db2 rds changes #1839
db2 rds changes #1839
Conversation
| --secrets-key-seperator ${COLOR_YELLOW}SECRETS_KEY_SEPERATOR${TEXT_RESET} Secrets Manager key seperator string | ||
|
|
||
| IBM DB2RDS: | ||
| --db2_namespace ${COLOR_YELLOW}DB2_RDS_NAMESPACE${TEXT_RESET} db2rds namespace |
There was a problem hiding this comment.
should we just use default value instead of parameterising it?
| #adding default values # -- db2rds Defaults | ||
| export DB2_NAMESPACE=${DB2_NAMESPACE} | ||
| export DB2_INSTANCE_NAME=${DB2_INSTANCE_NAME} | ||
| export MAS_APP_ID=${MAS_APP_ID} | ||
| export RDS_ADMIN_DB_NAME=${RDS_ADMIN_DB_NAME} |
There was a problem hiding this comment.
This is not required as you are already setting the values above.
image/cli/mascli/templates/gitops/appset-configs/cluster/instance/ibm-dbs-rds-databases.yaml.j2
Show resolved
Hide resolved
| --host ${COLOR_YELLOW}DB2_CHANNEL${TEXT_RESET} db2rds host | ||
| --port ${COLOR_YELLOW}DB2_CHANNEL${TEXT_RESET} db2rds port | ||
| --dbname ${COLOR_YELLOW}DB2_CHANNEL${TEXT_RESET} db2rds dbname | ||
| --user ${COLOR_YELLOW}DB2_CHANNEL${TEXT_RESET} db2rds user | ||
| --password ${COLOR_YELLOW}DB2_CHANNEL${TEXT_RESET} db2rds password |
There was a problem hiding this comment.
The env vars here needs to be updated. All are referring to DB2_CHANNEL
| # TODO: will need to add explicit args to pipeline when we start using this code to deploy to MCSP | ||
| export REGION=${REGION:-${SM_AWS_REGION}} | ||
|
|
||
| export DB2_INSTALL_PLAN=${DB2_INSTALL_PLAN:-"Automatic"} |
There was a problem hiding this comment.
This is not required for RDS right?
| # Define cluster-level secrets used | ||
| # --------------------------------------------------------------------------- | ||
| # Note that this cluster-level secret is set up by gitops-cluster | ||
| SECRETS_PREFIX="${ACCOUNT_ID}${SECRETS_KEY_SEPARATOR}${CLUSTER_ID}-${MAS_INSTANCE_ID}${SECRETS_KEY_SEPARATOR}" |
There was a problem hiding this comment.
Can we use ${SECRETS_KEY_SEPARATOR} instead of - after ${CLUSTER_ID} to maintain consistency?
There was a problem hiding this comment.
we cant use SECRETS_KEY_SEPARATOR as SECRETS_KEY_SEPARATOR is defined as "/"
There was a problem hiding this comment.
@amitpandey0217 it should be a slash shouldn't it? the expected secrets path would be aws-dev/cluster1/instance1/ and not aws-dev/cluster1-instance1/
| export HOST=${SECRETS_PREFIX}rds-db2-endpoint-config-GiAgxQ#db2_endpoint | ||
| export PORT=${SECRETS_PREFIX}rds-db2-endpoint-config-GiAgxQ#db2_port | ||
| export DBNAME=${SECRETS_PREFIX}rds-db2-endpoint-config-GiAgxQ#db2_name | ||
| export USER=${SECRETS_PREFIX}rds-db2-endpoint-config-GiAgxQ#username | ||
| export PASSWORD=${SECRETS_PREFIX}rds-db2-endpoint-config-GiAgxQ#password |
There was a problem hiding this comment.
"-GiAgxQ" needs to be removed from the secret name
| # --------------------------------------------------------------------------- | ||
| ROOT_APP_NAME="root.${ACCOUNT_ID}" | ||
| CLUSTER_APP_NAME="cluster.${CLUSTER_ID}" | ||
| DB2RDS_APP_NAME="DB2RDS.${CLUSTER_ID}.${MAS_INSTANCE_ID}" |
There was a problem hiding this comment.
App naming convention to be matched with argo app mentioned in gitops
| echo_h2 "Generating DB2RDS operator Applications" | ||
| echo "- DB2RDS operator" | ||
|
|
||
| export IBM_ENTITLEMENT_KEY=$SECRET_KEY_IBM_ENTITLEMENT |
There was a problem hiding this comment.
