✨ Migrate Pathfinder assessments and remove Pathfinder

Signed-off-by: Jason Montleon <jmontleo@redhat.com>

.github/actions/install-tackle/action.yml

@@ -10,10 +10,6 @@ inputs:
     description: "image url for tackle-hub"
     required: false
     default: "quay.io/konveyor/tackle2-hub:latest"
-  pathfinder-image:
-    description: "image url for pathfinder image"
-    required: false
-    default: "quay.io/konveyor/tackle-pathfinder:1.3.0-native"
   ui-image:
     description: "image url for tackle-ui"
     required: false
@@ -47,7 +43,6 @@ runs:
     run: |
       export OPERATOR_BUNDLE_IMAGE="${{ inputs.operator-bundle-image }}"
       export HUB_IMAGE="${{ inputs.hub-image }}"
-      export PATHFINDER_IMAGE="${{ inputs.pathfinder-image }}"
       export UI_IMAGE="${{ inputs.ui-image }}"
       export ADDON_ADMIN_IMAGE="${{ inputs.addon-admin-image }}"
       export ADDON_ANALYZER_IMAGE="${{ inputs.addon-analyzer-image }}"

.github/workflows/create-release.yml

@@ -106,8 +106,6 @@ jobs:
             image: konveyor/tackle2-addon
           - repo: konveyor/operator
             image: konveyor/tackle2-operator
-          - repo: konveyor/tackle-pathfinder
-            image: konveyor/tackle-pathfinder
           - repo: konveyor/tackle-keycloak-theme
             image: konveyor/tackle-keycloak-init
       fail-fast: true

Dockerfile

@@ -1,6 +1,12 @@
 ARG OPERATOR_SDK_VERSION=v1.28.1
 FROM quay.io/operator-framework/ansible-operator:$OPERATOR_SDK_VERSION
 
+USER 0
+COPY tools/upgrades/migrate-pathfinder-assessments.py /usr/local/bin/migrate-pathfinder-assessments.py
+COPY tools/upgrades/jwt.sh /usr/local/bin/jwt.sh
+RUN dnf -y install openssl && dnf clean all
+USER 1001
+
 COPY requirements.yml ${HOME}/requirements.yml
 RUN ansible-galaxy collection install -r ${HOME}/requirements.yml \
  && chmod -R ug+rwx ${HOME}/.ansible

