Tyk single dc (#50)

* # This is a combination of 3 commits.
	# This is the 1st commit message:

TT-8517, working vers

TT-8517, added missing files

TT-8517, more cleanup and testing

* TT-8517, cleanup

* TT-8517, cleanup

* TT-8517, more single dc work

* TT-8517, values .yaml

* Pre-release: removed comments and added minor modifications2

* Tyk-single-dc cleanup

* Added required modifications from code review

* Added required modifications from code review

* Added Readmes and deleted useless comments

* Fixed versions and dependencies

* Fixed CR comments and tests

* Fixed CR comments and tests

* Added required newline for linting

* Added required newline for linting

* Fixed linter issues

* Fixed tests

* Fixed wrong replace

* Fixed wrong name of secret

* Fixed test mistake

* Update .github/workflows/run-tests.yaml

* Remove password from values file of Single DC

* Fix integration tests github action

* Fix command

* Trying to fix command

* Update git ignore

* Remove duplicate environment variables

* Remove charts file

* Fix tests

* Fail if the components are not available

* Fix single dc checks

* Fix integration tests

* Remove wrong environment variable from dashboard deployment

* Add information about mongo/postgres in Readme of tyk-single-dc and tyk-dashboard

* Add environment variable to bootstrap dashboard

* Move global section to the top

* Fix all the references of tls

* Remove extra global section

* Fix dashboard connection string

* Remove environment variables related to hybrid gateways

* Fixes for gw/dash ports being taken from multiple sources

* Fixed linting issues.

* Fixed default redis link

* Fixed case for random deployment name on tests

* Update components/tyk-bootstrap/Chart.yaml

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Update components/tyk-bootstrap/README.md

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Update components/tyk-bootstrap/README.md

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Update components/tyk-bootstrap/README.md

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Update components/tyk-bootstrap/README.md

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Update components/tyk-bootstrap/values.yaml

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Update components/tyk-dashboard/README.md

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Update components/tyk-dashboard/README.md

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Update components/tyk-dashboard/README.md

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Update tyk-single-dc/README.md

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Update tyk-single-dc/README.md

Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

* Updated readme and various documentation changes

* Changed boolean to false to fix tyk-gateway component failing to start

---------

Co-authored-by: Komal Sukhani <komaldsukhani@gmail.com>
Co-authored-by: caroltyk <97617859+caroltyk@users.noreply.github.com>

.github/workflows/run-tests.yaml

@@ -7,9 +7,10 @@ on:
       - master
 
 env:
-  TIMEOUT: 10m
+  TIMEOUT: 15m
   TYK_OSS_NS: tyk-oss
   TYK_MDCB_DATAPLANE_NS: tyk-mdcb-dataplane
+  TYK_SINGLE_DC_NS: tyk-single-dc
 
 jobs:
   lint-test:
@@ -77,6 +78,34 @@ jobs:
           helm uninstall redis -n ${{ env.TYK_OSS_NS }} --timeout ${{ env.TIMEOUT }}
           kubectl delete namespace ${{ env.TYK_OSS_NS }}
 
+      # Tyk Single Data Center tests
+      - name: Deploy Tyk Single Data Center and dependencies
+        run: |
+          kubectl create namespace ${{ env.TYK_SINGLE_DC_NS }}
+
+          # Do not change the name
+          # Install redis
+          helm install redis simple-redis --wait --repo 'https://helm.tyk.io/public/helm/charts/' -n ${{ env.TYK_SINGLE_DC_NS }} --timeout ${{ env.TIMEOUT }}
+         
+          # Install mongo
+          helm install mongo simple-mongodb --wait --repo 'https://helm.tyk.io/public/helm/charts/' -n ${{ env.TYK_SINGLE_DC_NS }} --timeout ${{ env.TIMEOUT }}
+
+          helm dependency update ./tyk-single-dc
+
+      - name: Run chart-testing (install)
+        run: |
+             ct install --namespace ${{ env.TYK_SINGLE_DC_NS }} --charts ./tyk-single-dc --helm-extra-set-args "--wait=true" \
+              --helm-extra-set-args "--set=global.mongo.mongoURL=mongodb://mongo.tyk-single-dc.svc.cluster.local:27017/tyk_analytics \
+              --set=global.redis.addrs[0]=redis.tyk-single-dc.svc.cluster.local:6379 \
+              --set=global.license.dashboard=${{ secrets.DASH_LICENSE }}"
+
+      - name: Uninstall Tyk Single DC Dependencies
+        run: |
+          helm uninstall redis -n ${{ env.TYK_SINGLE_DC_NS }} --timeout ${{ env.TIMEOUT }}
+          helm uninstall mongo -n ${{ env.TYK_SINGLE_DC_NS }} --timeout ${{ env.TIMEOUT }} 
+          kubectl delete namespace ${{ env.TYK_SINGLE_DC_NS }}
+      
+
       # Tyk MDCB Data Plane tests
       - name: Deploy Tyk MDCB Data Plane and Dependencies
         run: |

