From 67c180892e157a253cc220c59c900dac7fe00c8a Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 11 Aug 2025 16:39:08 +0530 Subject: [PATCH 01/92] update odh latest version remove some jobs and update controller --- .../templates/10-odh-dspa-aws.yaml | 53 ----- .../templates/10-odh-dspa-local.yaml | 21 -- .../templates/10-odh-dspa-minio.yaml | 57 ------ .../112-ibm-odh/templates/11-odh.yaml | 189 ------------------ .../templates/07-kmodel-controller.yaml | 4 +- .../templates/050-ibm-kmodels-app.yaml | 2 +- 6 files changed, 2 insertions(+), 324 deletions(-) delete mode 100644 instance-applications/112-ibm-odh/templates/10-odh-dspa-aws.yaml delete mode 100644 instance-applications/112-ibm-odh/templates/10-odh-dspa-local.yaml delete mode 100644 instance-applications/112-ibm-odh/templates/10-odh-dspa-minio.yaml delete mode 100644 instance-applications/112-ibm-odh/templates/11-odh.yaml diff --git a/instance-applications/112-ibm-odh/templates/10-odh-dspa-aws.yaml b/instance-applications/112-ibm-odh/templates/10-odh-dspa-aws.yaml deleted file mode 100644 index b33c0152a..000000000 --- a/instance-applications/112-ibm-odh/templates/10-odh-dspa-aws.yaml +++ /dev/null @@ -1,53 +0,0 @@ ---- -{{- if eq .Values.mas_aibroker_storage_provider "aws" }} -apiVersion: v1 -kind: Secret -metadata: - name: ds-pipeline-s3-instance - namespace: "{{ .Values.aibroker_namespace }}" - labels: - opendatahub.io/dashboard: 'false' - opendatahub.io/managed: 'true' - annotations: - opendatahub.io/connection-type: s3 - openshift.io/display-name: AWS S3 Connection - argocd.argoproj.io/sync-wave: "132" -stringData: - accesskey: "{{ .Values.mas_aibroker_storage_accesskey }}" - secretkey: "{{ .Values.mas_aibroker_storage_secretkey }}" - host: "{{ .Values.mas_aibroker_storage_host }}" - region: "{{ .Values.mas_aibroker_storage_region }}" - ssl: "{{ .Values.mas_aibroker_storage_ssl }}" ---- -apiVersion: datasciencepipelinesapplications.opendatahub.io/v1alpha1 -kind: DataSciencePipelinesApplication -metadata: - name: instance - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "132" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true -spec: - dspVersion: v1 - database: - disableHealthCheck: true - customExtraParams: '{"tls":"false"}' - externalDB: - host: "{{ .Values.mas_aibroker_db_host }}" - port: "{{ .Values.mas_aibroker_db_port }}" - username: "{{ .Values.mas_aibroker_db_user }}" - pipelineDBName: "{{ .Values.mas_aibroker_db_database }}" - passwordSecret: - name: "{{ .Values.mas_aibroker_db_secret_name }}" - key: password - objectStorage: - disableHealthCheck: true - externalStorage: - host: "{{ .Values.mas_aibroker_storage_host }}" - bucket: "{{ .Values.mas_aibroker_storage_pipelines_bucket }}" - s3CredentialsSecret: - accessKey: accesskey - secretKey: secretkey - secretName: ds-pipeline-s3-instance - scheme: https -{{- end }} \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/10-odh-dspa-local.yaml b/instance-applications/112-ibm-odh/templates/10-odh-dspa-local.yaml deleted file mode 100644 index 86193c624..000000000 --- a/instance-applications/112-ibm-odh/templates/10-odh-dspa-local.yaml +++ /dev/null @@ -1,21 +0,0 @@ ---- -{{- if eq .Values.mas_aibroker_storage_provider "local" }} -apiVersion: datasciencepipelinesapplications.opendatahub.io/v1alpha1 -kind: DataSciencePipelinesApplication -metadata: - name: instance - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "132" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true -spec: - database: - disableHealthCheck: true - objectStorage: - disableHealthCheck: true - minio: - deploy: true - image: 'quay.io/minio/minio' - pvcSize: 40Gi - storageClassName: "{{ .Values.primary_storage_class }}" -{{- end }} \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/10-odh-dspa-minio.yaml b/instance-applications/112-ibm-odh/templates/10-odh-dspa-minio.yaml deleted file mode 100644 index 1a91dbb42..000000000 --- a/instance-applications/112-ibm-odh/templates/10-odh-dspa-minio.yaml +++ /dev/null @@ -1,57 +0,0 @@ -{{- if eq .Values.mas_aibroker_storage_provider "minio" }} ---- -apiVersion: v1 -kind: Secret -metadata: - name: ds-pipeline-s3-instance - namespace: "{{ .Values.aibroker_namespace }}" - labels: - opendatahub.io/dashboard: "false" - opendatahub.io/managed: "true" - annotations: - argocd.argoproj.io/sync-wave: "132" - opendatahub.io/connection-type: s3 - openshift.io/display-name: Minio Data Connection -stringData: - accesskey: "{{ .Values.mas_aibroker_storage_accesskey }}" - secretkey: "{{ .Values.mas_aibroker_storage_secretkey }}" - host: "{{ .Values.mas_aibroker_storage_host }}" - port: "{{ .Values.mas_aibroker_storage_port }}" - ssl: "false" - #ssl: "{{ .Values.mas_aibroker_storage_ssl }}" ---- -apiVersion: datasciencepipelinesapplications.opendatahub.io/v1alpha1 -kind: DataSciencePipelinesApplication -metadata: - name: instance - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "133" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true -spec: - dspVersion: v1 - database: - disableHealthCheck: true - customExtraParams: '{"tls":"false"}' - externalDB: - host: "{{ .Values.mas_aibroker_db_host }}" - port: "{{ .Values.mas_aibroker_db_port }}" - username: "{{ .Values.mas_aibroker_db_user }}" - pipelineDBName: "{{ .Values.mas_aibroker_db_database }}" - passwordSecret: - name: "{{ .Values.mas_aibroker_db_secret_name }}" - key: password - - objectStorage: - disableHealthCheck: true - externalStorage: - host: "{{ .Values.mas_aibroker_storage_host }}" - port: "{{ .Values.mas_aibroker_storage_port }}" - bucket: "{{ .Values.mas_aibroker_storage_pipelines_bucket }}" - s3CredentialsSecret: - accessKey: accesskey - secretKey: secretkey - secretName: ds-pipeline-s3-instance - scheme: http - -{{- end }} \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/11-odh.yaml b/instance-applications/112-ibm-odh/templates/11-odh.yaml deleted file mode 100644 index 6c4f6b94a..000000000 --- a/instance-applications/112-ibm-odh/templates/11-odh.yaml +++ /dev/null @@ -1,189 +0,0 @@ -{{- $_job_name_prefix := "odh-sa-patch-job-v1" }} - -{{- /* -Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. -Included in $_job_hash (see below). -*/}} -{{- $_cli_image_digest := "sha256:934706a7173d45ea53c3d191afa6d75b4e41d25422e6a3685f1c57d1ddf49a00" }} - -{{- /* -A dict of values that influence the behaviour of the job in some way. -Any changes to values in this dict will trigger a rerun of the job. -Since jobs must be idemopotent, it's generally safe to pass in values here that are not -strictly necessary (i.e. including some values that don't actually influence job behaviour). -We may want to refine this further though for jobs that can take a long time to complete. -Included in $_job_hash (see below). -*/}} -{{- $_job_config_values := omit .Values "junitreporter" }} - -{{- /* -Increment this value whenever you make a change to an immutable field of the Job resource. -E.g. passing in a new environment variable. -Included in $_job_hash (see below). -*/}} -{{- $_job_version := "v3" }} - -{{- /* -10 char hash appended to the job name taking into account $_job_config_values, $_job_version and $_cli_image_digest -This is to ensure ArgoCD will create a new job resource intead of attempting (and failing) to update an -immutable field of any existing Job resource. -*/}} -{{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image_digest $_job_version | adler32sum }} - -{{- $_job_name := join "-" (list $_job_name_prefix $_job_hash )}} - - -{{- /* -Set as the value for the mas.ibm.com/job-cleanup-group label on the Job resource. - -When the auto_delete flag is not set on the root application, a CronJob in the cluster uses this label -to identify old Job resources that should be pruned on behalf of ArgoCD. - -Any Job resources in the same namespace that have the mas.ibm.com/job-cleanup-group with this value -will be considered to belong to the same cleanup group. All but the most recent (i.e. with the latest "creation_timestamp") -Jobs will be automatically deleted. - -$_job_cleanup_group can usually just be based on $_job_name_prefix. There are some special cases -where multiple Jobs are created in our templates using a Helm loop. In those cases, additional descriminators -must be added to $_job_cleanup_group. - -By convention, we sha1sum this value to guarantee we never exceed the 63 char limit regardless of which discriminators -are required here. - -*/}} -{{- $_job_cleanup_group := cat $_job_name_prefix | sha1sum }} - - ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: odh-sa - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "135" - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: patch-serviceaccount-role - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "136" -rules: - - apiGroups: [""] - resources: ["serviceaccounts"] - verbs: ["get", "patch"] - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: patch-serviceaccount-binding - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "137" -subjects: - - kind: ServiceAccount - name: odh-sa - namespace: "{{ .Values.aibroker_namespace }}" -roleRef: - kind: Role - name: patch-serviceaccount-role - apiGroup: rbac.authorization.k8s.io - - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: odh-sa-knative-patch-role - namespace: knative-serving - annotations: - argocd.argoproj.io/sync-wave: "136" -rules: - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "patch"] - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: odh-sa-knative-patch-binding - namespace: knative-serving - annotations: - argocd.argoproj.io/sync-wave: "137" -subjects: - - kind: ServiceAccount - name: odh-sa - namespace: "{{ .Values.aibroker_namespace }}" # Still referencing from your values -roleRef: - kind: Role - name: odh-sa-knative-patch-role - apiGroup: rbac.authorization.k8s.io - ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ $_job_name }}-{{ omit .Values "junitreporter" | toYaml | adler32sum }} - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "138" - labels: - mas.ibm.com/job-cleanup-group: {{ $_job_cleanup_group }} -spec: - template: - spec: - containers: - - name: run - image: quay.io/ibmmas/cli@{{ $_cli_image_digest }} - imagePullPolicy: IfNotPresent - resources: - limits: - cpu: 200m - memory: 512Mi - requests: - cpu: 10m - memory: 64Mi - env: - - name: AIBROKER_NAMESPACE - value: "{{ .Values.aibroker_namespace }}" - command: - - /bin/sh - - -c - - | - set -e - echo - echo "================================================================================" - echo "Provide ibm-entitlement-key image pull secret for 'pipeline-runner-instance' service accounts" - echo "================================================================================" - echo - - sleep 60 - - RESOURCE_NAME=$(oc get serviceaccount pipeline-runner-instance -n ${AIBROKER_NAMESPACE} -o=jsonpath="{.metadata.name}" --ignore-not-found) - if [[ -n "${RESOURCE_NAME}" ]]; then - echo "Patching 'pipeline-runner-instance' sa..." - oc patch serviceaccount pipeline-runner-instance -n ${AIBROKER_NAMESPACE} --type='merge' -p '{"imagePullSecrets":[{"name":"ibm-entitlement"}]}' - else - echo "'pipeline-runner-instance' service account not found." - fi - - echo - echo "================================================================================" - echo "Patching config-features in knative-serving" - echo "================================================================================" - echo - - oc patch --namespace knative-serving configmap/config-features --type merge --patch '{"data":{"kubernetes.podspec-persistent-volume-claim":"enabled", "kubernetes.podspec-persistent-volume-write":"enabled"}}' - - echo "Finished patching config-features in knative-serving" - - restartPolicy: Never - serviceAccountName: odh-sa - automountServiceAccountToken: true - dnsPolicy: ClusterFirst - backoffLimit: 3 diff --git a/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml b/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml index 2218aa925..1843ed3de 100644 --- a/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml +++ b/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml @@ -10,7 +10,6 @@ metadata: app: km-controller data: CONTAINER_REGISTRY: "{{ .Values.mas_icr_cp }}/aibroker" - #DOCKER_SERVER: "{{ .Values.mas_icr_cp }}/aibroker" PIPELINES_BUCKET: "{{ .Values.mas_aibroker_storage_pipelines_bucket }}" TENANTS_BUCKET: "{{ .Values.mas_aibroker_storage_tenants_bucket }}" DOCKER_SECRETS_NAME: "ibm-entitlement" @@ -19,6 +18,7 @@ data: PIPELINE_DEFAULT_STEP_TAG: "{{ .Values.mas_aibroker_pipeline_steps_tag }}" CONNECTOR_DEFAULT_TAG: "{{ .Values.mas_aibroker_connector_tag }}" DEFAULT_TENANTS: "{{ .Values.mas_aibroker_provision_tenant }}" + PIPELINE_DEPLOYMENT_MODE: raw PLATFORM: openshift PVC_STORAGE_CLASS_NAME: "{{ .Values.primary_storage_class }}" LOG_FORMAT: "json" @@ -26,8 +26,6 @@ data: MODEL_ID_PREFIX: "{{ .Values.model_id_prefix }}" AFFINITY_ENABLED: "false" CONNECTOR_TTL: "10" - - --- apiVersion: v1 kind: Service diff --git a/root-applications/ibm-aibroker-instance-root/templates/050-ibm-kmodels-app.yaml b/root-applications/ibm-aibroker-instance-root/templates/050-ibm-kmodels-app.yaml index 6b3e1bbd8..ea9b44356 100644 --- a/root-applications/ibm-aibroker-instance-root/templates/050-ibm-kmodels-app.yaml +++ b/root-applications/ibm-aibroker-instance-root/templates/050-ibm-kmodels-app.yaml @@ -62,7 +62,7 @@ spec: mas_instance_id: "{{ .Values.ibm_kmodel.mas_instance_id }}" model_id_unique_length: "{{ .Values.ibm_kmodel.model_id_unique_length }}" model_id_prefix: "{{ .Values.ibm_kmodel.model_id_prefix }}" - + ds_pipelines_enabled: "{{ .Values.ibm_kmodel.ds_pipelines_enabled }}" mas_icr_cp: "{{ .Values.ibm_aibroker.mas_icr_cp }}" junitreporter: From fa4c0f617771e53da84d80a8e6dbdd6960c759d8 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 19 Aug 2025 17:08:31 +0530 Subject: [PATCH 02/92] Delete 11-odh.yaml --- .../112-ibm-odh/templates/11-odh.yaml | 189 ------------------ 1 file changed, 189 deletions(-) delete mode 100644 instance-applications/112-ibm-odh/templates/11-odh.yaml diff --git a/instance-applications/112-ibm-odh/templates/11-odh.yaml b/instance-applications/112-ibm-odh/templates/11-odh.yaml deleted file mode 100644 index 7ae2e6df2..000000000 --- a/instance-applications/112-ibm-odh/templates/11-odh.yaml +++ /dev/null @@ -1,189 +0,0 @@ -{{- $_job_name_prefix := "odh-sa-patch-job-v1" }} - -{{- /* -Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. -Included in $_job_hash (see below). -*/}} -{{- $_cli_image_digest := "sha256:aa3972d1777c01a86ab21a47854f1f5fbffc09452adfb0c734e245b3d46e6ffb" }} - -{{- /* -A dict of values that influence the behaviour of the job in some way. -Any changes to values in this dict will trigger a rerun of the job. -Since jobs must be idemopotent, it's generally safe to pass in values here that are not -strictly necessary (i.e. including some values that don't actually influence job behaviour). -We may want to refine this further though for jobs that can take a long time to complete. -Included in $_job_hash (see below). -*/}} -{{- $_job_config_values := omit .Values "junitreporter" }} - -{{- /* -Increment this value whenever you make a change to an immutable field of the Job resource. -E.g. passing in a new environment variable. -Included in $_job_hash (see below). -*/}} -{{- $_job_version := "v3" }} - -{{- /* -10 char hash appended to the job name taking into account $_job_config_values, $_job_version and $_cli_image_digest -This is to ensure ArgoCD will create a new job resource intead of attempting (and failing) to update an -immutable field of any existing Job resource. -*/}} -{{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image_digest $_job_version | adler32sum }} - -{{- $_job_name := join "-" (list $_job_name_prefix $_job_hash )}} - - -{{- /* -Set as the value for the mas.ibm.com/job-cleanup-group label on the Job resource. - -When the auto_delete flag is not set on the root application, a CronJob in the cluster uses this label -to identify old Job resources that should be pruned on behalf of ArgoCD. - -Any Job resources in the same namespace that have the mas.ibm.com/job-cleanup-group with this value -will be considered to belong to the same cleanup group. All but the most recent (i.e. with the latest "creation_timestamp") -Jobs will be automatically deleted. - -$_job_cleanup_group can usually just be based on $_job_name_prefix. There are some special cases -where multiple Jobs are created in our templates using a Helm loop. In those cases, additional descriminators -must be added to $_job_cleanup_group. - -By convention, we sha1sum this value to guarantee we never exceed the 63 char limit regardless of which discriminators -are required here. - -*/}} -{{- $_job_cleanup_group := cat $_job_name_prefix | sha1sum }} - - ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: odh-sa - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "135" - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: patch-serviceaccount-role - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "136" -rules: - - apiGroups: [""] - resources: ["serviceaccounts"] - verbs: ["get", "patch"] - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: patch-serviceaccount-binding - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "137" -subjects: - - kind: ServiceAccount - name: odh-sa - namespace: "{{ .Values.aibroker_namespace }}" -roleRef: - kind: Role - name: patch-serviceaccount-role - apiGroup: rbac.authorization.k8s.io - - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: odh-sa-knative-patch-role - namespace: knative-serving - annotations: - argocd.argoproj.io/sync-wave: "136" -rules: - - apiGroups: [""] - resources: ["configmaps"] - verbs: ["get", "patch"] - ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: odh-sa-knative-patch-binding - namespace: knative-serving - annotations: - argocd.argoproj.io/sync-wave: "137" -subjects: - - kind: ServiceAccount - name: odh-sa - namespace: "{{ .Values.aibroker_namespace }}" # Still referencing from your values -roleRef: - kind: Role - name: odh-sa-knative-patch-role - apiGroup: rbac.authorization.k8s.io - ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ $_job_name }}-{{ omit .Values "junitreporter" | toYaml | adler32sum }} - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "138" - labels: - mas.ibm.com/job-cleanup-group: {{ $_job_cleanup_group }} -spec: - template: - spec: - containers: - - name: run - image: quay.io/ibmmas/cli@{{ $_cli_image_digest }} - imagePullPolicy: IfNotPresent - resources: - limits: - cpu: 200m - memory: 512Mi - requests: - cpu: 10m - memory: 64Mi - env: - - name: AIBROKER_NAMESPACE - value: "{{ .Values.aibroker_namespace }}" - command: - - /bin/sh - - -c - - | - set -e - echo - echo "================================================================================" - echo "Provide ibm-entitlement-key image pull secret for 'pipeline-runner-instance' service accounts" - echo "================================================================================" - echo - - sleep 60 - - RESOURCE_NAME=$(oc get serviceaccount pipeline-runner-instance -n ${AIBROKER_NAMESPACE} -o=jsonpath="{.metadata.name}" --ignore-not-found) - if [[ -n "${RESOURCE_NAME}" ]]; then - echo "Patching 'pipeline-runner-instance' sa..." - oc patch serviceaccount pipeline-runner-instance -n ${AIBROKER_NAMESPACE} --type='merge' -p '{"imagePullSecrets":[{"name":"ibm-entitlement"}]}' - else - echo "'pipeline-runner-instance' service account not found." - fi - - echo - echo "================================================================================" - echo "Patching config-features in knative-serving" - echo "================================================================================" - echo - - oc patch --namespace knative-serving configmap/config-features --type merge --patch '{"data":{"kubernetes.podspec-persistent-volume-claim":"enabled", "kubernetes.podspec-persistent-volume-write":"enabled"}}' - - echo "Finished patching config-features in knative-serving" - - restartPolicy: Never - serviceAccountName: odh-sa - automountServiceAccountToken: true - dnsPolicy: ClusterFirst - backoffLimit: 3 From 5b0639d29e3ed81df814cf03177a5c4dcf04a920 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 28 Aug 2025 14:27:14 +0530 Subject: [PATCH 03/92] Name update Aibroker to aiservice MASSREMAT-202 Aibroker to aiservice --- .../templates/06-odh-namespace.yaml | 2 +- .../templates/07-odh-external-secret-db.yaml | 6 +- instance-applications/112-ibm-odh/values.yaml | 32 +- .../templates/01-aibroker-storage-secret.yaml | 12 - .../templates/02-aibroker-mariadb-secret.yaml | 12 - .../templates/09-aibroker-app.yaml | 47 --- .../113-ibm-aibroker/values.yaml | 85 ----- .../Chart.yaml | 4 +- .../README.md | 4 +- .../01-aiservice-storage-secret.yaml | 12 + .../02-aiservice-mariadb-secret.yaml | 12 + .../templates/06-aiservice-dro.yaml} | 8 +- .../templates/07-aiservice-jdbc.yaml} | 4 +- .../08-aiservice-operator-subscription.yaml} | 14 +- .../templates/09-aiservice-app.yaml | 47 +++ .../113-ibm-aiservice/values.yaml | 85 +++++ .../templates/02-kmodel-secret.yaml | 34 +- .../templates/04-kmodel-networkpolicies.yaml | 4 +- .../templates/05-kmodel-store.yaml | 10 +- .../templates/06-kmodel-watcher.yaml | 18 +- .../templates/07-kmodel-controller.yaml | 22 +- .../114-ibm-kmodels/values.yaml | 42 +-- .../115-ibm-aibroker-tenant/README.md | 3 - .../00-aibroker-tenent-namespace.yaml | 53 --- .../templates/04-aibroker-s3-secret.yaml | 24 -- .../Chart.yaml | 4 +- .../115-ibm-aiservice-tenant/README.md | 3 + .../00-aiservice-tenent-namespace.yaml | 53 +++ .../templates/01-aiservice-sls-secret.yaml} | 6 +- .../templates/02-aiservice-rsl-secret.yaml} | 4 +- .../templates/03-aiservice-dro-secret.yaml} | 6 +- .../templates/04-aiservice-s3-secret.yaml | 24 ++ .../templates/05-aiservice-wx.yaml} | 14 +- .../templates/06-aiservice-workspace.yaml} | 22 +- .../07-aiservice-ingress-allow-isvc.yaml} | 0 .../templates/08-aiservice-postsyncjob.yaml} | 40 +-- .../values.yaml | 0 main.py | 14 +- .../templates/040-ibm-aibroker-app.yaml | 129 ------- .../ibm-aibroker-instance-root/values.yaml | 326 ------------------ .../ibm-aibroker-tenant-root/Chart.yaml | 5 - .../ibm-aibroker-tenant-root/README.md | 3 - .../100-ibm-aibroker-tenant-app.yaml | 135 -------- .../ibm-aibroker-tenant-root/values.yaml | 323 ----------------- .../Chart.yaml | 0 .../README.md | 0 .../templates/030-ibm-odh-app.yaml | 32 +- .../templates/040-ibm-aiservice-app.yaml | 129 +++++++ .../templates/050-ibm-kmodels-app.yaml | 32 +- .../070-aiservice-tenant-appset.yaml} | 8 +- .../ibm-aiservice-instance-root/values.yaml | 326 ++++++++++++++++++ .../ibm-aiservice-tenant-root/Chart.yaml | 5 + .../ibm-aiservice-tenant-root/README.md | 3 + .../100-ibm-aiservice-tenant-app.yaml | 135 ++++++++ .../ibm-aiservice-tenant-root/values.yaml | 323 +++++++++++++++++ ...aml => 099-aiservice-instance-appset.yaml} | 12 +- 56 files changed, 1356 insertions(+), 1356 deletions(-) delete mode 100644 instance-applications/113-ibm-aibroker/templates/01-aibroker-storage-secret.yaml delete mode 100644 instance-applications/113-ibm-aibroker/templates/02-aibroker-mariadb-secret.yaml delete mode 100644 instance-applications/113-ibm-aibroker/templates/09-aibroker-app.yaml delete mode 100644 instance-applications/113-ibm-aibroker/values.yaml rename instance-applications/{113-ibm-aibroker => 113-ibm-aiservice}/Chart.yaml (81%) rename instance-applications/{113-ibm-aibroker => 113-ibm-aiservice}/README.md (53%) create mode 100644 instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml create mode 100644 instance-applications/113-ibm-aiservice/templates/02-aiservice-mariadb-secret.yaml rename instance-applications/{113-ibm-aibroker/templates/06-aibroker-dro.yaml => 113-ibm-aiservice/templates/06-aiservice-dro.yaml} (61%) rename instance-applications/{113-ibm-aibroker/templates/07-aibroker-jdbc.yaml => 113-ibm-aiservice/templates/07-aiservice-jdbc.yaml} (81%) rename instance-applications/{113-ibm-aibroker/templates/08-aibroker-operator-subscription.yaml => 113-ibm-aiservice/templates/08-aiservice-operator-subscription.yaml} (74%) create mode 100644 instance-applications/113-ibm-aiservice/templates/09-aiservice-app.yaml create mode 100644 instance-applications/113-ibm-aiservice/values.yaml delete mode 100644 instance-applications/115-ibm-aibroker-tenant/README.md delete mode 100644 instance-applications/115-ibm-aibroker-tenant/templates/00-aibroker-tenent-namespace.yaml delete mode 100644 instance-applications/115-ibm-aibroker-tenant/templates/04-aibroker-s3-secret.yaml rename instance-applications/{115-ibm-aibroker-tenant => 115-ibm-aiservice-tenant}/Chart.yaml (77%) create mode 100644 instance-applications/115-ibm-aiservice-tenant/README.md create mode 100644 instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace.yaml rename instance-applications/{115-ibm-aibroker-tenant/templates/01-aibroker-sls-secret.yaml => 115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml} (72%) rename instance-applications/{115-ibm-aibroker-tenant/templates/02-aibroker-rsl-secret.yaml => 115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml} (82%) rename instance-applications/{115-ibm-aibroker-tenant/templates/03-aibroker-dro-secret.yaml => 115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml} (71%) create mode 100644 instance-applications/115-ibm-aiservice-tenant/templates/04-aiservice-s3-secret.yaml rename instance-applications/{115-ibm-aibroker-tenant/templates/05-aibroker-wx.yaml => 115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml} (64%) rename instance-applications/{115-ibm-aibroker-tenant/templates/06-aibroker-workspace.yaml => 115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml} (70%) rename instance-applications/{115-ibm-aibroker-tenant/templates/07-aibroker-ingress-allow-isvc.yaml => 115-ibm-aiservice-tenant/templates/07-aiservice-ingress-allow-isvc.yaml} (100%) rename instance-applications/{115-ibm-aibroker-tenant/templates/08-aibroker-postsyncjob.yaml => 115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml} (82%) rename instance-applications/{115-ibm-aibroker-tenant => 115-ibm-aiservice-tenant}/values.yaml (100%) delete mode 100644 root-applications/ibm-aibroker-instance-root/templates/040-ibm-aibroker-app.yaml delete mode 100644 root-applications/ibm-aibroker-instance-root/values.yaml delete mode 100644 root-applications/ibm-aibroker-tenant-root/Chart.yaml delete mode 100644 root-applications/ibm-aibroker-tenant-root/README.md delete mode 100644 root-applications/ibm-aibroker-tenant-root/templates/100-ibm-aibroker-tenant-app.yaml delete mode 100644 root-applications/ibm-aibroker-tenant-root/values.yaml rename root-applications/{ibm-aibroker-instance-root => ibm-aiservice-instance-root}/Chart.yaml (100%) rename root-applications/{ibm-aibroker-instance-root => ibm-aiservice-instance-root}/README.md (100%) rename root-applications/{ibm-aibroker-instance-root => ibm-aiservice-instance-root}/templates/030-ibm-odh-app.yaml (76%) create mode 100644 root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml rename root-applications/{ibm-aibroker-instance-root => ibm-aiservice-instance-root}/templates/050-ibm-kmodels-app.yaml (67%) rename root-applications/{ibm-aibroker-instance-root/templates/070-aibroker-tenant-appset.yaml => ibm-aiservice-instance-root/templates/070-aiservice-tenant-appset.yaml} (95%) create mode 100644 root-applications/ibm-aiservice-instance-root/values.yaml create mode 100644 root-applications/ibm-aiservice-tenant-root/Chart.yaml create mode 100644 root-applications/ibm-aiservice-tenant-root/README.md create mode 100644 root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml create mode 100644 root-applications/ibm-aiservice-tenant-root/values.yaml rename root-applications/ibm-mas-cluster-root/templates/{099-aibroker-instance-appset.yaml => 099-aiservice-instance-appset.yaml} (94%) diff --git a/instance-applications/112-ibm-odh/templates/06-odh-namespace.yaml b/instance-applications/112-ibm-odh/templates/06-odh-namespace.yaml index 5e49909bb..35334ab82 100644 --- a/instance-applications/112-ibm-odh/templates/06-odh-namespace.yaml +++ b/instance-applications/112-ibm-odh/templates/06-odh-namespace.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Namespace metadata: - name: "{{ .Values.aibroker_namespace }}" + name: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "128" diff --git a/instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml b/instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml index 2ceb316ab..1e854f0d3 100644 --- a/instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml +++ b/instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml @@ -2,10 +2,10 @@ apiVersion: v1 kind: Secret metadata: - name: "{{ .Values.mas_aibroker_db_secret_name }}" - namespace: "{{ .Values.aibroker_namespace }}" + name: "{{ .Values.mas_aiservice_db_secret_name }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "129" type: Opaque stringData: - password: "{{ .Values.mas_aibroker_db_secret_value }}" + password: "{{ .Values.mas_aiservice_db_secret_value }}" diff --git a/instance-applications/112-ibm-odh/values.yaml b/instance-applications/112-ibm-odh/values.yaml index 0bf0aef87..3fa87d6ba 100644 --- a/instance-applications/112-ibm-odh/values.yaml +++ b/instance-applications/112-ibm-odh/values.yaml @@ -42,26 +42,26 @@ operatorName: "openshift-pipelines-operator-rh" source: "redhat_operators" sourceNamespace: "openshift_marketplace" -aibroker_namespace: "mas_sremat_aibroker" +aiservice_namespace: "mas_sremat_aiservice" pull_secret_name: "ibm_entitlement" # Storage vars -mas_aibroker_storage_provider: "aws" -mas_aibroker_storage_accesskey: "aibroker_storage_accesskey" -mas_aibroker_storage_secretkey: "aibroker_storage_secretkey" -mas_aibroker_storage_host: "mas_aibroker_storage_host" -mas_aibroker_storage_port: "mas_aibroker_storage_port" -mas_aibroker_storage_ssl: "mas_aibroker_storage_ssl" -mas_aibroker_storage_region: "mas_aibroker_storage_region" +mas_aiservice_storage_provider: "aws" +mas_aiservice_storage_accesskey: "aiservice_storage_accesskey" +mas_aiservice_storage_secretkey: "aiservice_storage_secretkey" +mas_aiservice_storage_host: "mas_aiservice_storage_host" +mas_aiservice_storage_port: "mas_aiservice_storage_port" +mas_aiservice_storage_ssl: "mas_aiservice_storage_ssl" +mas_aiservice_storage_region: "mas_aiservice_storage_region" # MariaDB -mas_aibroker_db_host: "mas_aibroker_db_host" -mas_aibroker_db_port: "mas_aibroker_db_port" -mas_aibroker_db_user: "mas_aibroker_db_user" -mas_aibroker_db_database: "mas_aibroker_db_database" +mas_aiservice_db_host: "mas_aiservice_db_host" +mas_aiservice_db_port: "mas_aiservice_db_port" +mas_aiservice_db_user: "mas_aiservice_db_user" +mas_aiservice_db_database: "mas_aiservice_db_database" -mas_aibroker_db_secret_key: "mas_aibroker_db_secret_key" -mas_aibroker_db_secret_name: "mas_aibroker_db_secret_name" -mas_aibroker_db_secret_value: "mas_aibroker_db_secret_value" +mas_aiservice_db_secret_key: "mas_aiservice_db_secret_key" +mas_aiservice_db_secret_name: "mas_aiservice_db_secret_name" +mas_aiservice_db_secret_value: "mas_aiservice_db_secret_value" -mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" +mas_aiservice_storage_pipelines_bucket: "mas_aiservice_storage_pipelines_bucket" primary_storage_class: "defaultStorageClasses" #"{{ defaultStorageClasses.rwx }}" diff --git a/instance-applications/113-ibm-aibroker/templates/01-aibroker-storage-secret.yaml b/instance-applications/113-ibm-aibroker/templates/01-aibroker-storage-secret.yaml deleted file mode 100644 index 5acd302d2..000000000 --- a/instance-applications/113-ibm-aibroker/templates/01-aibroker-storage-secret.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -metadata: - name: "{{ .Values.mas_aibroker_storage_secret }}" - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "140" -stringData: - username: "{{ .Values.mas_aibroker_storage_accesskey }}" - password: "{{ .Values.mas_aibroker_storage_secretkey }}" -type: Opaque \ No newline at end of file diff --git a/instance-applications/113-ibm-aibroker/templates/02-aibroker-mariadb-secret.yaml b/instance-applications/113-ibm-aibroker/templates/02-aibroker-mariadb-secret.yaml deleted file mode 100644 index 7d698bfd6..000000000 --- a/instance-applications/113-ibm-aibroker/templates/02-aibroker-mariadb-secret.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -kind: Secret -apiVersion: v1 -metadata: - name: "{{ .Values.mas_aibroker_mariadb_secret }}" - namespace: "{{ .Values.aibroker_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "141" -stringData: - username: "{{ .Values.mas_aibroker_db_user }}" - password: "{{ .Values.mas_aibroker_db_secret_value }}" -type: Opaque diff --git a/instance-applications/113-ibm-aibroker/templates/09-aibroker-app.yaml b/instance-applications/113-ibm-aibroker/templates/09-aibroker-app.yaml deleted file mode 100644 index 08cf58b16..000000000 --- a/instance-applications/113-ibm-aibroker/templates/09-aibroker-app.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -apiVersion: apps.mas.ibm.com/v1 -kind: AiBrokerApp -metadata: - name: "{{ .Values.aibroker_instance_id }}" - namespace: "{{ .Values.aibroker_namespace }}" - labels: - mas.ibm.com/applicationId: aibroker - mas.ibm.com/instanceId: "{{ .Values.aibroker_instance_id }}" - app.kubernetes.io/instance: "{{ .Values.aibroker_instance_id }}" - annotations: - argocd.argoproj.io/sync-wave: "149" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true -spec: - settings: - icr: - cp: "{{ .Values.mas_icr_cp }}" - cpopen: "{{ .Values.mas_icr_cpopen }}" - dro: - url: "{{ .Values.drocfg_url }}" - dro_token_secret: "{{ .Values.drocfg_registration_key }}" - ca: "{{ .Values.drocfg_ca_tenant }}" - jdbc: - url: "{{ .Values.jdbccfg_url }}" - credentials_secret: "{{ .Values.mas_aibroker_db2_jdbc_secret }}" - ca: "{{ .Values.jdbccfg_ca }}" - cluster_domain: "{{ .Values.cluster_domain }}" - in_saas_env: "{{ .Values.in_saas_env }}" - is_external_route: "{{ .Values.is_external_route }}" - - minio: - host: "{{ .Values.mas_aibroker_storage_host }}" - port: "{{ .Values.mas_aibroker_storage_port }}" - credentials_secret: "{{ .Values.mas_aibroker_storage_secret }}" - mariadb: - host: "{{ .Values.mas_aibroker_db_host }}" - port: "{{ .Values.mas_aibroker_db_port }}" - credentials_secret: "{{ .Values.mas_aibroker_mariadb_secret }}" - database_name: "{{ .Values.mas_aibroker_db_secret_name }}" - # Optional shared S3 config. Tenant-level config takes precedence over this - # - s3: - bucketPrefix: "{{ .Values.mas_aibroker_s3_bucket_prefix }}" - region: "{{ .Values.mas_aibroker_s3_region }}" - endpointUrl: "{{ .Values.mas_aibroker_s3_endpoint_url }}" - environment_type: "{{ .Values.environment_type }}" - use_aws_db2: true \ No newline at end of file diff --git a/instance-applications/113-ibm-aibroker/values.yaml b/instance-applications/113-ibm-aibroker/values.yaml deleted file mode 100644 index 543a0e723..000000000 --- a/instance-applications/113-ibm-aibroker/values.yaml +++ /dev/null @@ -1,85 +0,0 @@ ---- -mas_instance_id: "sremat" -aibroker_namespace: 'mas-{{ mas_instance_id }}-aibroker' -aibroker_instance_id: "AIBROKER_INSTANCE_ID" - -# Minio -mas_aibroker_minio_secret: "{{ mas_app_id }}-miniocfg" - -# MariaDB -mas_aibroker_mariadb_secret: "{{ mas_app_id }}-mariadbcfg" -mas_aibroker_db_user: "MAS_AIBROKER_DB_USER" -mas_aibroker_db_secret_value: "MAS_AIBROKER_DB_SECRET_VALUE" - -# WatsonX -mas_aibroker_watsonx_secret: "{{ mas_app_id }}-watsonxcfg" -mas_aibroker_watsonxai_apikey: "MAS_AIBROKER_WATSONXAI_APIKEY" -mas_aibroker_watsonxai_url: "MAS_AIBROKER_WATSONXAI_URL" -mas_aibroker_watsonxai_project_id: "MAS_AIBROKER_WATSONXAI_PROJECT_ID" - - -# S3 -s3_apikey: "S3_APIKEY" -mas_aibroker_storage_accesskey: "true" -mas_aibroker_storage_secretkey: "MAS_AIBROKER_STORAGE_SECRETKEY" - -mas_aibroker_storage_host: "true" -mas_aibroker_storage_port: "true" - -# SLS -mas_aibroker_sls_registration_key_secret: "sls-registration-key" - - -mas_aibroker_db_host: "MAS_AIBROKER_DB_HOST" -mas_aibroker_db_port: "MAS_AIBROKER_DB_PORT" -mas_aibroker_db_secret_name: "MAS_AIBROKER_DB_SECRET_NAME" - -# Bucket names -mas_aibroker_storage_pipelines_bucket: "MAS_AIBROKER_STORAGE_PIPELINES_BUCKET" -mas_aibroker_storage_tenants_bucket: "MAS_AIBROKER_STORAGE_TENANTS_BUCKET" -mas_aibroker_storage_templates_bucket: "MAS_AIBROKER_STORAGE_TEMPLATES_BUCKET" - -slscfg_registration_key: "slscfg_registration_key" - -# DRO -mas_aibroker_dro_token_secret: "dro-token" -mas_aibroker_dro_cacert_secret: "dro-certificates" - -drocfg_ca: "ca.crt" -drocfg_registration_key: "DRO_TOKEN" -drocfg_url: "drocfg_url" - -# JDBC -mas_aibroker_db2_jdbc_secret: "aibroker-jdbccfg" - -jdbccfg_username: "username" -jdbccfg_password: "password" -jdbccfg_url: "url" -jdbccfg_sslenabled: "sslenabled" -jdbccfg_ca: "ca" - - -# MAS Entitlement -mas_entitlement_username: "cp" -mas_entitlement_key: "MAS_ENTITLEMENT_KEY" - -# Development Registry Entitlement -artifactory_username: "ARTIFACTORY_USERNAME" -artifactory_token: "ARTIFACTORY_TOKEN" - -# Environment Variable: -mas_app_channel: "mas_app_channel" - -# aibroker vars -mas_catalog_source: "MAS_CATALOG_SOURCE" - -# Source container registry -# ----------------------------------------------------------------------------- -mas_icr_cp: "cp.icr.io/cp" -mas_icr_cpopen: "icr.io/cpopen" - -cluster_domain: "_cluster_dns.resources[0].spec.baseDomain" -in_saas_env: "false" - -#TENANT -mas_aibroker_tenant_name: "aibroker-{{ mas_aibroker_tenant_name }}" \ No newline at end of file diff --git a/instance-applications/113-ibm-aibroker/Chart.yaml b/instance-applications/113-ibm-aiservice/Chart.yaml similarity index 81% rename from instance-applications/113-ibm-aibroker/Chart.yaml rename to instance-applications/113-ibm-aiservice/Chart.yaml index 71dc3d654..88e778886 100644 --- a/instance-applications/113-ibm-aibroker/Chart.yaml +++ b/instance-applications/113-ibm-aiservice/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -name: ibm-aibroker -description: IBM AIBROKER +name: ibm-aiservice +description: IBM AISERVICE type: application version: 1.0.0 diff --git a/instance-applications/113-ibm-aibroker/README.md b/instance-applications/113-ibm-aiservice/README.md similarity index 53% rename from instance-applications/113-ibm-aibroker/README.md rename to instance-applications/113-ibm-aiservice/README.md index 1c94d6fd6..cbc902705 100644 --- a/instance-applications/113-ibm-aibroker/README.md +++ b/instance-applications/113-ibm-aiservice/README.md @@ -1,3 +1,3 @@ -IBM AIBROKER +IBM AISERVICE =============================================================================== -Deploy and configure AIBROKER with configurable version \ No newline at end of file +Deploy and configure AISERVICE with configurable version \ No newline at end of file diff --git a/instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml b/instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml new file mode 100644 index 000000000..a92c023e3 --- /dev/null +++ b/instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml @@ -0,0 +1,12 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Values.mas_aiservice_storage_secret }}" + namespace: "{{ .Values.aiservice_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "140" +stringData: + username: "{{ .Values.mas_aiservice_storage_accesskey }}" + password: "{{ .Values.mas_aiservice_storage_secretkey }}" +type: Opaque \ No newline at end of file diff --git a/instance-applications/113-ibm-aiservice/templates/02-aiservice-mariadb-secret.yaml b/instance-applications/113-ibm-aiservice/templates/02-aiservice-mariadb-secret.yaml new file mode 100644 index 000000000..95b282161 --- /dev/null +++ b/instance-applications/113-ibm-aiservice/templates/02-aiservice-mariadb-secret.yaml @@ -0,0 +1,12 @@ +--- +kind: Secret +apiVersion: v1 +metadata: + name: "{{ .Values.mas_aiservice_mariadb_secret }}" + namespace: "{{ .Values.aiservice_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "141" +stringData: + username: "{{ .Values.mas_aiservice_db_user }}" + password: "{{ .Values.mas_aiservice_db_secret_value }}" +type: Opaque diff --git a/instance-applications/113-ibm-aibroker/templates/06-aibroker-dro.yaml b/instance-applications/113-ibm-aiservice/templates/06-aiservice-dro.yaml similarity index 61% rename from instance-applications/113-ibm-aibroker/templates/06-aibroker-dro.yaml rename to instance-applications/113-ibm-aiservice/templates/06-aiservice-dro.yaml index 19bc09002..c278994ce 100644 --- a/instance-applications/113-ibm-aibroker/templates/06-aibroker-dro.yaml +++ b/instance-applications/113-ibm-aiservice/templates/06-aiservice-dro.yaml @@ -2,8 +2,8 @@ kind: Secret apiVersion: v1 metadata: - name: "{{ .Values.mas_aibroker_dro_token_secret }}" - namespace: "{{ .Values.aibroker_namespace }}" + name: "{{ .Values.mas_aiservice_dro_token_secret }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "143" stringData: @@ -14,8 +14,8 @@ type: Opaque kind: Secret apiVersion: v1 metadata: - name: "{{ .Values.mas_aibroker_dro_cacert_secret }}" - namespace: "{{ .Values.aibroker_namespace }}" + name: "{{ .Values.mas_aiservice_dro_cacert_secret }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "144" stringData: diff --git a/instance-applications/113-ibm-aibroker/templates/07-aibroker-jdbc.yaml b/instance-applications/113-ibm-aiservice/templates/07-aiservice-jdbc.yaml similarity index 81% rename from instance-applications/113-ibm-aibroker/templates/07-aibroker-jdbc.yaml rename to instance-applications/113-ibm-aiservice/templates/07-aiservice-jdbc.yaml index 5a1a41a73..bf7970a99 100644 --- a/instance-applications/113-ibm-aibroker/templates/07-aibroker-jdbc.yaml +++ b/instance-applications/113-ibm-aiservice/templates/07-aiservice-jdbc.yaml @@ -2,8 +2,8 @@ kind: Secret apiVersion: v1 metadata: - name: "aibroker-jdbccfg" - namespace: "{{ .Values.aibroker_namespace }}" + name: "aiservice-jdbccfg" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "145" stringData: diff --git a/instance-applications/113-ibm-aibroker/templates/08-aibroker-operator-subscription.yaml b/instance-applications/113-ibm-aiservice/templates/08-aiservice-operator-subscription.yaml similarity index 74% rename from instance-applications/113-ibm-aibroker/templates/08-aibroker-operator-subscription.yaml rename to instance-applications/113-ibm-aiservice/templates/08-aiservice-operator-subscription.yaml index 381fb5867..12f1a181d 100644 --- a/instance-applications/113-ibm-aibroker/templates/08-aibroker-operator-subscription.yaml +++ b/instance-applications/113-ibm-aiservice/templates/08-aiservice-operator-subscription.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: ibm-entitlement - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "146" type: kubernetes.io/dockerconfigjson @@ -14,27 +14,27 @@ data: apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: - name: "{{ .Values.aibroker_namespace }}" - namespace: "{{ .Values.aibroker_namespace }}" + name: "{{ .Values.aiservice_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "147" argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true spec: targetNamespaces: - - "{{ .Values.aibroker_namespace }}" + - "{{ .Values.aiservice_namespace }}" --- apiVersion: operators.coreos.com/v1alpha1 kind: Subscription metadata: - name: ibm-mas-aibroker - namespace: "{{ .Values.aibroker_namespace }}" + name: ibm-aiservice + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "148" argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true spec: channel: "{{ .Values.mas_app_channel }}" installPlanApproval: Automatic - name: ibm-mas-aibroker + name: ibm-aiservice source: "{{ .Values.mas_catalog_source }}" sourceNamespace: openshift-marketplace \ No newline at end of file diff --git a/instance-applications/113-ibm-aiservice/templates/09-aiservice-app.yaml b/instance-applications/113-ibm-aiservice/templates/09-aiservice-app.yaml new file mode 100644 index 000000000..452503d4e --- /dev/null +++ b/instance-applications/113-ibm-aiservice/templates/09-aiservice-app.yaml @@ -0,0 +1,47 @@ +--- +apiVersion: apps.mas.ibm.com/v1 +kind: AIServiceApp +metadata: + name: "{{ .Values.aiservice_instance_id }}" + namespace: "{{ .Values.aiservice_namespace }}" + labels: + mas.ibm.com/applicationId: aiservice + mas.