[MOSIP-38705] & [38705] added installation script for esignet-with-pl…

db_scripts/mosip_esignet/deploy.sh

@@ -16,29 +16,28 @@ else
 fi
 
 ## Terminate existing connections
-echo "Terminating active connections" 
+echo "Terminating active connections"
 CONN=$(PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -t -c "SELECT count(pg_terminate_backend(pg_stat_activity.pid)) FROM pg_stat_activity WHERE datname = '$MOSIP_DB_NAME' AND pid <> pg_backend_pid()";exit;)
 echo "Terminated connections"
 
 ## Drop db and role
-PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f drop_db.sql 
-PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f drop_role.sql 
+PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f drop_db.sql
+PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f drop_role.sql
 
 ## Create users
 echo `date "+%m/%d/%Y %H:%M:%S"` ": Creating database users" | tee
-PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f role_dbuser.sql -v dbuserpwd=\'$DBUSER_PWD\' 
+PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f role_dbuser.sql -v dbuserpwd=\'$DBUSER_PWD\'
 
 ## Create DB
-PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f db.sql 
-PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f ddl.sql 
+PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f db.sql
+PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f ddl.sql
 
 ## Grants
-PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f grants.sql 
+PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -f grants.sql
 
 ## Populate tables
 if [ ${DML_FLAG} == 1 ]
 then
-    echo `date "+%m/%d/%Y %H:%M:%S"` ": Deploying DML for ${MOSIP_DB_NAME} database" 
-    PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f dml.sql 
+    echo `date "+%m/%d/%Y %H:%M:%S"` ": Deploying DML for ${MOSIP_DB_NAME} database"
+    PGPASSWORD=$SU_USER_PWD psql -v ON_ERROR_STOP=1 --username=$SU_USER --host=$DB_SERVERIP --port=$DB_PORT --dbname=$DEFAULT_DB_NAME -a -b -f dml.sql
 fi
-

deploy/esignet-with-plugins/.gitignore

@@ -0,0 +1,2 @@
+charts/
+Chart.lock

deploy/esignet-with-plugins/.helmignore

@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj

deploy/esignet-with-plugins/delete.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+# Uninstalls esignet-with-plugins helm chart
+## Usage: ./delete.sh [kubeconfig]
+
+if [ $# -ge 1 ] ; then
+  export KUBECONFIG=$1
+fi
+
+function Deleting_esignet_with_plugins() {
+  NS=esignet
+  while true; do
+      read -p "Are you sure you want to delete all esignet-with-plugins helm charts?(Y/n) " yn
+      if [[ $yn = "Y" ]] || [[ $yn = "y" ]];
+        then
+          helm -n $NS delete esignet-with-plugins
+          break
+        else
+          break
+      fi
+  done
+  return 0
+}
+
+# set commands for error handling.
+set -e
+set -o errexit   ## set -e : exit the script if any statement returns a non-true return value
+set -o nounset   ## set -u : exit the script if you try to use an uninitialised variable
+set -o errtrace  # trace ERR through 'time command' and other functions
+set -o pipefail  # trace ERR through pipes
+Deleting_esignet_with_plugins   # calling function
+

deploy/esignet-with-plugins/install.sh

@@ -0,0 +1,118 @@
+#!/bin/bash
+# Installs esignet-with-plugins helm chart
+## Usage: ./install.sh [kubeconfig]
+
+if [ $# -ge 1 ] ; then
+  export KUBECONFIG=$1
+fi
+
+echo Create $NS namespace
+kubectl create ns $NS
+
+function installing_esignet_with_plugins() {
+
+  while true; do
+      read -p "Do you want to continue installing esignet-with-plugins services? (y/n): " ans
+      if [ "$ans" = "Y" ] || [ "$ans" = "y" ]; then
+          break
+      elif [ "$ans" = "N" ] || [ "$ans" = "n" ]; then
+          exit 1
+      else
+          echo "Please provide a correct option (Y or N)"
+      fi
+  done
+
+  NS=esignet
+  CHART_VERSION=1.5.0-develop
+
+  ESIGNET_HOST=$(kubectl -n esignet get cm esignet-global -o jsonpath={.data.mosip-esignet-host})
+
+  echo Create $NS namespace
+  kubectl create ns $NS || true
+
+  echo Istio label
+  kubectl label ns $NS istio-injection=enabled --overwrite
+  helm repo add mosip https://mosip.github.io/mosip-helm
+  helm repo update
+
+  COPY_UTIL=../copy_cm_func.sh
+  $COPY_UTIL configmap esignet-softhsm-share softhsm $NS
+  $COPY_UTIL configmap postgres-config postgres $NS
+  $COPY_UTIL configmap redis-config redis $NS
+  $COPY_UTIL secret esignet-softhsm softhsm $NS
+  $COPY_UTIL secret redis redis $NS
+
+  while true; do
+    read -p "Is Prometheus Service Monitor Operator deployed in the k8s cluster? (y/n): " response
+    if [[ "$response" == "y" || "$response" == "Y" ]]; then
+      servicemonitorflag=true
+      break
+    elif [[ "$response" == "n" || "$response" == "N" ]]; then
+      servicemonitorflag=false
+      break
+    else
+      echo "Not a correct response. Please respond with y (yes) or n (no)."
+    fi
+  done
+
+  echo "Do you have public domain & valid SSL? (Y/n) "
+  echo "Y: if you have public domain & valid ssl certificate"
+  echo "n: If you don't have a public domain and a valid SSL certificate. Note: It is recommended to use this option only in development environments."
+  read -p "" flag
+
+  if [ -z "$flag" ]; then
+    echo "'flag' was provided; EXITING;"
+    exit 1;
+  fi
+  ENABLE_INSECURE=''
+  if [ "$flag" = "n" ]; then
+    ENABLE_INSECURE='--set enable_insecure=true';
+  fi
+
+  while true; do
+    read -p "Do you want to use the default plugins? (y/n): " ans
+    if [[ "$ans" == "y" || "$ans" == "Y" ]]; then
+      echo "Default plugins are listed below, please provide the correct plugin number."
+      echo "1. esignet-mock-plugin.jar"
+      echo "2. mosip-identity-plugin.jar"
+      read -p "Enter the plugin number: " plugin_no
+        while true; do
+          if [[ "$plugin_no" == "1" ]]; then
+            plugin_option="--set pluginNameEnv=esignet-mock-plugin.jar"
+            break
+          elif [[ "$plugin_no" == "2" ]]; then
+            plugin_option="--set pluginNameEnv=mosip-identity-plugin.jar"
+            break
+          else
+            echo "please provide the correct plugin number (1 or 2)."
+          fi
+        done
+      break
+    elif [[ "$ans" == "n" || "$ans" == "N" ]]; then
+      read -p "Provide the URL to download the plugins zip " plugin_url
+      read -p "Provide the plugin jar name (with extension eg., test-plugin.jar) " plugin_jar
+      plugin_option="--set pluginNameEnv=$plugin_jar --set pluginUrlEnv=$plugin_url"
+      break
+    else
+      echo " Invalid response. Please respond with y (yes) or n (no)."
+    fi
+  done
+
+  echo Installing esignet-with-plugins
+  helm -n $NS install esignet-with-plugins mosip/esignet --version $CHART_VERSION \
+  $ENABLE_INSECURE $plugin_option \
+  --set metrics.serviceMonitor.enabled=$servicemonitorflag -f values.yaml --wait
+
+  kubectl -n $NS  get deploy -o name |  xargs -n1 -t  kubectl -n $NS rollout status
+
+  echo Installed esignet-with-plugins service
+  return 0
+}
+
+# set commands for error handling.
+set -e
+set -o errexit   ## set -e : exit the script if any statement returns a non-true return value
+set -o nounset   ## set -u : exit the script if you try to use an uninitialised variable
+set -o errtrace  # trace ERR through 'time command' and other functions
+set -o pipefail  # trace ERR through pipes
+installing_esignet_with_plugins   # calling function

deploy/esignet-with-plugins/restart.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+# Restarts the esignet-with-plugins service
+
+if [ $# -ge 1 ] ; then
+  export KUBECONFIG=$1
+fi
+
+function Restarting_esignet_with_plugins() {
+  NS=esignet
+  kubectl -n $NS rollout restart deploy  esignet-with-plugins
+
+  kubectl -n $NS  get deploy esignet-with-plugins -o name  |  xargs -n1 -t  kubectl -n $NS rollout status
+
+  echo Retarted esignet-with-plugins services
+  return 0
+}
+
+# set commands for error handling.
+set -e
+set -o errexit   ## set -e : exit the script if any statement returns a non-true return value
+set -o nounset   ## set -u : exit the script if you try to use an uninitialised variable
+set -o errtrace  # trace ERR through 'time command' and other functions
+set -o pipefail  # trace ERR through pipes
+Restarting_esignet_with_plugins   # calling function

