Skip to content

Commit 2ff1a45

Browse files
committed
Merge remote-tracking branch 'origin/stable' into mascore5637
2 parents 51a31d8 + b9a38da commit 2ff1a45

File tree

10 files changed

+43
-41
lines changed

10 files changed

+43
-41
lines changed

.secrets.baseline

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
"files": "^.secrets.baseline$",
44
"lines": null
55
},
6-
"generated_at": "2024-11-24T13:39:40Z",
6+
"generated_at": "2025-02-28T10:11:51Z",
77
"plugins_used": [
88
{
99
"name": "AWSKeyDetector"

bin/mas-devops-db2-validate-config

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,7 @@ if __name__ == "__main__":
2727
# Primary Options
2828
parser.add_argument("--mas-instance-id", required=True)
2929
parser.add_argument("--mas-app-id", required=True)
30+
parser.add_argument("--database-role", default='primary', required=False)
3031
parser.add_argument("--log-level", required=False, choices=["DEBUG", "INFO", "WARNING", "ERROR", "CRITICAL"], default="WARNING")
3132

3233
args, unknown = parser.parse_known_args()
@@ -47,5 +48,6 @@ if __name__ == "__main__":
4748
validate_db2_config(
4849
client.api_client.ApiClient(),
4950
args.mas_instance_id,
50-
args.mas_app_id
51+
args.mas_app_id,
52+
args.database_role
5153
)

src/mas/devops/data/catalogs/v9-250206-amd64.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,7 @@ mongo_extras_version_7: 7.0.12
9595
# Extra Images for Db2u
9696
# ------------------------------------------------------------------------------
9797
db2u_extras_version: 1.0.6 # No Update
98-
98+
db2u_filter: db2
9999
# Extra Images for IBM Watson Discovery
100100
# ------------------------------------------------------------------------------
101101
#wd_extras_version: 1.0.4

src/mas/devops/db2.py

Lines changed: 23 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@
2121
logger = logging.getLogger(__name__)
2222

2323

24-
def get_db2u_instance_cr(custom_objects_api: client.CustomObjectsApi, mas_instance_id: str, mas_app_id: str) -> dict:
25-
cr_name = f"db2wh-{mas_instance_id}-{mas_app_id}"
24+
def get_db2u_instance_cr(custom_objects_api: client.CustomObjectsApi, mas_instance_id: str, mas_app_id: str, database_role='primary') -> dict:
25+
cr_name = {'primary': f"db2wh-{mas_instance_id}-{mas_app_id}", 'standby': f"db2wh-{mas_instance_id}-{mas_app_id}-sdb"}[database_role]
2626
namespace = f"db2u-{mas_instance_id}"
2727
logger.debug(f"Getting Db2uInstance CR {cr_name} in {namespace}")
2828

@@ -37,25 +37,25 @@ def get_db2u_instance_cr(custom_objects_api: client.CustomObjectsApi, mas_instan
3737
return db2u_instance_cr
3838

3939

40-
def db2_pod_exec(core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str, command: list) -> str:
41-
pod_name = f"c-db2wh-{mas_instance_id}-{mas_app_id}-db2u-0"
40+
def db2_pod_exec(core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str, command: list, database_role='primary') -> str:
41+
pod_name = {'primary': f"c-db2wh-{mas_instance_id}-{mas_app_id}-db2u-0", 'standby': f"c-db2wh-{mas_instance_id}-{mas_app_id}-sdb-db2u-0"}[database_role]
4242
namespace = f"db2u-{mas_instance_id}"
4343
return execInPod(core_v1_api, pod_name, namespace, command)
4444

4545

46-
def db2_pod_exec_db2_get_db_cfg(core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str, db_name: str) -> str:
46+
def db2_pod_exec_db2_get_db_cfg(core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str, db_name: str, database_role='primary') -> str:
4747
command = ["su", "-lc", f"db2 get db cfg for {db_name}", "db2inst1"]
48-
return db2_pod_exec(core_v1_api, mas_instance_id, mas_app_id, command)
48+
return db2_pod_exec(core_v1_api, mas_instance_id, mas_app_id, command, database_role)
4949

5050

51-
def db2_pod_exec_db2_get_dbm_cfg(core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str) -> str:
51+
def db2_pod_exec_db2_get_dbm_cfg(core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str, database_role='primary') -> str:
5252
command = ["su", "-lc", "db2 get dbm cfg", "db2inst1"]
53-
return db2_pod_exec(core_v1_api, mas_instance_id, mas_app_id, command)
53+
return db2_pod_exec(core_v1_api, mas_instance_id, mas_app_id, command, database_role)
5454

5555

56-
def db2_pod_exec_db2set(core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str) -> str:
56+
def db2_pod_exec_db2set(core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str, database_role='primary') -> str:
5757
command = ["su", "-lc", "db2set", "db2inst1"]
58-
return db2_pod_exec(core_v1_api, mas_instance_id, mas_app_id, command)
58+
return db2_pod_exec(core_v1_api, mas_instance_id, mas_app_id, command, database_role)
5959

6060

6161
def cr_pod_v_matches(cr_k: str, cr_v: str, pod_v: str) -> bool:
@@ -79,7 +79,7 @@ def cr_pod_v_matches(cr_k: str, cr_v: str, pod_v: str) -> bool:
7979
return pod_v == cr_v
8080

8181

82-
def check_db_cfgs(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str) -> list:
82+
def check_db_cfgs(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str, database_role='primary') -> list:
8383
"""
8484
Runs check_db_cfg for each database in the provided Db2uInstance CR
8585
@@ -100,12 +100,12 @@ def check_db_cfgs(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_ins
100100

101101
# Check each db cfg
102102
for cr_db in db2u_instance_cr_databases:
103-
failures = [*failures, *check_db_cfg(cr_db, core_v1_api, mas_instance_id, mas_app_id)]
103+
failures = [*failures, *check_db_cfg(cr_db, core_v1_api, mas_instance_id, mas_app_id, database_role)]
104104

105105
return failures
106106

107107

108-
def check_db_cfg(db_dr: dict, core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str) -> list:
108+
def check_db_cfg(db_dr: dict, core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str, database_role='primary') -> list:
109109
"""
110110
Check that the parameters in the provided db dict taken from the Db2uInstance CR align with those in the output of the
111111
db2 get db cfg command (i.e. the configuration that is actually active in DB2).
@@ -123,7 +123,7 @@ def check_db_cfg(db_dr: dict, core_v1_api: client.CoreV1Api, mas_instance_id: st
123123
failures = []
124124

125125
db_name = db_dr["name"]
126-
db_cfg_pod = db2_pod_exec_db2_get_db_cfg(core_v1_api, mas_instance_id, mas_app_id, db_name)
126+
db_cfg_pod = db2_pod_exec_db2_get_db_cfg(core_v1_api, mas_instance_id, mas_app_id, db_name, database_role)
127127

128128
logger.info(f"Checking db cfg for {db_name}\n{H1_BREAK}")
129129

@@ -154,7 +154,7 @@ def check_db_cfg(db_dr: dict, core_v1_api: client.CoreV1Api, mas_instance_id: st
154154
return failures
155155

156156

157-
def check_dbm_cfg(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str) -> list:
157+
def check_dbm_cfg(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str, database_role='primary') -> list:
158158
"""
159159
Check that the database manager (dbmConfig) parameters from the Db2uInstance CR align with those in the output of the
160160
db2 get dbm cfg command (i.e. the configuration that is actually active in DB2).
@@ -178,7 +178,7 @@ def check_dbm_cfg(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_ins
178178
logger.info("spec.environment.instance.dbmConfig not found or empty, skipping dbm cfg checks\n")
179179
return []
180180

