Merge pull request #124 from bcgov/set-dr-active

Set gold DR to active

.github/workflows/set-dr-active.yml

@@ -0,0 +1,52 @@
+name: Set the dr deployment to active
+
+on:
+  workflow_dispatch:
+    inputs:
+      namespace:
+        description: "The target namespace"
+        required: true
+        options: ["c6af30-dev", "c6af30-test", "c6af30-prod"]
+
+jobs:
+  set-dr-to-active:
+    runs-on: ubuntu-latest
+    outputs:
+      output1: ${{ steps.dractivation.outputs.patroniconfig }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Log into golddr
+        uses: redhat-actions/oc-login@v1
+        with:
+          openshift_server_url: ${{ secrets.OPENSHIFT_SERVER_GOLDDR }}
+          openshift_token: ${{ secrets.OPENSHIFT_TOKEN_GOLDDR }}
+          namespace: ${{ github.event.inputs.namespace }}
+          insecure_skip_tls_verify: true
+      - name: Set patroni-dr to primary
+        id: dractivation
+        run: |
+          chmod +x ./keycloak/transition-scripts/set-patroni-dr-active.sh
+          ./keycloak/transition-scripts/set-patroni-dr-active.sh ${{ github.event.inputs.namespace }}
+        shell: bash
+        working-directory: helm
+  deploy-kc-in-dr:
+    runs-on: ubuntu-latest
+    needs: set-dr-to-active
+    if: ${{needs.set-dr-to-active.outputs.output1}} == '200'
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+      - name: Log into golddr
+        uses: redhat-actions/oc-login@v1
+        with:
+          openshift_server_url: ${{ secrets.OPENSHIFT_SERVER_GOLDDR }}
+          openshift_token: ${{ secrets.OPENSHIFT_TOKEN_GOLDDR }}
+          namespace: ${{ github.event.inputs.namespace }}
+          insecure_skip_tls_verify: true
+      - name: Deploy keycloak-dr in active mode
+        run: |
+          chmod +x ./keycloak/transition-scripts/deploy-golddr-active.sh
+          ./keycloak/transition-scripts/deploy-golddr-active.sh ${{ github.event.inputs.namespace }}
+        shell: bash
+        working-directory: helm

helm/keycloak/transition-scripts/deploy-golddr-active.sh

@@ -0,0 +1,22 @@
+#!/bin/bash
+
+NAMESPACE=$1
+
+pwd="$(dirname "$0")"
+echo ${pwd}
+
+source "./helpers.sh"
+
+if ! check_kube_context "api-golddr-devops-gov-bc-ca"; then
+    echo "invalid context"
+    exit 1
+fi
+
+helm repo add sso-charts https://bcgov.github.io/sso-helm-charts
+helm repo update
+
+cd ./keycloak/
+
+helm upgrade --install sso-keycloak sso-charts/sso-keycloak \
+ -n ${NAMESPACE} -f ./values-golddr-${NAMESPACE}.yaml  \
+ -f ./transition-values/set-dr-to-active-${NAMESPACE}.yaml --version v1.6.0

helm/keycloak/transition-scripts/set-patroni-dr-active.sh

@@ -0,0 +1,16 @@
+#!/bin/bash
+
+NAMESPACE=$1
+
+pwd="$(dirname "$0")"
+
+source "./helpers.sh"
+
+if ! check_kube_context "api-golddr-devops-gov-bc-ca"; then
+    echo "invalid context"
+    exit 1
+fi
+
+OUTPUT=$(kubectl -n  ${NAMESPACE} exec sso-patroni-0 -- curl -s -o /dev/null -w "%{http_code}" -XPATCH -d '{"standby_cluster":null}' http://localhost:8008/config)
+
+echo "::set-output name=patroniconfig::${OUTPUT}"

helm/keycloak/transition-values/set-dr-to-active-c6af30-test.yaml

@@ -0,0 +1,13 @@
+replicaCount: 3
+
+postgres:
+  host: sso-patroni
+  port: 5432
+
+patroni:
+  replicaCount: 3
+
+  standby:
+    enabled: false
+    host: null
+    port: null

helm/keycloak/values-golddr-c6af30-test.yaml

@@ -0,0 +1,46 @@
+replicaCount: 1
+
+image:
+  repository: ghcr.io/bcgov/sso
+  tag: v7.5-9-build.4
+  pullPolicy: Always
+
+resources:
+  limits:
+    cpu: 1
+    memory: 1Gi
+  requests:
+    cpu: 0.5
+    memory: 512M
+
+postgres:
+  host: sso-patroni-gold.c6af30-test.svc.cluster.local
+  port: 56583
+
+patroni:
+  replicaCount: 2
+  # credentials:
+  #   existingSecret: false
+  #   superuser:
+  #     username: postgres
+  #     password:
+  #   admin:
+  #     username: admin
+  #     password:
+  #   standby:
+  #     username: standby
+  #     password:
+
+  # additionalCredentials:
+  #   - username: ssokeycloak
+  #     password:
+  persistentVolume:
+    size: 2Gi
+
+  podDisruptionBudget:
+    enabled: false
+
+  standby:
+    enabled: true
+    host: sso-patroni-gold.c6af30-test.svc.cluster.local
+    port: 56583