chore(charts)!: remove couchbase support from Helm charts (#1886)

* chore(charts)!: remove couchbase support from Helm charts

Signed-off-by: iromli <[email protected]>

* chore(charts)!: remove couchbase support from Rancher

Signed-off-by: iromli <[email protected]>

* docs: remove couchbase section in cloud installation

Signed-off-by: iromli <[email protected]>

---------

Signed-off-by: iromli <[email protected]>

Author: iromli

automation/rancher-partner-charts/questions.yaml

@@ -177,9 +177,8 @@ questions:
   type: enum
   group: "Persistence"
   label: Gluu Persistence backend
-  description: "Persistence backend to run Gluu with couchbase|hybrid|sql"
+  description: "Persistence backend to run Gluu with hybrid|sql"
   options:
-    - "couchbase"
     - "hybrid"
     - "sql"
 # Hybrid
@@ -249,70 +248,6 @@ questions:
   type: string
   label: SQL database name
   show_if: "global.cnPersistenceType=sql"
-#Couchbase
-- variable: config.configmap.cnCouchbaseCrt
-  default: ""
-  group: "Persistence"
-  description: "Couchbase certificate authority string. This must be encoded using base64. This can also be found in your couchbase UI Security > Root Certificate. In mTLS setups this is not required."
-  type: multiline
-  label: Couchbase certificate authority string
-  show_if: "global.cnPersistenceType=couchbase||global.cnPersistenceType=hybrid"
-- variable: config.configmap.cnCouchbaseUrl
-  default: "gluu.cbns.svc.cluster.local"
-  required: false
-  type: hostname
-  group: "Persistence"
-  label: Couchbase host uri
-  description: "Couchbase URL. Used only when global.cnPersistenceType is hybrid or couchbase. This should be in FQDN format for either remote or local Couchbase clusters. The address can be an internal address inside the kubernetes cluster"
-  show_if: "global.cnPersistenceType=couchbase||global.cnPersistenceType=hybrid"
-- variable: config.configmap.cnCouchbaseBucketPrefix
-  default: "gluu"
-  type: string
-  description: "The prefix of couchbase buckets. This helps with separation in between different environments and allows for the same couchbase cluster to be used by different setups of Gluu."
-  group: "Persistence"
-  required: true
-  label: The prefix of Couchbase buckets
-  show_if: "global.cnPersistenceType=couchbase||global.cnPersistenceType=hybrid"
-- variable: config.configmap.cnCouchbaseIndexNumReplica
-  default: 0
-  type: int
-  description: "The number of replicas per index created. Please note that the number of index nodes must be one greater than the number of index replicas. That means if your couchbase cluster only has 2 index nodes you cannot place the number of replicas to be higher than 1."
-  group: "Persistence"
-  required: true
-  label: The number of replicas per index created
-  show_if: "global.cnPersistenceType=couchbase||global.cnPersistenceType=hybrid"
-- variable: config.configmap.cnCouchbaseSuperUser
-  default: "admin"
-  group: "Persistence"
-  description: "he Couchbase super user (admin) user name. This user is used during initialization only."
-  type: string
-  label: The Couchbase super user (admin) user name.
-  valid_chars: "^[a-z]+$"
-  show_if: "global.cnPersistenceType=couchbase||global.cnPersistenceType=hybrid"
-- variable: config.configmap.cnCouchbaseSuperUserPassword
-  default: "Test1234#"
-  group: "Persistence"
-  description: "Couchbase password for the super user config.configmap.cnCouchbaseSuperUser  that is used during the initialization and upgrade process. The password must contain one digit, one uppercase letter, one lower case letter and one symbol"
-  type: password
-  label: Couchbase password for the super users
-
-  show_if: "global.cnPersistenceType=couchbase||global.cnPersistenceType=hybrid"
-- variable: config.configmap.cnCouchbaseUser
-  default: "gluu"
-  group: "Persistence"
-  description: "Couchbase restricted user, used in Gluu operations with Couchbase. Used only when global.cnPersistenceType is hybrid or couchbase."
-  type: string
-  label: Couchbase restricted username
-  valid_chars: "^[a-z]+$"
-  show_if: "global.cnPersistenceType=couchbase||global.cnPersistenceType=hybrid"
-- variable: config.configmap.cnCouchbasePassword
-  default: "Test1234#"
-  group: "Persistence"
-  description: "Couchbase password for the restricted user config.configmap.cnCouchbaseUser  that is often used inside the services. The password must contain one digit, one uppercase letter, one lower case letter and one symbol ."
-  type: password
-  label: Couchbase password for the restricted user
-  show_if: "global.cnPersistenceType=couchbase||global.cnPersistenceType=hybrid"
-
 # ===========
 # Cache group
 # ===========
@@ -433,7 +368,6 @@ questions:
     description: "Migration data-format depending on persistence backend."
     options:
       - "ldif"
-      - "couchbase+json"
       - "postgresql+json"
       - "mysql+json"
   - variable: config.migration.migrationDir

