[ED-2793] Add OCI specific vars (#3912)

* Add OCI specific vars

* Add mobile deeplink url var

private_repo/ansible/inventory/dev/Core/common.yml

@@ -10,21 +10,25 @@ private_ingressgateway_ip: ""     # your private kubernetes load balancer ip
 # Cloud Service Provider Variables
 # If cloud_service_provider is AWS then update with access key as value
 # Example: cloud_public_storage_accountname: "AKSHKSJHFJDHJDSHFKSD"
+# If cloud_service_provider is OCI then update with access key as value
+# Example: cloud_public_storage_accountname: "7855461d26e1d8f211a04ec59cfd3037c8d1c6dd"
 # If cloud_service_provider is gloud(GCP) then update with service account name
 # Example: cloud_public_storage_accountname: "cloudstorage-gcp-test.iam.gserviceaccount.com"
 # If cloud_service_provider is AZURE then update with stoage account name
 # Example: cloud_public_storage_accountname: "azurestotageaccount"
 cloud_public_storage_accountname: ""
-# If cloud_service_provider is AWS then update with region
+# If cloud_service_provider is AWS/OCI then update with region
 # Example: cloud_public_storage_region: us-east-1
 cloud_public_storage_region: ""
 # If cloud_service_provider is gcp then update this variable with project id
 # Example: cloud_public_storage_project: "sunbird-gcp-test"
 cloud_public_storage_project: ""
-
+# If cloud_service_provider is OCI then update this variable with namespace value
+# Example: cloud_public_storage_namespace: "apsyjjclx"
+cloud_public_storage_namespace: ""
 
 # Create object storage for each below mentioned variables and update accordingly
-# If cloud_service_provider is AWS update with bucket name
+# If cloud_service_provider is AWS/OCI update with bucket name
 # If cloud_service_provider is gcloud(GCP) update with bucket name
 # If cloud_service_provider is AZURE update with container name 
 # Example: cloud_storage_certqr_bucketname: "certqr-storage"
@@ -96,6 +100,8 @@ cloud_storage_management_bucketname: ""
 # cloud_storage_url: https://storage.googleapis.com
 # AWS
 # cloud_storage_url: "https://s3.{{ cloud_public_storage_region }}.amazonaws.com"
+# OCI
+# cloud_storage_url: "https://{{ cloud_public_storage_namespace }}.compat.objectstorage.{{ cloud_public_storage_region }}.oraclecloud.com"
 # Azure
 cloud_storage_url: "https://{{ cloud_public_storage_accountname }}.blob.core.windows.net"
 
@@ -106,17 +112,45 @@ cloud_storage_url: "https://{{ cloud_public_storage_accountname }}.blob.core.win
 # for google:
 # nginx_private_ingress_annotations:
 #   cloud.google.com/load-balancer-type: "Internal"
+# for OCI private
+#nginx_private_ingress_annotations:
+#  service.beta.kubernetes.io/oci-load-balancer-internal: "true"
+#  service.beta.kubernetes.io/oci-load-balancer-subnet1: "ocid1.subnet.oc1.ap-hyderabad-1.xxxxxxxxxxxx" #subnet id 
+# for OCI public
+# nginx public - oci specific
+#nginx_public_ingress_service_annotations:
+#  oci.oraclecloud.com/load-balancer-type: "lb"
+#  service.beta.kubernetes.io/oci-load-balancer-shape: "flexible"
+#  service.beta.kubernetes.io/oci-load-balancer-shape-flex-min: "100Mbps"
+#  service.beta.kubernetes.io/oci-load-balancer-shape-flex-max: "200Mbps"
+#  service.beta.kubernetes.io/oci-load-balancer-subnet1: "ocid1.subnet.oc1.ap-hyderabad-1.xxxxxxxxxxx" #subnet id 
 # for azure:
 # nginx_private_ingress_annotations:
 #   service.beta.kubernetes.io/azure-load-balancer-internal: "true"
 
 nginx_private_ingress_annotations:
   service.beta.kubernetes.io/azure-load-balancer-internal: "true"
 
+# Media specific vars - OCI ( enable when cloud_service_provider is oci)
+#oci_media_region: "{{ cloud_public_storage_region }}"
+#oci_media_compartment: ocid1.compartment.oc1..xxxxxxxxxxxx # compartment id
+#oci_media_namespace: "{{ cloud_public_storage_namespace }}"
+#oci_media_source_bucket: "{{ cloud_storage_content_bucketname }}" 
+#oci_media_target_bucket: "{{ cloud_storage_content_bucketname }}"
+#oci_media_prefix_input: "" 
+#oci_media_dist_channel_id: "" 
+#oci_media_work_flow_id: ""
+#oci_media_stream_config_id: ""
+#oci_media_gateway_domain: ""
+#csp_migrator_router_parallelism: ""
 # ------------------------------------------------------------------------------------------------------------ #
 
 graylog_trusted_proxies: "1.2.3.4/21" # This should be the kubernetes nodes subnet CIDR range
 
+### Android Mobile deeplink url - Upload the assetlinks.json file to the public object store (bucket)
+## reference: https://project-sunbird.atlassian.net/wiki/spaces/SBDES/pages/3276865567/Deep+link+support+in+Android+12+devices
+mobile_deeplink_url: "{{ cloud_storage_url }}/{{ cloud_storage_public_bucketname }}/Mobile-deeplink/assetlinks.json"
+
 ## Optional
 
 learningservice_ip: "10.0.1.5"             # Load balancer IP or server ip

private_repo/ansible/inventory/dev/Core/secrets.yml

@@ -5,7 +5,7 @@ core_vault_postgres_password: "change.postgres.password"           # Update same
 core_vault_dp_pgdb_password: "change.postgres.password"       #update same password in dp secrets dp_vault_pgdb_password  variable       
 core_vault_sunbird_azure_storage_key: "change.azure.storage.account.key"
 core_vault_docker_registry_url: "change.docker.url"      # for docker hub "https://index.docker.io/v1"
-core_vault_docker_registry_user: "change.docker.username" 
+core_vault_docker_registry_user: "change.docker.username" # For OCI oci_namespcae/oci_username
 core_vault_docker_registry_password: "change.docker.password"
 
 # Cloud Service Provider Secret Variables
@@ -31,7 +31,7 @@ core_vault_docker_registry_password: "change.docker.password"
 # Example: cloud_management_storage_secret: "BfoOQwA6UFI7URwkFjkjdjsdhjhjhjsdhjfM//lsTbXDmHOFR5GqEwAwzyrKXOUDywojCpOC/g=="
 cloud_management_storage_secret: "" 
 
-# If cloud_service_provider is aws then update secret access key
+# If cloud_service_provider is aws/oci then update secret access key
 # Example: cloud_public_storage_secret: "xkxjfjsdsfjdfjdhgjfhgjdhfgjdgjdfgdjgjdgdjhgjhd"
 
 # If cloud_service_provider is gcp then update with private-key which is in service account json file
@@ -237,4 +237,4 @@ lp_vault_youtube_api_key:                       # youtube api token if you want
 # Examples values added below
 ml_analytics_authorization_access_token : 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJkOTY3NzRjYzXXXXXXXXXXXXXQ4Y2RiOWQ2Mzg0OSJ9.n4hXxKxl_698yeZPSWhXeGvMOb4esfgPadIZe8jZ0Z4' # Bearer auth token which has access to APIs as defined in the release note
 ml_analytics_password : Test@123 # Password of a user which has roles of "PROGRAM_MANAGER", "PROGRAM_DESIGNER", "REPORT_ADMIN", "REPORT_VIEWER" matching with supplied username to variable ml_analytics_username
-ml_analytics_client_secret : fd241dce-4ZZ9-47e1-97cf-1c7de7a44216 # Keycloak client secret for creating tokens, mapped to client id supplied to variable ml_analytics_client_id
+ml_analytics_client_secret : fd241dce-4ZZ9-47e1-97cf-1c7de7a44216 # Keycloak client secret for creating tokens, mapped to client id supplied to variable ml_analytics_client_id

private_repo/ansible/inventory/dev/DataPipeline/common.yml

@@ -10,21 +10,25 @@ search_lb_ip:                    # search service Load balancer IP
 # Cloud Service Provider Variables
 # If cloud_service_provider is AWS then update with access key as value
 # Example: cloud_public_storage_accountname: "AKSHKSJHFJDHJDSHFKSD"
+# If cloud_service_provider is OCI then update with access key as value
+# Example: cloud_public_storage_accountname: "7855461d26e1d8f211a04ec59cfd3037c8d1c6dd"
 # If cloud_service_provider is gloud(GCP) then update with service account name
 # Example: cloud_public_storage_accountname: "cloudstorage-gcp-test.iam.gserviceaccount.com"
 # If cloud_service_provider is AZURE then update with stoage account name
 # Example: cloud_public_storage_accountname: "azurestotageaccount"
+
 cloud_public_storage_accountname: ""
-# If cloud_service_provider is AWS then update with region
+# If cloud_service_provider is AWS/OCI then update with region
 # Example: cloud_public_storage_region: us-east-1
 cloud_public_storage_region: ""
 # If cloud_service_provider is gcp then update this variable with project id
 # Example: cloud_public_storage_project: "sunbird-gcp-test"
 cloud_public_storage_project: ""
-
-
+# If cloud_service_provider is OCI then update this variable with namespace value
+# Example: cloud_public_storage_namespace: "apsyjjclx"
+cloud_public_storage_namespace: ""
 # Create object storage for each below mentioned variables and update accordingly
-# If cloud_service_provider is AWS update with bucket name
+# If cloud_service_provider is AWS/OCI update with bucket name
 # If cloud_service_provider is gcloud(GCP) update with bucket name
 # If cloud_service_provider is AZURE update with container name 
 # Example: cloud_storage_certqr_bucketname: "certqr-storage"
@@ -96,6 +100,8 @@ cloud_storage_management_bucketname: ""
 # cloud_storage_url: https://storage.googleapis.com
 # AWS
 # cloud_storage_url: "https://s3.{{ cloud_public_storage_region }}.amazonaws.com"
+# OCI
+# cloud_storage_url: "https://{{ cloud_public_storage_namespace }}.compat.objectstorage.{{ cloud_public_storage_region }}.oraclecloud.com"
 # Azure
 cloud_storage_url: "https://{{ cloud_public_storage_accountname }}.blob.core.windows.net"
 
@@ -295,4 +301,4 @@ processing_kafka_overriden_topics:
     replication_factor: 1
 
 # graylog
-send_logs_to_graylog: true  # filebeat agents will send logs to graylog instead of ES
+send_logs_to_graylog: true  # filebeat agents will send logs to graylog instead of ES

private_repo/ansible/inventory/dev/KnowledgePlatform/common.yml

@@ -7,14 +7,14 @@ private_ingressgateway_ip: "" # your private kubernetes load balancer ip
 domain_name: ""               # your domain name like example.com
 
 # Cloud Service Provider Variables
-# If cloud_service_provider is AWS then update with access key as value
+# If cloud_service_provider is AWS/OCI then update with access key as value
 # Example: cloud_public_storage_accountname: "AKSHKSJHFJDHJDSHFKSD"
 # If cloud_service_provider is gloud(GCP) then update with service account name
 # Example: cloud_public_storage_accountname: "cloudstorage-gcp-test.iam.gserviceaccount.com"
 # If cloud_service_provider is AZURE then update with stoage account name
 # Example: cloud_public_storage_accountname: "azurestotageaccount"
 cloud_public_storage_accountname: ""
-# If cloud_service_provider is AWS then update with region
+# If cloud_service_provider is AWS/OCI then update with region
 # Example: cloud_public_storage_region: us-east-1
 cloud_public_storage_region: ""
 # If cloud_service_provider is gcp then update this variable with project id
@@ -26,7 +26,7 @@ cloud_public_storage_namespace: ""
 
 
 # Create object storage for each below mentioned variables and update accordingly
-# If cloud_service_provider is AWS update with bucket name
+# If cloud_service_provider is AWS/OCI update with bucket name
 # If cloud_service_provider is gcloud(GCP) update with bucket name
 # If cloud_service_provider is AZURE update with container name 
 # Example: cloud_storage_certqr_bucketname: "certqr-storage"
@@ -98,6 +98,8 @@ cloud_storage_management_bucketname: ""
 # cloud_storage_url: https://storage.googleapis.com
 # AWS
 # cloud_storage_url: "https://s3.{{ cloud_public_storage_region }}.amazonaws.com"
+# OCI
+# cloud_storage_url: "https://{{ cloud_public_storage_namespace }}.compat.objectstorage.{{ cloud_public_storage_region }}.oraclecloud.com"
 # Azure
 cloud_storage_url: "https://{{ cloud_public_storage_accountname }}.blob.core.windows.net"
 
@@ -129,8 +131,11 @@ kubeconfig_path: /var/lib/jenkins/secrets/k8s.yaml        # kubeconfig file path
 # cloud_public_storage_endpoint: "https://s3.{{ cloud_public_storage_region }}.amazonaws.com"
 # for OCI
 #cloud_public_storage_endpoint: "https://<oci_namespace>.compat.objectstorage.{{cloud_public_storage_region}}.oraclecloud.com"
-
-cloud_public_storage_endpoint: ""
+#oci_flink_s3_storage_endpoint: "{{ cloud_public_storage_endpoint }}"
+#cloudstorage_sdk_endpoint: "{{ cloud_public_storage_endpoint }}"
+#s3_region: "{{ cloud_public_storage_region }}"
+#cloud_storage_proxy_host: "{{cloud_storage_url}}"
+#flink_container_name: "{{ cloud_storage_flink_bucketname }}"
 
 # Update below vars if seperate object storage is required
 cloud_private_storage_accountname: "{{ cloud_public_storage_accountname }}" 
@@ -163,13 +168,26 @@ cloud_artifact_storage_namespace: "{{ cloud_public_storage_namespace }}"
 # cloud_storage_neo4jbackup_bucketname: ""
 # cloud_storage_redisbackup_bucketname: ""
 
+# Media specific vars - OCI ( enable when cloud_service_provider is oci)
+#oci_media_region: "{{ cloud_public_storage_region }}"
+#oci_media_compartment: ocid1.compartment.oc1..xxxxxxxxxxxx # compartment id
+#oci_media_namespace: "{{ cloud_public_storage_namespace }}"
+#oci_media_source_bucket: "{{ cloud_storage_content_bucketname }}" 
+#oci_media_target_bucket: "{{ cloud_storage_content_bucketname }}"
+#oci_media_prefix_input: "" 
+#oci_media_dist_channel_id: "" 
+#oci_media_work_flow_id: ""
+#oci_media_stream_config_id: ""
+#oci_media_gateway_domain: ""
+#csp_migrator_router_parallelism: ""
+
 # Building block vars
 cloud_storage_base_url: "{{ cloud_storage_url }}"
 cloudstorage_base_path: "{{ cloud_storage_url }}"
 valid_cloudstorage_base_urls: '["{{ cloud_storage_url }}"]'
 cloudstorage_relative_path_prefix: "CONTENT_STORAGE_BASE_PATH"
-cloud_storage_pathstyle_access: false
-
+cloud_storage_pathstyle_access: true
+cloud_storage_cname_url: "{{ cloud_storage_url }}" # overide if you have seperate url for cname
 ### Lern BB - Adding Lern specific vars here. In future if we want to move it to seperate folder this can be used as the starting point
 
 # Mandatorty variables - DO NOT LEAVE ANYTHING BLANK #