From 7d85462156c78d834ac46ab09ef429d41773706a Mon Sep 17 00:00:00 2001
From: Julien Bouquillon <julien.bouquillon@sg.social.gouv.fr>
Date: Tue, 3 Oct 2023 10:09:07 +0200
Subject: [PATCH 1/4] fix: add prod cnpg

---
 .kontinuous/env/dev/values.yaml     |  7 +------
 .kontinuous/env/preprod/values.yaml | 15 ---------------
 .kontinuous/env/prod/values.yaml    | 16 +++++++++++++---
 .kontinuous/values.yaml             | 17 ++++-------------
 4 files changed, 18 insertions(+), 37 deletions(-)

diff --git a/.kontinuous/env/dev/values.yaml b/.kontinuous/env/dev/values.yaml
index 1796504b..179164ce 100644
--- a/.kontinuous/env/dev/values.yaml
+++ b/.kontinuous/env/dev/values.yaml
@@ -1,8 +1,4 @@
-pg:
-  ~chart: pg
-
 backend:
-  ~needs: [build-backend, pg]
   volumes:
     - name: uploads
       emptyDir: {}
@@ -11,12 +7,11 @@ backend:
       name: uploads
   envFrom:
     - secretRef:
-        name: "pg-app"
+        name: pg-app
     - secretRef:
         name: backend-sealed-secret
     - configMapRef:
         name: backend-configmap
-
 jobs:
   runs:
     build-frontend-guyane:
diff --git a/.kontinuous/env/preprod/values.yaml b/.kontinuous/env/preprod/values.yaml
index 1d3d6639..ac85fe54 100644
--- a/.kontinuous/env/preprod/values.yaml
+++ b/.kontinuous/env/preprod/values.yaml
@@ -1,21 +1,6 @@
-pg:
-  ~chart: pg
-  backup:
-    enabled: true
-
 dashboard:
   host: "bo-tumeplay-preprod.ovh.fabrique.social.gouv.fr"
 
-backend:
-  ~needs: [build-backend, pg]
-  envFrom:
-    - secretRef:
-        name: "pg-app"
-    - secretRef:
-        name: backend-sealed-secret
-    - configMapRef:
-        name: backend-configmap
-
 jobs:
   runs:
     build-frontend-guyane:
diff --git a/.kontinuous/env/prod/values.yaml b/.kontinuous/env/prod/values.yaml
index d83cee13..e3b668a0 100644
--- a/.kontinuous/env/prod/values.yaml
+++ b/.kontinuous/env/prod/values.yaml
@@ -1,5 +1,12 @@
 backend:
   host: backend-tumeplay.fabrique.social.gouv.fr
+  envFrom:
+    - secretRef:
+        name: pg-user # temporary
+    - secretRef:
+        name: backend-sealed-secret
+    - configMapRef:
+        name: backend-configmap
 
 frontend-metropole:
   host: tumeplay.fabrique.social.gouv.fr
@@ -19,13 +26,17 @@ frontend-aime:
 dashboard:
   host: bo-tumeplay.fabrique.social.gouv.fr
 
+pg-metabase:
+  ~chart: pg
+
 metabase:
   enabled: true
+  ~needs: ["pg-metabase"]
   # ingress:
   #   enabled: false
   envFrom:
     - secretRef:
-        name: metabase-pg-user
+        name: pg-metabase-app
     - configMapRef:
         name: metabase-configmap
 
@@ -36,9 +47,8 @@ jobs:
         buildArgs:
           buildenv: preprod.guyane
           REACT_APP_MATOMO_ID: "45"
-          
+
     build-frontend-aime:
       with:
         buildArgs:
           buildenv: preprod.aime
-          
\ No newline at end of file
diff --git a/.kontinuous/values.yaml b/.kontinuous/values.yaml
index a26ae5e0..41bf43f8 100644
--- a/.kontinuous/values.yaml
+++ b/.kontinuous/values.yaml
@@ -1,6 +1,6 @@
 backend:
   ~chart: app
-  ~needs: [build-backend]
+  ~needs: [build-backend, pg]
   host: "backend-{{ $.Values.global.host }}"
   imagePackage: backend
   containerPort: 1337
@@ -29,7 +29,7 @@ backend:
       value: "true"
   envFrom:
     - secretRef:
-        name: pg-user
+        name: pg-app
     - secretRef:
         name: backend-sealed-secret
     - secretRef:
@@ -73,12 +73,10 @@ dashboard:
   imagePackage: dashboard
   containerPort: 8080
 
-metabase:
-  ~chart: metabase
-  enabled: false
+pg:
+  ~chart: pg
 
 jobs:
-  ~chart: jobs
   runs:
     build-backend:
       use: build
@@ -123,10 +121,3 @@ jobs:
         context: tumeplay-dashboard
         buildArgs:
           REACT_APP_API_URL: https://backend-{{ .Values.global.host }}
-
-deactivate:
-  jobs-deactivate:
-    runs:
-      deactivate:
-        with:
-          db: true

From 827efca234c8bcafa89b2d1fd0c6242aa7028648 Mon Sep 17 00:00:00 2001
From: Julien Bouquillon <julien.bouquillon@sg.social.gouv.fr>
Date: Tue, 3 Oct 2023 18:06:15 +0200
Subject: [PATCH 2/4] Update .kontinuous/env/prod/values.yaml

Co-authored-by: Adrien Chauve <adrien@chauve.eu>
---
 .kontinuous/env/prod/values.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.kontinuous/env/prod/values.yaml b/.kontinuous/env/prod/values.yaml
index e3b668a0..2ea02e96 100644
--- a/.kontinuous/env/prod/values.yaml
+++ b/.kontinuous/env/prod/values.yaml
@@ -7,6 +7,8 @@ backend:
         name: backend-sealed-secret
     - configMapRef:
         name: backend-configmap
+    - secretRef:
+        name: azure-tumeplay-volume
 
 frontend-metropole:
   host: tumeplay.fabrique.social.gouv.fr

From c73cda3396647a4ed58e9e5e891d9a9c3f324568 Mon Sep 17 00:00:00 2001
From: Julien Bouquillon <julien.bouquillon@sg.social.gouv.fr>
Date: Tue, 3 Oct 2023 18:12:52 +0200
Subject: [PATCH 3/4] fix: metabase

---
 .../env/prod/templates/metabase.sealed-secret.yaml   |  5 ++---
 .kontinuous/env/prod/values.yaml                     | 12 +++++++++++-
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/.kontinuous/env/prod/templates/metabase.sealed-secret.yaml b/.kontinuous/env/prod/templates/metabase.sealed-secret.yaml
index f48667e9..214328f1 100644
--- a/.kontinuous/env/prod/templates/metabase.sealed-secret.yaml
+++ b/.kontinuous/env/prod/templates/metabase.sealed-secret.yaml
@@ -1,13 +1,12 @@
 apiVersion: bitnami.com/v1alpha1
 kind: SealedSecret
 metadata:
-  name: metabase-pg-user
+  name: metabase-secret
   namespace: tumeplay
 spec:
   encryptedData:
-    MB_DB_CONNECTION_URI: AgB19/KYRk9/YqyQrUputvGv4pxy35Yth2vsRThsUzX8RSVvjo2u+djtsQEqKy9EmrVHdHnykYgNqQW2rT2Lla1qTi0BpSWakTsZSb246ET6Jt7I4uhcc39ZY/wBMtJVV0E38iNZqxuF9HFZxddBpe9sfoX6ZePfHNWlQr9MDEDmsCac6kSgfa/bJdTOOr5e2fwNvpo6UoP2NeEChMuICuGdnHjlkSKl/aKHZcKglc9TqqiQw8MdK7JEVLqqA6QXY3CBb5JZF06Ui+9ZYka4hnuk1+MOy6h5qx9g11IhhQVELo+lhaYu9hvvxGp4jcxiqeVqc6lohnZ8sbk6lIOX3OVVIzpzRstYp8mVdn/XxNulEu0lDBULYnhRpRMVsel5qHhYu5mjGIHKQX52FUzjZUr/zQfRVjUvgq18IIfZYzJ4m05W/RoqjgsYte2x96vksR6dhJCU/eybb2+we+TtyfpWHpfTiVS4BwIGIbTyC4dAy8XoQz6H8E/FGK+f5xE7tPKnBysZu0kXMzkX3aDq5/9g6LybuoAUBx7jf9gdLbWMhyKgms1m3jG2puwtd2Zq9oiMV/rzclSFzPZgjhnLWqQruj7eCUmreThPj0VoYMdATKbAkaPSq3rV65fDSRGKbAN67Cy2b5rjPH45YGhSFYa3fb47EHfRN4zDD5X0tU3o2v7zMtfFNPK0AXW0PUYA0I5+EI1lNu4YeBwGUHArAvnn+KU4UWSY5QjMgFV6VySZRsLyO1h43QZy4ObeyF+eHjzzkRXo4rectawkTvDYXJESs0az90RuhKKn8QQtaCvGV1USEAgN88q6G0jpn6OgVnzMVSwNATqQpfpEMDTqlu2PK7wReODAD/a2I0ZMqYl+CWtwj8NH1CjYqnvCAGUR4FKhgZdqf/4DHeduFoCpbxvDIE6p
     MB_ENCRYPTION_SECRET_KEY: AgBSGjlNBdDP4Z8cMKDbTTrmW06PDtcIWXi9KYiTN7Cchor4s1uCjBtFIGlverX481qD4stX26fPWr75ny3h6yHY0hla66HYTA4fuBmQgNQ1OxQhrIGI7hbYw5DNNVTmq56ZxWsya5nhdSTNXrG3yaA3Ba3NneUFmQ12F/TDPvCZ9rGvRNY3SekF3HW0TlqIF/F8DBLjgZIFEEsklm0198GBRa50wpAtaVBKDwX/R/JPME6i/varZz8EM4tcsvlOkIDEwvo3pzAhxAlT+swmCEXqKjrSO4Tq+E1JZWvY5T4pbq0prapSKOBI8ZOOHZ+wlrM+wMeIJ/0eGUq2i/NKmW1pTFzgZDKhLVKTuIEQ2aYk2z+3SDBSk+HT/EIrImDH4aMFO+sxsjtiyYV/Ymy4cmMbp2hhDFvd9/1BfKX8kCIEfcHevuT5l0Blly5LtQKn/qRXUu7gzBGOvBI/kYWObWhkOOMA7uUF46S6gAMA60r0bDdu5XWEoHp/rVEiuTJJNMfZB5pazYMKcYbZXnuuymg090Htvb9yqvr0sTEfDIvkvXVddRrpNVqEF6xm5xbfab1QEZxeJoHMVNY5PF4S9mC2zJwo+QeYpw1R8RGelJzVFw5uKwbqFQuQaVIk6K2t2m+152CD2zZPxJvCWfRKlN+8dP9I1gYiB/rwtDkVsiJQRx1gnm9Mhwru/htBI3W0bIVHfI7RtgT6/9ngNOXoo5nRMqwplxi1XEfMhaSnRpuPORAkRq22UjdBBreQHw==
   template:
     metadata:
-      name: metabase-pg-user
+      name: metabase-secret
     type: Opaque
diff --git a/.kontinuous/env/prod/values.yaml b/.kontinuous/env/prod/values.yaml
index 2ea02e96..6d495ea7 100644
--- a/.kontinuous/env/prod/values.yaml
+++ b/.kontinuous/env/prod/values.yaml
@@ -33,14 +33,24 @@ pg-metabase:
 
 metabase:
   enabled: true
+  ~chart: metabase
   ~needs: ["pg-metabase"]
   # ingress:
   #   enabled: false
   envFrom:
     - secretRef:
-        name: pg-metabase-app
+        name: metabase-secret
+    # - secretRef:
+    #     name: pg-metabase-app
     - configMapRef:
         name: metabase-configmap
+  env:
+    - name: MB_DB_CONNECTION_URI
+      valueFrom:
+        - secretKeyRef:
+            name: pg-metabase-app
+            key: DATABASE_URL
+      #postgresql://${PG_HOST}/metabase?user=xxx&password=yyy&ssl=require"
 
 jobs:
   runs:

From a23a6576c472488c551a8c5c353d8725b58871cf Mon Sep 17 00:00:00 2001
From: Julien Bouquillon <julien.bouquillon@sg.social.gouv.fr>
Date: Tue, 3 Oct 2023 18:23:44 +0200
Subject: [PATCH 4/4] fix: restore metabase-pg-user

---
 .../templates/metabase.sealed-secret.yaml     |  5 +++--
 .kontinuous/env/prod/values.yaml              | 20 +++++++++----------
 2 files changed, 12 insertions(+), 13 deletions(-)

diff --git a/.kontinuous/env/prod/templates/metabase.sealed-secret.yaml b/.kontinuous/env/prod/templates/metabase.sealed-secret.yaml
index 214328f1..f48667e9 100644
--- a/.kontinuous/env/prod/templates/metabase.sealed-secret.yaml
+++ b/.kontinuous/env/prod/templates/metabase.sealed-secret.yaml
@@ -1,12 +1,13 @@
 apiVersion: bitnami.com/v1alpha1
 kind: SealedSecret
 metadata:
-  name: metabase-secret
+  name: metabase-pg-user
   namespace: tumeplay
 spec:
   encryptedData:
+    MB_DB_CONNECTION_URI: AgB19/KYRk9/YqyQrUputvGv4pxy35Yth2vsRThsUzX8RSVvjo2u+djtsQEqKy9EmrVHdHnykYgNqQW2rT2Lla1qTi0BpSWakTsZSb246ET6Jt7I4uhcc39ZY/wBMtJVV0E38iNZqxuF9HFZxddBpe9sfoX6ZePfHNWlQr9MDEDmsCac6kSgfa/bJdTOOr5e2fwNvpo6UoP2NeEChMuICuGdnHjlkSKl/aKHZcKglc9TqqiQw8MdK7JEVLqqA6QXY3CBb5JZF06Ui+9ZYka4hnuk1+MOy6h5qx9g11IhhQVELo+lhaYu9hvvxGp4jcxiqeVqc6lohnZ8sbk6lIOX3OVVIzpzRstYp8mVdn/XxNulEu0lDBULYnhRpRMVsel5qHhYu5mjGIHKQX52FUzjZUr/zQfRVjUvgq18IIfZYzJ4m05W/RoqjgsYte2x96vksR6dhJCU/eybb2+we+TtyfpWHpfTiVS4BwIGIbTyC4dAy8XoQz6H8E/FGK+f5xE7tPKnBysZu0kXMzkX3aDq5/9g6LybuoAUBx7jf9gdLbWMhyKgms1m3jG2puwtd2Zq9oiMV/rzclSFzPZgjhnLWqQruj7eCUmreThPj0VoYMdATKbAkaPSq3rV65fDSRGKbAN67Cy2b5rjPH45YGhSFYa3fb47EHfRN4zDD5X0tU3o2v7zMtfFNPK0AXW0PUYA0I5+EI1lNu4YeBwGUHArAvnn+KU4UWSY5QjMgFV6VySZRsLyO1h43QZy4ObeyF+eHjzzkRXo4rectawkTvDYXJESs0az90RuhKKn8QQtaCvGV1USEAgN88q6G0jpn6OgVnzMVSwNATqQpfpEMDTqlu2PK7wReODAD/a2I0ZMqYl+CWtwj8NH1CjYqnvCAGUR4FKhgZdqf/4DHeduFoCpbxvDIE6p
