fix: prep for automatic chart generation

Author: moabu

.github/workflows/update_janssen_helm_chart.yml

@@ -0,0 +1,63 @@
+name: updatejanshelmchart
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: '0 8 * * 5'
+jobs:
+  createPullRequest:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@master
+
+      - name: Set up Python 3.7
+        uses: actions/[email protected]
+        with:
+          python-version: 3.7
+
+      - name: Install dependencies
+        run: |
+          sudo apt-get update
+          sudo python3 -m pip install --upgrade pip
+          sudo pip3 install -r ./automation/requirements.txt
+          sudo apt-get update
+          sudo apt-get install jq
+
+      - name: analyze chart
+        run: |
+          mkdir -p charts/janssen
+          cp -r ./flex-cn-setup charts/janssen
+          sudo bash automation/janssen_helm_chart/prepare_chart.sh
+          sudo python3 automation/janssen_helm_chart/analyze_chart.py
+          
+
+      - name: Import GPG key
+        id: import_gpg
+        uses: crazy-max/ghaction-import-gpg@v4
+        with:
+          gpg_private_key: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.MOAUTO_GPG_PRIVATE_KEY_PASSPHRASE }}
+          git_user_signingkey: true
+          git_commit_gpgsign: true
+
+      - name: Configure Git
+        run: |
+          git config user.name "mo-auto"
+          git config user.email "[email protected]"
+          git config --global user.signingkey "${{ steps.import_gpg.outputs.keyid }}"
+          git add -A
+          git commit -S -s -m "chore: update helm package"
+
+      - name: Pushes to another repository
+        uses: cpina/github-action-push-to-another-repository@main
+        env:
+          API_TOKEN_GITHUB: ${{ secrets.MOWORKFLOWTOKEN }}
+        with:
+          commit-message: 'feat(helm): update janssen Helm Chart'
+          source-directory: 'charts'
+          destination-github-username: 'JanssenProject'
+          destination-repository-name: 'jans'
+          target-directory: charts
+          user-name: ${{ github.actor }}
+          user-email: ${{ github.actor }} <${{ github.actor }}@users.noreply.github.com>
+          target-branch: main

