From 12ea795fc68dc7d220a56290a6289def5dfb8c82 Mon Sep 17 00:00:00 2001 From: LizBaldo Date: Mon, 11 Dec 2023 14:38:29 -0500 Subject: [PATCH] [IA-4679] Move some AKS helm chart pull out of leo dockerfile (#3987) --- Dockerfile | 21 ++++--------------- http/src/main/resources/reference.conf | 10 ++++----- .../leonardo/util/GKEInterpreter.scala | 1 + .../leonardo/KubernetesTestData.scala | 2 +- .../leonardo/http/ConfigReaderSpec.scala | 10 ++++----- local/helm-scala-sdk | 2 +- project/Dependencies.scala | 2 +- 7 files changed, 18 insertions(+), 30 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6939bdcdfe6..2582e7caaaa 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,6 +22,7 @@ EXPOSE 5050 ENV GIT_HASH $GIT_HASH ENV HELM_DEBUG 1 + # WARNING: If you are changing any versions here, update it in the reference.conf ENV TERRA_APP_SETUP_VERSION 0.1.0 ENV TERRA_APP_VERSION 0.5.0 @@ -30,17 +31,9 @@ ENV GALAXY_VERSION 2.8.1 ENV NGINX_VERSION 4.3.0 # If you update this here, make sure to also update reference.conf: ENV CROMWELL_CHART_VERSION 0.2.397 -ENV CROWELL_ON_AZURE_CHART_VERSION 0.2.397 -# These two are the new Workflows and Cromwell Runner apps to eventually replace COA (and maybe one day Cromwell): -ENV CROMWELL_RUNNER_APP_VERSION 0.52.0 -# WORKFLOWS APP comment to prevent merge conflicts -ENV WORKFLOWS_APP_VERSION 0.91.0 -# WDS CHART comment to prevent merge conflicts -ENV WDS_CHART_VERSION 0.59.0 ENV HAIL_BATCH_CHART_VERSION 0.1.9 ENV RSTUDIO_CHART_VERSION 0.3.0 ENV SAS_CHART_VERSION 0.3.0 -ENV LISTENER_CHART_VERSION 0.2.0 RUN mkdir /leonardo COPY ./leonardo*.jar /leonardo @@ -61,11 +54,10 @@ RUN helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx && \ helm repo add terra-helm https://terra-helm.storage.googleapis.com && \ helm repo update - # .Files helm helper can't access files outside a chart. Hence in order to populate cert file properly, we're -# pulling `terra-app-setup` locally and add cert files to the chart. -# Leonardo will install the chart from local version. -# We are also caching charts so they are not downloaded with every helm-install +# pulling `terra-app-setup` locally and add cert files to the chart. As a result we need to pull all GKE +# charts locally as well so they can acess the local cert files during the helm install step, see https://helm.sh/docs/chart_template_guide/accessing_files/ +# Helm does not seem to support the direct installation of a chart located in OCI so let's pull it to a local directory for now. RUN cd /leonardo && \ helm repo update && \ helm pull terra-app-setup-charts/terra-app-setup --version $TERRA_APP_SETUP_VERSION --untar && \ @@ -73,14 +65,9 @@ RUN cd /leonardo && \ helm pull terra/terra-app --version $TERRA_APP_VERSION --untar && \ helm pull ingress-nginx/ingress-nginx --version $NGINX_VERSION --untar && \ helm pull cromwell-helm/cromwell --version $CROMWELL_CHART_VERSION --untar && \ - helm pull cromwell-helm/cromwell-on-azure --version $CROWELL_ON_AZURE_CHART_VERSION --untar && \ - helm pull terra-helm/wds --version $WDS_CHART_VERSION --untar && \ - helm pull terra-helm/workflows-app --version $WORKFLOWS_APP_VERSION --untar && \ - helm pull terra-helm/cromwell-runner-app --version $CROMWELL_RUNNER_APP_VERSION --untar && \ helm pull terra-helm/rstudio --version $RSTUDIO_CHART_VERSION --untar && \ helm pull terra-helm/sas --version $SAS_CHART_VERSION --untar && \ helm pull oci://terradevacrpublic.azurecr.io/hail/hail-batch-terra-azure --version $HAIL_BATCH_CHART_VERSION --untar && \ - helm pull terra-helm/listener --version $LISTENER_CHART_VERSION --untar && \ cd / # Install https://github.com/apangin/jattach to get access to JDK tools diff --git a/http/src/main/resources/reference.conf b/http/src/main/resources/reference.conf index be7039e5e9a..4fe8a70cd1c 100644 --- a/http/src/main/resources/reference.conf +++ b/http/src/main/resources/reference.conf @@ -230,7 +230,7 @@ azure { coa-app-config { instrumentation-enabled = false - chart-name = "/leonardo/cromwell-on-azure" + chart-name = "cromwell-helm/cromwell-on-azure" chart-version = "0.2.397" release-name-suffix = "coa-rls" namespace-name-suffix = "coa-ns" @@ -304,7 +304,7 @@ azure { workflows-app-config { instrumentation-enabled = false - chart-name = "/leonardo/workflows-app" + chart-name = "terra-helm/workflows-app" chart-version = "0.91.0" release-name-suffix = "wfa-rls" namespace-name-suffix = "wfa-ns" @@ -327,7 +327,7 @@ azure { cromwell-runner-app-config { instrumentation-enabled = false - chart-name = "/leonardo/cromwell-runner-app" + chart-name = "terra-helm/cromwell-runner-app" chart-version = "0.52.0" release-name-suffix = "cra-rls" namespace-name-suffix = "cra-ns" @@ -349,7 +349,7 @@ azure { environment = "dev" environment-base = "live" instrumentation-enabled = false - chart-name = "/leonardo/wds" + chart-name = "terra-helm/wds" chart-version = "0.59.0" release-name-suffix = "wds-rls" namespace-name-suffix = "wds-ns" @@ -413,7 +413,7 @@ azure { ] listener-chart-config { - chart-name = "/leonardo/listener" + chart-name = "terra-helm/listener" chart-version = "0.2.0" } } diff --git a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/GKEInterpreter.scala b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/GKEInterpreter.scala index 06c8f5a82f1..a8cedecf110 100644 --- a/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/GKEInterpreter.scala +++ b/http/src/main/scala/org/broadinstitute/dsde/workbench/leonardo/util/GKEInterpreter.scala @@ -384,6 +384,7 @@ class GKEInterpreter[F[_]]( ) helmAuthContext <- getHelmAuthContext(googleCluster, dbCluster, namespaceName) + _ <- helmClient .installChart( getTerraAppSetupChartReleaseName(app.release), diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/KubernetesTestData.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/KubernetesTestData.scala index f9ae8890855..752a456b8e3 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/KubernetesTestData.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/KubernetesTestData.scala @@ -57,7 +57,7 @@ object KubernetesTestData { val ingressChartVersion = ChartVersion("1.41.3") val ingressChart = Chart(ingressChartName, ingressChartVersion) - val coaChartName = ChartName("/leonardo/cromwell-on-azure") + val coaChartName = ChartName("cromwell-helm/cromwell-on-azure") val coaChartVersion = ChartVersion("0.2.397") val coaChart = Chart(coaChartName, coaChartVersion) diff --git a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala index 857ae6e9dc4..c3a42a3b8f6 100644 --- a/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala +++ b/http/src/test/scala/org/broadinstitute/dsde/workbench/leonardo/http/ConfigReaderSpec.scala @@ -75,7 +75,7 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { HttpWsmDaoConfig(Uri.unsafeFromString("https://localhost:8000")), AzureAppRegistrationConfig(ClientId(""), ClientSecret(""), ManagedAppTenantId("")), CoaAppConfig( - ChartName("/leonardo/cromwell-on-azure"), + ChartName("cromwell-helm/cromwell-on-azure"), ChartVersion("0.2.397"), ReleaseNameSuffix("coa-rls"), NamespaceNameSuffix("coa-ns"), @@ -137,7 +137,7 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { ) ), CromwellRunnerAppConfig( - ChartName("/leonardo/cromwell-runner-app"), + ChartName("terra-helm/cromwell-runner-app"), ChartVersion("0.52.0"), ReleaseNameSuffix("cra-rls"), NamespaceNameSuffix("cra-ns"), @@ -153,7 +153,7 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { chartVersionsToExcludeFromUpdates = List.empty ), WorkflowsAppConfig( - ChartName("/leonardo/workflows-app"), + ChartName("terra-helm/workflows-app"), ChartVersion("0.91.0"), ReleaseNameSuffix("wfa-rls"), NamespaceNameSuffix("wfa-ns"), @@ -171,7 +171,7 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { chartVersionsToExcludeFromUpdates = List.empty ), WdsAppConfig( - ChartName("/leonardo/wds"), + ChartName("terra-helm/wds"), ChartVersion("0.59.0"), ReleaseNameSuffix("wds-rls"), NamespaceNameSuffix("wds-ns"), @@ -220,7 +220,7 @@ class ConfigReaderSpec extends AnyFlatSpec with Matchers { ), List(AppType.Wds, AppType.WorkflowsApp), TdrConfig("https://jade.datarepo-dev.broadinstitute.org"), - ListenerChartConfig(ChartName("/leonardo/listener"), ChartVersion("0.2.0")) + ListenerChartConfig(ChartName("terra-helm/listener"), ChartVersion("0.2.0")) ), OidcAuthConfig( Uri.unsafeFromString("https://fake"), diff --git a/local/helm-scala-sdk b/local/helm-scala-sdk index 02ef33988a3..b6356a44895 160000 --- a/local/helm-scala-sdk +++ b/local/helm-scala-sdk @@ -1 +1 @@ -Subproject commit 02ef33988a3ef70abef475094942f028adcd1c59 +Subproject commit b6356a44895f448a1c806996dc793dd959d4e0e6 diff --git a/project/Dependencies.scala b/project/Dependencies.scala index e25721f04ae..044b9971db1 100644 --- a/project/Dependencies.scala +++ b/project/Dependencies.scala @@ -26,7 +26,7 @@ object Dependencies { val workbenchOauth2V = s"0.5-$workbenchLibsHash" val workbenchAzureV = s"0.6-$workbenchLibsHash" - val helmScalaSdkV = "0.0.20" + val helmScalaSdkV = "0.0.8.5" val excludeAkkaHttp = ExclusionRule(organization = "com.typesafe.akka", name = s"akka-http_${scalaV}") val excludeAkkaStream = ExclusionRule(organization = "com.typesafe.akka", name = s"akka-stream_${scalaV}")