/mosip/mosip-config/blob/v1.2.0.1-B3/application-default.properties) 1. Below are the dependent services required for esignet service: | Chart | Chart version | |---|---| diff --git a/helm/esignet/Chart.yaml b/helm/esignet/Chart.yaml index d82f2d013..37cb783b6 100644 --- a/helm/esignet/Chart.yaml +++ b/helm/esignet/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: esignet description: A Helm chart for MOSIP esignet module type: application -version: 0.0.1 +version: 1.0.1 appVersion: "" dependencies: - name: common diff --git a/helm/esignet/install.sh b/helm/esignet/install.sh index e67e2d10b..c7feb810a 100755 --- a/helm/esignet/install.sh +++ b/helm/esignet/install.sh @@ -7,7 +7,7 @@ if [ $# -ge 1 ] ; then fi NS=esignet -CHART_VERSION=0.0.1 +CHART_VERSION=1.0.1 ./keycloak-init.sh diff --git a/helm/oidc-ui/Chart.yaml b/helm/oidc-ui/Chart.yaml index d8aa41cb5..9cf547c48 100644 --- a/helm/oidc-ui/Chart.yaml +++ b/helm/oidc-ui/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: oidc-ui description: A Helm chart for MOSIP OIDC UI module type: application -version: 12.0.2 +version: 1.0.1 appVersion: "" dependencies: - name: common diff --git a/helm/oidc-ui/install.sh b/helm/oidc-ui/install.sh index 4e1ffa705..6e250d49c 100755 --- a/helm/oidc-ui/install.sh +++ b/helm/oidc-ui/install.sh @@ -7,7 +7,7 @@ if [ $# -ge 1 ] ; then fi NS=esignet -CHART_VERSION=0.0.1 +CHART_VERSION=1.0.1 echo Create $NS namespace kubectl create ns $NS diff --git a/helm/redis/install.sh b/helm/redis/install.sh index 75675e755..011da045b 100755 --- a/helm/redis/install.sh +++ b/helm/redis/install.sh @@ -22,7 +22,7 @@ helm repo update echo Installing redis helm -n $NS install redis bitnami/redis --wait --version $CHART_VERSION -./copy_cm_func.sh secret redis redis config-server +../copy_cm_func.sh secret redis redis config-server kubectl -n config-server set env --keys=redis-password --from secret/redis deployment/config-server --prefix=SPRING_CLOUD_CONFIG_SERVER_OVERRIDES_