automation/janssen_helm_chart/analyze_chart.py

@@ -0,0 +1,97 @@
+import fnmatch
+import os
+from pathlib import Path
+
+from helpers import get_logger
+import ruamel.yaml
+
+logger = get_logger("cn-analyze-chart   ")
+
+
+def find_replace(directory, find, replace, filepatterm):
+    for path, _dirs, files in os.walk(os.path.abspath(directory)):
+        for filename in fnmatch.filter(files, filepatterm):
+            filepath = os.path.join(path, filename)
+            with open(filepath) as f:
+                s = f.read()
+            s = s.replace(find, replace)
+            with open(filepath, "w") as f:
+                f.write(s)
+
+
+def clean_keys(values_dict: {}) -> None:
+    for key, value in values_dict.items():
+        try:
+            if value:
+                continue
+            del main_values_file_parser[key]
+        except KeyError:
+            logger.info("Key {} has been removed previously or does not exist".format(key))
+
+
+main_dir = "../gluu/"
+
+# load original values.yaml
+yaml = ruamel.yaml.YAML()
+yaml.indent(mapping=4, sequence=4, offset=2)
+yaml.preserve_quotes = True
+main_values_file = Path(main_dir + "values.yaml").resolve()
+with open(main_values_file, "r") as f:
+
+    y = f.read()
+    main_values_file_parser = yaml.load(y)
+
+non_janssen_yaml = ruamel.yaml.YAML()
+non_janssen_yaml.indent(mapping=4, sequence=4, offset=2)
+non_janssen_yaml.preserve_quotes = True
+# load keys to be cleaned from original values.yaml
+with open (Path("./non_janssen.yaml").resolve(), "r") as f:
+    non_janssen = f.read()
+    non_janssen_keys = non_janssen_yaml.load(non_janssen)
+# generate janssen values yaml
+clean_keys(main_values_file_parser)
+clean_keys(main_values_file_parser["global"])
+clean_keys(main_values_file_parser["global"]["istio"])
+clean_keys(main_values_file_parser["config"])
+clean_keys(main_values_file_parser["config"]["configmap"])
+clean_keys(main_values_file_parser["nginx-ingress"]["ingress"])
+yaml.dump(main_values_file_parser, main_values_file)
+
+# load Chart.yaml and clean it from non janssen charts
+chart_yaml = ruamel.yaml.YAML()
+chart_yaml.indent(mapping=4, sequence=4, offset=2)
+chart_yaml.preserve_quotes = True
+main_chart_file = Path(main_dir + "Chart.yaml").resolve()
+with open (main_chart_file, "r") as f:
+    chart = f.read()
+    chart_keys = chart_yaml.load(chart)
+
+non_janssen_charts = ["jackrabbit", "admin-ui", "oxshibboleth", "oxpassport", "casa", "cn-istio-ingress"]
+chart_dependencies = []
+for chart in chart_keys["dependencies"]:
+    if chart["name"] not in non_janssen_charts:
+        chart_dependencies.append(chart)
+chart_keys["dependencies"] = chart_dependencies
+chart_keys["appVersion"] = "1.0.0"
+chart_yaml.dump(chart_keys, main_chart_file)
+
+
+def main():
+    find_replace(main_dir, "[email protected]", "[email protected]", "*.*")
+    find_replace(main_dir, "https://gluu.org/docs/oxd", "https://github.com/JanssenProject/jans/jans-client-api", "*.*")
+    find_replace(main_dir, "https://gluu.org/docs/gluu-server/reference/container-configs/",
+                 "https://github.com/JanssenProject/jans/docker-jans-configurator", "*.*")
+    find_replace(main_dir, "https://www.gluu.org", "https://jans.io", "*.*")
+    find_replace(main_dir, "https://gluu.org/docs/gluu-server", "https://jans.io", "*.*")
+    find_replace(main_dir, "demoexample.gluu.org", "demoexample.jans.io", "*.*")
+    find_replace(main_dir, "https://gluu.org/docs/gluu-server/favicon.ico",
+                 "https://github.com/JanssenProject/jans/raw/main/docs/logo/janssen%20project%20favicon%20transparent%2050px%2050px.png",
+                 "*.*")
+    find_replace(main_dir, "Gluu", "Janssen", "*.*")
+    find_replace(main_dir, "gluu", "janssen", "*.*")
+    find_replace(main_dir, "5.0.0", "1.0.0", "*.*")
+    find_replace(main_dir, "5.0.2", "1.0.0-beta.15", "*.*")
+
+
+if __name__ == "__main__":
+    main()

automation/janssen_helm_chart/helpers.py

@@ -0,0 +1,47 @@
+"""
+
+ License terms and conditions for Janssen Cloud Native Edition:
+ https://www.apache.org/licenses/LICENSE-2.0
+"""
+import logging
+import errno
+import shutil
+
+
+def get_logger(name):
+    """
+
+    Set logger configs with name.
+    :param name:
+    :return:
+    """
+    log_format = '%(asctime)s - %(name)8s - %(levelname)5s - %(message)s'
+    logging.basicConfig(level=logging.INFO,
+                        format=log_format,
+                        filename='setup.log',
+                        filemode='w')
+    console = logging.StreamHandler()
+    console.setLevel(logging.INFO)
+    console.setFormatter(logging.Formatter(log_format))
+    logging.getLogger(name).addHandler(console)
+    return logging.getLogger(name)
+
+
+logger = get_logger("cn-helpers   ")
+
+
+def copy(src, dest):
+    """
+    
+    Copy from source to destination
+    :param src:
+    :param dest:
+    """
+    try:
+        shutil.copytree(src, dest)
+    except OSError as e:
+        # If the error was caused because the source wasn't a directory
+        if e.errno == errno.ENOTDIR:
+            shutil.copy(src, dest)
+        else:
+            logger.error('Directory not copied. Error: {}'.format(e))

automation/janssen_helm_chart/non_janssen.yaml

@@ -0,0 +1,55 @@
+installer-settings: None
+admin-ui: None
+casa: None
+jackrabbit: None
+oxpassport: None
+oxshibboleth: None
+global:
+  admin-ui: None
+  casa: None
+  cnJackrabbitCluster: None
+  cnObExtSigningJwksUri: None
+  cnObExtSigningJwksCrt: None
+  cnObExtSigningJwksKey: None
+  cnObExtSigningJwksKeyPassPhrase: None
+  cnObExtSigningAlias: None
+  cnObStaticSigningKeyKid: None
+  cnObTransportCrt: None
+  cnObTransportKey: None
+  cnObTransportKeyPassPhrase: None
+  cnObTransportAlias: None
+  cnObTransportTrustStore: None
+  istio:
+    ingress: None
+  jackrabbit: None
+  oxpassport: None
+  oxshibboleth: None
+config:
+  migration: None
+  configmap:
+    cnDocumentStoreType: None
+    cnJackrabbitAdminId: None
+    cnJackrabbitAdminIdFile: None
+    cnJackrabbitAdminPasswordFile: None
+    cnJackrabbitPostgresDatabaseName: None
+    cnJackrabbitPostgresHost: None
+    cnJackrabbitPostgresPasswordFile: None
+    cnJackrabbitPostgresPort: None
+    cnJackrabbitPostgresUser: None
+    cnJackrabbitSyncInterval: None
+    cnJackrabbitAdminPassFile: None
+    cnJackrabbitUrl: None
+    cnPassportEnabled: None
+    cnSamlEnabled: None
+nginx-ingress:
+  ingress:
+    adminUiEnabled: None
+    adminUiLabels: None
+    adminUiAdditionalAnnotations: None
+    authServerProtectedToken: None
+    authServerProtectedTokenLabels: None
+    authServerProtectedTokenAdditionalAnnotations: None
+    authServerProtectedRegister: None
+    authServerProtectedRegisterLabels: None
+    authServerProtectedRegisterAdditionalAnnotations: None
+

automation/janssen_helm_chart/prepare_chart.sh

@@ -0,0 +1,52 @@
+#!/bin/bash
+set -e
+
+mkdir -p /home/runner/work/test
+git clone --recursive --depth 1 --branch master https://github.com/GluuFederation/flex.git /home/runner/work/test/
+temp_chart_folder="/home/runner/work/test/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts"
+rm /home/runner/work/test/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/openbanking-values.yaml
+rm /home/runner/work/test/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/openbanking-helm.md
+rm /home/runner/work/test/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config/templates/upgrade-ldap-101-jans.yaml
+rm /home/runner/work/test/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config/ob-secrets.yaml
+rm /home/runner/work/test/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/config/admin-ui-secrets.yaml
+services="casa jackrabbit oxpassport oxshibboleth admin-ui cn-istio-ingress"
+for service in $services; do
+  rm -rf "${temp_chart_folder:?}/""$service"
+done
+
+remove_all() {
+  sed '/{{ if .Values.global.jackrabbit.enabled/,/{{- end }}/d' \
+  | sed '/{{- if .Values.global.jackrabbit.enabled/,/{{- end }}/d' \
+  | sed '/{{- if .Values.configmap.cnJackrabbitUrl/,/{{- end }}/d' \
+  | sed '/{{ if .Values.global.cnJackrabbitCluster/,/{{- end }}/d' \
+  | sed '/{{- if .Values.global.oxshibboleth.enabled/,/{{- end }}/d' \
+  | sed '/{{- if index .Values "global" "admin-ui" "enabled" }}/,/{{- end }}/d' \
+  | sed '/{{ if .Values.global.cnObExtSigningJwksUri/,/{{- end }}/d' \
+  | sed '/{{ if .Values.ingress.adminUiEnabled/,/---/d' \
+  | sed '/CN_CASA_ENABLED/d' \
+  | sed '/CN_OB_EXT_SIGNING_JWKS_URI/d' \
+  | sed '/CN_OB_AS_TRANSPORT_ALIAS/d' \
+  | sed '/CN_OB_EXT_SIGNING_ALIAS/d' \
+  | sed '/CN_OB_STATIC_KID/d' \
+  | sed '/CN_JACKRABBIT_SYNC_INTERVAL/d' \
+  | sed '/CN_PASSPORT_ENABLED/d' \
+  | sed '/cnJackrabbitCluster/d' \
+  | sed '/JACKRABBIT/d' \
+  | sed '/Casa/d' \
+  | sed '/Passport/d' \
+  | sed '/Shib/d' \
+  | sed '/oxshibboleth/d'
+}
+
+remove_all < $temp_chart_folder/auth-server/templates/deployment.yml > tmpfile && mv tmpfile \
+$temp_chart_folder/auth-server/templates/deployment.yml
+
+remove_all < $temp_chart_folder/admin-ui/templates/deployment.yml > tmpfile && mv tmpfile \
+$temp_chart_folder/admin-ui/templates/deployment.yml
+
+remove_all < $temp_chart_folder/config/templates/configmaps.yaml > tmpfile && mv tmpfile \
+$temp_chart_folder/config/templates/configmaps.yaml
+
+remove_all <  $temp_chart_folder/config/values.yaml > tmpfile && mv tmpfile \
+$temp_chart_folder/config/values.yaml
+