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" + app.kubernetes.io/instance: "{{ .Values.aiservice_instance_id }}" + annotations: + argocd.argoproj.io/sync-wave: "149" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + settings: + icr: + cp: "{{ .Values.mas_icr_cp }}" + cpopen: "{{ .Values.mas_icr_cpopen }}" + dro: + url: "{{ .Values.drocfg_url }}" + dro_token_secret: "{{ .Values.drocfg_registration_key }}" + ca: "{{ .Values.drocfg_ca_tenant }}" + jdbc: + url: "{{ .Values.jdbccfg_url }}" + credentials_secret: "{{ .Values.mas_aiservice_db2_jdbc_secret }}" + ca: "{{ .Values.jdbccfg_ca }}" + cluster_domain: "{{ .Values.cluster_domain }}" + in_saas_env: "{{ .Values.in_saas_env }}" + is_external_route: "{{ .Values.is_external_route }}" + + minio: + host: "{{ .Values.mas_aiservice_storage_host }}" + port: "{{ .Values.mas_aiservice_storage_port }}" + credentials_secret: "{{ .Values.mas_aiservice_storage_secret }}" + mariadb: + host: "{{ .Values.mas_aiservice_db_host }}" + port: "{{ .Values.mas_aiservice_db_port }}" + credentials_secret: "{{ .Values.mas_aiservice_mariadb_secret }}" + database_name: "{{ .Values.mas_aiservice_db_secret_name }}" + # Optional shared S3 config. Tenant-level config takes precedence over this + # + s3: + bucketPrefix: "{{ .Values.mas_aiservice_s3_bucket_prefix }}" + region: "{{ .Values.mas_aiservice_s3_region }}" + endpointUrl: "{{ .Values.mas_aiservice_s3_endpoint_url }}" + environment_type: "{{ .Values.environment_type }}" + use_aws_db2: true \ No newline at end of file diff --git a/instance-applications/113-ibm-aiservice/values.yaml b/instance-applications/113-ibm-aiservice/values.yaml new file mode 100644 index 000000000..0d1d327da --- /dev/null +++ b/instance-applications/113-ibm-aiservice/values.yaml @@ -0,0 +1,85 @@ +--- +mas_instance_id: "sremat" +aiservice_namespace: 'mas-{{ mas_instance_id }}-aiservice' +aiservice_instance_id: "AISERVICE_INSTANCE_ID" + +# Minio +mas_aiservice_minio_secret: "{{ mas_app_id }}-miniocfg" + +# MariaDB +mas_aiservice_mariadb_secret: "{{ mas_app_id }}-mariadbcfg" +mas_aiservice_db_user: "MAS_AISERVICE_DB_USER" +mas_aiservice_db_secret_value: "MAS_AISERVICE_DB_SECRET_VALUE" + +# WatsonX +mas_aiservice_watsonx_secret: "{{ mas_app_id }}-watsonxcfg" +mas_aiservice_watsonxai_apikey: "MAS_AISERVICE_WATSONXAI_APIKEY" +mas_aiservice_watsonxai_url: "MAS_AISERVICE_WATSONXAI_URL" +mas_aiservice_watsonxai_project_id: "MAS_AISERVICE_WATSONXAI_PROJECT_ID" + + +# S3 +s3_apikey: "S3_APIKEY" +mas_aiservice_storage_accesskey: "true" +mas_aiservice_storage_secretkey: "MAS_AISERVICE_STORAGE_SECRETKEY" + +mas_aiservice_storage_host: "true" +mas_aiservice_storage_port: "true" + +# SLS +mas_aiservice_sls_registration_key_secret: "sls-registration-key" + + +mas_aiservice_db_host: "MAS_AISERVICE_DB_HOST" +mas_aiservice_db_port: "MAS_AISERVICE_DB_PORT" +mas_aiservice_db_secret_name: "MAS_AISERVICE_DB_SECRET_NAME" + +# Bucket names +mas_aiservice_storage_pipelines_bucket: "MAS_AISERVICE_STORAGE_PIPELINES_BUCKET" +mas_aiservice_storage_tenants_bucket: "MAS_AISERVICE_STORAGE_TENANTS_BUCKET" +mas_aiservice_storage_templates_bucket: "MAS_AISERVICE_STORAGE_TEMPLATES_BUCKET" + +slscfg_registration_key: "slscfg_registration_key" + +# DRO +mas_aiservice_dro_token_secret: "dro-token" +mas_aiservice_dro_cacert_secret: "dro-certificates" + +drocfg_ca: "ca.crt" +drocfg_registration_key: "DRO_TOKEN" +drocfg_url: "drocfg_url" + +# JDBC +mas_aiservice_db2_jdbc_secret: "aiservice-jdbccfg" + +jdbccfg_username: "username" +jdbccfg_password: "password" +jdbccfg_url: "url" +jdbccfg_sslenabled: "sslenabled" +jdbccfg_ca: "ca" + + +# MAS Entitlement +mas_entitlement_username: "cp" +mas_entitlement_key: "MAS_ENTITLEMENT_KEY" + +# Development Registry Entitlement +artifactory_username: "ARTIFACTORY_USERNAME" +artifactory_token: "ARTIFACTORY_TOKEN" + +# Environment Variable: +mas_app_channel: "mas_app_channel" + +# aiservice vars +mas_catalog_source: "MAS_CATALOG_SOURCE" + +# Source container registry +# ----------------------------------------------------------------------------- +mas_icr_cp: "cp.icr.io/cp" +mas_icr_cpopen: "icr.io/cpopen" + +cluster_domain: "_cluster_dns.resources[0].spec.baseDomain" +in_saas_env: "false" + +#TENANT +mas_aiservice_tenant_name: "aiservice-{{ mas_aiservice_tenant_name }}" \ No newline at end of file diff --git a/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml b/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml index 19481a32a..601587e3f 100644 --- a/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml +++ b/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml @@ -4,33 +4,33 @@ kind: Secret type: Opaque metadata: name: km-s3-secret - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "161" - {{- if eq .Values.mas_aibroker_storage_provider "aws" }} - serving.kserve.io/s3-endpoint: "{{ .Values.mas_aibroker_storage_host }}" - {{- else if eq .Values.mas_aibroker_storage_provider "minio" }} - serving.kserve.io/s3-endpoint: "{{ .Values.mas_aibroker_storage_host }}:{{ .Values.mas_aibroker_storage_port }}" + {{- if eq .Values.mas_aiservice_storage_provider "aws" }} + serving.kserve.io/s3-endpoint: "{{ .Values.mas_aiservice_storage_host }}" + {{- else if eq .Values.mas_aiservice_storage_provider "minio" }} + serving.kserve.io/s3-endpoint: "{{ .Values.mas_aiservice_storage_host }}:{{ .Values.mas_aiservice_storage_port }}" {{- end }} - {{- if eq .Values.mas_aibroker_storage_ssl "false" }} + {{- if eq .Values.mas_aiservice_storage_ssl "false" }} serving.kserve.io/s3-usehttps: "0" {{- else }} serving.kserve.io/s3-usehttps: "1" {{- end }} - {{- if and (eq .Values.mas_aibroker_storage_provider "minio") (not .Values.mas_aibroker_storage_region | empty) }} - serving.kserve.io/s3-region: "{{ .Values.mas_aibroker_storage_region }}" + {{- if and (eq .Values.mas_aiservice_storage_provider "minio") (not .Values.mas_aiservice_storage_region | empty) }} + serving.kserve.io/s3-region: "{{ .Values.mas_aiservice_storage_region }}" {{- end }} stringData: - AWS_ACCESS_KEY_ID: "{{ .Values.mas_aibroker_storage_accesskey}}" - AWS_SECRET_ACCESS_KEY: "{{ .Values.mas_aibroker_storage_secretkey}}" - S3_ACCESS_KEY: "{{ .Values.mas_aibroker_storage_accesskey}}" - S3_SECRET_KEY: "{{ .Values.mas_aibroker_storage_secretkey}}" - S3_HOST: "{{ .Values.mas_aibroker_storage_host}}" - {{- if eq .Values.mas_aibroker_storage_provider "minio" }} - S3_PORT: "{{ .Values.mas_aibroker_storage_port}}" + AWS_ACCESS_KEY_ID: "{{ .Values.mas_aiservice_storage_accesskey}}" + AWS_SECRET_ACCESS_KEY: "{{ .Values.mas_aiservice_storage_secretkey}}" + S3_ACCESS_KEY: "{{ .Values.mas_aiservice_storage_accesskey}}" + S3_SECRET_KEY: "{{ .Values.mas_aiservice_storage_secretkey}}" + S3_HOST: "{{ .Values.mas_aiservice_storage_host}}" + {{- if eq .Values.mas_aiservice_storage_provider "minio" }} + S3_PORT: "{{ .Values.mas_aiservice_storage_port}}" {{- else }} S3_PORT: "" {{- end }} - S3_REGION: "{{ .Values.mas_aibroker_storage_region}}" - S3_SSL: "{{ .Values.mas_aibroker_storage_ssl}}" + S3_REGION: "{{ .Values.mas_aiservice_storage_region}}" + S3_SSL: "{{ .Values.mas_aiservice_storage_ssl}}" diff --git a/instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml b/instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml index d2edfaacb..2017acc47 100644 --- a/instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml +++ b/instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml @@ -3,7 +3,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: km-instance - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "164" spec: @@ -23,7 +23,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: ds-pipelines-km-instance - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "165" spec: diff --git a/instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml b/instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml index 6efdbe42d..e702ef0fa 100644 --- a/instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml +++ b/instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml @@ -3,13 +3,13 @@ apiVersion: v1 kind: ConfigMap metadata: name: km-store - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "169" labels: app: km-store data: - STORE_BUCKET: "{{ .Values.mas_aibroker_storage_templates_bucket }}" + STORE_BUCKET: "{{ .Values.mas_aiservice_storage_templates_bucket }}" # Certificate files folder (default: /etc/ssl/certs) CERTS_PATH: "/etc/ssl/certs" # Private key (default: tls.key) @@ -24,7 +24,7 @@ apiVersion: v1 kind: Service metadata: name: km-store - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "170" spec: @@ -41,7 +41,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: km-store - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "171" labels: @@ -68,7 +68,7 @@ spec: volumes: - name: ssh-key secret: - secretName: "{{ .Values.aibroker_internal_tls }}" + secretName: "{{ .Values.aiservice_internal_tls }}" - name: workspace-volume emptyDir: {} imagePullSecrets: diff --git a/instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml b/instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml index c98984f3b..6aacf8f8f 100644 --- a/instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml +++ b/instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: km-watcher - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "172" --- @@ -11,7 +11,7 @@ kind: Role apiVersion: rbac.authorization.k8s.io/v1 metadata: name: km-watcher-role - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "173" rules: @@ -28,13 +28,13 @@ kind: RoleBinding apiVersion: rbac.authorization.k8s.io/v1 metadata: name: km-watcher-binding - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "174" subjects: - kind: ServiceAccount name: km-watcher - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" roleRef: apiGroup: rbac.authorization.k8s.io kind: Role @@ -45,22 +45,22 @@ apiVersion: v1 kind: ConfigMap metadata: name: km-watcher - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "175" labels: app: km-watcher data: EXCLUDE_TENANTS: provision-tenant - TENANTS_BUCKET: {{ .Values.mas_aibroker_storage_tenants_bucket }} - PIPELINES: "{{ .Values.aibroker_namespace }}" + TENANTS_BUCKET: {{ .Values.mas_aiservice_storage_tenants_bucket }} + PIPELINES: "{{ .Values.aiservice_namespace }}" --- apiVersion: v1 kind: Service metadata: name: km-watcher - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "176" spec: @@ -77,7 +77,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: km-watcher - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "177" labels: diff --git a/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml b/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml index 7c0f640ed..62f56d6e5 100644 --- a/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml +++ b/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml @@ -3,20 +3,20 @@ apiVersion: v1 kind: ConfigMap metadata: name: km-controller - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "178" labels: app: km-controller data: - CONTAINER_REGISTRY: "{{ .Values.mas_icr_cp }}/aibroker" - PIPELINES_BUCKET: "{{ .Values.mas_aibroker_storage_pipelines_bucket }}" - TENANTS_BUCKET: "{{ .Values.mas_aibroker_storage_tenants_bucket }}" + CONTAINER_REGISTRY: "{{ .Values.mas_icr_cp }}/aiservice" + PIPELINES_BUCKET: "{{ .Values.mas_aiservice_storage_pipelines_bucket }}" + TENANTS_BUCKET: "{{ .Values.mas_aiservice_storage_tenants_bucket }}" DOCKER_SECRETS_NAME: "ibm-entitlement" CONNECTOR_IMAGE_PREFIX: '' PIPELINE_STEP_IMAGE_PREFIX: '' - PIPELINE_DEFAULT_STEP_TAG: "{{ .Values.mas_aibroker_pipeline_steps_tag }}" - DEFAULT_TENANTS: "{{ .Values.mas_aibroker_provision_tenant }}" + PIPELINE_DEFAULT_STEP_TAG: "{{ .Values.mas_aiservice_pipeline_steps_tag }}" + DEFAULT_TENANTS: "{{ .Values.mas_aiservice_provision_tenant }}" PIPELINE_DEPLOYMENT_MODE: raw PLATFORM: openshift PVC_STORAGE_CLASS_NAME: "{{ .Values.primary_storage_class }}" @@ -30,7 +30,7 @@ apiVersion: v1 kind: Service metadata: name: km-controller - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "179" spec: @@ -47,7 +47,7 @@ apiVersion: v1 kind: PersistentVolumeClaim metadata: name: km-controller-pvc - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "180" spec: @@ -64,7 +64,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: km-controller - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "181" @@ -73,7 +73,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: km-controller - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "182" labels: @@ -97,7 +97,7 @@ spec: emptyDir: {} - name: ssh-key secret: - secretName: "{{ .Values.aibroker_internal_tls }}" + secretName: "{{ .Values.aiservice_internal_tls }}" imagePullSecrets: - name: "{{ .Values.pullSecretName }}" containers: diff --git a/instance-applications/114-ibm-kmodels/values.yaml b/instance-applications/114-ibm-kmodels/values.yaml index caa8a79f0..59c406cab 100644 --- a/instance-applications/114-ibm-kmodels/values.yaml +++ b/instance-applications/114-ibm-kmodels/values.yaml @@ -1,42 +1,42 @@ --- run_sync_hooks: true mas_instance_id: "sremat" -aibroker_internal_tls: "{{ mas_instance_id }}-internal-aibroker-tls" -aibroker_namespace: "mas-sremat-aibroker" +aiservice_internal_tls: "{{ mas_instance_id }}-internal-aiservice-tls" +aiservice_namespace: "mas-sremat-aiservice" -mas_aibroker_storage_provider: "aws" -mas_aibroker_storage_ssl: "false" +mas_aiservice_storage_provider: "aws" +mas_aiservice_storage_ssl: "false" # following are the variable need to injected via environment variable -mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" -mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" -mas_aibroker_storage_host: "mas_aibroker_storage_host" -mas_aibroker_storage_port: "mas_aibroker_storage_port" -mas_aibroker_storage_region: "mas_aibroker_storage_region" +mas_aiservice_storage_accesskey: "mas_aiservice_storage_accesskey" +mas_aiservice_storage_secretkey: "mas_aiservice_storage_secretkey" +mas_aiservice_storage_host: "mas_aiservice_storage_host" +mas_aiservice_storage_port: "mas_aiservice_storage_port" +mas_aiservice_storage_region: "mas_aiservice_storage_region" -ssh_secret_name: "sremat-kmodel-aibroker-tls" +ssh_secret_name: "sremat-kmodel-aiservice-tls" ssh_secret_password: "sremat" # vars file for kmodels pullSecretName: "ibm-entitlement" -docker_server: "MAS_ICR_CP/aibroker" +docker_server: "MAS_ICR_CP/aiservice" -tenantNamespace: "aibroker-MAS_AIBROKER_TENANT_NAME" -# mas_aibroker_provision_tenant: "MAS_AIBROKER_PROVISION_TENANT" +tenantNamespace: "aiservice-MAS_AISERVICE_TENANT_NAME" +# mas_aiservice_provision_tenant: "MAS_AISERVICE_PROVISION_TENANT" primary_storage_class: "PRIMARY_STORAGE_CLASS" # Bucket names -mas_aibroker_storage_templates_bucket: "MAS_AIBROKER_STORAGE_TEMPLATES_BUCKET" -mas_aibroker_storage_tenants_bucket: "MAS_AIBROKER_STORAGE_TENANTS_BUCKET" -mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" +mas_aiservice_storage_templates_bucket: "MAS_AISERVICE_STORAGE_TEMPLATES_BUCKET" +mas_aiservice_storage_tenants_bucket: "MAS_AISERVICE_STORAGE_TENANTS_BUCKET" +mas_aiservice_storage_pipelines_bucket: "mas_aiservice_storage_pipelines_bucket" #container images -image_store: "MAS_ICR_CP/aibroker/store:1.0.2" -image_watcher: "MAS_ICR_CP/aibroker/watcher:1.0.2-pre.dev10x" -image_controller: "MAS_ICR_CP/aibroker/controller:1.0.2-pre.dev10x" +image_store: "MAS_ICR_CP/aiservice/store:1.0.2" +image_watcher: "MAS_ICR_CP/aiservice/watcher:1.0.2-pre.dev10x" +image_controller: "MAS_ICR_CP/aiservice/controller:1.0.2-pre.dev10x" -mas_aibroker_pipeline_steps_tag: 1.0.0 -mas_aibroker_connector_tag: 1.0.0 +mas_aiservice_pipeline_steps_tag: 1.0.0 +mas_aiservice_connector_tag: 1.0.0 # model # model_id_unique_length: "8" diff --git a/instance-applications/115-ibm-aibroker-tenant/README.md b/instance-applications/115-ibm-aibroker-tenant/README.md deleted file mode 100644 index 6ebd88b32..000000000 --- a/instance-applications/115-ibm-aibroker-tenant/README.md +++ /dev/null @@ -1,3 +0,0 @@ -IBM Aibroker Tenant -=============================================================================== -Deploy and configure aibroker tenant with configurable version \ No newline at end of file diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/00-aibroker-tenent-namespace.yaml b/instance-applications/115-ibm-aibroker-tenant/templates/00-aibroker-tenent-namespace.yaml deleted file mode 100644 index f52cf4072..000000000 --- a/instance-applications/115-ibm-aibroker-tenant/templates/00-aibroker-tenent-namespace.yaml +++ /dev/null @@ -1,53 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: "{{ .Values.tenantNamespace }}" - annotations: - argocd.argoproj.io/sync-wave: "289" - ---- -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: km-s3-secret - namespace: "{{ .Values.tenantNamespace }}" - annotations: - argocd.argoproj.io/sync-wave: "299" - {{- if eq .Values.mas_aibroker_storage_provider "aws" }} - serving.kserve.io/s3-endpoint: "{{ .Values.mas_aibroker_storage_host }}" - {{- else if eq .Values.mas_aibroker_storage_provider "minio" }} - serving.kserve.io/s3-endpoint: "{{ .Values.mas_aibroker_storage_host }}:{{ .Values.mas_aibroker_storage_port }}" - {{- end }} - {{- if eq .Values.mas_aibroker_storage_ssl "false" }} - serving.kserve.io/s3-usehttps: "0" - {{- else }} - serving.kserve.io/s3-usehttps: "1" - {{- end }} - {{- if and (eq .Values.mas_aibroker_storage_provider "minio") (not .Values.mas_aibroker_storage_region | empty) }} - serving.kserve.io/s3-region: "{{ .Values.mas_aibroker_storage_region }}" - {{- end }} -stringData: - AWS_ACCESS_KEY_ID: "{{ .Values.mas_aibroker_storage_accesskey}}" - AWS_SECRET_ACCESS_KEY: "{{ .Values.mas_aibroker_storage_secretkey}}" - S3_ACCESS_KEY: "{{ .Values.mas_aibroker_storage_accesskey}}" - S3_SECRET_KEY: "{{ .Values.mas_aibroker_storage_secretkey}}" - S3_HOST: "{{ .Values.mas_aibroker_storage_host}}" - S3_PORT: "{{ .Values.mas_aibroker_storage_port}}" - S3_REGION: "{{ .Values.mas_aibroker_storage_region}}" - S3_SSL: "{{ .Values.mas_aibroker_storage_ssl}}" - ---- - -kind: Secret -apiVersion: v1 -metadata: - name: ibm-entitlement - namespace: "{{ .Values.tenantNamespace }}" - annotations: - argocd.argoproj.io/sync-wave: "300" -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: "{{ .Values.artifactory_token}}" - diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/04-aibroker-s3-secret.yaml b/instance-applications/115-ibm-aibroker-tenant/templates/04-aibroker-s3-secret.yaml deleted file mode 100644 index c178a9c01..000000000 --- a/instance-applications/115-ibm-aibroker-tenant/templates/04-aibroker-s3-secret.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -metadata: - name: "{{ .Values.tenantNamespace }}----s3-secret" - namespace: "{{ .Values.aibroker_namespace }}" - {{- if .Values.custom_labels }} - labels: - {{- range $key, $val := .Values.custom_labels }} - {{ $key | quote }}: {{ $val | quote }} - {{- end }} - {{- end }} - annotations: - argocd.argoproj.io/sync-wave: "304" -type: Opaque -stringData: - ACCESS-KEY: "{{ .Values.mas_aibroker_storage_accesskey }}" - SECRET-KEY: "{{ .Values.mas_aibroker_storage_secretkey }}" - {{- if eq .Values.mas_aibroker_storage_provider "aws" }} - URL: "{{ .Values.mas_aibroker_storage_host }}" - {{- else if eq .Values.mas_aibroker_storage_provider "minio" }} - URL: "http://{{ .Values.mas_aibroker_storage_host }}:{{ .Values.mas_aibroker_storage_port }}" - {{- end }} - REGION: "{{ .Values.mas_aibroker_storage_region }}" diff --git a/instance-applications/115-ibm-aibroker-tenant/Chart.yaml b/instance-applications/115-ibm-aiservice-tenant/Chart.yaml similarity index 77% rename from instance-applications/115-ibm-aibroker-tenant/Chart.yaml rename to instance-applications/115-ibm-aiservice-tenant/Chart.yaml index 276ee7e13..186b9bb20 100644 --- a/instance-applications/115-ibm-aibroker-tenant/Chart.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/Chart.yaml @@ -1,6 +1,6 @@ apiVersion: v2 -name: ibm-aibroker-tenant -description: IBM AIBROKER TENANT +name: ibm-aiservice-tenant +description: IBM AISERVICE TENANT type: application version: 1.0.0 diff --git a/instance-applications/115-ibm-aiservice-tenant/README.md b/instance-applications/115-ibm-aiservice-tenant/README.md new file mode 100644 index 000000000..cce5f7143 --- /dev/null +++ b/instance-applications/115-ibm-aiservice-tenant/README.md @@ -0,0 +1,3 @@ +IBM AISERVICE Tenant +=============================================================================== +Deploy and configure aiservice tenant with configurable version \ No newline at end of file diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace.yaml new file mode 100644 index 000000000..314245efa --- /dev/null +++ b/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace.yaml @@ -0,0 +1,53 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: "{{ .Values.tenantNamespace }}" + annotations: + argocd.argoproj.io/sync-wave: "289" + +--- +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: km-s3-secret + namespace: "{{ .Values.tenantNamespace }}" + annotations: + argocd.argoproj.io/sync-wave: "299" + {{- if eq .Values.mas_aiservice_storage_provider "aws" }} + serving.kserve.io/s3-endpoint: "{{ .Values.mas_aiservice_storage_host }}" + {{- else if eq .Values.mas_aiservice_storage_provider "minio" }} + serving.kserve.io/s3-endpoint: "{{ .Values.mas_aiservice_storage_host }}:{{ .Values.mas_aiservice_storage_port }}" + {{- end }} + {{- if eq .Values.mas_aiservice_storage_ssl "false" }} + serving.kserve.io/s3-usehttps: "0" + {{- else }} + serving.kserve.io/s3-usehttps: "1" + {{- end }} + {{- if and (eq .Values.mas_aiservice_storage_provider "minio") (not .Values.mas_aiservice_storage_region | empty) }} + serving.kserve.io/s3-region: "{{ .Values.mas_aiservice_storage_region }}" + {{- end }} +stringData: + AWS_ACCESS_KEY_ID: "{{ .Values.mas_aiservice_storage_accesskey}}" + AWS_SECRET_ACCESS_KEY: "{{ .Values.mas_aiservice_storage_secretkey}}" + S3_ACCESS_KEY: "{{ .Values.mas_aiservice_storage_accesskey}}" + S3_SECRET_KEY: "{{ .Values.mas_aiservice_storage_secretkey}}" + S3_HOST: "{{ .Values.mas_aiservice_storage_host}}" + S3_PORT: "{{ .Values.mas_aiservice_storage_port}}" + S3_REGION: "{{ .Values.mas_aiservice_storage_region}}" + S3_SSL: "{{ .Values.mas_aiservice_storage_ssl}}" + +--- + +kind: Secret +apiVersion: v1 +metadata: + name: ibm-entitlement + namespace: "{{ .Values.tenantNamespace }}" + annotations: + argocd.argoproj.io/sync-wave: "300" +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: "{{ .Values.artifactory_token}}" + diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/01-aibroker-sls-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml similarity index 72% rename from instance-applications/115-ibm-aibroker-tenant/templates/01-aibroker-sls-secret.yaml rename to instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml index 7e1ee6818..70a1ae14d 100644 --- a/instance-applications/115-ibm-aibroker-tenant/templates/01-aibroker-sls-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml @@ -3,12 +3,12 @@ apiVersion: v1 kind: Secret metadata: name: "{{ .Values.tenantNamespace }}----sls-secret" - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "301" labels: - mas.ibm.com/applicationId: aibroker - mas.ibm.com/instanceId: "{{ .Values.aibroker_instance_id }}" + mas.ibm.com/applicationId: aiservice + mas.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" {{- if .Values.custom_labels }} {{- range $key, $val := .Values.custom_labels }} {{ $key | quote }}: {{ $val | quote }} diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/02-aibroker-rsl-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml similarity index 82% rename from instance-applications/115-ibm-aibroker-tenant/templates/02-aibroker-rsl-secret.yaml rename to instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml index 0ba45edfa..532ba1731 100644 --- a/instance-applications/115-ibm-aibroker-tenant/templates/02-aibroker-rsl-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml @@ -7,8 +7,8 @@ metadata: name: "{{ .Values.tenantNamespace }}----rsl-secret" namespace: "{{ .Values.tenantNamespace }}" labels: - mas.ibm.com/applicationId: aibroker - mas.ibm.com/instanceId: "{{ .Values.aibroker_instance_id }}" + mas.ibm.com/applicationId: aiservice + mas.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" {{- if .Values.custom_labels }} {{- range $key, $value := .Values.custom_labels }} {{ $key | quote }}: {{ $value | quote }} diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/03-aibroker-dro-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml similarity index 71% rename from instance-applications/115-ibm-aibroker-tenant/templates/03-aibroker-dro-secret.yaml rename to instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml index 9d5676e1d..9cfc1e1e8 100644 --- a/instance-applications/115-ibm-aibroker-tenant/templates/03-aibroker-dro-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml @@ -3,10 +3,10 @@ apiVersion: v1 kind: Secret metadata: name: "{{ .Values.tenantNamespace }}----dro-secret" - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" labels: - mas.ibm.com/applicationId: aibroker - mas.ibm.com/instanceId: "{{ .Values.aibroker_instance_id }}" + mas.ibm.com/applicationId: aiservice + mas.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" {{- if .Values.custom_labels }} {{- range $key, $val := .Values.custom_labels }} {{ $key | quote }}: {{ $val | quote }} diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/04-aiservice-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/04-aiservice-s3-secret.yaml new file mode 100644 index 000000000..14e61b1e7 --- /dev/null +++ b/instance-applications/115-ibm-aiservice-tenant/templates/04-aiservice-s3-secret.yaml @@ -0,0 +1,24 @@ +--- +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Values.tenantNamespace }}----s3-secret" + namespace: "{{ .Values.aiservice_namespace }}" + {{- if .Values.custom_labels }} + labels: + {{- range $key, $val := .Values.custom_labels }} + {{ $key | quote }}: {{ $val | quote }} + {{- end }} + {{- end }} + annotations: + argocd.argoproj.io/sync-wave: "304" +type: Opaque +stringData: + ACCESS-KEY: "{{ .Values.mas_aiservice_storage_accesskey }}" + SECRET-KEY: "{{ .Values.mas_aiservice_storage_secretkey }}" + {{- if eq .Values.mas_aiservice_storage_provider "aws" }} + URL: "{{ .Values.mas_aiservice_storage_host }}" + {{- else if eq .Values.mas_aiservice_storage_provider "minio" }} + URL: "http://{{ .Values.mas_aiservice_storage_host }}:{{ .Values.mas_aiservice_storage_port }}" + {{- end }} + REGION: "{{ .Values.mas_aiservice_storage_region }}" diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/05-aibroker-wx.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml similarity index 64% rename from instance-applications/115-ibm-aibroker-tenant/templates/05-aibroker-wx.yaml rename to instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml index 28b74c246..3d3d4f591 100644 --- a/instance-applications/115-ibm-aibroker-tenant/templates/05-aibroker-wx.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml @@ -3,7 +3,7 @@ apiVersion: v1 kind: Secret metadata: name: "{{ .Values.tenantNamespace }}----wx-secret" - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" {{- if .Values.custom_labels }} labels: {{- range $key, $val := .Values.custom_labels }} @@ -14,9 +14,9 @@ metadata: argocd.argoproj.io/sync-wave: "305" type: Opaque stringData: - wx_apikey: "{{ .Values.mas_aibroker_watsonxai_apikey }}" - wx_url: "{{ .Values.mas_aibroker_watsonxai_url }}" - wx_project_id: "{{ .Values.mas_aibroker_watsonxai_project_id }}" + wx_apikey: "{{ .Values.mas_aiservice_watsonxai_apikey }}" + wx_url: "{{ .Values.mas_aiservice_watsonxai_url }}" + wx_project_id: "{{ .Values.mas_aiservice_watsonxai_project_id }}" # Copy secrets to tenant namespace @@ -36,6 +36,6 @@ metadata: argocd.argoproj.io/sync-wave: "306" type: Opaque stringData: - wx_apikey: "{{ .Values.mas_aibroker_watsonxai_apikey }}" - wx_url: "{{ .Values.mas_aibroker_watsonxai_url }}" - wx_project_id: "{{ .Values.mas_aibroker_watsonxai_project_id }}" + wx_apikey: "{{ .Values.mas_aiservice_watsonxai_apikey }}" + wx_url: "{{ .Values.mas_aiservice_watsonxai_url }}" + wx_project_id: "{{ .Values.mas_aiservice_watsonxai_project_id }}" diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/06-aibroker-workspace.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml similarity index 70% rename from instance-applications/115-ibm-aibroker-tenant/templates/06-aibroker-workspace.yaml rename to instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml index b4d6d1993..1bb9e605c 100644 --- a/instance-applications/115-ibm-aibroker-tenant/templates/06-aibroker-workspace.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml @@ -1,14 +1,14 @@ --- apiVersion: apps.mas.ibm.com/v1 -kind: AiBrokerWorkspace +kind: AIServiceTenant metadata: name: "{{ .Values.tenantNamespace }}" - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "307" labels: - mas.ibm.com/applicationId: "aibroker" - mas.ibm.com/instanceId: "{{ .Values.aibroker_instance_id }}" + mas.ibm.com/applicationId: "aiservice" + mas.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" {{- if .Values.custom_labels }} {{- range $key, $val := .Values.custom_labels }} {{ $key | quote }}: {{ $val | quote }} @@ -35,19 +35,19 @@ spec: orgId: "{{ .Values.rsl_org_id }}" secretName: "{{ .Values.tenantNamespace }}----rsl-secret" watsonxai: - url: "{{ .Values.mas_aibroker_watsonxai_url }}" + url: "{{ .Values.mas_aiservice_watsonxai_url }}" secretName: "{{ .Values.tenantNamespace }}----wx-secret" - project_id: "{{ .Values.mas_aibroker_watsonxai_project_id }}" + project_id: "{{ .Values.mas_aiservice_watsonxai_project_id }}" tenant: tenant_id: "{{ .Values.tenantNamespace }}" - subscription_id: "{{ .Values.mas_aibroker_sls_subscription_id }}" - instance_id: "{{ .Values.aibroker_instance_id }}" + subscription_id: "{{ .Values.mas_aiservice_sls_subscription_id }}" + instance_id: "{{ .Values.aiservice_instance_id }}" entitlement: type: "{{ .Values.tenant_entitlement_type }}" startDate: "{{ .Values.tenant_entitlement_start_date }}" endDate: "{{ .Values.tenant_entitlement_end_date }}" s3: - region: "{{ .Values.mas_aibroker_s3_region }}" - bucketPrefix: "{{ .Values.mas_aibroker_s3_bucket_prefix }}" - endpointUrl: "{{ .Values.mas_aibroker_s3_endpoint_url }}" + region: "{{ .Values.mas_aiservice_s3_region }}" + bucketPrefix: "{{ .Values.mas_aiservice_s3_bucket_prefix }}" + endpointUrl: "{{ .Values.mas_aiservice_s3_endpoint_url }}" secretName: "{{ .Values.tenantNamespace }}----s3-secret" \ No newline at end of file diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/07-aibroker-ingress-allow-isvc.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/07-aiservice-ingress-allow-isvc.yaml similarity index 100% rename from instance-applications/115-ibm-aibroker-tenant/templates/07-aibroker-ingress-allow-isvc.yaml rename to instance-applications/115-ibm-aiservice-tenant/templates/07-aiservice-ingress-allow-isvc.yaml diff --git a/instance-applications/115-ibm-aibroker-tenant/templates/08-aibroker-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml similarity index 82% rename from instance-applications/115-ibm-aibroker-tenant/templates/08-aibroker-postsyncjob.yaml rename to instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index 0962c6865..d7c250602 100644 --- a/instance-applications/115-ibm-aibroker-tenant/templates/08-aibroker-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -42,7 +42,7 @@ apiVersion: v1 kind: ServiceAccount metadata: name: postsync-manage-aiservice-job - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "309" @@ -51,7 +51,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: postsync-manage-aiservice-job-role - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "310" rules: @@ -63,13 +63,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: postsync-manage-aiservice-job-rolebinding - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "311" subjects: - kind: ServiceAccount name: postsync-manage-aiservice-job - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" roleRef: kind: Role name: postsync-manage-aiservice-job-role @@ -79,7 +79,7 @@ apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: name: allow-postsync-manage-ai-tenant-job - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "312" spec: @@ -95,7 +95,7 @@ apiVersion: batch/v1 kind: Job metadata: name: {{ $_job_name }} - namespace: "{{ .Values.aibroker_namespace }}" + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "313" labels: @@ -123,18 +123,18 @@ spec: value: "{{ .Values.account_id }}" - name: CLUSTER_ID value: "{{ .Values.cluster_id }}" - - name: AIBROKER_INSTANCE_ID - value: "{{ .Values.aibroker_instance_id }}" + - name: AISERVICE_INSTANCE_ID + value: "{{ .Values.aiservice_instance_id }}" - name: SECRETS_KEY_SEPERATOR value: "/" - - name: AIBROKER_TENANT + - name: AISERVICE_TENANT value: "{{ .Values.tenantNamespace }}" - name: SM_AWS_REGION - value: "{{ .Values.mas_aibroker_storage_region }}" + value: "{{ .Values.mas_aiservice_storage_region }}" - name: SM_AWS_ACCESS_KEY_ID - value: "{{ .Values.mas_aibroker_storage_accesskey }}" + value: "{{ .Values.mas_aiservice_storage_accesskey }}" - name: SM_AWS_SECRET_ACCESS_KEY - value: "{{ .Values.mas_aibroker_storage_secretkey }}" + value: "{{ .Values.mas_aiservice_storage_secretkey }}" - name: AVP_TYPE value: "aws" command: @@ -143,33 +143,33 @@ spec: - | set -e SECRETS_KEY_SEPERATOR="/" - SECRET_NAME_AISERVICE=${ACCOUNT_ID}/${CLUSTER_ID}/${AIBROKER_INSTANCE_ID}/${AIBROKER_TENANT} + SECRET_NAME_AISERVICE=${ACCOUNT_ID}/${CLUSTER_ID}/${AISERVICE_INSTANCE_ID}/${AISERVICE_TENANT} echo "================================================================================" echo "Account Id ....................... ${ACCOUNT_ID}" echo "Cluster Id ....................... ${CLUSTER_ID}" - echo "AIBROKER Instance Id ............. ${AIBROKER_INSTANCE_ID}" + echo "AISERVICE Instance Id ............. ${AISERVICE_INSTANCE_ID}" echo "SM_AWS_REGION .................... ${SM_AWS_REGION}" echo "SM_AWS_ACCESS_KEY_ID ............ ${SM_AWS_ACCESS_KEY_ID:0:4}" echo "SM_AWS_SECRET_ACCESS_KEY ........ ${SM_AWS_SECRET_ACCESS_KEY:0:4}" echo "SECRET_NAME_AISERVICE ........... ${SECRET_NAME_AISERVICE}" echo "================================================================================" - echo "Retrieve AIBroker API Key for tenant: ${AIBROKER_TENANT}" + echo "Retrieve AISERVICE API Key for tenant: ${AISERVICE_TENANT}" echo "================================================================================" - AIBROKER_APIKEY_SECRET=$(oc get secret ${AIBROKER_TENANT}----apikey-secret -n mas-${AIBROKER_INSTANCE_ID}-aibroker -o jsonpath="{.data.AIBROKER_APIKEY}" | base64 --decode) + AISERVICE_APIKEY_SECRET=$(oc get secret ${AISERVICE_TENANT}----apikey-secret -n mas-${AISERVICE_INSTANCE_ID}-aiservice -o jsonpath="{.data.AISERVICE_APIKEY}" | base64 --decode) - if [ -z "$AIBROKER_APIKEY_SECRET" ]; then - echo "AIBROKER_APIKEY_SECRET is empty" + if [ -z "$AISERVICE_APIKEY_SECRET" ]; then + echo "AISERVICE_APIKEY_SECRET is empty" exit 1 fi - echo "AIBROKER_APIKEY_SECRET = ${AIBROKER_APIKEY_SECRET:0:4}" + echo "AISERVICE_APIKEY_SECRET = ${AISERVICE_APIKEY_SECRET:0:4}" source /mascli/functions/gitops_utils sm_login TAGS="[{\"Key\": \"source\", \"Value\": \"mas-ai-service\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" - sm_update_secret ${SECRET_NAME_AISERVICE} "{ \"aibroker_apikey\": \"${AIBROKER_APIKEY_SECRET}\" }" "${TAGS}" || exit $? + sm_update_secret ${SECRET_NAME_AISERVICE} "{ \"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\" }" "${TAGS}" || exit $? volumes: - name: postsync-manage-aiservice secret: diff --git a/instance-applications/115-ibm-aibroker-tenant/values.yaml b/instance-applications/115-ibm-aiservice-tenant/values.yaml similarity index 100% rename from instance-applications/115-ibm-aibroker-tenant/values.yaml rename to instance-applications/115-ibm-aiservice-tenant/values.yaml diff --git a/main.py b/main.py index 62c4e1cc1..4dce3c601 100644 --- a/main.py +++ b/main.py @@ -70,7 +70,7 @@ def instance_root_chart(): env.macro(instance_root_chart) def tenant_root_chart(): - return gitops_repo_dir_link("root-applications/ibm-aibroker-tenant-root", "Tenant Root Chart") + return gitops_repo_dir_link("root-applications/ibm-aiservice-tenant-root", "Tenant Root Chart") env.macro(tenant_root_chart) @@ -82,11 +82,11 @@ def instance_root_app_set(): return gitops_repo_file_link("root-applications/ibm-mas-cluster-root/templates/099-instance-appset.yaml", "Instance Root Application Set") env.macro(instance_root_app_set) - def aibroker_instance_root_app_set(): - return gitops_repo_file_link("root-applications/ibm-mas-cluster-root/templates/099-aibroker-instance-appset.yaml", "AiBroker Instance Root Application Set") - env.macro(aibroker_instance_root_app_set) + def aiservice_instance_root_app_set(): + return gitops_repo_file_link("root-applications/ibm-mas-cluster-root/templates/099-aiservice-instance-appset.yaml", "AIService Instance Root Application Set") + env.macro(aiservice_instance_root_app_set) - def aibroker_tenant_root_app_set(): - return gitops_repo_file_link("root-applications/ibm-aibroker-instance-root/templates/070-aibroker-tenant-appset.yaml", "AiBroker Tenant Root Application Set") - env.macro(aibroker_tenant_root_app_set) + def aiservice_tenant_root_app_set(): + return gitops_repo_file_link("root-applications/ibm-aiservice-instance-root/templates/070-aiservice-tenant-appset.yaml", "AIService Tenant Root Application Set") + env.macro(aiservice_tenant_root_app_set) diff --git a/root-applications/ibm-aibroker-instance-root/templates/040-ibm-aibroker-app.yaml b/root-applications/ibm-aibroker-instance-root/templates/040-ibm-aibroker-app.yaml deleted file mode 100644 index 7951919b1..000000000 --- a/root-applications/ibm-aibroker-instance-root/templates/040-ibm-aibroker-app.yaml +++ /dev/null @@ -1,129 +0,0 @@ -{{- if not (empty .Values.ibm_aibroker) }} ---- -# IBM Maximo aibroker -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: aibroker.{{ .Values.cluster.id }}.{{ .Values.instance.id }} - namespace: {{ .Values.argo.namespace }} - labels: - environment: '{{ .Values.account.id }}' - region: '{{ .Values.region.id }}' - cluster: '{{ .Values.cluster.id }}' - instance: '{{ .Values.instance.id }}' - annotations: - argocd.argoproj.io/sync-wave: "040" - healthCheckTimeout: "1800" - {{- if and .Values.notifications .Values.notifications.slack_channel_id }} - notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} - notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} - {{- end }} - finalizers: - - resources-finalizer.argocd.argoproj.io -spec: - project: "{{ .Values.argo.projects.apps }}" - destination: - server: {{ .Values.cluster.url }} - namespace: "{{ .Values.ibm_aibroker.aibroker_namespace }}" - source: - repoURL: "{{ .Values.source.repo_url }}" - path: instance-applications/113-ibm-aibroker - targetRevision: "{{ .Values.source.revision }}" - plugin: - name: {{ .Values.avp.name }} - env: - - name: {{ .Values.avp.values_varname }} - value: | - aibroker_namespace: "{{ .Values.ibm_aibroker.aibroker_namespace }}" - aibroker_instance_id: "{{ .Values.ibm_aibroker.aibroker_instance_id }}" - - mas_aibroker_storage_secret: "{{ .Values.ibm_aibroker.mas_aibroker_storage_secret }}" - mas_aibroker_mariadb_secret: "{{ .Values.ibm_aibroker.mas_aibroker_mariadb_secret }}" - mas_aibroker_db_user: "{{ .Values.ibm_aibroker.mas_aibroker_db_user }}" - mas_aibroker_db_secret_value: "{{ .Values.ibm_aibroker.mas_aibroker_db_secret_value }}" - - mas_aibroker_watsonx_secret: "{{ .Values.ibm_aibroker.mas_aibroker_watsonx_secret }}" - mas_aibroker_watsonxai_apikey: "{{ .Values.ibm_aibroker.mas_aibroker_watsonxai_apikey }}" - mas_aibroker_watsonxai_url: "{{ .Values.ibm_aibroker.mas_aibroker_watsonxai_url }}" - mas_aibroker_watsonxai_project_id: "{{ .Values.ibm_aibroker.mas_aibroker_watsonxai_project_id }}" - - s3_apikey: "{{ .Values.ibm_aibroker.s3_apikey }}" - mas_aibroker_storage_accesskey: "{{ .Values.ibm_aibroker.mas_aibroker_storage_accesskey }}" - mas_aibroker_storage_secretkey: "{{ .Values.ibm_aibroker.mas_aibroker_storage_secretkey }}" - - mas_aibroker_storage_host: "{{ .Values.ibm_aibroker.mas_aibroker_storage_host }}" - mas_aibroker_storage_port: "{{ .Values.ibm_aibroker.mas_aibroker_storage_port }}" - - mas_aibroker_sls_registration_key_secret: "{{ .Values.ibm_aibroker.mas_aibroker_sls_registration_key_secret }}" - slscfg_registration_key: "{{ .Values.ibm_aibroker.slscfg_registration_key }}" - - mas_aibroker_db_host: "{{ .Values.ibm_aibroker.mas_aibroker_db_host }}" - mas_aibroker_db_port: "{{ .Values.ibm_aibroker.mas_aibroker_db_port }}" - mas_aibroker_db_secret_name: "{{ .Values.ibm_aibroker.mas_aibroker_db_secret_name }}" - - mas_aibroker_storage_pipelines_bucket: "{{ .Values.ibm_aibroker.mas_aibroker_storage_pipelines_bucket }}" - mas_aibroker_storage_tenants_bucket: "{{ .Values.ibm_aibroker.mas_aibroker_storage_tenants_bucket }}" - mas_aibroker_storage_templates_bucket: "{{ .Values.ibm_aibroker.mas_aibroker_storage_templates_bucket }}" - - mas_aibroker_dro_token_secret: "{{ .Values.ibm_aibroker.mas_aibroker_dro_token_secret }}" - mas_aibroker_dro_cacert_secret: "{{ .Values.ibm_aibroker.mas_aibroker_dro_cacert_secret }}" - - drocfg_ca: "{{ .Values.ibm_aibroker.drocfg_ca }}" - drocfg_ca_tenant: "{{ .Values.ibm_aibroker.drocfg_ca_tenant }}" - drocfg_registration_key: "{{ .Values.ibm_aibroker.drocfg_registration_key }}" - drocfg_url: "{{ .Values.ibm_aibroker.drocfg_url }}" - mas_aibroker_db2_jdbc_secret: "{{ .Values.ibm_aibroker.mas_aibroker_db2_jdbc_secret }}" - - jdbccfg_username: "{{ .Values.ibm_aibroker.jdbccfg_username }}" - jdbccfg_password: "{{ .Values.ibm_aibroker.jdbccfg_password }}" - jdbccfg_url: "{{ .Values.ibm_aibroker.jdbccfg_url }}" - jdbccfg_sslenabled: "{{ .Values.ibm_aibroker.jdbccfg_sslenabled }}" - jdbccfg_ca: "{{ .Values.ibm_aibroker.jdbccfg_ca }}" - - mas_entitlement_username: "{{ .Values.ibm_aibroker.mas_entitlement_username }}" - mas_entitlement_key: "{{ .Values.ibm_aibroker.mas_entitlement_key }}" - artifactory_username: "{{ .Values.ibm_aibroker.artifactory_username }}" - artifactory_token: "{{ .Values.ibm_aibroker.artifactory_token }}" - mas_app_channel: "{{ .Values.ibm_aibroker.mas_app_channel }}" - - mas_catalog_source: "{{ .Values.ibm_aibroker.mas_catalog_source }}" - - mas_icr_cp: "{{ .Values.ibm_aibroker.mas_icr_cp }}" - mas_icr_cpopen: "{{ .Values.ibm_aibroker.mas_icr_cpopen }}" - in_saas_env: "{{ .Values.ibm_aibroker.in_saas_env }}" - is_external_route: "{{ .Values.ibm_aibroker.is_external_route }}" - cluster_domain: "{{ .Values.ibm_aibroker.cluster_domain }}" - environment_type: "{{ .Values.ibm_aibroker.environment_type }}" - mas_aibroker_s3_endpoint_url: "{{ .Values.ibm_aibroker.mas_aibroker_s3_endpoint_url }}" - mas_aibroker_s3_region: "{{ .Values.ibm_aibroker.mas_aibroker_s3_region }}" - mas_aibroker_s3_bucket_prefix: "{{ .Values.ibm_aibroker.mas_aibroker_s3_bucket_prefix }}" - - - junitreporter: - reporter_name: "ibm-aibroker-{{ .Values.instance.id }}" - cluster_id: "{{ .Values.cluster.id }}" - devops_mongo_uri: "{{ .Values.devops.mongo_uri }}" - devops_build_number: "{{ .Values.devops.build_number }}" - gitops_version: "{{ .Values.source.revision }}" - - name: ARGOCD_APP_NAME - value: aibrokerapp - {{- if not (empty .Values.avp.secret) }} - - name: AVP_SECRET - value: {{ .Values.avp.secret }} - {{- end }} - syncPolicy: - automated: - {{- if .Values.auto_delete }} - prune: true - {{- end }} - selfHeal: true - retry: - limit: 20 - syncOptions: - - CreateNamespace=true - managedNamespaceMetadata: - labels: -{{- if .Values.custom_labels }} -{{ .Values.custom_labels | toYaml | indent 8 }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/root-applications/ibm-aibroker-instance-root/values.yaml b/root-applications/ibm-aibroker-instance-root/values.yaml deleted file mode 100644 index 59b5bef53..000000000 --- a/root-applications/ibm-aibroker-instance-root/values.yaml +++ /dev/null @@ -1,326 +0,0 @@ ---- - -avp: - name: "argocd-vault-plugin-helm" - secret: "" - values_varname: "HELM_VALUES" - -account: - id: dev - -cluster: - id: cluster1 - -region: - id: region1 - -instance: - id: inst1 - -tenant: - id: tenant1 - -generator: - repo_url: xxxx - -source: - repo_url: "https://github.com/ibm-mas/gitops" - revision: "poc" - -# Customers will definitely need to customise this (our gitops-envs/mas-dev repos are private), -# So deliberately not specifying defaults here; we want charts to refuse to render if these are not specified -# Both of these correspond to requirement arguments of the gitops-bootstrap CLI function (--github-url and --github-revision) -# generator: -# repo_url: "" -# revision: "" - -# These defaults align with the ArgoCD worker setup by gitops-bootstrap -# (openshift-gitops with a single ArgoCD project "mas") -argo: - namespace: "openshift-gitops" - projects: - rootapps: "mas" - apps: "mas" - - -auto_delete: false - -sm: - aws_access_key_id: xxxx - -run_sanity_test: false - -devops: - mongo_uri: - build_number: - -ibm_minio: - minio_namespace: "minio_namespace" - minio_instance_name: "minio" - minio_root_user: "minio" - minio_root_password: "" - minio_storage_class: "default" - minio_storage_size: "40Gi" - minio_image: "quay.io/minio/minio:latest" - - -ibm_odh: - openshift_namespace: "openshift-operators" - odh_pipeline_channel: "latest" - odh_pipeline_installplan: "Automatic" - service_mesh_namespace: "openshift-serverless" - service_mesh_channel: "stable" - service_mesh_catalog_source: "redhat-operators" - serverless_channel: "stable" - authorino_catalog_source: "community-operators" - odh_channel: "fast" - odh_catalog_source: "community-operators" - odh_operator_version: "opendatahub-operator.v2.11.1" - #Odh_Pipeline_operator - odh_pipeline_name: "openshift-pipelines-operator" - odh_pipeline_namespace: "openshift-operators" - odh_pipeline_operatorName: "openshift-pipelines-operator-rh" - odh_pipeline_source: "redhat_operators" - odh_pipeline_sourceNamespace: "openshift_marketplace" - - #Serverless Operator - serverless_namespace: "openshift-serverless" - serverless_operator_name: "serverless-operator" - serverless_operator_source: "redhat-operators" - serverless_operator_sourceNamespace: "openshift-marketplace" - - #opendatahub Operator - opendatahub_OperatorGroup_name: "opendatahub-operator-group" - opendatahub_name: "opendatahub-operator" - opendatahub_namespace: "opendatahub" - opendatahub_installPlanApproval: "Manual" - opendatahub_channel: "fast" - opendatahub_source: "community-operators" - opendatahub__sourceNamespace: "openshift-marketplace" - - aibroker_namespace: "mas_sremat_aibroker" - pull_secret_name: "ibm_entitlement" - mas_aibroker_storage_provider: "minio" - mas_aibroker_storage_accesskey: "" - mas_aibroker_storage_secretkey: "" - mas_aibroker_storage_host: "mas_aibroker_storage_host" - mas_aibroker_storage_port: "mas_aibroker_storage_port" - mas_aibroker_storage_ssl: "mas_aibroker_storage_ssl" - mas_aibroker_storage_region: "mas_aibroker_storage_region" - - # MariaDB - mas_aibroker_db_host: "mas_aibroker_db_host" - mas_aibroker_db_port: "mas_aibroker_db_port" - mas_aibroker_db_user: "mas_aibroker_db_user" - mas_aibroker_db_database: "mas_aibroker_db_database" - - mas_aibroker_db_secret_key: "mas_aibroker_db_secret_key" - mas_aibroker_db_secret_name: "mas_aibroker_db_secret_name" - mas_aibroker_db_secret_value: "mas_aibroker_db_secret_value" - - mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" - primary_storage_class: "nfs-client" - - -ibm_kmodel: - aibroker_instance_id: "aibroker_instance_id" - aibroker_internal_tls: "aibroker_internal_tls" - aibroker_namespace: "mas-sremat-aibroker" - - mas_aibroker_storage_provider: "minio" - mas_aibroker_storage_ssl: "false" - - openshift_namespace: "openshift-operators" - run_sync_hooks: true - - - # following are the variable need to injected via environment variable - mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" - mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" - mas_aibroker_storage_host: "mas_aibroker_storage_host" - mas_aibroker_storage_port: "mas_aibroker_storage_port" - mas_aibroker_storage_region: "mas_aibroker_storage_region" - ssh_secret_name: "sremat-kmodel-aibroker-tls" - # vars file for kmodels - pullSecretName: "pullSecretName" - docker_server: "MAS_ICR_CP/aibroker" - tenantNamespace: "aibroker-MAS_AIBROKER_TENANT_NAME" - # mas_aibroker_provision_tenant: "MAS_AIBROKER_PROVISION_TENANT" - primary_storage_class: "PRIMARY_STORAGE_CLASS" - # Bucket names - mas_aibroker_storage_templates_bucket: "mas_aibroker_storage_templates_bucket" - mas_aibroker_storage_tenants_bucket: "mas_aibroker_storage_tenants_bucket" - mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" - #container images - image_store: "MAS_ICR_CP/aibroker/store:1.0.2" - image_watcher: "MAS_ICR_CP/aibroker/watcher:1.0.2-pre.dev10x" - image_controller: "MAS_ICR_CP/aibroker/controller:1.0.2-pre.dev10x" - mas_aibroker_pipeline_steps_tag: 1.0.0 - mas_aibroker_connector_tag: 1.0.0 - - # model - # model_id_unique_length: "model_id_unique_length" - # model_id_prefix: "model_id_prefix" - - # Source container registry - # ----------------------------------------------------------------------------- - # mas_icr_cp: "cp.icr.io/cp" - mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" - -ibm_aibroker: - aibroker_instance_id: aibroker_instance_id - aibroker_namespace: 'mas-{{ aibroker_instance_id }}-aibroker' - mas_aibroker_storage_secret: "mas_aibroker_storage_secret" - # Minio - mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" - mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" - # MariaDB - mas_aibroker_mariadb_secret: "mas_aibroker_mariadb_secret" - mas_aibroker_db_user: "mas_aibroker_db_user" - mas_aibroker_db_secret_value: "mas_aibroker_db_secret_value" - - # WatsonX - mas_aibroker_watsonx_secret: "mas_aibroker_watsonx_secret" - mas_aibroker_watsonxai_apikey: "MAS_AIBROKER_WATSONXAI_APIKEY" - mas_aibroker_watsonxai_url: "MAS_AIBROKER_WATSONXAI_URL" - mas_aibroker_watsonxai_project_id: "MAS_AIBROKER_WATSONXAI_PROJECT_ID" - - # S3 - s3_apikey: "S3_APIKEY" - mas_aibroker_storage_accesskey: "true" - mas_aibroker_storage_secretkey: "MAS_AIBROKER_STORAGE_SECRETKEY" - - mas_aibroker_storage_host: "true" - mas_aibroker_storage_port: "true" - - # SLS - mas_aibroker_sls_registration_key_secret: "sls-registration-key" - - mas_aibroker_db_host: "mas_aibroker_db_host" - mas_aibroker_db_port: "mas_aibroker_db_port" - mas_aibroker_db_secret_name: "mas_aibroker_db_secret_name" - - # Bucket names - mas_aibroker_storage_pipelines_bucket: "MAS_AIBROKER_STORAGE_PIPELINES_BUCKET" - mas_aibroker_storage_tenants_bucket: "mas_aibroker_storage_tenants_bucket" - mas_aibroker_storage_templates_bucket: "MAS_AIBROKER_STORAGE_TEMPLATES_BUCKET" - - slscfg_registration_key: "slscfg_registration_key" - - # DRO - mas_aibroker_dro_token_secret: "dro-token" - mas_aibroker_dro_cacert_secret: "dro-certificates" - - drocfg_ca: "drocfg_ca" - drocfg_registration_key: "drocfg_registration_key" - drocfg_url: "drocfg_url" - - - # JDBC - mas_aibroker_db2_jdbc_secret: "aibroker-jdbccfg" - - jdbccfg_username: "jdbccfg_username" - jdbccfg_password: "jdbccfg_password" - jdbccfg_url: "jdbccfg_url" - jdbccfg_sslenabled: "jdbccfg_sslenabled" - jdbccfg_ca: "jdbccfg_ca" - - # MAS Entitlement - #mas_entitlement_username: "cp" - mas_entitlement_username: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" - mas_entitlement_key: "mas_entitlement_key" - - # Development Registry Entitlement - artifactory_username: "artifactory_username" - artifactory_token: "artifactory_token" - - # Environment Variable: - mas_app_channel: "mas_app_channel" - - # aibroker vars - mas_catalog_source: "mas_catalog_source" - - # Source container registry - # ----------------------------------------------------------------------------- - # mas_icr_cp: "cp.icr.io/cp" - # mas_icr_cpopen: "icr.io/cpopen" - mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" - mas_icr_cpopen: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local/cpopen" - - cluster_domain: cluster_domain - in_saas_env: "in_saas_env" - route_type: "route_type" - mas_aibroker_s3_endpoint_url: "mas_aibroker_s3_endpoint_url" - mas_aibroker_s3_region: "mas_aibroker_s3_region" - mas_aibroker_s3_bucket_prefix: "mas_aibroker_s3_bucket_prefix" - environment_type: "environment_type" - -ibm_aibroker_tenant: - aibroker_instance_id: aibroker_instance_id - aibroker_namespace: 'mas-{{ aibroker_instance_id }}-aibroker' - ibm_entitlement_key: "" - openshift_namespace: "openshift-operators" - # SAAS - aibroker_saas_apikey: "AIBROKER_SAAS_APIKEY" - # in_saas_env: "true" - mas_aibroker_saas: "false" - mas_aibroker_provision_tenant: "mas_aibroker_provision_tenant" - - # Tenant - artifactory_token: "artifactory_token" - mas_aibroker_tenant_name: "user" - tenant_action: "true" - tenantNamespace: 'aibroker-{{ mas_aibroker_tenant_name }}' - - # cluster_domain: "" - mas_icr_cp: "cp.icr.io/cp" - mas_icr_cpopen: "icr.io/cpopen" - - # DRO - # mas_aibroker_dro_token_secret: "dro-token" - mas_aibroker_dro_cacert_secret: "dro-certificates" - - drocfg_ca: "drocfg_ca" - drocfg_registration_key: "drocfg_registration_key" - drocfg_url: "drocfg_url" - - #sls - slscfg_registration_key: "slscfg_registration_key" - slscfg_url: "slscfg_url" - # slscfg_clientId: "slscfg_clientId" - # slscfg_ca: "slscfg_ca" - # slscfg_tls: "slscfg_tls" - # slscfg_key: "slscfg_key" - #RSL ##review - rsl_url: "rsl_url" - rsl_org_id: "rsl_org_id" - mas_aibroker_rsl_secret: "mas_aibroker_rsl_secret" - - - # WatsonX - mas_aibroker_watsonxai_apikey: MAS_AIBROKER_WATSONXAI_APIKEY - mas_aibroker_watsonxai_url: MAS_AIBROKER_WATSONXAI_URL - mas_aibroker_watsonxai_project_id: MAS_AIBROKER_WATSONXAI_PROJECT_ID - - # SLS - #mas_aibroker_sls_registration_key_secret: "sls-registration-key" - mas_aibroker_sls_subscription_id: "001" - - # S3 - mas_aibroker_storage_provider: "aws" - mas_aibroker_storage_ssl: "true" - # following are the variable need to injected via environment variable - mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" - mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" - mas_aibroker_storage_host: "mas_aibroker_storage_host" - mas_aibroker_storage_port: "mas_aibroker_storage_port" - mas_aibroker_storage_region: "mas_aibroker_storage_region" - - # mas_aibroker_storage_pipelines_bucket: "aibrokeruser-training-bucket" - mas_aibroker_s3_endpoint_url: "MAS_AIBROKER_TENANT_S3_ENDPOINT_URL" - mas_aibroker_s3_region: "MAS_AIBROKER_TENANT_S3_REGION" - mas_aibroker_s3_bucket_prefix: "MAS_AIBROKER_TENANT_S3_BUCKET_PREFIX" - - tenant_entitlement_type: "MAS_AIBROKER_TENANT_ENTITLEMENT_TYPE" - tenant_entitlement_start_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_START_DATE" - tenant_entitlement_end_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_END_DATE" diff --git a/root-applications/ibm-aibroker-tenant-root/Chart.yaml b/root-applications/ibm-aibroker-tenant-root/Chart.yaml deleted file mode 100644 index 1ed6c0ab2..000000000 --- a/root-applications/ibm-aibroker-tenant-root/Chart.yaml +++ /dev/null @@ -1,5 +0,0 @@ -apiVersion: v2 -name: ibm-aibroker-tenant-root -description: IBM AIBroker tenant root -type: application -version: 1.0.0 diff --git a/root-applications/ibm-aibroker-tenant-root/README.md b/root-applications/ibm-aibroker-tenant-root/README.md deleted file mode 100644 index f63a00c8e..000000000 --- a/root-applications/ibm-aibroker-tenant-root/README.md +++ /dev/null @@ -1,3 +0,0 @@ -IBM AIBroker Tenant Root Application -=============================================================================== -Installs various ArgoCD Applications for managing instance-level AIBroker dependencies (e.g. Minio, ODH etc) and AIBroker Applications (e.g. kmodel, aibroker-tenant etc) on the target cluster. \ No newline at end of file diff --git a/root-applications/ibm-aibroker-tenant-root/templates/100-ibm-aibroker-tenant-app.yaml b/root-applications/ibm-aibroker-tenant-root/templates/100-ibm-aibroker-tenant-app.yaml deleted file mode 100644 index 81ed31e81..000000000 --- a/root-applications/ibm-aibroker-tenant-root/templates/100-ibm-aibroker-tenant-app.yaml +++ /dev/null @@ -1,135 +0,0 @@ -{{- if not (empty .Values.ibm_aibroker_tenant) }} ---- -# IBM Maximo aibroker-tenant -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: aibroker-tenant.