chore: Sync release-v1.9.0

CHANGELOG.md

@@ -24,6 +24,7 @@
 
 - Restricted filesystem usage for journal service and file rotation strategy [#10518](https://github.com/opencrvs/opencrvs-core/issues/10518))
 
+- Tiltfile: Improved Kubernetes support for development environment [#10672](https://github.com/opencrvs/opencrvs-core/issues/10672)
 
 ### Bug fixes
 

Tiltfile

@@ -1,93 +1,31 @@
-############################################################
-# Please check readme at: https://github.com/opencrvs/infrastructure/tree/develop
-############################################################
-# Variables declaration:
-# Core images tag: usually "develop" or one of release name:
-# - v1.7.0
-# - v1.7.1
-# NOTE: It could take any value from https://github.com/orgs/opencrvs/packages
-# If you are under opencrvs-core repository, please use "local" tag
-# Tilt will build new image every time when changes are made to repository
-core_images_tag="develop"
+##########################################################################
+# Tiltfile: OpenCRVS Country config developer
+# For more information about variables, please check:
+# https://github.com/opencrvs/infrastructure/blob/develop/Tiltfile
 
-# Countryconfig/Farajaland image repository and tag
-# Usually image repository value is to your repository on DockerHub
-# If for some reason you don't have DockerHub account yet, please create
-# you local registry
-# (see: https://medium.com/@ankitkumargupta/quick-start-local-docker-registry-35107038242e)
+core_images_tag = "develop"
+# Build countryconfig image in local registry (use any name and tag you want)
 countryconfig_image_name="opencrvs/ocrvs-countryconfig"
-# If you are under opencrvs-countryconfig or your own repository, please use "local" tag,
-# Tilt will build new image every time when changes are made to repository
 countryconfig_image_tag="local"
 
-# Namespaces:
-opencrvs_namespace = 'opencrvs-dev'
-dependencies_namespace = 'opencrvs-deps-dev'
-
-
-# Checkout infrastructure directory if not exists
+load('ext://git_resource', 'git_checkout')
 if not os.path.exists('../infrastructure'):
-    local("git clone [email protected]:opencrvs/infrastructure.git ../infrastructure")
-
-local_resource('README.md', cmd='awk "/For OpenCRVS Country Config Developers/{flag=1; next} /Seed data/{flag=0} flag" ../infrastructure/README.md', labels=['0.Readme'])
-
-
-# Load extensions for namespace and helm operations
-load('ext://helm_resource', 'helm_resource', 'helm_repo')
-load('ext://namespace', 'namespace_create', 'namespace_inject')
-load("../infrastructure/tilt/lib.tilt", "copy_secrets", "reset_environment", "seed_data")
-
-include('../infrastructure/tilt/common.tilt')
-
-# If your machine is powerful feel free to change parallel updates from default 3
-# update_settings(max_parallel_updates=3)
+    # FIXME: Replace ocrvs-10672 to develop after testing
+    git_checkout('[email protected]:opencrvs/infrastructure.git#ocrvs-10672', '../infrastructure')
+if not os.path.exists('../infrastructure/tilt/opencrvs.tilt'):
+  fail('Something went wrong while cloning infrastructure repository!')
+load('../infrastructure/tilt/opencrvs.tilt', 'setup_opencrvs')
 
 # Build countryconfig image
 docker_build(countryconfig_image_name, ".",
               dockerfile="Dockerfile",
               network="host")
 
-# Create namespaces:
-# - opencrvs-deps-dev, dependencies namespace
-# - opencrvs-dev, main namespace
-namespace_create(dependencies_namespace)
-namespace_create(opencrvs_namespace)
-
-
-# Install Traefik GW
-# helm_repo('traefik-repo', 'https://traefik.github.io/charts', labels=['Dependencies'])
-# helm_resource(
-#   'traefik', 'traefik-repo/traefik', namespace='traefik', resource_deps=['traefik-repo'],
-#   flags=['--values=../infrastructure/infrastructure/localhost/traefik/values.yaml'])
-
-######################################################
-# OpenCRVS Dependencies Deployment
-# NOTE: This helm chart can be deployed as helm release
-k8s_yaml(helm('../infrastructure/charts/dependencies',
-  namespace=dependencies_namespace,
-  values=['../infrastructure/infrastructure/localhost/dependencies/values-dev.yaml']))
-
-######################################################
-# OpenCRVS Deployment
-k8s_yaml(
-  helm('../infrastructure/charts/opencrvs-services',
-       namespace=opencrvs_namespace,
-       values=['../infrastructure/infrastructure/localhost/opencrvs-services/values-dev.yaml'],
-       set=[
-        "image.tag={}".format(core_images_tag),
-        "countryconfig.image.name={}".format(countryconfig_image_name),
-        "countryconfig.image.tag={}".format(countryconfig_image_tag)
-        ]
-      )
+setup_opencrvs(
+    infrastructure_path='../infrastructure',
+    core_images_tag=core_images_tag,
+    countryconfig_image_name=countryconfig_image_name,
+    countryconfig_image_tag=countryconfig_image_tag,
 )
 
-#######################################################
-# Add Data Tasks to Tilt Dashboard
-reset_environment(opencrvs_namespace, opencrvs_configuration_file)
-
-seed_data(opencrvs_namespace, opencrvs_configuration_file)
-
-if security_enabled:
-    copy_secrets(dependencies_namespace, opencrvs_namespace)
-
 print("✅ Tiltfile configuration loaded successfully.")

infrastructure/backups/restore.sh

@@ -149,8 +149,9 @@ echo "🧹 cleanup for indices: $approved_words from $indices"
 echo "--------------------------"
 for index in ${indices[@]}; do
   for approved in $approved_words; do
+    echo "Checking index $index against approved pattern $approved..."
     case "$index" in
-    "$approved_words"*) 
+    "$approved"*)
         echo "Delete index $index..."
         docker run --rm --network=$NETWORK appropriate/curl curl -sS -XDELETE "http://$(elasticsearch_host)/$index"
         break
@@ -214,7 +215,7 @@ if [ -f "$ROOT_PATH/backups/postgres/events-${LABEL}.dump" ]; then
     -e PGPASSWORD=$POSTGRES_PASSWORD \
     --network=$NETWORK \
     postgres:17.6 \
-    bash -c "psql -h postgres -U $POSTGRES_USER -c 'DROP DATABASE IF EXISTS events;'"
+    bash -c "psql -h postgres -U $POSTGRES_USER -c 'DROP DATABASE IF EXISTS events WITH (FORCE);'"
 else
   echo "PostgreSQL backup not found for label ${LABEL}. Skipping PostgreSQL database drop..."
 fi
@@ -252,7 +253,11 @@ if [ -f "$ROOT_PATH/backups/postgres/events-${LABEL}.dump" ]; then
     -v $ROOT_PATH/backups/postgres:/backups \
     --network=$NETWORK \
     postgres:17.6 \
-    bash -c "createdb -h postgres -U $POSTGRES_USER events && pg_restore -h postgres -U $POSTGRES_USER -d events /backups/events-${LABEL}.dump"
+    bash -c "createdb -h postgres -U $POSTGRES_USER events && \
+             psql -h postgres -U $POSTGRES_USER -d events -c 'CREATE SCHEMA app AUTHORIZATION events_migrator; GRANT USAGE ON SCHEMA app TO events_app;' && \
+             pg_restore -h postgres -U $POSTGRES_USER -d events --schema=app /backups/events-${LABEL}.dump"
+  echo "Update credentials in Postgres on restore"
+  docker service update --force opencrvs_postgres-on-update
 else
   echo "PostgreSQL backup not found for label ${LABEL}. Skipping PostgreSQL database restore..."
 fi
@@ -309,3 +314,15 @@ tar -xzvf $ROOT_PATH/backups/vsexport/ocrvs-$LABEL.tar.gz -C $ROOT_PATH/vsexport
 if [ "$IS_LOCAL" = false ]; then
   docker service update --force --update-parallelism 1 opencrvs_migration
 fi
+
+##
+# ------ REINDEX -----
+##
+docker run --rm \
+  -v /opt/opencrvs/infrastructure/deployment:/workspace \
+  -w /workspace \
+  --network $NETWORK \
+  -e 'AUTH_URL=http://auth:4040/' \
+  -e 'EVENTS_URL=http://gateway:7070/events' \
+  alpine \
+  sh -c 'apk add --no-cache curl jq && sh reindex.sh'