README.md

@@ -94,8 +94,6 @@ tackle-hub-6b6ff674dd-c6xbr                                    1/1     Running
 tackle-keycloak-postgresql-57f5c44bcc-r9w9s                    1/1     Running     0          131m
 tackle-keycloak-sso-c65cd79bf-6j4xr                            1/1     Running     0          130m
 tackle-operator-6b65fccb7f-q9lpf                               1/1     Running     0          133m
-tackle-pathfinder-6c58447d8f-rd6rr                             1/1     Running     0          130m
-tackle-pathfinder-postgresql-5fff469bcc-bc5z2                  1/1     Running     0          130m
 tackle-ui-5f694bddcb-scbh5                                     1/1     Running     0          130m
 ```
 You can access the Konveyor UI in your browser through the `$(minikube ip)` IP.
@@ -145,7 +143,6 @@ rwx_supported: | true | Whether or not RWX volumes are supported in the cluster
 hub_database_volume_size | 5Gi | Size requested for Hub database volume
 hub_bucket_volume_size | 100gi | Size requested for Hub bucket volume
 keycloak_database_data_volume_size | 1Gi | Size requested for Keycloak DB volume
-pathfinder_database_data_volume_size | 1Gi | Size requested for Pathfinder DB volume
 cache_data_volume_size | 100Gi | Size requested for Tackle Cache volume
 cache_storage_class | N/A | Storage class requested for Tackle Cache volume
 hub_bucket_storage_class | N/A | Storage class requested for Tackle Hub Bucket volume
@@ -165,7 +162,6 @@ Name | Default Size | Access Mode | Description
 hub database | 5Gi | RWO | Hub DB
 hub bucket | 100Gi | RWX | Hub file storage
 keycloak postgresql | 1Gi | RWO | Keycloak backend DB
-pathfinder postgresql | 1Gi | RWO | Pathfinder backend DB
 cache | 100Gi | RWX | cache repository
 
 ### Konveyor Storage Custom Settings Example

bundle/manifests/konveyor-operator.clusterserviceversion.yaml

@@ -20,7 +20,7 @@ metadata:
     categories: Modernization & Migration
     certified: "false"
     containerImage: quay.io/konveyor/tackle2-operator:latest
-    createdAt: "2023-10-23T14:59:12Z"
+    createdAt: "2023-10-31T20:13:44Z"
     description: Konveyor is an open-source application modernization platform that
       helps organizations safely and predictably modernize applications to Kubernetes
       at scale.
@@ -71,7 +71,6 @@ spec:
 
     * Hub, to manage the application inventory and coordinate the migration process.
     * UI, the web console to manage the application inventory and drive the migration waves.
-    * Pathfinder, a service to manage the assessment questionnaires.
 
     Authentication capabilities may be enabled via the `feature_auth_required` parameter in the Tackle CR. When enabled, the Operator installs the following components:
     * Keycloak, to manage authentication, including with 3rd-party providers.
@@ -171,8 +170,6 @@ spec:
                   value: quay.io/konveyor/tackle2-hub:latest
                 - name: RELATED_IMAGE_TACKLE_POSTGRES
                   value: quay.io/centos7/postgresql-12-centos7:latest
-                - name: RELATED_IMAGE_PATHFINDER
-                  value: quay.io/konveyor/tackle-pathfinder:1.3.1-native
                 - name: RELATED_IMAGE_KEYCLOAK_SSO
                   value: quay.io/keycloak/keycloak:18.0.2-legacy
                 - name: RELATED_IMAGE_KEYCLOAK_INIT
@@ -361,8 +358,6 @@ spec:
     name: tackle-hub
   - image: quay.io/centos7/postgresql-12-centos7:latest
     name: tackle-postgres
-  - image: quay.io/konveyor/tackle-pathfinder:1.3.1-native
-    name: pathfinder
   - image: quay.io/keycloak/keycloak:18.0.2-legacy
     name: keycloak-sso
   - image: quay.io/konveyor/tackle-keycloak-init:latest

config/manager/manager.yaml

@@ -48,8 +48,6 @@ spec:
           value: quay.io/konveyor/tackle2-hub:latest
         - name: RELATED_IMAGE_TACKLE_POSTGRES
           value: quay.io/centos7/postgresql-12-centos7:latest
-        - name: RELATED_IMAGE_PATHFINDER
-          value: quay.io/konveyor/tackle-pathfinder:1.3.1-native
         - name: RELATED_IMAGE_KEYCLOAK_SSO
           value: quay.io/keycloak/keycloak:18.0.2-legacy
         - name: RELATED_IMAGE_KEYCLOAK_INIT

config/manifests/bases/konveyor-operator.clusterserviceversion.yaml

@@ -55,7 +55,6 @@ spec:
 
     * Hub, to manage the application inventory and coordinate the migration process.
     * UI, the web console to manage the application inventory and drive the migration waves.
-    * Pathfinder, a service to manage the assessment questionnaires.
 
     Authentication capabilities may be enabled via the `feature_auth_required` parameter in the Tackle CR. When enabled, the Operator installs the following components:
     * Keycloak, to manage authentication, including with 3rd-party providers.

docs/installation-macos.md

@@ -41,8 +41,6 @@ $ kubectl get pods -n my-konveyor-operator
 NAME                                           READY   STATUS      RESTARTS   AGE
 tackle-hub-7f7cc9d574-b5kkl                    1/1     Running     0          109m
 tackle-operator-56c574d689-jmvs7               1/1     Running     0          111m
-tackle-pathfinder-7688f4ddc5-wmv9v             1/1     Running     0          109m
-tackle-pathfinder-postgresql-fbd985767-glx8k   1/1     Running     0          109m
 tackle-ui-5bdb565bcd-g6gsr                     1/1     Running     0          109m
 task-1-x6fmv                                 0/1     Completed   0          4m6s 
 ```