{{ .Values.cluster.id }}.{{ .Values.instance.id }}.{{ .Values.tenant.id }} - namespace: {{ .Values.argo.namespace }} - labels: - environment: '{{ .Values.account.id }}' - region: '{{ .Values.region.id }}' - cluster: '{{ .Values.cluster.id }}' - instance: '{{ .Values.instance.id }}' - tenant: '{{ .Values.tenant.id }}' - annotations: - argocd.argoproj.io/sync-wave: "100" - healthCheckTimeout: "1800" - {{- if and .Values.notifications .Values.notifications.slack_channel_id }} - notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} - notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} - {{- end }} - finalizers: - - resources-finalizer.argocd.argoproj.io -spec: - project: "{{ .Values.argo.projects.apps }}" - destination: - server: {{ .Values.cluster.url }} - namespace: "{{ .Values.ibm_aibroker_tenant.aibroker_namespace }}" - source: - repoURL: "{{ .Values.source.repo_url }}" - path: instance-applications/115-ibm-aibroker-tenant - targetRevision: "{{ .Values.source.revision }}" - plugin: - name: {{ .Values.avp.name }} - env: - - name: {{ .Values.avp.values_varname }} - value: | - tenant_id: "{{ .Values.ibm_aibroker_tenant.tenant_id }}" - aibroker_instance_id: "{{ .Values.ibm_aibroker_tenant.aibroker_instance_id }}" - aibroker_namespace: "{{ .Values.ibm_aibroker_tenant.aibroker_namespace }}" - ibm_entitlement_key: "{{ .Values.ibm_aibroker_tenant.ibm_entitlement_key }}" - account_id: "{{ .Values.account.id }}" - region_id: "{{ .Values.region.id }}" - cluster_id: "{{ .Values.cluster.id }}" - # SAAS - aibroker_saas_apikey: "{{ .Values.ibm_aibroker_tenant.aibroker_saas_apikey }}" - # in_saas_env: "{{ .Values.ibm_aibroker_tenant.in_saas_env }}" - mas_aibroker_saas: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_saas }}" - mas_aibroker_provision_tenant: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_provision_tenant }}" - - # Tenant - artifactory_token: "{{ .Values.ibm_aibroker_tenant.artifactory_token }}" - mas_aibroker_tenant_name: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_tenant_name }}" - tenant_action: "{{ .Values.ibm_aibroker_tenant.tenant_action }}" - tenantNamespace: "{{ .Values.ibm_aibroker_tenant.tenantNamespace }}" - - # cluster_domain: "{{ .Values.ibm_aibroker_tenant.cluster_domain }}" - mas_icr_cp: "{{ .Values.ibm_aibroker_tenant.mas_icr_cp }}" - mas_icr_cpopen: "{{ .Values.ibm_aibroker_tenant.mas_icr_cpopen }}" - - # DRO - # mas_aibroker_dro_token_secret: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_dro_token_secret }}" - mas_aibroker_dro_cacert_secret: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_dro_cacert_secret }}" - - drocfg_ca: "{{ .Values.ibm_aibroker_tenant.drocfg_ca }}" - drocfg_registration_key: "{{ .Values.ibm_aibroker_tenant.drocfg_registration_key }}" - drocfg_url: "{{ .Values.ibm_aibroker_tenant.drocfg_url }}" - - #sls - slscfg_registration_key: "{{ .Values.ibm_aibroker_tenant.slscfg_registration_key }}" - slscfg_url: "{{ .Values.ibm_aibroker_tenant.slscfg_url }}" - # slscfg_clientId: "{{ .Values.ibm_aibroker_tenant.slscfg_clientId }}" - slscfg_ca: "{{ .Values.ibm_aibroker_tenant.slscfg_ca }}" - slscfg_ca_tenant: "{{ .Values.ibm_aibroker_tenant.slscfg_ca_tenant }}" - # slscfg_tls: "{{ .Values.ibm_aibroker_tenant.slscfg_tls }}" - # slscfg_key: "{{ .Values.ibm_aibroker_tenant.slscfg_key }}" - - # WatsonX - mas_aibroker_watsonxai_apikey: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_watsonxai_apikey }}" - mas_aibroker_watsonxai_url: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_watsonxai_url }}" - mas_aibroker_watsonxai_project_id: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_watsonxai_project_id }}" - - # SLS - mas_aibroker_sls_subscription_id: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_sls_subscription_id }}" - - #rsl - rsl_url: "{{ .Values.ibm_aibroker_tenant.rsl_url }}" - rsl_org_id: "{{ .Values.ibm_aibroker_tenant.rsl_org_id }}" - rsl_token: "{{ .Values.ibm_aibroker_tenant.rsl_token }}" - - # S3 - mas_aibroker_storage_provider: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_provider }}" - mas_aibroker_storage_ssl: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_ssl }}" - mas_aibroker_storage_accesskey: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_accesskey }}" - mas_aibroker_storage_secretkey: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_secretkey }}" - mas_aibroker_storage_host: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_host }}" - mas_aibroker_storage_port: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_port }}" - mas_aibroker_storage_region: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_region }}" - # mas_aibroker_storage_pipelines_bucket: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_storage_pipelines_bucket }}" - mas_aibroker_s3_endpoint_url: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_s3_endpoint_url }}" - mas_aibroker_s3_region: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_s3_region }}" - mas_aibroker_s3_bucket_prefix: "{{ .Values.ibm_aibroker_tenant.mas_aibroker_s3_bucket_prefix }}" - tenant_entitlement_type: "{{ .Values.ibm_aibroker_tenant.tenant_entitlement_type }}" - tenant_entitlement_start_date: "{{ .Values.ibm_aibroker_tenant.tenant_entitlement_start_date }}" - tenant_entitlement_end_date: "{{ .Values.ibm_aibroker_tenant.tenant_entitlement_end_date }}" - - - junitreporter: - reporter_name: "ibm-aibroker-tenant-{{ .Values.instance.id }}" - cluster_id: "{{ .Values.cluster.id }}" - devops_mongo_uri: "{{ .Values.devops.mongo_uri }}" - devops_build_number: "{{ .Values.devops.build_number }}" - gitops_version: "{{ .Values.source.revision }}" - - name: ARGOCD_APP_NAME - value: aibrokertenantapp - {{- if not (empty .Values.avp.secret) }} - - name: AVP_SECRET - value: {{ .Values.avp.secret }} - {{- end }} - syncPolicy: - automated: - {{- if .Values.auto_delete }} - prune: true - {{- end }} - selfHeal: true - retry: - limit: 20 - syncOptions: - - CreateNamespace=true - managedNamespaceMetadata: - labels: -{{- if .Values.custom_labels }} -{{ .Values.custom_labels | toYaml | indent 8 }} -{{- end }} -{{- end }} \ No newline at end of file diff --git a/root-applications/ibm-aibroker-tenant-root/values.yaml b/root-applications/ibm-aibroker-tenant-root/values.yaml deleted file mode 100644 index 046d341b5..000000000 --- a/root-applications/ibm-aibroker-tenant-root/values.yaml +++ /dev/null @@ -1,323 +0,0 @@ ---- - -avp: - name: "argocd-vault-plugin-helm" - secret: "" - values_varname: "HELM_VALUES" - -account: - id: dev - -cluster: - id: cluster1 - -region: - id: region1 - -instance: - id: inst1 - -tenant: - id: aibroker-tenant01 - -source: - repo_url: "https://github.com/ibm-mas/gitops" - revision: "poc" - -# Customers will definitely need to customise this (our gitops-envs/mas-dev repos are private), -# So deliberately not specifying defaults here; we want charts to refuse to render if these are not specified -# Both of these correspond to requirement arguments of the gitops-bootstrap CLI function (--github-url and --github-revision) -# generator: -# repo_url: "" -# revision: "" - -# These defaults align with the ArgoCD worker setup by gitops-bootstrap -# (openshift-gitops with a single ArgoCD project "mas") -argo: - namespace: "openshift-gitops" - projects: - rootapps: "mas" - apps: "mas" - - -auto_delete: false - -sm: - aws_access_key_id: xxxx - -run_sanity_test: false - -devops: - mongo_uri: - build_number: - -ibm_minio: - minio_namespace: "minio_namespace" - minio_instance_name: "minio" - minio_root_user: "minio" - minio_root_password: "" - minio_storage_class: "default" - minio_storage_size: "40Gi" - minio_image: "quay.io/minio/minio:latest" - - -ibm_odh: - openshift_namespace: "openshift-operators" - odh_pipeline_channel: "latest" - odh_pipeline_installplan: "Automatic" - service_mesh_namespace: "openshift-serverless" - service_mesh_channel: "stable" - service_mesh_catalog_source: "redhat-operators" - serverless_channel: "stable" - authorino_catalog_source: "community-operators" - odh_channel: "fast" - odh_catalog_source: "community-operators" - odh_operator_version: "opendatahub-operator.v2.11.1" - #Odh_Pipeline_operator - odh_pipeline_name: "openshift-pipelines-operator" - odh_pipeline_namespace: "openshift-operators" - odh_pipeline_operatorName: "openshift-pipelines-operator-rh" - odh_pipeline_source: "redhat_operators" - odh_pipeline_sourceNamespace: "openshift_marketplace" - - #Serverless Operator - serverless_namespace: "openshift-serverless" - serverless_operator_name: "serverless-operator" - serverless_operator_source: "redhat-operators" - serverless_operator_sourceNamespace: "openshift-marketplace" - - #opendatahub Operator - opendatahub_OperatorGroup_name: "opendatahub-operator-group" - opendatahub_name: "opendatahub-operator" - opendatahub_namespace: "opendatahub" - opendatahub_installPlanApproval: "Manual" - opendatahub_channel: "fast" - opendatahub_source: "community-operators" - opendatahub__sourceNamespace: "openshift-marketplace" - - aibroker_namespace: "mas_sremat_aibroker" - pull_secret_name: "ibm_entitlement" - mas_aibroker_storage_provider: "minio" - mas_aibroker_storage_accesskey: "" - mas_aibroker_storage_secretkey: "" - mas_aibroker_storage_host: "mas_aibroker_storage_host" - mas_aibroker_storage_port: "mas_aibroker_storage_port" - mas_aibroker_storage_ssl: "mas_aibroker_storage_ssl" - mas_aibroker_storage_region: "mas_aibroker_storage_region" - - # MariaDB - mas_aibroker_db_host: "mas_aibroker_db_host" - mas_aibroker_db_port: "mas_aibroker_db_port" - mas_aibroker_db_user: "mas_aibroker_db_user" - mas_aibroker_db_database: "mas_aibroker_db_database" - - mas_aibroker_db_secret_key: "mas_aibroker_db_secret_key" - mas_aibroker_db_secret_name: "mas_aibroker_db_secret_name" - mas_aibroker_db_secret_value: "mas_aibroker_db_secret_value" - - mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" - primary_storage_class: "nfs-client" - - -ibm_kmodel: - mas_instance_id: "mas_instance_id" - aibroker_internal_tls: "aibroker_internal_tls" - aibroker_namespace: "mas-sremat-aibroker" - - mas_aibroker_storage_provider: "minio" - mas_aibroker_storage_ssl: "false" - - openshift_namespace: "openshift-operators" - run_sync_hooks: true - - - # following are the variable need to injected via environment variable - mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" - mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" - mas_aibroker_storage_host: "mas_aibroker_storage_host" - mas_aibroker_storage_port: "mas_aibroker_storage_port" - mas_aibroker_storage_region: "mas_aibroker_storage_region" - ssh_secret_name: "sremat-kmodel-aibroker-tls" - # vars file for kmodels - pullSecretName: "pullSecretName" - docker_server: "MAS_ICR_CP/aibroker" - tenantNamespace: "aibroker-MAS_AIBROKER_TENANT_NAME" - # mas_aibroker_provision_tenant: "MAS_AIBROKER_PROVISION_TENANT" - primary_storage_class: "PRIMARY_STORAGE_CLASS" - # Bucket names - mas_aibroker_storage_templates_bucket: "mas_aibroker_storage_templates_bucket" - mas_aibroker_storage_tenants_bucket: "mas_aibroker_storage_tenants_bucket" - mas_aibroker_storage_pipelines_bucket: "mas_aibroker_storage_pipelines_bucket" - #container images - image_store: "MAS_ICR_CP/aibroker/store:1.0.2" - image_watcher: "MAS_ICR_CP/aibroker/watcher:1.0.2-pre.dev10x" - image_controller: "MAS_ICR_CP/aibroker/controller:1.0.2-pre.dev10x" - mas_aibroker_pipeline_steps_tag: 1.0.0 - mas_aibroker_connector_tag: 1.0.0 - - # model - # model_id_unique_length: "model_id_unique_length" - # model_id_prefix: "model_id_prefix" - - # Source container registry - # ----------------------------------------------------------------------------- - # mas_icr_cp: "cp.icr.io/cp" - mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" - -ibm_aibroker: - mas_instance_id: "mas_instance_id" - aibroker_namespace: 'mas-{{ mas_instance_id }}-aibroker' - mas_aibroker_minio_secret: "mas_aibroker_minio_secret" - # Minio - mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" - mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" - # MariaDB - mas_aibroker_mariadb_secret: "mas_aibroker_mariadb_secret" - mas_aibroker_db_user: "mas_aibroker_db_user" - mas_aibroker_db_secret_value: "mas_aibroker_db_secret_value" - - # WatsonX - mas_aibroker_watsonx_secret: "mas_aibroker_watsonx_secret" - mas_aibroker_watsonxai_apikey: "MAS_AIBROKER_WATSONXAI_APIKEY" - mas_aibroker_watsonxai_url: "MAS_AIBROKER_WATSONXAI_URL" - mas_aibroker_watsonxai_project_id: "MAS_AIBROKER_WATSONXAI_PROJECT_ID" - - # S3 - s3_apikey: "S3_APIKEY" - mas_aibroker_storage_accesskey: "true" - mas_aibroker_storage_secretkey: "MAS_AIBROKER_STORAGE_SECRETKEY" - - mas_aibroker_storage_host: "true" - mas_aibroker_storage_port: "true" - - # SLS - mas_aibroker_sls_registration_key_secret: "sls-registration-key" - - mas_aibroker_db_host: "mas_aibroker_db_host" - mas_aibroker_db_port: "mas_aibroker_db_port" - mas_aibroker_db_secret_name: "mas_aibroker_db_secret_name" - - # Bucket names - mas_aibroker_storage_pipelines_bucket: "MAS_AIBROKER_STORAGE_PIPELINES_BUCKET" - mas_aibroker_storage_tenants_bucket: "mas_aibroker_storage_tenants_bucket" - mas_aibroker_storage_templates_bucket: "MAS_AIBROKER_STORAGE_TEMPLATES_BUCKET" - - slscfg_registration_key: "slscfg_registration_key" - - # DRO - mas_aibroker_dro_token_secret: "dro-token" - mas_aibroker_dro_cacert_secret: "dro-certificates" - - drocfg_ca: "drocfg_ca" - drocfg_registration_key: "drocfg_registration_key" - drocfg_url: "drocfg_url" - - - # JDBC - mas_aibroker_db2_jdbc_secret: "aibroker-jdbccfg" - - jdbccfg_username: "jdbccfg_username" - jdbccfg_password: "jdbccfg_password" - jdbccfg_url: "jdbccfg_url" - jdbccfg_sslenabled: "jdbccfg_sslenabled" - jdbccfg_ca: "jdbccfg_ca" - - # MAS Entitlement - #mas_entitlement_username: "cp" - mas_entitlement_username: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" - mas_entitlement_key: "mas_entitlement_key" - - # Development Registry Entitlement - artifactory_username: "artifactory_username" - artifactory_token: "artifactory_token" - - # Environment Variable: - mas_app_channel: "mas_app_channel" - - # aibroker vars - mas_catalog_source: "mas_catalog_source" - - # Source container registry - # ----------------------------------------------------------------------------- - # mas_icr_cp: "cp.icr.io/cp" - # mas_icr_cpopen: "icr.io/cpopen" - mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" - mas_icr_cpopen: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local/cpopen" - - cluster_domain: cluster_domain - in_saas_env: "in_saas_env" - - mas_aibroker_s3_endpoint_url: "mas_aibroker_s3_endpoint_url" - mas_aibroker_s3_region: "mas_aibroker_s3_region" - mas_aibroker_s3_bucket_prefix: "mas_aibroker_s3_bucket_prefix" - environment_type: "environment_type" - -ibm_aibroker_tenant: - mas_instance_id: "MAS_INSTANCE_ID" - aibroker_namespace: 'mas-{{ mas_instance_id }}-aibroker' - ibm_entitlement_key: "" - - # SAAS - aibroker_saas_apikey: "AIBROKER_SAAS_APIKEY" - # in_saas_env: "true" - mas_aibroker_saas: "false" - mas_aibroker_provision_tenant: "mas_aibroker_provision_tenant" - - # Tenant - artifactory_token: "artifactory_token" - mas_aibroker_tenant_name: "user" - tenant_action: "true" - tenantNamespace: 'aibroker-{{ mas_aibroker_tenant_name }}' - - # cluster_domain: "" - mas_icr_cp: "cp.icr.io/cp" - mas_icr_cpopen: "icr.io/cpopen" - - # DRO - # mas_aibroker_dro_token_secret: "dro-token" - mas_aibroker_dro_cacert_secret: "dro-certificates" - - drocfg_ca: "drocfg_ca" - drocfg_registration_key: "drocfg_registration_key" - drocfg_url: "drocfg_url" - - #sls - slscfg_registration_key: "slscfg_registration_key" - slscfg_url: "slscfg_url" - # slscfg_clientId: "slscfg_clientId" - # slscfg_ca: "slscfg_ca" - # slscfg_tls: "slscfg_tls" - # slscfg_key: "slscfg_key" - #RSL ##review - rsl_url: "rsl_url" - rsl_org_id: "rsl_org_id" - mas_aibroker_rsl_secret: "mas_aibroker_rsl_secret" - - - # WatsonX - mas_aibroker_watsonxai_apikey: MAS_AIBROKER_WATSONXAI_APIKEY - mas_aibroker_watsonxai_url: MAS_AIBROKER_WATSONXAI_URL - mas_aibroker_watsonxai_project_id: MAS_AIBROKER_WATSONXAI_PROJECT_ID - - # SLS - #mas_aibroker_sls_registration_key_secret: "sls-registration-key" - mas_aibroker_sls_subscription_id: "001" - - # S3 - mas_aibroker_storage_provider: "aws" - mas_aibroker_storage_ssl: "true" - # following are the variable need to injected via environment variable - mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" - mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" - mas_aibroker_storage_host: "mas_aibroker_storage_host" - mas_aibroker_storage_port: "mas_aibroker_storage_port" - mas_aibroker_storage_region: "mas_aibroker_storage_region" - - # mas_aibroker_storage_pipelines_bucket: "aibrokeruser-training-bucket" - mas_aibroker_s3_endpoint_url: "MAS_AIBROKER_TENANT_S3_ENDPOINT_URL" - mas_aibroker_s3_region: "MAS_AIBROKER_TENANT_S3_REGION" - mas_aibroker_s3_bucket_prefix: "MAS_AIBROKER_TENANT_S3_BUCKET_PREFIX" - - tenant_entitlement_type: "MAS_AIBROKER_TENANT_ENTITLEMENT_TYPE" - tenant_entitlement_start_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_START_DATE" - tenant_entitlement_end_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_END_DATE" diff --git a/root-applications/ibm-aibroker-instance-root/Chart.yaml b/root-applications/ibm-aiservice-instance-root/Chart.yaml similarity index 100% rename from root-applications/ibm-aibroker-instance-root/Chart.yaml rename to root-applications/ibm-aiservice-instance-root/Chart.yaml diff --git a/root-applications/ibm-aibroker-instance-root/README.md b/root-applications/ibm-aiservice-instance-root/README.md similarity index 100% rename from root-applications/ibm-aibroker-instance-root/README.md rename to root-applications/ibm-aiservice-instance-root/README.md diff --git a/root-applications/ibm-aibroker-instance-root/templates/030-ibm-odh-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml similarity index 76% rename from root-applications/ibm-aibroker-instance-root/templates/030-ibm-odh-app.yaml rename to root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml index 9dffa6865..1b83c4b89 100644 --- a/root-applications/ibm-aibroker-instance-root/templates/030-ibm-odh-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml @@ -63,23 +63,23 @@ spec: odh_channel: "{{ .Values.ibm_odh.odh_channel }}" odh_catalog_source: "{{ .Values.ibm_odh.odh_catalog_source }}" odh_operator_version: "{{ .Values.ibm_odh.odh_operator_version }}" - aibroker_namespace: "{{ .Values.ibm_odh.aibroker_namespace }}" + aiservice_namespace: "{{ .Values.ibm_odh.aiservice_namespace }}" pull_secret_name: "{{ .Values.ibm_odh.pull_secret_name }}" - mas_aibroker_storage_provider: "{{ .Values.ibm_odh.mas_aibroker_storage_provider }}" - mas_aibroker_storage_accesskey: "{{ .Values.ibm_odh.mas_aibroker_storage_accesskey }}" - mas_aibroker_storage_secretkey: "{{ .Values.ibm_odh.mas_aibroker_storage_secretkey }}" - mas_aibroker_storage_host: "{{ .Values.ibm_odh.mas_aibroker_storage_host }}" - mas_aibroker_storage_port: "{{ .Values.ibm_odh.mas_aibroker_storage_port }}" - mas_aibroker_storage_ssl: "{{ .Values.ibm_odh.mas_aibroker_storage_ssl }}" - mas_aibroker_storage_region: "{{ .Values.ibm_odh.mas_aibroker_storage_region }}" - mas_aibroker_db_host: "{{ .Values.ibm_odh.mas_aibroker_db_host }}" - mas_aibroker_db_port: "{{ .Values.ibm_odh.mas_aibroker_db_port }}" - mas_aibroker_db_user: "{{ .Values.ibm_odh.mas_aibroker_db_user }}" - mas_aibroker_db_database: "{{ .Values.ibm_odh.mas_aibroker_db_database }}" - mas_aibroker_db_secret_key: "{{ .Values.ibm_odh.mas_aibroker_db_secret_key }}" - mas_aibroker_db_secret_name: "{{ .Values.ibm_odh.mas_aibroker_db_secret_name }}" - mas_aibroker_db_secret_value: "{{ .Values.ibm_odh.mas_aibroker_db_secret_value }}" - mas_aibroker_storage_pipelines_bucket: "{{ .Values.ibm_odh.mas_aibroker_storage_pipelines_bucket }}" + mas_aiservice_storage_provider: "{{ .Values.ibm_odh.mas_aiservice_storage_provider }}" + mas_aiservice_storage_accesskey: "{{ .Values.ibm_odh.mas_aiservice_storage_accesskey }}" + mas_aiservice_storage_secretkey: "{{ .Values.ibm_odh.mas_aiservice_storage_secretkey }}" + mas_aiservice_storage_host: "{{ .Values.ibm_odh.mas_aiservice_storage_host }}" + mas_aiservice_storage_port: "{{ .Values.ibm_odh.mas_aiservice_storage_port }}" + mas_aiservice_storage_ssl: "{{ .Values.ibm_odh.mas_aiservice_storage_ssl }}" + mas_aiservice_storage_region: "{{ .Values.ibm_odh.mas_aiservice_storage_region }}" + mas_aiservice_db_host: "{{ .Values.ibm_odh.mas_aiservice_db_host }}" + mas_aiservice_db_port: "{{ .Values.ibm_odh.mas_aiservice_db_port }}" + mas_aiservice_db_user: "{{ .Values.ibm_odh.mas_aiservice_db_user }}" + mas_aiservice_db_database: "{{ .Values.ibm_odh.mas_aiservice_db_database }}" + mas_aiservice_db_secret_key: "{{ .Values.ibm_odh.mas_aiservice_db_secret_key }}" + mas_aiservice_db_secret_name: "{{ .Values.ibm_odh.mas_aiservice_db_secret_name }}" + mas_aiservice_db_secret_value: "{{ .Values.ibm_odh.mas_aiservice_db_secret_value }}" + mas_aiservice_storage_pipelines_bucket: "{{ .Values.ibm_odh.mas_aiservice_storage_pipelines_bucket }}" primary_storage_class: "{{ .Values.ibm_odh.primary_storage_class }}" {{- if .Values.custom_labels }} custom_labels: {{ .Values.custom_labels | toYaml | nindent 14 }} diff --git a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml new file mode 100644 index 000000000..3b24ac604 --- /dev/null +++ b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml @@ -0,0 +1,129 @@ +{{- if not (empty .Values.ibm_aiservice) }} +--- +# IBM Maximo aiservice +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: aiservice.{{ .Values.cluster.id }}.{{ .Values.instance.id }} + namespace: {{ .Values.argo.namespace }} + labels: + environment: '{{ .Values.account.id }}' + region: '{{ .Values.region.id }}' + cluster: '{{ .Values.cluster.id }}' + instance: '{{ .Values.instance.id }}' + annotations: + argocd.argoproj.io/sync-wave: "040" + healthCheckTimeout: "1800" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} + {{- end }} + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: "{{ .Values.argo.projects.apps }}" + destination: + server: {{ .Values.cluster.url }} + namespace: "{{ .Values.ibm_aiservice.aiservice_namespace }}" + source: + repoURL: "{{ .Values.source.repo_url }}" + path: instance-applications/113-ibm-aiservice + targetRevision: "{{ .Values.source.revision }}" + plugin: + name: {{ .Values.avp.name }} + env: + - name: {{ .Values.avp.values_varname }} + value: | + aiservice_namespace: "{{ .Values.ibm_aiservice.aiservice_namespace }}" + aiservice_instance_id: "{{ .Values.ibm_aiservice.aiservice_instance_id }}" + + mas_aiservice_storage_secret: "{{ .Values.ibm_aiservice.mas_aiservice_storage_secret }}" + mas_aiservice_mariadb_secret: "{{ .Values.ibm_aiservice.mas_aiservice_mariadb_secret }}" + mas_aiservice_db_user: "{{ .Values.ibm_aiservice.mas_aiservice_db_user }}" + mas_aiservice_db_secret_value: "{{ .Values.ibm_aiservice.mas_aiservice_db_secret_value }}" + + mas_aiservice_watsonx_secret: "{{ .Values.ibm_aiservice.mas_aiservice_watsonx_secret }}" + mas_aiservice_watsonxai_apikey: "{{ .Values.ibm_aiservice.mas_aiservice_watsonxai_apikey }}" + mas_aiservice_watsonxai_url: "{{ .Values.ibm_aiservice.mas_aiservice_watsonxai_url }}" + mas_aiservice_watsonxai_project_id: "{{ .Values.ibm_aiservice.mas_aiservice_watsonxai_project_id }}" + + s3_apikey: "{{ .Values.ibm_aiservice.s3_apikey }}" + mas_aiservice_storage_accesskey: "{{ .Values.ibm_aiservice.mas_aiservice_storage_accesskey }}" + mas_aiservice_storage_secretkey: "{{ .Values.ibm_aiservice.mas_aiservice_storage_secretkey }}" + + mas_aiservice_storage_host: "{{ .Values.ibm_aiservice.mas_aiservice_storage_host }}" + mas_aiservice_storage_port: "{{ .Values.ibm_aiservice.mas_aiservice_storage_port }}" + + mas_aiservice_sls_registration_key_secret: "{{ .Values.ibm_aiservice.mas_aiservice_sls_registration_key_secret }}" + slscfg_registration_key: "{{ .Values.ibm_aiservice.slscfg_registration_key }}" + + mas_aiservice_db_host: "{{ .Values.ibm_aiservice.mas_aiservice_db_host }}" + mas_aiservice_db_port: "{{ .Values.ibm_aiservice.mas_aiservice_db_port }}" + mas_aiservice_db_secret_name: "{{ .Values.ibm_aiservice.mas_aiservice_db_secret_name }}" + + mas_aiservice_storage_pipelines_bucket: "{{ .Values.ibm_aiservice.mas_aiservice_storage_pipelines_bucket }}" + mas_aiservice_storage_tenants_bucket: "{{ .Values.ibm_aiservice.mas_aiservice_storage_tenants_bucket }}" + mas_aiservice_storage_templates_bucket: "{{ .Values.ibm_aiservice.mas_aiservice_storage_templates_bucket }}" + + mas_aiservice_dro_token_secret: "{{ .Values.ibm_aiservice.mas_aiservice_dro_token_secret }}" + mas_aiservice_dro_cacert_secret: "{{ .Values.ibm_aiservice.mas_aiservice_dro_cacert_secret }}" + + drocfg_ca: "{{ .Values.ibm_aiservice.drocfg_ca }}" + drocfg_ca_tenant: "{{ .Values.ibm_aiservice.drocfg_ca_tenant }}" + drocfg_registration_key: "{{ .Values.ibm_aiservice.drocfg_registration_key }}" + drocfg_url: "{{ .Values.ibm_aiservice.drocfg_url }}" + mas_aiservice_db2_jdbc_secret: "{{ .Values.ibm_aiservice.mas_aiservice_db2_jdbc_secret }}" + + jdbccfg_username: "{{ .Values.ibm_aiservice.jdbccfg_username }}" + jdbccfg_password: "{{ .Values.ibm_aiservice.jdbccfg_password }}" + jdbccfg_url: "{{ .Values.ibm_aiservice.jdbccfg_url }}" + jdbccfg_sslenabled: "{{ .Values.ibm_aiservice.jdbccfg_sslenabled }}" + jdbccfg_ca: "{{ .Values.ibm_aiservice.jdbccfg_ca }}" + + mas_entitlement_username: "{{ .Values.ibm_aiservice.mas_entitlement_username }}" + mas_entitlement_key: "{{ .Values.ibm_aiservice.mas_entitlement_key }}" + artifactory_username: "{{ .Values.ibm_aiservice.artifactory_username }}" + artifactory_token: "{{ .Values.ibm_aiservice.artifactory_token }}" + mas_app_channel: "{{ .Values.ibm_aiservice.mas_app_channel }}" + + mas_catalog_source: "{{ .Values.ibm_aiservice.mas_catalog_source }}" + + mas_icr_cp: "{{ .Values.ibm_aiservice.mas_icr_cp }}" + mas_icr_cpopen: "{{ .Values.ibm_aiservice.mas_icr_cpopen }}" + in_saas_env: "{{ .Values.ibm_aiservice.in_saas_env }}" + is_external_route: "{{ .Values.ibm_aiservice.is_external_route }}" + cluster_domain: "{{ .Values.ibm_aiservice.cluster_domain }}" + environment_type: "{{ .Values.ibm_aiservice.environment_type }}" + mas_aiservice_s3_endpoint_url: "{{ .Values.ibm_aiservice.mas_aiservice_s3_endpoint_url }}" + mas_aiservice_s3_region: "{{ .Values.ibm_aiservice.mas_aiservice_s3_region }}" + mas_aiservice_s3_bucket_prefix: "{{ .Values.ibm_aiservice.mas_aiservice_s3_bucket_prefix }}" + + + junitreporter: + reporter_name: "ibm-aiservice-{{ .Values.instance.id }}" + cluster_id: "{{ .Values.cluster.id }}" + devops_mongo_uri: "{{ .Values.devops.mongo_uri }}" + devops_build_number: "{{ .Values.devops.build_number }}" + gitops_version: "{{ .Values.source.revision }}" + - name: ARGOCD_APP_NAME + value: aiserviceapp + {{- if not (empty .Values.avp.secret) }} + - name: AVP_SECRET + value: {{ .Values.avp.secret }} + {{- end }} + syncPolicy: + automated: + {{- if .Values.auto_delete }} + prune: true + {{- end }} + selfHeal: true + retry: + limit: 20 + syncOptions: + - CreateNamespace=true + managedNamespaceMetadata: + labels: +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/root-applications/ibm-aibroker-instance-root/templates/050-ibm-kmodels-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/050-ibm-kmodels-app.yaml similarity index 67% rename from root-applications/ibm-aibroker-instance-root/templates/050-ibm-kmodels-app.yaml rename to root-applications/ibm-aiservice-instance-root/templates/050-ibm-kmodels-app.yaml index ea9b44356..f232ee853 100644 --- a/root-applications/ibm-aibroker-instance-root/templates/050-ibm-kmodels-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/050-ibm-kmodels-app.yaml @@ -36,34 +36,34 @@ spec: value: | openshift_namespace: "{{ .Values.ibm_kmodel.openshift_namespace }}" run_sync_hooks: "{{ .Values.ibm_kmodel.run_sync_hooks }}" - aibroker_namespace: "{{ .Values.ibm_kmodel.aibroker_namespace }}" - mas_aibroker_storage_provider: "{{ .Values.ibm_kmodel.mas_aibroker_storage_provider }}" - mas_aibroker_storage_ssl: "{{ .Values.ibm_kmodel.mas_aibroker_storage_ssl }}" - mas_aibroker_storage_accesskey: "{{ .Values.ibm_kmodel.mas_aibroker_storage_accesskey }}" - mas_aibroker_storage_secretkey: "{{ .Values.ibm_kmodel.mas_aibroker_storage_secretkey }}" - mas_aibroker_storage_host: "{{ .Values.ibm_kmodel.mas_aibroker_storage_host }}" - mas_aibroker_storage_port: "{{ .Values.ibm_kmodel.mas_aibroker_storage_port }}" - mas_aibroker_storage_region: "{{ .Values.ibm_kmodel.mas_aibroker_storage_region }}" + aiservice_namespace: "{{ .Values.ibm_kmodel.aiservice_namespace }}" + mas_aiservice_storage_provider: "{{ .Values.ibm_kmodel.mas_aiservice_storage_provider }}" + mas_aiservice_storage_ssl: "{{ .Values.ibm_kmodel.mas_aiservice_storage_ssl }}" + mas_aiservice_storage_accesskey: "{{ .Values.ibm_kmodel.mas_aiservice_storage_accesskey }}" + mas_aiservice_storage_secretkey: "{{ .Values.ibm_kmodel.mas_aiservice_storage_secretkey }}" + mas_aiservice_storage_host: "{{ .Values.ibm_kmodel.mas_aiservice_storage_host }}" + mas_aiservice_storage_port: "{{ .Values.ibm_kmodel.mas_aiservice_storage_port }}" + mas_aiservice_storage_region: "{{ .Values.ibm_kmodel.mas_aiservice_storage_region }}" ssh_secret_name: "{{ .Values.ibm_kmodel.ssh_secret_name }}" pullSecretName: "{{ .Values.ibm_kmodel.pullSecretName }}" docker_server: "{{ .Values.ibm_kmodel.docker_server }}" tenantNamespace: "{{ .Values.ibm_kmodel.tenantNamespace }}" - mas_aibroker_provision_tenant: "{{ .Values.ibm_kmodel.mas_aibroker_provision_tenant }}" + mas_aiservice_provision_tenant: "{{ .Values.ibm_kmodel.mas_aiservice_provision_tenant }}" primary_storage_class: "{{ .Values.ibm_kmodel.primary_storage_class }}" - mas_aibroker_storage_templates_bucket: "{{ .Values.ibm_kmodel.mas_aibroker_storage_templates_bucket }}" - mas_aibroker_storage_tenants_bucket: "{{ .Values.ibm_kmodel.mas_aibroker_storage_tenants_bucket }}" - mas_aibroker_storage_pipelines_bucket: "{{ .Values.ibm_kmodel.mas_aibroker_storage_pipelines_bucket }}" + mas_aiservice_storage_templates_bucket: "{{ .Values.ibm_kmodel.mas_aiservice_storage_templates_bucket }}" + mas_aiservice_storage_tenants_bucket: "{{ .Values.ibm_kmodel.mas_aiservice_storage_tenants_bucket }}" + mas_aiservice_storage_pipelines_bucket: "{{ .Values.ibm_kmodel.mas_aiservice_storage_pipelines_bucket }}" image_store: "{{ .Values.ibm_kmodel.image_store }}" image_watcher: "{{ .Values.ibm_kmodel.image_watcher }}" image_controller: "{{ .Values.ibm_kmodel.image_controller }}" - mas_aibroker_pipeline_steps_tag: "{{ .Values.ibm_kmodel.mas_aibroker_pipeline_steps_tag }}" - mas_aibroker_connector_tag: "{{ .Values.ibm_kmodel.mas_aibroker_connector_tag }}" - aibroker_internal_tls: "{{ .Values.ibm_kmodel.aibroker_internal_tls }}" + mas_aiservice_pipeline_steps_tag: "{{ .Values.ibm_kmodel.mas_aiservice_pipeline_steps_tag }}" + mas_aiservice_connector_tag: "{{ .Values.ibm_kmodel.mas_aiservice_connector_tag }}" + aiservice_internal_tls: "{{ .Values.ibm_kmodel.aiservice_internal_tls }}" mas_instance_id: "{{ .Values.ibm_kmodel.mas_instance_id }}" model_id_unique_length: "{{ .Values.ibm_kmodel.model_id_unique_length }}" model_id_prefix: "{{ .Values.ibm_kmodel.model_id_prefix }}" ds_pipelines_enabled: "{{ .Values.ibm_kmodel.ds_pipelines_enabled }}" - mas_icr_cp: "{{ .Values.ibm_aibroker.mas_icr_cp }}" + mas_icr_cp: "{{ .Values.ibm_aiservice.mas_icr_cp }}" junitreporter: reporter_name: "ibm-kmodel-{{ .Values.instance.id }}" diff --git a/root-applications/ibm-aibroker-instance-root/templates/070-aibroker-tenant-appset.yaml b/root-applications/ibm-aiservice-instance-root/templates/070-aiservice-tenant-appset.yaml similarity index 95% rename from root-applications/ibm-aibroker-instance-root/templates/070-aibroker-tenant-appset.yaml rename to root-applications/ibm-aiservice-instance-root/templates/070-aiservice-tenant-appset.yaml index ec137b7c9..d58d9dc4d 100644 --- a/root-applications/ibm-aibroker-instance-root/templates/070-aibroker-tenant-appset.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/070-aiservice-tenant-appset.yaml @@ -1,6 +1,6 @@ --- -# IBM AiBroker Instance Application Set +# IBM AiService Instance Application Set apiVersion: argoproj.io/v1alpha1 kind: ApplicationSet metadata: @@ -28,12 +28,12 @@ spec: repoURL: "{{ .Values.generator.repo_url }}" revision: "{{ .Values.generator.revision }}" files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/{{ .Values.instance.id }}/*/ibm-aibroker-tenant-base.yaml" + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/{{ .Values.instance.id }}/*/ibm-aiservice-tenant-base.yaml" - git: repoURL: "{{ .Values.generator.repo_url }}" revision: "{{ .Values.generator.revision }}" files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/{{ .Values.instance.id }}/*/ibm-aibroker-tenant.yaml" + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/{{ .Values.instance.id }}/*/ibm-aiservice-tenant.yaml" syncPolicy: applicationsSync: "{{- if .Values.auto_delete }}sync{{- else }}create-update{{- end }}" template: @@ -59,7 +59,7 @@ spec: source: repoURL: "{{ .Values.source.repo_url }}" targetRevision: "{{ .Values.source.revision }}" - path: root-applications/ibm-aibroker-tenant-root + path: root-applications/ibm-aiservice-tenant-root helm: releaseName: instanceappset values: "{{ `{{ toYaml . }}` }}" diff --git a/root-applications/ibm-aiservice-instance-root/values.yaml b/root-applications/ibm-aiservice-instance-root/values.yaml new file mode 100644 index 000000000..682c5fa64 --- /dev/null +++ b/root-applications/ibm-aiservice-instance-root/values.yaml @@ -0,0 +1,326 @@ +--- + +avp: + name: "argocd-vault-plugin-helm" + secret: "" + values_varname: "HELM_VALUES" + +account: + id: dev + +cluster: + id: cluster1 + +region: + id: region1 + +instance: + id: inst1 + +tenant: + id: tenant1 + +generator: + repo_url: xxxx + +source: + repo_url: "https://github.com/ibm-mas/gitops" + revision: "poc" + +# Customers will definitely need to customise this (our gitops-envs/mas-dev repos are private), +# So deliberately not specifying defaults here; we want charts to refuse to render if these are not specified +# Both of these correspond to requirement arguments of the gitops-bootstrap CLI function (--github-url and --github-revision) +# generator: +# repo_url: "" +# revision: "" + +# These defaults align with the ArgoCD worker setup by gitops-bootstrap +# (openshift-gitops with a single ArgoCD project "mas") +argo: + namespace: "openshift-gitops" + projects: + rootapps: "mas" + apps: "mas" + + +auto_delete: false + +sm: + aws_access_key_id: xxxx + +run_sanity_test: false + +devops: + mongo_uri: + build_number: + +ibm_minio: + minio_namespace: "minio_namespace" + minio_instance_name: "minio" + minio_root_user: "minio" + minio_root_password: "" + minio_storage_class: "default" + minio_storage_size: "40Gi" + minio_image: "quay.io/minio/minio:latest" + + +ibm_odh: + openshift_namespace: "openshift-operators" + odh_pipeline_channel: "latest" + odh_pipeline_installplan: "Automatic" + service_mesh_namespace: "openshift-serverless" + service_mesh_channel: "stable" + service_mesh_catalog_source: "redhat-operators" + serverless_channel: "stable" + authorino_catalog_source: "community-operators" + odh_channel: "fast" + odh_catalog_source: "community-operators" + odh_operator_version: "opendatahub-operator.v2.11.1" + #Odh_Pipeline_operator + odh_pipeline_name: "openshift-pipelines-operator" + odh_pipeline_namespace: "openshift-operators" + odh_pipeline_operatorName: "openshift-pipelines-operator-rh" + odh_pipeline_source: "redhat_operators" + odh_pipeline_sourceNamespace: "openshift_marketplace" + + #Serverless Operator + serverless_namespace: "openshift-serverless" + serverless_operator_name: "serverless-operator" + serverless_operator_source: "redhat-operators" + serverless_operator_sourceNamespace: "openshift-marketplace" + + #opendatahub Operator + opendatahub_OperatorGroup_name: "opendatahub-operator-group" + opendatahub_name: "opendatahub-operator" + opendatahub_namespace: "opendatahub" + opendatahub_installPlanApproval: "Manual" + opendatahub_channel: "fast" + opendatahub_source: "community-operators" + opendatahub__sourceNamespace: "openshift-marketplace" + + aiservice_namespace: "mas_sremat_aiservice" + pull_secret_name: "ibm_entitlement" + mas_aiservice_storage_provider: "minio" + mas_aiservice_storage_accesskey: "" + mas_aiservice_storage_secretkey: "" + mas_aiservice_storage_host: "mas_aiservice_storage_host" + mas_aiservice_storage_port: "mas_aiservice_storage_port" + mas_aiservice_storage_ssl: "mas_aiservice_storage_ssl" + mas_aiservice_storage_region: "mas_aiservice_storage_region" + + # MariaDB + mas_aiservice_db_host: "mas_aiservice_db_host" + mas_aiservice_db_port: "mas_aiservice_db_port" + mas_aiservice_db_user: "mas_aiservice_db_user" + mas_aiservice_db_database: "mas_aiservice_db_database" + + mas_aiservice_db_secret_key: "mas_aiservice_db_secret_key" + mas_aiservice_db_secret_name: "mas_aiservice_db_secret_name" + mas_aiservice_db_secret_value: "mas_aiservice_db_secret_value" + + mas_aiservice_storage_pipelines_bucket: "mas_aiservice_storage_pipelines_bucket" + primary_storage_class: "nfs-client" + + +ibm_kmodel: + aiservice_instance_id: "aiservice_instance_id" + aiservice_internal_tls: "aiservice_internal_tls" + aiservice_namespace: "mas-sremat-aiservice" + + mas_aiservice_storage_provider: "minio" + mas_aiservice_storage_ssl: "false" + + openshift_namespace: "openshift-operators" + run_sync_hooks: true + + + # following are the variable need to injected via environment variable + mas_aiservice_storage_accesskey: "mas_aiservice_storage_accesskey" + mas_aiservice_storage_secretkey: "mas_aiservice_storage_secretkey" + mas_aiservice_storage_host: "mas_aiservice_storage_host" + mas_aiservice_storage_port: "mas_aiservice_storage_port" + mas_aiservice_storage_region: "mas_aiservice_storage_region" + ssh_secret_name: "sremat-kmodel-aiservice-tls" + # vars file for kmodels + pullSecretName: "pullSecretName" + docker_server: "MAS_ICR_CP/aiservice" + tenantNamespace: "aiservice-MAS_AISERVICE_TENANT_NAME" + # mas_aiservice_provision_tenant: "MAS_AISERVICE_PROVISION_TENANT" + primary_storage_class: "PRIMARY_STORAGE_CLASS" + # Bucket names + mas_aiservice_storage_templates_bucket: "mas_aiservice_storage_templates_bucket" + mas_aiservice_storage_tenants_bucket: "mas_aiservice_storage_tenants_bucket" + mas_aiservice_storage_pipelines_bucket: "mas_aiservice_storage_pipelines_bucket" + #container images + image_store: "MAS_ICR_CP/aiservice/store:1.0.2" + image_watcher: "MAS_ICR_CP/aiservice/watcher:1.0.2-pre.dev10x" + image_controller: "MAS_ICR_CP/aiservice/controller:1.0.2-pre.dev10x" + mas_aiservice_pipeline_steps_tag: 1.0.0 + mas_aiservice_connector_tag: 1.0.0 + + # model + # model_id_unique_length: "model_id_unique_length" + # model_id_prefix: "model_id_prefix" + + # Source container registry + # ----------------------------------------------------------------------------- + # mas_icr_cp: "cp.icr.io/cp" + mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + +ibm_aiservice: + aiservice_instance_id: aiservice_instance_id + aiservice_namespace: 'mas-{{ aiservice_instance_id }}-aiservice' + mas_aiservice_storage_secret: "mas_aiservice_storage_secret" + # Minio + mas_aiservice_storage_accesskey: "mas_aiservice_storage_accesskey" + mas_aiservice_storage_secretkey: "mas_aiservice_storage_secretkey" + # MariaDB + mas_aiservice_mariadb_secret: "mas_aiservice_mariadb_secret" + mas_aiservice_db_user: "mas_aiservice_db_user" + mas_aiservice_db_secret_value: "mas_aiservice_db_secret_value" + + # WatsonX + mas_aiservice_watsonx_secret: "mas_aiservice_watsonx_secret" + mas_aiservice_watsonxai_apikey: "MAS_AISERVICE_WATSONXAI_APIKEY" + mas_aiservice_watsonxai_url: "MAS_AISERVICE_WATSONXAI_URL" + mas_aiservice_watsonxai_project_id: "MAS_AISERVICE_WATSONXAI_PROJECT_ID" + + # S3 + s3_apikey: "S3_APIKEY" + mas_aiservice_storage_accesskey: "true" + mas_aiservice_storage_secretkey: "MAS_AISERVICE_STORAGE_SECRETKEY" + + mas_aiservice_storage_host: "true" + mas_aiservice_storage_port: "true" + + # SLS + mas_aiservice_sls_registration_key_secret: "sls-registration-key" + + mas_aiservice_db_host: "mas_aiservice_db_host" + mas_aiservice_db_port: "mas_aiservice_db_port" + mas_aiservice_db_secret_name: "mas_aiservice_db_secret_name" + + # Bucket names + mas_aiservice_storage_pipelines_bucket: "MAS_AISERVICE_STORAGE_PIPELINES_BUCKET" + mas_aiservice_storage_tenants_bucket: "mas_aiservice_storage_tenants_bucket" + mas_aiservice_storage_templates_bucket: "MAS_AISERVICE_STORAGE_TEMPLATES_BUCKET" + + slscfg_registration_key: "slscfg_registration_key" + + # DRO + mas_aiservice_dro_token_secret: "dro-token" + mas_aiservice_dro_cacert_secret: "dro-certificates" + + drocfg_ca: "drocfg_ca" + drocfg_registration_key: "drocfg_registration_key" + drocfg_url: "drocfg_url" + + + # JDBC + mas_aiservice_db2_jdbc_secret: "aiservice-jdbccfg" + + jdbccfg_username: "jdbccfg_username" + jdbccfg_password: "jdbccfg_password" + jdbccfg_url: "jdbccfg_url" + jdbccfg_sslenabled: "jdbccfg_sslenabled" + jdbccfg_ca: "jdbccfg_ca" + + # MAS Entitlement + #mas_entitlement_username: "cp" + mas_entitlement_username: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + mas_entitlement_key: "mas_entitlement_key" + + # Development Registry Entitlement + artifactory_username: "artifactory_username" + artifactory_token: "artifactory_token" + + # Environment Variable: + mas_app_channel: "mas_app_channel" + + # aiservice vars + mas_catalog_source: "mas_catalog_source" + + # Source container registry + # ----------------------------------------------------------------------------- + # mas_icr_cp: "cp.icr.io/cp" + # mas_icr_cpopen: "icr.io/cpopen" + mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + mas_icr_cpopen: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local/cpopen" + + cluster_domain: cluster_domain + in_saas_env: "in_saas_env" + route_type: "route_type" + mas_aiservice_s3_endpoint_url: "mas_aiservice_s3_endpoint_url" + mas_aiservice_s3_region: "mas_aiservice_s3_region" + mas_aiservice_s3_bucket_prefix: "mas_aiservice_s3_bucket_prefix" + environment_type: "environment_type" + +ibm_aiservice_tenant: + aiservice_instance_id: aiservice_instance_id + aiservice_namespace: 'mas-{{ aiservice_instance_id }}-aiservice' + ibm_entitlement_key: "" + openshift_namespace: "openshift-operators" + # SAAS + aiservice_saas_apikey: "AISERVICE_SAAS_APIKEY" + # in_saas_env: "true" + mas_aiservice_saas: "false" + mas_aiservice_provision_tenant: "mas_aiservice_provision_tenant" + + # Tenant + artifactory_token: "artifactory_token" + mas_aiservice_tenant_name: "user" + tenant_action: "true" + tenantNamespace: 'aiservice-{{ mas_aiservice_tenant_name }}' + + # cluster_domain: "" + mas_icr_cp: "cp.icr.io/cp" + mas_icr_cpopen: "icr.io/cpopen" + + # DRO + # mas_aiservice_dro_token_secret: "dro-token" + mas_aiservice_dro_cacert_secret: "dro-certificates" + + drocfg_ca: "drocfg_ca" + drocfg_registration_key: "drocfg_registration_key" + drocfg_url: "drocfg_url" + + #sls + slscfg_registration_key: "slscfg_registration_key" + slscfg_url: "slscfg_url" + # slscfg_clientId: "slscfg_clientId" + # slscfg_ca: "slscfg_ca" + # slscfg_tls: "slscfg_tls" + # slscfg_key: "slscfg_key" + #RSL ##review + rsl_url: "rsl_url" + rsl_org_id: "rsl_org_id" + mas_aiservice_rsl_secret: "mas_aiservice_rsl_secret" + + + # WatsonX + mas_aiservice_watsonxai_apikey: MAS_AISERVICE_WATSONXAI_APIKEY + mas_aiservice_watsonxai_url: MAS_AISERVICE_WATSONXAI_URL + mas_aiservice_watsonxai_project_id: MAS_AISERVICE_WATSONXAI_PROJECT_ID + + # SLS + #mas_aiservice_sls_registration_key_secret: "sls-registration-key" + mas_aiservice_sls_subscription_id: "001" + + # S3 + mas_aiservice_storage_provider: "aws" + mas_aiservice_storage_ssl: "true" + # following are the variable need to injected via environment variable + mas_aiservice_storage_accesskey: "mas_aiservice_storage_accesskey" + mas_aiservice_storage_secretkey: "mas_aiservice_storage_secretkey" + mas_aiservice_storage_host: "mas_aiservice_storage_host" + mas_aiservice_storage_port: "mas_aiservice_storage_port" + mas_aiservice_storage_region: "mas_aiservice_storage_region" + + # mas_aiservice_storage_pipelines_bucket: "aiserviceuser-training-bucket" + mas_aiservice_s3_endpoint_url: "MAS_AISERVICE_TENANT_S3_ENDPOINT_URL" + mas_aiservice_s3_region: "MAS_AISERVICE_TENANT_S3_REGION" + mas_aiservice_s3_bucket_prefix: "MAS_AISERVICE_TENANT_S3_BUCKET_PREFIX" + + tenant_entitlement_type: "MAS_AISERVICE_TENANT_ENTITLEMENT_TYPE" + tenant_entitlement_start_date: "MAS_AISERVICE_TENANT_ENTITLEMENT_START_DATE" + tenant_entitlement_end_date: "MAS_AISERVICE_TENANT_ENTITLEMENT_END_DATE" diff --git a/root-applications/ibm-aiservice-tenant-root/Chart.yaml b/root-applications/ibm-aiservice-tenant-root/Chart.yaml new file mode 100644 index 000000000..d52b2c4e4 --- /dev/null +++ b/root-applications/ibm-aiservice-tenant-root/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v2 +name: ibm-aiservice-tenant-root +description: IBM AISERVICE tenant root +type: application +version: 1.0.0 diff --git a/root-applications/ibm-aiservice-tenant-root/README.md b/root-applications/ibm-aiservice-tenant-root/README.md new file mode 100644 index 000000000..7c1b4b526 --- /dev/null +++ b/root-applications/ibm-aiservice-tenant-root/README.md @@ -0,0 +1,3 @@ +IBM AISERVICE Tenant Root Application +=============================================================================== +Installs various ArgoCD Applications for managing instance-level AISERVICE dependencies (e.g. ODH, AIService etc) and AISERVICE Applications (e.g. kmodel, aiservice-tenant etc) on the target cluster. \ No newline at end of file diff --git a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml new file mode 100644 index 000000000..d10a2f1e8 --- /dev/null +++ b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml @@ -0,0 +1,135 @@ +{{- if not (empty .Values.ibm_aiservice_tenant) }} +--- +# IBM Maximo aiservice-tenant +apiVersion: argoproj.io/v1alpha1 +kind: Application +metadata: + name: aiservice-tenant.{{ .Values.cluster.id }}.{{ .Values.instance.id }}.{{ .Values.tenant.id }} + namespace: {{ .Values.argo.namespace }} + labels: + environment: '{{ .Values.account.id }}' + region: '{{ .Values.region.id }}' + cluster: '{{ .Values.cluster.id }}' + instance: '{{ .Values.instance.id }}' + tenant: '{{ .Values.tenant.id }}' + annotations: + argocd.argoproj.io/sync-wave: "100" + healthCheckTimeout: "1800" + {{- if and .Values.notifications .