From a39e2c036f12c338a0f450bcbab91d116981a387 Mon Sep 17 00:00:00 2001 From: Pete Birley Date: Wed, 22 Aug 2018 10:03:21 -0500 Subject: [PATCH] Ldap: remove chart from repo This PS removes the LDAP testing chart from the repo, as it is also located in openstack-helm-infra. Co-Authored-By: Steve Wilkerson Change-Id: Id130b05842145e786cbcd40355fa308471d6f24e Signed-off-by: Pete Birley --- ldap/.helmignore | 21 -- ldap/Chart.yaml | 19 -- ldap/requirements.yaml | 16 -- ldap/templates/_helpers.tpl | 22 -- ldap/templates/bin/_bootstrap.sh.tpl | 8 - ldap/templates/configmap-bin.yaml | 31 --- ldap/templates/configmap-etc.yaml | 27 -- ldap/templates/job-bootstrap.yaml | 18 -- ldap/templates/job-image-repo-sync.yaml | 20 -- ldap/templates/service.yaml | 30 --- ldap/templates/statefulset.yaml | 90 ------- ldap/values.yaml | 232 ------------------ .../deployment/developer/ldap/080-keystone.sh | 6 +- 13 files changed, 2 insertions(+), 538 deletions(-) delete mode 100644 ldap/.helmignore delete mode 100644 ldap/Chart.yaml delete mode 100644 ldap/requirements.yaml delete mode 100644 ldap/templates/_helpers.tpl delete mode 100644 ldap/templates/bin/_bootstrap.sh.tpl delete mode 100644 ldap/templates/configmap-bin.yaml delete mode 100644 ldap/templates/configmap-etc.yaml delete mode 100644 ldap/templates/job-bootstrap.yaml delete mode 100644 ldap/templates/job-image-repo-sync.yaml delete mode 100644 ldap/templates/service.yaml delete mode 100644 ldap/templates/statefulset.yaml delete mode 100644 ldap/values.yaml diff --git a/ldap/.helmignore b/ldap/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/ldap/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/ldap/Chart.yaml b/ldap/Chart.yaml deleted file mode 100644 index de67527eb3..0000000000 --- a/ldap/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: OpenStack-Helm LDAP -name: ldap -version: 0.1.0 -home: https://www.openldap.org/ -maintainers: - - name: OpenStack-Helm Authors diff --git a/ldap/requirements.yaml b/ldap/requirements.yaml deleted file mode 100644 index 5669e12cfd..0000000000 --- a/ldap/requirements.yaml +++ /dev/null @@ -1,16 +0,0 @@ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: helm-toolkit - repository: http://localhost:8879/charts - version: 0.1.0 diff --git a/ldap/templates/_helpers.tpl b/ldap/templates/_helpers.tpl deleted file mode 100644 index c2a40b8821..0000000000 --- a/ldap/templates/_helpers.tpl +++ /dev/null @@ -1,22 +0,0 @@ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "fullname" -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "splitdomain" -}} -{{- $name := index . 0 -}} -{{- $local := dict "first" true }} -{{- range $k, $v := splitList "." $name }}{{- if not $local.first -}},{{- end -}}dc={{- $v -}}{{- $_ := set $local "first" false -}}{{- end -}} -{{- end -}} diff --git a/ldap/templates/bin/_bootstrap.sh.tpl b/ldap/templates/bin/_bootstrap.sh.tpl deleted file mode 100644 index 4068e5cfe8..0000000000 --- a/ldap/templates/bin/_bootstrap.sh.tpl +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -set -xe - -{{- $url := tuple "ldap" "internal" . | include "helm-toolkit.endpoints.hostname_fqdn_endpoint_lookup" }} -{{- $port := tuple "ldap" "internal" "ldap" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} -LDAPHOST="ldap://{{ $url }}:{{ $port }}" -ADMIN="cn={{ .Values.endpoints.ldap.auth.username }},{{ tuple .Values.endpoints.ldap.auth.domainname . | include "splitdomain" }}" -ldapadd -x -D $ADMIN -H $LDAPHOST -w {{ .Values.endpoints.ldap.auth.password }} -f /etc/sample_data.ldif diff --git a/ldap/templates/configmap-bin.yaml b/ldap/templates/configmap-bin.yaml