hack/install-tackle.sh

@@ -20,7 +20,6 @@ export PATH="${__bin_dir}:${PATH}"
 NAMESPACE="${NAMESPACE:-konveyor-tackle}"
 OPERATOR_BUNDLE_IMAGE="${OPERATOR_BUNDLE_IMAGE:-quay.io/konveyor/tackle2-operator-bundle:latest}"
 HUB_IMAGE="${HUB_IMAGE:-quay.io/konveyor/tackle2-hub:latest}"
-PATHFINDER_IMAGE="${PATHFINDER_IMAGE:-quay.io/konveyor/tackle-pathfinder:1.3.0-native}"
 UI_IMAGE="${UI_IMAGE:-quay.io/konveyor/tackle2-ui:latest}"
 UI_INGRESS_CLASS_NAME="${UI_INGRESS_CLASS_NAME:-nginx}"
 ADDON_ADMIN_IMAGE="${ADDON_ADMIN_IMAGE:-quay.io/konveyor/tackle2-addon:latest}"
@@ -73,7 +72,6 @@ metadata:
 spec:
   feature_auth_required: ${FEATURE_AUTH_REQUIRED}
   hub_image_fqin: ${HUB_IMAGE}
-  pathfinder_image_fqin: ${PATHFINDER_IMAGE}
   ui_image_fqin: ${UI_IMAGE}
   ui_ingress_class_name: ${UI_INGRESS_CLASS_NAME}
   admin_fqin: ${ADDON_ADMIN_IMAGE}

roles/tackle/defaults/main.yml

@@ -9,7 +9,6 @@ app_version: "{{ lookup('env', 'VERSION') }}"
 feature_auth_required: "{{ false if app_profile == 'konveyor' else true }}"
 feature_auth_type: keycloak
 feature_isolate_namespace: true
-feature_pathfinder: true
 
 # Environment
 openshift_cluster: false
@@ -53,41 +52,17 @@ hub_log_level: 3
 hub_metrics_enabled: true
 hub_metrics_port: "2112"
 
-pathfinder_database_image_fqin: "{{ lookup('env', 'RELATED_IMAGE_TACKLE_POSTGRES') }}"
+pathfinder_delete_db_volume: false
 pathfinder_database_name: "pathfinder"
 pathfinder_database_component_name: "postgresql"
 pathfinder_database_service_name: "{{ app_name }}-{{ pathfinder_database_name }}-{{ pathfinder_database_component_name }}"
 pathfinder_database_secret_name: "{{ pathfinder_database_service_name }}"
 pathfinder_database_deployment_name: "{{ pathfinder_database_service_name }}"
-pathfinder_database_deployment_strategy: "Recreate"
-pathfinder_database_deployment_replicas: "1"
-pathfinder_database_container_name: "{{ pathfinder_database_service_name }}"
-pathfinder_database_container_limits_cpu: "500m"
-pathfinder_database_container_limits_memory: "800Mi"
-pathfinder_database_container_requests_cpu: "100m"
-pathfinder_database_container_requests_memory: "350Mi"
-pathfinder_database_data_volume_name: "{{ pathfinder_database_service_name }}-database"
-pathfinder_database_data_volume_size: "1Gi"
-pathfinder_database_data_volume_path: "/var/lib/pgsql"
 pathfinder_database_data_volume_claim_name: "{{ pathfinder_database_service_name }}-volume-claim"
-pathfinder_database_db_name: "pathfinder_db"
-pathfinder_database_db_name_b64: "{{ pathfinder_database_db_name | b64encode }}"
 
-pathfinder_image_fqin: "{{ lookup('env', 'RELATED_IMAGE_PATHFINDER') }}"
 pathfinder_component_name: "pathfinder"
 pathfinder_service_name: "{{ app_name }}-{{ pathfinder_component_name }}"
 pathfinder_deployment_name: "{{ pathfinder_service_name }}"
-pathfinder_deployment_replicas: "1"
-pathfinder_container_name: "{{ pathfinder_service_name }}"
-pathfinder_container_limits_cpu: "1000m"
-pathfinder_container_limits_memory: "2Gi"
-pathfinder_container_requests_cpu: "100m"
-pathfinder_container_requests_memory: "350Mi"
-pathfinder_tls_enabled: false
-pathfinder_tls_secret_name: "{{ pathfinder_service_name }}-serving-cert"
-pathfinder_port: "{{ '8443' if pathfinder_tls_enabled | bool else '8080' }}"
-pathfinder_proto: "{{ 'https' if pathfinder_tls_enabled | bool else 'http' }}"
-pathfinder_url: "{{ pathfinder_proto }}://{{ pathfinder_service_name }}.{{ app_namespace }}.svc:{{ pathfinder_port }}"
 
 keycloak_database_image_fqin: "{{ lookup('env', 'RELATED_IMAGE_TACKLE_POSTGRES') }}"
 keycloak_database_name: "keycloak"

roles/tackle/tasks/main.yml

@@ -272,72 +272,6 @@
       retries: 30
       delay: 5
 
-- when:
-    - feature_pathfinder|bool
-  block:
-    - name: "Setup PathFinder PostgreSQL PersistentVolume"
-      k8s:
-        state: present
-        definition: "{{ lookup('template', 'persistentvolumeclaim-pathfinder-postgresql.yml.j2') }}"
-
-    - name: "Check if PathFinder PostgreSQL Secret exists already so we don't update it"
-      k8s_info:
-        api_version: v1
-        kind: Secret
-        name: "{{ pathfinder_database_secret_name }}"
-        namespace: "{{ app_namespace }}"
-      register: pathfinder_database_secret_status
-
-    - when: (pathfinder_database_secret_status.resources | length) == 0
-      block:
-        - name: "Generate random values for PathFinder PostgreSQL username and password"
-          set_fact:
-            pathfinder_database_db_username: "user-{{ lookup('password', '/dev/null chars=ascii_lowercase,ascii_uppercase,digits length=4') }}"
-            pathfinder_database_db_password: "{{ lookup('password', '/dev/null chars=ascii_lowercase,ascii_uppercase,digits length=16') }}"
-
-        - name: "Encode PathFinder PostgreSQL username and password"
-          set_fact:
-            pathfinder_database_db_username_b64: "{{ pathfinder_database_db_username | b64encode }}"
-            pathfinder_database_db_password_b64: "{{ pathfinder_database_db_password | b64encode }}"
-
-        - name: "Setup PathFinder PostgreSQL Secret"
-          k8s:
-            state: present
-            definition: "{{ lookup('template', 'secret-pathfinder-postgresql.yml.j2') }}"
-
-    - name: "Setup PathFinder PostgreSQL Service"
-      k8s:
-        state: present
-        definition: "{{ lookup('template', 'service-pathfinder-postgresql.yml.j2') }}"
-
-    - name: "Setup PathFinder PostgreSQL Deployment"
-      k8s:
-        state: present
-        definition: "{{ lookup('template', 'deployment-pathfinder-postgresql.yml.j2') }}"
-
-    - name: "Check status of PathFinder PostgreSQL"
-      kubernetes.core.k8s_info:
-        api_version: v1
-        kind: Pod
-        namespace: "{{ app_namespace }}"
-        label_selectors:
-          - app.kubernetes.io/name = {{ pathfinder_database_service_name }}
-        wait: true
-        wait_condition:
-          type: "Ready"
-          status: "True"
-        wait_timeout: 240
-
-    - name: "Setup PathFinder Service"
-      k8s:
-        state: present
-        definition: "{{ lookup('template', 'service-pathfinder.yml.j2') }}"
-
-    - name: "Setup PathFinder Deployment"
-      k8s:
-        state: present
-        definition: "{{ lookup('template', 'deployment-pathfinder.yml.j2') }}"
-
 - name: "Setup Hub API Database PersistentVolumeClaim"
   k8s:
     state: present
@@ -392,7 +326,6 @@
         state: present
         definition: "{{ lookup('template', 'secret-hub.yml.j2') }}"
 
