Merge branch 'main' into jbrasero3110

Author: jesusbrasero

.github/workflows/banned_file_changes_pr.yml

@@ -3,7 +3,7 @@ on:
   # pull_request:
   #   branches: [ "**/*" ]
   pull_request_target:
-  
+
 jobs:
   check_for_banned_file_changes:
     name: Look for unsupported (banned) file modifications on PRs
@@ -31,7 +31,7 @@ jobs:
           echo 'Changes to files in .github are not allowed.'
       - name: Comment if .github changed
         if: contains(steps.files.outputs.all_files_changed, '.github')
-        uses: mshick/add-pr-comment@v1
+        uses: oracle-devrel/add-pr-comment
         with:
           message: |
             :no_entry: **Banned Files Modified**
@@ -43,15 +43,15 @@ jobs:
           echo 'Changes to license_policy.yml are not allowed.'
       - name: Comment if license_policy.yml changed
         if: contains(steps.files.outputs.all_files_changed, '"license_policy.yml"')
-        uses: mshick/add-pr-comment@v1
+        uses: oracle-devrel/add-pr-comment
         with:
           message: |
             :no_entry: **Banned Files Modified**
             Changes to `license_policy.yml` are not permitted.  Please revert your changes and re-submit a new PR.  Simply changing the file back to its original state and re-committing won't work (you must revert the changes made to it).
           repo-token: ${{ secrets.GITHUB_TOKEN }}
       - name: Look for changes to repolinter.json
         if: contains(steps.files.outputs.all_files_changed, '"repolinter.json"')
-        uses: mshick/add-pr-comment@v1
+        uses: oracle-devrel/add-pr-comment
         with:
           message: |
             :no_entry: **Banned Files Modified**
@@ -63,7 +63,7 @@ jobs:
           echo 'Changes to repolinter.json are not allowed.'
       - name: Look for changes to sonar-project.properties
         if: contains(steps.files.outputs.all_files_changed, '"sonar-project.properties"')
-        uses: mshick/add-pr-comment@v1
+        uses: oracle-devrel/add-pr-comment
         with:
           message: |
             :no_entry: **Banned Files Modified**
@@ -76,4 +76,4 @@ jobs:
       - name: Fail on banned file changes
         if: contains(steps.files.outputs.all_files_changed, '.github') || contains(steps.files.outputs.all_files_changed, '"license_policy.yml"') || contains(steps.files.outputs.all_files_changed, '"repolinter.json"') || contains(steps.files.outputs.all_files_changed, '"sonar-project.properties"')
         run: |
-          exit 1
+          exit 1

.github/workflows/license_audit.yml

@@ -31,7 +31,7 @@ jobs:
         run: echo "${{ steps.analysis.outputs.unapproved_licenses }}"
       - name: Comment if analysis finds unapproved licenses
         if: steps.analysis.outputs.unapproved_licenses == 'true'
-        uses: mshick/add-pr-comment@v1
+        uses: oracle-devrel/add-pr-comment
         with:
           message: |
             :no_entry: **License Inspection**