charts/gluu-all-in-one/README.md

@@ -142,11 +142,9 @@ Kubernetes: `>=v1.22.0-0`
 | cnConfiguratorCustomSchema | object | `{"secretName":""}` | Use custom configuration schema in existing secrets. Note, the secrets has to contain the key configuration.json or any basename as specified in cnConfiguratorConfigurationFile. |
 | cnConfiguratorCustomSchema.secretName | string | `""` | The name of the secrets used for storing custom configuration schema. |
 | cnConfiguratorDumpFile | string | `"/etc/jans/conf/configuration.out.json"` | Path to dumped configuration schema file |
-| cnCouchbasePasswordFile | string | `"/etc/jans/conf/couchbase_password"` | Path to Couchbase password file |
-| cnCouchbaseSuperuserPasswordFile | string | `"/etc/jans/conf/couchbase_superuser_password"` | Path to Couchbase superuser password file |
 | cnDocumentStoreType | string | `"DB"` | Document store type to use for shibboleth files DB. |
 | cnGoogleApplicationCredentials | string | `"/etc/jans/conf/google-credentials.json"` | Base64 encoded service account. The sa must have roles/secretmanager.admin to use Google secrets. Leave as this is a sensible default. |
-| cnPersistenceType | string | `"sql"` | Persistence backend to run Gluu with couchbase|hybrid|sql. |
+| cnPersistenceType | string | `"sql"` | Persistence backend to run Gluu with hybrid|sql. |
 | cnPrometheusPort | string | `""` | Port used by Prometheus JMX agent (default to empty string). To enable Prometheus JMX agent, set the value to a number. |
 | cnSqlPasswordFile | string | `"/etc/jans/conf/sql_password"` | Path to SQL password file |
 | config-api.appLoggers | object | `{"adminUiAppLoggers":{"adminUiAuditLogLevel":"INFO","adminUiAuditLogTarget":"FILE","adminUiLogLevel":"INFO","adminUiLogTarget":"FILE","enableStdoutLogPrefix":"true"},"configApiLogLevel":"INFO","configApiLogTarget":"STDOUT","enableStdoutLogPrefix":"true","persistenceDurationLogLevel":"INFO","persistenceDurationLogTarget":"FILE","persistenceLogLevel":"INFO","persistenceLogTarget":"FILE","scriptLogLevel":"INFO","scriptLogTarget":"FILE"}` | App loggers can be configured to define where the logs will be redirected to and the level of each in which it should be displayed. |
@@ -182,14 +180,6 @@ Kubernetes: `>=v1.22.0-0`
 | configmap.cnAwsSecretsReplicaRegions | list | `[]` |  |
 | configmap.cnCacheType | string | `"NATIVE_PERSISTENCE"` | Cache type. `NATIVE_PERSISTENCE`, `REDIS`. or `IN_MEMORY`. Defaults to `NATIVE_PERSISTENCE` . |
 | configmap.cnConfigKubernetesConfigMap | string | `"cn"` | The name of the Kubernetes ConfigMap that will hold the configuration layer |
-| configmap.cnCouchbaseBucketPrefix | string | `"jans"` | The prefix of couchbase buckets. This helps with separation in between different environments and allows for the same couchbase cluster to be used by different setups of Gluu. |
-| configmap.cnCouchbaseCrt | string | `"SWFtTm90YVNlcnZpY2VBY2NvdW50Q2hhbmdlTWV0b09uZQo="` | Couchbase certificate authority string. This must be encoded using base64. This can also be found in your couchbase UI Security > Root Certificate. In mTLS setups this is not required. |
-| configmap.cnCouchbaseIndexNumReplica | int | `0` | The number of replicas per index created. Please note that the number of index nodes must be one greater than the number of index replicas. That means if your couchbase cluster only has 2 index nodes you cannot place the number of replicas to be higher than 1. |
-| configmap.cnCouchbasePassword | string | `"P@ssw0rd"` | Couchbase password for the restricted user config.configmap.cnCouchbaseUser  that is often used inside the services. The password must contain one digit, one uppercase letter, one lower case letter and one symbol . |
-| configmap.cnCouchbaseSuperUser | string | `"admin"` | The Couchbase super user (admin) username. This user is used during initialization only. |
-| configmap.cnCouchbaseSuperUserPassword | string | `"Test1234#"` | Couchbase password for the superuser config.configmap.cnCouchbaseSuperUser  that is used during the initialization process. The password must contain one digit, one uppercase letter, one lower case letter and one symbol |
-| configmap.cnCouchbaseUrl | string | `"cbgluu.default.svc.cluster.local"` | Couchbase URL. Used only when cnPersistenceType is hybrid or couchbase. This should be in FQDN format for either remote or local Couchbase clusters. The address can be an internal address inside the kubernetes cluster |
-| configmap.cnCouchbaseUser | string | `"gluu"` | Couchbase restricted user. Used only when cnPersistenceType is hybrid or couchbase. |
 | configmap.cnGoogleProjectId | string | `"google-project-to-save-config-and-secrets-to"` | Project id of the Google project the secret manager belongs to. Used only when configAdapterName and configSecretAdapter is set to google. |
 | configmap.cnGoogleSecretManagerServiceAccount | string | `"SWFtTm90YVNlcnZpY2VBY2NvdW50Q2hhbmdlTWV0b09uZQo="` | Service account with roles roles/secretmanager.admin base64 encoded string. This is used often inside the services to reach the configuration layer. Used only when configAdapterName and configSecretAdapter is set to google. |
 | configmap.cnGoogleSecretNamePrefix | string | `"gluu"` | Prefix for Gluu secret in Google Secret Manager. Defaults to gluu. If left janssen-secret secret will be created. Used only when configAdapterName and configSecretAdapter is set to google. |

charts/gluu-all-in-one/templates/_helpers.tpl

@@ -75,9 +75,6 @@ Create optional scopes list
 {{- if eq .Values.configmap.cnCacheType "REDIS" }}
 {{ $newList = append $newList ("redis" | quote )  }}
 {{- end}}
-{{ if or (eq .Values.cnPersistenceType "couchbase") (eq .Values.cnPersistenceType "hybrid") }}
-{{ $newList = append $newList ("couchbase" | quote) }}
-{{- end}}
 {{ if eq .Values.cnPersistenceType "sql" }}
 {{ $newList = append $newList ("sql" | quote) }}
 {{- end }}

charts/gluu-all-in-one/templates/configmap.yaml

@@ -114,14 +114,6 @@ data:
   LB_ADDR: {{ .Values.configmap.lbAddr }}
   {{- end }}
   CN_PERSISTENCE_TYPE: {{ .Values.cnPersistenceType }}
-  {{- if or (eq .Values.cnPersistenceType "couchbase") (eq .Values.cnPersistenceType "hybrid") }}
-  #  used only if CN_PERSISTENCE_TYPE is couchbase or hybrid
-  CN_COUCHBASE_URL: {{ .Values.configmap.cnCouchbaseUrl }}
-  CN_COUCHBASE_BUCKET_PREFIX: {{ .Values.configmap.cnCouchbaseBucketPrefix }}
-  CN_COUCHBASE_INDEX_NUM_REPLICA: {{ .Values.configmap.cnCouchbaseIndexNumReplica | quote }}
-  CN_COUCHBASE_USER: {{ .Values.configmap.cnCouchbaseUser }}
-  CN_COUCHBASE_SUPERUSER: {{ .Values.configmap.cnCouchbaseSuperUser }}
-  {{- end }}
   CN_KEY_ROTATION_FORCE: "false"
   CN_KEY_ROTATION_CHECK: "3600"
   CN_KEY_ROTATION_INTERVAL: "48"
@@ -141,9 +133,6 @@ data:
   CN_REDIS_SSL_TRUSTSTORE: {{ .Values.configmap.cnRedisSslTruststore | quote }}
   CN_REDIS_SENTINEL_GROUP: {{ .Values.configmap.cnRedisSentinelGroup | quote }}
   {{- end }}
-  {{- if .Values.istio.enabled }}
-  CN_COUCHBASE_TRUSTSTORE_ENABLE: "false"
-  {{- end }}
   {{- if .Values.scim.enabled }}
   CN_SCIM_ENABLED: {{ .Values.scim.enabled | quote }}
   CN_SCIM_PROTECTION_MODE: {{ .Values.configmap.cnScimProtectionMode | quote }}
@@ -188,8 +177,6 @@ data:
   }}
   {{- end }}
   CN_SQL_PASSWORD_FILE: {{ .Values.cnSqlPasswordFile }}
-  CN_COUCHBASE_PASSWORD_FILE: {{ .Values.cnCouchbasePasswordFile }}
-  CN_COUCHBASE_SUPERUSER_PASSWORD_FILE: {{ .Values.cnCouchbaseSuperuserPasswordFile }}
   CN_CONFIG_API_PLUGINS: "admin-ui,fido2,scim,user-mgt"
   CN_AIO_COMPONENTS: {{ include "flex-all-in-one.aioComponents" . | fromJsonArray | join "," | quote}}
   {{- if .Values.saml.enabled }}