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} + notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} + {{- end }} + finalizers: + - resources-finalizer.argocd.argoproj.io +spec: + project: "{{ .Values.argo.projects.apps }}" + destination: + server: {{ .Values.cluster.url }} + namespace: "{{ .Values.ibm_aiservice_tenant.aiservice_namespace }}" + source: + repoURL: "{{ .Values.source.repo_url }}" + path: instance-applications/115-ibm-aiservice-tenant + targetRevision: "{{ .Values.source.revision }}" + plugin: + name: {{ .Values.avp.name }} + env: + - name: {{ .Values.avp.values_varname }} + value: | + tenant_id: "{{ .Values.ibm_aiservice_tenant.tenant_id }}" + aiservice_instance_id: "{{ .Values.ibm_aiservice_tenant.aiservice_instance_id }}" + aiservice_namespace: "{{ .Values.ibm_aiservice_tenant.aiservice_namespace }}" + ibm_entitlement_key: "{{ .Values.ibm_aiservice_tenant.ibm_entitlement_key }}" + account_id: "{{ .Values.account.id }}" + region_id: "{{ .Values.region.id }}" + cluster_id: "{{ .Values.cluster.id }}" + # SAAS + aiservice_saas_apikey: "{{ .Values.ibm_aiservice_tenant.aiservice_saas_apikey }}" + # in_saas_env: "{{ .Values.ibm_aiservice_tenant.in_saas_env }}" + mas_aiservice_saas: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_saas }}" + mas_aiservice_provision_tenant: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_provision_tenant }}" + + # Tenant + artifactory_token: "{{ .Values.ibm_aiservice_tenant.artifactory_token }}" + mas_aiservice_tenant_name: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_tenant_name }}" + tenant_action: "{{ .Values.ibm_aiservice_tenant.tenant_action }}" + tenantNamespace: "{{ .Values.ibm_aiservice_tenant.tenantNamespace }}" + + # cluster_domain: "{{ .Values.ibm_aiservice_tenant.cluster_domain }}" + mas_icr_cp: "{{ .Values.ibm_aiservice_tenant.mas_icr_cp }}" + mas_icr_cpopen: "{{ .Values.ibm_aiservice_tenant.mas_icr_cpopen }}" + + # DRO + # mas_aiservice_dro_token_secret: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_dro_token_secret }}" + mas_aiservice_dro_cacert_secret: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_dro_cacert_secret }}" + + drocfg_ca: "{{ .Values.ibm_aiservice_tenant.drocfg_ca }}" + drocfg_registration_key: "{{ .Values.ibm_aiservice_tenant.drocfg_registration_key }}" + drocfg_url: "{{ .Values.ibm_aiservice_tenant.drocfg_url }}" + + #sls + slscfg_registration_key: "{{ .Values.ibm_aiservice_tenant.slscfg_registration_key }}" + slscfg_url: "{{ .Values.ibm_aiservice_tenant.slscfg_url }}" + # slscfg_clientId: "{{ .Values.ibm_aiservice_tenant.slscfg_clientId }}" + slscfg_ca: "{{ .Values.ibm_aiservice_tenant.slscfg_ca }}" + slscfg_ca_tenant: "{{ .Values.ibm_aiservice_tenant.slscfg_ca_tenant }}" + # slscfg_tls: "{{ .Values.ibm_aiservice_tenant.slscfg_tls }}" + # slscfg_key: "{{ .Values.ibm_aiservice_tenant.slscfg_key }}" + + # WatsonX + mas_aiservice_watsonxai_apikey: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_watsonxai_apikey }}" + mas_aiservice_watsonxai_url: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_watsonxai_url }}" + mas_aiservice_watsonxai_project_id: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_watsonxai_project_id }}" + + # SLS + mas_aiservice_sls_subscription_id: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_sls_subscription_id }}" + + #rsl + rsl_url: "{{ .Values.ibm_aiservice_tenant.rsl_url }}" + rsl_org_id: "{{ .Values.ibm_aiservice_tenant.rsl_org_id }}" + rsl_token: "{{ .Values.ibm_aiservice_tenant.rsl_token }}" + + # S3 + mas_aiservice_storage_provider: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_provider }}" + mas_aiservice_storage_ssl: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_ssl }}" + mas_aiservice_storage_accesskey: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_accesskey }}" + mas_aiservice_storage_secretkey: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_secretkey }}" + mas_aiservice_storage_host: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_host }}" + mas_aiservice_storage_port: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_port }}" + mas_aiservice_storage_region: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_region }}" + # mas_aiservice_storage_pipelines_bucket: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_pipelines_bucket }}" + mas_aiservice_s3_endpoint_url: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_s3_endpoint_url }}" + mas_aiservice_s3_region: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_s3_region }}" + mas_aiservice_s3_bucket_prefix: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_s3_bucket_prefix }}" + tenant_entitlement_type: "{{ .Values.ibm_aiservice_tenant.tenant_entitlement_type }}" + tenant_entitlement_start_date: "{{ .Values.ibm_aiservice_tenant.tenant_entitlement_start_date }}" + tenant_entitlement_end_date: "{{ .Values.ibm_aiservice_tenant.tenant_entitlement_end_date }}" + + + junitreporter: + reporter_name: "ibm-aiservice-tenant-{{ .Values.instance.id }}" + cluster_id: "{{ .Values.cluster.id }}" + devops_mongo_uri: "{{ .Values.devops.mongo_uri }}" + devops_build_number: "{{ .Values.devops.build_number }}" + gitops_version: "{{ .Values.source.revision }}" + - name: ARGOCD_APP_NAME + value: aiservicetenantapp + {{- if not (empty .Values.avp.secret) }} + - name: AVP_SECRET + value: {{ .Values.avp.secret }} + {{- end }} + syncPolicy: + automated: + {{- if .Values.auto_delete }} + prune: true + {{- end }} + selfHeal: true + retry: + limit: 20 + syncOptions: + - CreateNamespace=true + managedNamespaceMetadata: + labels: +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/root-applications/ibm-aiservice-tenant-root/values.yaml b/root-applications/ibm-aiservice-tenant-root/values.yaml new file mode 100644 index 000000000..cd2db235e --- /dev/null +++ b/root-applications/ibm-aiservice-tenant-root/values.yaml @@ -0,0 +1,323 @@ +--- + +avp: + name: "argocd-vault-plugin-helm" + secret: "" + values_varname: "HELM_VALUES" + +account: + id: dev + +cluster: + id: cluster1 + +region: + id: region1 + +instance: + id: inst1 + +tenant: + id: aiservice-tenant01 + +source: + repo_url: "https://github.com/ibm-mas/gitops" + revision: "poc" + +# Customers will definitely need to customise this (our gitops-envs/mas-dev repos are private), +# So deliberately not specifying defaults here; we want charts to refuse to render if these are not specified +# Both of these correspond to requirement arguments of the gitops-bootstrap CLI function (--github-url and --github-revision) +# generator: +# repo_url: "" +# revision: "" + +# These defaults align with the ArgoCD worker setup by gitops-bootstrap +# (openshift-gitops with a single ArgoCD project "mas") +argo: + namespace: "openshift-gitops" + projects: + rootapps: "mas" + apps: "mas" + + +auto_delete: false + +sm: + aws_access_key_id: xxxx + +run_sanity_test: false + +devops: + mongo_uri: + build_number: + +ibm_minio: + minio_namespace: "minio_namespace" + minio_instance_name: "minio" + minio_root_user: "minio" + minio_root_password: "" + minio_storage_class: "default" + minio_storage_size: "40Gi" + minio_image: "quay.io/minio/minio:latest" + + +ibm_odh: + openshift_namespace: "openshift-operators" + odh_pipeline_channel: "latest" + odh_pipeline_installplan: "Automatic" + service_mesh_namespace: "openshift-serverless" + service_mesh_channel: "stable" + service_mesh_catalog_source: "redhat-operators" + serverless_channel: "stable" + authorino_catalog_source: "community-operators" + odh_channel: "fast" + odh_catalog_source: "community-operators" + odh_operator_version: "opendatahub-operator.v2.11.1" + #Odh_Pipeline_operator + odh_pipeline_name: "openshift-pipelines-operator" + odh_pipeline_namespace: "openshift-operators" + odh_pipeline_operatorName: "openshift-pipelines-operator-rh" + odh_pipeline_source: "redhat_operators" + odh_pipeline_sourceNamespace: "openshift_marketplace" + + #Serverless Operator + serverless_namespace: "openshift-serverless" + serverless_operator_name: "serverless-operator" + serverless_operator_source: "redhat-operators" + serverless_operator_sourceNamespace: "openshift-marketplace" + + #opendatahub Operator + opendatahub_OperatorGroup_name: "opendatahub-operator-group" + opendatahub_name: "opendatahub-operator" + opendatahub_namespace: "opendatahub" + opendatahub_installPlanApproval: "Manual" + opendatahub_channel: "fast" + opendatahub_source: "community-operators" + opendatahub__sourceNamespace: "openshift-marketplace" + + aiservice_namespace: "mas_sremat_aiservice" + pull_secret_name: "ibm_entitlement" + mas_aiservice_storage_provider: "minio" + mas_aiservice_storage_accesskey: "" + mas_aiservice_storage_secretkey: "" + mas_aiservice_storage_host: "mas_aiservice_storage_host" + mas_aiservice_storage_port: "mas_aiservice_storage_port" + mas_aiservice_storage_ssl: "mas_aiservice_storage_ssl" + mas_aiservice_storage_region: "mas_aiservice_storage_region" + + # MariaDB + mas_aiservice_db_host: "mas_aiservice_db_host" + mas_aiservice_db_port: "mas_aiservice_db_port" + mas_aiservice_db_user: "mas_aiservice_db_user" + mas_aiservice_db_database: "mas_aiservice_db_database" + + mas_aiservice_db_secret_key: "mas_aiservice_db_secret_key" + mas_aiservice_db_secret_name: "mas_aiservice_db_secret_name" + mas_aiservice_db_secret_value: "mas_aiservice_db_secret_value" + + mas_aiservice_storage_pipelines_bucket: "mas_aiservice_storage_pipelines_bucket" + primary_storage_class: "nfs-client" + + +ibm_kmodel: + mas_instance_id: "mas_instance_id" + aiservice_internal_tls: "aiservice_internal_tls" + aiservice_namespace: "mas-sremat-aiservice" + + mas_aiservice_storage_provider: "minio" + mas_aiservice_storage_ssl: "false" + + openshift_namespace: "openshift-operators" + run_sync_hooks: true + + + # following are the variable need to injected via environment variable + mas_aiservice_storage_accesskey: "mas_aiservice_storage_accesskey" + mas_aiservice_storage_secretkey: "mas_aiservice_storage_secretkey" + mas_aiservice_storage_host: "mas_aiservice_storage_host" + mas_aiservice_storage_port: "mas_aiservice_storage_port" + mas_aiservice_storage_region: "mas_aiservice_storage_region" + ssh_secret_name: "sremat-kmodel-aiservice-tls" + # vars file for kmodels + pullSecretName: "pullSecretName" + docker_server: "MAS_ICR_CP/aiservice" + tenantNamespace: "aiservice-MAS_AISERVICE_TENANT_NAME" + # mas_aiservice_provision_tenant: "MAS_AISERVICE_PROVISION_TENANT" + primary_storage_class: "PRIMARY_STORAGE_CLASS" + # Bucket names + mas_aiservice_storage_templates_bucket: "mas_aiservice_storage_templates_bucket" + mas_aiservice_storage_tenants_bucket: "mas_aiservice_storage_tenants_bucket" + mas_aiservice_storage_pipelines_bucket: "mas_aiservice_storage_pipelines_bucket" + #container images + image_store: "MAS_ICR_CP/aiservice/store:1.0.2" + image_watcher: "MAS_ICR_CP/aiservice/watcher:1.0.2-pre.dev10x" + image_controller: "MAS_ICR_CP/aiservice/controller:1.0.2-pre.dev10x" + mas_aiservice_pipeline_steps_tag: 1.0.0 + mas_aiservice_connector_tag: 1.0.0 + + # model + # model_id_unique_length: "model_id_unique_length" + # model_id_prefix: "model_id_prefix" + + # Source container registry + # ----------------------------------------------------------------------------- + # mas_icr_cp: "cp.icr.io/cp" + mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + +ibm_aiservice: + mas_instance_id: "mas_instance_id" + aiservice_namespace: 'mas-{{ mas_instance_id }}-aiservice' + mas_aiservice_minio_secret: "mas_aiservice_minio_secret" + # Minio + mas_aiservice_storage_accesskey: "mas_aiservice_storage_accesskey" + mas_aiservice_storage_secretkey: "mas_aiservice_storage_secretkey" + # MariaDB + mas_aiservice_mariadb_secret: "mas_aiservice_mariadb_secret" + mas_aiservice_db_user: "mas_aiservice_db_user" + mas_aiservice_db_secret_value: "mas_aiservice_db_secret_value" + + # WatsonX + mas_aiservice_watsonx_secret: "mas_aiservice_watsonx_secret" + mas_aiservice_watsonxai_apikey: "MAS_AISERVICE_WATSONXAI_APIKEY" + mas_aiservice_watsonxai_url: "MAS_AISERVICE_WATSONXAI_URL" + mas_aiservice_watsonxai_project_id: "MAS_AISERVICE_WATSONXAI_PROJECT_ID" + + # S3 + s3_apikey: "S3_APIKEY" + mas_aiservice_storage_accesskey: "true" + mas_aiservice_storage_secretkey: "MAS_AISERVICE_STORAGE_SECRETKEY" + + mas_aiservice_storage_host: "true" + mas_aiservice_storage_port: "true" + + # SLS + mas_aiservice_sls_registration_key_secret: "sls-registration-key" + + mas_aiservice_db_host: "mas_aiservice_db_host" + mas_aiservice_db_port: "mas_aiservice_db_port" + mas_aiservice_db_secret_name: "mas_aiservice_db_secret_name" + + # Bucket names + mas_aiservice_storage_pipelines_bucket: "MAS_AISERVICE_STORAGE_PIPELINES_BUCKET" + mas_aiservice_storage_tenants_bucket: "mas_aiservice_storage_tenants_bucket" + mas_aiservice_storage_templates_bucket: "MAS_AISERVICE_STORAGE_TEMPLATES_BUCKET" + + slscfg_registration_key: "slscfg_registration_key" + + # DRO + mas_aiservice_dro_token_secret: "dro-token" + mas_aiservice_dro_cacert_secret: "dro-certificates" + + drocfg_ca: "drocfg_ca" + drocfg_registration_key: "drocfg_registration_key" + drocfg_url: "drocfg_url" + + + # JDBC + mas_aiservice_db2_jdbc_secret: "aiservice-jdbccfg" + + jdbccfg_username: "jdbccfg_username" + jdbccfg_password: "jdbccfg_password" + jdbccfg_url: "jdbccfg_url" + jdbccfg_sslenabled: "jdbccfg_sslenabled" + jdbccfg_ca: "jdbccfg_ca" + + # MAS Entitlement + #mas_entitlement_username: "cp" + mas_entitlement_username: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + mas_entitlement_key: "mas_entitlement_key" + + # Development Registry Entitlement + artifactory_username: "artifactory_username" + artifactory_token: "artifactory_token" + + # Environment Variable: + mas_app_channel: "mas_app_channel" + + # aiservice vars + mas_catalog_source: "mas_catalog_source" + + # Source container registry + # ----------------------------------------------------------------------------- + # mas_icr_cp: "cp.icr.io/cp" + # mas_icr_cpopen: "icr.io/cpopen" + mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" + mas_icr_cpopen: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local/cpopen" + + cluster_domain: cluster_domain + in_saas_env: "in_saas_env" + + mas_aiservice_s3_endpoint_url: "mas_aiservice_s3_endpoint_url" + mas_aiservice_s3_region: "mas_aiservice_s3_region" + mas_aiservice_s3_bucket_prefix: "mas_aiservice_s3_bucket_prefix" + environment_type: "environment_type" + +ibm_aiservice_tenant: + mas_instance_id: "MAS_INSTANCE_ID" + aiservice_namespace: 'mas-{{ mas_instance_id }}-aiservice' + ibm_entitlement_key: "" + + # SAAS + aiservice_saas_apikey: "AISERVICE_SAAS_APIKEY" + # in_saas_env: "true" + mas_aiservice_saas: "false" + mas_aiservice_provision_tenant: "mas_aiservice_provision_tenant" + + # Tenant + artifactory_token: "artifactory_token" + mas_aiservice_tenant_name: "user" + tenant_action: "true" + tenantNamespace: 'aiservice-{{ mas_aiservice_tenant_name }}' + + # cluster_domain: "" + mas_icr_cp: "cp.icr.io/cp" + mas_icr_cpopen: "icr.io/cpopen" + + # DRO + # mas_aiservice_dro_token_secret: "dro-token" + mas_aiservice_dro_cacert_secret: "dro-certificates" + + drocfg_ca: "drocfg_ca" + drocfg_registration_key: "drocfg_registration_key" + drocfg_url: "drocfg_url" + + #sls + slscfg_registration_key: "slscfg_registration_key" + slscfg_url: "slscfg_url" + # slscfg_clientId: "slscfg_clientId" + # slscfg_ca: "slscfg_ca" + # slscfg_tls: "slscfg_tls" + # slscfg_key: "slscfg_key" + #RSL ##review + rsl_url: "rsl_url" + rsl_org_id: "rsl_org_id" + mas_aiservice_rsl_secret: "mas_aiservice_rsl_secret" + + + # WatsonX + mas_aiservice_watsonxai_apikey: MAS_AISERVICE_WATSONXAI_APIKEY + mas_aiservice_watsonxai_url: MAS_AISERVICE_WATSONXAI_URL + mas_aiservice_watsonxai_project_id: MAS_AISERVICE_WATSONXAI_PROJECT_ID + + # SLS + #mas_aiservice_sls_registration_key_secret: "sls-registration-key" + mas_aiservice_sls_subscription_id: "001" + + # S3 + mas_aiservice_storage_provider: "aws" + mas_aiservice_storage_ssl: "true" + # following are the variable need to injected via environment variable + mas_aiservice_storage_accesskey: "mas_aiservice_storage_accesskey" + mas_aiservice_storage_secretkey: "mas_aiservice_storage_secretkey" + mas_aiservice_storage_host: "mas_aiservice_storage_host" + mas_aiservice_storage_port: "mas_aiservice_storage_port" + mas_aiservice_storage_region: "mas_aiservice_storage_region" + + # mas_aiservice_storage_pipelines_bucket: "aiserviceuser-training-bucket" + mas_aiservice_s3_endpoint_url: "MAS_AISERVICE_TENANT_S3_ENDPOINT_URL" + mas_aiservice_s3_region: "MAS_AISERVICE_TENANT_S3_REGION" + mas_aiservice_s3_bucket_prefix: "MAS_AISERVICE_TENANT_S3_BUCKET_PREFIX" + + tenant_entitlement_type: "MAS_AISERVICE_TENANT_ENTITLEMENT_TYPE" + tenant_entitlement_start_date: "MAS_AISERVICE_TENANT_ENTITLEMENT_START_DATE" + tenant_entitlement_end_date: "MAS_AISERVICE_TENANT_ENTITLEMENT_END_DATE" diff --git a/root-applications/ibm-mas-cluster-root/templates/099-aibroker-instance-appset.yaml b/root-applications/ibm-mas-cluster-root/templates/099-aiservice-instance-appset.yaml similarity index 94% rename from root-applications/ibm-mas-cluster-root/templates/099-aibroker-instance-appset.yaml rename to root-applications/ibm-mas-cluster-root/templates/099-aiservice-instance-appset.yaml index 5f7d15547..f8f2cd4ef 100644 --- a/root-applications/ibm-mas-cluster-root/templates/099-aibroker-instance-appset.yaml +++ b/root-applications/ibm-mas-cluster-root/templates/099-aiservice-instance-appset.yaml @@ -1,10 +1,10 @@ --- -# IBM AiBroker Instance Application Set +# IBM AiService Instance Application Set apiVersion: argoproj.io/v1alpha1 kind: ApplicationSet metadata: - name: aibroker-instance-appset.{{ .Values.cluster.id }} + name: aiservice-instance-appset.{{ .Values.cluster.id }} namespace: {{ .Values.argo.namespace }} labels: environment: '{{ .Values.account.id }}' @@ -28,7 +28,7 @@ spec: repoURL: "{{ .Values.generator.repo_url }}" revision: "{{ .Values.generator.revision }}" files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-aibroker-instance-base.yaml" + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-aiservice-instance-base.yaml" - git: repoURL: "{{ .Values.generator.repo_url }}" revision: "{{ .Values.generator.revision }}" @@ -38,7 +38,7 @@ spec: repoURL: "{{ .Values.generator.repo_url }}" revision: "{{ .Values.generator.revision }}" files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-aibroker.yaml" + - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-aiservice.yaml" - git: repoURL: "{{ .Values.generator.repo_url }}" revision: "{{ .Values.generator.revision }}" @@ -48,7 +48,7 @@ spec: applicationsSync: "{{- if .Values.auto_delete }}sync{{- else }}create-update{{- end }}" template: metadata: - name: "aibroker-instance.{{ .Values.cluster.id }}.{{ `{{.instance.id}}` }}" + name: "aiservice-instance.{{ .Values.cluster.id }}.{{ `{{.instance.id}}` }}" labels: environment: '{{ .Values.account.id }}' # region: '{{ .Values.region.id }}' @@ -69,7 +69,7 @@ spec: source: repoURL: "{{ .Values.source.repo_url }}" targetRevision: "{{ .Values.source.revision }}" - path: root-applications/ibm-aibroker-instance-root + path: root-applications/ibm-aiservice-instance-root helm: releaseName: instanceappset values: "{{ `{{ toYaml . }}` }}" From 5b41a7dbe771aab9209a20b1fe0f99404878ab20 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 29 Aug 2025 17:08:21 +0530 Subject: [PATCH 04/92] Odh changes MASSREMAT-208 --- .../01-odh-pipeline-operator-subcription.yaml | 16 ------- ...ml => 01-odh-serverless-subscription.yaml} | 0 ...ml => 02-odh-servicemesh-operator-sa.yaml} | 0 ...or.yaml => 03-odh-authorino-operator.yaml} | 0 ...ator-job.yaml => 04-odh-operator-job.yaml} | 0 ....yaml => 04-odh-operator-subcription.yaml} | 2 +- ...h-namespace.yaml => 05-odh-namespace.yaml} | 0 ...odh-dsc-init.yaml => 06-odh-dsc-init.yaml} | 4 ++ ....yaml => 07-odh-data-science-cluster.yaml} | 11 ++++- .../templates/07-odh-external-secret-db.yaml | 11 ----- .../templates/08-odh-istio-auth.yaml | 47 +++++++++++++++++++ .../templates/09-odh-networkpolicy.yaml | 19 ++++++++ .../templates/030-ibm-odh-app.yaml | 1 + 13 files changed, 81 insertions(+), 30 deletions(-) delete mode 100644 instance-applications/112-ibm-odh/templates/01-odh-pipeline-operator-subcription.yaml rename instance-applications/112-ibm-odh/templates/{02-odh-serverless-subscription.yaml => 01-odh-serverless-subscription.yaml} (100%) rename instance-applications/112-ibm-odh/templates/{03-odh-servicemesh-operator-sa.yaml => 02-odh-servicemesh-operator-sa.yaml} (100%) rename instance-applications/112-ibm-odh/templates/{04-odh-authorino-operator.yaml => 03-odh-authorino-operator.yaml} (100%) rename instance-applications/112-ibm-odh/templates/{05-odh-operator-job.yaml => 04-odh-operator-job.yaml} (100%) rename instance-applications/112-ibm-odh/templates/{05-odh-operator-subcription.yaml => 04-odh-operator-subcription.yaml} (93%) rename instance-applications/112-ibm-odh/templates/{06-odh-namespace.yaml => 05-odh-namespace.yaml} (100%) rename instance-applications/112-ibm-odh/templates/{08-odh-dsc-init.yaml => 06-odh-dsc-init.yaml} (89%) rename instance-applications/112-ibm-odh/templates/{09-odh-data-science-cluster.yaml => 07-odh-data-science-cluster.yaml} (72%) delete mode 100644 instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml create mode 100644 instance-applications/112-ibm-odh/templates/08-odh-istio-auth.yaml create mode 100644 instance-applications/112-ibm-odh/templates/09-odh-networkpolicy.yaml diff --git a/instance-applications/112-ibm-odh/templates/01-odh-pipeline-operator-subcription.yaml b/instance-applications/112-ibm-odh/templates/01-odh-pipeline-operator-subcription.yaml deleted file mode 100644 index d197c17cc..000000000 --- a/instance-applications/112-ibm-odh/templates/01-odh-pipeline-operator-subcription.yaml +++ /dev/null @@ -1,16 +0,0 @@ ---- - -apiVersion: operators.coreos.com/v1alpha1 -kind: Subscription -metadata: - name: {{ .Values.odh_pipeline_name }} - namespace: {{ .Values.odh_pipeline_namespace}} - annotations: - argocd.argoproj.io/sync-wave: "116" -spec: - channel: {{ .Values.odh_pipeline_channel }} - installPlanApproval: {{ .Values.odh_pipeline_installplan }} - name: {{ .Values.odh_pipeline_operatorName }} - source: {{ .Values.odh_pipeline_source }} - sourceNamespace: {{ .Values.odh_pipeline_sourceNamespace }} - diff --git a/instance-applications/112-ibm-odh/templates/02-odh-serverless-subscription.yaml b/instance-applications/112-ibm-odh/templates/01-odh-serverless-subscription.yaml similarity index 100% rename from instance-applications/112-ibm-odh/templates/02-odh-serverless-subscription.yaml rename to instance-applications/112-ibm-odh/templates/01-odh-serverless-subscription.yaml diff --git a/instance-applications/112-ibm-odh/templates/03-odh-servicemesh-operator-sa.yaml b/instance-applications/112-ibm-odh/templates/02-odh-servicemesh-operator-sa.yaml similarity index 100% rename from instance-applications/112-ibm-odh/templates/03-odh-servicemesh-operator-sa.yaml rename to instance-applications/112-ibm-odh/templates/02-odh-servicemesh-operator-sa.yaml diff --git a/instance-applications/112-ibm-odh/templates/04-odh-authorino-operator.yaml b/instance-applications/112-ibm-odh/templates/03-odh-authorino-operator.yaml similarity index 100% rename from instance-applications/112-ibm-odh/templates/04-odh-authorino-operator.yaml rename to instance-applications/112-ibm-odh/templates/03-odh-authorino-operator.yaml diff --git a/instance-applications/112-ibm-odh/templates/05-odh-operator-job.yaml b/instance-applications/112-ibm-odh/templates/04-odh-operator-job.yaml similarity index 100% rename from instance-applications/112-ibm-odh/templates/05-odh-operator-job.yaml rename to instance-applications/112-ibm-odh/templates/04-odh-operator-job.yaml diff --git a/instance-applications/112-ibm-odh/templates/05-odh-operator-subcription.yaml b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml similarity index 93% rename from instance-applications/112-ibm-odh/templates/05-odh-operator-subcription.yaml rename to instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml index 1494b2672..572bce221 100644 --- a/instance-applications/112-ibm-odh/templates/05-odh-operator-subcription.yaml +++ b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml @@ -18,6 +18,6 @@ spec: channel: {{ .Values.opendatahub_channel}} installPlanApproval: {{ .Values.opendatahub_installPlanApproval}} name: {{ .Values.opendatahub_name}} - source: {{ .Values.opendatahub_source}} + catalog_source: {{ .Values.opendatahub_source}} sourceNamespace: {{ .Values.opendatahub__sourceNamespace}} startingCSV: {{ .Values.odh_operator_version }} \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/06-odh-namespace.yaml b/instance-applications/112-ibm-odh/templates/05-odh-namespace.yaml similarity index 100% rename from instance-applications/112-ibm-odh/templates/06-odh-namespace.yaml rename to instance-applications/112-ibm-odh/templates/05-odh-namespace.yaml diff --git a/instance-applications/112-ibm-odh/templates/08-odh-dsc-init.yaml b/instance-applications/112-ibm-odh/templates/06-odh-dsc-init.yaml similarity index 89% rename from instance-applications/112-ibm-odh/templates/08-odh-dsc-init.yaml rename to instance-applications/112-ibm-odh/templates/06-odh-dsc-init.yaml index 2d748dbdc..cf24843f0 100644 --- a/instance-applications/112-ibm-odh/templates/08-odh-dsc-init.yaml +++ b/instance-applications/112-ibm-odh/templates/06-odh-dsc-init.yaml @@ -27,7 +27,11 @@ spec: metricsCollection: Istio name: data-science-smcp namespace: istio-system +{{- if eq .Values.aiserviceOdhModelDeploymentType "raw" }} + managementState: Removed +{{- else }} managementState: Managed +{{- end }} trustedCABundle: customCABundle: '' managementState: Managed \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/09-odh-data-science-cluster.yaml b/instance-applications/112-ibm-odh/templates/07-odh-data-science-cluster.yaml similarity index 72% rename from instance-applications/112-ibm-odh/templates/09-odh-data-science-cluster.yaml rename to instance-applications/112-ibm-odh/templates/07-odh-data-science-cluster.yaml index f78f04c59..92bb933de 100644 --- a/instance-applications/112-ibm-odh/templates/09-odh-data-science-cluster.yaml +++ b/instance-applications/112-ibm-odh/templates/07-odh-data-science-cluster.yaml @@ -15,12 +15,19 @@ metadata: spec: components: datasciencepipelines: - managementState: Managed + managementState: Removed kserve: managementState: Managed serving: + name: knative-serving ingressGateway: certificate: type: SelfSigned +{{- if eq .Values.aiserviceOdhModelDeploymentType "raw" }} + managementState: Removed + defaultDeploymentMode: RawDeployment +{{- else }} + managementState: Managed +{{- end }} managementState: Managed - name: knative-serving \ No newline at end of file + \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml b/instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml deleted file mode 100644 index 1e854f0d3..000000000 --- a/instance-applications/112-ibm-odh/templates/07-odh-external-secret-db.yaml +++ /dev/null @@ -1,11 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -metadata: - name: "{{ .Values.mas_aiservice_db_secret_name }}" - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "129" -type: Opaque -stringData: - password: "{{ .Values.mas_aiservice_db_secret_value }}" diff --git a/instance-applications/112-ibm-odh/templates/08-odh-istio-auth.yaml b/instance-applications/112-ibm-odh/templates/08-odh-istio-auth.yaml new file mode 100644 index 000000000..9e910b0ab --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/08-odh-istio-auth.yaml @@ -0,0 +1,47 @@ +--- +apiVersion: security.istio.io/v1beta1 +kind: PeerAuthentication +metadata: + name: default + namespace: opendatahub + annotations: + argocd.argoproj.io/sync-wave: "132" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + mtls: + mode: PERMISSIVE +--- +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: ds-pipeline-instance + namespace: opendatahub + annotations: + argocd.argoproj.io/sync-wave: "133" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + host: ds-pipeline-instance.opendatahub.svc.cluster.local + trafficPolicy: + portLevelSettings: + - port: + number: 8888 + tls: + mode: ISTIO_MUTUAL +--- +apiVersion: networking.istio.io/v1beta1 +kind: DestinationRule +metadata: + name: minio-instance + namespace: opendatahub + annotations: + argocd.argoproj.io/sync-wave: "134" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true +spec: + host: minio-instance.opendatahub.svc.cluster.local + trafficPolicy: + portLevelSettings: + - port: + number: 9000 + tls: + mode: ISTIO_MUTUAL + \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/09-odh-networkpolicy.yaml b/instance-applications/112-ibm-odh/templates/09-odh-networkpolicy.yaml new file mode 100644 index 000000000..e9ab0123c --- /dev/null +++ b/instance-applications/112-ibm-odh/templates/09-odh-networkpolicy.yaml @@ -0,0 +1,19 @@ +--- +apiVersion: networking.k8s.io/v1 +kind: NetworkPolicy +metadata: + annotations: + argocd.argoproj.io/sync-wave: "135" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + name: allow-odh-model-controller + namespace: opendatahub +spec: + podSelector: + matchLabels: + control-plane: odh-model-controller + ingress: + - from: + - namespaceSelector: {} + policyTypes: + - Ingress + \ No newline at end of file diff --git a/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml index 1b83c4b89..f2916c2a1 100644 --- a/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml @@ -81,6 +81,7 @@ spec: mas_aiservice_db_secret_value: "{{ .Values.ibm_odh.mas_aiservice_db_secret_value }}" mas_aiservice_storage_pipelines_bucket: "{{ .Values.ibm_odh.mas_aiservice_storage_pipelines_bucket }}" primary_storage_class: "{{ .Values.ibm_odh.primary_storage_class }}" + aiserviceOdhModelDeploymentType: "{{ .Values.aiserviceOdhModelDeploymentType }}" {{- if .Values.custom_labels }} custom_labels: {{ .Values.custom_labels | toYaml | nindent 14 }} {{- end }} From a839b9f1674fce050d25b39615b1151d2ff9ebce Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 1 Sep 2025 16:23:58 +0530 Subject: [PATCH 05/92] Update 04-odh-operator-subcription.yaml --- .../112-ibm-odh/templates/04-odh-operator-subcription.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml index 572bce221..a9c4671f7 100644 --- a/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml +++ b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml @@ -19,5 +19,5 @@ spec: installPlanApproval: {{ .Values.opendatahub_installPlanApproval}} name: {{ .Values.opendatahub_name}} catalog_source: {{ .Values.opendatahub_source}} - sourceNamespace: {{ .Values.opendatahub__sourceNamespace}} + sourceNamespace: {{ .Values.opendatahub_sourceNamespace}} startingCSV: {{ .Values.odh_operator_version }} \ No newline at end of file From 2250a7b94a74ab51ce1941ec237df3e6a01ac065 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 3 Sep 2025 11:18:22 +0530 Subject: [PATCH 06/92] update odh --- .../112-ibm-odh/templates/06-odh-dsc-init.yaml | 2 +- .../112-ibm-odh/templates/07-odh-data-science-cluster.yaml | 2 +- .../templates/01-aiservice-storage-secret.yaml | 6 +++--- .../templates/030-ibm-odh-app.yaml | 2 +- .../templates/040-ibm-aiservice-app.yaml | 6 +++--- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/instance-applications/112-ibm-odh/templates/06-odh-dsc-init.yaml b/instance-applications/112-ibm-odh/templates/06-odh-dsc-init.yaml index cf24843f0..163384b2d 100644 --- a/instance-applications/112-ibm-odh/templates/06-odh-dsc-init.yaml +++ b/instance-applications/112-ibm-odh/templates/06-odh-dsc-init.yaml @@ -27,7 +27,7 @@ spec: metricsCollection: Istio name: data-science-smcp namespace: istio-system -{{- if eq .Values.aiserviceOdhModelDeploymentType "raw" }} +{{- if eq .Values.aiservice_odh_model_deployment_type "raw" }} managementState: Removed {{- else }} managementState: Managed diff --git a/instance-applications/112-ibm-odh/templates/07-odh-data-science-cluster.yaml b/instance-applications/112-ibm-odh/templates/07-odh-data-science-cluster.yaml index 92bb933de..e5527213f 100644 --- a/instance-applications/112-ibm-odh/templates/07-odh-data-science-cluster.yaml +++ b/instance-applications/112-ibm-odh/templates/07-odh-data-science-cluster.yaml @@ -23,7 +23,7 @@ spec: ingressGateway: certificate: type: SelfSigned -{{- if eq .Values.aiserviceOdhModelDeploymentType "raw" }} +{{- if eq .Values.aiservice_odh_model_deployment_type "raw" }} managementState: Removed defaultDeploymentMode: RawDeployment {{- else }} diff --git a/instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml b/instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml index a92c023e3..82c363de1 100644 --- a/instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml +++ b/instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml @@ -2,11 +2,11 @@ apiVersion: v1 kind: Secret metadata: - name: "{{ .Values.mas_aiservice_storage_secret }}" + name: "{{ .Values.mas_aiservice_storage_secret aiservice_s3_secret }}" namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "140" stringData: - username: "{{ .Values.mas_aiservice_storage_accesskey }}" - password: "{{ .Values.mas_aiservice_storage_secretkey }}" + username: "{{ .Values.aiservice_s3_accesskey}}" + password: "{{ .Values.aiservice_s3_secretkey}}" type: Opaque \ No newline at end of file diff --git a/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml index f2916c2a1..3f698f5d0 100644 --- a/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml @@ -81,7 +81,7 @@ spec: mas_aiservice_db_secret_value: "{{ .Values.ibm_odh.mas_aiservice_db_secret_value }}" mas_aiservice_storage_pipelines_bucket: "{{ .Values.ibm_odh.mas_aiservice_storage_pipelines_bucket }}" primary_storage_class: "{{ .Values.ibm_odh.primary_storage_class }}" - aiserviceOdhModelDeploymentType: "{{ .Values.aiserviceOdhModelDeploymentType }}" + aiservice_odh_model_deployment_type: "{{ .Values.aiservice_odh_model_deployment_type }}" {{- if .Values.custom_labels }} custom_labels: {{ .Values.custom_labels | toYaml | nindent 14 }} {{- end }} diff --git a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml index 3b24ac604..62a3b7ca7 100644 --- a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml @@ -37,7 +37,7 @@ spec: aiservice_namespace: "{{ .Values.ibm_aiservice.aiservice_namespace }}" aiservice_instance_id: "{{ .Values.ibm_aiservice.aiservice_instance_id }}" - mas_aiservice_storage_secret: "{{ .Values.ibm_aiservice.mas_aiservice_storage_secret }}" + aiservice_s3_secret: "{{ .Values.ibm_aiservice.aiservice_s3_secret }}" mas_aiservice_mariadb_secret: "{{ .Values.ibm_aiservice.mas_aiservice_mariadb_secret }}" mas_aiservice_db_user: "{{ .Values.ibm_aiservice.mas_aiservice_db_user }}" mas_aiservice_db_secret_value: "{{ .Values.ibm_aiservice.mas_aiservice_db_secret_value }}" @@ -48,8 +48,8 @@ spec: mas_aiservice_watsonxai_project_id: "{{ .Values.ibm_aiservice.mas_aiservice_watsonxai_project_id }}" s3_apikey: "{{ .Values.ibm_aiservice.s3_apikey }}" - mas_aiservice_storage_accesskey: "{{ .Values.ibm_aiservice.mas_aiservice_storage_accesskey }}" - mas_aiservice_storage_secretkey: "{{ .Values.ibm_aiservice.mas_aiservice_storage_secretkey }}" + aiservice_s3_accesskey: "{{ .Values.ibm_aiservice.aiservice_s3_accesskey }}" + aiservice_s3_secretkey: "{{ .Values.ibm_aiservice.aiservice_s3_secretkey }}" mas_aiservice_storage_host: "{{ .Values.ibm_aiservice.mas_aiservice_storage_host }}" mas_aiservice_storage_port: "{{ .Values.ibm_aiservice.mas_aiservice_storage_port }}" From ab68b0f1fe80ea10468c4c68a77b60e29ac39f38 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 4 Sep 2025 15:24:48 +0530 Subject: [PATCH 07/92] MASSREMAT-209 Aibroker and ODH --- .../01-odh-serverless-subscription.yaml | 3 +- .../templates/04-odh-operator-job.yaml | 148 ------------------ .../04-odh-operator-subcription.yaml | 3 + .../templates/08-odh-istio-auth.yaml | 17 -- ...ecret.yaml => 01-aiservice-s3-secret.yaml} | 2 +- ...cret.yaml => 02-aiservice-sls-secret.yaml} | 9 +- ...service-dro.yaml => 03-aiservice-dro.yaml} | 12 +- ...rvice-jdbc.yaml => 04-aiservice-jdbc.yaml} | 6 +- ...> 05-aiservice-operator-subscription.yaml} | 16 +- .../templates/06-aiservice-km-s3-secret.yaml | 30 ++++ .../templates/07-aiservice-app.yaml | 44 ++++++ .../templates/09-aiservice-app.yaml | 47 ------ .../templates/02-kmodel-secret.yaml | 10 +- .../templates/040-ibm-aiservice-app.yaml | 65 ++++---- 14 files changed, 139 insertions(+), 273 deletions(-) delete mode 100644 instance-applications/112-ibm-odh/templates/04-odh-operator-job.yaml rename instance-applications/113-ibm-aiservice/templates/{01-aiservice-storage-secret.yaml => 01-aiservice-s3-secret.yaml} (78%) rename instance-applications/113-ibm-aiservice/templates/{02-aiservice-mariadb-secret.yaml => 02-aiservice-sls-secret.yaml} (51%) rename instance-applications/113-ibm-aiservice/templates/{06-aiservice-dro.yaml => 03-aiservice-dro.yaml} (69%) rename instance-applications/113-ibm-aiservice/templates/{07-aiservice-jdbc.yaml => 04-aiservice-jdbc.yaml} (77%) rename instance-applications/113-ibm-aiservice/templates/{08-aiservice-operator-subscription.yaml => 05-aiservice-operator-subscription.yaml} (69%) create mode 100644 instance-applications/113-ibm-aiservice/templates/06-aiservice-km-s3-secret.yaml create mode 100644 instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml delete mode 100644 instance-applications/113-ibm-aiservice/templates/09-aiservice-app.yaml diff --git a/instance-applications/112-ibm-odh/templates/01-odh-serverless-subscription.yaml b/instance-applications/112-ibm-odh/templates/01-odh-serverless-subscription.yaml index 5bbb2f4c3..fabbdccf7 100644 --- a/instance-applications/112-ibm-odh/templates/01-odh-serverless-subscription.yaml +++ b/instance-applications/112-ibm-odh/templates/01-odh-serverless-subscription.yaml @@ -1,5 +1,4 @@ --- - apiVersion: v1 kind: Namespace metadata: @@ -8,7 +7,6 @@ metadata: argocd.argoproj.io/sync-wave: "117" --- - apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: @@ -16,6 +14,7 @@ metadata: namespace: {{ .Values.serverless_namespace}} annotations: argocd.argoproj.io/sync-wave: "117" + --- apiVersion: operators.coreos.com/v1alpha1 kind: Subscription diff --git a/instance-applications/112-ibm-odh/templates/04-odh-operator-job.yaml b/instance-applications/112-ibm-odh/templates/04-odh-operator-job.yaml deleted file mode 100644 index 027d7deb8..000000000 --- a/instance-applications/112-ibm-odh/templates/04-odh-operator-job.yaml +++ /dev/null @@ -1,148 +0,0 @@ -{{- $_job_name_prefix := "installplanpatch" }} - -{{- /* -Use the build/bin/set-cli-image-digest.sh script to update this value across all charts. -Included in $_job_hash (see below). -*/}} -{{- $_cli_image_digest := "sha256:aa3972d1777c01a86ab21a47854f1f5fbffc09452adfb0c734e245b3d46e6ffb" }} - -{{- /* -A dict of values that influence the behaviour of the job in some way. -Any changes to values in this dict will trigger a rerun of the job. -Since jobs must be idemopotent, it's generally safe to pass in values here that are not -strictly necessary (i.e. including some values that don't actually influence job behaviour). -We may want to refine this further though for jobs that can take a long time to complete. -Included in $_job_hash (see below). -*/}} -{{- $_job_config_values := omit .Values "junitreporter" }} - -{{- /* -Increment this value whenever you make a change to an immutable field of the Job resource. -E.g. passing in a new environment variable. -Included in $_job_hash (see below). -*/}} -{{- $_job_version := "v3" }} - -{{- /* -10 char hash appended to the job name taking into account $_job_config_values, $_job_version and $_cli_image_digest -This is to ensure ArgoCD will create a new job resource intead of attempting (and failing) to update an -immutable field of any existing Job resource. -*/}} -{{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image_digest $_job_version | adler32sum }} - -{{- $_job_name := join "-" (list $_job_name_prefix $_job_hash )}} - - -{{- /* -Set as the value for the mas.ibm.com/job-cleanup-group label on the Job resource. - -When the auto_delete flag is not set on the root application, a CronJob in the cluster uses this label -to identify old Job resources that should be pruned on behalf of ArgoCD. - -Any Job resources in the same namespace that have the mas.ibm.com/job-cleanup-group with this value -will be considered to belong to the same cleanup group. All but the most recent (i.e. with the latest "creation_timestamp") -Jobs will be automatically deleted. - -$_job_cleanup_group can usually just be based on $_job_name_prefix. There are some special cases -where multiple Jobs are created in our templates using a Helm loop. In those cases, additional descriminators -must be added to $_job_cleanup_group. - -By convention, we sha1sum this value to guarantee we never exceed the 63 char limit regardless of which discriminators -are required here. - -*/}} -{{- $_job_cleanup_group := cat $_job_name_prefix | sha1sum }} - ---- -apiVersion: v1 -kind: Namespace -metadata: - name: {{ .Values.odh_namespace }} - annotations: - argocd.argoproj.io/sync-wave: "122" ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: installplan-approver - namespace: {{ .Values.odh_namespace }} - annotations: - argocd.argoproj.io/sync-wave: "123" ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: installplan-approver - namespace: {{ .Values.odh_namespace }} - annotations: - argocd.argoproj.io/sync-wave: "124" -rules: - - apiGroups: ["operators.coreos.com"] - resources: ["installplans"] - verbs: ["get", "list", "patch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: installplan-approver - namespace: {{ .Values.odh_namespace }} - annotations: - argocd.argoproj.io/sync-wave: "125" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: installplan-approver -subjects: - - kind: ServiceAccount - name: installplan-approver - namespace: {{ .Values.odh_namespace }} ---- -apiVersion: batch/v1 -kind: Job -metadata: - name: {{ $_job_name }}-{{ .Values.odh_operator_version }} - namespace: {{ .Values.odh_namespace }} - annotations: - argocd.argoproj.io/sync-wave: "127" - labels: - mas.ibm.com/job-cleanup-group: {{ $_job_cleanup_group }} -spec: - template: - spec: - serviceAccountName: installplan-approver - containers: - - name: installplanjob - image: quay.io/ibmmas/cli@{{ $_cli_image_digest }} - imagePullPolicy: IfNotPresent - resources: - limits: - cpu: 200m - memory: 512Mi - requests: - cpu: 10m - memory: 64Mi - env: - - name: ODH_NAMESPACE - value: "{{ .Values.odh_namespace }}" - - name: ODH_VERSION - value: "{{ .Values.odh_operator_version }}" - command: - - /bin/sh - - -c - - | - echo "Waiting for InstallPlans to be created..." - sleep 60 - - for i in $(seq 1 20); do - IP=$(oc get installplan -n "${ODH_NAMESPACE}" -o json \ - | jq -r --arg ODH_VERSION "$ODH_VERSION" '.items[] | select(.spec.clusterServiceVersionNames[] == $ODH_VERSION) | .metadata.name') - - if [ "$IP" ]; then - echo "Approving InstallPlan for ODH: $IP" - oc patch installplan $IP -n ${ODH_NAMESPACE} --type merge --patch '{"spec":{"approved":true}}' - break - fi - echo "InstallPlan not found. Retry $i..." - sleep 15 - done - restartPolicy: OnFailure \ No newline at end of file diff --git a/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml index a9c4671f7..cd5d7f2ec 100644 --- a/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml +++ b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml @@ -6,6 +6,9 @@ metadata: namespace: {{ .Values.opendatahub_namespace}} annotations: argocd.argoproj.io/sync-wave: "126" +spec: + targetNamespaces: [] + --- apiVersion: operators.coreos.com/v1alpha1 kind: Subscription diff --git a/instance-applications/112-ibm-odh/templates/08-odh-istio-auth.yaml b/instance-applications/112-ibm-odh/templates/08-odh-istio-auth.yaml index 9e910b0ab..dad6e8959 100644 --- a/instance-applications/112-ibm-odh/templates/08-odh-istio-auth.yaml +++ b/instance-applications/112-ibm-odh/templates/08-odh-istio-auth.yaml @@ -27,21 +27,4 @@ spec: number: 8888 tls: mode: ISTIO_MUTUAL ---- -apiVersion: networking.istio.io/v1beta1 -kind: DestinationRule -metadata: - name: minio-instance - namespace: opendatahub - annotations: - argocd.argoproj.io/sync-wave: "134" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true -spec: - host: minio-instance.opendatahub.svc.cluster.local - trafficPolicy: - portLevelSettings: - - port: - number: 9000 - tls: - mode: ISTIO_MUTUAL \ No newline at end of file diff --git a/instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml b/instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml similarity index 78% rename from instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml rename to instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml index 82c363de1..61323df7e 100644 --- a/instance-applications/113-ibm-aiservice/templates/01-aiservice-storage-secret.yaml +++ b/instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: "{{ .Values.mas_aiservice_storage_secret aiservice_s3_secret }}" + name: "{{ .Values.aiservice_s3_secret }}" namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "140" diff --git a/instance-applications/113-ibm-aiservice/templates/02-aiservice-mariadb-secret.yaml b/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml similarity index 51% rename from instance-applications/113-ibm-aiservice/templates/02-aiservice-mariadb-secret.yaml rename to instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml index 95b282161..1f6f3c210 100644 --- a/instance-applications/113-ibm-aiservice/templates/02-aiservice-mariadb-secret.yaml +++ b/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml @@ -1,12 +1,11 @@ --- -kind: Secret apiVersion: v1 +kind: Secret metadata: - name: "{{ .Values.mas_aiservice_mariadb_secret }}" + name: "{{ .Values.aiservice_sls_registration_key_secret }}" namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "141" -stringData: - username: "{{ .Values.mas_aiservice_db_user }}" - password: "{{ .Values.mas_aiservice_db_secret_value }}" type: Opaque +stringData: + SLS_REGISTRATION_KEY: "{{ .Values.slscfg_registration_key }}" \ No newline at end of file diff --git a/instance-applications/113-ibm-aiservice/templates/06-aiservice-dro.yaml b/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml similarity index 69% rename from instance-applications/113-ibm-aiservice/templates/06-aiservice-dro.yaml rename to instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml index c278994ce..32961514c 100644 --- a/instance-applications/113-ibm-aiservice/templates/06-aiservice-dro.yaml +++ b/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml @@ -2,10 +2,10 @@ kind: Secret apiVersion: v1 metadata: - name: "{{ .Values.mas_aiservice_dro_token_secret }}" + name: "{{ .Values.aiservice_dro_token_secret }}" namespace: "{{ .Values.aiservice_namespace }}" annotations: - argocd.argoproj.io/sync-wave: "143" + argocd.argoproj.io/sync-wave: "142" stringData: DRO_TOKEN: "{{ .Values.drocfg_registration_key }}" type: Opaque @@ -14,12 +14,10 @@ type: Opaque kind: Secret apiVersion: v1 metadata: - name: "{{ .Values.mas_aiservice_dro_cacert_secret }}" + name: "{{ .Values.aiservice_dro_cacert_secret }}" namespace: "{{ .Values.aiservice_namespace }}" annotations: - argocd.argoproj.io/sync-wave: "144" + argocd.argoproj.io/sync-wave: "143" stringData: ca.crt: "{{ .Values.drocfg_ca }}" -type: Opaque - - +type: Opaque \ No newline at end of file diff --git a/instance-applications/113-ibm-aiservice/templates/07-aiservice-jdbc.yaml b/instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml similarity index 77% rename from instance-applications/113-ibm-aiservice/templates/07-aiservice-jdbc.yaml rename to instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml index bf7970a99..a589b078f 100644 --- a/instance-applications/113-ibm-aiservice/templates/07-aiservice-jdbc.yaml +++ b/instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml @@ -2,14 +2,14 @@ kind: Secret apiVersion: v1 metadata: - name: "aiservice-jdbccfg" + name: "{{ .Values.aiservice_jdbc_secret }}" namespace: "{{ .Values.aiservice_namespace }}" annotations: - argocd.argoproj.io/sync-wave: "145" + argocd.argoproj.io/sync-wave: "144" stringData: username: "{{ .Values.jdbccfg_username }}" password: "{{ .Values.jdbccfg_password }}" url: "{{ .Values.jdbccfg_url }}" sslenabled: "{{ .Values.jdbccfg_sslenabled }}" certificate: "{{ .Values.jdbccfg_ca }}" -type: Opaque \ No newline at end of file +type: Opaque diff --git a/instance-applications/113-ibm-aiservice/templates/08-aiservice-operator-subscription.yaml b/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml similarity index 69% rename from instance-applications/113-ibm-aiservice/templates/08-aiservice-operator-subscription.yaml rename to instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml index 12f1a181d..272d7496d 100644 --- a/instance-applications/113-ibm-aiservice/templates/08-aiservice-operator-subscription.yaml +++ b/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml @@ -6,9 +6,13 @@ metadata: namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "146" -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: "{{ .Values.artifactory_token}}" +type: Opaque +stringData: + ICR_USERNAME: "{{ .Values.mas_entitlement_username }}" + ICR_PASSWORD: "{{ .Values.mas_entitlement_key }}" + ARTIFACTORY_USERNAME: "{{ .Values.artifactory_username }}" + ARTIFACTORY_PASSWORD: "{{ .Values.artifactory_token }}" + --- apiVersion: operators.coreos.com/v1 @@ -17,7 +21,7 @@ metadata: name: "{{ .Values.aiservice_namespace }}" namespace: "{{ .Values.aiservice_namespace }}" annotations: - argocd.argoproj.io/sync-wave: "147" + argocd.argoproj.io/sync-wave: "145" argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true spec: targetNamespaces: @@ -30,10 +34,10 @@ metadata: name: ibm-aiservice namespace: "{{ .Values.aiservice_namespace }}" annotations: - argocd.argoproj.io/sync-wave: "148" + argocd.argoproj.io/sync-wave: "146" argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true spec: - channel: "{{ .Values.mas_app_channel }}" + channel: "{{ .Values.aiservice_channel }}" installPlanApproval: Automatic name: ibm-aiservice source: "{{ .Values.mas_catalog_source }}" diff --git a/instance-applications/113-ibm-aiservice/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/113-ibm-aiservice/templates/06-aiservice-km-s3-secret.yaml new file mode 100644 index 000000000..460d63d7b --- /dev/null +++ b/instance-applications/113-ibm-aiservice/templates/06-aiservice-km-s3-secret.yaml @@ -0,0 +1,30 @@ +--- +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: km-s3-secret + namespace: "{{ .Values.aiservice_namespace }}" + annotations: + argocd.argoproj.io/sync-wave: "147" + serving.kserve.io/s3-endpoint: "{{ .Values.aiservice_s3_host }}:{{ .Values.aiservice_s3_port }}" + {{- if eq .Values.aiservice_s3_ssl "false" }} + serving.kserve.io/s3-usehttps: "0" + {{- else }} + serving.kserve.io/s3-usehttps: "1" + {{- end }} + serving.kserve.io/s3-region: "{{ .Values.aiservice_s3_region }}" +stringData: + AWS_ACCESS_KEY_ID: "{{ .Values.aiservice_s3_accesskey}}" + AWS_SECRET_ACCESS_KEY: "{{ .Values.aiservice_s3_secretkey}}" + S3_ACCESS_KEY: "{{ .Values.aiservice_s3_accesskey}}" + S3_SECRET_KEY: "{{ .Values.aiservice_s3_secretkey}}" + S3_HOST: "{{ .Values.aiservice_s3_host}}" + {{- if .Values.aiservice_s3_port }} + S3_PORT: "{{ .Values.aiservice_s3_port }}" + {{- else }} + S3_PORT: "" + {{- end }} + S3_REGION: "{{ .Values.aiservice_s3_region}}" + S3_SSL: "{{ .Values.aiservice_s3_ssl}}" + diff --git a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml new file mode 100644 index 000000000..c19cdfed8 --- /dev/null +++ b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml @@ -0,0 +1,44 @@ +--- +apiVersion: aiservice.ibm.com/v1 +kind: AIServiceApp +metadata: + name: "{{ .Values.aiservice_instance_id }}" + namespace: "{{ .Values.aiservice_namespace }}" + labels: + aiservice.