.github/workflows/repolinter.yml

@@ -34,7 +34,7 @@ jobs:
           echo "Errored: ${{ steps.analysis.outputs.errored }}"
       - name: Comment if analysis finds missing disclaimer
         if: steps.analysis.outputs.disclaimer_found == 'false'
-        uses: mshick/add-pr-comment@v1
+        uses: oracle-devrel/add-pr-comment
         with:
           message: |
             :no_entry: **FAILURE: Missing Disclaimer**
@@ -47,34 +47,34 @@ jobs:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
       - name: Comment if analysis finds missing readme
         if: steps.analysis.outputs.readme_file_found == 'false'
-        uses: mshick/add-pr-comment@v1
+        uses: oracle-devrel/add-pr-comment
         with:
           message: |
             :no_entry: **FAILURE: Missing README**
             The README file seems to be missing.  Please add it.
-            
+
             Details:
             ${{ steps.analysis.outputs.readme_file_details }}
           repo-token: ${{ secrets.GITHUB_TOKEN }}
       - name: Comment if analysis finds missing license
         if: steps.analysis.outputs.license_file_found == 'false'
-        uses: mshick/add-pr-comment@v1
+        uses: oracle-devrel/add-pr-comment
         with:
           message: |
             :no_entry: **FAILURE: Missing LICENSE**
             The LICENSE file seems to be missing.  Please add it.
-            
+
             Details:
             ${{ steps.analysis.outputs.license_file_details }}
           repo-token: ${{ secrets.GITHUB_TOKEN }}
       - name: Comment if analysis finds copyright notice missing
         if: steps.analysis.outputs.copyright_found == 'false'
-        uses: mshick/add-pr-comment@v1
+        uses: oracle-devrel/add-pr-comment
         with:
           message: |
             :warning: **WARNING: Missing Copyright Notice(s)**
             It's a good idea to have copyright notices at the top of each file.  It looks like at least one file was missing this (though it might be further down in the file - this might be a false-positive).
-            
+
             Details:
             ${{ steps.analysis.outputs.copyright_details }}
           repo-token: ${{ secrets.GITHUB_TOKEN }}

ai-and-app-modernisation/ai-services/oracle-digital-assistant/templates/hcm-ml/files/ODApaired.pdf

@@ -1,31 +1,31 @@
 Copyright (c) 2024 Oracle and/or its affiliates.
-
+ 
 The Universal Permissive License (UPL), Version 1.0
-
+ 
 Subject to the condition set forth below, permission is hereby granted to any
 person obtaining a copy of this software, associated documentation and/or data
 (collectively the "Software"), free of charge and under any and all copyright
 rights in the Software, and any and all patent rights owned or freely
 licensable by each licensor hereunder covering either (i) the unmodified
 Software as contributed to or provided by such licensor, or (ii) the Larger
 Works (as defined below), to deal in both
-
+ 
 (a) the Software, and
 (b) any piece of software and/or hardware listed in the lrgrwrks.txt file if
 one is included with the Software (each a "Larger Work" to which the Software
 is contributed by such licensors),
-
+ 
 without restriction, including without limitation the rights to copy, create
 derivative works of, display, perform, and distribute the Software and make,
 use, sell, offer for sale, import, export, have made, and have sold the
 Software and the Larger Work(s), and to sublicense the foregoing rights on
 either these or other terms.
-
+ 
 This license is subject to the following condition:
 The above copyright notice and either this complete permission notice or at
 a minimum a reference to the UPL must be included in all copies or
 substantial portions of the Software.
-
+ 
 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

data-platform/core-converged-db/shared-sassets/tooling/run-plan/LICENSE renamed to app-dev/devops-and-containers/devops/azure-devops-oke/LICENSE

@@ -36,20 +36,28 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
 -->
 
-### Author
-<a href="https://github.com/mikarinneoracle">mikarinneoracle</a>
-
-## Building and Deploying to OKE with Azure DevOps
+# Building and Deploying to OKE with Azure DevOps
 
-There are two ways (at least) to build and deploy to OKE from Azure DevOps:
+There are two ways (at least) to build and deploy to Oracle Container Registry (OCIR) and Oracle Kubernetes Engine (OKE) from Azure DevOps:
 <ul>
     <li>Use OCI VM as Azure parallel job self-hosted build agent that will run as <code>instance-principal</code> and hence no OCI credentials are needed to be shared with Azure DevOps. Here <code>kubectl</code> and OCI native tooling like <code>oci cli</code> can be used in pipelines.</li>
     <br>
-    <li>Use Azure DevOps native <code>tasks</code> that can run as either Azure-hosted or as self-hosted Azure parallel jobs. Credentials will be stored to Azure DevOps.</li>
+    <li>Use Azure DevOps native <code>tasks</code> that can run as either Azure-hosted or as self-hosted Azure parallel jobs to deploy to OCIR and OKE. Credentials will be stored to Azure DevOps.</li>
 </ul>
 
