From 92da5dd59365400a9087bc2956752541ce7bea3c Mon Sep 17 00:00:00 2001 From: I524884 Date: Tue, 31 Jan 2023 15:51:34 +0530 Subject: [PATCH 01/17] add requires section --- .cdsrc.json | 47 +++++++++++++++++++++++++++++------------------ 1 file changed, 29 insertions(+), 18 deletions(-) diff --git a/.cdsrc.json b/.cdsrc.json index bd9561c4..51e9f5ff 100644 --- a/.cdsrc.json +++ b/.cdsrc.json @@ -1,21 +1,32 @@ { - "build": { - "target": ".", - "tasks": [ - { - "for": "java" - }, - { - "for": "mtx", - "src": ".", - "dest": "mtx-sidecar" - }, - { - "for": "hana" - } - ] + "build": { + "target": ".", + "tasks": [ + { + "for": "java" + }, + { + "for": "mtx", + "src": ".", + "dest": "mtx-sidecar" + }, + { + "for": "hana" + } + ] + }, + "hana": { + "deploy-format": "hdbtable" + }, + "requires": { + "auth": { + "kind": "xsuaa" }, - "hana": { - "deploy-format": "hdbtable" + "approuter": { + "kind": "cloudfoundry" + }, + "db": { + "kind": "hana-cloud" } -} + } +} \ No newline at end of file From 1c9d1379dd0d58495f27dc8da8ba6fd9ed8a29a8 Mon Sep 17 00:00:00 2001 From: I524884 Date: Tue, 31 Jan 2023 18:11:57 +0530 Subject: [PATCH 02/17] update kyma deployment section --- README.md | 129 +++++++++++++++-------------- scripts/build-ui-image.sh | 66 --------------- scripts/prepareUiFiles.js | 166 -------------------------------------- values.yaml | 43 ---------- 4 files changed, 68 insertions(+), 336 deletions(-) delete mode 100755 scripts/build-ui-image.sh delete mode 100644 scripts/prepareUiFiles.js delete mode 100644 values.yaml diff --git a/README.md b/README.md index 7f476f5e..f3dc84f0 100644 --- a/README.md +++ b/README.md @@ -237,7 +237,7 @@ Before you can access the UI using the (tenant-specific) URL to the bookshop(-mt - Container Registry (e.g. [Docker Hub](https://hub.docker.com/)) - Command Line Tools: [`kubectl`](https://kubernetes.io/de/docs/tasks/tools/install-kubectl/), [`kubectl-oidc_login`](https://github.com/int128/kubelogin#setup), [`pack`](https://buildpacks.io/docs/tools/pack/), [`docker`](https://docs.docker.com/get-docker/), [`helm`](https://helm.sh/docs/intro/install/), [`cf`](https://docs.cloudfoundry.org/cf-cli/install-go-cli.html) - Logged into Kyma Runtime (with `kubectl` CLI), Cloud Foundry space (with `cf` CLI) and Container Registry (with `docker login`) -- `@sap/cds-dk` >= 6.0.1 +- `@sap/cds-dk` >= 6.5.0 ### Add Deployment Files @@ -246,9 +246,7 @@ CAP tooling provides your a Helm chart for deployment to Kyma. Add the CAP Helm chart with the required features to this project: ```bash -cds add helm:hana_deployer -cds add helm:xsuaa -cds add helm:html5_apps_deployer +cds add helm ``` #### Helm chart configuration @@ -257,46 +255,6 @@ This project contains a pre-configured configuration file `values.yaml`, you jus - `` - full-qualified hostname of your container registry - `domain`- full-qualified domain name used to access applications in your Kyma cluster - -#### Use API_BUSSINESS_PARTNER Remote Service (optional) - -You can try the `API_BUSINESS_PARTNER` service with a real S/4HANA system with the following configuration: - -1. Create either an on-premise or cloud destination in your subaccount. - -2. Add the binding to the destination service for the service (`srv`) to the `values.yaml` file: - - ```yaml - srv: - ... - bindings: - ... - destinations: - serviceInstanceName: destinations - ``` - - (The destination service instance is already configured) - -3. Set the profiles `cloud` and `destination` active in your `values.yaml` file: - - ```yaml - srv: - ... - env: - SPRING_PROFILES_ACTIVE: cloud,destination - # TODO: To be removed after @sap/cds-dk patch - CDS_ENVIRONMENT_K8S_SERVICEBINDINGS_CONNECTIVITY_SECRETSPATH: '/bindings/connectivity' - CDS_ENVIRONMENT_K8S_SERVICEBINDINGS_CONNECTIVITY_SERVICE: 'connectivity' - ``` - -4. For on-premise only: Add the connectivity service to your Helm chart: - - ```bash - cds add helm:connectivity - ``` - -*See also: [API_BUSINESS_PARTNER Remote Service and Spring Profiles](#api_business_partner-remote-service-and-spring-profiles)* - ### Prepare Kubernetes Namespace #### Create container registry secret @@ -311,23 +269,48 @@ The *Docker Server* is the full qualified hostname of your container registry. #### Create a HDI container and a secret +This step is only required if you're using a BTP Trial account. If you're using a production or a free tier account then you can create HDI Container from Kyma directly by adding a [mapping to your Kyma namespace in your HANA Cloud Instance](https://blogs.sap.com/2022/12/15/consuming-sap-hana-cloud-from-the-kyma-environment/) and skip this step. + ``` bash ./scripts/create-db-secret.sh bookshop-db ``` It will create a HDI container `bookshop-db` on your currently targeted Cloud Foundry space and creates a secret `bookshop-db` with the HDI container's credentials in your current Kubernetes namespace. +Make the following changes to your _`chart/values.yaml`_. + +```diff +srv: + bindings: + db: +- serviceInstanceName: hana ++ fromSecret: bookshop-db +... + +hana-deployer: + bindings: + hana: +- serviceInstanceName: hana ++ fromSecret: bookshop-db + +... +- hana: +- serviceOfferingName: hana +- servicePlanName: hdi-shared +``` + ### Build **Build data base deployer image:** -``` +```bash cds build --production pack build $YOUR_CONTAINER_REGISTRY/bookshop-hana-deployer \ --path db \ --buildpack gcr.io/paketo-buildpacks/nodejs \ - --builder paketobuildpacks/builder:base + --builder paketobuildpacks/builder:base \ + --env BP_NODE_RUN_SCRIPTS="" ``` (Replace `$YOUR_CONTAINER_REGISTRY` with the full-qualified hostname of your container registry) @@ -335,23 +318,28 @@ pack build $YOUR_CONTAINER_REGISTRY/bookshop-hana-deployer \ **Build image for CAP service:** -``` -mvn package +```bash +mvn clean package -DskipTests=true ``` -``` +```bash pack build $YOUR_CONTAINER_REGISTRY/bookshop-srv \ --path srv/target/*-exec.jar \ --buildpack gcr.io/paketo-buildpacks/sap-machine \ --buildpack gcr.io/paketo-buildpacks/java \ --builder paketobuildpacks/builder:base \ - --env SPRING_PROFILES_ACTIVE=cloud + --env SPRING_PROFILES_ACTIVE=cloud \ + --env BP_JVM_VERSION=11 ``` -**Build HTML5 application deployer image:** +**Build Approuter Image:** -``` -bash ./scripts/build-ui-image.sh +```bash +pack build $YOUR_CONTAINER_REGISTRY/bookshop-approuter \ + --path app \ + --buildpack gcr.io/paketo-buildpacks/nodejs \ + --builder paketobuildpacks/builder:base \ + --env BP_NODE_RUN_SCRIPTS="" ``` ### Push container images @@ -363,24 +351,43 @@ docker push $YOUR_CONTAINER_REGISTRY/bookshop-hana-deployer docker push $YOUR_CONTAINER_REGISTRY/bookshop-srv -docker push $YOUR_CONTAINER_REGISTRY/bookshop-html5-deployer +docker push $YOUR_CONTAINER_REGISTRY/bookshop-approuter ``` ### Deployment +1. Replace `` in `xsuaa.parameters.oauth2-configuration.redirect-uris` with you cluster domain in _`chart/values.yaml`_. + +2. Replace `` with your container registry in _`chart/values.yaml`_. + +3. Make the following change to add backend destinations required by Approuter. + +```diff +- backendDestinations: {} ++ backendDestinations: ++ backend: ++ service: srv ``` -helm upgrade bookshop ./chart --install -f values.yaml + +4. Add your image registry secret created in [Create container registry secret](#create-container-registry-secret) step. + +```diff +global: + domain: null +- imagePullSecret: {} ++ imagePullSecret: ++ name: container-registry ``` -### Access the UI +5. Deploy the helm chart using the following command: -Before you can access the UI you should make sure to [Setup Authorizations in SAP Business Technology Platform](#setup-authorizations-in-sap-business-technology-platform). +```bash +helm upgrade bookshop ./chart --install +``` -1. Create a Launchpad Service subscription in the BTP Cockpit -2. Go to **HTML5 Applications** -3. Start any of the HTML5 applications +5. Before you can access the UI you should make sure to [Setup Authorizations in SAP Business Technology Platform](#setup-authorizations-in-sap-business-technology-platform). -Additionally, you can add the UIs to a Launchpad Service site like it is described in in the last two steps of [this tutorial](https://developers.sap.com/tutorials/btp-app-kyma-launchpad-service.html#9aab2dd0-18ea-4ccd-bc44-24e87c845740). +6. Click on the approuter url logged by the `helm upgrade` to access the UI. ## Setup Authorizations in SAP Business Technology Platform diff --git a/scripts/build-ui-image.sh b/scripts/build-ui-image.sh deleted file mode 100755 index bef48493..00000000 --- a/scripts/build-ui-image.sh +++ /dev/null @@ -1,66 +0,0 @@ -#!/bin/bash - -set -e -cd "$(dirname "$(dirname "$0")")" - -npm install --no-save yaml - -function value() { - node ./scripts/value.js "$1" -} - -function image() { - local REPOSITORY="$(value "$1.image.repository")" - local TAG="$(value "$1.image.tag")" - if [ "$TAG" != "" ]; then - echo "$REPOSITORY:$TAG" - else - echo "$REPOSITORY" - fi -} - -rm -rf gen/ui -mkdir -p gen/ui/resources - -CLOUD_SERVICE="$(value html5_apps_deployer.cloudService)" -DESTINATIONS="$(value html5_apps_deployer.backendDestinations)" - -IMAGE="$(image html5_apps_deployer)" - -for APP in app/*; do - if [ -f "$APP/webapp/manifest.json" ]; then - echo "Build $APP..." - echo - - rm -rf "gen/$APP" - mkdir -p "gen/app" - cp -r "$APP" gen/app - pushd >/dev/null "gen/$APP" - - node ../../../scripts/prepareUiFiles.js $CLOUD_SERVICE $DESTINATIONS - npm install - npx ui5 build preload --clean-dest --config ui5-deploy.yaml --include-task=generateManifestBundle generateCachebusterInfo - cd dist - rm manifest-bundle.zip - mv *.zip ../../../ui/resources - - popd >/dev/null - fi -done - -cd gen/ui - -echo -echo "HTML5 Apps:" -ls -l resources -echo - -cat >package.json < replacements[v]); - writeFileSync(Path.join(path, "ui5-deploy.yaml"), ui5Deploy); - } -} - -function throwError(msg) { - throw new Error(msg); -} - -function getPackageJsonInclude() { - return { - "name": "ui5-builde-root", - "devDependencies": { - "@ui5/cli": "^2.11.1", - "@ui5/fs": "^2.0.6", - "@ui5/logger": "^2.0.1", - "@sap/ux-ui5-tooling": "1", - "rimraf": "3.0.2", - "@sap/ui5-builder-webide-extension": "1.0.x", - "ui5-task-zipper": "^0.3.1", - "mbt": "^1.0.15" - }, - "ui5": { - "dependencies": [ - "@sap/ui5-builder-webide-extension", - "ui5-task-zipper", - "mbt" - ] - } - } -} - -function getUI5DeployTemplateYaml() { - return `specVersion: '2.4' -metadata: - name: $ID -type: application -resources: - configuration: - propertiesFileSourceEncoding: UTF-8 -builder: - resources: - excludes: - - "/test/**" - - "/localService/**" - customTasks: - - name: webide-extension-task-updateManifestJson - beforeTask: generateManifestBundle - configuration: - appFolder: webapp - destDir: dist - - name: ui5-task-zipper - afterTask: generateCachebusterInfo - configuration: - archiveName: $ARCHIVENAME - additionalFiles: - - xs-app.json` -} - -function getXsAppTemplateJson() { - return { - "welcomeFile": "/index.html", - "authenticationMethod": "route", - "routes": [ - { - "source": "^/service/(.*)$", - "target": "$1", - "destination": "overwrite-me", - "authenticationType": "xsuaa", - "csrfProtection": false - }, - { - "source": "^/resources/(.*)$", - "target": "/resources/$1", - "authenticationType": "none", - "destination": "ui5" - }, - { - "source": "^/test-resources/(.*)$", - "target": "/test-resources/$1", - "authenticationType": "none", - "destination": "ui5" - }, - { - "source": "^(.*)$", - "target": "$1", - "service": "html5-apps-repo-rt", - "authenticationType": "xsuaa" - } - ] - } - -} - -function getSrvDestination(destinations) { - let destinationsJSON = JSON.parse(destinations); - for (let key in destinationsJSON) { - if(destinationsJSON[key].service === "srv") { - return key; - } - } -} - -if (process.argv[1].endsWith('prepareUiFiles.js')) { - // Run in standalone mode - prepareUiFiles('.', { cloudService: process.argv[2], destinations: process.argv[3] }); -} else { - module.exports = prepareUiFiles; -} \ No newline at end of file diff --git a/values.yaml b/values.yaml deleted file mode 100644 index 6439db80..00000000 --- a/values.yaml +++ /dev/null @@ -1,43 +0,0 @@ -global: - # >>> Execute the following command to receive the domain: - # $ kubectl get gateway -n kyma-system kyma-gateway -o jsonpath='{.spec.servers[0].hosts[0]}' - # Remove the leading "*." - domain: null - imagePullSecret: - name: container-registry -hana_deployer: - image: - # >>> Replace with your container registry - repository: /bookshop-hana-deployer - tag: latest - bindings: - hana: - fromSecret: bookshop-db -html5_apps_deployer: - cloudService: java.bookshop - backendDestinations: - bookshop-srv: - service: srv - image: - # >>> Replace with your container registry - repository: /bookshop-html5-deployer - tag: latest -srv: - bindings: - db: - fromSecret: bookshop-db - image: - # >>> Replace with your container registry - repository: /bookshop-srv - tag: latest - env: - SPRING_PROFILES_ACTIVE: cloud - resources: - limits: - cpu: 2000m - ephemeral-storage: 1G - memory: 2G - requests: - cpu: 1000m - ephemeral-storage: 1G - memory: 2G From 2eadd1937b7def091832c07dea6e5c88a1fe607d Mon Sep 17 00:00:00 2001 From: I524884 Date: Wed, 1 Feb 2023 10:25:44 +0530 Subject: [PATCH 03/17] use java 17 for building srv --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 25c532a8..afa00b12 100644 --- a/README.md +++ b/README.md @@ -330,7 +330,7 @@ pack build $YOUR_CONTAINER_REGISTRY/bookshop-srv \ --buildpack gcr.io/paketo-buildpacks/java \ --builder paketobuildpacks/builder:base \ --env SPRING_PROFILES_ACTIVE=cloud \ - --env BP_JVM_VERSION=11 + --env BP_JVM_VERSION=17 ``` **Build Approuter Image:** From bdde41ead406d7ac7fddddbb4f9d751c96aae69e Mon Sep 17 00:00:00 2001 From: I524884 Date: Mon, 13 Feb 2023 10:41:20 +0530 Subject: [PATCH 04/17] add multitenancy steps --- README.md | 153 +++++++++++++++++++++++++++++------- kyma-mt.json | 28 +++++++ kyma-st.json | 32 ++++++++ scripts/create-sm-secret.sh | 96 ++++++++++++++++++++++ 4 files changed, 282 insertions(+), 27 deletions(-) create mode 100644 kyma-mt.json create mode 100644 kyma-st.json create mode 100755 scripts/create-sm-secret.sh diff --git a/README.md b/README.md index ef6b0aae..8aa9a543 100644 --- a/README.md +++ b/README.md @@ -244,7 +244,10 @@ Before you can access the UI using the (tenant-specific) URL to the bookshop(-mt ### Add Deployment Files -CAP tooling provides your a Helm chart for deployment to Kyma. +CAP tooling provides you a Helm chart for deployment to Kyma. + +For single tenant deployment, replace the contents of _`cdsrc.json`_ with _`kyma-st.json`_. +For multi tenant deployment, replace the contents of _`cdsrc.json`_ with _`kyma-mt.json`_. Add the CAP Helm chart with the required features to this project: @@ -252,12 +255,45 @@ Add the CAP Helm chart with the required features to this project: cds add helm ``` -#### Helm chart configuration +#### Use API_BUSSINESS_PARTNER Remote Service (optional, single tenant only) + +You can try the `API_BUSINESS_PARTNER` service with a real S/4HANA system with the following configuration: + +1. Create either an on-premise or cloud destination in your subaccount. + +2. Add the binding to the destination service for the service (`srv`) to the `values.yaml` file: + + ```yaml + srv: + ... + bindings: + ... + destinations: + serviceInstanceName: destinations + ``` + + (The destination service instance is already configured) + +3. Set the profiles `cloud` and `destination` active in your `values.yaml` file: + + ```yaml + srv: + ... + env: + SPRING_PROFILES_ACTIVE: cloud,destination + # TODO: To be removed after @sap/cds-dk patch + CDS_ENVIRONMENT_K8S_SERVICEBINDINGS_CONNECTIVITY_SECRETSPATH: '/bindings/connectivity' + CDS_ENVIRONMENT_K8S_SERVICEBINDINGS_CONNECTIVITY_SERVICE: 'connectivity' + ``` + +4. For on-premise only: Add the connectivity service to your Helm chart: -This project contains a pre-configured configuration file `values.yaml`, you just need to do the following changes in this file: + ```bash + cds add helm:connectivity + ``` + +*See also: [API_BUSINESS_PARTNER Remote Service and Spring Profiles](#api_business_partner-remote-service-and-spring-profiles)* -- `` - full-qualified hostname of your container registry -- `domain`- full-qualified domain name used to access applications in your Kyma cluster ### Prepare Kubernetes Namespace #### Create container registry secret @@ -270,18 +306,28 @@ bash ./scripts/create-container-registry-secret.sh The *Docker Server* is the full qualified hostname of your container registry. -#### Create a HDI container and a secret +#### Create a HDI container / Service Manager Instance and a Secret This step is only required if you're using a BTP Trial account. If you're using a production or a free tier account then you can create HDI Container from Kyma directly by adding a [mapping to your Kyma namespace in your HANA Cloud Instance](https://blogs.sap.com/2022/12/15/consuming-sap-hana-cloud-from-the-kyma-environment/) and skip this step. +##### Single Tenant + ``` bash ./scripts/create-db-secret.sh bookshop-db ``` -It will create a HDI container `bookshop-db` on your currently targeted Cloud Foundry space and creates a secret `bookshop-db` with the HDI container's credentials in your current Kubernetes namespace. +##### Multi Tenant + +``` +bash ./scripts/create-sm-secret.sh bookshop-sm +``` + +It will create a HDI container `bookshop-db` (single tenant) or a Service Manager `bookshop-sm` (multi tenant) instance on your currently targeted Cloud Foundry space and creates a secret `bookshop-db/sm` with the credentials in your current Kubernetes namespace. Make the following changes to your _`chart/values.yaml`_. +##### Single Tenant + ```diff srv: bindings: @@ -302,22 +348,33 @@ hana-deployer: - servicePlanName: hdi-shared ``` -### Build +##### Multi Tenant -**Build data base deployer image:** +```diff +srv: + bindings: + service-manager: +- serviceInstanceName: service-manager ++ fromSecret: bookshop-sm +... -```bash -cds build --production +sidecar: + bindings: + service-manager: +- serviceInstanceName: service-manager ++ fromSecret: bookshop-sm -pack build $YOUR_CONTAINER_REGISTRY/bookshop-hana-deployer \ - --path db \ - --buildpack gcr.io/paketo-buildpacks/nodejs \ - --builder paketobuildpacks/builder:base \ - --env BP_NODE_RUN_SCRIPTS="" +... +- service_manager: +- serviceOfferingName: service-manager +- servicePlanName: container ``` -(Replace `$YOUR_CONTAINER_REGISTRY` with the full-qualified hostname of your container registry) +### Build +```bash +cds build --production +``` **Build image for CAP service:** @@ -335,6 +392,8 @@ pack build $YOUR_CONTAINER_REGISTRY/bookshop-srv \ --env BP_JVM_VERSION=17 ``` +(Replace `$YOUR_CONTAINER_REGISTRY` with the full-qualified hostname of your container registry) + **Build Approuter Image:** ```bash @@ -345,25 +404,59 @@ pack build $YOUR_CONTAINER_REGISTRY/bookshop-approuter \ --env BP_NODE_RUN_SCRIPTS="" ``` -### Push container images +**Build data base deployer image (single tenant only):** -You can push all the container images to your container registry, using: +```bash +pack build $YOUR_CONTAINER_REGISTRY/bookshop-hana-deployer \ + --path db \ + --buildpack gcr.io/paketo-buildpacks/nodejs \ + --builder paketobuildpacks/builder:base \ + --env BP_NODE_RUN_SCRIPTS="" +``` +**Build sidecar image (multi tenant only):** + +```bash +pack build $YOUR_CONTAINER_REGISTRY/bookshop-sidecar \ + --path mtx/sidecar/gen \ + --buildpack gcr.io/paketo-buildpacks/nodejs \ + --builder paketobuildpacks/builder:base \ + --env BP_NODE_RUN_SCRIPTS="" ``` -docker push $YOUR_CONTAINER_REGISTRY/bookshop-hana-deployer +### Push container images + +You can push all the container images to your container registry, using: + +```bash docker push $YOUR_CONTAINER_REGISTRY/bookshop-srv docker push $YOUR_CONTAINER_REGISTRY/bookshop-approuter ``` +#### Single Tenant + +```bash +docker push $YOUR_CONTAINER_REGISTRY/bookshop-hana-deployer +``` + +#### Multi Tenant + +```bash +docker push $YOUR_CONTAINER_REGISTRY/bookshop-sidecar +``` + ### Deployment -1. Replace `` in `xsuaa.parameters.oauth2-configuration.redirect-uris` with you cluster domain in _`chart/values.yaml`_. +Make the following changes in the _`chart/values.yaml`_ file. + +1. Change value of `global.domain` key to your cluster domain. -2. Replace `` with your container