Updated for MVP deployment

SCT-Engineering · Sep 17, 2024 · 2fc5235 · 2fc5235
1 parent a3a673e
commit 2fc5235
Show file tree

Hide file tree

Showing 7 changed files with 72 additions and 37 deletions.
diff --git a/chart/kiali/.helmignore → charts/kiali/.helmignore b/chart/kiali/.helmignore → charts/kiali/.helmignore
diff --git a/chart/kiali/Chart.yaml → charts/kiali/Chart.yaml b/chart/kiali/Chart.yaml → charts/kiali/Chart.yaml
diff --git a/chart/kiali/templates/_helpers.tpl → charts/kiali/templates/_helpers.tpl b/chart/kiali/templates/_helpers.tpl → charts/kiali/templates/_helpers.tpl
diff --git a/chart/kiali/templates/kiali.yaml → charts/kiali/templates/kiali.yaml b/chart/kiali/templates/kiali.yaml → charts/kiali/templates/kiali.yaml
@@ -9,6 +9,8 @@ spec:
   istio_namespace: {{ .Values.istioNamespace | quote }}
   deployment:
     accessible_namespaces: "**"
+    image_name: {{ .Values.image_name | quote }}
+    # image_version: {{ .Values.image_version | quote }}
   external_services:
     grafana:
       auth:

diff --git a/chart/kiali/templates/secret.yaml → charts/kiali/templates/secret.yaml b/chart/kiali/templates/secret.yaml → charts/kiali/templates/secret.yaml
@@ -2,7 +2,7 @@
 apiVersion: v1
 kind: Secret
 metadata:
-  name: kiali
+  name: kiali-o
   labels:
     {{- include "kiali.labels" . | nindent 4 }}
 stringData:

diff --git a/chart/kiali/values.yaml → charts/kiali/values.yaml b/chart/kiali/values.yaml → charts/kiali/values.yaml
@@ -3,11 +3,12 @@ publicHostname: "kiali"
 publicDomain: "cluster.domain"
 
 istioNamespace: "istio-system"
-prometheusInClusterUrl: "http://loki-prometheus-server.logging.svc.cluster.local/"
+prometheusInClusterUrl: "http://loki-prometheus-server.prometheus.svc.cluster.local/"
 jaegerInClusterUrl: "http://istio-jaeger-query.istio-tools.svc.cluster.local:16686/"
-grafanaInClusterUrl: "http://loki-grafana.logging.svc.cluster.local/"
+grafanaInClusterUrl: "http://loki-grafana.grafana.svc.cluster.local/"
 grafanaPublicUrl: "https://grafana.cluster.domain/"
-grafanaUserName: "admin"
+# grafanaUserName: "admin"
+grafanaUserName: "YWRtaW4="
 grafanaSecretName: "kiali"
 grafanaSecretPasswordKey: "grafana_password"
 

diff --git a/main.tf b/main.tf
@@ -27,7 +27,19 @@ locals {
   kiali_oidc_secret = local.have_keycloak ? "ensure_secret kiali oidc-secret \"${var.sso_client_secret}\"" : ";"
 
   preinstall_script = <<CONFIG
-${local.kiali_oidc_secret}
+wait_for_istio_ready() {
+  local retries http_code
+  echo "$(timestamp) : Waiting to make sure istio-proxy is in ready state..."
+  retries=30
+  http_code="$(istio_proxy_health)"
+  while [ "$http_code" != "200" ] && [ $retries -gt 0 ]; do
+    sleep 2
+    retries=$(( retries - 1 ))
+    http_code="$(istio_proxy_health)"
+  done
+  echo "wait_for_istio_ready = $http_code"
+}
+wait_for_istio_ready
 ensure_secret kiali grafana_password "$(kubectl -n ${var.grafana_namespace} get secret ${var.grafana_secret_name} -o jsonpath='{.data.admin-password}' | base64 -d)"
 CONFIG
 }
@@ -71,16 +83,17 @@ data "kubernetes_namespace" "keycloak" {
 }
 
 module "service_account" {
-  #source = "git@github.it.census.gov:SOA/tfmod-config-job.git//service-account?ref=1.0.0"
-  source = "git@github.it.census.gov:SOA/tfmod-config-job.git//service-account"
+  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-config-job.git//service-account"
 