 <p>
-For this example I've used the second option. I'm also using a self-hosted agent/runner on OCI but that's just because I can use the <code>always-free</code> VM instance for it as part of the default OCI subscription and I don't have any Azure-hosted agents available in my Azure subscription. Technically that does not matter since the agent is a vanilla Oracle Linux VM instance and does not contain any customizations whatsover to do the pipeline work (it could however, but it does not).
+For this example I've used the second option. I'm also using a self-hosted agent/runner on OCI but that's just because I can use the <code>always-free</code> VM instance for it as part of the default OCI subscription and I don't have any Azure-hosted agents available in my Azure subscription. Technically that does not matter since the agent is a vanilla Oracle Linux VM instance and does not contain any customizations whatsover to do the pipeline work (it could however, but it does not). 
+ 
+Reviewed: 29.10.2024
+ 
+# When to use this asset?
+ 
+Anyone who wants to do CI/CD from Azure DevOps to deploy and run containers on Oracle Kubernetes Engine (OKE) using Azure DevOps native tasks.
+
+# Author
+<a href="https://github.com/mikarinneoracle">mikarinneoracle</a>
+
+# How to use this asset?
 
 ## Copy the files to the Azure DevOps repo
 
@@ -60,7 +68,7 @@ To make this build and deploy to OKE to work is not a big task. First copy the f
 Before building the Docker image repo needs to be created under the desired <code>compartment</code>. This can be easily done using OCI Cloud UI. Name the repository as <b><i>Azure-test</i></b>, for example.
 
 <p>
-Then modify the <code>deployment.yaml</code> <a href="https://github.com/oracle-devrel/technology-engineering/tree/main/app-dev/devops-and-containers/devops/azure-devops-oke/deployment.yaml#L19">line 19</a> by replacing the &lt;TENANCY_NAMESPACE&gt; with yours and if you gave another name for the OCIR repo then modify also that here, too. Modify also the <code>region</code> if using some other OCI region than <b><i>fra.ocir.io</i></b>.
+Then modify the <code>deployment.yaml</code> <a href="https://github.com/oracle-devrel/technology-engineering/tree/main/app-dev/devops-and-containers/devops/azure-devops-oke/files/deployment.yaml#L19">line 19</a> by replacing the &lt;TENANCY_NAMESPACE&gt; with yours and if you gave another name for the OCIR repo then modify also that here, too. Modify also the <code>region</code> if using some other OCI region than <b><i>fra.ocir.io</i></b>.
 
 <p>
 To be able to do <code>Docker login</code> to the repo create <code>auth token</code> for your OCI user unless you already have one.
@@ -74,7 +82,7 @@ Once the OKE cluster is up and running with <code>kubectl</code> access setup th
     <a href="https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengaddingserviceaccttoken.htm" target="_NEW">https://docs.oracle.com/en-us/iaas/Content/ContEng/Tasks/contengaddingserviceaccttoken.htm</a>. 
 
 <p>
-Name the secret <b><i>oke-kubeconfig-azure-token</i></b> as in <code>azure-token.yaml</code> <a href="https://github.com/oracle-devrel/technology-engineering/tree/main/app-dev/devops-and-containers/devops/azure-devops-oke/azure-token.yaml#L4" target="_NEW">line 4</a>.
+Name the secret <b><i>oke-kubeconfig-azure-token</i></b> as in <code>azure-token.yaml</code> <a href="https://github.com/oracle-devrel/technology-engineering/blob/main/app-dev/devops-and-containers/devops/azure-devops-oke/files/azure-token.yaml#L4" target="_NEW">line 4</a>.
 
 ## Setup Azure DevOps OCI connections for OKE and OCIR
 
@@ -93,7 +101,7 @@ To make the Azure DevOps pipeline to work with OCIR and OKE two <code>Service Co
     <ul>
         <li>Type: Kubernetes</li>
         <li>Authentication method: Service Account</li>
-        <li>Server URL: OKE cluster server address from your <i>~/.kube/config</i> e.g. <i>https://145.144.233.100:6443</i></li>
+        <li>Server URL: OKE cluster server address from your <i>~/.kube/config</i> e.g. <i>https://xxx.144.233.100:6443</i></li>
         <li>Authorization Secret: Get the secret JSON by doing <i>kubectl get secret oke-kubeconfig-azure-token -n kube-system -o json</i> and paste it here</li>
         <li>Service connection name: OKE</li>
         <li>Grant access permission to all pipelines: YES</li>
@@ -109,22 +117,22 @@ Edit the created pipeline and select <code>Variables</code> to create them as fo
 