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" + app.kubernetes.io/instance: "{{ .Values.aiservice_instance_id }}" + annotations: + argocd.argoproj.io/sync-wave: "148" + argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true + ansible.sdk.operatorframework.io/verbosity: "{{ .Values.aiservice_operator_log_level }}" +spec: + settings: + icr: + cp: "{{ .Values.mas_icr_cp }}" + cpopen: "{{ .Values.mas_icr_cpopen }}" + dro: + url: "{{ .Values.drocfg_url }}" + secretName: "{{ .Values.aiservice_dro_token_secret }}" + ca: "{{ .Values.drocfg_ca_tenant }}" + jdbc: + url: "{{ .Values.jdbccfg_url }}" + secretName: "{{ .Values.aiservice_jdbc_secret }}" + ca: "{{ .Values.jdbccfg_ca }}" + useAwsDb2: "{{ .Values.use_aws_db2 }}" + + storageClassName: "{{ .Values.aiservice_storage_class }}" + domain: "{{ .Values.aiservice_domain }}" + inSaasEnv: "{{ .Values.in_saas_env }}" + environmentType: "{{ .Values.environment_type }}" + + modelId: + uniqueLength: "15" + prefix: "{{ .Values.aiservice_s3_bucket_prefix }}" + s3: + bucketPrefix: "{{ .Values.aiservice_s3_bucket_prefix }}" + region: "{{ .Values.aiservice_s3_region }}" + url: "{{ .Values.aiservice_s3_endpoint_url }}" + templatesBucket: "{{ .Values.aiservice_s3_templates_bucket }}" + tenantsBucket: "{{ .Values.aiservice_s3_tenants_bucket }}" + secretName: "{{ .Values.aiservice_s3_secret }}" + diff --git a/instance-applications/113-ibm-aiservice/templates/09-aiservice-app.yaml b/instance-applications/113-ibm-aiservice/templates/09-aiservice-app.yaml deleted file mode 100644 index 452503d4e..000000000 --- a/instance-applications/113-ibm-aiservice/templates/09-aiservice-app.yaml +++ /dev/null @@ -1,47 +0,0 @@ ---- -apiVersion: apps.mas.ibm.com/v1 -kind: AIServiceApp -metadata: - name: "{{ .Values.aiservice_instance_id }}" - namespace: "{{ .Values.aiservice_namespace }}" - labels: - mas.ibm.com/applicationId: aiservice - mas.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" - app.kubernetes.io/instance: "{{ .Values.aiservice_instance_id }}" - annotations: - argocd.argoproj.io/sync-wave: "149" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true -spec: - settings: - icr: - cp: "{{ .Values.mas_icr_cp }}" - cpopen: "{{ .Values.mas_icr_cpopen }}" - dro: - url: "{{ .Values.drocfg_url }}" - dro_token_secret: "{{ .Values.drocfg_registration_key }}" - ca: "{{ .Values.drocfg_ca_tenant }}" - jdbc: - url: "{{ .Values.jdbccfg_url }}" - credentials_secret: "{{ .Values.mas_aiservice_db2_jdbc_secret }}" - ca: "{{ .Values.jdbccfg_ca }}" - cluster_domain: "{{ .Values.cluster_domain }}" - in_saas_env: "{{ .Values.in_saas_env }}" - is_external_route: "{{ .Values.is_external_route }}" - - minio: - host: "{{ .Values.mas_aiservice_storage_host }}" - port: "{{ .Values.mas_aiservice_storage_port }}" - credentials_secret: "{{ .Values.mas_aiservice_storage_secret }}" - mariadb: - host: "{{ .Values.mas_aiservice_db_host }}" - port: "{{ .Values.mas_aiservice_db_port }}" - credentials_secret: "{{ .Values.mas_aiservice_mariadb_secret }}" - database_name: "{{ .Values.mas_aiservice_db_secret_name }}" - # Optional shared S3 config. Tenant-level config takes precedence over this - # - s3: - bucketPrefix: "{{ .Values.mas_aiservice_s3_bucket_prefix }}" - region: "{{ .Values.mas_aiservice_s3_region }}" - endpointUrl: "{{ .Values.mas_aiservice_s3_endpoint_url }}" - environment_type: "{{ .Values.environment_type }}" - use_aws_db2: true \ No newline at end of file diff --git a/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml b/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml index 601587e3f..a5d85fa40 100644 --- a/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml +++ b/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml @@ -7,27 +7,21 @@ metadata: namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "161" - {{- if eq .Values.mas_aiservice_storage_provider "aws" }} - serving.kserve.io/s3-endpoint: "{{ .Values.mas_aiservice_storage_host }}" - {{- else if eq .Values.mas_aiservice_storage_provider "minio" }} serving.kserve.io/s3-endpoint: "{{ .Values.mas_aiservice_storage_host }}:{{ .Values.mas_aiservice_storage_port }}" - {{- end }} {{- if eq .Values.mas_aiservice_storage_ssl "false" }} serving.kserve.io/s3-usehttps: "0" {{- else }} serving.kserve.io/s3-usehttps: "1" {{- end }} - {{- if and (eq .Values.mas_aiservice_storage_provider "minio") (not .Values.mas_aiservice_storage_region | empty) }} serving.kserve.io/s3-region: "{{ .Values.mas_aiservice_storage_region }}" - {{- end }} stringData: AWS_ACCESS_KEY_ID: "{{ .Values.mas_aiservice_storage_accesskey}}" AWS_SECRET_ACCESS_KEY: "{{ .Values.mas_aiservice_storage_secretkey}}" S3_ACCESS_KEY: "{{ .Values.mas_aiservice_storage_accesskey}}" S3_SECRET_KEY: "{{ .Values.mas_aiservice_storage_secretkey}}" S3_HOST: "{{ .Values.mas_aiservice_storage_host}}" - {{- if eq .Values.mas_aiservice_storage_provider "minio" }} - S3_PORT: "{{ .Values.mas_aiservice_storage_port}}" + {{- if .Values.mas_aiservice_storage_port }} + S3_PORT: "{{ .Values.mas_aiservice_storage_port }}" {{- else }} S3_PORT: "" {{- end }} diff --git a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml index 62a3b7ca7..03a762b69 100644 --- a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml @@ -38,42 +38,36 @@ spec: aiservice_instance_id: "{{ .Values.ibm_aiservice.aiservice_instance_id }}" aiservice_s3_secret: "{{ .Values.ibm_aiservice.aiservice_s3_secret }}" - mas_aiservice_mariadb_secret: "{{ .Values.ibm_aiservice.mas_aiservice_mariadb_secret }}" - mas_aiservice_db_user: "{{ .Values.ibm_aiservice.mas_aiservice_db_user }}" - mas_aiservice_db_secret_value: "{{ .Values.ibm_aiservice.mas_aiservice_db_secret_value }}" - mas_aiservice_watsonx_secret: "{{ .Values.ibm_aiservice.mas_aiservice_watsonx_secret }}" - mas_aiservice_watsonxai_apikey: "{{ .Values.ibm_aiservice.mas_aiservice_watsonxai_apikey }}" - mas_aiservice_watsonxai_url: "{{ .Values.ibm_aiservice.mas_aiservice_watsonxai_url }}" - mas_aiservice_watsonxai_project_id: "{{ .Values.ibm_aiservice.mas_aiservice_watsonxai_project_id }}" + aiservice_watsonx_secret: "{{ .Values.ibm_aiservice.aiservice_watsonx_secret }}" + aiservice_watsonxai_apikey: "{{ .Values.ibm_aiservice.aiservice_watsonxai_apikey }}" + aiservice_watsonxai_url: "{{ .Values.ibm_aiservice.aiservice_watsonxai_url }}" + aiservice_watsonxai_project_id: "{{ .Values.ibm_aiservice.aiservice_watsonxai_project_id }}" s3_apikey: "{{ .Values.ibm_aiservice.s3_apikey }}" aiservice_s3_accesskey: "{{ .Values.ibm_aiservice.aiservice_s3_accesskey }}" aiservice_s3_secretkey: "{{ .Values.ibm_aiservice.aiservice_s3_secretkey }}" - mas_aiservice_storage_host: "{{ .Values.ibm_aiservice.mas_aiservice_storage_host }}" - mas_aiservice_storage_port: "{{ .Values.ibm_aiservice.mas_aiservice_storage_port }}" + aiservice_s3_host: "{{ .Values.ibm_aiservice.aiservice_s3_host }}" + aiservice_s3_port: "{{ .Values.ibm_aiservice.aiservice_s3_port }}" - mas_aiservice_sls_registration_key_secret: "{{ .Values.ibm_aiservice.mas_aiservice_sls_registration_key_secret }}" + aiservice_sls_registration_key_secret: "{{ .Values.ibm_aiservice.aiservice_sls_registration_key_secret }}" slscfg_registration_key: "{{ .Values.ibm_aiservice.slscfg_registration_key }}" - mas_aiservice_db_host: "{{ .Values.ibm_aiservice.mas_aiservice_db_host }}" - mas_aiservice_db_port: "{{ .Values.ibm_aiservice.mas_aiservice_db_port }}" - mas_aiservice_db_secret_name: "{{ .Values.ibm_aiservice.mas_aiservice_db_secret_name }}" + aiservice_storage_pipelines_bucket: "{{ .Values.ibm_aiservice.aiservice_storage_pipelines_bucket }}" + aiservice_storage_tenants_bucket: "{{ .Values.ibm_aiservice.aiservice_storage_tenants_bucket }}" + aiservice_storage_templates_bucket: "{{ .Values.ibm_aiservice.aiservice_storage_templates_bucket }}" - mas_aiservice_storage_pipelines_bucket: "{{ .Values.ibm_aiservice.mas_aiservice_storage_pipelines_bucket }}" - mas_aiservice_storage_tenants_bucket: "{{ .Values.ibm_aiservice.mas_aiservice_storage_tenants_bucket }}" - mas_aiservice_storage_templates_bucket: "{{ .Values.ibm_aiservice.mas_aiservice_storage_templates_bucket }}" - - mas_aiservice_dro_token_secret: "{{ .Values.ibm_aiservice.mas_aiservice_dro_token_secret }}" - mas_aiservice_dro_cacert_secret: "{{ .Values.ibm_aiservice.mas_aiservice_dro_cacert_secret }}" + aiservice_dro_token_secret: "{{ .Values.ibm_aiservice.aiservice_dro_token_secret }}" + aiservice_dro_cacert_secret: "{{ .Values.ibm_aiservice.aiservice_dro_cacert_secret }}" drocfg_ca: "{{ .Values.ibm_aiservice.drocfg_ca }}" drocfg_ca_tenant: "{{ .Values.ibm_aiservice.drocfg_ca_tenant }}" drocfg_registration_key: "{{ .Values.ibm_aiservice.drocfg_registration_key }}" drocfg_url: "{{ .Values.ibm_aiservice.drocfg_url }}" - mas_aiservice_db2_jdbc_secret: "{{ .Values.ibm_aiservice.mas_aiservice_db2_jdbc_secret }}" - + + aiservice_jdbc_secret: "{{ .Values.ibm_aiservice.aiservice_jdbc_secret }}" + use_aws_db2: "{{ .Values.ibm_aiservice.use_aws_db2 }}" jdbccfg_username: "{{ .Values.ibm_aiservice.jdbccfg_username }}" jdbccfg_password: "{{ .Values.ibm_aiservice.jdbccfg_password }}" jdbccfg_url: "{{ .Values.ibm_aiservice.jdbccfg_url }}" @@ -82,22 +76,35 @@ spec: mas_entitlement_username: "{{ .Values.ibm_aiservice.mas_entitlement_username }}" mas_entitlement_key: "{{ .Values.ibm_aiservice.mas_entitlement_key }}" + entitlement_username: "{{ .Values.ibm_aiservice.entitlement_username }}" + entitlement_key: "{{ .Values.ibm_aiservice.entitlement_key }}" artifactory_username: "{{ .Values.ibm_aiservice.artifactory_username }}" artifactory_token: "{{ .Values.ibm_aiservice.artifactory_token }}" - mas_app_channel: "{{ .Values.ibm_aiservice.mas_app_channel }}" + aiservice_channel: "{{ .Values.ibm_aiservice.aiservice_channel }}" mas_catalog_source: "{{ .Values.ibm_aiservice.mas_catalog_source }}" - mas_icr_cp: "{{ .Values.ibm_aiservice.mas_icr_cp }}" - mas_icr_cpopen: "{{ .Values.ibm_aiservice.mas_icr_cpopen }}" + mas_icr_cpopen: "{{ .Values.ibm_aiservice.mas_icr_cpopen }}"\ + in_saas_env: "{{ .Values.ibm_aiservice.in_saas_env }}" - is_external_route: "{{ .Values.ibm_aiservice.is_external_route }}" - cluster_domain: "{{ .Values.ibm_aiservice.cluster_domain }}" + aiservice_domain: "{{ .Values.ibm_aiservice.aiservice_domain }}" environment_type: "{{ .Values.ibm_aiservice.environment_type }}" - mas_aiservice_s3_endpoint_url: "{{ .Values.ibm_aiservice.mas_aiservice_s3_endpoint_url }}" - mas_aiservice_s3_region: "{{ .Values.ibm_aiservice.mas_aiservice_s3_region }}" - mas_aiservice_s3_bucket_prefix: "{{ .Values.ibm_aiservice.mas_aiservice_s3_bucket_prefix }}" + aiservice_s3_endpoint_url: "{{ .Values.ibm_aiservice.aiservice_s3_endpoint_url }}" + aiservice_s3_region: "{{ .Values.ibm_aiservice.aiservice_s3_region }}" + aiservice_s3_bucket_prefix: "{{ .Values.ibm_aiservice.aiservice_s3_bucket_prefix }}" + aiservice_s3_templates_bucket: "{{ .Values.ibm_aiservice.aiservice_s3_templates_bucket }}" + aiservice_s3_tenants_bucket: "{{ .Values.ibm_aiservice.aiservice_s3_tenants_bucket }}" + aiservice_s3_secret: "{{ .Values.ibm_aiservice.aiservice_s3_secret }}" + aiservice_sls_registration_key_secret: "{{ .Values.aiservice_sls_registration_key_secret }}" + aiservice_storage_class: "{{ .Values.ibm_aiservice.aiservice_storage_class }}" + aiservice_s3_ssl: "{{ .Values.ibm_aiservice.aiservice_s3_ssl }}" + aiservice_s3_accesskey: "{{ .Values.ibm_aiservice.aiservice_s3_accesskey }}" + aiservice_s3_secretkey: "{{ .Values.ibm_aiservice.aiservice_s3_secretkey }}" + aiservice_s3_host: "{{ .Values.ibm_aiservice.aiservice_s3_host }}" + aiservice_s3_port: "{{ .Values.ibm_aiservice.aiservice_s3_port }}" + aiservice_s3_region: "{{ .Values.ibm_aiservice.aiservice_s3_region }}" + aiservice_operator_log_level: "{{ .Values.ibm_aiservice.aiservice_operator_log_level }}" junitreporter: reporter_name: "ibm-aiservice-{{ .Values.instance.id }}" From c0ed21e6a2b0d5c6c48b2cdf5352e5e1a7442f35 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 8 Sep 2025 19:12:59 +0530 Subject: [PATCH 08/92] MASSREMAT-211 MASSREMAT-211 Aiservice-tenant update --- .../00-aiservice-tenent-namespace.yaml | 45 ------------------- .../templates/01-aiservice-sls-secret.yaml | 6 +-- .../templates/02-aiservice-rsl-secret.yaml | 4 +- .../templates/03-aiservice-dro-secret.yaml | 3 +- .../templates/04-aiservice-s3-secret.yaml | 24 ---------- .../templates/05-aiservice-wx.yaml | 34 ++++---------- .../templates/06-aiservice-km-s3-secret.yaml | 43 ++++++++++++++++++ .../templates/06-aiservice-workspace.yaml | 27 +++++------ .../07-aiservice-ingress-allow-isvc.yaml | 2 +- .../100-ibm-aiservice-tenant-app.yaml | 37 +++++---------- 10 files changed, 80 insertions(+), 145 deletions(-) delete mode 100644 instance-applications/115-ibm-aiservice-tenant/templates/04-aiservice-s3-secret.yaml create mode 100644 instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace.yaml index 314245efa..fb4217836 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace.yaml @@ -3,51 +3,6 @@ apiVersion: v1 kind: Namespace metadata: name: "{{ .Values.tenantNamespace }}" - annotations: - argocd.argoproj.io/sync-wave: "289" - ---- -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: km-s3-secret - namespace: "{{ .Values.tenantNamespace }}" - annotations: - argocd.argoproj.io/sync-wave: "299" - {{- if eq .Values.mas_aiservice_storage_provider "aws" }} - serving.kserve.io/s3-endpoint: "{{ .Values.mas_aiservice_storage_host }}" - {{- else if eq .Values.mas_aiservice_storage_provider "minio" }} - serving.kserve.io/s3-endpoint: "{{ .Values.mas_aiservice_storage_host }}:{{ .Values.mas_aiservice_storage_port }}" - {{- end }} - {{- if eq .Values.mas_aiservice_storage_ssl "false" }} - serving.kserve.io/s3-usehttps: "0" - {{- else }} - serving.kserve.io/s3-usehttps: "1" - {{- end }} - {{- if and (eq .Values.mas_aiservice_storage_provider "minio") (not .Values.mas_aiservice_storage_region | empty) }} - serving.kserve.io/s3-region: "{{ .Values.mas_aiservice_storage_region }}" - {{- end }} -stringData: - AWS_ACCESS_KEY_ID: "{{ .Values.mas_aiservice_storage_accesskey}}" - AWS_SECRET_ACCESS_KEY: "{{ .Values.mas_aiservice_storage_secretkey}}" - S3_ACCESS_KEY: "{{ .Values.mas_aiservice_storage_accesskey}}" - S3_SECRET_KEY: "{{ .Values.mas_aiservice_storage_secretkey}}" - S3_HOST: "{{ .Values.mas_aiservice_storage_host}}" - S3_PORT: "{{ .Values.mas_aiservice_storage_port}}" - S3_REGION: "{{ .Values.mas_aiservice_storage_region}}" - S3_SSL: "{{ .Values.mas_aiservice_storage_ssl}}" - ---- - -kind: Secret -apiVersion: v1 -metadata: - name: ibm-entitlement - namespace: "{{ .Values.tenantNamespace }}" annotations: argocd.argoproj.io/sync-wave: "300" -type: kubernetes.io/dockerconfigjson -data: - .dockerconfigjson: "{{ .Values.artifactory_token}}" diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml index 70a1ae14d..6235cefb5 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml @@ -7,8 +7,7 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "301" labels: - mas.ibm.com/applicationId: aiservice - mas.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" + aiservice.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" {{- if .Values.custom_labels }} {{- range $key, $val := .Values.custom_labels }} {{ $key | quote }}: {{ $val | quote }} @@ -16,4 +15,5 @@ metadata: {{- end }} type: Opaque stringData: - SLS_REGISTRATION_KEY: "{{ .Values.slscfg_registration_key }}" \ No newline at end of file + SLS_REGISTRATION_KEY: "{{ .Values.slscfg_registration_key }}" + diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml index 532ba1731..5c2dd7dfa 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml @@ -7,8 +7,7 @@ metadata: name: "{{ .Values.tenantNamespace }}----rsl-secret" namespace: "{{ .Values.tenantNamespace }}" labels: - mas.ibm.com/applicationId: aiservice - mas.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" + aiservice.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" {{- if .Values.custom_labels }} {{- range $key, $value := .Values.custom_labels }} {{ $key | quote }}: {{ $value | quote }} @@ -20,3 +19,4 @@ stringData: rsl_org_id: "{{ .Values.rsl_org_id }}" rsl_url: "{{ .Values.rsl_url }}" rsl_token: "{{ .Values.rsl_token }}" + ca.crt: "{{ .Values.rsl_ca_crt }}" diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml index 9cfc1e1e8..572eda3f0 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml @@ -5,8 +5,7 @@ metadata: name: "{{ .Values.tenantNamespace }}----dro-secret" namespace: "{{ .Values.aiservice_namespace }}" labels: - mas.ibm.com/applicationId: aiservice - mas.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" + aiservice.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" {{- if .Values.custom_labels }} {{- range $key, $val := .Values.custom_labels }} {{ $key | quote }}: {{ $val | quote }} diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/04-aiservice-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/04-aiservice-s3-secret.yaml deleted file mode 100644 index 14e61b1e7..000000000 --- a/instance-applications/115-ibm-aiservice-tenant/templates/04-aiservice-s3-secret.yaml +++ /dev/null @@ -1,24 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -metadata: - name: "{{ .Values.tenantNamespace }}----s3-secret" - namespace: "{{ .Values.aiservice_namespace }}" - {{- if .Values.custom_labels }} - labels: - {{- range $key, $val := .Values.custom_labels }} - {{ $key | quote }}: {{ $val | quote }} - {{- end }} - {{- end }} - annotations: - argocd.argoproj.io/sync-wave: "304" -type: Opaque -stringData: - ACCESS-KEY: "{{ .Values.mas_aiservice_storage_accesskey }}" - SECRET-KEY: "{{ .Values.mas_aiservice_storage_secretkey }}" - {{- if eq .Values.mas_aiservice_storage_provider "aws" }} - URL: "{{ .Values.mas_aiservice_storage_host }}" - {{- else if eq .Values.mas_aiservice_storage_provider "minio" }} - URL: "http://{{ .Values.mas_aiservice_storage_host }}:{{ .Values.mas_aiservice_storage_port }}" - {{- end }} - REGION: "{{ .Values.mas_aiservice_storage_region }}" diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml index 3d3d4f591..866877342 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml @@ -11,31 +11,15 @@ metadata: {{- end }} {{- end }} annotations: - argocd.argoproj.io/sync-wave: "305" + argocd.argoproj.io/sync-wave: "304" type: Opaque stringData: - wx_apikey: "{{ .Values.mas_aiservice_watsonxai_apikey }}" - wx_url: "{{ .Values.mas_aiservice_watsonxai_url }}" - wx_project_id: "{{ .Values.mas_aiservice_watsonxai_project_id }}" - - -# Copy secrets to tenant namespace ---- -apiVersion: v1 -kind: Secret -metadata: - name: "{{ .Values.tenantNamespace }}----wx-secret" - namespace: "{{ .Values.tenantNamespace }}" - {{- if .Values.custom_labels }} - labels: - {{- range $key, $val := .Values.custom_labels }} - {{ $key | quote }}: {{ $val | quote }} - {{- end }} + wx_apikey: "{{ .Values.aiservice_watsonxai_apikey }}" + wx_url: "{{ .Values.aiservice_watsonxai_url }}" + wx_project_id: "{{ .Values.aiservice_watsonxai_project_id }}" + {{- if and (eq .Values.aiservice_watsonx_full "true") .Values.aiservice_watsonx_instance_id .Values.aiservice_watsonx_version .Values.aiservice_watsonx_username }} + wx_instance_id: "{{ .Values.aiservice_watsonx_instance_id }}" + wx_version: "{{ .Values.aiservice_watsonx_version }}" + wx_username: "{{ .Values.aiservice_watsonx_username }}" {{- end }} - annotations: - argocd.argoproj.io/sync-wave: "306" -type: Opaque -stringData: - wx_apikey: "{{ .Values.mas_aiservice_watsonxai_apikey }}" - wx_url: "{{ .Values.mas_aiservice_watsonxai_url }}" - wx_project_id: "{{ .Values.mas_aiservice_watsonxai_project_id }}" + diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml new file mode 100644 index 000000000..06a6ed51c --- /dev/null +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -0,0 +1,43 @@ +--- +kind: Secret +metadata: + name: km-s3-secret + namespace: "{{ .Values.tenantNamespace }}" + labels: + app.kubernetes.io/managed-by: gitops + annotations: + {{- with (lookup "v1" "Secret" (printf "aiservice-%s" .Values.aiservice_instance_id) "km-s3-secret") }} + {{- if .metadata.annotations }} + {{- range $k, $v := .metadata.annotations }} + {{- if ne $k "argocd.argoproj.io/sync-wave" }} + {{ $k }}: {{ $v | quote }} + {{- end }} + {{- end }} + {{- end }} + {{- end }} + argocd.argoproj.io/sync-wave: "305" +type: Opaque +data: + {{- with (lookup "v1" "Secret" .Values.aiservice_namespace "km-s3-secret") }} + {{- range $k, $v := .data }} + {{ $k }}: {{ $v }} + {{- end }} + {{- end }} +--- + +apiVersion: v1 +kind: Secret +metadata: + name: ibm-entitlement + namespace: "{{ .Values.tenantNamespace }}" + labels: + app.kubernetes.io/managed-by: gitops + annotations: + argocd.argoproj.io/sync-wave: "306" +type: Opaque +data: + {{- with (lookup "v1" "Secret" .Values.aiservice_namespace "ibm-entitlement") }} + {{- range $k, $v := .data }} + {{ $k }}: {{ $v }} + {{- end }} + {{- end }} diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml index 1bb9e605c..21b45b36d 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml @@ -1,14 +1,15 @@ --- -apiVersion: apps.mas.ibm.com/v1 +apiVersion: aiservice.ibm.com/v1 kind: AIServiceTenant metadata: name: "{{ .Values.tenantNamespace }}" namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "307" + ansible.sdk.operatorframework.io/verbosity: "{{ aiservice_operator_log_level }}" labels: - mas.ibm.com/applicationId: "aiservice" - mas.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" + aiservice.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" + app.kubernetes.io/instance: "{{ .Values.aiservice_instance_id }}" {{- if .Values.custom_labels }} {{- range $key, $val := .Values.custom_labels }} {{ $key | quote }}: {{ $val | quote }} @@ -16,8 +17,6 @@ metadata: {{- end }} spec: settings: - # cluster_domain: "{{ .Values.cluster_domain }}" - # in_saas_env: "{{ .Values.in_saas_env }}" icr: cp: "{{ .Values.mas_icr_cp }}" cpopen: "{{ .Values.mas_icr_cpopen }}" @@ -29,25 +28,19 @@ spec: url: "{{ .Values.slscfg_url }}" secretName: "{{ .Values.tenantNamespace }}----sls-secret" ca: "{{ .Values.slscfg_ca_tenant }}" - # rsl added new in ansible ##review what is value of gitops-envs rsl: url: "{{ .Values.rsl_url }}" orgId: "{{ .Values.rsl_org_id }}" secretName: "{{ .Values.tenantNamespace }}----rsl-secret" watsonxai: - url: "{{ .Values.mas_aiservice_watsonxai_url }}" + url: "{{ .Values.aiservice_watsonxai_url }}" secretName: "{{ .Values.tenantNamespace }}----wx-secret" - project_id: "{{ .Values.mas_aiservice_watsonxai_project_id }}" + project_id: "{{ .Values.aiservice_watsonxai_project_id }}" tenant: - tenant_id: "{{ .Values.tenantNamespace }}" - subscription_id: "{{ .Values.mas_aiservice_sls_subscription_id }}" - instance_id: "{{ .Values.aiservice_instance_id }}" + tenantId: "{{ .Values.tenantNamespace }}" + subscriptionId: "{{ .Values.aiservice_sls_subscription_id }}" + instanceId: "{{ .Values.aiservice_instance_id }}" entitlement: type: "{{ .Values.tenant_entitlement_type }}" startDate: "{{ .Values.tenant_entitlement_start_date }}" - endDate: "{{ .Values.tenant_entitlement_end_date }}" - s3: - region: "{{ .Values.mas_aiservice_s3_region }}" - bucketPrefix: "{{ .Values.mas_aiservice_s3_bucket_prefix }}" - endpointUrl: "{{ .Values.mas_aiservice_s3_endpoint_url }}" - secretName: "{{ .Values.tenantNamespace }}----s3-secret" \ No newline at end of file + endDate: "{{ .Values.tenant_entitlement_end_date }}" \ No newline at end of file diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/07-aiservice-ingress-allow-isvc.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/07-aiservice-ingress-allow-isvc.yaml index e4c8882c2..76059d1f1 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/07-aiservice-ingress-allow-isvc.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/07-aiservice-ingress-allow-isvc.yaml @@ -13,4 +13,4 @@ spec: ingress: - {} policyTypes: - - Ingress + - Ingress \ No newline at end of file diff --git a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml index d10a2f1e8..9dc173199 100644 --- a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml +++ b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml @@ -59,9 +59,6 @@ spec: mas_icr_cpopen: "{{ .Values.ibm_aiservice_tenant.mas_icr_cpopen }}" # DRO - # mas_aiservice_dro_token_secret: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_dro_token_secret }}" - mas_aiservice_dro_cacert_secret: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_dro_cacert_secret }}" - drocfg_ca: "{{ .Values.ibm_aiservice_tenant.drocfg_ca }}" drocfg_registration_key: "{{ .Values.ibm_aiservice_tenant.drocfg_registration_key }}" drocfg_url: "{{ .Values.ibm_aiservice_tenant.drocfg_url }}" @@ -69,41 +66,29 @@ spec: #sls slscfg_registration_key: "{{ .Values.ibm_aiservice_tenant.slscfg_registration_key }}" slscfg_url: "{{ .Values.ibm_aiservice_tenant.slscfg_url }}" - # slscfg_clientId: "{{ .Values.ibm_aiservice_tenant.slscfg_clientId }}" - slscfg_ca: "{{ .Values.ibm_aiservice_tenant.slscfg_ca }}" slscfg_ca_tenant: "{{ .Values.ibm_aiservice_tenant.slscfg_ca_tenant }}" - # slscfg_tls: "{{ .Values.ibm_aiservice_tenant.slscfg_tls }}" - # slscfg_key: "{{ .Values.ibm_aiservice_tenant.slscfg_key }}" + aiservice_sls_subscription_id: "{{ .Values.ibm_aiservice_tenant.aiservice_sls_subscription_id }}" # WatsonX - mas_aiservice_watsonxai_apikey: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_watsonxai_apikey }}" - mas_aiservice_watsonxai_url: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_watsonxai_url }}" - mas_aiservice_watsonxai_project_id: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_watsonxai_project_id }}" - - # SLS - mas_aiservice_sls_subscription_id: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_sls_subscription_id }}" + aiservice_watsonxai_apikey: "{{ .Values.ibm_aiservice_tenant.aiservice_watsonxai_apikey }}" + aiservice_watsonxai_url: "{{ .Values.ibm_aiservice_tenant.aiservice_watsonxai_url }}" + aiservice_watsonxai_project_id: "{{ .Values.ibm_aiservice_tenant.aiservice_watsonxai_project_id }}" + aiservice_watsonx_full: "{{ .Values.ibm_aiservice_tenant.aiservice_watsonx_full }}" + aiservice_watsonx_instance_id: "{{ .Values.ibm_aiservice_tenant.aiservice_watsonx_instance_id }}" + aiservice_watsonx_version: "{{ .Values.ibm_aiservice_tenant.aiservice_watsonx_version }}" + aiservice_watsonx_username: "{{ .Values.ibm_aiservice_tenant.aiservice_watsonx_username }}" #rsl rsl_url: "{{ .Values.ibm_aiservice_tenant.rsl_url }}" rsl_org_id: "{{ .Values.ibm_aiservice_tenant.rsl_org_id }}" rsl_token: "{{ .Values.ibm_aiservice_tenant.rsl_token }}" - - # S3 - mas_aiservice_storage_provider: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_provider }}" - mas_aiservice_storage_ssl: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_ssl }}" - mas_aiservice_storage_accesskey: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_accesskey }}" - mas_aiservice_storage_secretkey: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_secretkey }}" - mas_aiservice_storage_host: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_host }}" - mas_aiservice_storage_port: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_port }}" - mas_aiservice_storage_region: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_region }}" - # mas_aiservice_storage_pipelines_bucket: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_storage_pipelines_bucket }}" - mas_aiservice_s3_endpoint_url: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_s3_endpoint_url }}" - mas_aiservice_s3_region: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_s3_region }}" - mas_aiservice_s3_bucket_prefix: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_s3_bucket_prefix }}" + rsl_ca_crt: "{{ .Values.ibm_aiservice_tenant.rsl_ca_crt }}" + tenant_entitlement_type: "{{ .Values.ibm_aiservice_tenant.tenant_entitlement_type }}" tenant_entitlement_start_date: "{{ .Values.ibm_aiservice_tenant.tenant_entitlement_start_date }}" tenant_entitlement_end_date: "{{ .Values.ibm_aiservice_tenant.tenant_entitlement_end_date }}" + aiservice_operator_log_level: "{{ .Values.ibm_aiservice_tenant.aiservice_operator_log_level }}" junitreporter: reporter_name: "ibm-aiservice-tenant-{{ .Values.instance.id }}" From c560316de70ea9c0c60eb7b6ffcb60ed1676ef5b Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 9 Sep 2025 14:10:38 +0530 Subject: [PATCH 09/92] MASSREMAT-210 kmodel clean up MASSREMAT-210 Kmodel clean up --- .../114-ibm-kmodels/Chart.yaml | 11 -- .../114-ibm-kmodels/README.md | 3 - .../templates/02-kmodel-secret.yaml | 30 ---- .../templates/03-kmodel-istio.yaml | 50 ------ .../templates/04-kmodel-networkpolicies.yaml | 43 ----- .../templates/05-kmodel-store.yaml | 126 -------------- .../templates/06-kmodel-watcher.yaml | 142 --------------- .../templates/07-kmodel-controller.yaml | 162 ------------------ .../114-ibm-kmodels/values.yaml | 49 ------ .../templates/050-ibm-kmodels-app.yaml | 95 ---------- 10 files changed, 711 deletions(-) delete mode 100644 instance-applications/114-ibm-kmodels/Chart.yaml delete mode 100644 instance-applications/114-ibm-kmodels/README.md delete mode 100644 instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml delete mode 100644 instance-applications/114-ibm-kmodels/templates/03-kmodel-istio.yaml delete mode 100644 instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml delete mode 100644 instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml delete mode 100644 instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml delete mode 100644 instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml delete mode 100644 instance-applications/114-ibm-kmodels/values.yaml delete mode 100644 root-applications/ibm-aiservice-instance-root/templates/050-ibm-kmodels-app.yaml diff --git a/instance-applications/114-ibm-kmodels/Chart.yaml b/instance-applications/114-ibm-kmodels/Chart.yaml deleted file mode 100644 index 21648d971..000000000 --- a/instance-applications/114-ibm-kmodels/Chart.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v2 -name: ibm-kmodels -description: IBM KMODELS -type: application -version: 1.0.0 - -dependencies: -- name: junitreporter - version: 1.0.0 - repository: "file://../../sub-charts/junitreporter/" - condition: junitreporter.devops_mongo_uri != "" \ No newline at end of file diff --git a/instance-applications/114-ibm-kmodels/README.md b/instance-applications/114-ibm-kmodels/README.md deleted file mode 100644 index 07e700255..000000000 --- a/instance-applications/114-ibm-kmodels/README.md +++ /dev/null @@ -1,3 +0,0 @@ -IBM Kmodel -=============================================================================== -Deploy and configure kmodel with configurable version \ No newline at end of file diff --git a/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml b/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml deleted file mode 100644 index a5d85fa40..000000000 --- a/instance-applications/114-ibm-kmodels/templates/02-kmodel-secret.yaml +++ /dev/null @@ -1,30 +0,0 @@ ---- -apiVersion: v1 -kind: Secret -type: Opaque -metadata: - name: km-s3-secret - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "161" - serving.kserve.io/s3-endpoint: "{{ .Values.mas_aiservice_storage_host }}:{{ .Values.mas_aiservice_storage_port }}" - {{- if eq .Values.mas_aiservice_storage_ssl "false" }} - serving.kserve.io/s3-usehttps: "0" - {{- else }} - serving.kserve.io/s3-usehttps: "1" - {{- end }} - serving.kserve.io/s3-region: "{{ .Values.mas_aiservice_storage_region }}" -stringData: - AWS_ACCESS_KEY_ID: "{{ .Values.mas_aiservice_storage_accesskey}}" - AWS_SECRET_ACCESS_KEY: "{{ .Values.mas_aiservice_storage_secretkey}}" - S3_ACCESS_KEY: "{{ .Values.mas_aiservice_storage_accesskey}}" - S3_SECRET_KEY: "{{ .Values.mas_aiservice_storage_secretkey}}" - S3_HOST: "{{ .Values.mas_aiservice_storage_host}}" - {{- if .Values.mas_aiservice_storage_port }} - S3_PORT: "{{ .Values.mas_aiservice_storage_port }}" - {{- else }} - S3_PORT: "" - {{- end }} - S3_REGION: "{{ .Values.mas_aiservice_storage_region}}" - S3_SSL: "{{ .Values.mas_aiservice_storage_ssl}}" - diff --git a/instance-applications/114-ibm-kmodels/templates/03-kmodel-istio.yaml b/instance-applications/114-ibm-kmodels/templates/03-kmodel-istio.yaml deleted file mode 100644 index 1ba455fc6..000000000 --- a/instance-applications/114-ibm-kmodels/templates/03-kmodel-istio.yaml +++ /dev/null @@ -1,50 +0,0 @@ ---- -apiVersion: security.istio.io/v1beta1 -kind: PeerAuthentication -metadata: - name: default - namespace: opendatahub - annotations: - argocd.argoproj.io/sync-wave: "139" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true -spec: - mtls: - mode: PERMISSIVE - ---- - -apiVersion: networking.istio.io/v1beta1 -kind: DestinationRule -metadata: - name: ds-pipeline-instance - namespace: opendatahub - annotations: - argocd.argoproj.io/sync-wave: "162" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true -spec: - host: ds-pipeline-instance.opendatahub.svc.cluster.local - trafficPolicy: - portLevelSettings: - - port: - number: 8888 - tls: - mode: DISABLE - ---- - -apiVersion: networking.istio.io/v1beta1 -kind: DestinationRule -metadata: - name: minio-instance - namespace: opendatahub - annotations: - argocd.argoproj.io/sync-wave: "163" - argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true -spec: - host: minio-instance.opendatahub.svc.cluster.local - trafficPolicy: - portLevelSettings: - - port: - number: 9000 - tls: - mode: DISABLE diff --git a/instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml b/instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml deleted file mode 100644 index 2017acc47..000000000 --- a/instance-applications/114-ibm-kmodels/templates/04-kmodel-networkpolicies.yaml +++ /dev/null @@ -1,43 +0,0 @@ ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: km-instance - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "164" -spec: - podSelector: - matchLabels: - kmodels: instance - part-of: kmodels - policyTypes: - - Ingress - ingress: - - ports: - - port: 3000 - - port: 8443 - ---- -apiVersion: networking.k8s.io/v1 -kind: NetworkPolicy -metadata: - name: ds-pipelines-km-instance - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "165" -spec: - podSelector: - matchLabels: - app: ds-pipeline-instance - component: data-science-pipelines - ingress: - - ports: - - protocol: TCP - port: 8888 - from: - - podSelector: - matchLabels: - app: km-controller - policyTypes: - - Ingress diff --git a/instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml b/instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml deleted file mode 100644 index e702ef0fa..000000000 --- a/instance-applications/114-ibm-kmodels/templates/05-kmodel-store.yaml +++ /dev/null @@ -1,126 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: km-store - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "169" - labels: - app: km-store -data: - STORE_BUCKET: "{{ .Values.mas_aiservice_storage_templates_bucket }}" - # Certificate files folder (default: /etc/ssl/certs) - CERTS_PATH: "/etc/ssl/certs" - # Private key (default: tls.key) - CERT_PRIVATE_KEY: "tls.key" - # Public certificate (default: tls.crt) - CERT_PUBLIC_CERTIFICATE: "tls.crt" - # Set to true to enable https server (default: true) - SUPPORT_HTTPS: "true" - ---- -apiVersion: v1 -kind: Service -metadata: - name: km-store - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "170" -spec: - ports: - - name: https - port: 8443 - targetPort: https - selector: - app: km-store - type: ClusterIP - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: km-store - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "171" - labels: - app: km-store - component: store - kmodels: instance - part-of: kmodels -spec: - replicas: 1 - selector: - matchLabels: - app: km-store - kmodels: instance - part-of: kmodels - template: - metadata: - labels: - app: km-store - component: store - kmodels: instance - part-of: kmodels - spec: - restartPolicy: Always - volumes: - - name: ssh-key - secret: - secretName: "{{ .Values.aiservice_internal_tls }}" - - name: workspace-volume - emptyDir: {} - imagePullSecrets: - - name: "{{ .Values.pullSecretName }}" - containers: - - name: store - image: "{{ .Values.image_store }}" - imagePullPolicy: Always - securityContext: - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - privileged: false - runAsNonRoot: true - capabilities: - drop: - - ALL - ports: - - name: http - containerPort: 3000 - - name: https - containerPort: 8443 - envFrom: - - configMapRef: - name: km-store - - secretRef: - name: km-s3-secret - resources: - requests: - memory: "64Mi" - cpu: "50m" - ephemeral-storage: "1Gi" - limits: - memory: "256Mi" - cpu: "100m" - ephemeral-storage: "2Gi" - livenessProbe: - httpGet: - path: /version - port: 8443 - scheme: HTTPS - initialDelaySeconds: 15 - periodSeconds: 500 - readinessProbe: - httpGet: - path: /version - port: 8443 - scheme: HTTPS - initialDelaySeconds: 5 - periodSeconds: 500 - volumeMounts: - - mountPath: "/etc/ssl/certs" - name: ssh-key - readOnly: true - - name: workspace-volume - mountPath: /workspace diff --git a/instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml b/instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml deleted file mode 100644 index 6aacf8f8f..000000000 --- a/instance-applications/114-ibm-kmodels/templates/06-kmodel-watcher.yaml +++ /dev/null @@ -1,142 +0,0 @@ ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: km-watcher - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "172" ---- -kind: Role -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: km-watcher-role - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "173" -rules: - - verbs: - - list - - watch - apiGroups: - - '' - resources: - - events - - pods ---- -kind: RoleBinding -apiVersion: rbac.authorization.k8s.io/v1 -metadata: - name: km-watcher-binding - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "174" -subjects: - - kind: ServiceAccount - name: km-watcher - namespace: "{{ .Values.aiservice_namespace }}" -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: Role - name: km-watcher-role - ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: km-watcher - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "175" - labels: - app: km-watcher -data: - EXCLUDE_TENANTS: provision-tenant - TENANTS_BUCKET: {{ .Values.mas_aiservice_storage_tenants_bucket }} - PIPELINES: "{{ .Values.aiservice_namespace }}" - ---- -apiVersion: v1 -kind: Service -metadata: - name: km-watcher - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "176" -spec: - ports: - - name: http - port: 3000 - targetPort: http - selector: - app: km-watcher - type: ClusterIP - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: km-watcher - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "177" - labels: - app: km-watcher - component: watcher -spec: - replicas: 1 - selector: - matchLabels: - app: km-watcher - template: - metadata: - labels: - app: km-watcher - component: watcher - spec: - serviceAccountName: km-watcher - imagePullSecrets: - - name: "{{ .Values.pullSecretName }}" - containers: - - name: watcher - image: "{{ .Values.image_watcher }}" - imagePullPolicy: Always - securityContext: - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - privileged: false - runAsNonRoot: true - capabilities: - drop: - - ALL - ports: - - name: http - containerPort: 3000 - resources: - requests: - memory: "64Mi" - cpu: "50m" - ephemeral-storage: "1Gi" - limits: - memory: "256Mi" - cpu: "100m" - ephemeral-storage: "2Gi" - livenessProbe: - httpGet: - path: /version - port: 3000 - scheme: HTTP - initialDelaySeconds: 15 - periodSeconds: 500 - readinessProbe: - httpGet: - path: /version - port: 3000 - scheme: HTTP - initialDelaySeconds: 5 - periodSeconds: 500 - envFrom: - - configMapRef: - name: km-watcher - - secretRef: - name: km-s3-secret diff --git a/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml b/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml deleted file mode 100644 index 62f56d6e5..000000000 --- a/instance-applications/114-ibm-kmodels/templates/07-kmodel-controller.yaml +++ /dev/null @@ -1,162 +0,0 @@ ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: km-controller - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "178" - labels: - app: km-controller -data: - CONTAINER_REGISTRY: "{{ .Values.mas_icr_cp }}/aiservice" - PIPELINES_BUCKET: "{{ .Values.mas_aiservice_storage_pipelines_bucket }}" - TENANTS_BUCKET: "{{ .Values.mas_aiservice_storage_tenants_bucket }}" - DOCKER_SECRETS_NAME: "ibm-entitlement" - CONNECTOR_IMAGE_PREFIX: '' - PIPELINE_STEP_IMAGE_PREFIX: '' - PIPELINE_DEFAULT_STEP_TAG: "{{ .Values.mas_aiservice_pipeline_steps_tag }}" - DEFAULT_TENANTS: "{{ .Values.mas_aiservice_provision_tenant }}" - PIPELINE_DEPLOYMENT_MODE: raw - PLATFORM: openshift - PVC_STORAGE_CLASS_NAME: "{{ .Values.primary_storage_class }}" - LOG_FORMAT: "json" - MODEL_ID_UNIQUE_LENGTH: "{{ .Values.model_id_unique_length }}" - MODEL_ID_PREFIX: "{{ .Values.model_id_prefix }}" - AFFINITY_ENABLED: "false" - ---- -apiVersion: v1 -kind: Service -metadata: - name: km-controller - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "179" -spec: - ports: - - name: https - port: 8443 - targetPort: https - selector: - app: km-controller - type: ClusterIP - ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: km-controller-pvc - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "180" -spec: - accessModes: - - ReadWriteOnce - volumeMode: Filesystem - resources: - requests: - storage: 1Gi - storageClassName: "{{ .Values.primary_storage_class }}" - ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - name: km-controller - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "181" - ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: km-controller - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "182" - labels: - app: km-controller - component: controller -spec: - replicas: 1 - revisionHistoryLimit: 1 - selector: - matchLabels: - app: km-controller - template: - metadata: - labels: - app: km-controller - component: controller - spec: - serviceAccountName: km-controller - volumes: - - name: workspace-volume - emptyDir: {} - - name: ssh-key - secret: - secretName: "{{ .Values.aiservice_internal_tls }}" - imagePullSecrets: - - name: "{{ .Values.pullSecretName }}" - containers: - - name: controller - image: "{{ .Values.image_controller }}" - imagePullPolicy: Always - securityContext: - readOnlyRootFilesystem: false - allowPrivilegeEscalation: false - privileged: false - runAsNonRoot: true - capabilities: - drop: - - ALL - ports: - - name: http - containerPort: 3000 - - name: https - containerPort: 8443 - resources: - requests: - memory: "128Mi" - cpu: "100m" - ephemeral-storage: "1Gi" - limits: - memory: "256Mi" - cpu: "200m" - ephemeral-storage: "2Gi" - livenessProbe: - httpGet: - path: /api/v1/version - port: 8443 - scheme: HTTPS - initialDelaySeconds: 15 - periodSeconds: 500 - readinessProbe: - httpGet: - path: /api/v1/version - port: 8443 - scheme: HTTPS - initialDelaySeconds: 5 - periodSeconds: 500 - env: - - name: KMODELS_NAMESPACE - valueFrom: - fieldRef: - fieldPath: metadata.namespace - - name: KMODELS_ID - valueFrom: - fieldRef: - fieldPath: metadata.namespace - envFrom: - - configMapRef: - name: km-controller - - secretRef: - name: km-s3-secret - volumeMounts: - - name: workspace-volume - mountPath: /workspace - - name: ssh-key - mountPath: "/etc/ssl/certs" - readOnly: true diff --git a/instance-applications/114-ibm-kmodels/values.yaml b/instance-applications/114-ibm-kmodels/values.yaml deleted file mode 100644 index 59c406cab..000000000 --- a/instance-applications/114-ibm-kmodels/values.yaml +++ /dev/null @@ -1,49 +0,0 @@ ---- -run_sync_hooks: true -mas_instance_id: "sremat" -aiservice_internal_tls: "{{ mas_instance_id }}-internal-aiservice-tls" -aiservice_namespace: "mas-sremat-aiservice" - -mas_aiservice_storage_provider: "aws" -mas_aiservice_storage_ssl: "false" - -# following are the variable need to injected via environment variable -mas_aiservice_storage_accesskey: "mas_aiservice_storage_accesskey" -mas_aiservice_storage_secretkey: "mas_aiservice_storage_secretkey" -mas_aiservice_storage_host: "mas_aiservice_storage_host" -mas_aiservice_storage_port: "mas_aiservice_storage_port" -mas_aiservice_storage_region: "mas_aiservice_storage_region" - -ssh_secret_name: "sremat-kmodel-aiservice-tls" -ssh_secret_password: "sremat" -# vars file for kmodels -pullSecretName: "ibm-entitlement" - -docker_server: "MAS_ICR_CP/aiservice" - -tenantNamespace: "aiservice-MAS_AISERVICE_TENANT_NAME" -# mas_aiservice_provision_tenant: "MAS_AISERVICE_PROVISION_TENANT" -primary_storage_class: "PRIMARY_STORAGE_CLASS" - -# Bucket names -mas_aiservice_storage_templates_bucket: "MAS_AISERVICE_STORAGE_TEMPLATES_BUCKET" -mas_aiservice_storage_tenants_bucket: "MAS_AISERVICE_STORAGE_TENANTS_BUCKET" -mas_aiservice_storage_pipelines_bucket: "mas_aiservice_storage_pipelines_bucket" - -#container images -image_store: "MAS_ICR_CP/aiservice/store:1.0.2" -image_watcher: "MAS_ICR_CP/aiservice/watcher:1.0.2-pre.dev10x" -image_controller: "MAS_ICR_CP/aiservice/controller:1.0.2-pre.dev10x" - -mas_aiservice_pipeline_steps_tag: 1.0.0 -mas_aiservice_connector_tag: 1.0.0 - -# model -# model_id_unique_length: "8" -# model_id_prefix: "m" - - -# Source container registry -# ----------------------------------------------------------------------------- -# mas_icr_cp: "cp.icr.io/cp" -mas_icr_cp: "docker-na-public.artifactory.swg-devops.com/wiotp-docker-local" \ No newline at end of file diff --git a/root-applications/ibm-aiservice-instance-root/templates/050-ibm-kmodels-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/050-ibm-kmodels-app.yaml deleted file mode 100644 index f232ee853..000000000 --- a/root-applications/ibm-aiservice-instance-root/templates/050-ibm-kmodels-app.yaml +++ /dev/null @@ -1,95 +0,0 @@ -{{- if not (empty .Values.ibm_kmodel) }} ---- -# IBM Maximo Kmodels -apiVersion: argoproj.io/v1alpha1 -kind: Application -metadata: - name: kmodel.{{ .Values.cluster.id }}.{{ .Values.instance.id }} - namespace: {{ .Values.argo.namespace }} - labels: - environment: '{{ .Values.account.id }}' - region: '{{ .Values.region.id }}' - cluster: '{{ .Values.cluster.id }}' - instance: '{{ .Values.instance.id }}' - annotations: - argocd.argoproj.io/sync-wave: "050" - healthCheckTimeout: "1800" - {{- if and .Values.notifications .Values.notifications.slack_channel_id }} - notifications.argoproj.io/subscribe.on-sync-failed.workspace1: {{ .Values.notifications.slack_channel_id }} - notifications.argoproj.io/subscribe.on-sync-succeeded.workspace1: {{ .Values.notifications.slack_channel_id }} - {{- end }} - finalizers: - - resources-finalizer.argocd.argoproj.io -spec: - project: "{{ .Values.argo.projects.apps }}" - destination: - server: {{ .Values.cluster.url }} - namespace: "{{ .Values.ibm_kmodel.openshift_namespace }}" - source: - repoURL: "{{ .Values.source.repo_url }}" - path: instance-applications/114-ibm-kmodels - targetRevision: "{{ .Values.source.revision }}" - plugin: - name: {{ .Values.avp.name }} - env: - - name: {{ .Values.avp.values_varname }} - value: | - openshift_namespace: "{{ .Values.ibm_kmodel.openshift_namespace }}" - run_sync_hooks: "{{ .Values.ibm_kmodel.run_sync_hooks }}" - aiservice_namespace: "{{ .Values.ibm_kmodel.aiservice_namespace }}" - mas_aiservice_storage_provider: "{{ .Values.ibm_kmodel.mas_aiservice_storage_provider }}" - mas_aiservice_storage_ssl: "{{ .Values.ibm_kmodel.mas_aiservice_storage_ssl }}" - mas_aiservice_storage_accesskey: "{{ .Values.ibm_kmodel.mas_aiservice_storage_accesskey }}" - mas_aiservice_storage_secretkey: "{{ .Values.ibm_kmodel.mas_aiservice_storage_secretkey }}" - mas_aiservice_storage_host: "{{ .Values.ibm_kmodel.mas_aiservice_storage_host }}" - mas_aiservice_storage_port: "{{ .Values.ibm_kmodel.mas_aiservice_storage_port }}" - mas_aiservice_storage_region: "{{ .Values.ibm_kmodel.mas_aiservice_storage_region }}" - ssh_secret_name: "{{ .Values.ibm_kmodel.ssh_secret_name }}" - pullSecretName: "{{ .Values.ibm_kmodel.pullSecretName }}" - docker_server: "{{ .Values.ibm_kmodel.docker_server }}" - tenantNamespace: "{{ .Values.ibm_kmodel.tenantNamespace }}" - mas_aiservice_provision_tenant: "{{ .Values.ibm_kmodel.mas_aiservice_provision_tenant }}" - primary_storage_class: "{{ .Values.ibm_kmodel.primary_storage_class }}" - mas_aiservice_storage_templates_bucket: "{{ .Values.ibm_kmodel.mas_aiservice_storage_templates_bucket }}" - mas_aiservice_storage_tenants_bucket: "{{ .Values.ibm_kmodel.mas_aiservice_storage_tenants_bucket }}" - mas_aiservice_storage_pipelines_bucket: "{{ .Values.ibm_kmodel.mas_aiservice_storage_pipelines_bucket }}" - image_store: "{{ .Values.ibm_kmodel.image_store }}" - image_watcher: "{{ .Values.ibm_kmodel.image_watcher }}" - image_controller: "{{ .Values.ibm_kmodel.image_controller }}" - mas_aiservice_pipeline_steps_tag: "{{ .Values.ibm_kmodel.mas_aiservice_pipeline_steps_tag }}" - mas_aiservice_connector_tag: "{{ .Values.ibm_kmodel.mas_aiservice_connector_tag }}" - aiservice_internal_tls: "{{ .Values.ibm_kmodel.aiservice_internal_tls }}" - mas_instance_id: "{{ .Values.ibm_kmodel.mas_instance_id }}" - model_id_unique_length: "{{ .Values.ibm_kmodel.model_id_unique_length }}" - model_id_prefix: "{{ .Values.ibm_kmodel.model_id_prefix }}" - ds_pipelines_enabled: "{{ .Values.ibm_kmodel.ds_pipelines_enabled }}" - mas_icr_cp: "{{ .Values.ibm_aiservice.mas_icr_cp }}" - - junitreporter: - reporter_name: "ibm-kmodel-{{ .Values.instance.id }}" - cluster_id: "{{ .Values.cluster.id }}" - devops_mongo_uri: "{{ .Values.devops.mongo_uri }}" - devops_build_number: "{{ .Values.devops.build_number }}" - gitops_version: "{{ .Values.source.revision }}" - - name: ARGOCD_APP_NAME - value: kmodelapp - {{- if not (empty .Values.avp.secret) }} - - name: AVP_SECRET - value: {{ .Values.avp.secret }} - {{- end }} - syncPolicy: - automated: - {{- if .Values.auto_delete }} - prune: true - {{- end }} - selfHeal: true - retry: - limit: 20 - syncOptions: - - CreateNamespace=true - managedNamespaceMetadata: - labels: -{{- if .Values.custom_labels }} -{{ .Values.custom_labels | toYaml | indent 8 }} -{{- end }} -{{- end }} From f5cbc23221771c64a76e36865461a61ba4588bea Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 11 Sep 2025 15:22:50 +0530 Subject: [PATCH 10/92] remove kmodel yaml --- .../templates/099-aiservice-instance-appset.yaml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/root-applications/ibm-mas-cluster-root/templates/099-aiservice-instance-appset.yaml b/root-applications/ibm-mas-cluster-root/templates/099-aiservice-instance-appset.yaml index f8f2cd4ef..bc0bea47a 100644 --- a/root-applications/ibm-mas-cluster-root/templates/099-aiservice-instance-appset.yaml +++ b/root-applications/ibm-mas-cluster-root/templates/099-aiservice-instance-appset.yaml @@ -39,11 +39,6 @@ spec: revision: "{{ .Values.generator.revision }}" files: - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-aiservice.yaml" - - git: - repoURL: "{{ .Values.generator.repo_url }}" - revision: "{{ .Values.generator.revision }}" - files: - - path: "{{ .Values.account.id }}/{{ .Values.cluster.id }}/*/ibm-kmodel.yaml" syncPolicy: applicationsSync: "{{- if .Values.auto_delete }}sync{{- else }}create-update{{- end }}" template: From c4d831f3c9fc8e9d883e21ec4d32eaa6456f7695 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 11 Sep 2025 15:39:14 +0530 Subject: [PATCH 11/92] create namespace --- .../112-ibm-odh/templates/04-odh-operator-subcription.