-
 - name: "Look up Keycloak DB Secret for Hashing"
   set_fact:
     keycloak_db_secret:
@@ -519,3 +452,112 @@
   when:
     - hub_metrics_enabled|bool
     - openshift_cluster|bool
+
+- name: "Check if pathfinder exists"
+  kubernetes.core.k8s_info:
+    api_version: v1
+    kind: Pod
+    namespace: "{{ app_namespace }}"
+    label_selectors:
+      - app.kubernetes.io/name = {{ app_name }}-{{ pathfinder_component_name }}
+  register: pathfinder_pod
+
+- when:
+    - (pathfinder_pod.resources | length) > 0
+  block:
+    - name: "Wait for Pathfinder to be Ready"
+      kubernetes.core.k8s_info:
+        api_version: v1
+        kind: Pod
+        namespace: "{{ app_namespace }}"
+        label_selectors:
+          - app.kubernetes.io/name = {{ app_name }}-{{ pathfinder_component_name }}
+        wait: true
+        wait_condition:
+          type: "Ready"
+          status: "True"
+        wait_timeout: 240
+
+    - name: "Wait for the Hub to be Ready"
+      kubernetes.core.k8s_info:
+        api_version: v1
+        kind: Pod
+        namespace: "{{ app_namespace }}"
+        label_selectors:
+          - app.kubernetes.io/name = {{ app_name }}-{{ hub_component_name }}
+        wait: true
+        wait_condition:
+          type: "Ready"
+          status: "True"
+        wait_timeout: 240
+
+    - name: Retrieve Hub Secret
+      kubernetes.core.k8s_info:
+        api_version: v1
+        kind: Secret
+        name: "{{ hub_secret_name }}"
+        namespace: "{{ app_namespace }}"
+      register: hub_secret
+
+    - name: Set Hub Token
+      set_fact:
+        hub_key: "{{ hub_secret.resources[0].data.addon_token | b64decode }}"
+
+    - name: Migrate assessments
+      shell: |
+        /usr/local/bin/migrate-pathfinder-assessments.py \
+        -p http://{{ pathfinder_service_name }}:8080/pathfinder \
+        -b http://{{ hub_service_name }}:8080 \
+        -t $(/usr/local/bin/jwt.sh {{ hub_key }})
+      changed_when: false
+
+    - name: "Remove PathFinder PostgreSQL Secret"
+      k8s:
+        state: absent
+        api_version: v1
+        kind: Secret
+        name: "{{ pathfinder_database_secret_name }}"
+        namespace: "{{ app_namespace }}"
+
+    - name: "Remove PathFinder PostgreSQL Service"
+      k8s:
+        state: absent
+        api_version: v1
+        kind: Service
+        name: "{{ pathfinder_database_service_name }}"
+        namespace: "{{ app_namespace }}"
+
+    - name: "Remove PathFinder PostgreSQL Deployment"
+      k8s:
+        state: absent
+        api_version: apps/v1
+        kind: Deployment
+        name: "{{ pathfinder_database_deployment_name }}"
+        namespace: "{{ app_namespace }}"
+
+    - name: "Remove PathFinder Service"
+      k8s:
+        state: absent
+        api_version: v1
+        kind: Service
+        name: "{{ pathfinder_service_name }}"
+        namespace: "{{ app_namespace }}"
+
+    - name: "Remove PathFinder Deployment"
+      k8s:
+        state: absent
+        api_version: apps/v1
+        kind: Deployment
+        name: "{{ pathfinder_deployment_name }}"
+        namespace: "{{ app_namespace }}"
+
+- name: "Remove PathFinder PostgreSQL Volume"
+  k8s:
+    state: absent
+    api_version: v1
+    kind: PersistentVolumeClaim
+    name: "{{ pathfinder_database_data_volume_claim_name }}"
+    namespace: "{{ app_namespace }}"
+  when:
+    - (pathfinder_delete_db_volume|bool)
+    - (pathfinder_pod.resources|length) == 0