registry in _`chart/values.yaml`_. +2. Replace `` in `xsuaa.parameters.oauth2-configuration.redirect-uris` with your cluster domain. -3. Make the following change to add backend destinations required by Approuter. +3. Replace `` with your container registry. + +4. Make the following change to add backend destinations required by Approuter. ```diff - backendDestinations: {} @@ -372,7 +465,7 @@ docker push $YOUR_CONTAINER_REGISTRY/bookshop-approuter + service: srv ``` -4. Add your image registry secret created in [Create container registry secret](#create-container-registry-secret) step. +5. Add your image registry secret created in [Create container registry secret](#create-container-registry-secret) step. ```diff global: @@ -382,15 +475,21 @@ global: + name: container-registry ``` -5. Deploy the helm chart using the following command: +Deploy the helm chart using the following command: ```bash helm upgrade bookshop ./chart --install ``` -5. Before you can access the UI you should make sure to [Setup Authorizations in SAP Business Technology Platform](#setup-authorizations-in-sap-business-technology-platform). +#### Single Tenant + +Before you can access the UI you should make sure to [Setup Authorizations in SAP Business Technology Platform](#setup-authorizations-in-sap-business-technology-platform). + +Click on the approuter url logged by the `helm upgrade` to access the UI. + +#### Multi Tenant -6. Click on the approuter url logged by the `helm upgrade` to access the UI. +In case of multi tenant, you'll have to subscribe to the application from a different subaccount. You can follow the steps mentioned [here](https://cap.cloud.sap/docs/guides/deployment/as-saas#subscribe) to access the application. ## Setup Authorizations in SAP Business Technology Platform diff --git a/kyma-mt.json b/kyma-mt.json new file mode 100644 index 00000000..e92c2397 --- /dev/null +++ b/kyma-mt.json @@ -0,0 +1,28 @@ +{ + "requires": { + "multitenancy": true, + "auth": { + "kind": "xsuaa" + }, + "approuter": { + "kind": "cloudfoundry" + } + }, + "build": { + "target": ".", + "tasks": [ + { + "for": "java" + }, + { + "for": "mtx-sidecar" + }, + { + "for": "hana" + } + ] + }, + "hana": { + "deploy-format": "hdbtable" + } +} \ No newline at end of file diff --git a/kyma-st.json b/kyma-st.json new file mode 100644 index 00000000..21aa9d1a --- /dev/null +++ b/kyma-st.json @@ -0,0 +1,32 @@ +{ + "build": { + "target": ".", + "tasks": [ + { + "for": "java" + }, + { + "for": "mtx", + "src": ".", + "dest": "mtx-sidecar" + }, + { + "for": "hana" + } + ] + }, + "hana": { + "deploy-format": "hdbtable" + }, + "requires": { + "auth": { + "kind": "xsuaa" + }, + "approuter": { + "kind": "cloudfoundry" + }, + "db": { + "kind": "hana-cloud" + } + } +} \ No newline at end of file diff --git a/scripts/create-sm-secret.sh b/scripts/create-sm-secret.sh new file mode 100755 index 00000000..aecc9ada --- /dev/null +++ b/scripts/create-sm-secret.sh @@ -0,0 +1,96 @@ +#!/bin/bash + +set -e +cd "$(dirname "$(dirname "$0")")" + +npm install --no-save yaml + +function value() { + node ./scripts/value.js "$1" +} + +NAME="$1" +if [ "$NAME" == "" ]; then + if [ ! -f "chart/values.yaml" ]; then + echo >&2 "[ERROR] Please either specify the name for the service manager secret or maintain it in the Helm chart" + exit 1 + fi + NAME="$(value .srv.bindings.db.fromSecret)" + if [ "$NAME" == "" -o "$NAME" == "" ]; then + echo >&2 "[ERROR] Please either specify the name for the service manager secret or maintain it in the Helm chart" + exit 1 + fi +fi + +SECRET_HEADER="$(cat </dev/null >/dev/null service $NAME || cf create-service service-manager container $NAME +while true; do + STATUS="$(cf 2>/dev/null service $NAME | grep status: | head -n 1)" + echo $STATUS + if [[ "$STATUS" = *succeeded* ]]; then + break + fi + sleep 1 +done + +cf create-service-key $NAME $NAME-key + +node "$(dirname "$0")/format-kyma-secret.js" -- "$(echo "$SECRET_HEADER")" "$(cf service-key $NAME $NAME-key)" | kubectl apply -f - +echo +echo "Service Manager container secret '$NAME' created." +echo +echo "You can view it using:" +echo +echo "kubectl get secret $NAME -o yaml" +exit 0 \ No newline at end of file From b55873e85d5be90fecf1547a4b4b95c15eada66c Mon Sep 17 00:00:00 2001 From: I524884 Date: Mon, 13 Feb 2023 10:46:30 +0530 Subject: [PATCH 05/17] minor changes --- .cdsrc.json | 44 ++++++++++++++++++++++---------------------- README.md | 2 +- 2 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.cdsrc.json b/.cdsrc.json index e8572818..18e0d84d 100644 --- a/.cdsrc.json +++ b/.cdsrc.json @@ -1,24 +1,24 @@ { - "requires": { - "multitenancy": true, - "extensibility": true, - "toggles": true - }, - "build": { - "target": ".", - "tasks": [ - { - "for": "java" - }, - { - "for": "mtx-sidecar" - }, - { - "for": "hana" - } - ] - }, - "hana": { - "deploy-format": "hdbtable" - } + "requires": { + "multitenancy": true, + "extensibility": true, + "toggles": true + }, + "build": { + "target": ".", + "tasks": [ + { + "for": "java" + }, + { + "for": "mtx-sidecar" + }, + { + "for": "hana" + } + ] + }, + "hana": { + "deploy-format": "hdbtable" + } } \ No newline at end of file diff --git a/README.md b/README.md index 8aa9a543..e844d573 100644 --- a/README.md +++ b/README.md @@ -322,7 +322,7 @@ bash ./scripts/create-db-secret.sh bookshop-db bash ./scripts/create-sm-secret.sh bookshop-sm ``` -It will create a HDI container `bookshop-db` (single tenant) or a Service Manager `bookshop-sm` (multi tenant) instance on your currently targeted Cloud Foundry space and creates a secret `bookshop-db/sm` with the credentials in your current Kubernetes namespace. +It will create a HDI container `bookshop-db` (single tenant) or a Service Manager `bookshop-sm` (multi tenant) instance on your currently targeted Cloud Foundry space and creates a secret `bookshop-db` (single tenant) or `bookshop-sm` (multi tenant) with the credentials in your current Kubernetes namespace. Make the following changes to your _`chart/values.yaml`_. From f9c127bc80461109f61915c500d670a8498bf04d Mon Sep 17 00:00:00 2001 From: I524884 Date: Thu, 2 Mar 2023 12:40:03 +0530 Subject: [PATCH 06/17] update documentation to 6.6.0 --- README.md | 22 +++++++--------------- 1 file changed, 7 insertions(+), 15 deletions(-) diff --git a/README.md b/README.md index ac0e5d11..4aa66dbc 100644 --- a/README.md +++ b/README.md @@ -241,7 +241,7 @@ Before you can access the UI using the (tenant-specific) URL to the bookshop(-mt - Container Registry (e.g. [Docker Hub](https://hub.docker.com/)) - Command Line Tools: [`kubectl`](https://kubernetes.io/de/docs/tasks/tools/install-kubectl/), [`kubectl-oidc_login`](https://github.com/int128/kubelogin#setup), [`pack`](https://buildpacks.io/docs/tools/pack/), [`docker`](https://docs.docker.com/get-docker/), [`helm`](https://helm.sh/docs/intro/install/), [`cf`](https://docs.cloudfoundry.org/cf-cli/install-go-cli.html) - Logged into Kyma Runtime (with `kubectl` CLI), Cloud Foundry space (with `cf` CLI) and Container Registry (with `docker login`) -- `@sap/cds-dk` >= 6.5.0 +- `@sap/cds-dk` >= 6.6.0 ### Add Deployment Files @@ -262,19 +262,12 @@ You can try the `API_BUSINESS_PARTNER` service with a real S/4HANA system with t 1. Create either an on-premise or cloud destination in your subaccount. -2. Add the binding to the destination service for the service (`srv`) to the `values.yaml` file: +2. Add configuration required for the destination service by executing the following command. - ```yaml - srv: - ... - bindings: - ... - destinations: - serviceInstanceName: destinations + ```bash + cds add destination ``` - (The destination service instance is already configured) - 3. Set the profiles `cloud` and `destination` active in your `values.yaml` file: ```yaml @@ -282,9 +275,6 @@ You can try the `API_BUSINESS_PARTNER` service with a real S/4HANA system with t ... env: SPRING_PROFILES_ACTIVE: cloud,destination - # TODO: To be removed after @sap/cds-dk patch - CDS_ENVIRONMENT_K8S_SERVICEBINDINGS_CONNECTIVITY_SECRETSPATH: '/bindings/connectivity' - CDS_ENVIRONMENT_K8S_SERVICEBINDINGS_CONNECTIVITY_SERVICE: 'connectivity' ``` 4. For on-premise only: Add the connectivity service to your Helm chart: @@ -293,6 +283,8 @@ You can try the `API_BUSINESS_PARTNER` service with a real S/4HANA system with t cds add connectivity ``` +5. `cds add helm` will not add configuration required to create a Connectivity Service Instance. This Service Instance should be created by the Kyma Cluster Administrator. For more information regarding configuration of Connectivity Instance, please check the [documentation](https://cap.cloud.sap/docs/guides/deployment/deploy-to-kyma#connectivity-service). + *See also: [API_BUSINESS_PARTNER Remote Service and Spring Profiles](#api_business_partner-remote-service-and-spring-profiles)* ### Prepare Kubernetes Namespace @@ -366,7 +358,7 @@ sidecar: + fromSecret: bookshop-sm ... -- service_manager: +- service-manager: - serviceOfferingName: service-manager - servicePlanName: container ``` From d48f1f544be8da5c7836b58c7a33b9cc4402cada Mon Sep 17 00:00:00 2001 From: I524884 Date: Thu, 2 Mar 2023 14:30:09 +0530 Subject: [PATCH 07/17] add option to set xsuaa parameters --- README.md | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 4aa66dbc..25f95f69 100644 --- a/README.md +++ b/README.md @@ -439,7 +439,7 @@ docker push $YOUR_CONTAINER_REGISTRY/bookshop-hana-deployer docker push $YOUR_CONTAINER_REGISTRY/bookshop-sidecar ``` -### Deployment +### Configuration Make the following changes in the _`chart/values.yaml`_ file. @@ -468,20 +468,26 @@ global: + name: container-registry ``` +### Deployment + Deploy the helm chart using the following command: +#### Single Tenant + ```bash -helm upgrade bookshop ./chart --install +helm install bookshop ./chart --set-file xsuaa.jsonParameters=xs-security.json ``` -#### Single Tenant - Before you can access the UI you should make sure to [Setup Authorizations in SAP Business Technology Platform](#setup-authorizations-in-sap-business-technology-platform). Click on the approuter url logged by the `helm upgrade` to access the UI. #### Multi Tenant +```bash +helm install bookshop ./chart --set-file xsuaa.jsonParameters=xs-security-mt.json +``` + In case of multi tenant, you'll have to subscribe to the application from a different subaccount. You can follow the steps mentioned [here](https://cap.cloud.sap/docs/guides/deployment/as-saas#subscribe) to access the application. ## Setup Authorizations in SAP Business Technology Platform From 4e457a952e68765c9dcbb161902f3f2b2573fb4e Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Fri, 3 Mar 2023 16:07:20 +0100 Subject: [PATCH 08/17] Update .cdsrc.json --- .cdsrc.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.cdsrc.json b/.cdsrc.json index 18e0d84d..7256486f 100644 --- a/.cdsrc.json +++ b/.cdsrc.json @@ -21,4 +21,4 @@ "hana": { "deploy-format": "hdbtable" } -} \ No newline at end of file +} From 3e688081261ab2a4d606b5bfe0f0ff9ecc246c60 Mon Sep 17 00:00:00 2001 From: I524884 Date: Thu, 16 Mar 2023 11:12:30 +0530 Subject: [PATCH 09/17] add extensibility and toggles to kyma mt config --- README.md | 2 +- kyma-mt.json | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 25f95f69..afa839bd 100644 --- a/README.md +++ b/README.md @@ -480,7 +480,7 @@ helm install bookshop ./chart --set-file xsuaa.jsonParameters=xs-security.json Before you can access the UI you should make sure to [Setup Authorizations in SAP Business Technology Platform](#setup-authorizations-in-sap-business-technology-platform). -Click on the approuter url logged by the `helm upgrade` to access the UI. +Click on the approuter url logged by the `helm install` to access the UI. #### Multi Tenant diff --git a/kyma-mt.json b/kyma-mt.json index e92c2397..1b62d10b 100644 --- a/kyma-mt.json +++ b/kyma-mt.json @@ -1,6 +1,8 @@ { "requires": { "multitenancy": true, + "extensibility": true, + "toggles": true, "auth": { "kind": "xsuaa" }, From 8c1116de5126e5e5a2aa08c7e9057f5ebd2eddc1 Mon Sep 17 00:00:00 2001 From: I524884 Date: Thu, 16 Mar 2023 11:13:44 +0530 Subject: [PATCH 10/17] typo --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index afa839bd..1dead045 100644 --- a/README.md +++ b/README.md @@ -247,8 +247,8 @@ Before you can access the UI using the (tenant-specific) URL to the bookshop(-mt CAP tooling provides you a Helm chart for deployment to Kyma. -For single tenant deployment, replace the contents of _`cdsrc.json`_ with _`kyma-st.json`_. -For multi tenant deployment, replace the contents of _`cdsrc.json`_ with _`kyma-mt.json`_. +For single tenant deployment, replace the contents of _`.cdsrc.json`_ with _`kyma-st.json`_. +For multi tenant deployment, replace the contents of _`.cdsrc.json`_ with _`kyma-mt.json`_. Add the CAP Helm chart with the required features to this project: From 1655a4424a3c8b545c20d1e6e750ee1129335b04 Mon Sep 17 00:00:00 2001 From: I524884 Date: Fri, 17 Mar 2023 10:05:56 +0530 Subject: [PATCH 11/17] refactoring --- README.md | 20 ++++++++++---------- kyma-st.json | 4 +--- 2 files changed, 11 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index 1dead045..69f9bbf4 100644 --- a/README.md +++ b/README.md @@ -283,7 +283,7 @@ You can try the `API_BUSINESS_PARTNER` service with a real S/4HANA system with t cds add connectivity ``` -5. `cds add helm` will not add configuration required to create a Connectivity Service Instance. This Service Instance should be created by the Kyma Cluster Administrator. For more information regarding configuration of Connectivity Instance, please check the [documentation](https://cap.cloud.sap/docs/guides/deployment/deploy-to-kyma#connectivity-service). + Note: `cds add helm` will not add configuration required to create a Connectivity Service Instance. This Service Instance should be created by the Kyma Cluster Administrator. For more information regarding configuration of Connectivity Instance, please check the [documentation](https://cap.cloud.sap/docs/guides/deployment/deploy-to-kyma#connectivity-service). *See also: [API_BUSINESS_PARTNER Remote Service and Spring Profiles](#api_business_partner-remote-service-and-spring-profiles)* @@ -309,18 +309,10 @@ This step is only required if you're using a BTP Trial account. If you're using bash ./scripts/create-db-secret.sh bookshop-db ``` -##### Multi Tenant - -``` -bash ./scripts/create-sm-secret.sh bookshop-sm -``` - -It will create a HDI container `bookshop-db` (single tenant) or a Service Manager `bookshop-sm` (multi tenant) instance on your currently targeted Cloud Foundry space and creates a secret `bookshop-db` (single tenant) or `bookshop-sm` (multi tenant) with the credentials in your current Kubernetes namespace. +It will create a HDI container `bookshop-db` instance on your currently targeted Cloud Foundry space and a secret `bookshop-db` with the credentials in your current Kubernetes namespace. Make the following changes to your _`chart/values.yaml`_. -##### Single Tenant - ```diff srv: bindings: @@ -343,6 +335,14 @@ hana-deployer: ##### Multi Tenant +``` +bash ./scripts/create-sm-secret.sh bookshop-sm +``` + +It will create a Service Manager `bookshop-sm` instance on your currently targeted Cloud Foundry space and a secret `bookshop-sm` with the credentials in your current