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml index cd5d7f2ec..d960b3a1e 100644 --- a/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml +++ b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml @@ -1,4 +1,11 @@ --- +apiVersion: v1 +kind: Namespace +metadata: + name: {{ .Values.opendatahub_namespace }} + annotations: + argocd.argoproj.io/sync-wave: "125" +--- apiVersion: operators.coreos.com/v1 kind: OperatorGroup metadata: From 79be95a7de4bca9b3cf5101f8bd72e1644d1c287 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 11 Sep 2025 15:43:45 +0530 Subject: [PATCH 12/92] Update 04-odh-operator-subcription.yaml update odh spec --- .../112-ibm-odh/templates/04-odh-operator-subcription.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml index d960b3a1e..5d99b81a5 100644 --- a/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml +++ b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml @@ -13,8 +13,6 @@ metadata: namespace: {{ .Values.opendatahub_namespace}} annotations: argocd.argoproj.io/sync-wave: "126" -spec: - targetNamespaces: [] --- apiVersion: operators.coreos.com/v1alpha1 From 4bd5b731ed2c0d0520c5f2a917d3de01bc1b80cc Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 11 Sep 2025 15:59:56 +0530 Subject: [PATCH 13/92] update source --- .../ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml index 3f698f5d0..43274385b 100644 --- a/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/030-ibm-odh-app.yaml @@ -50,7 +50,7 @@ spec: opendatahub_namespace: "{{ .Values.ibm_odh.opendatahub_namespace }}" opendatahub_installPlanApproval: "{{ .Values.ibm_odh.opendatahub_installPlanApproval }}" opendatahub_source: "{{ .Values.ibm_odh.opendatahub_source }}" - opendatahub__sourceNamespace: "{{ .Values.ibm_odh.opendatahub__sourceNamespace }}" + opendatahub_sourceNamespace: "{{ .Values.ibm_odh.opendatahub_sourceNamespace }}" odh_pipeline_channel: "{{ .Values.ibm_odh.odh_pipeline_channel }}" odh_pipeline_installplan: "{{ .Values.ibm_odh.odh_pipeline_installplan }}" From 6b1cac259aa52a39790f4b4460401a4542566530 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 11 Sep 2025 17:40:03 +0530 Subject: [PATCH 14/92] update to source change catalog_source to source --- .../112-ibm-odh/templates/04-odh-operator-subcription.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml index 5d99b81a5..52fe6d2a8 100644 --- a/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml +++ b/instance-applications/112-ibm-odh/templates/04-odh-operator-subcription.yaml @@ -26,6 +26,6 @@ spec: channel: {{ .Values.opendatahub_channel}} installPlanApproval: {{ .Values.opendatahub_installPlanApproval}} name: {{ .Values.opendatahub_name}} - catalog_source: {{ .Values.opendatahub_source}} + source: {{ .Values.opendatahub_source}} sourceNamespace: {{ .Values.opendatahub_sourceNamespace}} startingCSV: {{ .Values.odh_operator_version }} \ No newline at end of file From 639da77801cb142bc1a2a49b34086317f843f3c6 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 11 Sep 2025 17:59:50 +0530 Subject: [PATCH 15/92] update aiservice --- .../templates/040-ibm-aiservice-app.yaml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml index 03a762b69..658473016 100644 --- a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml @@ -39,12 +39,6 @@ spec: aiservice_s3_secret: "{{ .Values.ibm_aiservice.aiservice_s3_secret }}" - aiservice_watsonx_secret: "{{ .Values.ibm_aiservice.aiservice_watsonx_secret }}" - aiservice_watsonxai_apikey: "{{ .Values.ibm_aiservice.aiservice_watsonxai_apikey }}" - aiservice_watsonxai_url: "{{ .Values.ibm_aiservice.aiservice_watsonxai_url }}" - aiservice_watsonxai_project_id: "{{ .Values.ibm_aiservice.aiservice_watsonxai_project_id }}" - - s3_apikey: "{{ .Values.ibm_aiservice.s3_apikey }}" aiservice_s3_accesskey: "{{ .Values.ibm_aiservice.aiservice_s3_accesskey }}" aiservice_s3_secretkey: "{{ .Values.ibm_aiservice.aiservice_s3_secretkey }}" @@ -54,10 +48,6 @@ spec: aiservice_sls_registration_key_secret: "{{ .Values.ibm_aiservice.aiservice_sls_registration_key_secret }}" slscfg_registration_key: "{{ .Values.ibm_aiservice.slscfg_registration_key }}" - aiservice_storage_pipelines_bucket: "{{ .Values.ibm_aiservice.aiservice_storage_pipelines_bucket }}" - aiservice_storage_tenants_bucket: "{{ .Values.ibm_aiservice.aiservice_storage_tenants_bucket }}" - aiservice_storage_templates_bucket: "{{ .Values.ibm_aiservice.aiservice_storage_templates_bucket }}" - aiservice_dro_token_secret: "{{ .Values.ibm_aiservice.aiservice_dro_token_secret }}" aiservice_dro_cacert_secret: "{{ .Values.ibm_aiservice.aiservice_dro_cacert_secret }}" From 909d78156d7c490c7e951a5a3d8b9ff4d5921891 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 12 Sep 2025 11:39:36 +0530 Subject: [PATCH 16/92] remove \ --- .../templates/040-ibm-aiservice-app.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml index 658473016..db0038c60 100644 --- a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml @@ -74,7 +74,7 @@ spec: mas_catalog_source: "{{ .Values.ibm_aiservice.mas_catalog_source }}" mas_icr_cp: "{{ .Values.ibm_aiservice.mas_icr_cp }}" - mas_icr_cpopen: "{{ .Values.ibm_aiservice.mas_icr_cpopen }}"\ + mas_icr_cpopen: "{{ .Values.ibm_aiservice.mas_icr_cpopen }}" in_saas_env: "{{ .Values.ibm_aiservice.in_saas_env }}" aiservice_domain: "{{ .Values.ibm_aiservice.aiservice_domain }}" From 4a2f73228c5bf123d57db3d213fa4d75583a7ddb Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 12 Sep 2025 12:06:17 +0530 Subject: [PATCH 17/92] unwanted code remove aiservice_sls_registration_key_secret --- .../templates/040-ibm-aiservice-app.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml index db0038c60..015def47d 100644 --- a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml @@ -85,8 +85,6 @@ spec: aiservice_s3_templates_bucket: "{{ .Values.ibm_aiservice.aiservice_s3_templates_bucket }}" aiservice_s3_tenants_bucket: "{{ .Values.ibm_aiservice.aiservice_s3_tenants_bucket }}" aiservice_s3_secret: "{{ .Values.ibm_aiservice.aiservice_s3_secret }}" - aiservice_sls_registration_key_secret: "{{ .Values.aiservice_sls_registration_key_secret }}" - aiservice_storage_class: "{{ .Values.ibm_aiservice.aiservice_storage_class }}" aiservice_s3_ssl: "{{ .Values.ibm_aiservice.aiservice_s3_ssl }}" aiservice_s3_accesskey: "{{ .Values.ibm_aiservice.aiservice_s3_accesskey }}" From 82177e29af42cfcb4e7be60f2253c5e2f38a1f6c Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 12 Sep 2025 12:08:15 +0530 Subject: [PATCH 18/92] name update --- .../113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml b/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml index 1f6f3c210..45bce6a12 100644 --- a/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml +++ b/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: "{{ .Values.aiservice_sls_registration_key_secret }}" + name: "sls-registration-key" namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "141" From fca60d0710233a02cb9fa4921ae9814b6e9d6771 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 12 Sep 2025 14:27:03 +0530 Subject: [PATCH 19/92] Update 02-aiservice-sls-secret.yaml --- .../113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml b/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml index 45bce6a12..1f6f3c210 100644 --- a/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml +++ b/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml @@ -2,7 +2,7 @@ apiVersion: v1 kind: Secret metadata: - name: "sls-registration-key" + name: "{{ .Values.aiservice_sls_registration_key_secret }}" namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "141" From c78451c81028f83158fc6b76cfc699ce2c79b94c Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 12 Sep 2025 14:32:55 +0530 Subject: [PATCH 20/92] hard code --- .../113-ibm-aiservice/templates/07-aiservice-app.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml index c19cdfed8..637e818ee 100644 --- a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml +++ b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml @@ -24,11 +24,11 @@ spec: url: "{{ .Values.jdbccfg_url }}" secretName: "{{ .Values.aiservice_jdbc_secret }}" ca: "{{ .Values.jdbccfg_ca }}" - useAwsDb2: "{{ .Values.use_aws_db2 }}" + useAwsDb2: "true" storageClassName: "{{ .Values.aiservice_storage_class }}" domain: "{{ .Values.aiservice_domain }}" - inSaasEnv: "{{ .Values.in_saas_env }}" + inSaasEnv: "true" environmentType: "{{ .Values.environment_type }}" modelId: From 9f399062216aa215073ce9a04819dca46bf07642 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 12 Sep 2025 16:20:13 +0530 Subject: [PATCH 21/92] without double quate --- .../113-ibm-aiservice/templates/07-aiservice-app.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml index 637e818ee..0925cba13 100644 --- a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml +++ b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml @@ -24,11 +24,11 @@ spec: url: "{{ .Values.jdbccfg_url }}" secretName: "{{ .Values.aiservice_jdbc_secret }}" ca: "{{ .Values.jdbccfg_ca }}" - useAwsDb2: "true" + useAwsDb2: true storageClassName: "{{ .Values.aiservice_storage_class }}" domain: "{{ .Values.aiservice_domain }}" - inSaasEnv: "true" + inSaasEnv: true environmentType: "{{ .Values.environment_type }}" modelId: From 44878ce7f0061625f190dab6d844904e36839a1f Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 12 Sep 2025 17:10:03 +0530 Subject: [PATCH 22/92] remove unwanted --- .../templates/100-ibm-aiservice-tenant-app.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml index 9dc173199..c87cf7bd6 100644 --- a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml +++ b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml @@ -44,7 +44,6 @@ spec: cluster_id: "{{ .Values.cluster.id }}" # SAAS aiservice_saas_apikey: "{{ .Values.ibm_aiservice_tenant.aiservice_saas_apikey }}" - # in_saas_env: "{{ .Values.ibm_aiservice_tenant.in_saas_env }}" mas_aiservice_saas: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_saas }}" mas_aiservice_provision_tenant: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_provision_tenant }}" From 38c4cc0559ab6d48f28d50808e213d18c5559b23 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 12 Sep 2025 17:11:20 +0530 Subject: [PATCH 23/92] remove unwanted code --- .../templates/100-ibm-aiservice-tenant-app.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml index c87cf7bd6..216f0e7d4 100644 --- a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml +++ b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml @@ -38,7 +38,6 @@ spec: tenant_id: "{{ .Values.ibm_aiservice_tenant.tenant_id }}" aiservice_instance_id: "{{ .Values.ibm_aiservice_tenant.aiservice_instance_id }}" aiservice_namespace: "{{ .Values.ibm_aiservice_tenant.aiservice_namespace }}" - ibm_entitlement_key: "{{ .Values.ibm_aiservice_tenant.ibm_entitlement_key }}" account_id: "{{ .Values.account.id }}" region_id: "{{ .Values.region.id }}" cluster_id: "{{ .Values.cluster.id }}" From 87e606a2e2765ee0c26f7cf4b682a0aa79768113 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 10:08:07 +0530 Subject: [PATCH 24/92] Update 100-ibm-aiservice-tenant-app.yaml --- .../templates/100-ibm-aiservice-tenant-app.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml index 216f0e7d4..59e14f0f0 100644 --- a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml +++ b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml @@ -48,11 +48,9 @@ spec: # Tenant artifactory_token: "{{ .Values.ibm_aiservice_tenant.artifactory_token }}" - mas_aiservice_tenant_name: "{{ .Values.ibm_aiservice_tenant.mas_aiservice_tenant_name }}" tenant_action: "{{ .Values.ibm_aiservice_tenant.tenant_action }}" tenantNamespace: "{{ .Values.ibm_aiservice_tenant.tenantNamespace }}" - # cluster_domain: "{{ .Values.ibm_aiservice_tenant.cluster_domain }}" mas_icr_cp: "{{ .Values.ibm_aiservice_tenant.mas_icr_cp }}" mas_icr_cpopen: "{{ .Values.ibm_aiservice_tenant.mas_icr_cpopen }}" From 8b3e5c5d76f3d699533fe49bd8e52a873ab30ac7 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 10:25:40 +0530 Subject: [PATCH 25/92] temp ns --- .../templates/00-aiservice-tenent-namespace_temp.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace_temp.yaml diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace_temp.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace_temp.yaml new file mode 100644 index 000000000..3b72744f7 --- /dev/null +++ b/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace_temp.yaml @@ -0,0 +1,8 @@ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: "temp" + annotations: + argocd.argoproj.io/sync-wave: "141" + From db10f6e39524bd7aea29b12ef1d7c24b0f68f145 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 10:56:12 +0530 Subject: [PATCH 26/92] remove temp --- .../templates/00-aiservice-tenent-namespace_temp.yaml | 8 -------- 1 file changed, 8 deletions(-) delete mode 100644 instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace_temp.yaml diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace_temp.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace_temp.yaml deleted file mode 100644 index 3b72744f7..000000000 --- a/instance-applications/115-ibm-aiservice-tenant/templates/00-aiservice-tenent-namespace_temp.yaml +++ /dev/null @@ -1,8 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: "temp" - annotations: - argocd.argoproj.io/sync-wave: "141" - From eaea4256efea49969f1bd870f225551904423bff Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 11:36:47 +0530 Subject: [PATCH 27/92] remove if block --- .../templates/100-ibm-aiservice-tenant-app.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml index 59e14f0f0..b2fc9fc5f 100644 --- a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml +++ b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml @@ -1,4 +1,3 @@ -{{- if not (empty .Values.ibm_aiservice_tenant) }} --- # IBM Maximo aiservice-tenant apiVersion: argoproj.io/v1alpha1 @@ -113,4 +112,3 @@ spec: {{- if .Values.custom_labels }} {{ .Values.custom_labels | toYaml | indent 8 }} {{- end }} -{{- end }} \ No newline at end of file From 20c471988c621fa3736857e01ce7f386af98ae5b Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 11:50:40 +0530 Subject: [PATCH 28/92] update if block --- .../templates/06-aiservice-workspace.yaml | 2 +- .../templates/100-ibm-aiservice-tenant-app.yaml | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml index 21b45b36d..4c6e99268 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml @@ -6,7 +6,7 @@ metadata: namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "307" - ansible.sdk.operatorframework.io/verbosity: "{{ aiservice_operator_log_level }}" + ansible.sdk.operatorframework.io/verbosity: "{{ .Values.aiservice_operator_log_level }}" labels: aiservice.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" app.kubernetes.io/instance: "{{ .Values.aiservice_instance_id }}" diff --git a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml index b2fc9fc5f..59e14f0f0 100644 --- a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml +++ b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml @@ -1,3 +1,4 @@ +{{- if not (empty .Values.ibm_aiservice_tenant) }} --- # IBM Maximo aiservice-tenant apiVersion: argoproj.io/v1alpha1 @@ -112,3 +113,4 @@ spec: {{- if .Values.custom_labels }} {{ .Values.custom_labels | toYaml | indent 8 }} {{- end }} +{{- end }} \ No newline at end of file From 25deec711a79b5d4af724e2a7e79b2ea426f59af Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 11:57:48 +0530 Subject: [PATCH 29/92] update loockup from Values.aiservice_namespace To: Values.ibm_aiservice_tenant.aiservice_namespace --- .../templates/06-aiservice-km-s3-secret.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 06a6ed51c..d496c1142 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -17,8 +17,8 @@ metadata: {{- end }} argocd.argoproj.io/sync-wave: "305" type: Opaque -data: - {{- with (lookup "v1" "Secret" .Values.aiservice_namespace "km-s3-secret") }} +stringData: + {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "km-s3-secret") }} {{- range $k, $v := .data }} {{ $k }}: {{ $v }} {{- end }} @@ -35,8 +35,8 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "306" type: Opaque -data: - {{- with (lookup "v1" "Secret" .Values.aiservice_namespace "ibm-entitlement") }} +stringData: + {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} {{- range $k, $v := .data }} {{ $k }}: {{ $v }} {{- end }} From cd4cfffecf2a9ffe5821b468e4d442b0cfb5e5d1 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 12:28:25 +0530 Subject: [PATCH 30/92] update values --- .../115-ibm-aiservice-tenant/values.yaml | 101 +++++++----------- .../ibm-aiservice-instance-root/values.yaml | 96 ++++++----------- 2 files changed, 73 insertions(+), 124 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/values.yaml b/instance-applications/115-ibm-aiservice-tenant/values.yaml index 0f67d4b87..ac4615704 100644 --- a/instance-applications/115-ibm-aiservice-tenant/values.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/values.yaml @@ -1,64 +1,41 @@ ---- -mas_instance_id: "MAS_INSTANCE_ID" -aibroker_namespace: "mas-{{ mas_instance_id }}-aibroker" -ibm_entitlement_key: "" - -# SAAS -aibroker_saas_apikey: "AIBROKER_SAAS_APIKEY" -in_saas_env: "true" -mas_aibroker_saas: "false" -mas_aibroker_provision_tenant: "provision-tenant" - -# Tenant -artifactory_token: "ARTIFACTORY_TOKEN" - -mas_aibroker_tenant_name: "user" -tenant_action: "true" -tenantNamespace: 'aibroker-{{ mas_aibroker_tenant_name }}' - -# cluster_domain: "" -mas_icr_cp: "cp.icr.io/cp" -mas_icr_cpopen: "icr.io/cpopen" - -# DRO -# mas_aibroker_dro_token_secret: "dro-token" -mas_aibroker_dro_cacert_secret: "dro-certificates" -drocfg_url: "{{ drocfg[1].spec.config.url }}" -drocfg_ca: "ca.crt" -drocfg_registration_key: "DRO_TOKEN" - -#sls -slscfg_registration_key: "registration_key" -slscfg_url: "{{ config.url }}" -# instanceIdentifier: 88abcdefghijkl -# slscfg_clientId: "aibroker-88s55n4n7obrkn" -# slscfg_ca: "aibroker-88s55n4n7obrkn-ca.crt" -# slscfg_tls: "aibroker-88s55n4n7obrkn-tls.crt" -# slscfg_key: "aibroker-88s55n4n7obrkn-tls.key" +ibm_aiservice_tenant: + # aiservice + tenant_id: "aiservice-tenant01" + aiservice_namespace: "aiservice-inst-1-aiservice" + aiservice_instance_id: "aiservice-inst-1" + tenantNamespace: "aiservice-t1" + + mas_icr_cp: "cp.icr.io/cp" + mas_icr_cpopen: "icr.io/cpopen" + + # dro + drocfg_url: "https://ibm-data-reporter-redhat-marketplace.apps.sremat-demo1.cp.fyre.ibm.com" + drocfg_ca: "" + drocfg_registration_key: "" + + # sls + slscfg_ca_tenant: "" + slscfg_url: "https://sls.ibm-sls.ibm-sls.apps.sremat-demo1.cp.fyre.ibm.com" + slscfg_registration_key: "" + aiservice_sls_subscription_id: "001" -# WatsonX -mas_aibroker_watsonxai_apikey: MAS_AIBROKER_WATSONXAI_APIKEY -mas_aibroker_watsonxai_url: MAS_AIBROKER_WATSONXAI_URL -mas_aibroker_watsonxai_project_id: MAS_AIBROKER_WATSONXAI_PROJECT_ID - -# SLS -#mas_aibroker_sls_registration_key_secret: "sls-registration-key" -mas_aibroker_sls_subscription_id: "001" - -# S3 -mas_aibroker_storage_provider: "minio" -mas_aibroker_storage_ssl: "true" -# following are the variable need to injected via environment variable -mas_aibroker_storage_accesskey: "mas_aibroker_storage_accesskey" -mas_aibroker_storage_secretkey: "mas_aibroker_storage_secretkey" -mas_aibroker_storage_host: "mas_aibroker_storage_host" -mas_aibroker_storage_port: "mas_aibroker_storage_port" -mas_aibroker_storage_region: "mas_aibroker_storage_region" -# mas_aibroker_storage_pipelines_bucket: "aibrokeruser-training-bucket" -mas_aibroker_s3_endpoint_url: "MAS_AIBROKER_TENANT_S3_ENDPOINT_URL" -mas_aibroker_s3_region: "MAS_AIBROKER_TENANT_S3_REGION" -mas_aibroker_s3_bucket_prefix: "MAS_AIBROKER_TENANT_S3_BUCKET_PREFIX" + rsl_url: "http://sandbox43-1.fyre.ibm.com:3001/api/v3/vector/query" + rsl_org_id: "" + rsl_token: "" + rsl_ca_crt: "" -tenant_entitlement_type: "MAS_AIBROKER_TENANT_ENTITLEMENT_TYPE" -tenant_entitlement_start_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_START_DATE" -tenant_entitlement_end_date: "MAS_AIBROKER_TENANT_ENTITLEMENT_END_DATE" + + # watsonx + aiservice_watsonxai_url: "https://us-south.ml.cloud.ibm.com" + aiservice_watsonxai_project_id: "" + aiservice_watsonxai_apikey: "" + aiservice_watsonx_full: "false" + aiservice_watsonx_instance_id: "" + aiservice_watsonx_version: "" + aiservice_watsonx_username: "" + + tenant_entitlement_type: "standard" + tenant_entitlement_start_date: "2025-06-11" + tenant_entitlement_end_date: "2049-11-11" + + aiservice_operator_log_level: "2" \ No newline at end of file diff --git a/root-applications/ibm-aiservice-instance-root/values.yaml b/root-applications/ibm-aiservice-instance-root/values.yaml index 682c5fa64..8bc01feee 100644 --- a/root-applications/ibm-aiservice-instance-root/values.yaml +++ b/root-applications/ibm-aiservice-instance-root/values.yaml @@ -256,71 +256,43 @@ ibm_aiservice: environment_type: "environment_type" ibm_aiservice_tenant: - aiservice_instance_id: aiservice_instance_id - aiservice_namespace: 'mas-{{ aiservice_instance_id }}-aiservice' - ibm_entitlement_key: "" - openshift_namespace: "openshift-operators" - # SAAS - aiservice_saas_apikey: "AISERVICE_SAAS_APIKEY" - # in_saas_env: "true" - mas_aiservice_saas: "false" - mas_aiservice_provision_tenant: "mas_aiservice_provision_tenant" + # aiservice + tenant_id: "aiservice-tenant01" + aiservice_namespace: "aiservice-inst-1-aiservice" + aiservice_instance_id: "aiservice-inst-1" + tenantNamespace: "aiservice-t1" - # Tenant - artifactory_token: "artifactory_token" - mas_aiservice_tenant_name: "user" - tenant_action: "true" - tenantNamespace: 'aiservice-{{ mas_aiservice_tenant_name }}' - - # cluster_domain: "" mas_icr_cp: "cp.icr.io/cp" mas_icr_cpopen: "icr.io/cpopen" - # DRO - # mas_aiservice_dro_token_secret: "dro-token" - mas_aiservice_dro_cacert_secret: "dro-certificates" - - drocfg_ca: "drocfg_ca" - drocfg_registration_key: "drocfg_registration_key" - drocfg_url: "drocfg_url" - - #sls - slscfg_registration_key: "slscfg_registration_key" - slscfg_url: "slscfg_url" - # slscfg_clientId: "slscfg_clientId" - # slscfg_ca: "slscfg_ca" - # slscfg_tls: "slscfg_tls" - # slscfg_key: "slscfg_key" - #RSL ##review - rsl_url: "rsl_url" - rsl_org_id: "rsl_org_id" - mas_aiservice_rsl_secret: "mas_aiservice_rsl_secret" - - - # WatsonX - mas_aiservice_watsonxai_apikey: MAS_AISERVICE_WATSONXAI_APIKEY - mas_aiservice_watsonxai_url: MAS_AISERVICE_WATSONXAI_URL - mas_aiservice_watsonxai_project_id: MAS_AISERVICE_WATSONXAI_PROJECT_ID + # dro + drocfg_url: "https://ibm-data-reporter-redhat-marketplace.apps.sremat-demo1.cp.fyre.ibm.com" + drocfg_ca: "" + drocfg_registration_key: "" - # SLS - #mas_aiservice_sls_registration_key_secret: "sls-registration-key" - mas_aiservice_sls_subscription_id: "001" - - # S3 - mas_aiservice_storage_provider: "aws" - mas_aiservice_storage_ssl: "true" - # following are the variable need to injected via environment variable - mas_aiservice_storage_accesskey: "mas_aiservice_storage_accesskey" - mas_aiservice_storage_secretkey: "mas_aiservice_storage_secretkey" - mas_aiservice_storage_host: "mas_aiservice_storage_host" - mas_aiservice_storage_port: "mas_aiservice_storage_port" - mas_aiservice_storage_region: "mas_aiservice_storage_region" - - # mas_aiservice_storage_pipelines_bucket: "aiserviceuser-training-bucket" - mas_aiservice_s3_endpoint_url: "MAS_AISERVICE_TENANT_S3_ENDPOINT_URL" - mas_aiservice_s3_region: "MAS_AISERVICE_TENANT_S3_REGION" - mas_aiservice_s3_bucket_prefix: "MAS_AISERVICE_TENANT_S3_BUCKET_PREFIX" + # sls + slscfg_ca_tenant: "" + slscfg_url: "https://sls.ibm-sls.ibm-sls.apps.sremat-demo1.cp.fyre.ibm.com" + slscfg_registration_key: "" + aiservice_sls_subscription_id: "001" + + rsl_url: "http://sandbox43-1.fyre.ibm.com:3001/api/v3/vector/query" + rsl_org_id: "" + rsl_token: "" + rsl_ca_crt: "" - tenant_entitlement_type: "MAS_AISERVICE_TENANT_ENTITLEMENT_TYPE" - tenant_entitlement_start_date: "MAS_AISERVICE_TENANT_ENTITLEMENT_START_DATE" - tenant_entitlement_end_date: "MAS_AISERVICE_TENANT_ENTITLEMENT_END_DATE" + + # watsonx + aiservice_watsonxai_url: "https://us-south.ml.cloud.ibm.com" + aiservice_watsonxai_project_id: "" + aiservice_watsonxai_apikey: "" + aiservice_watsonx_full: "false" + aiservice_watsonx_instance_id: "" + aiservice_watsonx_version: "" + aiservice_watsonx_username: "" + + tenant_entitlement_type: "standard" + tenant_entitlement_start_date: "2025-06-11" + tenant_entitlement_end_date: "2049-11-11" + + aiservice_operator_log_level: "2" \ No newline at end of file From d8a3d6ed0a2b04e4db59aaa9bfc45831acd261a1 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 13:48:52 +0530 Subject: [PATCH 31/92] api version update --- .../templates/06-aiservice-km-s3-secret.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index d496c1142..984524516 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -1,4 +1,5 @@ --- +apiVersion: v1 kind: Secret metadata: name: km-s3-secret From 573304f45552aa657b73dbd009da5c28e5852041 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 14:07:25 +0530 Subject: [PATCH 32/92] Update values.yaml --- instance-applications/115-ibm-aiservice-tenant/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/values.yaml b/instance-applications/115-ibm-aiservice-tenant/values.yaml index ac4615704..c911096b5 100644 --- a/instance-applications/115-ibm-aiservice-tenant/values.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/values.yaml @@ -1,9 +1,9 @@ ibm_aiservice_tenant: # aiservice - tenant_id: "aiservice-tenant01" + tenant_id: "aiservice-t01" aiservice_namespace: "aiservice-inst-1-aiservice" aiservice_instance_id: "aiservice-inst-1" - tenantNamespace: "aiservice-t1" + tenantNamespace: "aiservice-usr1" mas_icr_cp: "cp.icr.io/cp" mas_icr_cpopen: "icr.io/cpopen" From 0be3b3ab66e02e010b362390002228abee22214f Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 14:20:20 +0530 Subject: [PATCH 33/92] update with data --- .../templates/06-aiservice-km-s3-secret.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 984524516..7e2db0000 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -18,7 +18,7 @@ metadata: {{- end }} argocd.argoproj.io/sync-wave: "305" type: Opaque -stringData: +data: {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "km-s3-secret") }} {{- range $k, $v := .data }} {{ $k }}: {{ $v }} @@ -36,7 +36,7 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "306" type: Opaque -stringData: +data: {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} {{- range $k, $v := .data }} {{ $k }}: {{ $v }} From f83d7bc7048a160c055840d6e9820cbbd07e8ffe Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 14:28:24 +0530 Subject: [PATCH 34/92] project_id update --- .../templates/06-aiservice-workspace.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml index 4c6e99268..76fbc403b 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml @@ -35,7 +35,7 @@ spec: watsonxai: url: "{{ .Values.aiservice_watsonxai_url }}" secretName: "{{ .Values.tenantNamespace }}----wx-secret" - project_id: "{{ .Values.aiservice_watsonxai_project_id }}" + project_id: "16f0743c-0dfc-4223-8047-047c0a3b7232" tenant: tenantId: "{{ .Values.tenantNamespace }}" subscriptionId: "{{ .Values.aiservice_sls_subscription_id }}" From a100ffa27d892c90d32a3b727053e2e8632e8165 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 15:15:48 +0530 Subject: [PATCH 35/92] copy secret --- .../templates/06-aiservice-km-s3-secret.yaml | 130 +++++++++++++----- 1 file changed, 93 insertions(+), 37 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 7e2db0000..4c07fa577 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -1,44 +1,100 @@ --- apiVersion: v1 -kind: Secret +kind: ServiceAccount metadata: - name: km-s3-secret - namespace: "{{ .Values.tenantNamespace }}" - labels: - app.kubernetes.io/managed-by: gitops - annotations: - {{- with (lookup "v1" "Secret" (printf "aiservice-%s" .Values.aiservice_instance_id) "km-s3-secret") }} - {{- if .metadata.annotations }} - {{- range $k, $v := .metadata.annotations }} - {{- if ne $k "argocd.argoproj.io/sync-wave" }} - {{ $k }}: {{ $v | quote }} - {{- end }} - {{- end }} - {{- end }} - {{- end }} - argocd.argoproj.io/sync-wave: "305" -type: Opaque -data: - {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "km-s3-secret") }} - {{- range $k, $v := .data }} - {{ $k }}: {{ $v }} - {{- end }} - {{- end }} + name: copy-secret-job + namespace: {{ .Values.aiservice_namespace }} +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: secret-reader + namespace: {{ .Values.aiservice_namespace }} +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "list"] --- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: secret-reader-binding + namespace: {{ .Values.aiservice_namespace }} +subjects: + - kind: ServiceAccount + name: copy-secret-job + namespace: {{ .Values.aiservice_namespace }} +roleRef: + kind: Role + name: secret-reader + apiGroup: rbac.authorization.k8s.io -apiVersion: v1 -kind: Secret +# apiVersion: v1 +# kind: Secret +# metadata: +# name: ibm-entitlement +# namespace: "{{ .Values.tenantNamespace }}" +# labels: +# app.kubernetes.io/managed-by: gitops +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# type: Opaque +# data: +# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} +# {{- range $k, $v := .data }} +# {{ $k }}: {{ $v }} +# {{- end }} +# {{- end }} +--- +apiVersion: batch/v1 +kind: Job metadata: - name: ibm-entitlement - namespace: "{{ .Values.tenantNamespace }}" - labels: - app.kubernetes.io/managed-by: gitops + name: copy-ibm-entitlement + namespace: {{ .Values.aiservice_namespace }} annotations: - argocd.argoproj.io/sync-wave: "306" -type: Opaque -data: - {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} - {{- range $k, $v := .data }} - {{ $k }}: {{ $v }} - {{- end }} - {{- end }} + argocd.argoproj.io/hook: PreSync +spec: + template: + spec: + serviceAccountName: copy-secret-job + containers: + - name: copy-secret + image: bitnami/kubectl:latest + command: + - /bin/sh + - -c + - | + echo "Copying ibm-entitlement secret from {{ .Values.aiservice_namespace }} to {{ .Values.tenantNamespace }}" + kubectl get secret ibm-entitlement -n {{ .Values.aiservice_namespace }} -o yaml | \ + sed "s/namespace: {{ .Values.aiservice_namespace }}/namespace: {{ .Values.tenantNamespace }}/" | \ + kubectl apply -f - + restartPolicy: OnFailure + + +# --- +# apiVersion: v1 +# kind: Secret +# metadata: +# name: km-s3-secret +# namespace: "{{ .Values.tenantNamespace }}" +# labels: +# app.kubernetes.io/managed-by: gitops +# annotations: +# {{- with (lookup "v1" "Secret" (printf "aiservice-%s" .Values.aiservice_instance_id) "km-s3-secret") }} +# {{- if .metadata.annotations }} +# {{- range $k, $v := .metadata.annotations }} +# {{- if ne $k "argocd.argoproj.io/sync-wave" }} +# {{ $k }}: {{ $v | quote }} +# {{- end }} +# {{- end }} +# {{- end }} +# {{- end }} +# argocd.argoproj.io/sync-wave: "306" +# type: Opaque +# data: +# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "km-s3-secret") }} +# {{- range $k, $v := .data }} +# {{ $k }}: {{ $v }} +# {{- end }} +# {{- end }} + From 2916fcfb47236f2af71254dde24562b32f833986 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 15:19:41 +0530 Subject: [PATCH 36/92] job update presync --- .../templates/06-aiservice-km-s3-secret.yaml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 4c07fa577..1dc833eb0 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -4,12 +4,16 @@ kind: ServiceAccount metadata: name: copy-secret-job namespace: {{ .Values.aiservice_namespace }} + annotations: + argocd.argoproj.io/sync-wave: "305" --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: secret-reader namespace: {{ .Values.aiservice_namespace }} + annotations: + argocd.argoproj.io/sync-wave: "305" rules: - apiGroups: [""] resources: ["secrets"] @@ -20,6 +24,8 @@ kind: RoleBinding metadata: name: secret-reader-binding namespace: {{ .Values.aiservice_namespace }} + annotations: + argocd.argoproj.io/sync-wave: "306" subjects: - kind: ServiceAccount name: copy-secret-job @@ -53,6 +59,7 @@ metadata: namespace: {{ .Values.aiservice_namespace }} annotations: argocd.argoproj.io/hook: PreSync + argocd.argoproj.io/sync-wave: "307" spec: template: spec: From 7a1e9d29c43a17f95481ccda189f16a07869fe6e Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Mon, 15 Sep 2025 18:07:06 +0530 Subject: [PATCH 37/92] Update 06-aiservice-km-s3-secret.yaml --- .../templates/06-aiservice-km-s3-secret.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 1dc833eb0..6e7db0fb5 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -58,7 +58,6 @@ metadata: name: copy-ibm-entitlement namespace: {{ .Values.aiservice_namespace }} annotations: - argocd.argoproj.io/hook: PreSync argocd.argoproj.io/sync-wave: "307" spec: template: From 620b555b152593abe51e0cb33a2093a5885d84e9 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 10:23:18 +0530 Subject: [PATCH 38/92] update secret copy job --- .../templates/06-aiservice-km-s3-secret.yaml | 177 +++++++++++++++--- 1 file changed, 146 insertions(+), 31 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 6e7db0fb5..8b83423a9 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -1,8 +1,18 @@ +{{- $_job_name_prefix := printf "presync-copy-ai-secrets-%s" .Values.tenantNamespace }} + +{{- $_cli_image_digest := "sha256:834dffd4da534c01daea4e0a6d9db7d00a9ad9b18b054cc034985fcaceedeacd" }} + +{{- $_job_config_values := omit .Values "junitreporter" }} +{{- $_job_version := "v3" }} +{{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image_digest $_job_version | adler32sum }} +{{- $_job_name := join "-" (list $_job_name_prefix $_job_hash ) }} +{{- $_job_cleanup_group := cat $_job_name_prefix | sha1sum }} --- + apiVersion: v1 kind: ServiceAccount metadata: - name: copy-secret-job + name: copy-secret-job-{{ .Values.tenantNamespace }} namespace: {{ .Values.aiservice_namespace }} annotations: argocd.argoproj.io/sync-wave: "305" @@ -10,7 +20,7 @@ metadata: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: secret-reader + name: secret-reader-{{ .Values.tenantNamespace }} namespace: {{ .Values.aiservice_namespace }} annotations: argocd.argoproj.io/sync-wave: "305" @@ -22,61 +32,166 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: secret-reader-binding + name: secret-reader-binding-{{ .Values.tenantNamespace }} namespace: {{ .Values.aiservice_namespace }} annotations: argocd.argoproj.io/sync-wave: "306" subjects: - kind: ServiceAccount - name: copy-secret-job + name: copy-secret-job-{{ .Values.tenantNamespace }} namespace: {{ .Values.aiservice_namespace }} roleRef: kind: Role - name: secret-reader + name: secret-reader-{{ .Values.tenantNamespace }} apiGroup: rbac.authorization.k8s.io - -# apiVersion: v1 -# kind: Secret -# metadata: -# name: ibm-entitlement -# namespace: "{{ .Values.tenantNamespace }}" -# labels: -# app.kubernetes.io/managed-by: gitops -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# type: Opaque -# data: -# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} -# {{- range $k, $v := .data }} -# {{ $k }}: {{ $v }} -# {{- end }} -# {{- end }} --- apiVersion: batch/v1 kind: Job metadata: - name: copy-ibm-entitlement + name: {{ $_job_name }} namespace: {{ .Values.aiservice_namespace }} annotations: argocd.argoproj.io/sync-wave: "307" + labels: + mas.ibm.com/job-cleanup-group: {{ $_job_cleanup_group }} +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 4 }} +{{- end }} spec: template: + metadata: + labels: + app: sync-job +{{- if .Values.custom_labels }} +{{ .Values.custom_labels | toYaml | indent 8 }} +{{- end }} spec: - serviceAccountName: copy-secret-job + serviceAccountName: copy-secret-job-{{ .Values.tenantNamespace }} + restartPolicy: OnFailure containers: - - name: copy-secret - image: bitnami/kubectl:latest + - name: copy-secrets + image: quay.io/ibmmas/cli@{{ $_cli_image_digest }} + imagePullPolicy: IfNotPresent + env: + - name: SOURCE_NAMESPACE + value: "{{ .Values.aiservice_namespace }}" + - name: TARGET_NAMESPACE + value: "{{ .Values.tenantNamespace }}" + - name: SECRETS_TO_COPY + value: "ibm-entitlement km-s3-secret" command: - /bin/sh - -c - | - echo "Copying ibm-entitlement secret from {{ .Values.aiservice_namespace }} to {{ .Values.tenantNamespace }}" - kubectl get secret ibm-entitlement -n {{ .Values.aiservice_namespace }} -o yaml | \ - sed "s/namespace: {{ .Values.aiservice_namespace }}/namespace: {{ .Values.tenantNamespace }}/" | \ - kubectl apply -f - - restartPolicy: OnFailure + set -e + echo "Starting secret copy from $SOURCE_NAMESPACE to $TARGET_NAMESPACE" + + for SECRET_NAME in $SECRETS_TO_COPY; do + echo "--------------------------------------------------------" + echo "Copying secret: $SECRET_NAME" + echo "--------------------------------------------------------" + + if ! kubectl get secret $SECRET_NAME -n $SOURCE_NAMESPACE -o yaml > /tmp/${SECRET_NAME}.yaml; then + echo "❌ Failed to get secret $SECRET_NAME from namespace $SOURCE_NAMESPACE" + exit 1 + fi + sed -i "s/namespace: $SOURCE_NAMESPACE/namespace: $TARGET_NAMESPACE/" /tmp/${SECRET_NAME}.yaml + if ! kubectl apply -f /tmp/${SECRET_NAME}.yaml; then + echo "❌ Failed to apply $SECRET_NAME to namespace $TARGET_NAMESPACE" + exit 1 + fi + + if ! kubectl get secret $SECRET_NAME -n $TARGET_NAMESPACE > /dev/null; then + echo "❌ Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" + exit 1 + fi + + echo "✅ Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" + done + + echo "✅ All secrets copied successfully" + +# --- +# apiVersion: v1 +# kind: ServiceAccount +# metadata: +# name: copy-secret-job +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# --- +# apiVersion: rbac.authorization.k8s.io/v1 +# kind: Role +# metadata: +# name: secret-reader +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# rules: +# - apiGroups: [""] +# resources: ["secrets"] +# verbs: ["get", "list"] +# --- +# apiVersion: rbac.authorization.k8s.io/v1 +# kind: RoleBinding +# metadata: +# name: secret-reader-binding +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "306" +# subjects: +# - kind: ServiceAccount +# name: copy-secret-job +# namespace: {{ .Values.aiservice_namespace }} +# roleRef: +# kind: Role +# name: secret-reader +# apiGroup: rbac.authorization.k8s.io + + +# --- +# apiVersion: batch/v1 +# kind: Job +# metadata: +# name: copy-ibm-entitlement +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "307" +# spec: +# template: +# spec: +# serviceAccountName: copy-secret-job +# containers: +# - name: copy-secret +# image: bitnami/kubectl:latest +# command: +# - /bin/sh +# - -c +# - | +# echo "Copying ibm-entitlement secret from {{ .Values.aiservice_namespace }} to {{ .Values.tenantNamespace }}" +# kubectl get secret ibm-entitlement -n {{ .Values.aiservice_namespace }} -o yaml | \ +# sed "s/namespace: {{ .Values.aiservice_namespace }}/namespace: {{ .Values.tenantNamespace }}/" | \ +# kubectl apply -f - +# restartPolicy: OnFailure + +# apiVersion: v1 +# kind: Secret +# metadata: +# name: ibm-entitlement +# namespace: "{{ .Values.tenantNamespace }}" +# labels: +# app.kubernetes.io/managed-by: gitops +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# type: Opaque +# data: +# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} +# {{- range $k, $v := .data }} +# {{ $k }}: {{ $v }} +# {{- end }} +# {{- end }} # --- # apiVersion: v1 # kind: Secret From fd270f5a47219c11a36dd5dbaf7292627d1f0c6d Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 10:32:56 +0530 Subject: [PATCH 39/92] update ROLE and RB --- .../templates/06-aiservice-km-s3-secret.yaml | 44 ++++++++++++++++--- 1 file changed, 37 insertions(+), 7 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 8b83423a9..ba22559b1 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -1,14 +1,12 @@ {{- $_job_name_prefix := printf "presync-copy-ai-secrets-%s" .Values.tenantNamespace }} - {{- $_cli_image_digest := "sha256:834dffd4da534c01daea4e0a6d9db7d00a9ad9b18b054cc034985fcaceedeacd" }} - {{- $_job_config_values := omit .Values "junitreporter" }} {{- $_job_version := "v3" }} {{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image_digest $_job_version | adler32sum }} {{- $_job_name := join "-" (list $_job_name_prefix $_job_hash ) }} {{- $_job_cleanup_group := cat $_job_name_prefix | sha1sum }} ---- +--- apiVersion: v1 kind: ServiceAccount metadata: @@ -16,6 +14,7 @@ metadata: namespace: {{ .Values.aiservice_namespace }} annotations: argocd.argoproj.io/sync-wave: "305" + --- apiVersion: rbac.authorization.k8s.io/v1 kind: Role @@ -28,6 +27,7 @@ rules: - apiGroups: [""] resources: ["secrets"] verbs: ["get", "list"] + --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding @@ -44,6 +44,37 @@ roleRef: kind: Role name: secret-reader-{{ .Values.tenantNamespace }} apiGroup: rbac.authorization.k8s.io + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: secret-writer-{{ .Values.tenantNamespace }} + namespace: {{ .Values.tenantNamespace }} + annotations: + argocd.argoproj.io/sync-wave: "306" +rules: + - apiGroups: [""] + resources: ["secrets"] + verbs: ["get", "create", "update"] + +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: secret-writer-binding-{{ .Values.tenantNamespace }} + namespace: {{ .Values.tenantNamespace }} + annotations: + argocd.argoproj.io/sync-wave: "306" +subjects: + - kind: ServiceAccount + name: copy-secret-job-{{ .Values.tenantNamespace }} + namespace: {{ .Values.aiservice_namespace }} +roleRef: + kind: Role + name: secret-writer-{{ .Values.tenantNamespace }} + apiGroup: rbac.authorization.k8s.io + --- apiVersion: batch/v1 kind: Job @@ -85,21 +116,20 @@ spec: - | set -e echo "Starting secret copy from $SOURCE_NAMESPACE to $TARGET_NAMESPACE" - for SECRET_NAME in $SECRETS_TO_COPY; do echo "--------------------------------------------------------" echo "Copying secret: $SECRET_NAME" echo "--------------------------------------------------------" if ! kubectl get secret $SECRET_NAME -n $SOURCE_NAMESPACE -o yaml > /tmp/${SECRET_NAME}.yaml; then - echo "❌ Failed to get secret $SECRET_NAME from namespace $SOURCE_NAMESPACE" + echo "❌ Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" exit 1 fi sed -i "s/namespace: $SOURCE_NAMESPACE/namespace: $TARGET_NAMESPACE/" /tmp/${SECRET_NAME}.yaml if ! kubectl apply -f /tmp/${SECRET_NAME}.yaml; then - echo "❌ Failed to apply $SECRET_NAME to namespace $TARGET_NAMESPACE" + echo "❌ Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" exit 1 fi @@ -110,9 +140,9 @@ spec: echo "✅ Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" done - echo "✅ All secrets copied successfully" + # --- # apiVersion: v1 # kind: ServiceAccount From 4a499345419db893fc6a83f5e9730cd9d6dfef9a Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 11:21:02 +0530 Subject: [PATCH 40/92] update project id --- .../templates/06-aiservice-km-s3-secret.yaml | 119 +----------------- .../templates/06-aiservice-workspace.yaml | 2 +- 2 files changed, 7 insertions(+), 114 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index ba22559b1..b5cad003a 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -122,130 +122,23 @@ spec: echo "--------------------------------------------------------" if ! kubectl get secret $SECRET_NAME -n $SOURCE_NAMESPACE -o yaml > /tmp/${SECRET_NAME}.yaml; then - echo "❌ Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" + echo " Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" exit 1 fi sed -i "s/namespace: $SOURCE_NAMESPACE/namespace: $TARGET_NAMESPACE/" /tmp/${SECRET_NAME}.yaml if ! kubectl apply -f /tmp/${SECRET_NAME}.yaml; then - echo "❌ Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" + echo " Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" exit 1 fi if ! kubectl get secret $SECRET_NAME -n $TARGET_NAMESPACE > /dev/null; then - echo "❌ Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" + echo " Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" exit 1 fi - echo "✅ Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" + echo " Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" done - echo "✅ All secrets copied successfully" - - -# --- -# apiVersion: v1 -# kind: ServiceAccount -# metadata: -# name: copy-secret-job -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: Role -# metadata: -# name: secret-reader -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# rules: -# - apiGroups: [""] -# resources: ["secrets"] -# verbs: ["get", "list"] -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: RoleBinding -# metadata: -# name: secret-reader-binding -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "306" -# subjects: -# - kind: ServiceAccount -# name: copy-secret-job -# namespace: {{ .Values.aiservice_namespace }} -# roleRef: -# kind: Role -# name: secret-reader -# apiGroup: rbac.authorization.k8s.io - - -# --- -# apiVersion: batch/v1 -# kind: Job -# metadata: -# name: copy-ibm-entitlement -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "307" -# spec: -# template: -# spec: -# serviceAccountName: copy-secret-job -# containers: -# - name: copy-secret -# image: bitnami/kubectl:latest -# command: -# - /bin/sh -# - -c -# - | -# echo "Copying ibm-entitlement secret from {{ .Values.aiservice_namespace }} to {{ .Values.tenantNamespace }}" -# kubectl get secret ibm-entitlement -n {{ .Values.aiservice_namespace }} -o yaml | \ -# sed "s/namespace: {{ .Values.aiservice_namespace }}/namespace: {{ .Values.tenantNamespace }}/" | \ -# kubectl apply -f - -# restartPolicy: OnFailure - -# apiVersion: v1 -# kind: Secret -# metadata: -# name: ibm-entitlement -# namespace: "{{ .Values.tenantNamespace }}" -# labels: -# app.kubernetes.io/managed-by: gitops -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# type: Opaque -# data: -# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} -# {{- range $k, $v := .data }} -# {{ $k }}: {{ $v }} -# {{- end }} -# {{- end }} -# --- -# apiVersion: v1 -# kind: Secret -# metadata: -# name: km-s3-secret -# namespace: "{{ .Values.tenantNamespace }}" -# labels: -# app.kubernetes.io/managed-by: gitops -# annotations: -# {{- with (lookup "v1" "Secret" (printf "aiservice-%s" .Values.aiservice_instance_id) "km-s3-secret") }} -# {{- if .metadata.annotations }} -# {{- range $k, $v := .metadata.annotations }} -# {{- if ne $k "argocd.argoproj.io/sync-wave" }} -# {{ $k }}: {{ $v | quote }} -# {{- end }} -# {{- end }} -# {{- end }} -# {{- end }} -# argocd.argoproj.io/sync-wave: "306" -# type: Opaque -# data: -# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "km-s3-secret") }} -# {{- range $k, $v := .data }} -# {{ $k }}: {{ $v }} -# {{- end }} -# {{- end }} - + echo " All secrets copied successfully" + exit 0 diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml index 76fbc403b..c30204ca8 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml @@ -35,7 +35,7 @@ spec: watsonxai: url: "{{ .Values.aiservice_watsonxai_url }}" secretName: "{{ .Values.tenantNamespace }}----wx-secret" - project_id: "16f0743c-0dfc-4223-8047-047c0a3b7232" + projectId: "{{ .Values.aiservice_watsonxai_project_id }} tenant: tenantId: "{{ .Values.tenantNamespace }}" subscriptionId: "{{ .Values.aiservice_sls_subscription_id }}" From d800d82411b11c408fa99cc8f2732ea38655ebef Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 11:32:13 +0530 Subject: [PATCH 41/92] update postsync job --- .../templates/08-aiservice-postsyncjob.yaml | 31 +++++++------------ 1 file changed, 11 insertions(+), 20 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index d7c250602..b5ad324be 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -41,7 +41,7 @@ are required here.*/}} apiVersion: v1 kind: ServiceAccount metadata: - name: postsync-manage-aiservice-job + name: postsync-manage-aiservice-job-{{ .Values.tenantNamespace }} namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "309" @@ -50,7 +50,7 @@ metadata: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: postsync-manage-aiservice-job-role + name: postsync-manage-aiservice-job-role-{{ .Values.tenantNamespace }} namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "310" @@ -62,23 +62,23 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: postsync-manage-aiservice-job-rolebinding + name: postsync-manage-aiservice-job-rolebinding-{{ .Values.tenantNamespace }} namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "311" subjects: - kind: ServiceAccount - name: postsync-manage-aiservice-job + name: postsync-manage-aiservice-job-{{ .Values.tenantNamespace }} namespace: "{{ .Values.aiservice_namespace }}" roleRef: kind: Role - name: postsync-manage-aiservice-job-role + name: postsync-manage-aiservice-job-role-{{ .Values.tenantNamespace }} apiGroup: rbac.authorization.k8s.io --- apiVersion: networking.k8s.io/v1 kind: NetworkPolicy metadata: - name: allow-postsync-manage-ai-tenant-job + name: allow-postsync-manage-ai-tenant-job-{{ .Values.tenantNamespace }} namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "312" @@ -112,7 +112,7 @@ spec: {{ .Values.custom_labels | toYaml | indent 8 }} {{- end }} spec: - serviceAccountName: postsync-manage-aiservice-job + serviceAccountName: postsync-manage-aiservice-job-{{ .Values.tenantNamespace }} restartPolicy: Never containers: - name: postsync-manage-aiservice-run @@ -129,12 +129,6 @@ spec: value: "/" - name: AISERVICE_TENANT value: "{{ .Values.tenantNamespace }}" - - name: SM_AWS_REGION - value: "{{ .Values.mas_aiservice_storage_region }}" - - name: SM_AWS_ACCESS_KEY_ID - value: "{{ .Values.mas_aiservice_storage_accesskey }}" - - name: SM_AWS_SECRET_ACCESS_KEY - value: "{{ .Values.mas_aiservice_storage_secretkey }}" - name: AVP_TYPE value: "aws" command: @@ -148,12 +142,9 @@ spec: echo "Account Id ....................... ${ACCOUNT_ID}" echo "Cluster Id ....................... ${CLUSTER_ID}" echo "AISERVICE Instance Id ............. ${AISERVICE_INSTANCE_ID}" - echo "SM_AWS_REGION .................... ${SM_AWS_REGION}" - echo "SM_AWS_ACCESS_KEY_ID ............ ${SM_AWS_ACCESS_KEY_ID:0:4}" - echo "SM_AWS_SECRET_ACCESS_KEY ........ ${SM_AWS_SECRET_ACCESS_KEY:0:4}" echo "SECRET_NAME_AISERVICE ........... ${SECRET_NAME_AISERVICE}" echo "================================================================================" - echo "Retrieve AISERVICE API Key for tenant: ${AISERVICE_TENANT}" + echo "Retrieve AIBroker API Key for tenant: ${AISERVICE_TENANT}" echo "================================================================================" AISERVICE_APIKEY_SECRET=$(oc get secret ${AISERVICE_TENANT}----apikey-secret -n mas-${AISERVICE_INSTANCE_ID}-aiservice -o jsonpath="{.data.AISERVICE_APIKEY}" | base64 --decode) @@ -171,9 +162,9 @@ spec: TAGS="[{\"Key\": \"source\", \"Value\": \"mas-ai-service\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" sm_update_secret ${SECRET_NAME_AISERVICE} "{ \"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\" }" "${TAGS}" || exit $? volumes: - - name: postsync-manage-aiservice + - name: postsync-manage-aiservice-{{ .Values.tenantNamespace }} secret: - secretName: postsync-manage-aiservice + secretName: postsync-manage-aiservice-{{ .Values.tenantNamespace }} defaultMode: 420 optional: false - backoffLimit: 4 + backoffLimit: 4 \ No newline at end of file From d8eca1f8b0b4400eb7c6deac3e54655ab3529177 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 11:40:17 +0530 Subject: [PATCH 42/92] job update --- .../templates/08-aiservice-postsyncjob.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index b5ad324be..3f10247c1 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -161,10 +161,12 @@ spec: TAGS="[{\"Key\": \"source\", \"Value\": \"mas-ai-service\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" sm_update_secret ${SECRET_NAME_AISERVICE} "{ \"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\" }" "${TAGS}" || exit $? + echo "Secret update Successfully ..........." + exit 0 volumes: - name: postsync-manage-aiservice-{{ .Values.tenantNamespace }} secret: secretName: postsync-manage-aiservice-{{ .Values.tenantNamespace }} defaultMode: 420 optional: false - backoffLimit: 4 \ No newline at end of file + backoffLimit: 0 \ No newline at end of file From 215854a337ff819373f5b32622e6dd9bee5048fc Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 11:42:13 +0530 Subject: [PATCH 43/92] Revert "job update" This reverts commit d8eca1f8b0b4400eb7c6deac3e54655ab3529177. --- .../templates/08-aiservice-postsyncjob.yaml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index 3f10247c1..b5ad324be 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -161,12 +161,10 @@ spec: TAGS="[{\"Key\": \"source\", \"Value\": \"mas-ai-service\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" sm_update_secret ${SECRET_NAME_AISERVICE} "{ \"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\" }" "${TAGS}" || exit $? - echo "Secret update Successfully ..........." - exit 0 volumes: - name: postsync-manage-aiservice-{{ .Values.tenantNamespace }} secret: secretName: postsync-manage-aiservice-{{ .Values.tenantNamespace }} defaultMode: 420 optional: false - backoffLimit: 0 \ No newline at end of file + backoffLimit: 4 \ No newline at end of file From b30d8f94b0e439c92b18d63bbfa710a2bd6e2ff7 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 11:43:30 +0530 Subject: [PATCH 44/92] Update 06-aiservice-workspace.yaml --- .../templates/06-aiservice-workspace.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml index c30204ca8..ecaf35ded 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml @@ -35,7 +35,7 @@ spec: watsonxai: url: "{{ .Values.aiservice_watsonxai_url }}" secretName: "{{ .Values.tenantNamespace }}----wx-secret" - projectId: "{{ .Values.aiservice_watsonxai_project_id }} + projectId: "{{ .Values.aiservice_watsonxai_project_id }}" tenant: tenantId: "{{ .Values.tenantNamespace }}" subscriptionId: "{{ .Values.aiservice_sls_subscription_id }}" From 324870fe3dc26c85171b46e39de7d4dc942fbc3c Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 11:44:18 +0530 Subject: [PATCH 45/92] Reapply "job update" This reverts commit 215854a337ff819373f5b32622e6dd9bee5048fc. --- .../templates/08-aiservice-postsyncjob.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index b5ad324be..3f10247c1 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -161,10 +161,12 @@ spec: TAGS="[{\"Key\": \"source\", \"Value\": \"mas-ai-service\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" sm_update_secret ${SECRET_NAME_AISERVICE} "{ \"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\" }" "${TAGS}" || exit $? + echo "Secret update Successfully ..........." + exit 0 volumes: - name: postsync-manage-aiservice-{{ .Values.tenantNamespace }} secret: secretName: postsync-manage-aiservice-{{ .Values.tenantNamespace }} defaultMode: 420 optional: false - backoffLimit: 4 \ No newline at end of file + backoffLimit: 0 \ No newline at end of file From 7d43282fdf6653a32d0c8fc166a10a1387ca2df2 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 12:22:22 +0530 Subject: [PATCH 46/92] update permission --- .../templates/07-aiservice-app.yaml | 30 ++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml index 0925cba13..c707feee9 100644 --- a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml +++ b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml @@ -1,3 +1,31 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: aiserviceapps-access + namespace: aiservice-aiservice-inst-1 + annotations: + argocd.argoproj.io/sync-wave: "148" +rules: +- apiGroups: ["aiservice.ibm.com"] + resources: ["aiserviceapps"] + verbs: ["get", "list", "watch", "update", "patch"] +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: aiserviceapps-access-binding + namespace: aiservice-aiservice-inst-1 + annotations: + argocd.argoproj.io/sync-wave: "149" +subjects: +- kind: ServiceAccount + name: ibm-aiservice-operator + namespace: aiservice-inst-1-aiservice +roleRef: + kind: Role + name: aiserviceapps-access + apiGroup: rbac.authorization.k8s.io + --- apiVersion: aiservice.ibm.com/v1 kind: AIServiceApp @@ -8,7 +36,7 @@ metadata: aiservice.ibm.com/instanceId: "{{ .Values.aiservice_instance_id }}" app.kubernetes.io/instance: "{{ .Values.aiservice_instance_id }}" annotations: - argocd.argoproj.io/sync-wave: "148" + argocd.argoproj.io/sync-wave: "150" argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true ansible.sdk.operatorframework.io/verbosity: "{{ .Values.aiservice_operator_log_level }}" spec: From 13cb71c7bdb46767546a0d53dd0e52820f47091c Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 12:24:46 +0530 Subject: [PATCH 47/92] update ns --- .../113-ibm-aiservice/templates/07-aiservice-app.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml index c707feee9..b17e874fd 100644 --- a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml +++ b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml @@ -2,7 +2,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: name: aiserviceapps-access - namespace: aiservice-aiservice-inst-1 + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "148" rules: @@ -14,13 +14,13 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: name: aiserviceapps-access-binding - namespace: aiservice-aiservice-inst-1 + namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "149" subjects: - kind: ServiceAccount name: ibm-aiservice-operator - namespace: aiservice-inst-1-aiservice + namespace: "{{ .Values.aiservice_namespace }}" roleRef: kind: Role name: aiserviceapps-access From bce35076d0de1b676de2070247c14078ce21c5f5 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 14:29:47 +0530 Subject: [PATCH 48/92] update apps --- .../templates/07-aiservice-app.yaml | 28 ------------------- 1 file changed, 28 deletions(-) diff --git a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml index b17e874fd..61b10c6b6 100644 --- a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml +++ b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml @@ -1,31 +1,3 @@ -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: aiserviceapps-access - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "148" -rules: -- apiGroups: ["aiservice.ibm.com"] - resources: ["aiserviceapps"] - verbs: ["get", "list", "watch", "update", "patch"] ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: RoleBinding -metadata: - name: aiserviceapps-access-binding - namespace: "{{ .Values.aiservice_namespace }}" - annotations: - argocd.argoproj.io/sync-wave: "149" -subjects: -- kind: ServiceAccount - name: ibm-aiservice-operator - namespace: "{{ .Values.aiservice_namespace }}" -roleRef: - kind: Role - name: aiserviceapps-access - apiGroup: rbac.authorization.k8s.io - --- apiVersion: aiservice.ibm.com/v1 kind: AIServiceApp From 66db641e14a742c4814f08f664a9f7a1637bce6e Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 15:55:06 +0530 Subject: [PATCH 49/92] update s3 --- .../113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml b/instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml index 61323df7e..d0c83ca53 100644 --- a/instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml +++ b/instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml @@ -7,6 +7,6 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "140" stringData: - username: "{{ .Values.aiservice_s3_accesskey}}" - password: "{{ .Values.aiservice_s3_secretkey}}" + access_key: "{{ .Values.aiservice_s3_accesskey}}" + secret_key: "{{ .Values.aiservice_s3_secretkey}}" type: Opaque \ No newline at end of file From 5fbba8fee74fc2fae69c3218de5571a25bbdfac0 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 15:59:03 +0530 Subject: [PATCH 50/92] update b64 --- .../113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml b/instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml index d0c83ca53..821720b16 100644 --- a/instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml +++ b/instance-applications/113-ibm-aiservice/templates/01-aiservice-s3-secret.yaml @@ -6,7 +6,7 @@ metadata: namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "140" -stringData: - access_key: "{{ .Values.aiservice_s3_accesskey}}" - secret_key: "{{ .Values.aiservice_s3_secretkey}}" +data: + access_key: {{ .Values.aiservice_s3_accesskey | b64enc | quote }} + secret_key: {{ .Values.aiservice_s3_secretkey | b64enc | quote }} type: Opaque \ No newline at end of file From 344e896a760e2ca3f03241d9e90d8bc7114e101b Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 18:03:11 +0530 Subject: [PATCH 51/92] update with b64enc --- .../templates/02-aiservice-sls-secret.yaml | 4 ++-- .../templates/03-aiservice-dro.yaml | 8 +++---- .../templates/04-aiservice-jdbc.yaml | 12 +++++----- .../templates/06-aiservice-km-s3-secret.yaml | 23 ++++++++----------- .../templates/07-aiservice-app.yaml | 6 ++--- 5 files changed, 24 insertions(+), 29 deletions(-) diff --git a/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml b/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml index 1f6f3c210..6e2c5bb36 100644 --- a/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml +++ b/instance-applications/113-ibm-aiservice/templates/02-aiservice-sls-secret.yaml @@ -7,5 +7,5 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "141" type: Opaque -stringData: - SLS_REGISTRATION_KEY: "{{ .Values.slscfg_registration_key }}" \ No newline at end of file +data: + SLS_REGISTRATION_KEY: {{ .Values.slscfg_registration_key | b64enc }} \ No newline at end of file diff --git a/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml b/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml index 32961514c..e193d73f6 100644 --- a/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml +++ b/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml @@ -6,8 +6,8 @@ metadata: namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "142" -stringData: - DRO_TOKEN: "{{ .Values.drocfg_registration_key }}" +data: + DRO_TOKEN: {{ .Values.drocfg_registration_key | b64enc }} type: Opaque --- @@ -18,6 +18,6 @@ metadata: namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "143" -stringData: - ca.crt: "{{ .Values.drocfg_ca }}" +data: + DRO_TOKEN: {{ .Values.drocfg_ca | b64enc }} type: Opaque \ No newline at end of file diff --git a/instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml b/instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml index a589b078f..9405b20ee 100644 --- a/instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml +++ b/instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml @@ -6,10 +6,10 @@ metadata: namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "144" -stringData: - username: "{{ .Values.jdbccfg_username }}" - password: "{{ .Values.jdbccfg_password }}" - url: "{{ .Values.jdbccfg_url }}" - sslenabled: "{{ .Values.jdbccfg_sslenabled }}" - certificate: "{{ .Values.jdbccfg_ca }}" +data: + username: {{ .Values.jdbccfg_username | b64enc }} + password: {{ .Values.jdbccfg_password | b64enc }} + url: {{ .Values.jdbccfg_url | b64enc }} + sslenabled: {{ .Values.jdbccfg_sslenabled | b64enc }} + certificate: {{ .Values.jdbccfg_ca | b64enc }} type: Opaque diff --git a/instance-applications/113-ibm-aiservice/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/113-ibm-aiservice/templates/06-aiservice-km-s3-secret.yaml index 460d63d7b..8a000191d 100644 --- a/instance-applications/113-ibm-aiservice/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/113-ibm-aiservice/templates/06-aiservice-km-s3-secret.yaml @@ -14,17 +14,14 @@ metadata: serving.kserve.io/s3-usehttps: "1" {{- end }} serving.kserve.io/s3-region: "{{ .Values.aiservice_s3_region }}" -stringData: - AWS_ACCESS_KEY_ID: "{{ .Values.aiservice_s3_accesskey}}" - AWS_SECRET_ACCESS_KEY: "{{ .Values.aiservice_s3_secretkey}}" - S3_ACCESS_KEY: "{{ .Values.aiservice_s3_accesskey}}" - S3_SECRET_KEY: "{{ .Values.aiservice_s3_secretkey}}" - S3_HOST: "{{ .Values.aiservice_s3_host}}" - {{- if .Values.aiservice_s3_port }} - S3_PORT: "{{ .Values.aiservice_s3_port }}" - {{- else }} - S3_PORT: "" - {{- end }} - S3_REGION: "{{ .Values.aiservice_s3_region}}" - S3_SSL: "{{ .Values.aiservice_s3_ssl}}" +data: + AWS_ACCESS_KEY_ID: {{ .Values.aiservice_s3_accesskey | b64enc }} + AWS_SECRET_ACCESS_KEY: {{ .Values.aiservice_s3_secretkey | b64enc }} + S3_ACCESS_KEY: {{ .Values.aiservice_s3_accesskey | b64enc }} + S3_SECRET_KEY: {{ .Values.aiservice_s3_secretkey | b64enc }} + S3_HOST: {{ .Values.aiservice_s3_host | b64enc }} + S3_PORT: {{ ( .Values.aiservice_s3_port | default "" ) | b64enc }} + S3_REGION: {{ .Values.aiservice_s3_region | b64enc }} + S3_SSL: {{ .Values.aiservice_s3_ssl | b64enc }} + diff --git a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml index 61b10c6b6..fb747ac86 100644 --- a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml +++ b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml @@ -19,18 +19,16 @@ spec: dro: url: "{{ .Values.drocfg_url }}" secretName: "{{ .Values.aiservice_dro_token_secret }}" - ca: "{{ .Values.drocfg_ca_tenant }}" + ca: "{{ .Values.drocfg_ca | b64enc }}" jdbc: url: "{{ .Values.jdbccfg_url }}" secretName: "{{ .Values.aiservice_jdbc_secret }}" - ca: "{{ .Values.jdbccfg_ca }}" + ca: "{{ .Values.jdbccfg_ca | b64enc }}" useAwsDb2: true - storageClassName: "{{ .Values.aiservice_storage_class }}" domain: "{{ .Values.aiservice_domain }}" inSaasEnv: true environmentType: "{{ .Values.environment_type }}" - modelId: uniqueLength: "15" prefix: "{{ .Values.aiservice_s3_bucket_prefix }}" From 39a4ff4686cb6bddee32c372d7fec6e0449ea7b1 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 19:00:30 +0530 Subject: [PATCH 52/92] 9.1.x-dev --- .../templates/05-aiservice-operator-subscription.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml b/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml index 272d7496d..d748d98ef 100644 --- a/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml +++ b/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml @@ -37,7 +37,7 @@ metadata: argocd.argoproj.io/sync-wave: "146" argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true spec: - channel: "{{ .Values.aiservice_channel }}" + channel: "9.1.x-dev" installPlanApproval: Automatic name: ibm-aiservice source: "{{ .Values.mas_catalog_source }}" From 73c9c53a65b80cee5e9355ce8c3aa93d210c36d8 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 16 Sep 2025 19:16:37 +0530 Subject: [PATCH 53/92] Revert "9.1.x-dev" This reverts commit 39a4ff4686cb6bddee32c372d7fec6e0449ea7b1. --- .../templates/05-aiservice-operator-subscription.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml b/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml index d748d98ef..272d7496d 100644 --- a/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml +++ b/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml @@ -37,7 +37,7 @@ metadata: argocd.argoproj.io/sync-wave: "146" argocd.argoproj.io/sync-options: SkipDryRunOnMissingResource=true spec: - channel: "9.1.x-dev" + channel: "{{ .Values.aiservice_channel }}" installPlanApproval: Automatic name: ibm-aiservice source: "{{ .Values.mas_catalog_source }}" From 90dd1a3a28dee06e0bae2d4536b97bdb7cfeb999 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 13:09:52 +0530 Subject: [PATCH 54/92] update ca.crt --- .../113-ibm-aiservice/templates/03-aiservice-dro.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml b/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml index e193d73f6..a96862f8e 100644 --- a/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml +++ b/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml @@ -19,5 +19,5 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "143" data: - DRO_TOKEN: {{ .Values.drocfg_ca | b64enc }} + ca.crt: {{ .Values.drocfg_ca | b64enc }} type: Opaque \ No newline at end of file From 44744013d5061ffa18af7ed691009de4c1bdcb70 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 15:08:50 +0530 Subject: [PATCH 55/92] update ca jdbccfg_ca_b64enc drocfg_ca_b64enc --- .../113-ibm-aiservice/templates/07-aiservice-app.yaml | 4 ++-- .../templates/040-ibm-aiservice-app.yaml | 3 ++- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml index fb747ac86..3a8106b2f 100644 --- a/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml +++ b/instance-applications/113-ibm-aiservice/templates/07-aiservice-app.yaml @@ -19,11 +19,11 @@ spec: dro: url: "{{ .Values.drocfg_url }}" secretName: "{{ .Values.aiservice_dro_token_secret }}" - ca: "{{ .Values.drocfg_ca | b64enc }}" + ca: "{{ .Values.drocfg_ca_b64enc }}" jdbc: url: "{{ .Values.jdbccfg_url }}" secretName: "{{ .Values.aiservice_jdbc_secret }}" - ca: "{{ .Values.jdbccfg_ca | b64enc }}" + ca: "{{ .Values.jdbccfg_ca_b64enc }}" useAwsDb2: true storageClassName: "{{ .Values.aiservice_storage_class }}" domain: "{{ .Values.aiservice_domain }}" diff --git a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml index 015def47d..08f74c1bb 100644 --- a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml @@ -47,7 +47,8 @@ spec: aiservice_sls_registration_key_secret: "{{ .Values.ibm_aiservice.aiservice_sls_registration_key_secret }}" slscfg_registration_key: "{{ .Values.ibm_aiservice.slscfg_registration_key }}" - + drocfg_ca_b64enc: "{{ .Values.ibm_aiservice.drocfg_ca_b64enc }}" + jdbccfg_ca_b64enc: "{{ .Values.ibm_aiservice.jdbccfg_ca_b64enc }}" aiservice_dro_token_secret: "{{ .Values.ibm_aiservice.aiservice_dro_token_secret }}" aiservice_dro_cacert_secret: "{{ .Values.ibm_aiservice.aiservice_dro_cacert_secret }}" From 4b7ad3e252cc65bf00352a8532994943a0b73ebe Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 16:56:39 +0530 Subject: [PATCH 56/92] update with b64enc sls dro rsl watsonx with b64enc --- .../templates/01-aiservice-sls-secret.yaml | 5 ++--- .../templates/02-aiservice-rsl-secret.yaml | 10 +++++----- .../templates/03-aiservice-dro-secret.yaml | 4 ++-- .../templates/05-aiservice-wx.yaml | 17 ++++++++--------- .../templates/06-aiservice-workspace.yaml | 4 ++-- .../templates/100-ibm-aiservice-tenant-app.yaml | 3 ++- 6 files changed, 21 insertions(+), 22 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml index 6235cefb5..a99afd668 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml @@ -14,6 +14,5 @@ metadata: {{- end }} {{- end }} type: Opaque -stringData: - SLS_REGISTRATION_KEY: "{{ .Values.slscfg_registration_key }}" - +data: + SLS_REGISTRATION_KEY: {{ .Values.slscfg_registration_key | b64enc }} \ No newline at end of file diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml index 5c2dd7dfa..8f9315251 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml @@ -15,8 +15,8 @@ metadata: {{- end }} annotations: argocd.argoproj.io/sync-wave: "302" -stringData: - rsl_org_id: "{{ .Values.rsl_org_id }}" - rsl_url: "{{ .Values.rsl_url }}" - rsl_token: "{{ .Values.rsl_token }}" - ca.crt: "{{ .Values.rsl_ca_crt }}" +data: + rsl_org_id: {{ .Values.rsl_org_id | b64enc | quote }} + rsl_url: {{ .Values.rsl_url | b64enc | quote }} + rsl_token: {{ .Values.rsl_token | b64enc | quote }} + ca.crt: {{ .Values.rsl_ca_crt | b64enc | quote }} diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml index 572eda3f0..0ebf5aa2b 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml @@ -14,5 +14,5 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "303" type: Opaque -stringData: - DRO_TOKEN: "{{ .Values.drocfg_registration_key }}" +data: + DRO_TOKEN: {{ .Values.drocfg_registration_key | b64enc }} \ No newline at end of file diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml index 866877342..0d6b85c6b 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml @@ -13,13 +13,12 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "304" type: Opaque -stringData: - wx_apikey: "{{ .Values.aiservice_watsonxai_apikey }}" - wx_url: "{{ .Values.aiservice_watsonxai_url }}" - wx_project_id: "{{ .Values.aiservice_watsonxai_project_id }}" +data: + wx_apikey: {{ .Values.aiservice_watsonxai_apikey | b64enc | quote }} + wx_url: {{ .Values.aiservice_watsonxai_url | b64enc | quote }} + wx_project_id: {{ .Values.aiservice_watsonxai_project_id | b64enc | quote }} {{- if and (eq .Values.aiservice_watsonx_full "true") .Values.aiservice_watsonx_instance_id .Values.aiservice_watsonx_version .Values.aiservice_watsonx_username }} - wx_instance_id: "{{ .Values.aiservice_watsonx_instance_id }}" - wx_version: "{{ .Values.aiservice_watsonx_version }}" - wx_username: "{{ .Values.aiservice_watsonx_username }}" - {{- end }} - + wx_instance_id: {{ .Values.aiservice_watsonx_instance_id | b64enc | quote }} + wx_version: {{ .Values.aiservice_watsonx_version | b64enc | quote }} + wx_username: {{ .Values.aiservice_watsonx_username | b64enc | quote }} + {{- end }} \ No newline at end of file diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml index ecaf35ded..e8b78c57d 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-workspace.yaml @@ -23,11 +23,11 @@ spec: dro: url: "{{ .Values.drocfg_url }}" secretName: "{{ .Values.tenantNamespace }}----dro-secret" - ca: "{{ .Values.drocfg_ca }}" + ca: "{{ .Values.drocfg_ca_b64enc }}" sls: url: "{{ .Values.slscfg_url }}" secretName: "{{ .Values.tenantNamespace }}----sls-secret" - ca: "{{ .Values.slscfg_ca_tenant }}" + ca: "{{ .Values.slscfg_ca_b64enc }}" rsl: url: "{{ .Values.rsl_url }}" orgId: "{{ .Values.rsl_org_id }}" diff --git a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml index 59e14f0f0..a08080b88 100644 --- a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml +++ b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml @@ -56,13 +56,14 @@ spec: # DRO drocfg_ca: "{{ .Values.ibm_aiservice_tenant.drocfg_ca }}" + drocfg_ca_b64enc: "{{ .Values.ibm_aiservice_tenant.drocfg_ca_b64enc }}" drocfg_registration_key: "{{ .Values.ibm_aiservice_tenant.drocfg_registration_key }}" drocfg_url: "{{ .Values.ibm_aiservice_tenant.drocfg_url }}" #sls slscfg_registration_key: "{{ .Values.ibm_aiservice_tenant.slscfg_registration_key }}" slscfg_url: "{{ .Values.ibm_aiservice_tenant.slscfg_url }}" - slscfg_ca_tenant: "{{ .Values.ibm_aiservice_tenant.slscfg_ca_tenant }}" + slscfg_ca_b64enc: "{{ .Values.ibm_aiservice_tenant.slscfg_ca_b64enc }}" aiservice_sls_subscription_id: "{{ .Values.ibm_aiservice_tenant.aiservice_sls_subscription_id }}" # WatsonX From 148bd923bf106a04483a9c6f84f18f5352a4d807 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 17:41:34 +0530 Subject: [PATCH 57/92] Update 06-aiservice-km-s3-secret.yaml --- .../templates/06-aiservice-km-s3-secret.yaml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index b5cad003a..6f6d77c2a 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -25,8 +25,9 @@ metadata: argocd.argoproj.io/sync-wave: "305" rules: - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "list"] + resources: ["secrets", "namespaces"] + verbs: ["get", "list", "create", "update"] + --- apiVersion: rbac.authorization.k8s.io/v1 @@ -55,8 +56,8 @@ metadata: argocd.argoproj.io/sync-wave: "306" rules: - apiGroups: [""] - resources: ["secrets"] - verbs: ["get", "create", "update"] + resources: ["secrets", "namespaces"] + verbs: ["get", "list", "create", "update"] --- apiVersion: rbac.authorization.k8s.io/v1 @@ -98,7 +99,7 @@ spec: {{- end }} spec: serviceAccountName: copy-secret-job-{{ .Values.tenantNamespace }} - restartPolicy: OnFailure + restartPolicy: Never containers: - name: copy-secrets image: quay.io/ibmmas/cli@{{ $_cli_image_digest }} From cedafbd7f5b10e2acfe18ab468804b5e8f99861b Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 18:14:36 +0530 Subject: [PATCH 58/92] Update 06-aiservice-km-s3-secret.yaml --- .../templates/06-aiservice-km-s3-secret.yaml | 129 ++++++++++++++++-- 1 file changed, 117 insertions(+), 12 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 6f6d77c2a..d2cf6bd4d 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -25,9 +25,8 @@ metadata: argocd.argoproj.io/sync-wave: "305" rules: - apiGroups: [""] - resources: ["secrets", "namespaces"] - verbs: ["get", "list", "create", "update"] - + resources: ["secrets"] + verbs: ["get", "list"] --- apiVersion: rbac.authorization.k8s.io/v1 @@ -56,8 +55,8 @@ metadata: argocd.argoproj.io/sync-wave: "306" rules: - apiGroups: [""] - resources: ["secrets", "namespaces"] - verbs: ["get", "list", "create", "update"] + resources: ["secrets"] + verbs: ["get", "create", "update"] --- apiVersion: rbac.authorization.k8s.io/v1 @@ -99,7 +98,7 @@ spec: {{- end }} spec: serviceAccountName: copy-secret-job-{{ .Values.tenantNamespace }} - restartPolicy: Never + restartPolicy: OnFailure containers: - name: copy-secrets image: quay.io/ibmmas/cli@{{ $_cli_image_digest }} @@ -123,23 +122,129 @@ spec: echo "--------------------------------------------------------" if ! kubectl get secret $SECRET_NAME -n $SOURCE_NAMESPACE -o yaml > /tmp/${SECRET_NAME}.yaml; then - echo " Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" + echo "❌ Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" exit 1 fi sed -i "s/namespace: $SOURCE_NAMESPACE/namespace: $TARGET_NAMESPACE/" /tmp/${SECRET_NAME}.yaml if ! kubectl apply -f /tmp/${SECRET_NAME}.yaml; then - echo " Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" + echo "❌ Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" exit 1 fi if ! kubectl get secret $SECRET_NAME -n $TARGET_NAMESPACE > /dev/null; then - echo " Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" + echo "❌ Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" exit 1 fi - echo " Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" + echo "✅ Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" done - echo " All secrets copied successfully" - exit 0 + echo "✅ All secrets copied successfully" + + +# --- +# apiVersion: v1 +# kind: ServiceAccount +# metadata: +# name: copy-secret-job +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# --- +# apiVersion: rbac.authorization.k8s.io/v1 +# kind: Role +# metadata: +# name: secret-reader +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# rules: +# - apiGroups: [""] +# resources: ["secrets"] +# verbs: ["get", "list"] +# --- +# apiVersion: rbac.authorization.k8s.io/v1 +# kind: RoleBinding +# metadata: +# name: secret-reader-binding +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "306" +# subjects: +# - kind: ServiceAccount +# name: copy-secret-job +# namespace: {{ .Values.aiservice_namespace }} +# roleRef: +# kind: Role +# name: secret-reader +# apiGroup: rbac.authorization.k8s.io + + +# --- +# apiVersion: batch/v1 +# kind: Job +# metadata: +# name: copy-ibm-entitlement +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "307" +# spec: +# template: +# spec: +# serviceAccountName: copy-secret-job +# containers: +# - name: copy-secret +# image: bitnami/kubectl:latest +# command: +# - /bin/sh +# - -c +# - | +# echo "Copying ibm-entitlement secret from {{ .Values.aiservice_namespace }} to {{ .Values.tenantNamespace }}" +# kubectl get secret ibm-entitlement -n {{ .Values.aiservice_namespace }} -o yaml | \ +# sed "s/namespace: {{ .Values.aiservice_namespace }}/namespace: {{ .Values.tenantNamespace }}/" | \ +# kubectl apply -f - +# restartPolicy: OnFailure + +# apiVersion: v1 +# kind: Secret +# metadata: +# name: ibm-entitlement +# namespace: "{{ .Values.tenantNamespace }}" +# labels: +# app.kubernetes.io/managed-by: gitops +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# type: Opaque +# data: +# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} +# {{- range $k, $v := .data }} +# {{ $k }}: {{ $v }} +# {{- end }} +# {{- end }} +# --- +# apiVersion: v1 +# kind: Secret +# metadata: +# name: km-s3-secret +# namespace: "{{ .Values.tenantNamespace }}" +# labels: +# app.kubernetes.io/managed-by: gitops +# annotations: +# {{- with (lookup "v1" "Secret" (printf "aiservice-%s" .Values.aiservice_instance_id) "km-s3-secret") }} +# {{- if .metadata.annotations }} +# {{- range $k, $v := .metadata.annotations }} +# {{- if ne $k "argocd.argoproj.io/sync-wave" }} +# {{ $k }}: {{ $v | quote }} +# {{- end }} +# {{- end }} +# {{- end }} +# {{- end }} +# argocd.argoproj.io/sync-wave: "306" +# type: Opaque +# data: +# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "km-s3-secret") }} +# {{- range $k, $v := .data }} +# {{ $k }}: {{ $v }} +# {{- end }} +# {{- end }} From a2097a9dc07915ff03d63b9463c1dac35f5489f2 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 18:39:18 +0530 Subject: [PATCH 59/92] Update 06-aiservice-km-s3-secret.yaml --- .../templates/06-aiservice-km-s3-secret.yaml | 114 +----------------- 1 file changed, 4 insertions(+), 110 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index d2cf6bd4d..785da11a4 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -1,8 +1,8 @@ {{- $_job_name_prefix := printf "presync-copy-ai-secrets-%s" .Values.tenantNamespace }} -{{- $_cli_image_digest := "sha256:834dffd4da534c01daea4e0a6d9db7d00a9ad9b18b054cc034985fcaceedeacd" }} +{{- $_cli_image := "bitnami/kubectl:latest" }} {{- $_job_config_values := omit .Values "junitreporter" }} {{- $_job_version := "v3" }} -{{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image_digest $_job_version | adler32sum }} +{{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image $_job_version | adler32sum }} {{- $_job_name := join "-" (list $_job_name_prefix $_job_hash ) }} {{- $_job_cleanup_group := cat $_job_name_prefix | sha1sum }} @@ -101,7 +101,7 @@ spec: restartPolicy: OnFailure containers: - name: copy-secrets - image: quay.io/ibmmas/cli@{{ $_cli_image_digest }} + image: {{ $_cli_image }} imagePullPolicy: IfNotPresent env: - name: SOURCE_NAMESPACE @@ -126,6 +126,7 @@ spec: exit 1 fi + # Change namespace in YAML before applying sed -i "s/namespace: $SOURCE_NAMESPACE/namespace: $TARGET_NAMESPACE/" /tmp/${SECRET_NAME}.yaml if ! kubectl apply -f /tmp/${SECRET_NAME}.yaml; then @@ -141,110 +142,3 @@ spec: echo "✅ Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" done echo "✅ All secrets copied successfully" - - -# --- -# apiVersion: v1 -# kind: ServiceAccount -# metadata: -# name: copy-secret-job -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: Role -# metadata: -# name: secret-reader -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# rules: -# - apiGroups: [""] -# resources: ["secrets"] -# verbs: ["get", "list"] -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: RoleBinding -# metadata: -# name: secret-reader-binding -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "306" -# subjects: -# - kind: ServiceAccount -# name: copy-secret-job -# namespace: {{ .Values.aiservice_namespace }} -# roleRef: -# kind: Role -# name: secret-reader -# apiGroup: rbac.authorization.k8s.io - - -# --- -# apiVersion: batch/v1 -# kind: Job -# metadata: -# name: copy-ibm-entitlement -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "307" -# spec: -# template: -# spec: -# serviceAccountName: copy-secret-job -# containers: -# - name: copy-secret -# image: bitnami/kubectl:latest -# command: -# - /bin/sh -# - -c -# - | -# echo "Copying ibm-entitlement secret from {{ .Values.aiservice_namespace }} to {{ .Values.tenantNamespace }}" -# kubectl get secret ibm-entitlement -n {{ .Values.aiservice_namespace }} -o yaml | \ -# sed "s/namespace: {{ .Values.aiservice_namespace }}/namespace: {{ .Values.tenantNamespace }}/" | \ -# kubectl apply -f - -# restartPolicy: OnFailure - -# apiVersion: v1 -# kind: Secret -# metadata: -# name: ibm-entitlement -# namespace: "{{ .Values.tenantNamespace }}" -# labels: -# app.kubernetes.io/managed-by: gitops -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# type: Opaque -# data: -# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} -# {{- range $k, $v := .data }} -# {{ $k }}: {{ $v }} -# {{- end }} -# {{- end }} -# --- -# apiVersion: v1 -# kind: Secret -# metadata: -# name: km-s3-secret -# namespace: "{{ .Values.tenantNamespace }}" -# labels: -# app.kubernetes.io/managed-by: gitops -# annotations: -# {{- with (lookup "v1" "Secret" (printf "aiservice-%s" .Values.aiservice_instance_id) "km-s3-secret") }} -# {{- if .metadata.annotations }} -# {{- range $k, $v := .metadata.annotations }} -# {{- if ne $k "argocd.argoproj.io/sync-wave" }} -# {{ $k }}: {{ $v | quote }} -# {{- end }} -# {{- end }} -# {{- end }} -# {{- end }} -# argocd.argoproj.io/sync-wave: "306" -# type: Opaque -# data: -# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "km-s3-secret") }} -# {{- range $k, $v := .data }} -# {{ $k }}: {{ $v }} -# {{- end }} -# {{- end }} From b7795fd2041235f3596553d0fc94703560a40343 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 18:45:47 +0530 Subject: [PATCH 60/92] Revert "Update 06-aiservice-km-s3-secret.yaml" This reverts commit a2097a9dc07915ff03d63b9463c1dac35f5489f2. --- .../templates/06-aiservice-km-s3-secret.yaml | 114 +++++++++++++++++- 1 file changed, 110 insertions(+), 4 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 785da11a4..d2cf6bd4d 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -1,8 +1,8 @@ {{- $_job_name_prefix := printf "presync-copy-ai-secrets-%s" .Values.tenantNamespace }} -{{- $_cli_image := "bitnami/kubectl:latest" }} +{{- $_cli_image_digest := "sha256:834dffd4da534c01daea4e0a6d9db7d00a9ad9b18b054cc034985fcaceedeacd" }} {{- $_job_config_values := omit .Values "junitreporter" }} {{- $_job_version := "v3" }} -{{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image $_job_version | adler32sum }} +{{- $_job_hash := print ($_job_config_values | toYaml) $_cli_image_digest $_job_version | adler32sum }} {{- $_job_name := join "-" (list $_job_name_prefix $_job_hash ) }} {{- $_job_cleanup_group := cat $_job_name_prefix | sha1sum }} @@ -101,7 +101,7 @@ spec: restartPolicy: OnFailure containers: - name: copy-secrets - image: {{ $_cli_image }} + image: quay.io/ibmmas/cli@{{ $_cli_image_digest }} imagePullPolicy: IfNotPresent env: - name: SOURCE_NAMESPACE @@ -126,7 +126,6 @@ spec: exit 1 fi - # Change namespace in YAML before applying sed -i "s/namespace: $SOURCE_NAMESPACE/namespace: $TARGET_NAMESPACE/" /tmp/${SECRET_NAME}.yaml if ! kubectl apply -f /tmp/${SECRET_NAME}.yaml; then @@ -142,3 +141,110 @@ spec: echo "✅ Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" done echo "✅ All secrets copied successfully" + + +# --- +# apiVersion: v1 +# kind: ServiceAccount +# metadata: +# name: copy-secret-job +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# --- +# apiVersion: rbac.authorization.k8s.io/v1 +# kind: Role +# metadata: +# name: secret-reader +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# rules: +# - apiGroups: [""] +# resources: ["secrets"] +# verbs: ["get", "list"] +# --- +# apiVersion: rbac.authorization.k8s.io/v1 +# kind: RoleBinding +# metadata: +# name: secret-reader-binding +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "306" +# subjects: +# - kind: ServiceAccount +# name: copy-secret-job +# namespace: {{ .Values.aiservice_namespace }} +# roleRef: +# kind: Role +# name: secret-reader +# apiGroup: rbac.authorization.k8s.io + + +# --- +# apiVersion: batch/v1 +# kind: Job +# metadata: +# name: copy-ibm-entitlement +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "307" +# spec: +# template: +# spec: +# serviceAccountName: copy-secret-job +# containers: +# - name: copy-secret +# image: bitnami/kubectl:latest +# command: +# - /bin/sh +# - -c +# - | +# echo "Copying ibm-entitlement secret from {{ .Values.aiservice_namespace }} to {{ .Values.tenantNamespace }}" +# kubectl get secret ibm-entitlement -n {{ .Values.aiservice_namespace }} -o yaml | \ +# sed "s/namespace: {{ .Values.aiservice_namespace }}/namespace: {{ .Values.tenantNamespace }}/" | \ +# kubectl apply -f - +# restartPolicy: OnFailure + +# apiVersion: v1 +# kind: Secret +# metadata: +# name: ibm-entitlement +# namespace: "{{ .Values.tenantNamespace }}" +# labels: +# app.kubernetes.io/managed-by: gitops +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# type: Opaque +# data: +# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} +# {{- range $k, $v := .data }} +# {{ $k }}: {{ $v }} +# {{- end }} +# {{- end }} +# --- +# apiVersion: v1 +# kind: Secret +# metadata: +# name: km-s3-secret +# namespace: "{{ .Values.tenantNamespace }}" +# labels: +# app.kubernetes.io/managed-by: gitops +# annotations: +# {{- with (lookup "v1" "Secret" (printf "aiservice-%s" .Values.aiservice_instance_id) "km-s3-secret") }} +# {{- if .metadata.annotations }} +# {{- range $k, $v := .metadata.annotations }} +# {{- if ne $k "argocd.argoproj.io/sync-wave" }} +# {{ $k }}: {{ $v | quote }} +# {{- end }} +# {{- end }} +# {{- end }} +# {{- end }} +# argocd.argoproj.io/sync-wave: "306" +# type: Opaque +# data: +# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "km-s3-secret") }} +# {{- range $k, $v := .data }} +# {{ $k }}: {{ $v }} +# {{- end }} +# {{- end }} From 8c9c65eac02e8d4d230e1d832b39808c1ebed552 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 19:29:23 +0530 Subject: [PATCH 61/92] update copy s3 --- .../templates/06-aiservice-km-s3-secret.yaml | 117 +----------------- 1 file changed, 5 insertions(+), 112 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index d2cf6bd4d..d350fc900 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -122,129 +122,22 @@ spec: echo "--------------------------------------------------------" if ! kubectl get secret $SECRET_NAME -n $SOURCE_NAMESPACE -o yaml > /tmp/${SECRET_NAME}.yaml; then - echo "❌ Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" + echo " Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" exit 1 fi sed -i "s/namespace: $SOURCE_NAMESPACE/namespace: $TARGET_NAMESPACE/" /tmp/${SECRET_NAME}.yaml if ! kubectl apply -f /tmp/${SECRET_NAME}.yaml; then - echo "❌ Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" + echo " Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" exit 1 fi if ! kubectl get secret $SECRET_NAME -n $TARGET_NAMESPACE > /dev/null; then - echo "❌ Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" + echo " Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" exit 1 fi - echo "✅ Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" + echo " Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" done - echo "✅ All secrets copied successfully" - - -# --- -# apiVersion: v1 -# kind: ServiceAccount -# metadata: -# name: copy-secret-job -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: Role -# metadata: -# name: secret-reader -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# rules: -# - apiGroups: [""] -# resources: ["secrets"] -# verbs: ["get", "list"] -# --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: RoleBinding -# metadata: -# name: secret-reader-binding -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "306" -# subjects: -# - kind: ServiceAccount -# name: copy-secret-job -# namespace: {{ .Values.aiservice_namespace }} -# roleRef: -# kind: Role -# name: secret-reader -# apiGroup: rbac.authorization.k8s.io - - -# --- -# apiVersion: batch/v1 -# kind: Job -# metadata: -# name: copy-ibm-entitlement -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "307" -# spec: -# template: -# spec: -# serviceAccountName: copy-secret-job -# containers: -# - name: copy-secret -# image: bitnami/kubectl:latest -# command: -# - /bin/sh -# - -c -# - | -# echo "Copying ibm-entitlement secret from {{ .Values.aiservice_namespace }} to {{ .Values.tenantNamespace }}" -# kubectl get secret ibm-entitlement -n {{ .Values.aiservice_namespace }} -o yaml | \ -# sed "s/namespace: {{ .Values.aiservice_namespace }}/namespace: {{ .Values.tenantNamespace }}/" | \ -# kubectl apply -f - -# restartPolicy: OnFailure - -# apiVersion: v1 -# kind: Secret -# metadata: -# name: ibm-entitlement -# namespace: "{{ .Values.tenantNamespace }}" -# labels: -# app.kubernetes.io/managed-by: gitops -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# type: Opaque -# data: -# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "ibm-entitlement") }} -# {{- range $k, $v := .data }} -# {{ $k }}: {{ $v }} -# {{- end }} -# {{- end }} -# --- -# apiVersion: v1 -# kind: Secret -# metadata: -# name: km-s3-secret -# namespace: "{{ .Values.tenantNamespace }}" -# labels: -# app.kubernetes.io/managed-by: gitops -# annotations: -# {{- with (lookup "v1" "Secret" (printf "aiservice-%s" .Values.aiservice_instance_id) "km-s3-secret") }} -# {{- if .metadata.annotations }} -# {{- range $k, $v := .metadata.annotations }} -# {{- if ne $k "argocd.argoproj.io/sync-wave" }} -# {{ $k }}: {{ $v | quote }} -# {{- end }} -# {{- end }} -# {{- end }} -# {{- end }} -# argocd.argoproj.io/sync-wave: "306" -# type: Opaque -# data: -# {{- with (lookup "v1" "Secret" .Values.ibm_aiservice_tenant.aiservice_namespace "km-s3-secret") }} -# {{- range $k, $v := .data }} -# {{ $k }}: {{ $v }} -# {{- end }} -# {{- end }} + echo " All secrets copied successfully" \ No newline at end of file From 280f132742ee33d646580129d220929dc4404419 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 19:53:54 +0530 Subject: [PATCH 62/92] s3 update --- .../templates/06-aiservice-km-s3-secret.yaml | 21 +++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index d350fc900..d42bbbaa1 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -16,16 +16,29 @@ metadata: argocd.argoproj.io/sync-wave: "305" --- +# apiVersion: rbac.authorization.k8s.io/v1 +# kind: Role +# metadata: +# name: secret-reader-{{ .Values.tenantNamespace }} +# namespace: {{ .Values.aiservice_namespace }} +# annotations: +# argocd.argoproj.io/sync-wave: "305" +# rules: +# - apiGroups: [""] +# resources: ["secrets"] +# verbs: ["get", "list"] apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: secret-reader-{{ .Values.tenantNamespace }} - namespace: {{ .Values.aiservice_namespace }} annotations: - argocd.argoproj.io/sync-wave: "305" + argocd.argoproj.io/sync-wave: '305' + labels: + app.kubernetes.io/instance: aiservice-tenant.sremat-demo1.inst1.t02 + name: secret-reader-aiservice-inst1-t02 + namespace: aiservice-inst1 rules: - apiGroups: [""] - resources: ["secrets"] + resources: ["secrets", "pods"] verbs: ["get", "list"] --- From 4788d80b76f892845db339907d28db4e3d63651c Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 19:59:54 +0530 Subject: [PATCH 63/92] update patch --- .../templates/06-aiservice-km-s3-secret.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index d42bbbaa1..4b0387cee 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -25,8 +25,9 @@ metadata: # argocd.argoproj.io/sync-wave: "305" # rules: # - apiGroups: [""] -# resources: ["secrets"] +# resources: ["secrets,pods"] # verbs: ["get", "list"] + apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: @@ -69,7 +70,7 @@ metadata: rules: - apiGroups: [""] resources: ["secrets"] - verbs: ["get", "create", "update"] + verbs: ["get", "create", "update", "patch"] --- apiVersion: rbac.authorization.k8s.io/v1 From a6884d96547773c4be5713312372f9582b48b3ed Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 20:04:15 +0530 Subject: [PATCH 64/92] update del --- .../templates/06-aiservice-km-s3-secret.yaml | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 4b0387cee..564c9e567 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -135,23 +135,25 @@ spec: echo "Copying secret: $SECRET_NAME" echo "--------------------------------------------------------" - if ! kubectl get secret $SECRET_NAME -n $SOURCE_NAMESPACE -o yaml > /tmp/${SECRET_NAME}.yaml; then - echo " Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" + if ! kubectl get secret $SECRET_NAME -n $SOURCE_NAMESPACE -o json > /tmp/${SECRET_NAME}.json; then + echo "❌ Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" exit 1 fi - sed -i "s/namespace: $SOURCE_NAMESPACE/namespace: $TARGET_NAMESPACE/" /tmp/${SECRET_NAME}.yaml + # Clean metadata fields to avoid resourceVersion conflicts + jq 'del(.metadata.resourceVersion, .metadata.uid, .metadata.creationTimestamp, .metadata.selfLink, .metadata.managedFields)' /tmp/${SECRET_NAME}.json \ + | sed "s/\"namespace\": \"$SOURCE_NAMESPACE\"/\"namespace\": \"$TARGET_NAMESPACE\"/" > /tmp/${SECRET_NAME}_clean.json - if ! kubectl apply -f /tmp/${SECRET_NAME}.yaml; then - echo " Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" + if ! kubectl apply -f /tmp/${SECRET_NAME}_clean.json; then + echo "❌ Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" exit 1 fi if ! kubectl get secret $SECRET_NAME -n $TARGET_NAMESPACE > /dev/null; then - echo " Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" + echo "❌ Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" exit 1 fi - echo " Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" + echo "✅ Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" done - echo " All secrets copied successfully" \ No newline at end of file + echo "✅ All secrets copied successfully" From 30997f331625d9efd735b32669dc0088f8f29694 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 20:21:10 +0530 Subject: [PATCH 65/92] Update 06-aiservice-km-s3-secret.yaml --- .../templates/06-aiservice-km-s3-secret.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 564c9e567..e6053e084 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -136,7 +136,7 @@ spec: echo "--------------------------------------------------------" if ! kubectl get secret $SECRET_NAME -n $SOURCE_NAMESPACE -o json > /tmp/${SECRET_NAME}.json; then - echo "❌ Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" + echo "Failed to get secret $SECRET_NAME from $SOURCE_NAMESPACE" exit 1 fi @@ -145,15 +145,15 @@ spec: | sed "s/\"namespace\": \"$SOURCE_NAMESPACE\"/\"namespace\": \"$TARGET_NAMESPACE\"/" > /tmp/${SECRET_NAME}_clean.json if ! kubectl apply -f /tmp/${SECRET_NAME}_clean.json; then - echo "❌ Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" + echo "Failed to apply $SECRET_NAME to $TARGET_NAMESPACE" exit 1 fi if ! kubectl get secret $SECRET_NAME -n $TARGET_NAMESPACE > /dev/null; then - echo "❌ Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" + echo "Secret $SECRET_NAME not found in $TARGET_NAMESPACE after apply" exit 1 fi - echo "✅ Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" + echo "Successfully copied $SECRET_NAME to $TARGET_NAMESPACE" done - echo "✅ All secrets copied successfully" + echo "All secrets copied successfully" From d4d9d55092d05d11deb7b7421c8419d5f768d8c1 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 17 Sep 2025 20:25:08 +0530 Subject: [PATCH 66/92] update postsync job --- .../templates/08-aiservice-postsyncjob.