181-
dbm_cfg_pod = db2_pod_exec_db2_get_dbm_cfg(core_v1_api, mas_instance_id, mas_app_id)
181+
dbm_cfg_pod = db2_pod_exec_db2_get_dbm_cfg(core_v1_api, mas_instance_id, mas_app_id, database_role)
182182

183183
logger.debug(f"db2 dbm cfg output:\n{H2_BREAK}{dbm_cfg_pod}{H2_BREAK}")
184184
logger.debug(f"db2 dbm cr settings:\n{H2_BREAK}\n{yaml.dump(dbm_cfg_cr, sort_keys=False, default_flow_style=False)}{H2_BREAK}")
@@ -203,7 +203,7 @@ def check_dbm_cfg(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_ins
203203
return failures
204204

205205

206-
def check_reg_cfg(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str) -> list:
206+
def check_reg_cfg(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_instance_id: str, mas_app_id: str, database_role='primary') -> list:
207207
"""
208208
Check that the registry parameters from the Db2uInstance CR align with those in the output of the
209209
db2set command (i.e. the configuration that is actually active in DB2).
@@ -228,7 +228,7 @@ def check_reg_cfg(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_ins
228228
logger.info("spec.environment.instance.registry not found or empty, skipping registry cfg checks\n")
229229
return []
230230

231-
reg_cfg_pod = db2_pod_exec_db2set(core_v1_api, mas_instance_id, mas_app_id)
231+
reg_cfg_pod = db2_pod_exec_db2set(core_v1_api, mas_instance_id, mas_app_id, database_role)
232232

233233
logger.debug(f"db2set output:\n{H2_BREAK}{reg_cfg_pod}{H2_BREAK}")
234234
logger.debug(f"db2 cr registry settings:\n{H2_BREAK}\n{yaml.dump(reg_cfg_cr, sort_keys=False, default_flow_style=False)}{H2_BREAK}")
@@ -254,15 +254,15 @@ def check_reg_cfg(db2u_instance_cr: dict, core_v1_api: client.CoreV1Api, mas_ins
254254
return failures
255255

256256

257-
def validate_db2_config(k8s_client: client.api_client.ApiClient, mas_instance_id: str, mas_app_id: str):
257+
def validate_db2_config(k8s_client: client.api_client.ApiClient, mas_instance_id: str, mas_app_id: str, database_role='primary'):
258258

259259
core_v1_api = client.CoreV1Api(k8s_client)
260260
custom_objects_api = client.CustomObjectsApi(k8s_client)
261261

262-
db2u_instance_cr = get_db2u_instance_cr(custom_objects_api, mas_instance_id, mas_app_id)
263-
db_failures = check_db_cfgs(db2u_instance_cr, core_v1_api, mas_instance_id, mas_app_id)
264-
dbm_failures = check_dbm_cfg(db2u_instance_cr, core_v1_api, mas_instance_id, mas_app_id)
265-
reg_failures = check_reg_cfg(db2u_instance_cr, core_v1_api, mas_instance_id, mas_app_id)
262+
db2u_instance_cr = get_db2u_instance_cr(custom_objects_api, mas_instance_id, mas_app_id, database_role)
263+
db_failures = check_db_cfgs(db2u_instance_cr, core_v1_api, mas_instance_id, mas_app_id, database_role)
264+
dbm_failures = check_dbm_cfg(db2u_instance_cr, core_v1_api, mas_instance_id, mas_app_id, database_role)
265+
reg_failures = check_reg_cfg(db2u_instance_cr, core_v1_api, mas_instance_id, mas_app_id, database_role)
266266

267267
all_failures = [*db_failures, *dbm_failures, *reg_failures]
268268

src/mas/devops/tekton.py

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -102,25 +102,25 @@ def updateTektonDefinitions(namespace: str, yamlFile: str) -> None:
102102
logger.debug(line)
103103

