Skip to content

Commit 122fc52

Browse files
mikhail-klimkomikhail-klimko
committed
onprem: 2.7.15
1 parent 5fb8de8 commit 122fc52

File tree

3 files changed

+19
-13
lines changed

3 files changed

+19
-13
lines changed

codefresh/Chart.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
apiVersion: v2
22
description: Helm Chart for Codefresh On-Prem
33
name: codefresh
4-
version: 2.7.14
4+
version: 2.7.15
55
keywords:
66
- codefresh
77
home: https://codefresh.io/
@@ -19,7 +19,7 @@ annotations:
1919
# supported kinds are added, changed, deprecated, removed, fixed and security.
2020
artifacthub.io/changes: |
2121
- kind: fixed
22-
description: "Fix delete-consul-svc hook job not to fail when consul service is not found"
22+
description: "Fix mongo-seed job with Mongo MTLS enabled"
2323
dependencies:
2424
- name: cf-common
2525
repository: oci://quay.io/codefresh/charts

codefresh/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
## Codefresh On-Premises
22

3-
![Version: 2.7.14](https://img.shields.io/badge/Version-2.7.14-informational?style=flat-square) ![AppVersion: 2.7.0](https://img.shields.io/badge/AppVersion-2.7.0-informational?style=flat-square)
3+
![Version: 2.7.15](https://img.shields.io/badge/Version-2.7.15-informational?style=flat-square) ![AppVersion: 2.7.0](https://img.shields.io/badge/AppVersion-2.7.0-informational?style=flat-square)
44

55
Helm chart for deploying [Codefresh On-Premises](https://codefresh.io/docs/docs/getting-started/intro-to-codefresh/) to Kubernetes.
66

codefresh/files/mongoSeedJobScript.sh

Lines changed: 16 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ export MONGODB_ROOT_PASSWORD=...
1212
1313
COMMENT
1414

15-
# set -eou pipefail
15+
set -x
1616

1717
ASSETS_PATH=${ASSETS_PATH:-/usr/share/extras/}
1818

@@ -34,7 +34,7 @@ MONGODB_DATABASES=(
3434
)
3535

3636
disableMongoTelemetry() {
37-
mongosh --nodb --eval "disableTelemetry()"
37+
mongosh --nodb --eval "disableTelemetry()" || true
3838
}
3939

4040
waitForMongoDB() {
@@ -82,6 +82,12 @@ setPacks() {
8282

8383
parseMongoURI $MONGO_URI
8484

85+
if [[ -s /etc/ssl/mongodb/ca.pem ]]; then
86+
MONGO_URI_EXTRA_PARAMS="--tls --tlsCertificateKeyFile /etc/ssl/mongodb/ca.pem --tlsAllowInvalidHostnames --tlsAllowInvalidCertificates"
87+
else
88+
MONGO_URI_EXTRA_PARAMS=""
89+
fi
90+
8591
disableMongoTelemetry
8692

8793
waitForMongoDB
@@ -90,20 +96,20 @@ getMongoVersion
9096

9197
for MONGODB_DATABASE in ${MONGODB_DATABASES[@]}; do
9298
waitForMongoDB
93-
mongosh ${MONGODB_ROOT_URI} --eval "db.getSiblingDB(\"${MONGODB_DATABASE}\").createUser({user: \"${MONGODB_USER}\", pwd: \"${MONGODB_PASSWORD}\", roles: [\"readWrite\"]})" 2>&1 || true
99+
mongosh ${MONGODB_ROOT_URI} ${MONGO_URI_EXTRA_PARAMS} --eval "db.getSiblingDB(\"${MONGODB_DATABASE}\").createUser({user: \"${MONGODB_USER}\", pwd: \"${MONGODB_PASSWORD}\", roles: [\"readWrite\"]})" 2>&1 || true
94100
waitForMongoDB
95-
mongosh ${MONGODB_ROOT_URI} --eval "db.getSiblingDB(\"${MONGODB_DATABASE}\").changeUserPassword(\"${MONGODB_USER}\",\"${MONGODB_PASSWORD}\")" 2>&1 || true
101+
mongosh ${MONGODB_ROOT_URI} ${MONGO_URI_EXTRA_PARAMS} --eval "db.getSiblingDB(\"${MONGODB_DATABASE}\").changeUserPassword(\"${MONGODB_USER}\",\"${MONGODB_PASSWORD}\")" 2>&1 || true
96102
done
97103

98-
mongosh ${MONGODB_ROOT_URI} --eval "db.getSiblingDB(\"codefresh\").grantRolesToUser( \"${MONGODB_USER}\", [ { role: \"readWrite\", db: \"pipeline-manager\" } ] )" 2>&1 || true
99-
mongosh ${MONGODB_ROOT_URI} --eval "db.getSiblingDB(\"codefresh\").grantRolesToUser( \"${MONGODB_USER}\", [ { role: \"readWrite\", db: \"platform-analytics-postgres\" } ] )" 2>&1 || true
100-
mongosh ${MONGODB_ROOT_URI} --eval "db.getSiblingDB(\"codefresh\").changeUserPassword(\"${MONGODB_USER}\",\"${MONGODB_PASSWORD}\")" 2>&1 || true
104+
mongosh ${MONGODB_ROOT_URI} ${MONGO_URI_EXTRA_PARAMS} --eval "db.getSiblingDB(\"codefresh\").grantRolesToUser( \"${MONGODB_USER}\", [ { role: \"readWrite\", db: \"pipeline-manager\" } ] )" 2>&1 || true
105+
mongosh ${MONGODB_ROOT_URI} ${MONGO_URI_EXTRA_PARAMS} --eval "db.getSiblingDB(\"codefresh\").grantRolesToUser( \"${MONGODB_USER}\", [ { role: \"readWrite\", db: \"platform-analytics-postgres\" } ] )" 2>&1 || true
106+
mongosh ${MONGODB_ROOT_URI} ${MONGO_URI_EXTRA_PARAMS} --eval "db.getSiblingDB(\"codefresh\").changeUserPassword(\"${MONGODB_USER}\",\"${MONGODB_PASSWORD}\")" 2>&1 || true
101107

102108
if [[ $DEVELOPMENT_CHART == "true" ]]; then
103109
setSystemAdmin
104110
setPacks
105111
fi
106112

107-
mongoimport --uri ${MONGO_URI} --collection idps --type json --legacy --file ${ASSETS_PATH}idps.json
108-
mongoimport --uri ${MONGO_URI} --collection accounts --type json --legacy --file ${ASSETS_PATH}accounts.json
109-
mongoimport --uri ${MONGO_URI} --collection users --type json --legacy --file ${ASSETS_PATH}users.json
113+
mongoimport --uri ${MONGO_URI} ${MONGO_URI_EXTRA_PARAMS} --collection idps --type json --legacy --file ${ASSETS_PATH}idps.json
114+
mongoimport --uri ${MONGO_URI} ${MONGO_URI_EXTRA_PARAMS} --collection accounts --type json --legacy --file ${ASSETS_PATH}accounts.json
115+
mongoimport --uri ${MONGO_URI} ${MONGO_URI_EXTRA_PARAMS} --collection users --type json --legacy --file ${ASSETS_PATH}users.json

0 commit comments

Comments
 (0)