Update to current multicloud gitops and create small chunk scenarios

Author: kpeeples

Makefile

@@ -11,12 +11,15 @@ help:
 %:
 	make -f common/Makefile $*
 
-install: operator-deploy post-install ## installs the pattern, inits the vault and loads the secrets
-	echo "Installed"
+.PHONY: install
+install: operator-deploy post-install ## installs the pattern and loads the secrets
+	@echo "Installed"
 
-post-install: ## Post-install tasks - vault init and load-secrets
+.PHONY: post-install
+post-install: ## Post-install tasks
 	make load-secrets
-	echo "Done"
+	@echo "Done"
 
+.PHONY: test
 test:
 	@make -f common/Makefile PATTERN_OPTS="-f values-global.yaml -f values-hub.yaml" test

README.md

@@ -1,36 +1,19 @@
-# Multicluster Devsecops
+# Multicloud Gitops
 
 [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 
+[Live build status](https://validatedpatterns.io/ci/?pattern=mcgitops)
+
 ## Start Here
 
 If you've followed a link to this repository, but are not really sure what it contains
-or how to use it, head over to [Multicluster Devsecops](https://hybrid-cloud-patterns.io/devsecops/)
+or how to use it, head over to [Multicloud GitOps](https://validatedpatterns.io/patterns/multicloud-gitops/)
 for additional context and installation instructions
 
-## Cluster requirements
-
-This pattern depends on having three clusters.
-
-* Central Hub - where all the infrastructure components run.
-  * Red Hat Advanced Cluster Management
-  * Red Hat Advanced Cluster Security (Central)
-  * Red Hat Quay Enterprise
-  * Secrets management
-* Development - where CI/CD pipelines and testing run
-  * Red Hat OpenShift Pipelines
-  * Red Hat OpenShift GitOps
-  * Red Hat Advanced Cluster Security (Secured)
-* Production - where the applications run
-
-It can be modified to run everything in a single cluster. Components of `values-development.yaml` and `values-production.yaml` would need to be merged into `values-hub.yaml` where applicable. *Use caution*. In the future the pattern may be enhanced to combine into a single cluster.
+## Rationale
 
-## Products/projects used
+The goal for this pattern is to:
 
-* Red Hat OpenShift GitOps
-* Red Hat Advanced Cluster Management
-* Red Hat Advanced Cluster Security
-* Red Hat Open Data Foundation
-* Red Hat Quay
-* Red Hat OpenShift Pipelines
-* Hashicorp Vault (Community)
+* Use a GitOps approach to manage hybrid and multi-cloud deployments across both public and private clouds.
+* Enable cross-cluster governance and application lifecycle management.
+* Securely manage secrets across the deployment.

ansible.cfg

@@ -1,5 +1,4 @@
 [defaults]
-display_skipped_hosts=False
 localhost_warning=False
 retry_files_enabled=False
 library=~/.ansible/plugins/modules:./ansible/plugins/modules:./common/ansible/plugins/modules:/usr/share/ansible/plugins/modules

ansible/site.yaml

@@ -0,0 +1,17 @@
+# This is only needed for RHPDS
+- name: MultiCloud-GitOps RHPDS bootstrap
+  hosts: localhost
+  connection: local
+  tasks:
+    # We cannot use .package or .dnf modules because python3 that is used comes
+    # from a virtualenv
+    - name: Launch the installation
+      ansible.builtin.command: ./pattern.sh make install
+      args:
+        chdir: "{{ lookup('env', 'PWD') }}"
+      register: output
+      changed_when: false
+
+    - name: Print output of installation
+      ansible.builtin.debug:
+        msg: "{{ output }}"

charts/all/config-demo/Chart.yaml

@@ -0,0 +1,6 @@
+apiVersion: v2
+description: A Helm chart to build and deploy a use of remote configuration enabled by ACM and Vault
+keywords:
+- pattern
+name: config-demo
+version: 0.0.1

charts/all/config-demo/templates/config-demo-cm.yaml

@@ -0,0 +1,24 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: config-demo-configmap
+  labels:
+    app.kubernetes.io/instance: config-demo
+data:
+  "index.html": |-
+    <!DOCTYPE html>
+      <html lang="en">
+        <head>
+          <meta charset="utf-8">
+            <title>Config Demo</title>
+        </head>
+          <body>
+            <h1>
+            Hub Cluster domain is '{{ .Values.global.hubClusterDomain }}' <br>
+            Pod is running on Local Cluster Domain '{{ .Values.global.localClusterDomain }}' <br>
+            </h1>
+            <h2>
+            The secret is <a href="/secret/secret">secret</a>
+            </h2>
+          </body>
+      </html>