I guess this is not required as it is not used for rds
| # Define cluster-level secrets used | ||
| # --------------------------------------------------------------------------- | ||
| # Note that this cluster-level secret is set up by gitops-cluster | ||
| SECRETS_PREFIX="${ACCOUNT_ID}${SECRETS_KEY_SEPARATOR}${CLUSTER_ID}-${MAS_INSTANCE_ID}${SECRETS_KEY_SEPARATOR}" |
There was a problem hiding this comment.
@amitpandey0217 it should be a slash shouldn't it? the expected secrets path would be aws-dev/cluster1/instance1/ and not aws-dev/cluster1-instance1/
| --db2_instance_name ${COLOR_YELLOW}DB2_INSTANCE_NAME${TEXT_RESET} db2rds instance name | ||
| --MAS_APP_ID ${COLOR_YELLOW}MAS_APP_ID${TEXT_RESET} db2rds mas application id | ||
| --rds_admin_db_name ${COLOR_YELLOW}RDS_ADMIN_DB_NAME{TEXT_RESET} db2rds admin db name |
There was a problem hiding this comment.
these need fixing. The params use - rather than _ and MAS_APP_ID should be lowercase
There was a problem hiding this comment.
Done also update the secrets path which you provided under above comment
There was a problem hiding this comment.
This still looks incorrect. it should be --db2-instance-name etc
| -g|--gitops-version) | ||
| echo "${COLOR_YELLOW}WARNING: the -g|--gitops-version parameter is deprecated; it has no effect and will be removed in a future release${COLOR_RESET}" | ||
| shift | ||
| ;; |
| [[ -z "$GITHUB_ORG" ]] && gitops_db2rds_help "GITHUB_ORG is not set" | ||
| [[ -z "$GITHUB_REPO" ]] && gitops_db2rds_help "GITHUB_REPO is not set" | ||
| [[ -z "$GIT_BRANCH" ]] && gitops_db2rds_help "GIT_BRANCH is not set" | ||
| fi |
There was a problem hiding this comment.
the checks for db2 related vars shouldn't be under if [[ "$GITHUB_PUSH" == "true" ]]; then
| echo_reset_dim "Region ................................ ${COLOR_MAGENTA}${REGION}" | ||
| echo_reset_dim "Cluster ID ............................ ${COLOR_MAGENTA}${CLUSTER_ID}" | ||
| echo_reset_dim "MAS Instance ID ....................... ${COLOR_MAGENTA}${MAS_INSTANCE_ID}" | ||
| echo_reset_dim "DB2RDS Namespace ........................ ${COLOR_MAGENTA}${DB2_NAMESPACE}" |
| echo_reset_dim "DB2RDS Namespace ........................ ${COLOR_MAGENTA}${DB2_NAMESPACE}" | ||
| echo_reset_dim "Instance Config Directory ............. ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" | ||
| reset_colors | ||
|
|
There was a problem hiding this comment.
there is no echoed output for the db2 params
There was a problem hiding this comment.
the password should be snipped
| echo_h2 "DB2RDS Operator" " " | ||
| echo_reset_dim "DB2_NAMESPACE .......................... ${COLOR_MAGENTA}${DB2_NAMESPACE}" | ||
| reset_colors |
There was a problem hiding this comment.
Removed as its not needed
| host: <path:{{ SECRETS_PATH }}:{{ HOST }}> | ||
| port: <path:{{ SECRETS_PATH }}:{{ PORT }}> | ||
| dbname: <path:{{ SECRETS_PATH }}:{{ DBNAME }}> | ||
| user: <path:{{ SECRETS_PATH }}:{{ USER }}> | ||
| password: <path:{{ SECRETS_PATH }}:{{ PASSWORD }}> |
There was a problem hiding this comment.
what is putting the secrets into these locations in secrets manager?
There was a problem hiding this comment.
mas-aws-build repo will be populating that information .
There was a problem hiding this comment.
I believe the funciton should add it if these details are passed into the function. Then all cases the function should be verifying that the secrets exist.
whitfiea
left a comment
whitfiea
left a comment
There was a problem hiding this comment.