charts/gluu-all-in-one/templates/secret.yaml

@@ -42,11 +42,6 @@ stringData:
         {{ if or ( eq .Values.cnPersistenceType "sql"  ) ( eq .Values.cnPersistenceType "hybrid"  )  }}
         "sql_password": {{ .Values.configmap.cnSqldbUserPassword | quote }},
         {{- end }}
-        {{ if or ( eq .Values.cnPersistenceType "couchbase" ) ( eq .Values.cnPersistenceType "hybrid" ) }}
-        "couchbase_password": {{ .Values.configmap.cnCouchbasePassword | quote }},
-        "couchbase_superuser_password": {{ .Values.configmap.cnCouchbaseSuperUserPassword | quote }},
-        "couchbase_cert": {{ .Values.configmap.cnCouchbaseCrt | quote  }},
-        {{- end }}
         {{ if eq .Values.configSecretAdapter "vault" }}
         "vault_role_id": {{ .Values.configmap.cnVaultRoleId | quote }},
         "vault_secret_id": {{ .Values.configmap.cnVaultSecretId | quote }},

charts/gluu-all-in-one/values.yaml

@@ -14,7 +14,7 @@ orgName: Gluu
 # -- Resource specs.
 # -- State code. Used for certificate creation.
 state: TX
-# -- Persistence backend to run Gluu with couchbase|hybrid|sql.
+# -- Persistence backend to run Gluu with hybrid|sql.
 cnPersistenceType: sql
 # -- Salt. Used for encoding/decoding sensitive data. If omitted or set to empty string, the value will be self-generated. Otherwise, a 24 alphanumeric characters are allowed as its value.
 salt: ""
@@ -58,22 +58,6 @@ configmap:
   containerMetadataName: kubernetes
   # -- The name of the Kubernetes ConfigMap that will hold the configuration layer
   cnConfigKubernetesConfigMap: cn
-  # -- The prefix of couchbase buckets. This helps with separation in between different environments and allows for the same couchbase cluster to be used by different setups of Gluu.
-  cnCouchbaseBucketPrefix: jans
-  # -- Couchbase certificate authority string. This must be encoded using base64. This can also be found in your couchbase UI Security > Root Certificate. In mTLS setups this is not required.
-  cnCouchbaseCrt: SWFtTm90YVNlcnZpY2VBY2NvdW50Q2hhbmdlTWV0b09uZQo=
-  # -- The number of replicas per index created. Please note that the number of index nodes must be one greater than the number of index replicas. That means if your couchbase cluster only has 2 index nodes you cannot place the number of replicas to be higher than 1.
-  cnCouchbaseIndexNumReplica: 0
-  # -- Couchbase password for the restricted user config.configmap.cnCouchbaseUser  that is often used inside the services. The password must contain one digit, one uppercase letter, one lower case letter and one symbol .
-  cnCouchbasePassword: P@ssw0rd
-  # -- The Couchbase super user (admin) username. This user is used during initialization only.
-  cnCouchbaseSuperUser: admin
-  # -- Couchbase password for the superuser config.configmap.cnCouchbaseSuperUser  that is used during the initialization process. The password must contain one digit, one uppercase letter, one lower case letter and one symbol
-  cnCouchbaseSuperUserPassword: Test1234#
-  # -- Couchbase URL. Used only when cnPersistenceType is hybrid or couchbase. This should be in FQDN format for either remote or local Couchbase clusters. The address can be an internal address inside the kubernetes cluster
-  cnCouchbaseUrl: cbgluu.default.svc.cluster.local
-  # -- Couchbase restricted user. Used only when cnPersistenceType is hybrid or couchbase.
-  cnCouchbaseUser: gluu
   # [google_envs] Envs related to using Google
   # -- Service account with roles roles/secretmanager.admin base64 encoded string. This is used often inside the services to reach the configuration layer. Used only when configAdapterName and configSecretAdapter is set to google.
   cnGoogleSecretManagerServiceAccount: SWFtTm90YVNlcnZpY2VBY2NvdW50Q2hhbmdlTWV0b09uZQo=
@@ -593,10 +577,6 @@ cnPrometheusPort: ""
 cnDocumentStoreType: DB
 # -- Path to SQL password file
 cnSqlPasswordFile: /etc/jans/conf/sql_password
-# -- Path to Couchbase password file
-cnCouchbasePasswordFile: /etc/jans/conf/couchbase_password
-# -- Path to Couchbase superuser password file
-cnCouchbaseSuperuserPasswordFile: /etc/jans/conf/couchbase_superuser_password
 # -- Path to file contains password for database access
 kcDbPasswordFile: /etc/jans/conf/kc_db_password
 # -- Path to file contains Keycloak admin credentials (username and password)