 <ul>
     <li>CONTAINER_REGISTRY: OCIR</li>
-    <li>CONTAINER_REPOSITORY: Use the same name as in the <code>deployment.yaml</code> <a href="https://github.com/oracle-devrel/technology-engineering/tree/main/app-dev/devops-and-containers/devops/azure-devops-oke/deployment.yaml#L19">line 19</a> but <b><i>without</i></b> the <code>region</code> and the <code>tag</code> ("1" in the example YAML file) e.g. <b><i>&lt;TENANCY_NAMESPACE&gt;/azure-test</i></b></li>
+    <li>CONTAINER_REPOSITORY: Use the same name as in the <code>deployment.yaml</code> <a href="https://github.com/oracle-devrel/technology-engineering/tree/main/app-dev/devops-and-containers/devops/azure-devops-oke/files/deployment.yaml#L19">line 19</a> but <b><i>without</i></b> the <code>region</code> and the <code>tag</code> ("1" in the example YAML file) e.g. <b><i>&lt;TENANCY_NAMESPACE&gt;/azure-test</i></b></li>
     <li>containerImageFullNameForK8sDeploy: The same as above but with the OCI region e.g. <b><i>fra.ocir.io/&lt;TENANCY_NAMESPACE&gt;/azure-test</i></b></li>
     <li>K8S_CONNECTION_NAME: OKE</li>
     <li>K8S_NAMESPACE: default</li>
     <li>OcirPullSecret: ocirsecret</li>
 </ul>
 
 <p>
-<img src="pipeline-vars.png" width="800" />
+<img src="files/pipeline-vars.png" width="800" />
 
 ## Run the pipeline
 
 Pipeline runs automatically after commiting changes and when all of the above are properly set it should complete succesfully.
 
 <p>
-<img src="azure-devops-oke.png" width="800" />
+<img src="files/azure-devops-oke.png" width="800" />
 
 <p>
 Pipeline will create a Kubernetes <b><i>load balancer</i></b> service to provide a public access point to the pod in the OKE cluster:
@@ -133,7 +141,7 @@ Pipeline will create a Kubernetes <b><i>load balancer</i></b> service to provide
 <PRE>
 kubectl get svc
 NAME         TYPE           CLUSTER-IP     EXTERNAL-IP      PORT(S)             AGE
-httpd-lb     LoadBalancer   10.96.175.74   144.200.51.195   80:32452/TCP        4h1m
+httpd-lb     LoadBalancer   10.96.175.74   xxx.200.51.195   80:32452/TCP        4h1m
 </PRE>
 
 <p>
@@ -145,14 +153,14 @@ curl 144.200.51.195
 {
   "path": "/",
   "headers": {
-    "host": "144.200.51.195",
+    "host": "xxx.200.51.195",
     "user-agent": "curl/8.4.0",
     "accept": "*/*"
   },
   "method": "GET",
   "body": "",
   "fresh": false,
-  "hostname": "144.200.51.195",
+  "hostname": "xxx.200.51.195",
   "ip": "::ffff:10.0.10.220",
   "ips": [],
   "protocol": "http",
@@ -166,6 +174,13 @@ curl 144.200.51.195
 }%
 </PRE>
 
+# Useful Links
+ 
+- [Oracle Kubernetes Engine (OKE)](https://www.oracle.com/cloud/cloud-native/kubernetes-engine/)
+    - Simplify operations of enterprise-grade Kubernetes at scale. Easily deploy and manage resource-intensive workloads such as AI with automatic scaling, patching, and upgrades.
+- [Oracle](https://www.oracle.com/)
+    - Oracle Website
+
 ### License
 
 Copyright (c) 2024 Oracle and/or its affiliates.