104104

105-
def preparePipelinesNamespace(dynClient: DynamicClient, instanceId: str = None, storageClass: str = None, accessMode: str = None, waitForBind: bool = True):
105+
def preparePipelinesNamespace(dynClient: DynamicClient, instanceId: str = None, storageClass: str = None, accessMode: str = None, waitForBind: bool = True, configureRBAC: bool = True):
106106
templateDir = path.join(path.abspath(path.dirname(__file__)), "templates")
107107
env = Environment(
108108
loader=FileSystemLoader(searchpath=templateDir)
109109
)
110-
111110
if instanceId is None:
112111
namespace = "mas-pipelines"
113112
template = env.get_template("pipelines-rbac-cluster.yml.j2")
114113
else:
115114
namespace = f"mas-{instanceId}-pipelines"
116115
template = env.get_template("pipelines-rbac.yml.j2")
117116

118-
# Create RBAC
119-
renderedTemplate = template.render(mas_instance_id=instanceId)
120-
logger.debug(renderedTemplate)
121-
crb = yaml.safe_load(renderedTemplate)
122-
clusterRoleBindingAPI = dynClient.resources.get(api_version="rbac.authorization.k8s.io/v1", kind="ClusterRoleBinding")
123-
clusterRoleBindingAPI.apply(body=crb, namespace=namespace)
117+
if configureRBAC:
118+
# Create RBAC
119+
renderedTemplate = template.render(mas_instance_id=instanceId)
120+
logger.debug(renderedTemplate)
121+
crb = yaml.safe_load(renderedTemplate)
122+
clusterRoleBindingAPI = dynClient.resources.get(api_version="rbac.authorization.k8s.io/v1", kind="ClusterRoleBinding")
123+
clusterRoleBindingAPI.apply(body=crb, namespace=namespace)
124124

125125
# Create PVC (instanceId namespace only)
126126
if instanceId is not None:

src/mas/devops/templates/pipelinerun-install.yml.j2

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ spec:
99
pipelineRef:
1010
name: mas-install
1111

12-
serviceAccountName: pipeline
12+
serviceAccountName: "{{ service_account_name | default('pipeline', True) }}"
1313
timeouts:
1414
pipeline: "0"
1515

src/mas/devops/templates/pipelinerun-uninstall.yml.j2

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ spec:
99
pipelineRef:
1010
name: mas-uninstall
1111

12-
serviceAccountName: pipeline
12+
serviceAccountName: "{{ service_account_name | default('pipeline', True) }}"
1313
timeouts:
1414
pipeline: "0"
1515

@@ -34,4 +34,4 @@ spec:
3434
value: {{ uds_action }}
3535
- name: dro_namespace
3636
value: {{ dro_namespace }}
37-
37+

src/mas/devops/templates/pipelinerun-update.yml.j2

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ spec:
99
pipelineRef:
1010
name: mas-update
1111

12-
serviceAccountName: pipeline
12+
serviceAccountName: "{{ service_account_name | default('pipeline', True) }}"
1313
timeouts:
1414
pipeline: "0"
1515

src/mas/devops/templates/pipelinerun-upgrade.yml.j2

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ spec:
99
pipelineRef:
1010
name: mas-upgrade
1111

12-
serviceAccountName: pipeline
12+
serviceAccountName: "{{ service_account_name | default('pipeline', True) }}"
1313
timeouts:
1414
pipeline: "0"
1515

test/src/test_db2.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -101,8 +101,8 @@ def test_check_db_cfgs(mocker):
101101
)
102102

103103
assert mock_check_db_cfg.call_args_list == [
104-
mocker.call(dict(name="a"), mock_core_v1_api, "mas_instance_id", "mas_app_id"),
105-
mocker.call(dict(name="b"), mock_core_v1_api, "mas_instance_id", "mas_app_id")
104+
mocker.call(dict(name="a"), mock_core_v1_api, "mas_instance_id", "mas_app_id", "primary"),
105+
mocker.call(dict(name="b"), mock_core_v1_api, "mas_instance_id", "mas_app_id", "primary")
106106
]
107107

108108

0 commit comments

Comments
 (0)