     MB_ENCRYPTION_SECRET_KEY: AgBSGjlNBdDP4Z8cMKDbTTrmW06PDtcIWXi9KYiTN7Cchor4s1uCjBtFIGlverX481qD4stX26fPWr75ny3h6yHY0hla66HYTA4fuBmQgNQ1OxQhrIGI7hbYw5DNNVTmq56ZxWsya5nhdSTNXrG3yaA3Ba3NneUFmQ12F/TDPvCZ9rGvRNY3SekF3HW0TlqIF/F8DBLjgZIFEEsklm0198GBRa50wpAtaVBKDwX/R/JPME6i/varZz8EM4tcsvlOkIDEwvo3pzAhxAlT+swmCEXqKjrSO4Tq+E1JZWvY5T4pbq0prapSKOBI8ZOOHZ+wlrM+wMeIJ/0eGUq2i/NKmW1pTFzgZDKhLVKTuIEQ2aYk2z+3SDBSk+HT/EIrImDH4aMFO+sxsjtiyYV/Ymy4cmMbp2hhDFvd9/1BfKX8kCIEfcHevuT5l0Blly5LtQKn/qRXUu7gzBGOvBI/kYWObWhkOOMA7uUF46S6gAMA60r0bDdu5XWEoHp/rVEiuTJJNMfZB5pazYMKcYbZXnuuymg090Htvb9yqvr0sTEfDIvkvXVddRrpNVqEF6xm5xbfab1QEZxeJoHMVNY5PF4S9mC2zJwo+QeYpw1R8RGelJzVFw5uKwbqFQuQaVIk6K2t2m+152CD2zZPxJvCWfRKlN+8dP9I1gYiB/rwtDkVsiJQRx1gnm9Mhwru/htBI3W0bIVHfI7RtgT6/9ngNOXoo5nRMqwplxi1XEfMhaSnRpuPORAkRq22UjdBBreQHw==
   template:
     metadata:
-      name: metabase-secret
+      name: metabase-pg-user
     type: Opaque
diff --git a/.kontinuous/env/prod/values.yaml b/.kontinuous/env/prod/values.yaml
index 6d495ea7..bcc86bbe 100644
--- a/.kontinuous/env/prod/values.yaml
+++ b/.kontinuous/env/prod/values.yaml
@@ -34,23 +34,21 @@ pg-metabase:
 metabase:
   enabled: true
   ~chart: metabase
-  ~needs: ["pg-metabase"]
+  #~needs: ["pg-metabase"]
   # ingress:
   #   enabled: false
   envFrom:
     - secretRef:
-        name: metabase-secret
-    # - secretRef:
-    #     name: pg-metabase-app
+        name: metabase-pg-user
     - configMapRef:
         name: metabase-configmap
-  env:
-    - name: MB_DB_CONNECTION_URI
-      valueFrom:
-        - secretKeyRef:
-            name: pg-metabase-app
-            key: DATABASE_URL
-      #postgresql://${PG_HOST}/metabase?user=xxx&password=yyy&ssl=require"
+  #env:
+  # - name: MB_DB_CONNECTION_URI
+  #   valueFrom:
+  #     - secretKeyRef:
+  #         name: pg-metabase-app
+  #         key: DATABASE_URL
+  #postgresql://${PG_HOST}/metabase?user=xxx&password=yyy&ssl=require"
 
 jobs:
   runs: