From 635ca28ec1412f095dac09077719071cdf406dfb Mon Sep 17 00:00:00 2001 From: Nicolas Giard Date: Mon, 13 May 2024 21:40:13 -0400 Subject: [PATCH] chore: remove helm stuff --- .github/workflows/build.yml | 2 +- helm/.helmignore | 23 - helm/Chart.yaml | 23 - helm/settings_local.py | 259 ------- helm/templates/_helpers.tpl | 179 ----- helm/templates/configmap.yaml | 69 -- helm/templates/deployments/beat.yaml | 75 -- helm/templates/deployments/celery.yaml | 90 --- helm/templates/deployments/datatracker.yaml | 90 --- helm/templates/deployments/memcached.yaml | 74 -- helm/templates/hpa.yaml | 32 - helm/templates/ingress.yaml | 61 -- helm/templates/persistentvolumeclaims.yaml | 43 -- helm/templates/rbac/beat-serviceaccount.yaml | 12 - .../templates/rbac/celery-serviceaccount.yaml | 12 - .../rbac/datatracker-serviceaccount.yaml | 12 - .../rbac/memcached-serviceaccount.yaml | 12 - .../rbac/rabbitmq-serviceaccount.yaml | 12 - helm/templates/services/datatracker.yaml | 21 - helm/templates/services/memcached.yaml | 21 - helm/templates/services/rabbitmq.yaml | 22 - helm/templates/statefulsets/rabbitmq.yaml | 87 --- helm/values.yaml | 645 ------------------ 23 files changed, 1 insertion(+), 1875 deletions(-) delete mode 100644 helm/.helmignore delete mode 100644 helm/Chart.yaml delete mode 100644 helm/settings_local.py delete mode 100644 helm/templates/_helpers.tpl delete mode 100644 helm/templates/configmap.yaml delete mode 100644 helm/templates/deployments/beat.yaml delete mode 100644 helm/templates/deployments/celery.yaml delete mode 100644 helm/templates/deployments/datatracker.yaml delete mode 100644 helm/templates/deployments/memcached.yaml delete mode 100644 helm/templates/hpa.yaml delete mode 100644 helm/templates/ingress.yaml delete mode 100644 helm/templates/persistentvolumeclaims.yaml delete mode 100644 helm/templates/rbac/beat-serviceaccount.yaml delete mode 100644 helm/templates/rbac/celery-serviceaccount.yaml delete mode 100644 helm/templates/rbac/datatracker-serviceaccount.yaml delete mode 100644 helm/templates/rbac/memcached-serviceaccount.yaml delete mode 100644 helm/templates/rbac/rabbitmq-serviceaccount.yaml delete mode 100644 helm/templates/services/datatracker.yaml delete mode 100644 helm/templates/services/memcached.yaml delete mode 100644 helm/templates/services/rabbitmq.yaml delete mode 100644 helm/templates/statefulsets/rabbitmq.yaml delete mode 100644 helm/values.yaml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bd65da036..4181beef4 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -220,7 +220,7 @@ jobs: .devcontainer .github .vscode - helm + k8s playwright svn-history docker-compose.yml diff --git a/helm/.helmignore b/helm/.helmignore deleted file mode 100644 index 691fa13d6..000000000 --- a/helm/.helmignore +++ /dev/null @@ -1,23 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*.orig -*~ -# Various IDEs -.project -.idea/ -*.tmproj -.vscode/ \ No newline at end of file diff --git a/helm/Chart.yaml b/helm/Chart.yaml deleted file mode 100644 index 844087fa6..000000000 --- a/helm/Chart.yaml +++ /dev/null @@ -1,23 +0,0 @@ -apiVersion: v2 -name: datatracker -description: The day-to-day front-end to the IETF database for people who work on IETF standards. -home: https://datatracker.ietf.org -sources: - - https://github.com/ietf-tools/datatracker -maintainers: - - name: IETF Tools Team - email: tools-discuss@ietf.org - url: https://github.com/ietf-tools - -type: application - -# This is the chart version. This version number should be incremented each time you make changes -# to the chart and its templates, including the app version. -# Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 1.0.0 - -# This is the version number of the application being deployed. This version number should be -# incremented each time you make changes to the application. Versions are not expected to -# follow Semantic Versioning. They should reflect the version the application is using. -# It is recommended to use it with quotes. -appVersion: "1.0.0" \ No newline at end of file diff --git a/helm/settings_local.py b/helm/settings_local.py deleted file mode 100644 index 53609afa7..000000000 --- a/helm/settings_local.py +++ /dev/null @@ -1,259 +0,0 @@ -# Copyright The IETF Trust 2007-2024, All Rights Reserved -# -*- coding: utf-8 -*- - -from base64 import b64decode -from email.utils import parseaddr -import json - -from ietf import __release_hash__ -from ietf.settings import * # pyflakes:ignore - - -def _remove_whitespace_and_b64decode(s): - """Helper to strip out whitespace and base64 decode""" - return b64decode("".join(s.split())) - - -def _multiline_to_list(s): - """Helper to split at newlines and conver to list""" - return [item.strip() for item in s.split("\n")] - - -# Default to "development". Production _must_ set DATATRACKER_SERVER_MODE="production" in the env! -SERVER_MODE = os.environ.get("DATATRACKER_SERVER_MODE", "development") - -# Secrets -_SECRET_KEY = os.environ.get("DATATRACKER_DJANGO_SECRET_KEY", None) -if _SECRET_KEY is not None: - SECRET_KEY = _SECRET_KEY -else: - raise RuntimeError("DATATRACKER_DJANGO_SECRET_KEY must be set") - -_NOMCOM_APP_SECRET_B64 = os.environ.get("DATATRACKER_NOMCOM_APP_SECRET_B64", None) -if _NOMCOM_APP_SECRET_B64 is not None: - NOMCOM_APP_SECRET = _remove_whitespace_and_b64decode(_NOMCOM_APP_SECRET_B64) -else: - raise RuntimeError("DATATRACKER_NOMCOM_APP_SECRET_B64 must be set") - -_IANA_SYNC_PASSWORD = os.environ.get("DATATRACKER_IANA_SYNC_PASSWORD", None) -if _IANA_SYNC_PASSWORD is not None: - IANA_SYNC_PASSWORD = _IANA_SYNC_PASSWORD -else: - raise RuntimeError("DATATRACKER_IANA_SYNC_PASSWORD must be set") - -_RFC_EDITOR_SYNC_PASSWORD = os.environ.get("DATATRACKER_RFC_EDITOR_SYNC_PASSWORD", None) -if _RFC_EDITOR_SYNC_PASSWORD is not None: - RFC_EDITOR_SYNC_PASSWORD = os.environ.get("DATATRACKER_RFC_EDITOR_SYNC_PASSWORD") -else: - raise RuntimeError("DATATRACKER_RFC_EDITOR_SYNC_PASSWORD must be set") - -_YOUTUBE_API_KEY = os.environ.get("DATATRACKER_YOUTUBE_API_KEY", None) -if _YOUTUBE_API_KEY is not None: - YOUTUBE_API_KEY = _YOUTUBE_API_KEY -else: - raise RuntimeError("DATATRACKER_YOUTUBE_API_KEY must be set") - -_GITHUB_BACKUP_API_KEY = os.environ.get("DATATRACKER_GITHUB_BACKUP_API_KEY", None) -if _GITHUB_BACKUP_API_KEY is not None: - GITHUB_BACKUP_API_KEY = _GITHUB_BACKUP_API_KEY -else: - raise RuntimeError("DATATRACKER_GITHUB_BACKUP_API_KEY must be set") - -_API_KEY_TYPE = os.environ.get("DATATRACKER_API_KEY_TYPE", None) -if _API_KEY_TYPE is not None: - API_KEY_TYPE = _API_KEY_TYPE -else: - raise RuntimeError("DATATRACKER_API_KEY_TYPE must be set") - -_API_PUBLIC_KEY_PEM_B64 = os.environ.get("DATATRACKER_API_PUBLIC_KEY_PEM_B64", None) -if _API_PUBLIC_KEY_PEM_B64 is not None: - API_PUBLIC_KEY_PEM = _remove_whitespace_and_b64decode(_API_PUBLIC_KEY_PEM_B64) -else: - raise RuntimeError("DATATRACKER_API_PUBLIC_KEY_PEM_B64 must be set") - -_API_PRIVATE_KEY_PEM_B64 = os.environ.get("DATATRACKER_API_PRIVATE_KEY_PEM_B64", None) -if _API_PRIVATE_KEY_PEM_B64 is not None: - API_PRIVATE_KEY_PEM = _remove_whitespace_and_b64decode(_API_PRIVATE_KEY_PEM_B64) -else: - raise RuntimeError("DATATRACKER_API_PRIVATE_KEY_PEM_B64 must be set") - -# Set DEBUG if DATATRACKER_DEBUG env var is the word "true" -DEBUG = os.environ.get("DATATRACKER_DEBUG", "false").lower() == "true" - -# DATATRACKER_ALLOWED_HOSTS env var is a comma-separated list of allowed hosts -_allowed_hosts_str = os.environ.get("DATATRACKER_ALLOWED_HOSTS", None) -if _allowed_hosts_str is not None: - ALLOWED_HOSTS = _multiline_to_list(_allowed_hosts_str) - -DATABASES = { - "default": { - "HOST": os.environ.get("DATATRACKER_DBHOST", "db"), - "PORT": os.environ.get("DATATRACKER_DBPORT", "5432"), - "NAME": os.environ.get("DATATRACKER_DBNAME", "datatracker"), - "ENGINE": "django.db.backends.postgresql", - "USER": os.environ.get("DATATRACKER_DBUSER", "django"), - "PASSWORD": os.environ.get("DATATRACKER_DBPASS", ""), - }, -} - -# DATATRACKER_ADMINS is a newline-delimited list of addresses parseable by email.utils.parseaddr -_admins_str = os.environ.get("DATATRACKER_ADMINS", None) -if _admins_str is not None: - ADMINS = [parseaddr(admin) for admin in _multiline_to_list(_admins_str)] -else: - raise RuntimeError("DATATRACKER_ADMINS must be set") - -USING_DEBUG_EMAIL_SERVER = os.environ.get("DATATRACKER_EMAIL_DEBUG", "false").lower() == "true" -EMAIL_HOST = os.environ.get("DATATRACKER_EMAIL_HOST", "localhost") -EMAIL_PORT = int(os.environ.get("DATATRACKER_EMAIL_PORT", "2025")) - -_celery_password = os.environ.get("CELERY_PASSWORD", None) -if _celery_password is None: - raise RuntimeError("CELERY_PASSWORD must be set") -CELERY_BROKER_URL = "amqp://datatracker:{password}@{host}/{queue}".format( - host=os.environ.get("RABBITMQ_HOSTNAME", "rabbitmq"), - password=_celery_password, - queue=os.environ.get("RABBITMQ_QUEUE", "dt") -) - -IANA_SYNC_USERNAME = "ietfsync" -IANA_SYNC_CHANGES_URL = "https://datatracker.iana.org:4443/data-tracker/changes" -IANA_SYNC_PROTOCOLS_URL = "http://www.iana.org/protocols/" - -RFC_EDITOR_NOTIFICATION_URL = "http://www.rfc-editor.org/parser/parser.php" - -STATS_REGISTRATION_ATTENDEES_JSON_URL = 'https://registration.ietf.org/{number}/attendees/?apikey=redacted' - -#FIRST_CUTOFF_DAYS = 12 -#SECOND_CUTOFF_DAYS = 12 -#SUBMISSION_CUTOFF_DAYS = 26 -#SUBMISSION_CORRECTION_DAYS = 57 -MEETING_MATERIALS_SUBMISSION_CUTOFF_DAYS = 26 -MEETING_MATERIALS_SUBMISSION_CORRECTION_DAYS = 54 - -HTPASSWD_COMMAND = "/usr/bin/htpasswd2" - -_MEETECHO_CLIENT_ID = os.environ.get("DATATRACKER_MEETECHO_CLIENT_ID", None) -_MEETECHO_CLIENT_SECRET = os.environ.get("DATATRACKER_MEETECHO_CLIENT_SECRET", None) -if _MEETECHO_CLIENT_ID is not None and _MEETECHO_CLIENT_SECRET is not None: - MEETECHO_API_CONFIG = { - "api_base": os.environ.get( - "DATATRACKER_MEETECHO_API_BASE", - "https://meetings.conf.meetecho.com/api/v1/", - ), - "client_id": _MEETECHO_CLIENT_ID, - "client_secret": _MEETECHO_CLIENT_SECRET, - "request_timeout": 3.01, # python-requests doc recommend slightly > a multiple of 3 seconds - } -else: - raise RuntimeError( - "DATATRACKER_MEETECHO_CLIENT_ID and DATATRACKER_MEETECHO_CLIENT_SECRET must be set" - ) - -_APP_API_TOKENS_JSON = os.environ.get("DATATRACKER_APP_API_TOKENS_JSON", None) -if _APP_API_TOKENS_JSON is not None: - APP_API_TOKENS = json.loads(_APP_API_TOKENS_JSON) -else: - APP_API_TOKENS = {} - -EMAIL_COPY_TO = "" - -# Until we teach the datatracker to look beyond cloudflare for this check -IDSUBMIT_MAX_DAILY_SAME_SUBMITTER = 5000 - -# Leave DATATRACKER_MATOMO_SITE_ID unset to disable Matomo reporting -if "DATATRACKER_MATOMO_SITE_ID" in os.environ: - MATOMO_DOMAIN_PATH = os.environ.get("DATATRACKER_MATOMO_DOMAIN_PATH", "analytics.ietf.org") - MATOMO_SITE_ID = os.environ.get("DATATRACKER_MATOMO_SITE_ID") - MATOMO_DISABLE_COOKIES = True - -# Leave DATATRACKER_SCOUT_KEY unset to disable Scout APM agent -_SCOUT_KEY = os.environ.get("DATATRACKER_SCOUT_KEY", None) -if _SCOUT_KEY is not None: - if SERVER_MODE == "production": - PROD_PRE_APPS = ["scout_apm.django", ] - else: - DEV_PRE_APPS = ["scout_apm.django", ] - SCOUT_MONITOR = True - SCOUT_KEY = _SCOUT_KEY - SCOUT_NAME = os.environ.get("DATATRACKER_SCOUT_NAME", "Datatracker") - SCOUT_ERRORS_ENABLED = True - SCOUT_SHUTDOWN_MESSAGE_ENABLED = False - SCOUT_CORE_AGENT_SOCKET_PATH = "tcp://{host}:{port}".format( - host=os.environ.get("DATATRACKER_SCOUT_CORE_AGENT_HOST", "localhost"), - port=os.environ.get("DATATRACKER_SCOUT_CORE_AGENT_PORT", "6590"), - ) - SCOUT_CORE_AGENT_DOWNLOAD = False - SCOUT_CORE_AGENT_LAUNCH = False - SCOUT_REVISION_SHA = __release_hash__[:7] - -# Path to the email alias lists. Used by ietf.utils.aliases -DRAFT_ALIASES_PATH = "/a/postfix/draft-aliases" -DRAFT_VIRTUAL_PATH = "/a/postfix/draft-virtual" -GROUP_ALIASES_PATH = "/a/postfix/group-aliases" -GROUP_VIRTUAL_PATH = "/a/postfix/group-virtual" - -STATIC_URL = os.environ.get("DATATRACKER_STATIC_URL", None) -if STATIC_URL is None: - from ietf import __version__ - STATIC_URL = f"https://static.ietf.org/dt/{__version__}/" - -# Set these to the same as "production" in settings.py, whether production mode or not -MEDIA_ROOT = "/a/www/www6s/lib/dt/media/" -MEDIA_URL = "https://www.ietf.org/lib/dt/media/" -PHOTOS_DIRNAME = "photo" -PHOTOS_DIR = MEDIA_ROOT + PHOTOS_DIRNAME - -# Normally only set for debug, but needed until we have a real FS -DJANGO_VITE_MANIFEST_PATH = os.path.join(BASE_DIR, 'static/dist-neue/manifest.json') - -# Binaries that are different in the docker image -DE_GFM_BINARY = "/usr/local/bin/de-gfm" -IDSUBMIT_IDNITS_BINARY = "/usr/local/bin/idnits" - -# Duplicating production cache from settings.py and using it whether we're in production mode or not -MEMCACHED_HOST = os.environ.get("MEMCACHED_SERVICE_HOST", "127.0.0.1") -MEMCACHED_PORT = os.environ.get("MEMCACHED_SERVICE_PORT", "11211") -from ietf import __version__ -CACHES = { - "default": { - "BACKEND": "ietf.utils.cache.LenientMemcacheCache", - "LOCATION": f"{MEMCACHED_HOST}:{MEMCACHED_PORT}", - "VERSION": __version__, - "KEY_PREFIX": "ietf:dt", - "KEY_FUNCTION": lambda key, key_prefix, version: ( - f"{key_prefix}:{version}:{sha384(str(key).encode('utf8')).hexdigest()}" - ), - }, - "sessions": { - "BACKEND": "ietf.utils.cache.LenientMemcacheCache", - "LOCATION": f"{MEMCACHED_HOST}:{MEMCACHED_PORT}", - # No release-specific VERSION setting. - "KEY_PREFIX": "ietf:dt", - }, - "htmlized": { - "BACKEND": "django.core.cache.backends.filebased.FileBasedCache", - "LOCATION": "/a/cache/datatracker/htmlized", - "OPTIONS": { - "MAX_ENTRIES": 100000, # 100,000 - }, - }, - "pdfized": { - "BACKEND": "django.core.cache.backends.filebased.FileBasedCache", - "LOCATION": "/a/cache/datatracker/pdfized", - "OPTIONS": { - "MAX_ENTRIES": 100000, # 100,000 - }, - }, - "slowpages": { - "BACKEND": "django.core.cache.backends.filebased.FileBasedCache", - "LOCATION": "/a/cache/datatracker/slowpages", - "OPTIONS": { - "MAX_ENTRIES": 5000, - }, - }, -} - -_csrf_trusted_origins_str = os.environ.get("DATATRACKER_CSRF_TRUSTED_ORIGINS") -if _csrf_trusted_origins_str is not None: - CSRF_TRUSTED_ORIGINS = _multiline_to_list(_csrf_trusted_origins_str) diff --git a/helm/templates/_helpers.tpl b/helm/templates/_helpers.tpl deleted file mode 100644 index 503b3f1bb..000000000 --- a/helm/templates/_helpers.tpl +++ /dev/null @@ -1,179 +0,0 @@ -{{/* - Expand the name of the chart. - */}} -{{- define "datatracker.name" -}} -{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "datatracker.fullname" -}} -{{- if .Values.fullnameOverride }} -{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- $name := default .Chart.Name .Values.nameOverride }} -{{- if contains $name .Release.Name }} -{{- .Release.Name | trunc 63 | trimSuffix "-" }} -{{- else }} -{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} -{{- end }} -{{- end }} -{{- end }} - -{{/* -Create a fully qualified datatracker name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "datatracker.datatracker.fullname" -}} -{{- if .Values.datatracker.fullnameOverride -}} -{{- .Values.datatracker.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- printf "%s-%s" .Release.Name .Values.datatracker.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.datatracker.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a fully qualified celery name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "datatracker.celery.fullname" -}} -{{- if .Values.celery.fullnameOverride -}} -{{- .Values.celery.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- printf "%s-%s" .Release.Name .Values.celery.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.celery.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a fully qualified celery name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "datatracker.beat.fullname" -}} -{{- if .Values.beat.fullnameOverride -}} -{{- .Values.beat.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- printf "%s-%s" .Release.Name .Values.beat.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.beat.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a fully qualified rabbitmq name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "datatracker.rabbitmq.fullname" -}} -{{- if .Values.rabbitmq.fullnameOverride -}} -{{- .Values.rabbitmq.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- printf "%s-%s" .Release.Name .Values.rabbitmq.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.rabbitmq.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create a fully qualified memcached name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -*/}} -{{- define "datatracker.memcached.fullname" -}} -{{- if .Values.memcached.fullnameOverride -}} -{{- .Values.memcached.fullnameOverride | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- $name := default .Chart.Name .Values.nameOverride -}} -{{- if contains $name .Release.Name -}} -{{- printf "%s-%s" .Release.Name .Values.memcached.name | trunc 63 | trimSuffix "-" -}} -{{- else -}} -{{- printf "%s-%s-%s" .Release.Name $name .Values.memcached.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} -{{- end -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "datatracker.chart" -}} -{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} -{{- end }} - -{{/* -Common labels -*/}} -{{- define "datatracker.commonLabels" -}} -helm.sh/chart: {{ include "datatracker.chart" . }} -{{- if .Chart.AppVersion }} -app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} -{{- end }} -app.kubernetes.io/managed-by: {{ .Release.Service }} -app.kubernetes.io/instance: {{ .Release.Name }} -app.kubernetes.io/part-of: {{ include "datatracker.name" . | default "datatracker" }} -{{- end }} - -{{/* -Selector labels -*/}} -{{- define "datatracker.selectorLabels" -}} -app.kubernetes.io/instance: {{ .Release.Name }} -{{- end }} - -{{/* -Create the name of the service account to use -*/}} -{{- define "datatracker.serviceAccountName.datatracker" -}} -{{- if .Values.serviceAccounts.datatracker.create -}} - {{ default (include "datatracker.datatracker.fullname" .) .Values.serviceAccounts.datatracker.name }} -{{- else -}} - {{ default "default" .Values.serviceAccounts.datatracker.name }} -{{- end -}} -{{- end }} - -{{- define "datatracker.serviceAccountName.celery" -}} -{{- if .Values.serviceAccounts.celery.create -}} - {{ default (include "datatracker.celery.fullname" .) .Values.serviceAccounts.celery.name }} -{{- else -}} - {{ default "default" .Values.serviceAccounts.celery.name }} -{{- end -}} -{{- end }} - -{{- define "datatracker.serviceAccountName.beat" -}} -{{- if .Values.serviceAccounts.beat.create -}} - {{ default (include "datatracker.beat.fullname" .) .Values.serviceAccounts.beat.name }} -{{- else -}} - {{ default "default" .Values.serviceAccounts.beat.name }} -{{- end -}} -{{- end }} - -{{- define "datatracker.serviceAccountName.rabbitmq" -}} -{{- if .Values.serviceAccounts.rabbitmq.create -}} - {{ default (include "datatracker.rabbitmq.fullname" .) .Values.serviceAccounts.rabbitmq.name }} -{{- else -}} - {{ default "default" .Values.serviceAccounts.rabbitmq.name }} -{{- end -}} -{{- end }} - -{{- define "datatracker.serviceAccountName.memcached" -}} -{{- if .Values.serviceAccounts.memcached.create -}} - {{ default (include "datatracker.memcached.fullname" .) .Values.serviceAccounts.memcached.name }} -{{- else -}} - {{ default "default" .Values.serviceAccounts.memcached.name }} -{{- end -}} -{{- end }} diff --git a/helm/templates/configmap.yaml b/helm/templates/configmap.yaml deleted file mode 100644 index 06cda4a04..000000000 --- a/helm/templates/configmap.yaml +++ /dev/null @@ -1,69 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: django-configmap -data: - settings_local.py: |- - {{- .Files.Get "settings_local.py" | nindent 4 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: rabbitmq-configmap -data: - definitions.json: |- - { - "permissions": [ - { - "configure": ".*", - "read": ".*", - "user": "datatracker", - "vhost": "dt", - "write": ".*" - } - ], - "users": [ - { - "hashing_algorithm": "rabbit_password_hashing_sha256", - "limits": {}, - "name": "datatracker", - "password_hash": "HJxcItcpXtBN+R/CH7dUelfKBOvdUs3AWo82SBw2yLMSguzb", - "tags": [] - } - ], - "vhosts": [ - { - "limits": [], - "metadata": { - "description": "", - "tags": [] - }, - "name": "dt" - } - ] - } - rabbitmq.conf: |- - # prevent guest from logging in over tcp - loopback_users.guest = true - - # load saved definitions - load_definitions = /etc/rabbitmq/definitions.json - - # Ensure that enough disk is available to flush to disk. To do this, need to limit the - # memory available to the container to something reasonable. See - # https://www.rabbitmq.com/production-checklist.html#monitoring-and-resource-usage - # for recommendations. - - # 1-1.5 times the memory available to the container is adequate for disk limit - disk_free_limit.absolute = 6000MB - - # This should be ~40% of the memory available to the container. Use an - # absolute number because relative will be proprtional to the full machine - # memory. - vm_memory_high_watermark.absolute = 1600MB - - # Logging - log.file = false - log.console = true - log.console.level = info - log.console.formatter = json diff --git a/helm/templates/deployments/beat.yaml b/helm/templates/deployments/beat.yaml deleted file mode 100644 index 83347481c..000000000 --- a/helm/templates/deployments/beat.yaml +++ /dev/null @@ -1,75 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "datatracker.beat.fullname" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - app.kubernetes.io/name: {{ .Values.beat.name }} -spec: - {{- $podValues := .Values.beat }} - replicas: {{ $podValues.replicaCount }} - revisionHistoryLimit: {{ $podValues.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "datatracker.selectorLabels" . | nindent 6 }} - app.kubernetes.io/name: {{ $podValues.name }} - template: - metadata: - labels: - {{- include "datatracker.selectorLabels" . | nindent 8 }} - app.kubernetes.io/name: {{ $podValues.name }} - spec: - {{- with $podValues.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "datatracker.serviceAccountName.beat" . }} - securityContext: - {{- toYaml $podValues.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml $podValues.securityContext | nindent 12 }} - image: "{{ default $.Values.datatracker.image.repository $podValues.image.repository }}:{{ default .Chart.AppVersion (default $.Values.datatracker.image.tag $podValues.image.tag) }}" - imagePullPolicy: {{ default "IfNotPresent" (default $.Values.datatracker.image.imagePullPolicy $podValues.image.imagePullPolicy) }} - env: - - name: "CONTAINER_ROLE" - value: "beat" - {{- if .Values.env }} - {{- range $key, $val := .Values.env }} - - name: {{ $key | quote }} - value: {{ $val | quote }} - {{- end }} - {{- end }} - {{- with $podValues.volumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: 8000 - protocol: TCP - livenessProbe: - {{- toYaml $podValues.livenessProbe | nindent 12 }} - readinessProbe: - {{- toYaml $podValues.readinessProbe | nindent 12 }} - startupProbe: - {{- toYaml $podValues.startupProbe | nindent 12 }} - resources: - {{- toYaml $podValues.resources | nindent 12 }} - {{- with $podValues.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.volumes }} - volumes: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/helm/templates/deployments/celery.yaml b/helm/templates/deployments/celery.yaml deleted file mode 100644 index 5c824aa2d..000000000 --- a/helm/templates/deployments/celery.yaml +++ /dev/null @@ -1,90 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "datatracker.celery.fullname" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - app.kubernetes.io/name: {{ .Values.celery.name }} -spec: - {{- $podValues := .Values.celery }} - replicas: {{ $podValues.replicaCount }} - revisionHistoryLimit: {{ $podValues.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "datatracker.selectorLabels" . | nindent 6 }} - app.kubernetes.io/name: {{ $podValues.name }} - template: - metadata: - labels: - {{- include "datatracker.selectorLabels" . | nindent 8 }} - app.kubernetes.io/name: {{ $podValues.name }} - spec: - {{- with $podValues.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "datatracker.serviceAccountName.celery" . }} - securityContext: - {{- toYaml $podValues.podSecurityContext | nindent 8 }} - containers: - {{- if .Values.scoutapm }} - - name: "scoutapm" - image: "{{ .Values.scoutapm.image.repository }}:{{ default "latest" .Values.scoutapm.image.tag }}" - imagePullPolicy: {{ default "IfNotPresent" .Values.scoutapm.image.imagePullPolicy }} - livenessProbe: - exec: - command: - - "sh" - - "-c" - - "./core-agent probe --tcp 0.0.0.0:6590 | grep -q 'Agent found'" - securityContext: - readOnlyRootFilesystem: {{ default true .Values.scoutapm.readOnlyRootFilesystem }} - runAsUser: {{ default 65534 .Values.scoutapm.runAsUser }} # "nobody" user by default - runAsGroup: {{ default 65534 .Values.scoutapm.runAsGroup }} # "nogroup" group by default - {{- end }} - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml $podValues.securityContext | nindent 12 }} - image: "{{ default $.Values.datatracker.image.repository $podValues.image.repository }}:{{ default .Chart.AppVersion (default $.Values.datatracker.image.tag $podValues.image.tag) }}" - imagePullPolicy: {{ default "IfNotPresent" (default $.Values.datatracker.image.imagePullPolicy $podValues.image.imagePullPolicy) }} - env: - - name: "CONTAINER_ROLE" - value: "celery" - {{- if .Values.env }} - {{- range $key, $val := .Values.env }} - - name: {{ $key | quote }} - value: {{ $val | quote }} - {{- end }} - {{- end }} - {{- with $podValues.volumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: 8000 - protocol: TCP - livenessProbe: - {{- toYaml $podValues.livenessProbe | nindent 12 }} - readinessProbe: - {{- toYaml $podValues.readinessProbe | nindent 12 }} - startupProbe: - {{- toYaml $podValues.startupProbe | nindent 12 }} - resources: - {{- toYaml $podValues.resources | nindent 12 }} - {{- with $podValues.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.volumes }} - volumes: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/helm/templates/deployments/datatracker.yaml b/helm/templates/deployments/datatracker.yaml deleted file mode 100644 index acd54af97..000000000 --- a/helm/templates/deployments/datatracker.yaml +++ /dev/null @@ -1,90 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "datatracker.datatracker.fullname" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - app.kubernetes.io/name: {{ .Values.datatracker.name }} -spec: - {{- $podValues := .Values.datatracker }} - replicas: {{ $podValues.replicaCount }} - revisionHistoryLimit: {{ $podValues.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "datatracker.selectorLabels" . | nindent 6 }} - app.kubernetes.io/name: {{ $podValues.name }} - template: - metadata: - labels: - {{- include "datatracker.selectorLabels" . | nindent 8 }} - app.kubernetes.io/name: {{ $podValues.name }} - spec: - {{- with $podValues.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "datatracker.serviceAccountName.datatracker" . }} - securityContext: - {{- toYaml $podValues.podSecurityContext | nindent 8 }} - containers: - {{- if .Values.scoutapm }} - - name: "scoutapm" - image: "{{ .Values.scoutapm.image.repository }}:{{ default "latest" .Values.scoutapm.image.tag }}" - imagePullPolicy: {{ default "IfNotPresent" .Values.scoutapm.image.imagePullPolicy }} - livenessProbe: - exec: - command: - - "sh" - - "-c" - - "./core-agent probe --tcp 0.0.0.0:6590 | grep -q 'Agent found'" - securityContext: - readOnlyRootFilesystem: {{ default true .Values.scoutapm.readOnlyRootFilesystem }} - runAsUser: {{ default 65534 .Values.scoutapm.runAsUser }} # "nobody" user by default - runAsGroup: {{ default 65534 .Values.scoutapm.runAsGroup }} # "nogroup" group by default - {{- end }} - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml $podValues.securityContext | nindent 12 }} - image: "{{ $podValues.image.repository }}:{{ default .Chart.AppVersion $podValues.image.tag }}" - imagePullPolicy: {{ default "IfNotPresent" $podValues.image.imagePullPolicy }} - env: - - name: "CONTAINER_ROLE" - value: "datatracker" - {{- if $.Values.env }} - {{- range $key, $val := $.Values.env }} - - name: {{ $key | quote }} - value: {{ $val | quote }} - {{- end }} - {{- end }} - {{- with $podValues.volumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: http - containerPort: 8000 - protocol: TCP - livenessProbe: - {{- toYaml $podValues.livenessProbe | nindent 12 }} - readinessProbe: - {{- toYaml $podValues.readinessProbe | nindent 12 }} - startupProbe: - {{- toYaml $podValues.startupProbe | nindent 12 }} - resources: - {{- toYaml $podValues.resources | nindent 12 }} - {{- with $podValues.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.volumes }} - volumes: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/helm/templates/deployments/memcached.yaml b/helm/templates/deployments/memcached.yaml deleted file mode 100644 index 7bf21c1d7..000000000 --- a/helm/templates/deployments/memcached.yaml +++ /dev/null @@ -1,74 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "datatracker.memcached.fullname" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - app.kubernetes.io/name: {{ .Values.memcached.name }} -spec: - {{- $podValues := .Values.memcached }} - replicas: {{ $podValues.replicaCount }} - revisionHistoryLimit: {{ $podValues.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "datatracker.selectorLabels" . | nindent 6 }} - app.kubernetes.io/name: {{ $podValues.name }} - template: - metadata: - labels: - {{- include "datatracker.selectorLabels" . | nindent 8 }} - app.kubernetes.io/name: {{ $podValues.name }} - spec: - {{- with $podValues.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "datatracker.serviceAccountName.memcached" . }} - securityContext: - {{- toYaml $podValues.podSecurityContext | nindent 8 }} - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml $podValues.securityContext | nindent 12 }} - image: "{{ $podValues.image.repository }}:{{ default "latest" $podValues.image.tag }}" - args: ["-m", "$(MEMCACHED_MEM_LIMIT)"] - imagePullPolicy: {{ default "IfNotPresent" $podValues.image.imagePullPolicy }} - env: - {{- if .Values.env }} - {{- range $key, $val := .Values.env }} - - name: {{ $key | quote }} - value: {{ $val | quote }} - {{- end }} - {{- end }} - {{- with $podValues.volumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: memcached - containerPort: 11211 - protocol: TCP - livenessProbe: - {{- toYaml $podValues.livenessProbe | nindent 12 }} - readinessProbe: - {{- toYaml $podValues.readinessProbe | nindent 12 }} - startupProbe: - {{- toYaml $podValues.startupProbe | nindent 12 }} - resources: - {{- toYaml $podValues.resources | nindent 12 }} - {{- with $podValues.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.volumes }} - volumes: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/helm/templates/hpa.yaml b/helm/templates/hpa.yaml deleted file mode 100644 index 646000bdc..000000000 --- a/helm/templates/hpa.yaml +++ /dev/null @@ -1,32 +0,0 @@ -{{- if .Values.autoscaling.enabled }} -apiVersion: autoscaling/v2 -kind: HorizontalPodAutoscaler -metadata: - name: {{ include "datatracker.fullname" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} -spec: - scaleTargetRef: - apiVersion: apps/v1 - kind: Deployment - name: {{ include "datatracker.fullname" . }} - minReplicas: {{ .Values.autoscaling.minReplicas }} - maxReplicas: {{ .Values.autoscaling.maxReplicas }} - metrics: - {{- if .Values.autoscaling.targetCPUUtilizationPercentage }} - - type: Resource - resource: - name: cpu - target: - type: Utilization - averageUtilization: {{ .Values.autoscaling.targetCPUUtilizationPercentage }} - {{- end }} - {{- if .Values.autoscaling.targetMemoryUtilizationPercentage }} - - type: Resource - resource: - name: memory - target: - type: Utilization - averageUtilization: {{ .Values.autoscaling.targetMemoryUtilizationPercentage }} - {{- end }} -{{- end }} diff --git a/helm/templates/ingress.yaml b/helm/templates/ingress.yaml deleted file mode 100644 index 3b1a9febc..000000000 --- a/helm/templates/ingress.yaml +++ /dev/null @@ -1,61 +0,0 @@ -{{- if .Values.datatracker.ingress.enabled -}} -{{- $fullName := include "datatracker.fullname" . -}} -{{- $svcPort := .Values.datatracker.service.port -}} -{{- if and .Values.datatracker.ingress.className (not (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion)) }} - {{- if not (hasKey .Values.datatracker.ingress.annotations "kubernetes.io/ingress.class") }} - {{- $_ := set .Values.datatracker.ingress.annotations "kubernetes.io/ingress.class" .Values.datatracker.ingress.className}} - {{- end }} -{{- end }} -{{- if semverCompare ">=1.19-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1 -{{- else if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}} -apiVersion: networking.k8s.io/v1beta1 -{{- else -}} -apiVersion: extensions/v1beta1 -{{- end }} -kind: Ingress -metadata: - name: {{ $fullName }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - {{- with .Values.datatracker.ingress.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -spec: - {{- if and .Values.datatracker.ingress.className (semverCompare ">=1.18-0" .Capabilities.KubeVersion.GitVersion) }} - ingressClassName: {{ .Values.datatracker.ingress.className }} - {{- end }} - {{- if .Values.datatracker.ingress.tls }} - tls: - {{- range .Values.datatracker.ingress.tls }} - - hosts: - {{- range .hosts }} - - {{ . | quote }} - {{- end }} - secretName: {{ .secretName }} - {{- end }} - {{- end }} - rules: - {{- range .Values.datatracker.ingress.hosts }} - - host: {{ .host | quote }} - http: - paths: - {{- range .paths }} - - path: {{ .path }} - {{- if and .pathType (semverCompare ">=1.18-0" $.Capabilities.KubeVersion.GitVersion) }} - pathType: {{ .pathType }} - {{- end }} - backend: - {{- if semverCompare ">=1.19-0" $.Capabilities.KubeVersion.GitVersion }} - service: - name: {{ $fullName }} - port: - number: {{ $svcPort }} - {{- else }} - serviceName: {{ $fullName }} - servicePort: {{ $svcPort }} - {{- end }} - {{- end }} - {{- end }} -{{- end }} diff --git a/helm/templates/persistentvolumeclaims.yaml b/helm/templates/persistentvolumeclaims.yaml deleted file mode 100644 index 412de9d02..000000000 --- a/helm/templates/persistentvolumeclaims.yaml +++ /dev/null @@ -1,43 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: "datatracker-shared-volume-claim" - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - app.kubernetes.io/name: {{ .Values.datatracker.name }} -spec: - {{- with .Values.persistentVolumes.datatrackerSharedVolume }} - storageClassName: {{ .storageClassName | quote }} - {{- if .volumeName }} - volumeName: {{ .volumeName | quote }} - {{- end }} - accessModes: - {{- range .accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .storage | quote }} - {{- end }} ---- -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - name: "rabbitmq-data-claim" - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - app.kubernetes.io/name: {{ .Values.rabbitmq.name }} -spec: - {{- with .Values.persistentVolumes.rabbitmqDataVolume }} - storageClassName: {{ .storageClassName | quote }} - {{- if .volumeName }} - volumeName: {{ .volumeName | quote }} - {{- end }} - accessModes: - {{- range .accessModes }} - - {{ . | quote }} - {{- end }} - resources: - requests: - storage: {{ .storage | quote }} - {{- end }} diff --git a/helm/templates/rbac/beat-serviceaccount.yaml b/helm/templates/rbac/beat-serviceaccount.yaml deleted file mode 100644 index 983401375..000000000 --- a/helm/templates/rbac/beat-serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccounts.beat.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "datatracker.serviceAccountName.beat" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - {{- with .Values.serviceAccounts.beat.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/helm/templates/rbac/celery-serviceaccount.yaml b/helm/templates/rbac/celery-serviceaccount.yaml deleted file mode 100644 index e27673e38..000000000 --- a/helm/templates/rbac/celery-serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccounts.celery.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "datatracker.serviceAccountName.celery" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - {{- with .Values.serviceAccounts.celery.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/helm/templates/rbac/datatracker-serviceaccount.yaml b/helm/templates/rbac/datatracker-serviceaccount.yaml deleted file mode 100644 index d64f1523d..000000000 --- a/helm/templates/rbac/datatracker-serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccounts.datatracker.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "datatracker.serviceAccountName.datatracker" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - {{- with .Values.serviceAccounts.datatracker.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/helm/templates/rbac/memcached-serviceaccount.yaml b/helm/templates/rbac/memcached-serviceaccount.yaml deleted file mode 100644 index cc8d1a121..000000000 --- a/helm/templates/rbac/memcached-serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccounts.memcached.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "datatracker.serviceAccountName.memcached" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - {{- with .Values.serviceAccounts.memcached.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/helm/templates/rbac/rabbitmq-serviceaccount.yaml b/helm/templates/rbac/rabbitmq-serviceaccount.yaml deleted file mode 100644 index 58c89b2dc..000000000 --- a/helm/templates/rbac/rabbitmq-serviceaccount.yaml +++ /dev/null @@ -1,12 +0,0 @@ -{{- if .Values.serviceAccounts.rabbitmq.create -}} -apiVersion: v1 -kind: ServiceAccount -metadata: - name: {{ include "datatracker.serviceAccountName.rabbitmq" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - {{- with .Values.serviceAccounts.rabbitmq.annotations }} - annotations: - {{- toYaml . | nindent 4 }} - {{- end }} -{{- end -}} diff --git a/helm/templates/services/datatracker.yaml b/helm/templates/services/datatracker.yaml deleted file mode 100644 index 201f5a3b4..000000000 --- a/helm/templates/services/datatracker.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: {{include "datatracker.fullname" .}} - labels: {{- include "datatracker.commonLabels" . | nindent 4 }} - {{- with .Values.datatracker.service.annotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - type: {{.Values.datatracker.service.type}} - ports: - - port: {{ default "80" .Values.datatracker.service.port}} - targetPort: http - protocol: TCP - name: http - selector: - {{- include "datatracker.selectorLabels" . | nindent 4}} - app.kubernetes.io/name: {{ .Values.datatracker.name }} diff --git a/helm/templates/services/memcached.yaml b/helm/templates/services/memcached.yaml deleted file mode 100644 index 572c382b5..000000000 --- a/helm/templates/services/memcached.yaml +++ /dev/null @@ -1,21 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: memcached - labels: {{- include "datatracker.commonLabels" . | nindent 4 }} - {{- with .Values.memcached.service.annotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - type: {{.Values.memcached.service.type}} - ports: - - port: {{ default "11211" .Values.memcached.service.port}} - targetPort: memcached - protocol: TCP - name: memcached - selector: - {{- include "datatracker.selectorLabels" . | nindent 4}} - app.kubernetes.io/name: {{ .Values.memcached.name }} diff --git a/helm/templates/services/rabbitmq.yaml b/helm/templates/services/rabbitmq.yaml deleted file mode 100644 index e67cb3169..000000000 --- a/helm/templates/services/rabbitmq.yaml +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: - name: rabbitmq - labels: {{- include "datatracker.commonLabels" . | nindent 4 }} - {{- with .Values.rabbitmq.service.annotations }} - annotations: - {{- range $key, $value := . }} - {{ $key }}: {{ $value | quote }} - {{- end }} - {{- end }} -spec: - type: {{.Values.rabbitmq.service.type}} - clusterIP: None # headless service - ports: - - port: {{ default "5672" .Values.rabbitmq.service.port}} - targetPort: amqp - protocol: TCP - name: amqp - selector: - {{- include "datatracker.selectorLabels" . | nindent 4}} - app.kubernetes.io/name: {{ .Values.rabbitmq.name }} diff --git a/helm/templates/statefulsets/rabbitmq.yaml b/helm/templates/statefulsets/rabbitmq.yaml deleted file mode 100644 index 6cb2cc836..000000000 --- a/helm/templates/statefulsets/rabbitmq.yaml +++ /dev/null @@ -1,87 +0,0 @@ -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "datatracker.rabbitmq.fullname" . }} - labels: - {{- include "datatracker.commonLabels" . | nindent 4 }} - app.kubernetes.io/name: {{ .Values.rabbitmq.name }} -spec: - {{- $podValues := .Values.rabbitmq }} - replicas: {{ $podValues.replicaCount }} - revisionHistoryLimit: {{ $podValues.revisionHistoryLimit }} - selector: - matchLabels: - {{- include "datatracker.selectorLabels" . | nindent 6 }} - app.kubernetes.io/name: {{ $podValues.name }} - template: - metadata: - labels: - {{- include "datatracker.selectorLabels" . | nindent 8 }} - app.kubernetes.io/name: {{ $podValues.name }} - spec: - {{- with $podValues.imagePullSecrets }} - imagePullSecrets: - {{- toYaml . | nindent 8 }} - {{- end }} - serviceAccountName: {{ include "datatracker.serviceAccountName.rabbitmq" . }} - securityContext: - {{- toYaml $podValues.podSecurityContext | nindent 8 }} - initContainers: - - name: init-rabbitmq - image: busybox:stable - command: - - "sh" - - "-c" - - "mkdir -p -m700 /mnt/rabbitmq && chown 100:101 /mnt/rabbitmq" - securityContext: - runAsNonRoot: false - runAsUser: 0 - readOnlyRootFilesystem: true - volumeMounts: - - name: "rabbitmq-data" - mountPath: "/mnt" - containers: - - name: {{ .Chart.Name }} - securityContext: - {{- toYaml $podValues.securityContext | nindent 12 }} - image: "{{ $podValues.image.repository }}:{{ default "latest" $podValues.image.tag }}" - imagePullPolicy: {{ default "IfNotPresent" $podValues.image.pullPolicy }} - env: - {{- if .Values.env }} - {{- range $key, $val := .Values.env }} - - name: {{ $key | quote }} - value: {{ $val | quote }} - {{- end }} - {{- end }} - {{- with $podValues.volumeMounts }} - volumeMounts: - {{- toYaml . | nindent 12 }} - {{- end }} - ports: - - name: amqp - containerPort: 5672 - protocol: TCP - livenessProbe: - {{- toYaml $podValues.livenessProbe | nindent 12 }} - readinessProbe: - {{- toYaml $podValues.readinessProbe | nindent 12 }} - startupProbe: - {{- toYaml $podValues.startupProbe | nindent 12 }} - resources: - {{- toYaml $podValues.resources | nindent 12 }} - {{- with $podValues.nodeSelector }} - nodeSelector: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.tolerations }} - tolerations: - {{- toYaml . | nindent 8 }} - {{- end }} - {{- with $podValues.volumes }} - volumes: - {{- toYaml . | nindent 8 }} - {{- end }} diff --git a/helm/values.yaml b/helm/values.yaml deleted file mode 100644 index aa5bbaf30..000000000 --- a/helm/values.yaml +++ /dev/null @@ -1,645 +0,0 @@ -# Default values for datatracker. -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. - -## Define serviceAccount names for components. Defaults to component's fully qualified name. -## -serviceAccounts: - datatracker: - create: true - name: datatracker - annotations: {} - celery: - create: true - name: celery - annotations: {} - beat: - create: true - name: beat - annotations: {} - rabbitmq: - create: true - name: rabbitmq - annotations: {} - memcached: - create: true - name: memcached - annotations: {} - -# ------------------------------------------------------------- -# DATATRACKER -# ------------------------------------------------------------- - -datatracker: - name: datatracker - image: - repository: "ghcr.io/ietf-tools/datatracker" - pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - # tag: "v1.1.0" - - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - - ingress: - enabled: false - className: "" - annotations: {} - # kubernetes.io/ingress.class: nginx - # kubernetes.io/tls-acme: "true" - hosts: - - host: datatracker.local - paths: - - path: / - pathType: ImplementationSpecific - tls: [] - # - secretName: chart-example-tls - # hosts: - # - chart-example.local - -# livenessProbe: -# httpGet: -# # /submit/tool-instructions/ just happens to be cheap until we get a real health endpoint -# path: /submit/tool-instructions/ -# port: http - - podAnnotations: {} - podLabels: {} - -#readinessProbe: -# httpGet: -# # /submit/tool-instructions/ just happens to be cheap until we get a real health endpoint -# path: /submit/tool-instructions/ -# port: http - - replicaCount: 1 - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - podSecurityContext: - runAsNonRoot: true - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsUser: 1000 - runAsGroup: 1000 - - service: - type: ClusterIP - port: 80 - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Automatically mount a ServiceAccount's API credentials? - automount: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - -# startupProbe: -# initialDelaySeconds: 15 -# periodSeconds: 5 -# timeoutSeconds: 5 -# successThreshold: 1 -# failureThreshold: 60 -# httpGet: -# # /submit/tool-instructions/ just happens to be cheap until we get a real health endpoint -# path: /submit/tool-instructions/ -# port: http - - # Additional volumes on the output Deployment definition. - volumes: - - name: settings-local-volume - configMap: - name: django-configmap - - name: datatracker-shared-volume - persistentVolumeClaim: - claimName: "datatracker-shared-volume-claim" - - name: datatracker-tmp - emptyDir: - sizeLimit: "2Gi" - - # Additional volumeMounts on the output Deployment definition. - volumeMounts: - - name: settings-local-volume - mountPath: /workspace/ietf/settings_local.py - subPath: settings_local.py - readOnly: true - - name: datatracker-shared-volume - mountPath: /a - - name: datatracker-tmp - mountPath: /tmp - - tolerations: [] - - nodeSelector: {} - - affinity: {} - -# ------------------------------------------------------------- -# CELERY -# ------------------------------------------------------------- - -celery: - name: celery - image: {} - # defaults to datatracker settings if not specified separately - #repository: "ghcr.io/ietf-tools/datatracker" - #pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - # tag: "v1.1.0" - - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - - livenessProbe: - exec: - command: ["celery", "-A", "ietf", "inspect", "ping"] - periodSeconds: 30 - timeoutSeconds: 5 - - podAnnotations: {} - podLabels: {} - - replicaCount: 1 - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - podSecurityContext: - runAsNonRoot: true - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsUser: 1000 - runAsGroup: 1000 - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Automatically mount a ServiceAccount's API credentials? - automount: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - - startupProbe: - initialDelaySeconds: 15 - periodSeconds: 5 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 60 - exec: - command: ["celery", "-A", "ietf", "inspect", "ping"] - - # Additional volumes on the output Deployment definition. - volumes: - - name: settings-local-volume - configMap: - name: django-configmap - - name: datatracker-shared-volume - persistentVolumeClaim: - claimName: "datatracker-shared-volume-claim" - - name: celery-tmp - emptyDir: - sizeLimit: "2Gi" - - # Additional volumeMounts on the output Deployment definition. - volumeMounts: - - name: settings-local-volume - mountPath: /workspace/ietf/settings_local.py - subPath: settings_local.py - readOnly: true - - name: datatracker-shared-volume - mountPath: /a - - name: celery-tmp - mountPath: /tmp - - tolerations: [] - - nodeSelector: {} - - affinity: {} - -# ------------------------------------------------------------- -# BEAT -# ------------------------------------------------------------- - -beat: - name: beat - image: {} - # defaults to datatracker settings if not specified separately - # repository: "ghcr.io/ietf-tools/datatracker" - # pullPolicy: IfNotPresent - # Overrides the image tag whose default is the chart appVersion. - # tag: "v1.1.0" - - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - - livenessProbe: - exec: - command: ["celery", "-A", "ietf", "inspect", "ping"] - periodSeconds: 30 - timeoutSeconds: 5 - - podAnnotations: {} - podLabels: {} - - replicaCount: 1 - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - podSecurityContext: - runAsNonRoot: true - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsUser: 1000 - runAsGroup: 1000 - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Automatically mount a ServiceAccount's API credentials? - automount: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - - startupProbe: - initialDelaySeconds: 15 - periodSeconds: 5 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 60 - exec: - command: ["celery", "-A", "ietf", "inspect", "ping"] - - # Additional volumes on the output Deployment definition. - volumes: - - name: settings-local-volume - configMap: - name: django-configmap - - name: datatracker-shared-volume - persistentVolumeClaim: - claimName: "datatracker-shared-volume-claim" - - name: beat-tmp - emptyDir: - sizeLimit: "2Gi" - - # Additional volumeMounts on the output Deployment definition. - volumeMounts: - - name: settings-local-volume - mountPath: /workspace/ietf/settings_local.py - subPath: settings_local.py - readOnly: true - - name: datatracker-shared-volume - mountPath: /a - - name: beat-tmp - mountPath: /tmp - - tolerations: [] - - nodeSelector: {} - - affinity: {} - -# ------------------------------------------------------------- -# RABBITMQ -# ------------------------------------------------------------- - -rabbitmq: - name: "rabbitmq" - image: - repository: "ghcr.io/ietf-tools/datatracker-mq" - pullPolicy: IfNotPresent - tag: "3.12-alpine" - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - - livenessProbe: - exec: - command: ["rabbitmq-diagnostics", "-q", "ping"] - periodSeconds: 30 - timeoutSeconds: 5 - - podAnnotations: {} - podLabels: {} - - replicaCount: 1 - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - podSecurityContext: - runAsNonRoot: true - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - # rabbitmq image sets up uid/gid 100/101 - runAsUser: 100 - runAsGroup: 101 - - service: - type: ClusterIP - port: 5672 - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Automatically mount a ServiceAccount's API credentials? - automount: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - - startupProbe: - initialDelaySeconds: 15 - periodSeconds: 5 - timeoutSeconds: 5 - successThreshold: 1 - failureThreshold: 60 - exec: - command: ["rabbitmq-diagnostics", "-q", "ping"] - - # Additional volumes on the output Deployment definition. - volumes: - - name: "rabbitmq-data" - persistentVolumeClaim: - claimName: "rabbitmq-data-claim" - - name: "rabbitmq-config" - configMap: - name: "rabbitmq-configmap" - - name: "rabbitmq-tmp" - emptyDir: - sizeLimit: 50Mi - # - name: foo - # secret: - # secretName: mysecret - # optional: false - - # Additional volumeMounts on the output Deployment definition. - volumeMounts: - - name: "rabbitmq-data" - mountPath: "/var/lib/rabbitmq" - subPath: "rabbitmq" - - name: "rabbitmq-config" - mountPath: "/etc/rabbitmq" - - name: "rabbitmq-tmp" - mountPath: "/tmp" - - tolerations: [] - - nodeSelector: {} - - affinity: {} - -# ------------------------------------------------------------- -# MEMCACHED -# ------------------------------------------------------------- - -memcached: - name: memcached - image: - repository: "memcached" - pullPolicy: IfNotPresent - tag: "1.6-alpine" - - imagePullSecrets: [] - nameOverride: "" - fullnameOverride: "" - - podAnnotations: {} - podLabels: {} - - replicaCount: 1 - - resources: {} - # We usually recommend not to specify default resources and to leave this as a conscious - # choice for the user. This also increases chances charts run on environments with little - # resources, such as Minikube. If you do want to specify resources, uncomment the following - # lines, adjust them as necessary, and remove the curly braces after 'resources:'. - # limits: - # cpu: 100m - # memory: 128Mi - # requests: - # cpu: 100m - # memory: 128Mi - - podSecurityContext: - runAsNonRoot: true - - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - # memcached image sets up uid/gid 11211 - runAsUser: 11211 - runAsGroup: 11211 - - service: - type: ClusterIP - port: 11211 - - serviceAccount: - # Specifies whether a service account should be created - create: true - # Automatically mount a ServiceAccount's API credentials? - automount: true - # Annotations to add to the service account - annotations: {} - # The name of the service account to use. - # If not set and create is true, a name is generated using the fullname template - name: "" - - tolerations: [] - - nodeSelector: {} - - affinity: {} - -# ------------------------------------------------------------- -# SCOUT APM SETTINGS -# ------------------------------------------------------------- -# Set this to enable a Scout APM Core Agent sidecar -scoutapm: - image: - repository: "scoutapp/scoutapm" - tag: "version-1.4.0" - -# ------------------------------------------------------------- -# PERSISTENT VOLUMES -# ------------------------------------------------------------- - -persistentVolumes: - datatrackerSharedVolume: - # Note: This is the /a shared volume - volumeName: "datatracker-shared-volume" - accessModes: - - "ReadWriteMany" # or ReadWriteOnce and force datatracker/celery/beat to a single node - storageClassName: "" # Empty string means do not use default storage class - storage: "600Gi" # actual PersistentVolume must be at least this big or the PVC will not bind - - rabbitmqDataVolume: - volumeName: "rabbitmq-data-volume" - accessModes: - - "ReadWriteOnce" - storageClassName: "" # Empty string means do not use default storage class - storage: "8Gi" # actual PersistentVolume must be at least this big or the PVC will not bind - -# ------------------------------------------------------------- -# COMMON -# ------------------------------------------------------------- - -autoscaling: - enabled: false - minReplicas: 1 - maxReplicas: 100 - targetCPUUtilizationPercentage: 80 - # targetMemoryUtilizationPercentage: 80 - -env: - # n.b., these are debug values / non-secret secrets - DATATRACKER_SERVER_MODE: "development" # development for staging, production for production - DATATRACKER_ADMINS: |- - Robert Sparks - Ryan Cross - Kesara Rathnayake - Jennifer Richards - Nicolas Giard - DATATRACKER_ALLOWED_HOSTS: ".ietf.org" # newline-separated list also allowed - # DATATRACKER_DATATRACKER_DEBUG: "false" - - # DB access details - needs to be filled in - # DATATRACKER_DBHOST: "db" - # DATATRACKER_DBPORT: "5432" - # DATATRACKER_DBNAME: "datatracker" - # DATATRACKER_DBUSER: "django" # secret - # DATATRACKER_DBPASS: "RkTkDPFnKpko" # secret - - DATATRACKER_DJANGO_SECRET_KEY: "PDwXboUq!=hPjnrtG2=ge#N$Dwy+wn@uivrugwpic8mxyPfHk" # secret - - # Set this to point testing / staging at the production statics server until we - # sort that out - # DATATRACKER_STATIC_URL: "https://static.ietf.org/dt/12.10.0/" - - # DATATRACKER_EMAIL_DEBUG: "true" - - # Outgoing email details - # DATATRACKER_EMAIL_HOST: "localhost" # defaults to localhost - # DATATRACKER_EMAIL_PORT: "2025" # defaults to 2025 - - # The value here is the default from settings.py (i.e., not actually secret) - DATATRACKER_NOMCOM_APP_SECRET_B64: "m9pzMezVoFNJfsvU9XSZxGnXnwup6P5ZgCQeEnROOoQ=" # secret - - DATATRACKER_IANA_SYNC_PASSWORD: "this-is-the-iana-sync-password" # secret - DATATRACKER_RFC_EDITOR_SYNC_PASSWORD: "this-is-the-rfc-editor-sync-password" # secret - DATATRACKER_YOUTUBE_API_KEY: "this-is-the-youtube-api-key" # secret - DATATRACKER_GITHUB_BACKUP_API_KEY: "this-is-the-github-backup-api-key" # secret - - # API key configuration - DATATRACKER_API_KEY_TYPE: "ES265" - # secret - value here is the default from settings.py (i.e., not actually secret) - DATATRACKER_API_PUBLIC_KEY_PEM_B64: |- - Ci0tLS0tQkVHSU4gUFVCTElDIEtFWS0tLS0tCk1Ga3dFd1lIS29aSXpqMENBUVlJS - 29aSXpqMERBUWNEUWdBRXFWb2pzYW9mREpTY3VNSk4rdHNodW15Tk01TUUKZ2Fyel - ZQcWtWb3ZtRjZ5RTdJSi9kdjRGY1YrUUtDdEovck9TOGUzNlk4WkFFVll1dWtoZXM - weVoxdz09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= - # secret - value here is the default from settings.py (i.e., not actually secret) - DATATRACKER_API_PRIVATE_KEY_PEM_B64: |- - Ci0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLQpNSUdIQWdFQU1CTUdCeXFHU000O - UFnRUdDQ3FHU000OUF3RUhCRzB3YXdJQkFRUWdvSTZMSmtvcEtxOFhySGk5ClFxR1 - F2RTRBODNURllqcUx6KzhnVUxZZWNzcWhSQU5DQUFTcFdpT3hxaDhNbEp5NHdrMzY - yeUc2Ykkwemt3U0IKcXZOVStxUldpK1lYcklUc2duOTIvZ1Z4WDVBb0swbitzNUx4 - N2ZwanhrQVJWaTY2U0Y2elRKblgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= - - # DATATRACKER_MEETECHO_API_BASE: "https://meetings.conf.meetecho.com/api/v1/" - DATATRACKER_MEETECHO_CLIENT_ID: "this-is-the-meetecho-client-id" # secret - DATATRACKER_MEETECHO_CLIENT_SECRET: "this-is-the-meetecho-client-secret" # secret - - # DATATRACKER_MATOMO_SITE_ID: "7" # must be present to enable Matomo - # DATATRACKER_MATOMO_DOMAIN_PATH: "analytics.ietf.org" - - CELERY_PASSWORD: "this-is-a-secret" # secret - - DATATRACKER_APP_API_TOKENS_JSON: "{}" # secret - - # use this to override default - one entry per line - # DATATRACKER_CSRF_TRUSTED_ORIGINS: |- - # https://datatracker.staging.ietf.org - - # Scout configuration - DATATRACKER_SCOUT_KEY: "this-is-the-scout-key" - DATATRACKER_SCOUT_NAME: "StagingDatatracker" - - MEMCACHED_MEM_LIMIT: "1024"