diff --git a/.gitattributes b/.gitattributes index 937c0eb37..62f4aae43 100644 --- a/.gitattributes +++ b/.gitattributes @@ -1,2 +1,280 @@ -/.yarn/releases/** binary -/.yarn/plugins/** binary +# Auto detect text files and perform LF normalization +* text=auto + +# --------------------------------------------------- +# Python Projects +# --------------------------------------------------- + +# Source files +*.pxd text diff=python +*.py text diff=python +*.py3 text diff=python +*.pyw text diff=python +*.pyx text diff=python +*.pyz text diff=python +*.pyi text diff=python + +# Binary files +*.db binary +*.p binary +*.pkl binary +*.pickle binary +*.pyc binary export-ignore +*.pyo binary export-ignore +*.pyd binary + +# Jupyter notebook +*.ipynb text eol=lf + +# --------------------------------------------------- +# Web Projects +# --------------------------------------------------- + +# Source code +*.bash text eol=lf +*.bat text eol=crlf +*.cmd text eol=crlf +*.coffee text +*.css text diff=css +*.htm text diff=html +*.html text diff=html +*.inc text +*.ini text +*.js text +*.mjs text +*.cjs text +*.json text +*.jsx text +*.less text +*.ls text +*.map text -diff +*.od text +*.onlydata text +*.php text diff=php +*.pl text +*.ps1 text eol=crlf +*.py text diff=python +*.rb text diff=ruby +*.sass text +*.scm text +*.scss text diff=css +*.sh text eol=lf +.husky/* text eol=lf +*.sql text +*.styl text +*.tag text +*.ts text +*.tsx text +*.xml text +*.xhtml text diff=html + +# Docker +Dockerfile text + +# Documentation +*.ipynb text eol=lf +*.markdown text diff=markdown +*.md text diff=markdown +*.mdwn text diff=markdown +*.mdown text diff=markdown +*.mkd text diff=markdown +*.mkdn text diff=markdown +*.mdtxt text +*.mdtext text +*.txt text +AUTHORS text +CHANGELOG text +CHANGES text +CONTRIBUTING text +COPYING text +copyright text +*COPYRIGHT* text +INSTALL text +license text +LICENSE text +NEWS text +readme text +*README* text +TODO text + +# Templates +*.dot text +*.ejs text +*.erb text +*.haml text +*.handlebars text +*.hbs text +*.hbt text +*.jade text +*.latte text +*.mustache text +*.njk text +*.phtml text +*.pug text +*.svelte text +*.tmpl text +*.tpl text +*.twig text +*.vue text + +# Configs +*.cnf text +*.conf text +*.config text +.editorconfig text +.env text +.gitattributes text +.gitconfig text +.htaccess text +*.lock text -diff +package.json text eol=lf +package-lock.json text eol=lf -diff +pnpm-lock.yaml text eol=lf -diff +.prettierrc text +yarn.lock text -diff +*.toml text +*.yaml text +*.yml text +browserslist text +Makefile text +makefile text +# Fixes syntax highlighting on GitHub to allow comments +tsconfig.json linguist-language=JSON-with-Comments + +# Heroku +Procfile text + +# Graphics +*.ai binary +*.bmp binary +*.eps binary +*.gif binary +*.gifv binary +*.ico binary +*.jng binary +*.jp2 binary +*.jpg binary +*.jpeg binary +*.jpx binary +*.jxr binary +*.pdf binary +*.png binary +*.psb binary +*.psd binary +*.svg text +*.svgz binary +*.tif binary +*.tiff binary +*.wbmp binary +*.webp binary + +# Audio +*.kar binary +*.m4a binary +*.mid binary +*.midi binary +*.mp3 binary +*.ogg binary +*.ra binary + +# Video +*.3gpp binary +*.3gp binary +*.as binary +*.asf binary +*.asx binary +*.avi binary +*.fla binary +*.flv binary +*.m4v binary +*.mng binary +*.mov binary +*.mp4 binary +*.mpeg binary +*.mpg binary +*.ogv binary +*.swc binary +*.swf binary +*.webm binary + +# Archives +*.7z binary +*.gz binary +*.jar binary +*.rar binary +*.tar binary +*.zip binary + +# Fonts +*.ttf binary +*.eot binary +*.otf binary +*.woff binary +*.woff2 binary + +# Executables +*.exe binary +*.pyc binary +# Prevents massive diffs caused by vendored, minified files +**/.yarn/releases/** binary +**/.yarn/plugins/** binary + +# RC files (like .babelrc or .eslintrc) +*.*rc text + +# Ignore files (like .npmignore or .gitignore) +*.*ignore text + +# Prevents massive diffs from built files +dist/* binary + +# --------------------------------------------------- +# Common +# --------------------------------------------------- + +# Documents +*.bibtex text diff=bibtex +*.doc diff=astextplain +*.DOC diff=astextplain +*.docx diff=astextplain +*.DOCX diff=astextplain +*.dot diff=astextplain +*.DOT diff=astextplain +*.pdf diff=astextplain +*.PDF diff=astextplain +*.rtf diff=astextplain +*.RTF diff=astextplain +*.md text diff=markdown +*.mdx text diff=markdown +*.tex text diff=tex +*.adoc text +*.textile text +*.mustache text +*.csv text eol=crlf +*.tab text +*.tsv text +*.txt text +*.sql text +*.epub diff=astextplain + +# Text files where line endings should be preserved +*.patch -text + +# --------------------------------------------------- +# Vzic specific +# --------------------------------------------------- + +*.pl text diff=perl +*.pm text diff=perl + +# C/C++ +*.c text diff=cpp +*.cc text diff=cpp +*.cxx text diff=cpp +*.cpp text diff=cpp +*.cpi text diff=cpp +*.c++ text diff=cpp +*.hpp text diff=cpp +*.h text diff=cpp +*.h++ text diff=cpp +*.hh text diff=cpp \ No newline at end of file diff --git a/dev/build/settings_local_collectstatics.py b/dev/build/settings_local_collectstatics.py index 016b3f934..ccb4b3397 100644 --- a/dev/build/settings_local_collectstatics.py +++ b/dev/build/settings_local_collectstatics.py @@ -1,8 +1,8 @@ -# Copyright The IETF Trust 2007-2019, All Rights Reserved -# -*- coding: utf-8 -*- - -from ietf import __version__ -from ietf.settings import * # pyflakes:ignore - -STATIC_URL = "https://static.ietf.org/dt/%s/"%__version__ -STATIC_ROOT = os.path.abspath(BASE_DIR + "/../static/") +# Copyright The IETF Trust 2007-2019, All Rights Reserved +# -*- coding: utf-8 -*- + +from ietf import __version__ +from ietf.settings import * # pyflakes:ignore + +STATIC_URL = "https://static.ietf.org/dt/%s/"%__version__ +STATIC_ROOT = os.path.abspath(BASE_DIR + "/../static/") diff --git a/dev/tests/docker-compose.debug.yml b/dev/tests/docker-compose.debug.yml index 6362ef072..8d939e0ea 100644 --- a/dev/tests/docker-compose.debug.yml +++ b/dev/tests/docker-compose.debug.yml @@ -1,32 +1,32 @@ -# This docker-compose replicates the test workflow happening on GitHub during a PR / build check. -# To be used from the debug.sh script. - -version: '3.8' - -services: - app: - image: ghcr.io/ietf-tools/datatracker-app-base:latest - command: -f /dev/null - working_dir: /__w/datatracker/datatracker - entrypoint: tail - hostname: app - volumes: - - /var/run/docker.sock:/var/run/docker.sock - environment: - CI: 'true' - GITHUB_ACTIONS: 'true' - HOME: /github/home - deploy: - resources: - limits: - cpus: '2' - memory: '7GB' - - db: - image: ghcr.io/ietf-tools/datatracker-db:latest - restart: unless-stopped - volumes: - - postgresdb-data:/var/lib/postgresql/data - -volumes: - postgresdb-data: +# This docker-compose replicates the test workflow happening on GitHub during a PR / build check. +# To be used from the debug.sh script. + +version: '3.8' + +services: + app: + image: ghcr.io/ietf-tools/datatracker-app-base:latest + command: -f /dev/null + working_dir: /__w/datatracker/datatracker + entrypoint: tail + hostname: app + volumes: + - /var/run/docker.sock:/var/run/docker.sock + environment: + CI: 'true' + GITHUB_ACTIONS: 'true' + HOME: /github/home + deploy: + resources: + limits: + cpus: '2' + memory: '7GB' + + db: + image: ghcr.io/ietf-tools/datatracker-db:latest + restart: unless-stopped + volumes: + - postgresdb-data:/var/lib/postgresql/data + +volumes: + postgresdb-data: diff --git a/docker/configs/pgadmin-servers.json b/docker/configs/pgadmin-servers.json index 8b1c181d1..b4458af92 100644 --- a/docker/configs/pgadmin-servers.json +++ b/docker/configs/pgadmin-servers.json @@ -1,22 +1,22 @@ -{ - "Servers": { - "1": { - "Name": "Local Dev", - "Group": "Servers", - "Host": "db", - "Port": 5432, - "MaintenanceDB": "postgres", - "Username": "django", - "UseSSHTunnel": 0, - "TunnelPort": "22", - "TunnelAuthentication": 0, - "KerberosAuthentication": false, - "ConnectionParameters": { - "sslmode": "prefer", - "connect_timeout": 10, - "sslcert": "/.postgresql/postgresql.crt", - "sslkey": "/.postgresql/postgresql.key" - } - } - } -} +{ + "Servers": { + "1": { + "Name": "Local Dev", + "Group": "Servers", + "Host": "db", + "Port": 5432, + "MaintenanceDB": "postgres", + "Username": "django", + "UseSSHTunnel": 0, + "TunnelPort": "22", + "TunnelAuthentication": 0, + "KerberosAuthentication": false, + "ConnectionParameters": { + "sslmode": "prefer", + "connect_timeout": 10, + "sslcert": "/.postgresql/postgresql.crt", + "sslkey": "/.postgresql/postgresql.key" + } + } + } +} diff --git a/ietf/dbtemplate/fixtures/nomcom_templates.xml b/ietf/dbtemplate/fixtures/nomcom_templates.xml index abf0cb58f..e7065b84c 100644 --- a/ietf/dbtemplate/fixtures/nomcom_templates.xml +++ b/ietf/dbtemplate/fixtures/nomcom_templates.xml @@ -1,190 +1,190 @@ - - - - /nomcom/defaults/home.rst - Home page of group - - rst - Home page -========= - -This is the home page of the nomcom group. - - - - /nomcom/defaults/email/inexistent_person.txt - Email sent to chair of nomcom and secretariat when Email and Person are created if some of them don't exist - $email: Newly created email -$fullname: Fullname of the new person -$person_id: Id of the new Person object -$group: Name of the group - plain - Hello, - -A new person with name $fullname and email $email has been created. The new Person object has the following id: '$person_id'. - -Please, check if there is some more action nedeed. - - - - /nomcom/defaults/email/new_nominee.txt - Email sent to nominees when they are nominated - $nominee: Full name of the nominee -$position: Name of the position -$domain: Server domain -$accept_url: Url hash to accept nominations -$decline_url: Url hash to decline nominations - plain - Hi, - -You have been nominated for the position of $position. - -The NomCom would appreciate receiving an indication of whether or not you accept this nomination to stand for consideration as a candidate for this position. - -You can accept the nomination via web going to the following link https://$domain$accept_url or decline the nomination going the following link https://$domain$decline_url - -If you accept, you will need to fill out a questionnaire. You will receive the questionnaire by email. - -Best regards, - - - - - /nomcom/defaults/email/new_nomination.txt - Email sent to nominators and secretariat when the nominators make the nominations - $nominator: Full name of the nominator -$nominator_email: Email of the nominator -$nominee: Full name of the nominee -$nominee_email: Email of the nominee -$position: Nomination position - plain - A new nomination have been received. - -Nominator: $nominator ($nominator_email) -Nominee: $nominee ($nominee_email) -Position: $position - - - - /nomcom/defaults/position/questionnaire.txt - Questionnaire sent to the nomine - $position: Position - plain - Enter here the questionnaire for the position $position: - -Questionnaire - - - - /nomcom/defaults/position/requirements - Position requirements - $position: Position - rst - These are the requirements for the position $position: - -Requirements. - - - - /nomcom/defaults/position/header_questionnaire.txt - Header of the email that contains the questionnaire sent to the nomine - $nominee: Full name of the nomine -$position: Position - plain - Hi $nominee, this is the questionnaire for the position $position: - - - - - - /nomcom/defaults/email/nomination_accept_reminder.txt - Email sent to nominees asking them to accept (or decline) the nominations. - $positions: Nomination positions - plain - Hi, - -You have been nominated for the position of $position. - -The NomCom would appreciate receiving an indication of whether or not you accept this nomination to stand for consideration as a candidate for this position. - -You can accept the nomination via web going to the following link https://$domain$accept_url or decline the nomination going the following link