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/Chart.yaml

@@ -3,9 +3,7 @@
 kubeVersion: ">=v1.21.0-0"
 annotations:
   artifacthub.io/changes: |
-    - Gluu 5.0 Openbanking Distribution. Auth-server and config-api.
-    - Updated new images
-    - https://gluu.org/docs/openbanking
+    - Update always
   artifacthub.io/containsSecurityUpdates: "true"
   artifacthub.io/images: |
     - name: auth-server

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/admin-ui/Chart.yaml

@@ -12,7 +12,7 @@ keywords:
 home: https://gluu.org/docs/gluu-server
 sources:
   - https://github.com/GluuFederation/docker-gluu-admin-ui
-  - https://github.com/GluuFederation/cloud-native-edition/tree/master/pygluu/kubernetes/templates/helm/gluu/charts/admin-ui
+  - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/admin-ui
 maintainers:
   - name: Mohammad Abudayyeh
     email: [email protected]

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server-key-rotation/Chart.yaml

@@ -11,7 +11,7 @@ keywords:
 home: https://gluu.org/docs/gluu-server
 sources:
   - https://github.com/JanssenProject/docker-jans-certmanager
-  - https://github.com/GluuFederation/cloud-native-edition/tree/master/pygluu/kubernetes/templates/helm/gluu/charts/auth-server-key-rotation
+  - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server-key-rotation
 maintainers:
   - name: Mohammad Abudayyeh
     email: [email protected]

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server/Chart.yaml

@@ -13,7 +13,7 @@ home: https://gluu.org/docs/gluu-server
 sources:
   - https://github.com/JanssenProject/jans-auth-server
   - https://github.com/JanssenProject/docker-jans-auth-server
-  - https://github.com/GluuFederation/cloud-native-edition/tree/master/pygluu/kubernetes/templates/helm/gluu/charts/auth-server
+  - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/auth-server
 maintainers:
   - name: Mohammad Abudayyeh
     email: [email protected]

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/casa/Chart.yaml

@@ -14,7 +14,7 @@ home: https://gluu.org/docs/casa/
 sources:
   - https://gluu.org/docs/casa/
   - https://github.com/GluuFederation/docker-casa
-  - https://github.com/GluuFederation/cloud-native-edition/tree/master/pygluu/kubernetes/templates/helm/gluu/charts/casa
+  - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/casa
 maintainers:
   - name: Mohammad Abudayyeh
     email: [email protected]

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/client-api/Chart.yaml

@@ -11,9 +11,9 @@ keywords:
   - API
 home: https://gluu.org/docs/oxd
 sources:
-  - https://github.com/JanssenProject/jans-client-api
-  - https://github.com/JanssenProject/docker-jans-client-api
-  - https://github.com/GluuFederation/cloud-native-edition/tree/master/pygluu/kubernetes/templates/helm/gluu/charts/client-api
+  - https://github.com/JanssenProject/jans/jans-client-api
+  - https://github.com/JanssenProject/jans/docker-jans-client-api
+  - https://github.com/GluuFederation/flex/tree/main/flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/client-api
 maintainers:
   - name: Mohammad Abudayyeh
     email: [email protected]

flex-cn-setup/pygluu/kubernetes/templates/helm/gluu/charts/client-api/templates/networkpolicy.yaml

@@ -20,13 +20,6 @@ spec:
     matchLabels:
       app: client-api
   ingress:
-  - from:
-    - podSelector:
-        matchLabels:
-          app: casa
-    ports:
-    - protocol: TCP
-      port: 8443
   - from:
     - podSelector:
         matchLabels: