add addon health and civil (#6)

* add addon health and civil

* sets aio false

* adds health and civil and cleans validation

* updates yamldirs

* adds op charts cleans deploy

.github/scripts/validate-deploy.sh

@@ -1,9 +1,13 @@
 #!/usr/bin/env bash
 
+SCRIPT_DIR=$(cd $(dirname "$0"); pwd -P)
+
+source "${SCRIPT_DIR}/validation-functions.sh"
+
 GIT_REPO=$(cat git_repo)
 GIT_TOKEN=$(cat git_token)
 
-#BIN_DIR=$(cat .bin_dir)
+BIN_DIR=$(cat .bin_dir)
 
 export PATH="${BIN_DIR}:${PATH}"
 
@@ -38,32 +42,11 @@ cd .testrepo || exit 1
 
 find . -name "*"
 
-if [[ ! -f "argocd/${LAYER}/cluster/${SERVER_NAME}/${TYPE}/${NAMESPACE}-${COMPONENT_NAME}.yaml" ]]; then
-  echo "ArgoCD config missing - argocd/${LAYER}/cluster/${SERVER_NAME}/${TYPE}/${NAMESPACE}-${COMPONENT_NAME}.yaml"
-  exit 1
-fi
-
-echo "Printing argocd/${LAYER}/cluster/${SERVER_NAME}/${TYPE}/${NAMESPACE}-${COMPONENT_NAME}.yaml"
-cat "argocd/${LAYER}/cluster/${SERVER_NAME}/${TYPE}/${NAMESPACE}-${COMPONENT_NAME}.yaml"
 
-echo "Printing payload/${LAYER}/namespace/${NAMESPACE}/${COMPONENT_NAME}/values.yaml"
-cat "payload/${LAYER}/namespace/${NAMESPACE}/${COMPONENT_NAME}/values.yaml"
-
-count=0
-until kubectl get namespace "${NAMESPACE}" 1> /dev/null 2> /dev/null || [[ $count -eq 20 ]]; do
-  echo "Waiting for namespace: ${NAMESPACE}"
-  count=$((count + 1))
-  sleep 15
-done
-
-if [[ $count -eq 20 ]]; then
-  echo "Timed out waiting for namespace: ${NAMESPACE}"
-  exit 1
-else
-  echo "Found namespace: ${NAMESPACE}. Sleeping for 30 seconds to wait for everything to settle down"
-  sleep 30
-fi
+validate_gitops_content "${NAMESPACE}" "${LAYER}" "${SERVER_NAME}" "${TYPE}" "${COMPONENT_NAME}" "values.yaml"
+check_k8s_namespace "${NAMESPACE}"
 
+## testing for operator separtely here because it only needs 30min timer, the other deployments need much longer
 count=0
 until kubectl get deployment ibm-mas-manage-operator -n ${NAMESPACE} || [[ $count -eq 30 ]]; do
   echo "Waiting for deployment/ibm-mas-manage-operator in ${NAMESPACE}"
@@ -78,57 +61,16 @@ if [[ $count -eq 30 ]]; then
 fi
 
 ## workspace rollout 
-count=0
-until kubectl get deployment ${INSTNAME}-entitymgr-ws -n ${NAMESPACE} || [[ $count -eq 50 ]]; do
-  echo "Waiting for deployment/${INSTNAME}-entitymgr-ws in ${NAMESPACE}"
-  count=$((count + 1))
-  sleep 60
-done
-
-if [[ $count -eq 50 ]]; then
-  echo "Timed out waiting for deployment/${APPNAME}-entitymgr-ws in ${NAMESPACE}"
-  kubectl get all -n "${NAMESPACE}"
-  exit 1
-fi
-
-kubectl get deployments -n ${NAMESPACE}
+check_k8s_resource "${NAMESPACE}" deployment "${INSTNAME}-entitymgr-ws"
 
 ## maxinst deployment must succeed or nothing will work - this can take up to 4.5hrs if demo data is deployed too
-count=0
-until kubectl get deployment ${WSNAME}-manage-maxinst -n ${NAMESPACE} || [[ $count -eq 200 ]]; do
-  echo "Waiting for deployment/${WSNAME}-manage-maxinst in ${NAMESPACE}"
-  count=$((count + 1))
-  sleep 1m
-done
-
-if [[ $count -eq 200 ]]; then
-  echo "Timed out waiting for deployment/${WSNAME}-manage-maxinst in ${NAMESPACE}"
-  kubectl get all -n "${NAMESPACE}"
-  exit 1
-fi
-
-
-kubectl get deployments -n ${NAMESPACE}
+check_k8s_resource "${NAMESPACE}" deployment "${WSNAME}-manage-maxinst"
 
 ## last test for all deploy
-count=0
-until kubectl get deployment ${WSNAME}-all -n ${NAMESPACE} || [[ $count -eq 200 ]]; do
-  echo "Waiting for deployment/${WSNAME}-all in ${NAMESPACE}"
-  count=$((count + 1))
-  sleep 1m
-done
-
-if [[ $count -eq 200 ]]; then
-  echo "Timed out waiting for deployment/${WSNAME}-all in ${NAMESPACE}"
-  kubectl get all -n "${NAMESPACE}"
-  exit 1
-fi
+check_k8s_resource "${NAMESPACE}" deployment "${WSNAME}-all"
 
 
 kubectl get deployments -n ${NAMESPACE}
 
-
-
-
 cd ..
 rm -rf .testrepo

.github/scripts/validation-functions.sh

@@ -0,0 +1,78 @@
+#!/usr/bin/env bash
+
+validate_gitops_content () {
+  local NS="$1"
+  local GITOPS_LAYER="$2"
+  local GITOPS_SERVER_NAME="$3"
+  local GITOPS_TYPE="$4"
+  local GITOPS_COMPONENT_NAME="$5"
+  local PAYLOAD_FILE="${6:-values.yaml}"
+
+  echo "Validating: namespace=${NS}, layer=${GITOPS_LAYER}, server=${GITOPS_SERVER_NAME}, type=${GITOPS_TYPE}, component=${GITOPS_COMPONENT_NAME}"
+
+  if [[ ! -f "argocd/${GITOPS_LAYER}/cluster/${GITOPS_SERVER_NAME}/${GITOPS_TYPE}/${NS}-${GITOPS_COMPONENT_NAME}.yaml" ]]; then
+    echo "ArgoCD config missing - argocd/${GITOPS_LAYER}/cluster/${GITOPS_SERVER_NAME}/${GITOPS_TYPE}/${NS}-${GITOPS_COMPONENT_NAME}.yaml" >&2
+    exit 1
+  fi
+
+  echo "Printing argocd/${GITOPS_LAYER}/cluster/${GITOPS_SERVER_NAME}/${GITOPS_TYPE}/${NS}-${GITOPS_COMPONENT_NAME}.yaml"
+  cat "argocd/${GITOPS_LAYER}/cluster/${GITOPS_SERVER_NAME}/${GITOPS_TYPE}/${NS}-${GITOPS_COMPONENT_NAME}.yaml"
+
+  if [[ ! -f "payload/${GITOPS_LAYER}/namespace/${NS}/${GITOPS_COMPONENT_NAME}/${PAYLOAD_FILE}" ]]; then
+    echo "Application values not found - payload/${GITOPS_LAYER}/namespace/${NS}/${GITOPS_COMPONENT_NAME}/${PAYLOAD_FILE}" >&2
+    exit 1
+  fi
+
+  echo "Printing payload/${GITOPS_LAYER}/namespace/${NS}/${GITOPS_COMPONENT_NAME}/${PAYLOAD_FILE}"
+  cat "payload/${GITOPS_LAYER}/namespace/${NS}/${GITOPS_COMPONENT_NAME}/${PAYLOAD_FILE}"
+}
+
+check_k8s_namespace () {
+  local NS="$1"
+
+  count=0
+  until kubectl get namespace "${NS}" 1> /dev/null 2> /dev/null || [[ $count -eq 20 ]]; do
+    echo "Waiting for namespace: ${NS}"
+    count=$((count + 1))
+    sleep 15
+  done
+
+  if [[ $count -eq 20 ]]; then
+    echo "Timed out waiting for namespace: ${NS}" >&2
+    exit 1
+  else
+    echo "Found namespace: ${NS}. Sleeping for 30 seconds to wait for everything to settle down"
+    sleep 30
+  fi
+}
+
+check_k8s_resource () {
+  local NS="$1"
+  local GITOPS_TYPE="$2"
+  local NAME="$3"
+
+  echo "Checking for resource: ${NS}/${GITOPS_TYPE}/${NAME}"
+
+  count=0
+  until kubectl get "${GITOPS_TYPE}" "${NAME}" -n "${NS}" 1> /dev/null 2> /dev/null || [[ $count -gt 200 ]]; do
+    echo "Waiting for ${GITOPS_TYPE}/${NAME} in ${NS}"
+    count=$((count + 1))
+    sleep 60
+  done
+
+  if [[ $count -gt 200 ]]; then
+    echo "Timed out waiting for ${GITOPS_TYPE}/${NAME}" >&2
+    kubectl get "${GITOPS_TYPE}" -n "${NS}"
+    exit 1
+  fi
+
+  kubectl get "${GITOPS_TYPE}" "${NAME}" -n "${NS}" -o yaml
+
+  if [[ "${GITOPS_TYPE}" =~ deployment|statefulset|daemonset ]]; then
+    kubectl rollout status "${GITOPS_TYPE}" "${NAME}" -n "${NS}" || exit 1
+  elif [[ "${GITOPS_TYPE}" == "job" ]]; then
+    kubectl wait --for=condition=complete "job/${NAME}" -n "${NS}" || exit 1
+  fi
+
+  echo "Done checking for resource: ${NS}/${GITOPS_TYPE}/${NAME}"
+}