deleted file mode 100644 index 29b1648df1..0000000000 --- a/ldap/templates/configmap-bin.yaml +++ /dev/null @@ -1,31 +0,0 @@ -{{/* -Copyright 2018 The Openstack-Helm Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/}} -{{- if .Values.manifests.configmap_bin }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: ldap-bin -data: -{{- if .Values.images.local_registry.active }} - image-repo-sync.sh: | -{{- include "helm-toolkit.scripts.image_repo_sync" . | indent 4 }} -{{- end }} -{{- if .Values.bootstrap.enabled }} - bootstrap.sh: | -{{ tuple "bin/_bootstrap.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} -{{- end }} -{{- end }} diff --git a/ldap/templates/configmap-etc.yaml b/ldap/templates/configmap-etc.yaml deleted file mode 100644 index e724e6d712..0000000000 --- a/ldap/templates/configmap-etc.yaml +++ /dev/null @@ -1,27 +0,0 @@ -{{/* -Copyright 2018 The Openstack-Helm Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/}} -{{- if .Values.manifests.configmap_etc }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: ldap-etc -data: -{{- if .Values.bootstrap.enabled }} - sample_data.ldif: | -{{ .Values.data.sample | indent 4 }} -{{- end }} -{{- end }} diff --git a/ldap/templates/job-bootstrap.yaml b/ldap/templates/job-bootstrap.yaml deleted file mode 100644 index bf96682836..0000000000 --- a/ldap/templates/job-bootstrap.yaml +++ /dev/null @@ -1,18 +0,0 @@ -{{/* -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/}} - -{{- if and .Values.manifests.job_bootstrap .Values.bootstrap.enabled }} -{{- $bootstrapJob := dict "envAll" . "serviceName" "ldap" "configFile" "/etc/sample_data.ldif" "keystoneUser" "admin" "openrc" "false" -}} -{{ $bootstrapJob | include "helm-toolkit.manifests.job_bootstrap" }} -{{- end }} diff --git a/ldap/templates/job-image-repo-sync.yaml b/ldap/templates/job-image-repo-sync.yaml deleted file mode 100644 index f6e9fcb980..0000000000 --- a/ldap/templates/job-image-repo-sync.yaml +++ /dev/null @@ -1,20 +0,0 @@ -{{/* -Copyright 2017 The Openstack-Helm Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/}} - -{{- if and .Values.manifests.job_image_repo_sync .Values.images.local_registry.active }} -{{- $imageRepoSyncJob := dict "envAll" . "serviceName" "ldap" -}} -{{ $imageRepoSyncJob | include "helm-toolkit.manifests.job_image_repo_sync" }} -{{- end }} diff --git a/ldap/templates/service.yaml b/ldap/templates/service.yaml deleted file mode 100644 index 353db51c86..0000000000 --- a/ldap/templates/service.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{/* -Copyright 2017 The Openstack-Helm Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/}} - -{{- if .Values.manifests.service }} -{{- $envAll := . }} ---- -apiVersion: v1 -kind: Service -metadata: - name: {{ tuple "ldap" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }} -spec: - ports: - - name: ldap - port: {{ tuple "ldap" "internal" "ldap" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} - selector: -{{ tuple $envAll "ldap" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} -{{- end }} diff --git a/ldap/templates/statefulset.yaml b/ldap/templates/statefulset.yaml deleted file mode 100644 index e6d98887ad..0000000000 --- a/ldap/templates/statefulset.yaml +++ /dev/null @@ -1,90 +0,0 @@ -{{/* -Copyright 2017 The Openstack-Helm Authors. - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/}} - -{{- if .Values.manifests.statefulset }} -{{- $envAll := . }} - -{{- $serviceAccountName := "ldap" }} -{{ tuple $envAll "ldap" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: ldap - labels: -{{ tuple $envAll "ldap" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} -spec: - serviceName: {{ tuple "ldap" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }} - replicas: {{ .Values.pod.replicas.server }} - selector: - matchLabels: -{{ tuple $envAll "ldap" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }} - template: - metadata: - labels: -{{ tuple $envAll "ldap" "server" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} - spec: - serviceAccountName: {{ $serviceAccountName }} - affinity: -{{ tuple $envAll "ldap" "server" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} - nodeSelector: - {{ .Values.labels.server.node_selector_key }}: {{ .Values.labels.server.node_selector_value }} - initContainers: -{{ tuple $envAll "ldap" list | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} - containers: - - name: ldap -{{ tuple $envAll "ldap" | include "helm-toolkit.snippets.image" | indent 10 }} -{{ tuple $envAll $envAll.Values.pod.resources.server | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} - env: - - name: LDAP_DOMAIN - value: {{ .Values.endpoints.ldap.auth.domainname }} - - name: LDAP_ADMIN_PASSWORD - value: {{ .Values.endpoints.ldap.auth.password }} - ports: - - containerPort: {{ tuple "ldap" "internal" "ldap" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }} - volumeMounts: - - name: ldap-data - mountPath: /var/lib/ldap - - name: ldap-config - mountPath: /etc/ldap/slapd.d -{{- if not .Values.volume.enabled }} - volumes: - - name: ldap-data - hostPath: - path: {{ .Values.volume.host.data_path }} - - name: ldap-config - hostPath: - path: {{ .Values.volume.host.config_path }} -{{- else }} - volumeClaimTemplates: - - metadata: - name: ldap-data - spec: - accessModes: [ "ReadWriteOnce" ] - resources: - requests: - storage: {{ .Values.volume.size }} - storageClassName: {{ .Values.volume.class_name }} - - metadata: - name: ldap-config - spec: - accessModes: [ "ReadWriteOnce" ] - resources: - requests: - storage: {{ .Values.volume.size }} - storageClassName: {{ .Values.volume.class_name }} -{{- end }} -{{- end }} diff --git a/ldap/values.yaml b/ldap/values.yaml deleted file mode 100644 index 5678abffcc..0000000000 --- a/ldap/values.yaml +++ /dev/null @@ -1,232 +0,0 @@ -# Copyright 2017 The Openstack-Helm Authors. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Default values for ldap. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -release_group: null - -images: - tags: - bootstrap: "docker.io/osixia/openldap:1.2.0" - ldap: "docker.io/osixia/openldap:1.2.0" - dep_check: quay.io/stackanetes/kubernetes-entrypoint:v0.3.1 - image_repo_sync: docker.io/docker:17.07.0 - pull_policy: "IfNotPresent" - local_registry: - active: false - exclude: - - dep_check - - image_repo_sync - -labels: - server: - node_selector_key: openstack-control-plane - node_selector_value: enabled - job: - node_selector_key: openstack-control-plane - node_selector_value: enabled - -pod: - affinity: - anti: - type: - default: preferredDuringSchedulingIgnoredDuringExecution - topologyKey: - default: kubernetes.io/hostname - replicas: - server: 1 - lifecycle: - upgrades: - deployments: - revision_history: 3 - pod_replacement_strategy: RollingUpdate - rolling_update: - max_unavailable: 1 - max_surge: 3 - resources: - enabled: false - server: - requests: - memory: "128Mi" - cpu: "100m" - limits: - memory: "1024Mi" - cpu: "2000m" - jobs: - bootstrap: - requests: - memory: "128Mi" - cpu: "100m" - limits: - memory: "1024Mi" - cpu: "2000m" - image_repo_sync: - requests: - memory: "128Mi" - cpu: "100m" - limits: - memory: "1024Mi" - cpu: "2000m" - mounts: - ldap_data_load: - init_container: null - ldap_data_load: - -dependencies: - dynamic: - common: - local_image_registry: - jobs: - - ldap-image-repo-sync - services: - - endpoint: node - service: local_image_registry - static: - ldap: - jobs: null - bootstrap: - services: - - endpoint: internal - service: ldap - server: - jobs: - - ldap-load-data - services: - - endpoint: internal - service: ldap - image_repo_sync: - services: - - endpoint: internal - service: local_image_registry - -volume: - enabled: true - size: 2Gi - class_name: general - host: - data_path: /data/openstack-helm/ldap - config_path: /data/openstack-helm/config - -bootstrap: - enabled: false - -endpoints: - cluster_domain_suffix: cluster.local - local_image_registry: - name: docker-registry - namespace: docker-registry - hosts: - default: localhost - internal: docker-registry - node: localhost - host_fqdn_override: - default: null - port: - registry: - node: 5000 - ldap: - hosts: - default: ldap - host_fqdn_override: - default: null - path: null - scheme: 'http' - port: - ldap: - default: 389 - auth: - username: admin - domainname: cluster.local - password: password - -data: - sample: | - dn: ou=People,dc=cluster,dc=local - objectclass: organizationalunit - ou: People - description: We the People - - # NOTE: Password is "password" without quotes - dn: uid=alice,ou=People,dc=cluster,dc=local - objectClass: inetOrgPerson - objectClass: top - objectClass: posixAccount - objectClass: shadowAccount - objectClass: person - sn: Alice - cn: alice - uid: alice - userPassword: {SSHA}+i3t/DLCgLDGaIOAmfeFJ2kDeJWmPUDH - description: SHA - gidNumber: 1000 - uidNumber: 1493 - homeDirectory: /home/alice - mail: alice@example.com - - # NOTE: Password is "password" without quotes - dn: uid=bob,ou=People,dc=cluster,dc=local - objectClass: inetOrgPerson - objectClass: top - objectClass: posixAccount - objectClass: shadowAccount - objectClass: person - sn: Bob - cn: bob - uid: bob - userPassword: {SSHA}fCJ5vuW1BQ4/OfOVkkx1qjwi7yHFuGNB - description: MD5 - gidNumber: 1000 - uidNumber: 5689 - homeDirectory: /home/bob - mail: bob@example.com - - dn: ou=Groups,dc=cluster,dc=local - objectclass: organizationalunit - ou: Groups - description: We the People - - dn: cn=cryptography,ou=Groups,dc=cluster,dc=local - objectclass: top - objectclass: posixGroup - gidNumber: 418 - cn: overwatch - description: Cryptography Team - memberUID: uid=alice,ou=People,dc=cluster,dc=local - memberUID: uid=bob,ou=People,dc=cluster,dc=local - - dn: cn=blue,ou=Groups,dc=cluster,dc=local - objectclass: top - objectclass: posixGroup - gidNumber: 419 - cn: blue - description: Blue Team - memberUID: uid=bob,ou=People,dc=cluster,dc=local - - dn: cn=red,ou=Groups,dc=cluster,dc=local - objectclass: top - objectclass: posixGroup - gidNumber: 420 - cn: red - description: Red Team - memberUID: uid=alice,ou=People,dc=cluster,dc=local - -manifests: - configmap_bin: true - configmap_etc: true - job_image_repo_sync: true - job_bootstrap: true - statefulset: true - service: true diff --git a/tools/deployment/developer/ldap/080-keystone.sh b/tools/deployment/developer/ldap/080-keystone.sh index c27567142b..7346961c08 100755 --- a/tools/deployment/developer/ldap/080-keystone.sh +++ b/tools/deployment/developer/ldap/080-keystone.sh @@ -16,12 +16,10 @@ set -xe -#NOTE: Lint and package chart -make ldap - #NOTE: Deploy command +: ${OSH_INFRA_PATH:="../openstack-helm-infra"} : ${OSH_EXTRA_HELM_ARGS:=""} -helm upgrade --install ldap ./ldap \ +helm upgrade --install ldap ${OSH_INFRA_PATH}/ldap \ --namespace=openstack \ --set pod.replicas.server=1 \ --set bootstrap.enabled=true \