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index 3f10247c1..c8d595daa 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -147,7 +147,7 @@ spec: echo "Retrieve AIBroker API Key for tenant: ${AISERVICE_TENANT}" echo "================================================================================" - AISERVICE_APIKEY_SECRET=$(oc get secret ${AISERVICE_TENANT}----apikey-secret -n mas-${AISERVICE_INSTANCE_ID}-aiservice -o jsonpath="{.data.AISERVICE_APIKEY}" | base64 --decode) + AISERVICE_APIKEY_SECRET=$(oc get secret ${AISERVICE_TENANT}----apikey-secret -n aiservice-${AISERVICE_INSTANCE_ID} -o jsonpath="{.data.AISERVICE_APIKEY}" | base64 --decode) if [ -z "$AISERVICE_APIKEY_SECRET" ]; then echo "AISERVICE_APIKEY_SECRET is empty" From 7a637874311841afdac1c9d364c4e1b9efc16256 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 14:00:30 +0530 Subject: [PATCH 67/92] s3 update --- .../templates/06-aiservice-km-s3-secret.yaml | 36 +++++++++---------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index e6053e084..441af3430 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -16,32 +16,32 @@ metadata: argocd.argoproj.io/sync-wave: "305" --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: Role -# metadata: -# name: secret-reader-{{ .Values.tenantNamespace }} -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# rules: -# - apiGroups: [""] -# resources: ["secrets,pods"] -# verbs: ["get", "list"] - apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: + name: secret-reader-{{ .Values.tenantNamespace }} + namespace: {{ .Values.aiservice_namespace }} annotations: - argocd.argoproj.io/sync-wave: '305' - labels: - app.kubernetes.io/instance: aiservice-tenant.sremat-demo1.inst1.t02 - name: secret-reader-aiservice-inst1-t02 - namespace: aiservice-inst1 + argocd.argoproj.io/sync-wave: "305" rules: - apiGroups: [""] - resources: ["secrets", "pods"] + resources: ["secrets,pods"] verbs: ["get", "list"] +# apiVersion: rbac.authorization.k8s.io/v1 +# kind: Role +# metadata: +# annotations: +# argocd.argoproj.io/sync-wave: '305' +# labels: +# app.kubernetes.io/instance: aiservice-tenant.sremat-demo1.inst1.t02 +# name: secret-reader-aiservice-inst1-t02 +# namespace: aiservice-inst1 +# rules: +# - apiGroups: [""] +# resources: ["secrets", "pods"] +# verbs: ["get", "list"] + --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding From 0d8d48fab88744e17856177316a83d2178604528 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 14:25:14 +0530 Subject: [PATCH 68/92] km-s3 --- .../templates/06-aiservice-km-s3-secret.yaml | 36 +++++++++---------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 441af3430..95db2bf8a 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -16,32 +16,32 @@ metadata: argocd.argoproj.io/sync-wave: "305" --- -apiVersion: rbac.authorization.k8s.io/v1 -kind: Role -metadata: - name: secret-reader-{{ .Values.tenantNamespace }} - namespace: {{ .Values.aiservice_namespace }} - annotations: - argocd.argoproj.io/sync-wave: "305" -rules: - - apiGroups: [""] - resources: ["secrets,pods"] - verbs: ["get", "list"] - # apiVersion: rbac.authorization.k8s.io/v1 # kind: Role # metadata: +# name: secret-reader-{{ .Values.tenantNamespace }} +# namespace: {{ .Values.aiservice_namespace }} # annotations: -# argocd.argoproj.io/sync-wave: '305' -# labels: -# app.kubernetes.io/instance: aiservice-tenant.sremat-demo1.inst1.t02 -# name: secret-reader-aiservice-inst1-t02 -# namespace: aiservice-inst1 +# argocd.argoproj.io/sync-wave: "305" # rules: # - apiGroups: [""] -# resources: ["secrets", "pods"] +# resources: ["secrets,pods"] # verbs: ["get", "list"] +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + annotations: + argocd.argoproj.io/sync-wave: '305' + labels: + app.kubernetes.io/instance: aiservice-tenant.sremat-demo1.inst1.t03 + name: secret-reader-aiservice-inst1-t03 + namespace: aiservice-inst1 +rules: + - apiGroups: [""] + resources: ["secrets", "pods"] + verbs: ["get", "list"] + --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding From a88a4b104064d9ac6c6c1aee71048e8f72eaff5e Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 15:01:23 +0530 Subject: [PATCH 69/92] Update 06-aiservice-km-s3-secret.yaml --- .../templates/06-aiservice-km-s3-secret.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 95db2bf8a..c9a476a95 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -34,8 +34,8 @@ metadata: annotations: argocd.argoproj.io/sync-wave: '305' labels: - app.kubernetes.io/instance: aiservice-tenant.sremat-demo1.inst1.t03 - name: secret-reader-aiservice-inst1-t03 + app.kubernetes.io/instance: aiservice-tenant.sremat-demo1.inst1.t04 + name: secret-reader-aiservice-inst1-t04 namespace: aiservice-inst1 rules: - apiGroups: [""] From d8303d33e4007b36a49af9090880b7e830060851 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 16:50:11 +0530 Subject: [PATCH 70/92] update AIBROKER_APIKEY --- .../templates/08-aiservice-postsyncjob.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index c8d595daa..ecfff16d1 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -147,8 +147,7 @@ spec: echo "Retrieve AIBroker API Key for tenant: ${AISERVICE_TENANT}" echo "================================================================================" - AISERVICE_APIKEY_SECRET=$(oc get secret ${AISERVICE_TENANT}----apikey-secret -n aiservice-${AISERVICE_INSTANCE_ID} -o jsonpath="{.data.AISERVICE_APIKEY}" | base64 --decode) - + AISERVICE_APIKEY_SECRET=$(oc get secret ${AISERVICE_TENANT}----apikey-secret -n aiservice-${AISERVICE_INSTANCE_ID} -o jsonpath="{.data.AIBROKER_APIKEY}" | base64 --decode) if [ -z "$AISERVICE_APIKEY_SECRET" ]; then echo "AISERVICE_APIKEY_SECRET is empty" exit 1 From 43c63bdc212b8ccbbdd355940cc9776195190a01 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 17:12:08 +0530 Subject: [PATCH 71/92] Update 08-aiservice-postsyncjob.yaml --- .../templates/08-aiservice-postsyncjob.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index ecfff16d1..b8b737853 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -137,7 +137,8 @@ spec: - | set -e SECRETS_KEY_SEPERATOR="/" - SECRET_NAME_AISERVICE=${ACCOUNT_ID}/${CLUSTER_ID}/${AISERVICE_INSTANCE_ID}/${AISERVICE_TENANT} + SECRET_NAME_AISERVICE= fyre-dev/sremat-demo1/aiservice-inst1-t04 + # SECRET_NAME_AISERVICE=${ACCOUNT_ID}/${CLUSTER_ID}/${AISERVICE_INSTANCE_ID}/${AISERVICE_TENANT} echo "================================================================================" echo "Account Id ....................... ${ACCOUNT_ID}" echo "Cluster Id ....................... ${CLUSTER_ID}" From 9978255a7bf615b29f86ffe94c4428a1e5663459 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 17:15:42 +0530 Subject: [PATCH 72/92] Update 08-aiservice-postsyncjob.yaml --- .../templates/08-aiservice-postsyncjob.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index b8b737853..49f5d7f42 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -137,8 +137,7 @@ spec: - | set -e SECRETS_KEY_SEPERATOR="/" - SECRET_NAME_AISERVICE= fyre-dev/sremat-demo1/aiservice-inst1-t04 - # SECRET_NAME_AISERVICE=${ACCOUNT_ID}/${CLUSTER_ID}/${AISERVICE_INSTANCE_ID}/${AISERVICE_TENANT} + SECRET_NAME_AISERVICE=${ACCOUNT_ID}/${CLUSTER_ID}/${AISERVICE_INSTANCE_ID}/${AISERVICE_TENANT} echo "================================================================================" echo "Account Id ....................... ${ACCOUNT_ID}" echo "Cluster Id ....................... ${CLUSTER_ID}" @@ -160,6 +159,7 @@ spec: sm_login TAGS="[{\"Key\": \"source\", \"Value\": \"mas-ai-service\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" + echo ${TAGS} sm_update_secret ${SECRET_NAME_AISERVICE} "{ \"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\" }" "${TAGS}" || exit $? echo "Secret update Successfully ..........." exit 0 From 739a889e0f3ebec4409e4601b711cb7c9c11e70c Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 17:23:31 +0530 Subject: [PATCH 73/92] update job --- .../templates/08-aiservice-postsyncjob.yaml | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index 49f5d7f42..0286f7457 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -159,9 +159,20 @@ spec: sm_login TAGS="[{\"Key\": \"source\", \"Value\": \"mas-ai-service\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" - echo ${TAGS} - sm_update_secret ${SECRET_NAME_AISERVICE} "{ \"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\" }" "${TAGS}" || exit $? - echo "Secret update Successfully ..........." + + echo "SECRET_NAME_AISERVICE=${SECRET_NAME_AISERVICE}" + echo "AISERVICE_APIKEY_SECRET=${AISERVICE_APIKEY_SECRET}" + echo "TAGS=${TAGS}" + + if [[ -z "${SECRET_NAME_AISERVICE}" || -z "${AISERVICE_APIKEY_SECRET}" ]]; then + echo "Missing secret name or API key" + exit 1 + fi + + # Update AWS Secrets Manager + sm_update_secret "${SECRET_NAME_AISERVICE}" \ + "{\"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\"}" \ + "${TAGS}" || exit $? exit 0 volumes: - name: postsync-manage-aiservice-{{ .Values.tenantNamespace }} From b9b9a2e2615cb63dde12e41d688e4460d0562557 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 17:31:36 +0530 Subject: [PATCH 74/92] Update 08-aiservice-postsyncjob.yaml --- .../templates/08-aiservice-postsyncjob.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index 0286f7457..67191f343 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -155,8 +155,7 @@ spec: echo "AISERVICE_APIKEY_SECRET = ${AISERVICE_APIKEY_SECRET:0:4}" - source /mascli/functions/gitops_utils - sm_login + TAGS="[{\"Key\": \"source\", \"Value\": \"mas-ai-service\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" @@ -168,7 +167,8 @@ spec: echo "Missing secret name or API key" exit 1 fi - + source /mascli/functions/gitops_utils + sm_login # Update AWS Secrets Manager sm_update_secret "${SECRET_NAME_AISERVICE}" \ "{\"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\"}" \ From 2aacf7655e84f2487b5281b43721c530269cb417 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 21:46:21 +0530 Subject: [PATCH 75/92] echo --- .../templates/08-aiservice-postsyncjob.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index 67191f343..c9472c4ac 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -169,6 +169,7 @@ spec: fi source /mascli/functions/gitops_utils sm_login + echo "updating......." # Update AWS Secrets Manager sm_update_secret "${SECRET_NAME_AISERVICE}" \ "{\"aiservice_apikey\": \"${AISERVICE_APIKEY_SECRET}\"}" \ From 4e56c95b01ec2fe54fee4b71ce272b5d9beed13d Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 21:52:08 +0530 Subject: [PATCH 76/92] update aws secrets --- .../templates/08-aiservice-postsyncjob.yaml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index c9472c4ac..33253ec23 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -129,6 +129,12 @@ spec: value: "/" - name: AISERVICE_TENANT value: "{{ .Values.tenantNamespace }}" + - name: SM_AWS_REGION + value: "{{ .Values.mas_aibroker_storage_region }}" + - name: SM_AWS_ACCESS_KEY_ID + value: "{{ .Values.mas_aibroker_storage_accesskey }}" + - name: SM_AWS_SECRET_ACCESS_KEY + value: "{{ .Values.mas_aibroker_storage_secretkey }}" - name: AVP_TYPE value: "aws" command: @@ -160,9 +166,7 @@ spec: TAGS="[{\"Key\": \"source\", \"Value\": \"mas-ai-service\"}, {\"Key\": \"account\", \"Value\": \"${ACCOUNT_ID}\"}, {\"Key\": \"cluster\", \"Value\": \"${CLUSTER_ID}\"}]" echo "SECRET_NAME_AISERVICE=${SECRET_NAME_AISERVICE}" - echo "AISERVICE_APIKEY_SECRET=${AISERVICE_APIKEY_SECRET}" echo "TAGS=${TAGS}" - if [[ -z "${SECRET_NAME_AISERVICE}" || -z "${AISERVICE_APIKEY_SECRET}" ]]; then echo "Missing secret name or API key" exit 1 From a0bd3c8aa4c8f282bebf0418287c9a43c2414b3b Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 21:55:45 +0530 Subject: [PATCH 77/92] aws --- .../templates/08-aiservice-postsyncjob.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index 33253ec23..3ce18d941 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -149,6 +149,8 @@ spec: echo "Cluster Id ....................... ${CLUSTER_ID}" echo "AISERVICE Instance Id ............. ${AISERVICE_INSTANCE_ID}" echo "SECRET_NAME_AISERVICE ........... ${SECRET_NAME_AISERVICE}" + echo "SM_AWS_ACCESS_KEY_ID ............ ${SM_AWS_ACCESS_KEY_ID:0:4}" + echo "SM_AWS_SECRET_ACCESS_KEY ........ ${SM_AWS_SECRET_ACCESS_KEY:0:4}" echo "================================================================================" echo "Retrieve AIBroker API Key for tenant: ${AISERVICE_TENANT}" echo "================================================================================" From 87a1ca12d15ee33cf73d262b733ab3594e6b1707 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 22:01:12 +0530 Subject: [PATCH 78/92] aws s3 --- .../templates/08-aiservice-postsyncjob.yaml | 6 +++--- .../templates/100-ibm-aiservice-tenant-app.yaml | 6 ++++++ 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index 3ce18d941..c997e7c69 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -130,11 +130,11 @@ spec: - name: AISERVICE_TENANT value: "{{ .Values.tenantNamespace }}" - name: SM_AWS_REGION - value: "{{ .Values.mas_aibroker_storage_region }}" + value: "{{ .Values.aiservice_s3_region }}" - name: SM_AWS_ACCESS_KEY_ID - value: "{{ .Values.mas_aibroker_storage_accesskey }}" + value: "{{ .Values.aiservice_s3_accesskey }}" - name: SM_AWS_SECRET_ACCESS_KEY - value: "{{ .Values.mas_aibroker_storage_secretkey }}" + value: "{{ .Values.aiservice_s3_secretkey }}" - name: AVP_TYPE value: "aws" command: diff --git a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml index a08080b88..8e3bbb156 100644 --- a/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml +++ b/root-applications/ibm-aiservice-tenant-root/templates/100-ibm-aiservice-tenant-app.yaml @@ -65,6 +65,12 @@ spec: slscfg_url: "{{ .Values.ibm_aiservice_tenant.slscfg_url }}" slscfg_ca_b64enc: "{{ .Values.ibm_aiservice_tenant.slscfg_ca_b64enc }}" aiservice_sls_subscription_id: "{{ .Values.ibm_aiservice_tenant.aiservice_sls_subscription_id }}" + + #s3 postsync manage + aiservice_s3_accesskey: "{{ .Values.ibm_aiservice_tenant.aiservice_s3_accesskey }}" + aiservice_s3_secretkey: "{{ .Values.ibm_aiservice_tenant.aiservice_s3_secretkey }}" + aiservice_s3_region: "{{ .Values.ibm_aiservice_tenant.aiservice_s3_region }}" + # WatsonX aiservice_watsonxai_apikey: "{{ .Values.ibm_aiservice_tenant.aiservice_watsonxai_apikey }}" From 70e96b6e092b73523c6edeb8d07b75c11995d4fc Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 22:16:15 +0530 Subject: [PATCH 79/92] update hook --- .../templates/08-aiservice-postsyncjob.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml index c997e7c69..ab30bf5b4 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/08-aiservice-postsyncjob.yaml @@ -98,6 +98,8 @@ metadata: namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "313" + argocd.argoproj.io/hook: PostSync + argocd.argoproj.io/hook-delete-policy: HookSucceeded labels: mas.ibm.com/job-cleanup-group: {{ $_job_cleanup_group }} {{- if .Values.custom_labels }} From c99e7c1f76a4973523b60372f9547bfb16506e5b Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Thu, 18 Sep 2025 22:24:32 +0530 Subject: [PATCH 80/92] update copy job --- .../templates/06-aiservice-km-s3-secret.yaml | 38 +++++++++++-------- 1 file changed, 22 insertions(+), 16 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index c9a476a95..96aa7d3ea 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -16,32 +16,38 @@ metadata: argocd.argoproj.io/sync-wave: "305" --- -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: Role -# metadata: -# name: secret-reader-{{ .Values.tenantNamespace }} -# namespace: {{ .Values.aiservice_namespace }} -# annotations: -# argocd.argoproj.io/sync-wave: "305" -# rules: -# - apiGroups: [""] -# resources: ["secrets,pods"] -# verbs: ["get", "list"] - apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: + name: secret-reader-{{ .Values.tenantNamespace }} + namespace: {{ .Values.aiservice_namespace }} annotations: - argocd.argoproj.io/sync-wave: '305' + argocd.argoproj.io/sync-wave: "305" labels: - app.kubernetes.io/instance: aiservice-tenant.sremat-demo1.inst1.t04 - name: secret-reader-aiservice-inst1-t04 - namespace: aiservice-inst1 + app.kubernetes.io/name: secret-reader + app.kubernetes.io/component: rbac + app.kubernetes.io/instance: {{ .Values.tenantNamespace }} + app.kubernetes.io/part-of: aiservice rules: - apiGroups: [""] resources: ["secrets", "pods"] verbs: ["get", "list"] + +# apiVersion: rbac.authorization.k8s.io/v1 +# kind: Role +# metadata: +# annotations: +# argocd.argoproj.io/sync-wave: '305' +# labels: +# app.kubernetes.io/instance: aiservice-tenant.sremat-demo1.inst1.t04 +# name: secret-reader-aiservice-inst1-t04 +# namespace: aiservice-inst1 +# rules: +# - apiGroups: [""] +# resources: ["secrets", "pods"] +# verbs: ["get", "list"] + --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding From de7cfed7a75a4995c1fba46d0b4485fab2429536 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 19 Sep 2025 15:09:58 +0530 Subject: [PATCH 81/92] update secret ibm ent --- .../templates/05-aiservice-operator-subscription.yaml | 10 +++------- .../templates/040-ibm-aiservice-app.yaml | 3 --- 2 files changed, 3 insertions(+), 10 deletions(-) diff --git a/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml b/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml index 272d7496d..30e9ed043 100644 --- a/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml +++ b/instance-applications/113-ibm-aiservice/templates/05-aiservice-operator-subscription.yaml @@ -6,14 +6,10 @@ metadata: namespace: "{{ .Values.aiservice_namespace }}" annotations: argocd.argoproj.io/sync-wave: "146" -type: Opaque -stringData: - ICR_USERNAME: "{{ .Values.mas_entitlement_username }}" - ICR_PASSWORD: "{{ .Values.mas_entitlement_key }}" - ARTIFACTORY_USERNAME: "{{ .Values.artifactory_username }}" - ARTIFACTORY_PASSWORD: "{{ .Values.artifactory_token }}" +type: kubernetes.io/dockerconfigjson +data: + .dockerconfigjson: "{{ .Values.artifactory_token}}" - --- apiVersion: operators.coreos.com/v1 kind: OperatorGroup diff --git a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml index 08f74c1bb..d58f78ab0 100644 --- a/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml +++ b/root-applications/ibm-aiservice-instance-root/templates/040-ibm-aiservice-app.yaml @@ -65,11 +65,8 @@ spec: jdbccfg_sslenabled: "{{ .Values.ibm_aiservice.jdbccfg_sslenabled }}" jdbccfg_ca: "{{ .Values.ibm_aiservice.jdbccfg_ca }}" - mas_entitlement_username: "{{ .Values.ibm_aiservice.mas_entitlement_username }}" - mas_entitlement_key: "{{ .Values.ibm_aiservice.mas_entitlement_key }}" entitlement_username: "{{ .Values.ibm_aiservice.entitlement_username }}" entitlement_key: "{{ .Values.ibm_aiservice.entitlement_key }}" - artifactory_username: "{{ .Values.ibm_aiservice.artifactory_username }}" artifactory_token: "{{ .Values.ibm_aiservice.artifactory_token }}" aiservice_channel: "{{ .Values.ibm_aiservice.aiservice_channel }}" From 9264dcd3966988b66577dc7af0621930b02ad187 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 19 Sep 2025 16:21:26 +0530 Subject: [PATCH 82/92] wx create tn ns --- .../templates/05-aiservice-wx.yaml | 25 +++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml index 0d6b85c6b..3732f0712 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml @@ -13,6 +13,31 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "304" type: Opaque +data: + wx_apikey: {{ .Values.aiservice_watsonxai_apikey | b64enc | quote }} + wx_url: {{ .Values.aiservice_watsonxai_url | b64enc | quote }} + wx_project_id: {{ .Values.aiservice_watsonxai_project_id | b64enc | quote }} + {{- if and (eq .Values.aiservice_watsonx_full "true") .Values.aiservice_watsonx_instance_id .Values.aiservice_watsonx_version .Values.aiservice_watsonx_username }} + wx_instance_id: {{ .Values.aiservice_watsonx_instance_id | b64enc | quote }} + wx_version: {{ .Values.aiservice_watsonx_version | b64enc | quote }} + wx_username: {{ .Values.aiservice_watsonx_username | b64enc | quote }} + {{- end }} + +--- +apiVersion: v1 +kind: Secret +metadata: + name: "{{ .Values.tenantNamespace }}----wx-secret" + namespace: "{{ .Values.tenantNamespace }}" + {{- if .Values.custom_labels }} + labels: + {{- range $key, $val := .Values.custom_labels }} + {{ $key | quote }}: {{ $val | quote }} + {{- end }} + {{- end }} + annotations: + argocd.argoproj.io/sync-wave: "304" +type: Opaque data: wx_apikey: {{ .Values.aiservice_watsonxai_apikey | b64enc | quote }} wx_url: {{ .Values.aiservice_watsonxai_url | b64enc | quote }} From 69f220566e6deebfdf34de8e74cc6d45958556b5 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 23 Sep 2025 10:12:48 +0530 Subject: [PATCH 83/92] remove comment --- .../templates/06-aiservice-km-s3-secret.yaml | 15 --------------- 1 file changed, 15 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index 96aa7d3ea..e9ab9ce0c 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -33,21 +33,6 @@ rules: resources: ["secrets", "pods"] verbs: ["get", "list"] - -# apiVersion: rbac.authorization.k8s.io/v1 -# kind: Role -# metadata: -# annotations: -# argocd.argoproj.io/sync-wave: '305' -# labels: -# app.kubernetes.io/instance: aiservice-tenant.sremat-demo1.inst1.t04 -# name: secret-reader-aiservice-inst1-t04 -# namespace: aiservice-inst1 -# rules: -# - apiGroups: [""] -# resources: ["secrets", "pods"] -# verbs: ["get", "list"] - --- apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding From 94e13c7a17d5eadf856e08ec2d79c97c4e9baafc Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 24 Sep 2025 18:51:04 +0530 Subject: [PATCH 84/92] remove jdbccfg_ca drocfg_ca --- .../113-ibm-aiservice/templates/03-aiservice-dro.yaml | 2 +- .../113-ibm-aiservice/templates/04-aiservice-jdbc.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml b/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml index a96862f8e..b11f2f0fa 100644 --- a/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml +++ b/instance-applications/113-ibm-aiservice/templates/03-aiservice-dro.yaml @@ -19,5 +19,5 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "143" data: - ca.crt: {{ .Values.drocfg_ca | b64enc }} + ca.crt: {{ .Values.drocfg_ca_b64enc }} type: Opaque \ No newline at end of file diff --git a/instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml b/instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml index 9405b20ee..1f9e597e1 100644 --- a/instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml +++ b/instance-applications/113-ibm-aiservice/templates/04-aiservice-jdbc.yaml @@ -11,5 +11,5 @@ data: password: {{ .Values.jdbccfg_password | b64enc }} url: {{ .Values.jdbccfg_url | b64enc }} sslenabled: {{ .Values.jdbccfg_sslenabled | b64enc }} - certificate: {{ .Values.jdbccfg_ca | b64enc }} + certificate: {{ .Values.jdbccfg_ca_b64enc }} type: Opaque From 27a68f61413b9be848d6c871d46a1962ec213309 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 30 Sep 2025 12:02:42 +0530 Subject: [PATCH 85/92] Update 05-aiservice-wx.yaml --- .../115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml index 3732f0712..1f779570d 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml @@ -14,7 +14,7 @@ metadata: argocd.argoproj.io/sync-wave: "304" type: Opaque data: - wx_apikey: {{ .Values.aiservice_watsonxai_apikey | b64enc | quote }} + wx_apikey: {{ .Values.aiservice_watsonxai_apikey default "" | toString | b64enc | quote }} wx_url: {{ .Values.aiservice_watsonxai_url | b64enc | quote }} wx_project_id: {{ .Values.aiservice_watsonxai_project_id | b64enc | quote }} {{- if and (eq .Values.aiservice_watsonx_full "true") .Values.aiservice_watsonx_instance_id .Values.aiservice_watsonx_version .Values.aiservice_watsonx_username }} From 2e7518ac4ecffdb4695b0f0f21ac861824db1f66 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 30 Sep 2025 12:11:55 +0530 Subject: [PATCH 86/92] Update 05-aiservice-wx.yaml --- .../templates/05-aiservice-wx.yaml | 52 ++++++------------- 1 file changed, 15 insertions(+), 37 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml index 1f779570d..18bffebfa 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml @@ -1,49 +1,27 @@ +{{- $namespaces := list .Values.aiservice_namespace .Values.tenantNamespace }} +{{- range $ns := $namespaces }} --- apiVersion: v1 kind: Secret metadata: - name: "{{ .Values.tenantNamespace }}----wx-secret" - namespace: "{{ .Values.aiservice_namespace }}" - {{- if .Values.custom_labels }} + name: "{{ $.Values.tenantNamespace }}----wx-secret" + namespace: "{{ $ns }}" + {{- with $.Values.custom_labels }} labels: - {{- range $key, $val := .Values.custom_labels }} + {{- range $key, $val := . }} {{ $key | quote }}: {{ $val | quote }} - {{- end }} + {{- end }} {{- end }} annotations: argocd.argoproj.io/sync-wave: "304" type: Opaque data: - wx_apikey: {{ .Values.aiservice_watsonxai_apikey default "" | toString | b64enc | quote }} - wx_url: {{ .Values.aiservice_watsonxai_url | b64enc | quote }} - wx_project_id: {{ .Values.aiservice_watsonxai_project_id | b64enc | quote }} - {{- if and (eq .Values.aiservice_watsonx_full "true") .Values.aiservice_watsonx_instance_id .Values.aiservice_watsonx_version .Values.aiservice_watsonx_username }} - wx_instance_id: {{ .Values.aiservice_watsonx_instance_id | b64enc | quote }} - wx_version: {{ .Values.aiservice_watsonx_version | b64enc | quote }} - wx_username: {{ .Values.aiservice_watsonx_username | b64enc | quote }} + wx_apikey: {{ $.Values.aiservice_watsonxai_apikey | default "" | toString | b64enc | quote }} + wx_url: {{ $.Values.aiservice_watsonxai_url | default "" | toString | b64enc | quote }} + wx_project_id: {{ $.Values.aiservice_watsonxai_project_id | default "" | toString | b64enc | quote }} + {{- if and (eq $.Values.aiservice_watsonx_full "true") $.Values.aiservice_watsonx_instance_id $.Values.aiservice_watsonx_version $.Values.aiservice_watsonx_username }} + wx_instance_id: {{ $.Values.aiservice_watsonx_instance_id | toString | b64enc | quote }} + wx_version: {{ $.Values.aiservice_watsonx_version | toString | b64enc | quote }} + wx_username: {{ $.Values.aiservice_watsonx_username | toString | b64enc | quote }} {{- end }} - ---- -apiVersion: v1 -kind: Secret -metadata: - name: "{{ .Values.tenantNamespace }}----wx-secret" - namespace: "{{ .Values.tenantNamespace }}" - {{- if .Values.custom_labels }} - labels: - {{- range $key, $val := .Values.custom_labels }} - {{ $key | quote }}: {{ $val | quote }} - {{- end }} - {{- end }} - annotations: - argocd.argoproj.io/sync-wave: "304" -type: Opaque -data: - wx_apikey: {{ .Values.aiservice_watsonxai_apikey | b64enc | quote }} - wx_url: {{ .Values.aiservice_watsonxai_url | b64enc | quote }} - wx_project_id: {{ .Values.aiservice_watsonxai_project_id | b64enc | quote }} - {{- if and (eq .Values.aiservice_watsonx_full "true") .Values.aiservice_watsonx_instance_id .Values.aiservice_watsonx_version .Values.aiservice_watsonx_username }} - wx_instance_id: {{ .Values.aiservice_watsonx_instance_id | b64enc | quote }} - wx_version: {{ .Values.aiservice_watsonx_version | b64enc | quote }} - wx_username: {{ .Values.aiservice_watsonx_username | b64enc | quote }} - {{- end }} \ No newline at end of file +{{- end }} From 2457b4b3b34e2ed36ee9873120fd36c2a44fdde9 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 30 Sep 2025 12:14:31 +0530 Subject: [PATCH 87/92] Update 05-aiservice-wx.yaml --- .../115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml index 18bffebfa..07e553539 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml @@ -16,9 +16,9 @@ metadata: argocd.argoproj.io/sync-wave: "304" type: Opaque data: - wx_apikey: {{ $.Values.aiservice_watsonxai_apikey | default "" | toString | b64enc | quote }} - wx_url: {{ $.Values.aiservice_watsonxai_url | default "" | toString | b64enc | quote }} - wx_project_id: {{ $.Values.aiservice_watsonxai_project_id | default "" | toString | b64enc | quote }} + wx_apikey: {{ $.Values.aiservice_watsonxai_apikey | b64enc | quote }} + wx_url: {{ $.Values.aiservice_watsonxai_url | b64enc | quote }} + wx_project_id: {{ $.Values.aiservice_watsonxai_project_id | b64enc | quote }} {{- if and (eq $.Values.aiservice_watsonx_full "true") $.Values.aiservice_watsonx_instance_id $.Values.aiservice_watsonx_version $.Values.aiservice_watsonx_username }} wx_instance_id: {{ $.Values.aiservice_watsonx_instance_id | toString | b64enc | quote }} wx_version: {{ $.Values.aiservice_watsonx_version | toString | b64enc | quote }} From 711d13ff51d5112bee4cfe3c412498af041a6679 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Tue, 30 Sep 2025 12:17:27 +0530 Subject: [PATCH 88/92] Update 05-aiservice-wx.yaml --- .../115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml index 07e553539..aba437aa5 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml @@ -16,9 +16,9 @@ metadata: argocd.argoproj.io/sync-wave: "304" type: Opaque data: - wx_apikey: {{ $.Values.aiservice_watsonxai_apikey | b64enc | quote }} - wx_url: {{ $.Values.aiservice_watsonxai_url | b64enc | quote }} - wx_project_id: {{ $.Values.aiservice_watsonxai_project_id | b64enc | quote }} + wx_apikey: {{ $.Values.aiservice_watsonxai_apikey | b64enc }} + wx_url: {{ $.Values.aiservice_watsonxai_url | b64enc }} + wx_project_id: {{ $.Values.aiservice_watsonxai_project_id | b64enc }} {{- if and (eq $.Values.aiservice_watsonx_full "true") $.Values.aiservice_watsonx_instance_id $.Values.aiservice_watsonx_version $.Values.aiservice_watsonx_username }} wx_instance_id: {{ $.Values.aiservice_watsonx_instance_id | toString | b64enc | quote }} wx_version: {{ $.Values.aiservice_watsonx_version | toString | b64enc | quote }} From 47a7459159600e9577710e73c4296479af7252d7 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 1 Oct 2025 10:54:09 +0530 Subject: [PATCH 89/92] update helm added in b64enc for lint check | default "" | toString --- .../115-ibm-aiservice-tenant/Chart.lock | 6 ++++++ .../charts/junitreporter-1.0.0.tgz | Bin 0 -> 2801 bytes .../templates/01-aiservice-sls-secret.yaml | 2 +- .../templates/02-aiservice-rsl-secret.yaml | 8 ++++---- .../templates/03-aiservice-dro-secret.yaml | 2 +- .../templates/05-aiservice-wx.yaml | 6 +++--- 6 files changed, 15 insertions(+), 9 deletions(-) create mode 100644 instance-applications/115-ibm-aiservice-tenant/Chart.lock create mode 100644 instance-applications/115-ibm-aiservice-tenant/charts/junitreporter-1.0.0.tgz diff --git a/instance-applications/115-ibm-aiservice-tenant/Chart.lock b/instance-applications/115-ibm-aiservice-tenant/Chart.lock new file mode 100644 index 000000000..7cbb6ca0e --- /dev/null +++ b/instance-applications/115-ibm-aiservice-tenant/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: junitreporter + repository: file://../../sub-charts/junitreporter/ + version: 1.0.0 +digest: sha256:ad9583aab278fcd1cf50ac3fe3edb3517238b8abe9b9de8c082b308e19b0ef2c +generated: "2025-10-01T10:48:03.954973+05:30" diff --git a/instance-applications/115-ibm-aiservice-tenant/charts/junitreporter-1.0.0.tgz b/instance-applications/115-ibm-aiservice-tenant/charts/junitreporter-1.0.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..fa021ddbc92dc99adf0825842b0271f2cc04c7d7 GIT binary patch literal 2801 zcmVDc zVQyr3R8em|NM&qo0PI_9bKADk&S(9K9Y!5FeM5|uI#bR&3GyD)Sssx5yC=`{`2@$G1BZ2?y z0f%K-)?vLK|FtYD``6m9)t*%ktiz+~e*Lhv|IDh^tJUf=upUy0Z6lJ3h-cPU%gQe9 zi3}3bwl5pp1M~hEjo% z02{F8q6IYzv7sgU)FE2W!gQ{GwQQBG!ed+XX^r*xpAtVp`OpdAzWBEetJ(P9uOIE= z|62^xGz&>+j{?rdd=v@VD9jyV6h~me@gu2!QMa)RukUND$G^fL^mWRwSe6+I)VbVD z-kLg26pFu)9PW<)>i*He;d=bnsz-;`F8;s8xV|=ldQg6wWd3X_fZN+bLDN)zEL=#8 zI{`bQzFV;=t4LI)<5QCcWQ?Xu$0$`!Lt@veq<-|%LEWo* z2cGSDj`ef>phjHJww$B=I@an3_P$#`#6!=sjd(GI>uV^60zLXkGY+kg(LD=sd3+^5d0 zu-f9XZRjjSlR1o*Qj$77$Lcu?1 zPI0olB2#RDVOA}xW^ALJaDLf76F6wsK4C9qF;CIe12a)5%=6U%FJuXl` zI~ADp!kKV(BB^*V@`;VUOjeTo-_To_Pjv%||3LyDZh$funSwf`@rlgU|H=>@ZH17# z1N6~RTqH&bh;k<9sQ`!v3B$yk+Noj%a4b-!?@hSAjT!0X4QC-Po;PEv#DCV#DAjb2 z2XO?Z$ANB0K1R4@Bhy%YQu`>Cplp1Wu4SV^17l_Ta&oqj7;bJUF{KWkI1Z1P%35=a z&B#|efAxEH{uRUaxsPk+6gF|nBvKPD=%2Ap_hy-8Wq4Bl`AtkMB0ot8CQMP-i=1M@ z7}er`N9%-(pFWkzI}*~@f=A)XG$XN;K*=NF;L00^Gmnk~63XlbzoN{gZ2Z;xZ0`bU zOErn?59p|LqjOW1UQ=#v($UjLPfwk1_Z_=a09Xm!tx>p9b8KDKDvQeVhTB^{5gncRzfzn3nz<#o8~36#jx3f)Gyr>mj?Rhef1P8cgxt_!1vd#`4N)DT3X%ior!|*c@q#-!CA0EHv(7{OY20em3e{v|ly*_p?qL zy7-(uVo_kD*eamc@19+p4o9uCEqtjRm;sUIm?|F1d?v43L#^f8W`EG?cJ5a&;WbJx z-nZ&D_@i?=8n)Wa(P{e*tFE3<*Y;=1{V2e;E&(z>I1)>lk)YWq(~}Z6ub^@&I<4dq z>+>aHZkBy~y_){MGm+egM@HH2eLmQ2eBwaqeyHZs&D(bkT1e7xx^Z z@+?rv9vWWcb3Ew`TCdKVqm*;%A;-nNvA_^a-hIM)AR|qa=B?VVx zt+pgGG;MsH0^9=vj5Ga1Z)zCEml!0HSrrrq8$n>wzPhlN;AN52a#1a`dr{sH*HUmr zeP7SlR3Votk*@2pnh*s^A0U%^w}s3MqtkBZx7O?SN$fOZ7|!#YO3X8;JM2 zxDnBCa|235m~|iO!Mk^0{t3l}6nOvsmpLGq@wGTElBR@>^Q0{FGBzf2Cp`hID4)Z@ zG_~uPK2<1)f2_?lif^=!i+k}E<^TO4vx}H(){htn98+CTl56mCINQ`DoT&+C`%vMb zs*o@=1?Q?Fg;Uv>oSExo(^ndO@iI=k?cRBF*gP)oZEjQEN;xEfbOW=GP%6hIK3?w} zeJyR>Eu(n7CiB+N8=Uj>_!tZp`Mz=AuIiQ*7+-;YXQ;|qadFQ&lZ9u)S+WTzY z|8K*8s+Otq%7Xwv_uxPET6I5z|J17WgB||!Eyh0%|4HGWuSS4A2UA(WLAIbyx^#bm z&_~9Rz7X}=;YeSNBYn=rAD8Nh-u(S@aHPlD$0v;=eb>(a_rj6BYg2E>kwTqlHc+MS z2s!#3c<{;Y>kc`JH~8RD3d;^T+95|fwi zOPc2=y+QLVrQ0j6%rlG2K!33fXKAkLNF@}nS2*gkXwLEy=x6x_nWy)VVf-bTjHp83 zUV@Slp?k>r_i8Wa->1ct4v{fo?((jl%~kqRSax>P{%I-6;4H_fp`t0bACnP{iD89UV%LRR@4w#n@2 zKKDNCE(x8rM3xKZ#fP$cFs=|v*M@FEjK;OGOyEYtD6M!}$#`k3%hT^y+_Gfc-j==q zi&~Al1^%Qn3}tsJ{1PMw##L-1#lht}aOyL_sonUWk9GX7-#j^MH_L(hpfc|L{(C?B z{pWtYzQ4o&zQuU6_Hp&`!;Zp(d_ex!J|BN407d`+ DahQEY literal 0 HcmV?d00001 diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml index a99afd668..82482091e 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/01-aiservice-sls-secret.yaml @@ -15,4 +15,4 @@ metadata: {{- end }} type: Opaque data: - SLS_REGISTRATION_KEY: {{ .Values.slscfg_registration_key | b64enc }} \ No newline at end of file + SLS_REGISTRATION_KEY: {{ .Values.slscfg_registration_key | default "" | toString | b64enc }} \ No newline at end of file diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml index 8f9315251..15d00fbbd 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/02-aiservice-rsl-secret.yaml @@ -16,7 +16,7 @@ metadata: annotations: argocd.argoproj.io/sync-wave: "302" data: - rsl_org_id: {{ .Values.rsl_org_id | b64enc | quote }} - rsl_url: {{ .Values.rsl_url | b64enc | quote }} - rsl_token: {{ .Values.rsl_token | b64enc | quote }} - ca.crt: {{ .Values.rsl_ca_crt | b64enc | quote }} + rsl_org_id: {{ .Values.rsl_org_id | default "" | toString | b64enc | quote }} + rsl_url: {{ .Values.rsl_url | default "" | toString | b64enc | quote }} + rsl_token: {{ .Values.rsl_token | default "" | toString | b64enc | quote }} + ca.crt: {{ .Values.rsl_ca_crt | default "" | toString | b64enc | quote }} diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml index 0ebf5aa2b..30f2d354f 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/03-aiservice-dro-secret.yaml @@ -15,4 +15,4 @@ metadata: argocd.argoproj.io/sync-wave: "303" type: Opaque data: - DRO_TOKEN: {{ .Values.drocfg_registration_key | b64enc }} \ No newline at end of file + DRO_TOKEN: {{ .Values.drocfg_registration_key | default "" | toString | b64enc }} \ No newline at end of file diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml index aba437aa5..4a118390d 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/05-aiservice-wx.yaml @@ -16,9 +16,9 @@ metadata: argocd.argoproj.io/sync-wave: "304" type: Opaque data: - wx_apikey: {{ $.Values.aiservice_watsonxai_apikey | b64enc }} - wx_url: {{ $.Values.aiservice_watsonxai_url | b64enc }} - wx_project_id: {{ $.Values.aiservice_watsonxai_project_id | b64enc }} + wx_apikey: {{ $.Values.aiservice_watsonxai_apikey | default "" | toString | b64enc }} + wx_url: {{ $.Values.aiservice_watsonxai_url | default "" | toString | b64enc }} + wx_project_id: {{ $.Values.aiservice_watsonxai_project_id | default "" | toString | b64enc }} {{- if and (eq $.Values.aiservice_watsonx_full "true") $.Values.aiservice_watsonx_instance_id $.Values.aiservice_watsonx_version $.Values.aiservice_watsonx_username }} wx_instance_id: {{ $.Values.aiservice_watsonx_instance_id | toString | b64enc | quote }} wx_version: {{ $.Values.aiservice_watsonx_version | toString | b64enc | quote }} From 1b5c777370c54c4d46a5e2e32700e41035df1606 Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Wed, 1 Oct 2025 12:03:24 +0530 Subject: [PATCH 90/92] update lint check update | default "" | toString | b64enc | quote --- .../113-ibm-aiservice/Chart.lock | 6 ++++++ .../charts/junitreporter-1.0.0.tgz | Bin 0 -> 2800 bytes .../templates/01-aiservice-s3-secret.yaml | 4 ++-- .../templates/02-aiservice-sls-secret.yaml | 2 +- .../templates/03-aiservice-dro.yaml | 2 +- .../templates/04-aiservice-jdbc.yaml | 8 ++++---- .../templates/06-aiservice-km-s3-secret.yaml | 17 +++++++++-------- 7 files changed, 23 insertions(+), 16 deletions(-) create mode 100644 instance-applications/113-ibm-aiservice/Chart.lock create mode 100644 instance-applications/113-ibm-aiservice/charts/junitreporter-1.0.0.tgz diff --git a/instance-applications/113-ibm-aiservice/Chart.lock b/instance-applications/113-ibm-aiservice/Chart.lock new file mode 100644 index 000000000..e87de65a6 --- /dev/null +++ b/instance-applications/113-ibm-aiservice/Chart.lock @@ -0,0 +1,6 @@ +dependencies: +- name: junitreporter + repository: file://../../sub-charts/junitreporter/ + version: 1.0.0 +digest: sha256:ad9583aab278fcd1cf50ac3fe3edb3517238b8abe9b9de8c082b308e19b0ef2c +generated: "2025-10-01T11:52:06.037491+05:30" diff --git a/instance-applications/113-ibm-aiservice/charts/junitreporter-1.0.0.tgz b/instance-applications/113-ibm-aiservice/charts/junitreporter-1.0.0.tgz new file mode 100644 index 0000000000000000000000000000000000000000..99e1ceb6a18879aaf7cc991c6b5fb948028696ae GIT binary patch literal 2800 zcmV)kiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PI_BbKAC)&ue{(9Y!5Fy-=cL*-q8-^c-7Fm9rj3k~7oExaAe z{}#ix?LrdTqmZ)+AH{+;3Uh}TnFuU+K`iwz>Nj@b^<$0o_*WQ4flm1q$FU=UI+xqY zTU*D8Lh(0}!`<;;-9I`wT#x@+_2}Se7ysX4+}zke$54KgWd3X_fZN+bLDN)zE?h`7 zoq!wDz^}NJRU|6g3#d&)GC|v?6O^hfr;zjzpg6>)g8((95=?Oc;t4J#kRSk0cbl?Y z__=a>YlIX>UO-2N+bH1%jbpInl++Fm8&&tki}8yWq)Lvezxa-Gh@?8MyDxli>{q?o zVeMc{j?nWCYQK2g|nEAR73}coyaNy32 zU%looMBFbtg}n}bvl)a7mfpfDWo_E-rgKpx&&o z+Tyb04P}$^;r=Pz;01?p#~ z0+U`i6V6^N6%R)NaWRm|N|OH@dJFTZK7rzYk}!ZzK$(wBK^@ZgMCR*%WrUu#Ld5+6 z2Iwg+5~GAfdDHV$0GL6dC^4sYDx&~S1j_Wi4L7%jkzU?#7UAM~(@-V;vvx+Qrh7av z5ttqax)J#h&P*;Zn>xuwJv_3*^=c+6DRnp^Y%6!TuU%k)nE}*tl zlh}Qao=P`5H)ZKH<>n?GJ$)SOsq^i=V|NMwD}lQ;3O8zwtIJwtQF&f-cgrR(YTV!1 zVCQ?3nY5D6&wXhbUs;?U!CFPntLXr9PI`EpDMA^Fl{t25CK0p6GXT@-H{e4|W_k_O z4MQR;UO@jxv)?=oq{3Dv_u?SvrOR!NJ6!byN@QwHEk@mxvT}rh+A%)=4&*G<1v@2vTz+Z&9Uoj0w1x6^KRhIx9f zH!SOHtt1%)5+72=^2%x{g59@@!9{D>9BGT+FCcp?wC-a3@}hNqHtJloUpD*qvrZd2 zbIu;IICN2L70~N<&n`}fqt@9LzSIrvkVtz%6^~>-lUJ>w*78lWKWKG3_bZt28l@NS zTXh@!**P5zTkYoPw0(zFS5K&G`*X#EIK;Lt0Wv>05=+^!pxG$XlM*+tpzhBx z^Ce+^mc6;&aEY8|p4(pL!KXq-vP1~x<4exwThu5_qKMo^Qt?#=(moGdmd4F z7N}$o4bSp9o^%GSm*>q<$~pCr-L15Cp`mmSaWwF$9Q7yE4R^AZTQgBU! zK+o4y5tk~FuIsUy5(P;gAd`Eyh0F}2({AVY)~ohO@3^?fJ!AEydNzaNqV&KgF#BEH zh-moq36zL2>ppZ0Z{LFb7Zev#;N81l=YU|w*Gya_O$nRiNm=M+ZA|7~dIDHcK8J&C zYuB*@s!)*NSet8PZnTe!d*+JrzkZV0Ma(tp#|#8cs4ghUHF!CiZE6zD)ReP*sPITt zNEF$Eb5)VTt87fp%pGUbR~mh08K>QL@4Pu|9vAmEw<&L>9Fjo#1hWrNDw`5-);mXE zOIvr#D&DNgytVWO=R7?=28+c(VBNQ?x@85%SD@b+s&dwNy87S6z#~DR!)Zb&12@)T zD1ih5i9a*wvVJKSGJN37!wo58I?tN|%}&f4#|~bhNMFgdqemz2)R9sqpBV$1#Zm)#g4npk8y2LXWY!GG$t>V5|Qsa5Os9sctz#=j2#N#UQbMu0vCQ(3`5wxCYBbbo=+ z?~EgTA?mfmk-i#7`kaeDF4ZHw`TO_aNZ)H8A2p8jLp%RJ3rG5)O}!mQigcpcK$U(V z`^_ApSy1nAcJiE9I^k>^}mgcICR6_A)g`+-;<}5FPewJU5jrATfG+&a*m?{K5 zPEax;bPqZIUhVn(`!qx85ori>m%km?F=FkHVPH>?p&*Kjax??m);w(^-Zn|Tc(YL_ zZs%lLwglavHHs_i1>5GaiehE^R6y}2n`v)1&9OwQB)LL6(N1yOIMo+IR{0#Z$?WMq z_de_{37xe>mJ8>ZL)kqTR|KUSOSd3aGvycS+Z_#OJ9IR zt;XE~f6^I-vO5)i4w3`o%GgM8@c9m$`V4StH~!;e9slb$PtMxSa_B#(jC;TT-p_vj zxnHl>cKF}77_Zkpu0DR)QFxFK$p7Bw Date: Wed, 1 Oct 2025 12:31:11 +0530 Subject: [PATCH 91/92] Update 06-aiservice-km-s3-secret.yaml --- .../templates/06-aiservice-km-s3-secret.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml index e9ab9ce0c..9ea1f5438 100644 --- a/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/templates/06-aiservice-km-s3-secret.yaml @@ -1,4 +1,4 @@ -{{- $_job_name_prefix := printf "presync-copy-ai-secrets-%s" .Values.tenantNamespace }} +{{- $_job_name_prefix := "presync-copy-ai-secrets" }} {{- $_cli_image_digest := "sha256:834dffd4da534c01daea4e0a6d9db7d00a9ad9b18b054cc034985fcaceedeacd" }} {{- $_job_config_values := omit .Values "junitreporter" }} {{- $_job_version := "v3" }} From 71781b44d764e140a164b51f58a57dde4aad691c Mon Sep 17 00:00:00 2001 From: yogeshkumar Date: Fri, 3 Oct 2025 09:29:29 +0530 Subject: [PATCH 92/92] removed unwanted code --- .../113-ibm-aiservice/Chart.lock | 6 ---- .../charts/junitreporter-1.0.0.tgz | Bin 2800 -> 0 bytes .../115-ibm-aiservice-tenant/Chart.lock | 6 ---- .../charts/junitreporter-1.0.0.tgz | Bin 2801 -> 0 bytes .../115-ibm-aiservice-tenant/values.yaml | 26 +++++++------- .../ibm-aiservice-instance-root/values.yaml | 32 +++++++++--------- 6 files changed, 29 insertions(+), 41 deletions(-) delete mode 100644 instance-applications/113-ibm-aiservice/Chart.lock delete mode 100644 instance-applications/113-ibm-aiservice/charts/junitreporter-1.0.0.tgz delete mode 100644 instance-applications/115-ibm-aiservice-tenant/Chart.lock delete mode 100644 instance-applications/115-ibm-aiservice-tenant/charts/junitreporter-1.0.0.tgz diff --git a/instance-applications/113-ibm-aiservice/Chart.lock b/instance-applications/113-ibm-aiservice/Chart.lock deleted file mode 100644 index e87de65a6..000000000 --- a/instance-applications/113-ibm-aiservice/Chart.lock +++ /dev/null @@ -1,6 +0,0 @@ -dependencies: -- name: junitreporter - repository: file://../../sub-charts/junitreporter/ - version: 1.0.0 -digest: sha256:ad9583aab278fcd1cf50ac3fe3edb3517238b8abe9b9de8c082b308e19b0ef2c -generated: "2025-10-01T11:52:06.037491+05:30" diff --git a/instance-applications/113-ibm-aiservice/charts/junitreporter-1.0.0.tgz b/instance-applications/113-ibm-aiservice/charts/junitreporter-1.0.0.tgz deleted file mode 100644 index 99e1ceb6a18879aaf7cc991c6b5fb948028696ae..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2800 zcmV)kiwG0|00000|0w_~VMtOiV@ORlOnEsqVl!4SWK%V1T2nbTPgYhoO;>Dc zVQyr3R8em|NM&qo0PI_BbKAC)&ue{(9Y!5Fy-=cL*-q8-^c-7Fm9rj3k~7oExaAe z{}#ix?LrdTqmZ)+AH{+;3Uh}TnFuU+K`iwz>Nj@b^<$0o_*WQ4flm1q$FU=UI+xqY zTU*D8Lh(0}!`<;;-9I`wT#x@+_2}Se7ysX4+}zke$54KgWd3X_fZN+bLDN)zE?h`7 zoq!wDz^}NJRU|6g3#d&)GC|v?6O^hfr;zjzpg6>)g8((95=?Oc;t4J#kRSk0cbl?Y z__=a>YlIX>UO-2N+bH1%jbpInl++Fm8&&tki}8yWq)Lvezxa-Gh@?8MyDxli>{q?o zVeMc{j?nWCYQK2g|nEAR73}coyaNy32 zU%looMBFbtg}n}bvl)a7mfpfDWo_E-rgKpx&&o z+Tyb04P}$^;r=Pz;01?p#~ z0+U`i6V6^N6%R)NaWRm|N|OH@dJFTZK7rzYk}!ZzK$(wBK^@ZgMCR*%WrUu#Ld5+6 z2Iwg+5~GAfdDHV$0GL6dC^4sYDx&~S1j_Wi4L7%jkzU?#7UAM~(@-V;vvx+Qrh7av z5ttqax)J#h&P*;Zn>xuwJv_3*^=c+6DRnp^Y%6!TuU%k)nE}*tl zlh}Qao=P`5H)ZKH<>n?GJ$)SOsq^i=V|NMwD}lQ;3O8zwtIJwtQF&f-cgrR(YTV!1 zVCQ?3nY5D6&wXhbUs;?U!CFPntLXr9PI`EpDMA^Fl{t25CK0p6GXT@-H{e4|W_k_O z4MQR;UO@jxv)?=oq{3Dv_u?SvrOR!NJ6!byN@QwHEk@mxvT}rh+A%)=4&*G<1v@2vTz+Z&9Uoj0w1x6^KRhIx9f zH!SOHtt1%)5+72=^2%x{g59@@!9{D>9BGT+FCcp?wC-a3@}hNqHtJloUpD*qvrZd2 zbIu;IICN2L70~N<&n`}fqt@9LzSIrvkVtz%6^~>-lUJ>w*78lWKWKG3_bZt28l@NS zTXh@!**P5zTkYoPw0(zFS5K&G`*X#EIK;Lt0Wv>05=+^!pxG$XlM*+tpzhBx z^Ce+^mc6;&aEY8|p4(pL!KXq-vP1~x<4exwThu5_qKMo^Qt?#=(moGdmd4F z7N}$o4bSp9o^%GSm*>q<$~pCr-L15Cp`mmSaWwF$9Q7yE4R^AZTQgBU! zK+o4y5tk~FuIsUy5(P;gAd`Eyh0F}2({AVY)~ohO@3^?fJ!AEydNzaNqV&KgF#BEH zh-moq36zL2>ppZ0Z{LFb7Zev#;N81l=YU|w*Gya_O$nRiNm=M+ZA|7~dIDHcK8J&C zYuB*@s!)*NSet8PZnTe!d*+JrzkZV0Ma(tp#|#8cs4ghUHF!CiZE6zD)ReP*sPITt zNEF$Eb5)VTt87fp%pGUbR~mh08K>QL@4Pu|9vAmEw<&L>9Fjo#1hWrNDw`5-);mXE zOIvr#D&DNgytVWO=R7?=28+c(VBNQ?x@85%SD@b+s&dwNy87S6z#~DR!)Zb&12@)T zD1ih5i9a*wvVJKSGJN37!wo58I?tN|%}&f4#|~bhNMFgdqemz2)R9sqpBV$1#Zm)#g4npk8y2LXWY!GG$t>V5|Qsa5Os9sctz#=j2#N#UQbMu0vCQ(3`5wxCYBbbo=+ z?~EgTA?mfmk-i#7`kaeDF4ZHw`TO_aNZ)H8A2p8jLp%RJ3rG5)O}!mQigcpcK$U(V z`^_ApSy1nAcJiE9I^k>^}mgcICR6_A)g`+-;<}5FPewJU5jrATfG+&a*m?{K5 zPEax;bPqZIUhVn(`!qx85ori>m%km?F=FkHVPH>?p&*Kjax??m);w(^-Zn|Tc(YL_ zZs%lLwglavHHs_i1>5GaiehE^R6y}2n`v)1&9OwQB)LL6(N1yOIMo+IR{0#Z$?WMq z_de_{37xe>mJ8>ZL)kqTR|KUSOSd3aGvycS+Z_#OJ9IR zt;XE~f6^I-vO5)i4w3`o%GgM8@c9m$`V4StH~!;e9slb$PtMxSa_B#(jC;TT-p_vj zxnHl>cKF}77_Zkpu0DR)QFxFK$p7BwDc zVQyr3R8em|NM&qo0PI_9bKADk&S(9K9Y!5FeM5|uI#bR&3GyD)Sssx5yC=`{`2@$G1BZ2?y z0f%K-)?vLK|FtYD``6m9)t*%ktiz+~e*Lhv|IDh^tJUf=upUy0Z6lJ3h-cPU%gQe9 zi3}3bwl5pp1M~hEjo% z02{F8q6IYzv7sgU)FE2W!gQ{GwQQBG!ed+XX^r*xpAtVp`OpdAzWBEetJ(P9uOIE= z|62^xGz&>+j{?rdd=v@VD9jyV6h~me@gu2!QMa)RukUND$G^fL^mWRwSe6+I)VbVD z-kLg26pFu)9PW<)>i*He;d=bnsz-;`F8;s8xV|=ldQg6wWd3X_fZN+bLDN)zEL=#8 zI{`bQzFV;=t4LI)<5QCcWQ?Xu$0$`!Lt@veq<-|%LEWo* z2cGSDj`ef>phjHJww$B=I@an3_P$#`#6!=sjd(GI>uV^60zLXkGY+kg(LD=sd3+^5d0 zu-f9XZRjjSlR1o*Qj$77$Lcu?1 zPI0olB2#RDVOA}xW^ALJaDLf76F6wsK4C9qF;CIe12a)5%=6U%FJuXl` zI~ADp!kKV(BB^*V@`;VUOjeTo-_To_Pjv%||3LyDZh$funSwf`@rlgU|H=>@ZH17# z1N6~RTqH&bh;k<9sQ`!v3B$yk+Noj%a4b-!?@hSAjT!0X4QC-Po;PEv#DCV#DAjb2 z2XO?Z$ANB0K1R4@Bhy%YQu`>Cplp1Wu4SV^17l_Ta&oqj7;bJUF{KWkI1Z1P%35=a z&B#|efAxEH{uRUaxsPk+6gF|nBvKPD=%2Ap_hy-8Wq4Bl`AtkMB0ot8CQMP-i=1M@ z7}er`N9%-(pFWkzI}*~@f=A)XG$XN;K*=NF;L00^Gmnk~63XlbzoN{gZ2Z;xZ0`bU zOErn?59p|LqjOW1UQ=#v($UjLPfwk1_Z_=a09Xm!tx>p9b8KDKDvQeVhTB^{5gncRzfzn3nz<#o8~36#jx3f)Gyr>mj?Rhef1P8cgxt_!1vd#`4N)DT3X%ior!|*c@q#-!CA0EHv(7{OY20em3e{v|ly*_p?qL zy7-(uVo_kD*eamc@19+p4o9uCEqtjRm;sUIm?|F1d?v43L#^f8W`EG?cJ5a&;WbJx z-nZ&D_@i?=8n)Wa(P{e*tFE3<*Y;=1{V2e;E&(z>I1)>lk)YWq(~}Z6ub^@&I<4dq z>+>aHZkBy~y_){MGm+egM@HH2eLmQ2eBwaqeyHZs&D(bkT1e7xx^Z z@+?rv9vWWcb3Ew`TCdKVqm*;%A;-nNvA_^a-hIM)AR|qa=B?VVx zt+pgGG;MsH0^9=vj5Ga1Z)zCEml!0HSrrrq8$n>wzPhlN;AN52a#1a`dr{sH*HUmr zeP7SlR3Votk*@2pnh*s^A0U%^w}s3MqtkBZx7O?SN$fOZ7|!#YO3X8;JM2 zxDnBCa|235m~|iO!Mk^0{t3l}6nOvsmpLGq@wGTElBR@>^Q0{FGBzf2Cp`hID4)Z@ zG_~uPK2<1)f2_?lif^=!i+k}E<^TO4vx}H(){htn98+CTl56mCINQ`DoT&+C`%vMb zs*o@=1?Q?Fg;Uv>oSExo(^ndO@iI=k?cRBF*gP)oZEjQEN;xEfbOW=GP%6hIK3?w} zeJyR>Eu(n7CiB+N8=Uj>_!tZp`Mz=AuIiQ*7+-;YXQ;|qadFQ&lZ9u)S+WTzY z|8K*8s+Otq%7Xwv_uxPET6I5z|J17WgB||!Eyh0%|4HGWuSS4A2UA(WLAIbyx^#bm z&_~9Rz7X}=;YeSNBYn=rAD8Nh-u(S@aHPlD$0v;=eb>(a_rj6BYg2E>kwTqlHc+MS z2s!#3c<{;Y>kc`JH~8RD3d;^T+95|fwi zOPc2=y+QLVrQ0j6%rlG2K!33fXKAkLNF@}nS2*gkXwLEy=x6x_nWy)VVf-bTjHp83 zUV@Slp?k>r_i8Wa->1ct4v{fo?((jl%~kqRSax>P{%I-6;4H_fp`t0bACnP{iD89UV%LRR@4w#n@2 zKKDNCE(x8rM3xKZ#fP$cFs=|v*M@FEjK;OGOyEYtD6M!}$#`k3%hT^y+_Gfc-j==q zi&~Al1^%Qn3}tsJ{1PMw##L-1#lht}aOyL_sonUWk9GX7-#j^MH_L(hpfc|L{(C?B z{pWtYzQ4o&zQuU6_Hp&`!;Zp(d_ex!J|BN407d`+ DahQEY diff --git a/instance-applications/115-ibm-aiservice-tenant/values.yaml b/instance-applications/115-ibm-aiservice-tenant/values.yaml index c911096b5..4a341fe28 100644 --- a/instance-applications/115-ibm-aiservice-tenant/values.yaml +++ b/instance-applications/115-ibm-aiservice-tenant/values.yaml @@ -9,26 +9,26 @@ ibm_aiservice_tenant: mas_icr_cpopen: "icr.io/cpopen" # dro - drocfg_url: "https://ibm-data-reporter-redhat-marketplace.apps.sremat-demo1.cp.fyre.ibm.com" - drocfg_ca: "" - drocfg_registration_key: "" + drocfg_url: "drocfg_url" + drocfg_ca: "drocfg_ca" + drocfg_registration_key: "drocfg_registration_key" # sls - slscfg_ca_tenant: "" - slscfg_url: "https://sls.ibm-sls.ibm-sls.apps.sremat-demo1.cp.fyre.ibm.com" - slscfg_registration_key: "" + slscfg_ca_tenant: "slscfg_ca_tenant" + slscfg_url: "slscfg_url" + slscfg_registration_key: "slscfg_registration_key" aiservice_sls_subscription_id: "001" - rsl_url: "http://sandbox43-1.fyre.ibm.com:3001/api/v3/vector/query" - rsl_org_id: "" - rsl_token: "" - rsl_ca_crt: "" + rsl_url: "rsl_url" + rsl_org_id: "rsl_org_id" + rsl_token: "rsl_token" + rsl_ca_crt: "rsl_ca_crt" # watsonx - aiservice_watsonxai_url: "https://us-south.ml.cloud.ibm.com" - aiservice_watsonxai_project_id: "" - aiservice_watsonxai_apikey: "" + aiservice_watsonxai_url: "aiservice_watsonxai_url" + aiservice_watsonxai_project_id: "aiservice_watsonxai_project_id" + aiservice_watsonxai_apikey: "aiservice_watsonxai_apikey" aiservice_watsonx_full: "false" aiservice_watsonx_instance_id: "" aiservice_watsonx_version: "" diff --git a/root-applications/ibm-aiservice-instance-root/values.yaml b/root-applications/ibm-aiservice-instance-root/values.yaml index 8bc01feee..345ecfd80 100644 --- a/root-applications/ibm-aiservice-instance-root/values.yaml +++ b/root-applications/ibm-aiservice-instance-root/values.yaml @@ -152,9 +152,9 @@ ibm_kmodel: mas_aiservice_storage_tenants_bucket: "mas_aiservice_storage_tenants_bucket" mas_aiservice_storage_pipelines_bucket: "mas_aiservice_storage_pipelines_bucket" #container images - image_store: "MAS_ICR_CP/aiservice/store:1.0.2" - image_watcher: "MAS_ICR_CP/aiservice/watcher:1.0.2-pre.dev10x" - image_controller: "MAS_ICR_CP/aiservice/controller:1.0.2-pre.dev10x" + image_store: "image_store" + image_watcher: "image_watcher" + image_controller: "image_controller" mas_aiservice_pipeline_steps_tag: 1.0.0 mas_aiservice_connector_tag: 1.0.0 @@ -266,26 +266,26 @@ ibm_aiservice_tenant: mas_icr_cpopen: "icr.io/cpopen" # dro - drocfg_url: "https://ibm-data-reporter-redhat-marketplace.apps.sremat-demo1.cp.fyre.ibm.com" - drocfg_ca: "" - drocfg_registration_key: "" + drocfg_url: "drocfg_url" + drocfg_ca: "drocfg_ca" + drocfg_registration_key: "drocfg_registration_key" # sls - slscfg_ca_tenant: "" - slscfg_url: "https://sls.ibm-sls.ibm-sls.apps.sremat-demo1.cp.fyre.ibm.com" - slscfg_registration_key: "" + slscfg_ca_tenant: "slscfg_ca_tenant" + slscfg_url: "slscfg_url" + slscfg_registration_key: "slscfg_registration_key" aiservice_sls_subscription_id: "001" - rsl_url: "http://sandbox43-1.fyre.ibm.com:3001/api/v3/vector/query" - rsl_org_id: "" - rsl_token: "" - rsl_ca_crt: "" + rsl_url: "rsl_url" + rsl_org_id: "rsl_org_id" + rsl_token: "rsl_token" + rsl_ca_crt: "rsl_ca_crt" # watsonx - aiservice_watsonxai_url: "https://us-south.ml.cloud.ibm.com" - aiservice_watsonxai_project_id: "" - aiservice_watsonxai_apikey: "" + aiservice_watsonxai_url: "aiservice_watsonxai_url" + aiservice_watsonxai_project_id: "aiservice_watsonxai_project_id" + aiservice_watsonxai_apikey: "aiservice_watsonxai_apikey" aiservice_watsonx_full: "false" aiservice_watsonx_instance_id: "" aiservice_watsonx_version: ""