.github/workflows/verify-pr.yaml

@@ -13,7 +13,7 @@ jobs:
     #uses: cloud-native-toolkit/action-workflows/.github/workflows/verify-gitops-module.yaml@v1
     uses: ./.github/workflows/verify-workflow.yaml
     with:
-      testcase: ocp4_latest_gitops_maximo
+      testcase: ocp4_latest_gitops_maximo_manage
     secrets:
       GIT_ORG: ${{ secrets.GIT_ORG }}
       AWS_CLUSTER_USERNAME: ${{ secrets.AWS_CLUSTER_USERNAME }}

.github/workflows/verify-workflow.yaml

@@ -8,7 +8,7 @@ on:
       testcase:
         required: true
         type: string
-        default: ocp4_latest_gitops_maximo
+        default: ocp4_latest_gitops_maximo_manage
       skipDestroy:
         required: false
         type: string

.github/workflows/verify.yaml

@@ -13,7 +13,7 @@ jobs:
     #uses: cloud-native-toolkit/action-workflows/.github/workflows/verify-gitops-module.yaml@v1
     uses: ./.github/workflows/verify-workflow.yaml
     with:
-      testcase: ocp4_latest_gitops_maximo
+      testcase: ocp4_latest_gitops_maximo_manage
     secrets:
       GIT_ORG: ${{ secrets.GIT_ORG }}
       AWS_CLUSTER_USERNAME: ${{ secrets.AWS_CLUSTER_USERNAME }}

README.md

@@ -1,13 +1,46 @@
-#  Maximo Application Suite - MAS Application Gitops terraform module
-![Verify and release module](https://github.com/cloud-native-toolkit/terraform-gitops-mas-manage/workflows/Verify%20and%20release%20module/badge.svg)
+#  Maximo Application Suite - MAS Manage Application Gitops terraform module
 
-Deploys the MAS applications as part of Maximo Application Suite via gitops.  To run, download the BOM (Bill of Materials) from the module catalog and build the terraform from there.  Specify the MAS-Core instance id - in the `instanceid` variable.  This will create a namespace of the name "mas-(instanceid)-(appid)".
+
+Deploys MAS Manage applications as part of Maximo Application Suite via gitops.  To run, download the BOM (Bill of Materials) from the module catalog and build the terraform from there.  Specify the MAS-Core instance id - in the `instanceid` variable.  This will create a namespace of the name `mas-(instanceid)-manage`.
 