Kubernetes namespace. + +Make the following changes to your _`chart/values.yaml`_. + ```diff srv: bindings: diff --git a/kyma-st.json b/kyma-st.json index 21aa9d1a..39bef6a3 100644 --- a/kyma-st.json +++ b/kyma-st.json @@ -6,9 +6,7 @@ "for": "java" }, { - "for": "mtx", - "src": ".", - "dest": "mtx-sidecar" + "for": "mtx-sidecar" }, { "for": "hana" From 22ff9ae2d5f91becdeee38346e8754298d0a3793 Mon Sep 17 00:00:00 2001 From: I524884 Date: Fri, 17 Mar 2023 10:37:46 +0530 Subject: [PATCH 12/17] add destination --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 69f9bbf4..af4f7941 100644 --- a/README.md +++ b/README.md @@ -456,6 +456,8 @@ Make the following changes in the _`chart/values.yaml`_ file. + backendDestinations: + backend: + service: srv ++ mtx-api: ++ service: srv ``` 5. Add your image registry secret created in [Create container registry secret](#create-container-registry-secret) step. From 8156365351e4cb090b3c8e226505ad551ea12158 Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Fri, 17 Mar 2023 13:54:34 +0100 Subject: [PATCH 13/17] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index af4f7941..7fc4431e 100644 --- a/README.md +++ b/README.md @@ -397,7 +397,7 @@ pack build $YOUR_CONTAINER_REGISTRY/bookshop-approuter \ --env BP_NODE_RUN_SCRIPTS="" ``` -**Build data base deployer image (single tenant only):** +**Build database deployer image (single tenant only):** ```bash pack build $YOUR_CONTAINER_REGISTRY/bookshop-hana-deployer \ From a5ff714964349322aec88e31cc536ab2c91bdbac Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Fri, 17 Mar 2023 14:02:17 +0100 Subject: [PATCH 14/17] Update kyma-st.json cosmetics --- kyma-st.json | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/kyma-st.json b/kyma-st.json index 39bef6a3..e5091226 100644 --- a/kyma-st.json +++ b/kyma-st.json @@ -1,4 +1,15 @@ { + "requires": { + "auth": { + "kind": "xsuaa" + }, + "approuter": { + "kind": "cloudfoundry" + }, + "db": { + "kind": "hana-cloud" + } + }, "build": { "target": ".", "tasks": [ @@ -15,16 +26,5 @@ }, "hana": { "deploy-format": "hdbtable" - }, - "requires": { - "auth": { - "kind": "xsuaa" - }, - "approuter": { - "kind": "cloudfoundry" - }, - "db": { - "kind": "hana-cloud" - } } -} \ No newline at end of file +} From 510ce3cafb0a396b34e9cd6ef146dc7e83f7ddf7 Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Fri, 17 Mar 2023 14:08:40 +0100 Subject: [PATCH 15/17] Put instructions for .cdsrc.json adaptions into README --- README.md | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 7fc4431e..f202886c 100644 --- a/README.md +++ b/README.md @@ -247,8 +247,37 @@ Before you can access the UI using the (tenant-specific) URL to the bookshop(-mt CAP tooling provides you a Helm chart for deployment to Kyma. -For single tenant deployment, replace the contents of _`.cdsrc.json`_ with _`kyma-st.json`_. -For multi tenant deployment, replace the contents of _`.cdsrc.json`_ with _`kyma-mt.json`_. +For single tenant deployment, replace the `requires` section in _`.cdsrc.json`_ with: + +``` + "requires": { + "auth": { + "kind": "xsuaa" + }, + "approuter": { + "kind": "cloudfoundry" + }, + "db": { + "kind": "hana-cloud" + } + }, +``` + +For multi tenant deployment, replace the `requires` section in _`.cdsrc.json`_ with: + +``` + "requires": { + "multitenancy": true, + "extensibility": true, + "toggles": true, + "auth": { + "kind": "xsuaa" + }, + "approuter": { + "kind": "cloudfoundry" + } + }, +``` Add the CAP Helm chart with the required features to this project: From c59f9e7d0a4f696b9d690f3b4510a3eba33972ff Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Fri, 17 Mar 2023 14:08:53 +0100 Subject: [PATCH 16/17] Delete kyma-mt.json --- kyma-mt.json | 30 ------------------------------ 1 file changed, 30 deletions(-) delete mode 100644 kyma-mt.json diff --git a/kyma-mt.json b/kyma-mt.json deleted file mode 100644 index 1b62d10b..00000000 --- a/kyma-mt.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "requires": { - "multitenancy": true, - "extensibility": true, - "toggles": true, - "auth": { - "kind": "xsuaa" - }, - "approuter": { - "kind": "cloudfoundry" - } - }, - "build": { - "target": ".", - "tasks": [ - { - "for": "java" - }, - { - "for": "mtx-sidecar" - }, - { - "for": "hana" - } - ] - }, - "hana": { - "deploy-format": "hdbtable" - } -} \ No newline at end of file From 8aeeb7151a6c9455e421a452c842c024b54af9e0 Mon Sep 17 00:00:00 2001 From: Marc Becker Date: Fri, 17 Mar 2023 14:09:03 +0100 Subject: [PATCH 17/17] Delete kyma-st.json --- kyma-st.json | 30 ------------------------------ 1 file changed, 30 deletions(-) delete mode 100644 kyma-st.json diff --git a/kyma-st.json b/kyma-st.json deleted file mode 100644 index e5091226..00000000 --- a/kyma-st.json +++ /dev/null @@ -1,30 +0,0 @@ -{ - "requires": { - "auth": { - "kind": "xsuaa" - }, - "approuter": { - "kind": "cloudfoundry" - }, - "db": { - "kind": "hana-cloud" - } - }, - "build": { - "target": ".", - "tasks": [ - { - "for": "java" - }, - { - "for": "mtx-sidecar" - }, - { - "for": "hana" - } - ] - }, - "hana": { - "deploy-format": "hdbtable" - } -}