tags added and keycloak related changes added

sourcefuse · Oct 16, 2024 · fd705aa · fd705aa
1 parent c47abe5
commit fd705aa
Show file tree

Hide file tree

Showing 42 changed files with 563 additions and 5 deletions.
diff --git a/files/control-plane/control-plane-helm-chart/values.yaml.template b/files/control-plane/control-plane-helm-chart/values.yaml.template
@@ -27,7 +27,7 @@ frontend:
   enabled: true
   repository: public.ecr.aws/p1a1c8p2/sourcefuse-arc-saas-control-plane-ui
   pullPolicy: Always
-  tag: "0.0.9"
+  tag: "0.0.11"
   log_level: "info"
   home_path: "/main/home"
   replicaCount: 1

diff --git a/files/tenant-samples/bridge/buildspec.yaml b/files/tenant-samples/bridge/buildspec.yaml
@@ -121,7 +121,7 @@ phases:
       - kubectl apply -f ${TIER}-argo-workflow.yaml --namespace argo-workflows || true 
       - kubectl apply -f argocd-application.yaml --namespace argocd || true
       - sleep 240 # waiting time to spin up tenant pods 
-      - terraform apply -auto-approve --refresh=false  # refresh is false to avoid unnecessary API hitting
+      #- terraform apply -auto-approve --refresh=false  # refresh is false to avoid unnecessary API hitting
       - kubectl apply -f argo-workflow.yaml --namespace argo-workflows || true
 
 

diff --git a/files/tenant-samples/bridge/tenant-helm-chart/auth0/templates/provisioner.yaml b/files/tenant-samples/bridge/tenant-helm-chart/auth0/templates/provisioner.yaml
@@ -54,6 +54,7 @@ spec:
         "aws:eks:cluster-name": {{ .Values.eksClusterName }}
   tags:
     Tenant: "pooled"
+    Project: {{ .Values.project }}
 
 
 

diff --git a/files/tenant-samples/bridge/tenant-helm-chart/auth0/values.yaml.template b/files/tenant-samples/bridge/tenant-helm-chart/auth0/values.yaml.template
@@ -343,6 +343,7 @@ publicKey: ${TENANT_CLIENT_SECRET}
 
 tier: ${TIER}
 namespace: ${NAMESPACE}
+project: ${PROJECT}
 region: ${REGION}
 karpenterRoleName: ${KARPENTER_ROLE}
 eksClusterName: ${EKS_CLUSTER_NAME}

diff --git a/files/tenant-samples/bridge/tenant-helm-chart/cognito/templates/provisioner.yaml b/files/tenant-samples/bridge/tenant-helm-chart/cognito/templates/provisioner.yaml
@@ -54,6 +54,7 @@ spec:
         "aws:eks:cluster-name": {{ .Values.eksClusterName }}
   tags:
     Tenant: "pooled"
+    Project: {{ .Values.project }}
 
 
 

diff --git a/files/tenant-samples/bridge/tenant-helm-chart/cognito/values.yaml.template b/files/tenant-samples/bridge/tenant-helm-chart/cognito/values.yaml.template
@@ -343,6 +343,7 @@ publicKey: ${TENANT_CLIENT_SECRET}
 
 tier: ${TIER}
 namespace: ${NAMESPACE}
+project: ${PROJECT}
 region: ${REGION}
 cognitodomain: ${COGNITO_DOMAIN}
 cognitoid: ${COGNITO_ID}

diff --git a/files/tenant-samples/bridge/terraform/canary.tf b/files/tenant-samples/bridge/terraform/canary.tf
@@ -22,6 +22,7 @@ resource "aws_synthetics_canary" "main" {
   schedule {
     expression = "rate(6 minutes)"
   }
+  tags = module.tags.tags
 
 }
 

diff --git a/files/tenant-samples/bridge/terraform/eks.tf b/files/tenant-samples/bridge/terraform/eks.tf
@@ -107,6 +107,7 @@ data "template_file" "cognito_helm_values_template" {
   template = file("${path.module}/../tenant-helm-chart/cognito/values.yaml.template")
   vars = {
     NAMESPACE        = local.kubernetes_ns
+    PROJECT          = var.namespace
     TENANT_NAME      = var.tenant_name
     TENANT_KEY       = var.tenant
     TENANT_EMAIL     = var.tenant_email
@@ -149,6 +150,7 @@ data "template_file" "auth0_helm_values_template" {
   template = file("${path.module}/../tenant-helm-chart/auth0/values.yaml.template")
   vars = {
     NAMESPACE        = local.kubernetes_ns
+    PROJECT          = var.namespace
     TENANT_NAME      = var.tenant_name
     TENANT_KEY       = var.tenant
     TENANT_EMAIL     = var.tenant_email

