diff --git a/sysinv/sysinv/sysinv/setup.cfg b/sysinv/sysinv/sysinv/setup.cfg index df0c590f4e..d4e05671ae 100644 --- a/sysinv/sysinv/sysinv/setup.cfg +++ b/sysinv/sysinv/sysinv/setup.cfg @@ -70,6 +70,10 @@ systemconfig.helm_applications = platform-integ-apps = systemconfig.helm_plugins.platform_integ_apps stx-monitor = systemconfig.helm_plugins.stx_monitor oidc-auth-apps = systemconfig.helm_plugins.oidc_auth_apps + cert-manager = systemconfig.helm_plugins.cert_manager + +systemconfig.helm_plugins.cert_manager = + 001_cert-manager = sysinv.helm.cert_manager:CertMgrHelm systemconfig.helm_plugins.oidc_auth_apps = 001_dex = sysinv.helm.dex:Dex diff --git a/sysinv/sysinv/sysinv/sysinv/common/constants.py b/sysinv/sysinv/sysinv/sysinv/common/constants.py index f3df2581cd..6e67497dc2 100644 --- a/sysinv/sysinv/sysinv/sysinv/common/constants.py +++ b/sysinv/sysinv/sysinv/sysinv/common/constants.py @@ -1412,6 +1412,7 @@ HELM_APP_OPENSTACK = 'stx-openstack' HELM_APP_PLATFORM = 'platform-integ-apps' HELM_APP_MONITOR = 'stx-monitor' HELM_APP_OIDC_AUTH = 'oidc-auth-apps' +HELM_APP_CERT_MANAGER = 'cert-manager' # Apply mode for openstack app OPENSTACK_RESTORE_DB = 'restore_db' @@ -1432,6 +1433,7 @@ HELM_APP_APPLY_MODES = { HELM_APPS_PLATFORM_MANAGED = [ HELM_APP_PLATFORM, HELM_APP_OIDC_AUTH, + HELM_APP_CERT_MANAGER, ] # The order in which apps are listed here is important. diff --git a/sysinv/sysinv/sysinv/sysinv/helm/cert_manager.py b/sysinv/sysinv/sysinv/sysinv/helm/cert_manager.py new file mode 100644 index 0000000000..ee256c7b77 --- /dev/null +++ b/sysinv/sysinv/sysinv/sysinv/helm/cert_manager.py @@ -0,0 +1,51 @@ +# +# Copyright (c) 2020 Wind River Systems, Inc. +# +# SPDX-License-Identifier: Apache-2.0 +# + +from sysinv.common import constants +from sysinv.common import exception + +from sysinv.helm import base +from sysinv.helm import common + + +class CertMgrHelm(base.BaseHelm): + """Class to encapsulate helm operations for the cert-manager chart""" + + SUPPORTED_NAMESPACES = base.BaseHelm.SUPPORTED_NAMESPACES + \ + [common.HELM_NS_CERT_MANAGER] + SUPPORTED_APP_NAMESPACES = { + constants.HELM_APP_CERT_MANAGER: + base.BaseHelm.SUPPORTED_NAMESPACES + [common.HELM_NS_CERT_MANAGER], + } + + CHART = common.HELM_CHART_CERT_MANAGER + + SERVICE_NAME = 'cert-manager' + + def get_namespaces(self): + return self.SUPPORTED_NAMESPACES + + def get_overrides(self, namespace=None): + + overrides = { + common.HELM_NS_CERT_MANAGER: { + 'replicaCount': max(1, self._num_provisioned_controllers()), + 'webhook': { + 'replicaCount': max(1, self._num_provisioned_controllers()), + }, + 'cainjector': { + 'replicaCount': max(1, self._num_provisioned_controllers()), + }, + } + } + + if namespace in self.SUPPORTED_NAMESPACES: + return overrides[namespace] + elif namespace: + raise exception.InvalidHelmNamespace(chart=self.CHART, + namespace=namespace) + else: + return overrides diff --git a/sysinv/sysinv/sysinv/sysinv/helm/common.py b/sysinv/sysinv/sysinv/sysinv/helm/common.py index 9ebf552fa3..4829f7c781 100644 --- a/sysinv/sysinv/sysinv/sysinv/helm/common.py +++ b/sysinv/sysinv/sysinv/sysinv/helm/common.py @@ -60,6 +60,7 @@ HELM_CHART_NGINX_PORTS_CONTROL = "nginx-ports-control" HELM_CHART_DCDBSYNC = 'dcdbsync' HELM_CHART_DEX = 'dex' HELM_CHART_OIDC_CLIENT = 'oidc-client' +HELM_CHART_CERT_MANAGER = 'cert-manager' HELM_CHART_ELASTICSEARCH_MASTER = 'elasticsearch-master' HELM_CHART_ELASTICSEARCH_DATA = 'elasticsearch-data' @@ -81,6 +82,7 @@ HELM_NS_OPENSTACK = 'openstack' HELM_NS_HELM_TOOLKIT = 'helm-toolkit' HELM_NS_MONITOR = 'monitor' HELM_NS_RBD_PROVISIONER = HELM_NS_KUBE_SYSTEM +HELM_NS_CERT_MANAGER = 'cert-manager' # Services # Matches configassistant.py value => Should change to STARLINGX diff --git a/sysinv/sysinv/sysinv/sysinv/tests/helm/test_cert_manager.py b/sysinv/sysinv/sysinv/sysinv/tests/helm/test_cert_manager.py new file mode 100644 index 0000000000..54cb784a3d --- /dev/null +++ b/sysinv/sysinv/sysinv/sysinv/tests/helm/test_cert_manager.py @@ -0,0 +1,49 @@ +# Copyright (c) 2020 Wind River Systems, Inc. +# +# SPDX-License-Identifier: Apache-2.0 +# +from sysinv.db import api as dbapi +from sysinv.helm import common + +from sysinv.tests.db import base as dbbase +from sysinv.tests.db import utils as dbutils +from sysinv.tests.helm import base +from sysinv.tests.helm import test_helm + + +class CertManagerTestCase(test_helm.StxPlatformAppMixin, + base.HelmTestCaseMixin): + + def setUp(self): + super(CertManagerTestCase, self).setUp() + self.app = dbutils.create_test_app(name='cert-manager') + self.dbapi = dbapi.get_instance() + + +class CertManagerIPv4ControllerHostTestCase(CertManagerTestCase, + dbbase.ProvisionedControllerHostTestCase): + + def test_replicas(self): + overrides = self.operator.get_helm_chart_overrides( + common.HELM_CHART_CERT_MANAGER, + cnamespace=common.HELM_NS_CERT_MANAGER) + + self.assertOverridesParameters(overrides, { + # 1 replica for 1 controller + 'replicaCount': 1 + }) + + +class CertManagerIPv6AIODuplexSystemTestCase(CertManagerTestCase, + dbbase.BaseIPv6Mixin, + dbbase.ProvisionedAIODuplexSystemTestCase): + + def test_replicas(self): + overrides = self.operator.get_helm_chart_overrides( + common.HELM_CHART_CERT_MANAGER, + cnamespace=common.HELM_NS_CERT_MANAGER) + + self.assertOverridesParameters(overrides, { + # 2 replicas for 2 controllers + 'replicaCount': 2 + })