charts/all/config-demo/templates/config-demo-deployment.yaml

@@ -0,0 +1,65 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  labels:
+    application: config-demo
+  name: config-demo
+spec:
+  replicas: 2
+  revisionHistoryLimit: 3
+  selector:
+    matchLabels:
+      deploymentconfig: config-demo
+  template:
+    metadata:
+      creationTimestamp: null
+      labels:
+        app: config-demo
+        deploymentconfig: config-demo
+      name: config-demo
+    spec:
+      containers:
+      - name: apache
+        image: registry.access.redhat.com/ubi8/httpd-24:1-226
+        #imagePullPolicy: Always
+        ports:
+        - containerPort: 8080
+          name: http
+          protocol: TCP
+        volumeMounts:
+        - mountPath: /var/www/html
+          name: config-demo-configmap
+        - mountPath: /var/www/html/secret
+          readOnly: true
+          name: config-demo-secret
+        resources: {}
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+        livenessProbe:
+          httpGet:
+            path: /index.html
+            port: 8080
+            scheme: HTTP
+          initialDelaySeconds: 5
+          timeoutSeconds: 1
+          periodSeconds: 10
+          successThreshold: 1
+          failureThreshold: 3
+        readinessProbe:
+          httpGet:
+            path: /index.html
+            port: 8080
+            scheme: HTTP
+          initialDelaySeconds: 5
+          timeoutSeconds: 1
+          periodSeconds: 10
+          successThreshold: 1
+          failureThreshold: 3
+      volumes:
+      - name: config-demo-configmap
+        configMap:
+          defaultMode: 438
+          name: config-demo-configmap
+      - name: config-demo-secret
+        secret:
+          secretName: config-demo-secret

…emplates/image-registry-credentials.yaml …mplates/config-demo-external-secret.yamlcharts/hub/external-secrets/templates/image-registry-credentials.yaml renamed to charts/all/config-demo/templates/config-demo-external-secret.yaml charts/hub/external-secrets/templates/image-registry-credentials.yaml renamed to charts/all/config-demo/templates/config-demo-external-secret.yaml

@@ -2,17 +2,17 @@
 apiVersion: "external-secrets.io/v1beta1"
 kind: ExternalSecret
 metadata:
-  # This is the external image registry (e.g. quay.io/docker)
-  name: image-registry-credentials
-  namespace: devsecops-ci
+  name: config-demo-secret
+  namespace: config-demo
 spec:
   refreshInterval: 15s
   secretStoreRef:
     name: {{ .Values.secretStore.name }}
     kind: {{ .Values.secretStore.kind }}
   target:
-    name: image-registry-credentials
+    name: config-demo-secret
     template:
+      type: Opaque
   dataFrom:
   - extract:
-      key: {{ .Values.imageregistrysecret.key }}
+      key: {{ .Values.configdemosecret.key }}

charts/all/config-demo/templates/config-demo-is.yaml

@@ -0,0 +1,12 @@
+apiVersion: image.openshift.io/v1
+kind: ImageStream
+metadata:
+  name: config-demo
+spec:
+  lookupPolicy:
+    local: true
+  tags:
+  - name: registry.access.redhat.com/ubi8/httpd-24
+    importPolicy: {}
+    referencePolicy:
+      type: Local

…etclinic-config/templates/app/route.yaml …ig-demo/templates/config-demo-route.yamlcharts/region/stage/spring-petclinic-config/templates/app/route.yaml renamed to charts/all/config-demo/templates/config-demo-route.yaml charts/region/stage/spring-petclinic-config/templates/app/route.yaml renamed to charts/all/config-demo/templates/config-demo-route.yaml

@@ -2,12 +2,13 @@ apiVersion: route.openshift.io/v1
 kind: Route
 metadata:
   labels:
-    app: spring-petclinic
-  name: spring-petclinic
+    app: config-demo
+  name: config-demo
 spec:
   port:
     targetPort: 8080-tcp
   to:
     kind: Service
-    name: spring-petclinic
+    name: config-demo
     weight: 100
+  wildcardPolicy: None