.gitignore

@@ -6,3 +6,6 @@ tyk-oss/Chart.lock
 tyk-mdcb-data-plane/charts/*
 tyk-mdcb-data-plane/Chart.lock
 
+tyk-single-dc/charts/*
+tyk-single-dc/Chart.lock
+

components/tyk-bootstrap/.helmignore

@@ -0,0 +1,23 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/

components/tyk-bootstrap/Chart.yaml

@@ -0,0 +1,24 @@
+apiVersion: v2
+name: tyk-bootstrap
+description: A Helm chart for a Kubernetes job that bootstraps the Tyk Dashboard and creates secrets for Tyk Operator and Tyk Developer Portal
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 1.0.0-beta3
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.3.0"

components/tyk-bootstrap/README.md

@@ -0,0 +1,37 @@
+## Tyk Bootstrap
+
+## Introduction
+This chart helps with the bootstrapping of the Tyk Dashboard by creating a job which provisions the cluster with all the required secrets/configmaps/HTTP initialization calls on [Kubernetes](https://kubernetes.io/) cluster using the [Helm](https://helm.sh/) package manager.
+
+The chart provides little benefits by itself and should only be used in conjunction with other charts that also use the dashboard component.
+
+## Prerequisites
+* Kuberentes 1.19+
+* Helm 3+
+
+## Installing the Chart
+
+To install the chart from the Helm repository in namespace `tyk` with the release name `tyk-bootstrap`:
+
+    helm repo add tyk-helm https://helm.tyk.io/public/helm/charts/
+    helm show values tyk-helm/tyk-bootstrap > values-bootstrap.yaml --devel
+    helm install tyk-bootstrap tyk-helm/tyk-bootstrap -n tyk --create-namespace -f values-bootstrap.yaml --devel
+
+
+
+## Uninstalling the Chart
+
+    helm uninstall tyk-bootstrap -n tyk
+
+This removes all the Kubernetes components associated with the chart and deletes the release.
+
+## Upgrading Chart
+
+    helm upgrade tyk-bootstrap tyk-helm/tyk-bootstrap -n tyk
+
+## Configuration
+See [Customizing the Chart Before Installing](https://helm.sh/docs/intro/using_helm/#customizing-the-chart-before-installing). To get all configurable options with detailed comments:
+
+    helm show values tyk-helm/tyk-bootstrap > values-bootstrap.yaml --devel
+
+You can update any value in your local values.yaml file and use `-f [filename]` flag to override default values during installation. Alternatively, you can use `--set` flag to set it in Tyk installation.

components/tyk-bootstrap/templates/_helpers.tpl

@@ -0,0 +1,90 @@
+{{- /*
+Expand the name of the chart.
+*/}}
+{{- define "tyk-bootstrap.name" -}}
+{{- default .Chart.Name .Values.bootstrap.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- /*
+ok
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "tyk-bootstrap.fullname" -}}
+{{- if .Values.bootstrap.fullnameOverride -}}
+{{- .Values.bootstrap.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.bootstrap.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{- /*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "tyk-bootstrap.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+
+{{- define "tyk-bootstrap.gwproto" -}}
+{{- if .Values.global.tls.gateway -}}
+https
+{{- else -}}
+http
+{{- end -}}
+{{- end -}}
+
+{{- define "tyk-bootstrap.dash_proto" -}}
+{{- if .Values.global.tls.dashboard -}}
+https
+{{- else -}}
+http
+{{- end -}}
+{{- end -}}
+
+{{- define "tyk-bootstrap.dash_url" -}}
+{{ include "tyk-bootstrap.dash_proto" . }}://dashboard-svc-{{.Release.Name}}-tyk-dashboard.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.global.servicePorts.dashboard }}
+{{- end -}}
+
+{{- define "tyk-bootstrap.gateway_url" -}}
+{{ include "tyk-bootstrap.gwproto" . }}://gateway-svc-{{.Release.Name}}-tyk-gateway.{{ .Release.Namespace }}.svc.cluster.local:{{ .Values.global.servicePorts.gateway }}
+{{- end -}}
+
+{{- define "tyk-bootstrap.redis_url" -}}
+{{- if .Values.global.redis.addrs -}}
+{{ join "," .Values.global.redis.addrs }}
+{{- else -}}
+redis.{{ .Release.Namespace }}.svc.cluster.local:6379
+{{- end -}}
+{{- end -}}
+
+{{- define "tyk-bootstrap.mongo_url" -}}
+{{- if .Values.global.mongo.mongoURL -}}
+{{ .Values.global.mongo.mongoURL }}
+{{- else -}}
+mongodb://mongo.{{ .Release.Namespace }}.svc.cluster.local:27017/tyk_analytics
+{{- end -}}
+{{- end -}}
+
+{{- define "tyk-bootstrap.pg_connection_string" -}}
+{{- if .Values.global.postgres -}}
+{{- range $key, $value := .Values.global.postgres }}{{ print $key "=" $value " " }}{{- end }}
+{{- end -}}
+{{- end -}}
+
+{{- define "tyk-bootstrap.backend" -}}
+{{- if .Values.global.backend -}}
+{{- if eq "postgres" .Values.global.backend -}}
+postgres
+{{- else if eq "mongo" .Values.global.backend -}}
+mongo
+{{- end -}}
+{{- else -}}
+mongo
+{{- end -}}
+{{- end -}}

components/tyk-bootstrap/templates/bootstrap-post-install.yaml

@@ -0,0 +1,101 @@
+{{- if .Values.bootstrap -}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name:  {{ .Values.bootstrap.jobs.bootstrapJobName }}
+  labels:
+    app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
+    app.kubernetes.io/instance: {{ .Release.Name | quote }}
+
+    # Removed the use of appVersion since it's not accurate. We'll put it back in v1.0
+    # when every app will have its own a chart
+    # app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+  annotations:
+    # This is what defines this resource as a hook. Without this line, the
+    # job is considered part of the release.
+    "helm.sh/hook": post-install
+    "helm.sh/hook-weight": "-5"
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+spec:
+  backoffLimit: 1
+  template:
+    metadata:
+      annotations:
+        sidecar.istio.io/inject: “false”
+    spec:
+      serviceAccountName: k8s-bootstrap-role
+      containers:
+        - name: bootstrap-tyk-post-install
+          image: tykio/tyk-k8s-bootstrap-post:latest
+          command: [ './app/bin/bootstrap-app-post' ]
+          imagePullPolicy: IfNotPresent
+          env:
+            - name: TYK_DB_OMITCONFIGFILE
+              value: "true"
+            - name: TYK_ADMIN_FIRST_NAME
+              value: {{ .Values.bootstrap.adminUser.firstName | quote }}
+            - name: TYK_ADMIN_LAST_NAME
+              value: {{ .Values.bootstrap.adminUser.lastName | quote }}
+            - name: TYK_ADMIN_EMAIL
+              value: {{ .Values.bootstrap.adminUser.email | quote }}
+            - name: TYK_ADMIN_PASSWORD
+              valueFrom:
+                secretKeyRef:
+                  name: tyk-dashboard-login-details
+                  key: TYK_PASS
+            - name: TYK_POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+            - name: TYK_DASHBOARD_PROTO
+              value: "{{ include "tyk-bootstrap.dash_proto" . }}"
+            - name: TYK_DASHBOARD_SVC
+              {{- if .Values.global.components.dashboard }}
+              value: "dashboard-svc-{{.Release.Name}}-tyk-dashboard"
+              {{- else }}
+              value: "dashboard-svc-tyk-dashboard"
+              {{- end }}
+            - name: TYK_DB_LISTENPORT
+              value: "{{ .Values.global.servicePorts.dashboard }}"
+            - name: TYK_DB_LICENSEKEY
+              value: {{ .Values.global.license.dashboard | quote }}
+            - name: TYK_ADMIN_SECRET
+              value: {{ .Values.bootstrap.secrets.AdminSecret | quote }}
+            - name: TYK_ORG_NAME
+              value: {{ .Values.bootstrap.org.name | quote }}
+            - name: TYK_ORG_CNAME
+              value: {{ .Values.bootstrap.org.cname | quote }}
+            {{- if .Values.bootstrap.dashboard.enabled }}
+            - name: DASHBOARD_ENABLED
+              value: "true"
+            - name: BOOTSTRAP_DASHBOARD
+              value: "true"
+            {{- end }}
+            {{- if .Values.bootstrap.operatorSecret }}
+            - name: OPERATOR_SECRET_ENABLED
+              value: "true"
+            - name: OPERATOR_SECRET_NAME
+              value: "tyk-operator-conf"
+            {{- end }}
+            {{- if .Values.bootstrap.enterprisePortalSecret }}
+            - name: ENTERPRISE_PORTAL_SECRET_ENABLED
+              value: "true"
+            - name: ENTERPRISE_PORTAL_SECRET_NAME
+              value: "tyk-enterprise-portal-conf"
+            {{- end }}
+            - name: GATEWAY_ADDRESS
+              value: "{{ include "tyk-bootstrap.gateway_url" . }}"
+            {{- if .Values.bootstrap.portal.enabled }}
+            - name: BOOTSTRAP_PORTAL
+              value: "true"
+            {{- end }}
+            - name: TYK_DASHBOARD_DEPLOY
+            {{- if .Values.global.components.dashboard }}
+              value: "dashboard-{{.Release.Name}}-tyk-dashboard"
+            {{- else }}
+              value: {{ .Values.bootstrap.dashboard.deploymentName }}
+            {{- end }}
+      restartPolicy: Never
+      terminationGracePeriodSeconds: 0
+{{- end }}
+

components/tyk-bootstrap/templates/bootstrap-pre-delete.yaml

@@ -0,0 +1,48 @@
+{{- if .Values.bootstrap -}}
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: "bootstrap-pre-delete-{{ include "tyk-bootstrap.fullname" . }}"
+  labels:
+    app.kubernetes.io/managed-by: {{ .Release.Service | quote }}
+    app.kubernetes.io/instance: {{ .Release.Name | quote }}
+
+    # Removed the use of appVersion since it's not accurate. We'll put it back in v1.0
+    # when every app will have its own a chart
+    # app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+
+    helm.sh/chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+  annotations:
+    # This is what defines this resource as a hook. Without this line, the
+    # job is considered part of the release.
+    "helm.sh/hook": pre-delete
+    "helm.sh/hook-weight": "0"
+
+    "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded
+spec:
+  backoffLimit: 1
+  template:
+    metadata:
+      annotations:
+        sidecar.istio.io/inject: “false”
+    spec:
+      serviceAccountName: k8s-bootstrap-role
+      containers:
+        - name: bootstrap-tyk-pre-delete
+          image: tykio/tyk-k8s-bootstrap-pre-delete:latest
+          command: [ './app/bin/bootstrap-app-pre-delete' ]
+          imagePullPolicy: IfNotPresent
+          env:
+            - name: OPERATOR_SECRET_NAME
+              value: "tyk-operator-conf"
+            - name: ENTERPRISE_PORTAL_SECRET_NAME
+              value: "tyk-enterprise-portal-conf"
+            - name: TYK_POD_NAMESPACE
+              valueFrom:
+                fieldRef:
+                  fieldPath: metadata.namespace
+            - name: BOOTSTRAP_JOB_NAME
+              value: {{ .Values.bootstrap.jobs.bootstrapJobName }}
+      terminationGracePeriodSeconds: 0
+      restartPolicy: Never
+{{- end }}

components/tyk-bootstrap/templates/bootstrap-role-binding.yml

@@ -0,0 +1,14 @@
+{{- if .Values.bootstrap -}}
+apiVersion: rbac.authorization.k8s.io/v1
+kind: RoleBinding
+metadata:
+  name: k8s-bootstrap-role
+subjects:
+- kind: ServiceAccount
+  name: k8s-bootstrap-role
+  namespace: {{ .Release.Namespace }}
+roleRef:
+  kind: Role
+  name: k8s-bootstrap-role
+  apiGroup: rbac.authorization.k8s.io
+{{- end }}