-  namespace = local.ns
+  namespace            = local.ns
+  read_only_namespaces = ["grafana"]
 }
 
 module "preinstall" {
-  #source = "git@github.it.census.gov:SOA/tfmod-config-job.git//config-job?ref=1.0.0"
-  source = "git@github.it.census.gov:SOA/tfmod-config-job.git//config-job"
+  source = "git@github.e.it.census.gov:SCT-Engineering/tfmod-config-job.git//config-job?ref=feature-kiali-baseline"
 
+  profile              = var.profile
+  cluster_name         = var.cluster_name
   namespace            = local.ns
   service_account_name = module.service_account.service_account_name
   job_name             = "istio-tools-config-job"
@@ -114,18 +127,35 @@ resource "helm_release" "kiali-operator" {
     name  = "watchNamespace"
     value = local.ns
   }
+  set {
+    name  = "allowAdHocKialiImage"
+    value = true
+  }
 }
 
 resource "helm_release" "kiali" {
   depends_on = [
     helm_release.kiali-operator,
-    module.preinstall,
+    # module.preinstall,
   ]
 
   chart      = "kiali"
   name       = "kiali"
   namespace  = local.ns
-  repository = "${path.module}/charts"
+  repository = "./charts"
+  # repository = "${path.module}/charts"
+
+  set {
+    name  = "image_name"
+    value = format("%v/%v",
+      module.images.images[local.kiali_key].dest_registry,
+      module.images.images[local.kiali_key].dest_repository
+    )
+  }
+  set {
+    name  = "image_version"
+    value = module.images.images[local.kiali_key].tag
+  }
 
   set {
     name  = "publicHostname"
@@ -158,7 +188,8 @@ resource "helm_release" "kiali" {
   }
   set {
     name  = "grafanaUserName"
-    value = "admin"
+    value = "YWRtaW4="
+    # value = "admin"
   }
   set {
     name  = "grafanaSecretName"
@@ -168,6 +199,7 @@ resource "helm_release" "kiali" {
     name  = "grafanaPasswordKey"
     value = "grafana_password"
   }
+}
 
   #  dynamic "set" {
   #    for_each = local.have_keycloak ? ["openid"] : ["anonymous"]
@@ -204,28 +236,28 @@ resource "helm_release" "kiali" {
   #      value = set.value
   #    }
   #  }
-}
 
-module "kiali_ingress" {
-  depends_on = [helm_release.kiali]
-
-  #source = "git@github.it.census.gov:SOA/tfmod-gogatekeeper.git//>ref=1.0.0"
-  source = "git@github.it.census.gov:SOA/tfmod-gogatekeeper.git//"
-
-  certificate_issuer = var.certificate_issuer
-
-  namespace                  = local.ns
-  application_name           = "kiali"
-  public_hostname            = "kiali"
-  cluster_domain             = var.cluster_domain
-  upstream_hostname          = local.internal_hostname
-  upstream_port              = local.internal_port_number
-  redirection_url            = local.public_url
-  client_id                  = var.sso_client_id
-  client_secret              = var.sso_client_secret
-  keycloak_public_url        = var.keycloak_public_url
-  gogatekeeper_chart_version = var.gogatekeeper_chart_version
-  gogatekeeper_registry      = var.gogatekeeper_registry
-  gogatekeeper_repository    = var.gogatekeeper_repository
-  gogatekeeper_tag           = var.gogatekeeper_tag
-}
+
+# module "kiali_ingress" {
+#   depends_on = [helm_release.kiali]
+
+#   #source = "git@github.it.census.gov:SOA/tfmod-gogatekeeper.git//>ref=1.0.0"
+#   source = "git@github.it.census.gov:SOA/tfmod-gogatekeeper.git//"
+
+#   certificate_issuer = var.certificate_issuer
+
+#   namespace                  = local.ns
+#   application_name           = "kiali"
+#   public_hostname            = "kiali"
+#   cluster_domain             = var.cluster_domain
+#   upstream_hostname          = local.internal_hostname
+#   upstream_port              = local.internal_port_number
+#   redirection_url            = local.public_url
+#   client_id                  = var.sso_client_id
+#   client_secret              = var.sso_client_secret
+#   keycloak_public_url        = var.keycloak_public_url
+#   gogatekeeper_chart_version = var.gogatekeeper_chart_version
+#   gogatekeeper_registry      = var.gogatekeeper_registry
+#   gogatekeeper_repository    = var.gogatekeeper_repository
+#   gogatekeeper_tag           = var.gogatekeeper_tag
+# }