deploy/esignet-with-plugins/values.yaml

@@ -0,0 +1,103 @@
+## Uncomment required parms added with single '#' when needed.
+#image:
+#  registry: docker.io
+#  repository: mosipdev/esignet
+#  tag: develop
+
+#extraEnvVars: |
+#  - name: KEYCLOAK_EXTERNAL_URL
+#    valueFrom:
+#      configMapKeyRef:
+#        name: keycloak-host
+#        key: keycloak-external-url
+#  - name: MOSIP_ESIGNET_CAPTCHA_SITE_KEY
+#    valueFrom:
+#      secretKeyRef:
+#        name: esignet-captcha
+#        key: esignet-captcha-site-key
+#  - name: MOSIP_ESIGNET_CAPTCHA_MODULE_NAME
+#    value: esignet
+#  - name: IDA_AUTHENTICATOR_ENV
+#    value: Staging
+#  - name: REDIS_HOST
+#    valueFrom:
+#      configMapKeyRef:
+#        name: redis-config
+#        key: redis-host
+#  - name: REDIS_PORT
+#    valueFrom:
+#      configMapKeyRef:
+#        name: redis-config
+#        key: redis-port
+#  - name: REDIS_PASSWORD
+#    valueFrom:
+#      secretKeyRef:
+#        name: redis
+#        key: redis-password
+#  - name: DATABASE_HOST
+#    valueFrom:
+#      configMapKeyRef:
+#        name: postgres-config
+#        key: database-host
+#  - name: DATABASE_PORT
+#    valueFrom:
+#      configMapKeyRef:
+#        name: postgres-config
+#        key: database-port
+#  - name: DATABASE_NAME
+#    valueFrom:
+#      configMapKeyRef:
+#        name: postgres-config
+#        key: database-name
+#  - name: DATABASE_USERNAME
+#    valueFrom:
+#      configMapKeyRef:
+#        name: postgres-config
+#        key: database-username
+#  - name: DB_DBUSER_PASSWORD
+#    valueFrom:
+#      secretKeyRef:
+#        name: db-common-secrets
+#        key: db-dbuser-password
+#  - name: SOFTHSM_ESIGNET_SECURITY_PIN
+#    valueFrom:
+#      secretKeyRef:
+#        name: esignet-softhsm
+#        key: security-pin
+#  - name: MOSIP_ESIGNET_HOST
+#    valueFrom:
+#      configMapKeyRef:
+#        name: esignet-global
+#        key: mosip-esignet-host
+#  - name: MOSIP_SIGNUP_HOST
+#    valueFrom:
+#      configMapKeyRef:
+#        name: esignet-global
+#        key: mosip-signup-host
+#  - name: MOSIP_IDA_CLIENT_SECRET
+#    valueFrom:
+#      secretKeyRef:
+#        name: keycloak-client-secrets
+#        key: mosip_ida_client_secret
+#  - name: MOSIP_ESIGNET_MISP_KEY
+#    valueFrom:
+#      secretKeyRef:
+#        name: esignet-misp-onboarder-key
+#        key: mosip-esignet-misp-key
+#extraEnvVarsCM:
+#  - esignet-softhsm-share
+
+#extraEnvVarsSecret: []
+
+#istio:
+#  enabled: true
+#  gateways:
+#    - istio-system/public
+#    - istio-system/internal
+#  prefix: /v1/esignet/
+
+#enable_insecure: false
+#springConfigNameEnv:
+#activeProfileEnv:
+#pluginNameEnv: esignet-mock-plugin.jar
+#pluginUrlEnv:

deploy/esignet/install.sh

@@ -22,7 +22,6 @@ function installing_esignet() {
       fi
   done
 
-
   NS=esignet
   CHART_VERSION=1.5.0-develop
 
@@ -70,37 +69,14 @@ function installing_esignet() {
     ENABLE_INSECURE='--set enable_insecure=true';
   fi
 
-  while true; do
-    read -p "Do you want to use the default plugins? (y/n): " ans
-    if [[ "$ans" == "y" || "$ans" == "Y" ]]; then
-      echo "Default plugins are listed below, please provide the correct plugin number."
-      echo "1. esignet-mock-plugin.jar"
-      echo "2. mosip-identity-plugin.jar"
-      read -p "Enter the plugin number: " plugin_no
-        while true; do
-          if [[ "$plugin_no" == "1" ]]; then
-            plugin_option="--set pluginNameEnv=esignet-mock-plugin.jar"
-            break
-          elif [[ "$plugin_no" == "2" ]]; then
-            plugin_option="--set pluginNameEnv=mosip-identity-plugin.jar"
-            break
-          else
-            echo "please provide the correct plugin number (1 or 2)."
-          fi
-        done
-      break
-    elif [[ "$ans" == "n" || "$ans" == "N" ]]; then
-      read -p "Provide the URL to download the plugins zip " plugin_url
-      read -p "Provide the plugin jar name (with extension eg., test-plugin.jar) " plugin_jar
-      plugin_option="--set pluginNameEnv=$plugin_jar --set pluginUrlEnv=$plugin_url"
-      break
-    else
-      echo " Invalid response. Please respond with y (yes) or n (no)."
-    fi
-  done
+  read -p "Provide the URL to download the plugins zip " plugin_url
+  read -p "Provide the plugin jar name (with extension eg., test-plugin.jar) " plugin_jar
+  plugin_option="--set pluginNameEnv=$plugin_jar --set pluginUrlEnv=$plugin_url"
 
   echo Installing esignet
-  helm -n $NS install esignet mosip/esignet --version $CHART_VERSION $ENABLE_INSECURE $plugin_option \
+  helm -n $NS install esignet mosip/esignet --version $CHART_VERSION \
+  --set image.repository=mosipdev/esignet --set image.tag=develop \
+  $ENABLE_INSECURE $plugin_option \
   --set metrics.serviceMonitor.enabled=$servicemonitorflag -f values.yaml --wait
 
   kubectl -n $NS  get deploy -o name |  xargs -n1 -t  kubectl -n $NS rollout status