 Note if your cluster is not setup for gitops, download the gitops bootstrap BOM from the module catalog first to setup the gitops tooling.
 
+## Supported Manage Industry Add-on solutions
+This module currently supports installing the following add-ons with MAS Manage:
+- Health
+- Civil Infrastructure
+
+Override the `addons` variable such that it looks like the following to deploy health with Manage: 
+
+`addons = ["health"]`
+
+To deploy Civil Infrastructure use:
+
+`addons = ["civil"]`
+
+The other industry solutions follow the same format and are comma separated if more than one is needed.  Note be sure to check MAS requirements as not all industry solutions can be deployed together.
+
+## Database re-use
+(skip if this is a new install and not re-using a database)
+
+You can reuse an existing Manage database by setting:   `reuse_db = true`  when calling the module.  If you are re-using the database then you must supply the `crypto` and `cryptox` keys from the previous install of Manage that encrypted the database or this new Manage install will fail when trying to access the database.  NOTE: The cypto keys are base64 encoded.  If you are copying the two crypto keys from a previous install directly from the cluster and for example download the `demo-manage-encryptionsecret.yaml` within the `manage` namespace, these will already have been base64 encoded and require you to decode them before setting them in the below two variables.  If not done, they will end up base6 encoded twice and the installation will not succeed.
+
+You can decode a key by running the following from a terminal prompt:
+
+`echo -n (your base64 key) | base64 --decode`
+
+```
+  crypto_key = var.database_crypto_key
+  cryptox_key = var.database_cryptox_key
+```
+
+## DB2Warehouse Setup
+If you are using DB2 Warehouse as your supported database, before you can install MAS Manage, DB2 Warehouse needs to be setup and requires DB2 administration tasks to be run.  It is recommended a DB2 specialist run the script: `db2_manage_upd.sh` found in the `scripts` directory of this repository.
+
+
 ## Supported platforms
 
-- OCP 4.6+
+- OCP 4.8+
 
 ## Suggested companion modules
 
@@ -37,6 +70,9 @@ module "mas_manage" {
   entitlement_key = module.catalog.entitlement_key
   instanceid = "mas8"
   appid = "manage"
+  workspace_id = "demo"
+  demodata = true
+  addons = ["health"]
 
 }
 ```

chart/ibm-masapp-manage-operator/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

chart/ibm-masapp-manage-operator/Chart.yaml

@@ -0,0 +1,24 @@
+apiVersion: v2
+name: ibm-masapp-manage-operator
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 1.0.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.0.0"

chart/ibm-masapp-manage-operator/templates/_helpers.tpl

@@ -0,0 +1,62 @@
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "ibm-masapp-manage-operator.name" -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "ibm-masapp-manage-operator.fullname" -}}
+{{- if .Values.fullnameOverride }}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "ibm-masapp-manage-operator.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "ibm-masapp-manage-operator.labels" -}}
+helm.sh/chart: {{ include "ibm-masapp-manage-operator.chart" . }}
+{{ include "ibm-masapp-manage-operator.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "ibm-masapp-manage-operator.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "ibm-masapp-manage-operator.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "ibm-masapp-manage-operator.serviceAccountName" -}}
+{{- if .Values.serviceAccount.create }}
+{{- default (include "ibm-masapp-manage-operator.fullname" .) .Values.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.serviceAccount.name }}
+{{- end }}
+{{- end }}