[MOSIP-38705] & [MOSIP-38705] added installation script for esignet-w…

.github/workflows/push-trigger.yml

@@ -257,7 +257,7 @@ jobs:
           find ${{ env.SERVICE_LOCATION }} -path '*/target/*' -exec zip ${{ env.BUILD_ARTIFACT }}.zip {} +
       - name: Upload the springboot jars
         if: ${{ !contains(github.ref, 'master') || !contains(github.ref, 'main') }}
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
           name: ${{ env.BUILD_ARTIFACT }}
           path: ${{ env.BUILD_ARTIFACT }}.zip

deploy/delete-all.sh

@@ -14,7 +14,7 @@ function Deleting_All() {
   helm -n $SOFTHSM_NS delete esignet-softhsm
 
   declare -a module=("oidc-ui"
-                     "esignet"
+                     "esignet-with-plugins"
                      "captcha"
                     )
   echo Deleting esignet services

deploy/esignet-with-plugins/.gitignore

@@ -0,0 +1,2 @@
+charts/
+Chart.lock

deploy/esignet-with-plugins/.helmignore

@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj

deploy/esignet-with-plugins/delete.sh

@@ -0,0 +1,31 @@
+#!/bin/bash
+# Uninstalls esignet-with-plugins helm chart
+## Usage: ./delete.sh [kubeconfig]
+
+if [ $# -ge 1 ] ; then
+  export KUBECONFIG=$1
+fi
+
+function Deleting_esignet_with_plugins() {
+  NS=esignet
+  while true; do
+      read -p "Are you sure you want to delete all esignet-with-plugins helm charts?(Y/n) " yn
+      if [[ $yn = "Y" ]] || [[ $yn = "y" ]];
+        then
+          helm -n $NS delete esignet
+          break
+        else
+          break
+      fi
+  done
+  return 0
+}
+
+# set commands for error handling.
+set -e
+set -o errexit   ## set -e : exit the script if any statement returns a non-true return value
+set -o nounset   ## set -u : exit the script if you try to use an uninitialised variable
+set -o errtrace  # trace ERR through 'time command' and other functions
+set -o pipefail  # trace ERR through pipes
+Deleting_esignet_with_plugins   # calling function
+

deploy/esignet-with-plugins/install.sh

@@ -0,0 +1,118 @@
+#!/bin/bash
+# Installs esignet-with-plugins helm chart
+## Usage: ./install.sh [kubeconfig]
+
+if [ $# -ge 1 ] ; then
+  export KUBECONFIG=$1
+fi
+
+echo Create $NS namespace
+kubectl create ns $NS
+
+function installing_esignet_with_plugins() {
+
+  while true; do
+      read -p "Do you want to continue installing esignet-with-plugins services? (y/n): " ans
+      if [ "$ans" = "Y" ] || [ "$ans" = "y" ]; then
+          break
+      elif [ "$ans" = "N" ] || [ "$ans" = "n" ]; then
+          exit 1
+      else
+          echo "Please provide a correct option (Y or N)"
+      fi
+  done
+
+  NS=esignet
+  CHART_VERSION=1.5.0-develop
+
+  ESIGNET_HOST=$(kubectl -n esignet get cm esignet-global -o jsonpath={.data.mosip-esignet-host})
+
+  echo Create $NS namespace
+  kubectl create ns $NS || true
+
+  echo Istio label
+  kubectl label ns $NS istio-injection=enabled --overwrite
+  helm repo add mosip https://mosip.github.io/mosip-helm
+  helm repo update
+
+  COPY_UTIL=../copy_cm_func.sh
+  $COPY_UTIL configmap esignet-softhsm-share softhsm $NS
+  $COPY_UTIL configmap postgres-config postgres $NS
+  $COPY_UTIL configmap redis-config redis $NS
+  $COPY_UTIL secret esignet-softhsm softhsm $NS
+  $COPY_UTIL secret redis redis $NS
+
+  while true; do
+    read -p "Is Prometheus Service Monitor Operator deployed in the k8s cluster? (y/n): " response
+    if [[ "$response" == "y" || "$response" == "Y" ]]; then
+      servicemonitorflag=true
+      break
+    elif [[ "$response" == "n" || "$response" == "N" ]]; then
+      servicemonitorflag=false
+      break
+    else
+      echo "Not a correct response. Please respond with y (yes) or n (no)."
+    fi
+  done
+
+  echo "Do you have public domain & valid SSL? (Y/n) "
+  echo "Y: if you have public domain & valid ssl certificate"
+  echo "n: If you don't have a public domain and a valid SSL certificate. Note: It is recommended to use this option only in development environments."
+  read -p "" flag
+
+  if [ -z "$flag" ]; then
+    echo "'flag' was provided; EXITING;"
+    exit 1;
+  fi
+  ENABLE_INSECURE=''
+  if [ "$flag" = "n" ]; then
+    ENABLE_INSECURE='--set enable_insecure=true';
+  fi
+
+  while true; do
+    read -p "Do you want to use the default plugins? (y/n): " ans
+    if [[ "$ans" == "y" || "$ans" == "Y" ]]; then
+      echo "Default plugins are listed below, please provide the correct plugin number."
+      echo "1. esignet-mock-plugin.jar"
+      echo "2. mosip-identity-plugin.jar"
+      read -p "Enter the plugin number: " plugin_no
+        while true; do
+          if [[ "$plugin_no" == "1" ]]; then
+            plugin_option="--set pluginNameEnv=esignet-mock-plugin.jar"
+            break
+          elif [[ "$plugin_no" == "2" ]]; then
+            plugin_option="--set pluginNameEnv=mosip-identity-plugin.jar"
+            break
+          else
+            echo "please provide the correct plugin number (1 or 2)."
+          fi
+        done
+      break
+    elif [[ "$ans" == "n" || "$ans" == "N" ]]; then
+      read -p "Provide the URL to download the plugins zip " plugin_url
+      read -p "Provide the plugin jar name (with extension eg., test-plugin.jar) " plugin_jar
+      plugin_option="--set pluginNameEnv=$plugin_jar --set pluginUrlEnv=$plugin_url"
+      break
+    else
+      echo " Invalid response. Please respond with y (yes) or n (no)."
+    fi
+  done
+
+  echo Installing esignet-with-plugins
+  helm -n $NS install esignet mosip/esignet --version $CHART_VERSION \
+  $ENABLE_INSECURE $plugin_option \
+  --set metrics.serviceMonitor.enabled=$servicemonitorflag -f values.yaml --wait
+
+  kubectl -n $NS  get deploy -o name |  xargs -n1 -t  kubectl -n $NS rollout status
+
+  echo Installed esignet-with-plugins service
+  return 0
+}
+
+# set commands for error handling.
+set -e
+set -o errexit   ## set -e : exit the script if any statement returns a non-true return value
+set -o nounset   ## set -u : exit the script if you try to use an uninitialised variable
+set -o errtrace  # trace ERR through 'time command' and other functions
+set -o pipefail  # trace ERR through pipes
+installing_esignet_with_plugins   # calling function

deploy/esignet-with-plugins/restart.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+# Restarts the esignet-with-plugins service
+
+if [ $# -ge 1 ] ; then
+  export KUBECONFIG=$1
+fi
+
+function Restarting_esignet_with_plugins() {
+  NS=esignet
+  kubectl -n $NS rollout restart deploy  esignet
+
+  kubectl -n $NS  get deploy esignet -o name  |  xargs -n1 -t  kubectl -n $NS rollout status
+
+  echo Retarted esignet-with-plugins services
+  return 0
+}
+
+# set commands for error handling.
+set -e
+set -o errexit   ## set -e : exit the script if any statement returns a non-true return value
+set -o nounset   ## set -u : exit the script if you try to use an uninitialised variable
+set -o errtrace  # trace ERR through 'time command' and other functions
+set -o pipefail  # trace ERR through pipes
+Restarting_esignet_with_plugins   # calling function

deploy/esignet-with-plugins/values.yaml

@@ -0,0 +1,103 @@
+## Uncomment required parms added with single '#' when needed.
+#image:
+#  registry: docker.io
+#  repository: mosipdev/esignet
+#  tag: develop
+
+#extraEnvVars: |
+#  - name: KEYCLOAK_EXTERNAL_URL
+#    valueFrom:
+#      configMapKeyRef:
+#        name: keycloak-host
+#        key: keycloak-external-url
+#  - name: MOSIP_ESIGNET_CAPTCHA_SITE_KEY
+#    valueFrom:
+#      secretKeyRef:
+#        name: esignet-captcha
+#        key: esignet-captcha-site-key
+#  - name: MOSIP_ESIGNET_CAPTCHA_MODULE_NAME
+#    value: esignet
+#  - name: IDA_AUTHENTICATOR_ENV
+#    value: Staging
+#  - name: REDIS_HOST
+#    valueFrom:
+#      configMapKeyRef:
+#        name: redis-config
+#        key: redis-host
+#  - name: REDIS_PORT
+#    valueFrom:
+#      configMapKeyRef:
+#        name: redis-config
+#        key: redis-port
+#  - name: REDIS_PASSWORD
+#    valueFrom:
+#      secretKeyRef:
+#        name: redis
+#        key: redis-password
+#  - name: DATABASE_HOST
+#    valueFrom:
+#      configMapKeyRef:
+#        name: postgres-config
+#        key: database-host
+#  - name: DATABASE_PORT
+#    valueFrom:
+#      configMapKeyRef:
+#        name: postgres-config
+#        key: database-port
+#  - name: DATABASE_NAME
+#    valueFrom:
+#      configMapKeyRef:
+#        name: postgres-config
+#        key: database-name
+#  - name: DATABASE_USERNAME
+#    valueFrom:
+#      configMapKeyRef:
+#        name: postgres-config
+#        key: database-username
+#  - name: DB_DBUSER_PASSWORD
+#    valueFrom:
+#      secretKeyRef:
+#        name: db-common-secrets
+#        key: db-dbuser-password
+#  - name: SOFTHSM_ESIGNET_SECURITY_PIN
+#    valueFrom:
+#      secretKeyRef:
+#        name: esignet-softhsm
+#        key: security-pin
+#  - name: MOSIP_ESIGNET_HOST
+#    valueFrom:
+#      configMapKeyRef:
+#        name: esignet-global
+#        key: mosip-esignet-host
+#  - name: MOSIP_SIGNUP_HOST
+#    valueFrom:
+#      configMapKeyRef:
+#        name: esignet-global
+#        key: mosip-signup-host
+#  - name: MOSIP_IDA_CLIENT_SECRET
+#    valueFrom:
+#      secretKeyRef:
+#        name: keycloak-client-secrets
+#        key: mosip_ida_client_secret
+#  - name: MOSIP_ESIGNET_MISP_KEY
+#    valueFrom:
+#      secretKeyRef:
+#        name: esignet-misp-onboarder-key
+#        key: mosip-esignet-misp-key
+#extraEnvVarsCM:
+#  - esignet-softhsm-share
+
+#extraEnvVarsSecret: []
+
+#istio:
+#  enabled: true
+#  gateways:
+#    - istio-system/public
+#    - istio-system/internal
+#  prefix: /v1/esignet/
+
+#enable_insecure: false
+#springConfigNameEnv:
+#activeProfileEnv:
+#pluginNameEnv: esignet-mock-plugin.jar
+#pluginUrlEnv:

deploy/esignet/install.sh

@@ -22,7 +22,6 @@ function installing_esignet() {
       fi
   done
 
-
   NS=esignet
   CHART_VERSION=1.5.0-develop
 
@@ -32,6 +31,7 @@ function installing_esignet() {
   kubectl create ns $NS || true
 
   echo Istio label
+  kubectl label ns $NS istio-injection=enabled --overwrite
   helm repo add mosip https://mosip.github.io/mosip-helm
   helm repo update
 
@@ -69,37 +69,14 @@ function installing_esignet() {
     ENABLE_INSECURE='--set enable_insecure=true';
   fi
 
-  while true; do
-    read -p "Do you want to use the default plugins? (y/n): " ans
-    if [[ "$ans" == "y" || "$ans" == "Y" ]]; then
-      echo "Default plugins are listed below, please provide the correct plugin number."
-      echo "1. esignet-mock-plugin.jar"
-      echo "2. mosip-identity-plugin.jar"
-      read -p "Enter the plugin number: " plugin_no
-        while true; do
-          if [[ "$plugin_no" == "1" ]]; then
-            plugin_option="--set pluginNameEnv=esignet-mock-plugin.jar"
-            break
-          elif [[ "$plugin_no" == "2" ]]; then
-            plugin_option="--set pluginNameEnv=mosip-identity-plugin.jar"
-            break
-          else
-            echo "please provide the correct plugin number (1 or 2)."
-          fi
-        done
-      break
-    elif [[ "$ans" == "n" || "$ans" == "N" ]]; then
-      read -p "Provide the URL to download the plugins zip " plugin_url
-      read -p "Provide the plugin jar name (with extension eg., test-plugin.jar) " plugin_jar
-      plugin_option="--set pluginNameEnv=$plugin_jar --set pluginUrlEnv=$plugin_url"
-      break
-    else
-      echo " Invalid response. Please respond with y (yes) or n (no)."
-    fi
-  done
+  read -p "Provide the URL to download the plugins zip " plugin_url
+  read -p "Provide the plugin jar name (with extension eg., test-plugin.jar) " plugin_jar
+  plugin_option="--set pluginNameEnv=$plugin_jar --set pluginUrlEnv=$plugin_url"
 
   echo Installing esignet
-  helm -n $NS install esignet mosip/esignet --version $CHART_VERSION $ENABLE_INSECURE $plugin_option \
+  helm -n $NS install esignet mosip/esignet --version $CHART_VERSION \
+  --set image.repository=mosipdev/esignet --set image.tag=release-1.5.x \
+  $ENABLE_INSECURE $plugin_option \
   --set metrics.serviceMonitor.enabled=$servicemonitorflag -f values.yaml --wait
 
   kubectl -n $NS  get deploy -o name |  xargs -n1 -t  kubectl -n $NS rollout status

deploy/install-esignet.sh

@@ -13,7 +13,7 @@ function installing_eSignet() {
 
   helm repo add mosip https://mosip.github.io/mosip-helm
   # List of modules to install
-  declare -a modules=("esignet" "oidc-ui")
+  declare -a modules=("esignet-with-plugins" "oidc-ui")
 
   echo "Installing eSignet services"