diff --git a/files/tenant-samples/pooled/buildspec.yaml b/files/tenant-samples/pooled/buildspec.yaml
@@ -120,7 +120,7 @@ phases:
       - kubectl apply -f ${TIER}-argo-workflow.yaml --namespace argo-workflows || true 
       - kubectl apply -f argocd-application.yaml --namespace argocd || true
       - sleep 240 # waiting time to spin up tenant pods 
-      - terraform apply -auto-approve --refresh=false  # refresh is false to avoid unnecessary API hitting
+      #- terraform apply -auto-approve --refresh=false  # refresh is false to avoid unnecessary API hitting
       - kubectl apply -f argo-workflow.yaml --namespace argo-workflows || true
 
     finally:

diff --git a/files/tenant-samples/pooled/tenant-helm-chart/auth0/templates/provisioner.yaml b/files/tenant-samples/pooled/tenant-helm-chart/auth0/templates/provisioner.yaml
@@ -54,6 +54,7 @@ spec:
         "aws:eks:cluster-name": {{ .Values.eksClusterName }}
   tags:
     Tenant: "pooled"
+    Project: {{ .Values.project }}
 
 
 

diff --git a/files/tenant-samples/pooled/tenant-helm-chart/auth0/values.yaml.template b/files/tenant-samples/pooled/tenant-helm-chart/auth0/values.yaml.template
@@ -343,6 +343,7 @@ publicKey: ${TENANT_CLIENT_SECRET}
 
 tier: ${TIER}
 namespace: ${NAMESPACE}
+project: ${PROJECT}
 region: ${REGION}
 karpenterRoleName: ${KARPENTER_ROLE}
 eksClusterName: ${EKS_CLUSTER_NAME}

diff --git a/files/tenant-samples/pooled/tenant-helm-chart/cognito/templates/provisioner.yaml b/files/tenant-samples/pooled/tenant-helm-chart/cognito/templates/provisioner.yaml
@@ -54,6 +54,7 @@ spec:
         "aws:eks:cluster-name": {{ .Values.eksClusterName }}
   tags:
     Tenant: "pooled"
+    Project: {{ .Values.project }}
 
 
 

diff --git a/files/tenant-samples/pooled/tenant-helm-chart/cognito/values.yaml.template b/files/tenant-samples/pooled/tenant-helm-chart/cognito/values.yaml.template
@@ -343,6 +343,7 @@ publicKey: ${TENANT_CLIENT_SECRET}
 
 tier: ${TIER}
 namespace: ${NAMESPACE}
+project: ${PROJECT}
 region: ${REGION}
 cognitodomain: ${COGNITO_DOMAIN}
 cognitoid: ${COGNITO_ID}

diff --git a/files/tenant-samples/pooled/terraform/canary.tf b/files/tenant-samples/pooled/terraform/canary.tf
@@ -22,6 +22,7 @@ resource "aws_synthetics_canary" "main" {
   schedule {
     expression = "rate(6 minutes)"
   }
+  tags = module.tags.tags
 
 }
 

diff --git a/files/tenant-samples/pooled/terraform/eks.tf b/files/tenant-samples/pooled/terraform/eks.tf
@@ -107,6 +107,7 @@ data "template_file" "cognito_helm_values_template" {
   template = file("${path.module}/../tenant-helm-chart/cognito/values.yaml.template")
   vars = {
     NAMESPACE        = local.kubernetes_ns
+    PROJECT          = var.namespace
     TENANT_NAME      = var.tenant_name
     TENANT_KEY       = var.tenant
     TENANT_EMAIL     = var.tenant_email
@@ -148,6 +149,7 @@ data "template_file" "auth0_helm_values_template" {
   template = file("${path.module}/../tenant-helm-chart/auth0/values.yaml.template")
   vars = {
     NAMESPACE        = local.kubernetes_ns
+    PROJECT          = var.namespace
     TENANT_NAME      = var.tenant_name
     TENANT_KEY       = var.tenant
     TENANT_EMAIL     = var.tenant_email

diff --git a/files/tenant-samples/silo/buildspec.yaml b/files/tenant-samples/silo/buildspec.yaml
@@ -115,7 +115,7 @@ phases:
       - ./push-values.sh # push values to tenant management gitops repository
       - kubectl apply -f argocd-application.yaml --namespace argocd || true
       - sleep 240 # waiting time to spin up tenant pods 
-      - terraform apply -auto-approve --refresh=false  # refresh is false to avoid API hitting
+      #- terraform apply -auto-approve --refresh=false  # refresh is false to avoid API hitting
       - kubectl apply -f argo-workflow.yaml --namespace argo-workflows || true
     finally:
       - node $WEBHOOK_PATH

diff --git a/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/provisioner.yaml b/files/tenant-samples/silo/tenant-helm-chart/auth0/templates/provisioner.yaml
@@ -59,6 +59,7 @@ spec:
   tags:
     Tenant: {{ .Values.tenant }}
     Tenant_ID: {{ .Values.tenantID }}
+    Project: {{ .Values.project }}
 
