feat: private submodule repositories (#349)

terraform/gitlab/ci-templates/k8s-cluster/.gitlab-ci.yml

@@ -39,7 +39,7 @@ variables:
   K8S_TEMPLATE_PATH: terraform/k8s
   TMP_TEMPLATES_DIR: /tmp/iac-templates
   TMP_GIT_REPO: /tmp/git-iac-templates
-  GIT_SUBMODULE_STRATEGY: recursive
+  GIT_SUBMODULE_STRATEGY: none
 
 image: ${CI_REGISTRY_IMAGE}:${IMAGE_TAG}
 
@@ -55,13 +55,18 @@ cache:
 
 .source:
   script:
+    - export VAULT_TOKEN="$(vault write -field=token auth/${VAULT_AUTH_PATH}/login role=$VAULT_AUTH_ROLE jwt=$VAULT_ID_TOKEN)"
+    - export GIT_CREDENTIALS="$(vault kv get -field=credentials ${KV_SECRET_PATH}/git)"
+    - if [ "$GIT_CREDENTIALS" != "" ]; then echo "$GIT_CREDENTIALS" | tr ' ' '\n' > ~/.gitcredentials.store; fi
+    - git config --global credential.helper 'store --file ~/.gitcredentials.store'
+    - git submodule sync --recursive
+    - git submodule update --init --recursive
     - source $(which gitlab-terraform)
     - .gitlab/scripts/config-merge.sh
     - yq eval '.' $CONFIG_PATH/cluster-config.yaml -o=json > cluster-config.json
     - yq eval '.' $CONFIG_PATH/addons-vars.yaml -o=json > addons-vars.yaml
     - for var in $(jq -r 'to_entries[] | "\(.key)=\(.value)\n"' ./cluster-config.json); do export $var; done
     - for var in $(jq -r 'to_entries[] | "\(.key)=\(.value)\n"' ./addons-vars.yaml); do export $var; done
-    - export VAULT_TOKEN="$(vault write -field=token auth/${VAULT_AUTH_PATH}/login role=$VAULT_AUTH_ROLE jwt=$VAULT_ID_TOKEN)"
     - export ENV_VAULT_TOKEN="$(vault kv get -field=value ${KV_SECRET_PATH}/${CI_PROJECT_NAME}/env_token)"
     - export NETMAKER_OPS_TOKEN="$(vault kv get -field=value ${KV_SECRET_PATH}/${CI_PROJECT_NAME}/netmaker_ops_token)"
     - export NETMAKER_ENV_TOKEN="$(vault kv get -field=value ${KV_SECRET_PATH}/${CI_PROJECT_NAME}/netmaker_env_token)"
@@ -70,8 +75,7 @@ cache:
     - export VAULT_GITLAB_ROOT_TOKEN="$(vault kv get -field=value ${KV_SECRET_PATH}/tenancy/vault_root_token)"
     - export METMAKER_MASTER_KEY="$(vault kv get -field=value ${KV_SECRET_PATH}/tenancy/netmaker_master_key)"
     - source setcivars.sh
-    - echo "https://${PRIVATE_REPO_USER}:${PRIVATE_REPO_TOKEN}@${PRIVATE_REPO}" > ~/.gitcredentials.store
-    - git config --global credential.helper 'store --file ~/.gitcredentials.store'
+    - echo "https://${PRIVATE_REPO_USER}:${PRIVATE_REPO_TOKEN}@${PRIVATE_REPO}" >> ~/.gitcredentials.store
     - git config --global advice.detachedHead false
     - source set-ansible-destroy-preq-vars.sh
     - export TERRAGRUNT_EXCLUDE_DIR="/dev/null"
@@ -232,7 +236,7 @@ refresh-deploy-infra:
   script:
     - !reference [.source, script]
     - .gitlab/scripts/refresh-repo.sh $cluster_name $TMP_GIT_REPO $TMP_TEMPLATES_DIR $GITLAB_CI_PAT $iac_terraform_modules_tag
-    - git checkout "$CI_COMMIT_REF_NAME" && git pull --recurse-submodules
+    - git checkout "$CI_COMMIT_REF_NAME" && git pull
     - !reference [.source, script]
     - terragrunt run-all apply --terragrunt-non-interactive -input=false
     - .gitlab/scripts/pushtorepo.sh $CI_PROJECT_PATH $CI_SERVER_HOST $CI_COMMIT_REF_NAME $GITOPS_BUILD_OUTPUT_DIR $GITLAB_CI_PAT $ARGO_CD_ROOT_APP_PATH

terraform/gitops/generate-files/templates/mcm/values-mcm.yaml.tpl

@@ -10,7 +10,7 @@ db:
 api:
   image:
     name: ghcr.io/pm4ml/connection-manager-api
-    version: v2.1.0
+    version: v2.4.0
   url: https://${mcm_fqdn}
   extraTLS:
     rootCert:
@@ -76,6 +76,8 @@ ui:
     clientId: ${oauth_key}
     clientSecretName: ${oauth_secret_secret}
     clientSecretKey: ${oauth_secret_secret_key}
+  image:
+    version: 1.8.4
 
 ingress:
 %{ if istio_create_ingress_gateways ~}

terraform/k8s/default-config/mojaloop-vars.yaml

@@ -1,6 +1,6 @@
 bulk_enabled: false
 third_party_enabled: false
-mcm_chart_version: 1.1.0
+mcm_chart_version: 1.2.4
 mojaloop_chart_version: 16.0.0
 ttk_testcases_tag: 16.1.0
 currency: ${currency}