The PR title and description needs more details. From the code it seems this might not have been tested so we need to know what testing has been done and where the tekton changes are
| --db2_instance_name ${COLOR_YELLOW}DB2_INSTANCE_NAME${TEXT_RESET} db2rds instance name | ||
| --MAS_APP_ID ${COLOR_YELLOW}MAS_APP_ID${TEXT_RESET} db2rds mas application id | ||
| --rds_admin_db_name ${COLOR_YELLOW}RDS_ADMIN_DB_NAME{TEXT_RESET} db2rds admin db name |
There was a problem hiding this comment.
This still looks incorrect. it should be --db2-instance-name etc
| --db2_instance_name) | ||
| export DB2_INSTANCE_NAME=$1 && shift | ||
| ;; | ||
| --MAS_APP_ID) |
| ;; | ||
|
|
||
| # DB2RDS | ||
| --db2_instance_name) |
| [[ -z "$GITHUB_ORG" ]] && gitops_db2rds_help "GITHUB_ORG is not set" | ||
| [[ -z "$GITHUB_REPO" ]] && gitops_db2rds_help "GITHUB_REPO is not set" | ||
| [[ -z "$GIT_BRANCH" ]] && gitops_db2rds_help "GIT_BRANCH is not set" | ||
| fi |
There was a problem hiding this comment.
Where the checks for these DB2RDS values removed?
| echo_reset_dim "DB2RDS Namespace ........................ ${COLOR_MAGENTA}${DB2_NAMESPACE}" | ||
| echo_reset_dim "Instance Config Directory ............. ${COLOR_MAGENTA}${GITOPS_INSTANCE_DIR}" | ||
| reset_colors | ||
|
|
There was a problem hiding this comment.
the password should be snipped
| --db2_instance_name ${COLOR_YELLOW}DB2_INSTANCE_NAME${TEXT_RESET} db2rds instance name | ||
| --mas_app_id ${COLOR_YELLOW}MAS_APP_ID${TEXT_RESET} db2rds mas application id | ||
| --rds_admin_db_name ${COLOR_YELLOW}RDS_ADMIN_DB_NAME{TEXT_RESET} db2rds admin db name |
There was a problem hiding this comment.
incorrect use of _ in the parameter name
| --db2_instance_name) | ||
| export DB2_INSTANCE_NAME=$1 && shift | ||
| ;; | ||
| --MAS_APP_ID) | ||
| export MAS_APP_ID=$1 && shift | ||
| ;; | ||
| --rds_admin_db_name) | ||
| export RDS_ADMIN_DB_NAME=$1 && shift |
| [[ -z "$DB2_META_STORAGE_CLASS" ]] && gitops_db2rds_database_help "DB2_META_STORAGE_CLASS is not set" | ||
| [[ -z "$DB2_DATA_STORAGE_CLASS" ]] && gitops_db2rds_database_help "DB2_DATA_STORAGE_CLASS is not set" | ||
| [[ -z "$DB2_BACKUP_STORAGE_CLASS" ]] && gitops_db2rds_database_help "DB2_BACKUP_STORAGE_CLASS is not set" | ||
| [[ -z "$DB2_LOGS_STORAGE_CLASS" ]] && gitops_db2rds_database_help "DB2_LOGS_STORAGE_CLASS is not set" |
There was a problem hiding this comment.
These are not valid parameters to check for this function
| export SECRET_NAME_DB2_BACKUP=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}${MAS_INSTANCE_ID}${SECRETS_KEY_SEPERATOR}db2_backup | ||
| export SECRET_NAME_ICD_AUTH_KEY=${ACCOUNT_ID}${SECRETS_KEY_SEPERATOR}${CLUSTER_ID}${SECRETS_KEY_SEPERATOR}icd |
| host: <path:{{ SECRETS_PATH }}:{{ HOST }}> | ||
| port: <path:{{ SECRETS_PATH }}:{{ PORT }}> | ||
| dbname: <path:{{ SECRETS_PATH }}:{{ DBNAME }}> | ||
| user: <path:{{ SECRETS_PATH }}:{{ USER }}> | ||
| password: <path:{{ SECRETS_PATH }}:{{ PASSWORD }}> |
There was a problem hiding this comment.
I believe the funciton should add it if these details are passed into the function. Then all cases the function should be verifying that the secrets exist.
This changes include to automate rds instance creations using gitops
https://jsw.ibm.com/browse/MASCORE-10165