 
 
diff --git a/files/tenant-samples/silo/tenant-helm-chart/auth0/values.yaml.template b/files/tenant-samples/silo/tenant-helm-chart/auth0/values.yaml.template
@@ -342,6 +342,7 @@ publicKey: ${TENANT_CLIENT_SECRET}
 
 tier: ${TIER}
 namespace: ${NAMESPACE}
+project: ${PROJECT}
 region: ${REGION}
 karpenterRoleName: ${KARPENTER_ROLE}
 eksClusterName: ${EKS_CLUSTER_NAME}

diff --git a/files/tenant-samples/silo/tenant-helm-chart/cognito/templates/provisioner.yaml b/files/tenant-samples/silo/tenant-helm-chart/cognito/templates/provisioner.yaml
@@ -59,6 +59,7 @@ spec:
   tags:
     Tenant: {{ .Values.tenant }}
     Tenant_ID: {{ .Values.tenantID }}
+    Project: {{ .Values.project }}
 
 
 
diff --git a/files/tenant-samples/silo/tenant-helm-chart/cognito/values.yaml.template b/files/tenant-samples/silo/tenant-helm-chart/cognito/values.yaml.template
@@ -342,6 +342,7 @@ publicKey: ${TENANT_CLIENT_SECRET}
 
 tier: ${TIER}
 namespace: ${NAMESPACE}
+project: ${PROJECT}
 region: ${REGION}
 cognitodomain: ${COGNITO_DOMAIN}
 cognitoid: ${COGNITO_ID}

diff --git a/files/tenant-samples/silo/terraform/canary.tf b/files/tenant-samples/silo/terraform/canary.tf
@@ -22,7 +22,7 @@ resource "aws_synthetics_canary" "main" {
   schedule {
     expression = "rate(6 minutes)"
   }
-
+  tags = module.tags.tags
 }
 
 data "archive_file" "canary_zip_inline" {

diff --git a/files/tenant-samples/silo/terraform/eks.tf b/files/tenant-samples/silo/terraform/eks.tf
@@ -110,6 +110,7 @@ data "template_file" "cognito_helm_values_template" {
   template = file("${path.module}/../tenant-helm-chart/cognito/values.yaml.template")
   vars = {
     NAMESPACE             = local.kubernetes_ns
+    PROJECT               = var.namespace
     TENANT_NAME           = var.tenant_name
     TENANT_KEY            = var.tenant
     TENANT_EMAIL          = var.tenant_email
@@ -151,6 +152,7 @@ data "template_file" "auth0_helm_values_template" {
   template = file("${path.module}/../tenant-helm-chart/auth0/values.yaml.template")
   vars = {
     NAMESPACE                       = local.kubernetes_ns
+    PROJECT          = var.namespace
     TENANT_NAME                     = var.tenant_name
     TENANT_KEY                      = var.tenant
     TENANT_EMAIL                    = var.tenant_email

diff --git a/terraform/control-plane-application/buildspec.yaml b/terraform/control-plane-application/buildspec.yaml
@@ -45,6 +45,15 @@ phases:
       - chmod +x push-helm-values.sh 
       - ./push-helm-values.sh # push control-plane values yaml to tenant management gitops repository
       - kubectl apply -f control-plane-argocd-application.yaml --namespace argocd || true
+      - cd ..
+      # To run keycloak
+      - cd keycloak
+      - rm config.hcl
+      - sed -i 's/aws_region/${var.region}/g' config.txt
+      - envsubst < config.txt > config.${var.environment}.hcl
+      - terraform init --backend-config=config.${var.environment}.hcl
+      - terraform plan
+      - terraform apply --auto-approve
 
   post_build:
     commands:

diff --git a/terraform/db-ops/main.tf b/terraform/db-ops/main.tf
@@ -77,6 +77,10 @@ module "postgresql_provider" {
     "feature_db" = {
       db_name           = var.featuretoggledbdatabase
       allow_connections = true
+    },
+    "keycloak_db" = {
+      db_name           = var.keycloakdbdatabase
+      allow_connections = true
     }
 
   }
@@ -147,6 +151,13 @@ module "db_ops_ssm_parameters" {
       type        = "SecureString"
       overwrite   = "true"
       description = "Feature Toggle Database Name"
+    },
+    {
+      name        = "/${var.namespace}/${var.environment}/keycloakdbdatabase"
+      value       = var.keycloakdbdatabase
+      type        = "SecureString"
+      overwrite   = "true"
+      description = "Keycloak Database Name"
     }
   ]
   tags = module.tags.tags

diff --git a/terraform/db-ops/variables.tf b/terraform/db-ops/variables.tf
@@ -69,4 +69,9 @@ variable "tenantmgmtdbdatabase" {
 variable "featuretoggledbdatabase" {
   type    = string
   default = "feature"
+}
+
+variable "keycloakdbdatabase" {
+  type    = string
+  default = "keycloak"
 }
diff --git a/terraform/eks/main.tf b/terraform/eks/main.tf
@@ -107,6 +107,7 @@ module "eks_cluster" {
   ]
   map_additional_iam_users = var.map_additional_iam_users
   allowed_cidr_blocks      = [data.aws_vpc.vpc.cidr_block]
+  tags = module.tags.tags
 }
 
 #################################################################################

diff --git a/terraform/keycloak/.terraform-version b/terraform/keycloak/.terraform-version
@@ -0,0 +1 @@
+latest:^1.4