https://$domain$decline_url - -If you accept, you will need to fill out a questionnaire. - -Best regards, - - - - /nomcom/defaults/email/nomination_receipt.txt - Email sent to nominator to get a confirmation mail containing feedback in cleartext - $nominee: Full name of the nominee -$position: Name of the position -$domain: Server domain -$accept_url: Url hash to accept nominations -$decline_url: Url hash to decline nominations - plain - Hi, - -Your nomination of $nominee for the position of -$position has been received and registered. - -The following comments have also been registered: - --------------------------------------------------------------------------- -$comments --------------------------------------------------------------------------- - -Thank you, - - - - /nomcom/defaults/email/feedback_receipt.txt - Email sent to feedback author to get a confirmation mail containing feedback in cleartext - $nominee: Full name of the nominee -$position: Nomination position -$comments: Comments on this candidate - plain - Hi, - -Your input regarding $about has been received and registered. - -The following comments have been registered: - --------------------------------------------------------------------------- -$comments --------------------------------------------------------------------------- - -Thank you, - - - - /nomcom/defaults/email/questionnaire_reminder.txt - Email sent to nominees reminding them to complete a questionnaire - $positions: Nomination positions - plain - -Thank you for accepting your nomination for the position of $position. - -Please remember to complete and return the questionnaire for this position at your earliest opportunity. -The questionnaire is repeated below for your convenience. - --------- - - - - /nomcom/defaults/topic/description - Description of Topic - $topic: Topic' - rst - This is a description of the topic "$topic" - -Describe the topic and add any information/instructions for the responder here. - - - - /nomcom/defaults/iesg_requirements - Generic IESG Requirements - rst - Generic IESG Requirements Yo! - - + + + + /nomcom/defaults/home.rst + Home page of group + + rst + Home page +========= + +This is the home page of the nomcom group. + + + + /nomcom/defaults/email/inexistent_person.txt + Email sent to chair of nomcom and secretariat when Email and Person are created if some of them don't exist + $email: Newly created email +$fullname: Fullname of the new person +$person_id: Id of the new Person object +$group: Name of the group + plain + Hello, + +A new person with name $fullname and email $email has been created. The new Person object has the following id: '$person_id'. + +Please, check if there is some more action nedeed. + + + + /nomcom/defaults/email/new_nominee.txt + Email sent to nominees when they are nominated + $nominee: Full name of the nominee +$position: Name of the position +$domain: Server domain +$accept_url: Url hash to accept nominations +$decline_url: Url hash to decline nominations + plain + Hi, + +You have been nominated for the position of $position. + +The NomCom would appreciate receiving an indication of whether or not you accept this nomination to stand for consideration as a candidate for this position. + +You can accept the nomination via web going to the following link https://$domain$accept_url or decline the nomination going the following link https://$domain$decline_url + +If you accept, you will need to fill out a questionnaire. You will receive the questionnaire by email. + +Best regards, + + + + + /nomcom/defaults/email/new_nomination.txt + Email sent to nominators and secretariat when the nominators make the nominations + $nominator: Full name of the nominator +$nominator_email: Email of the nominator +$nominee: Full name of the nominee +$nominee_email: Email of the nominee +$position: Nomination position + plain + A new nomination have been received. + +Nominator: $nominator ($nominator_email) +Nominee: $nominee ($nominee_email) +Position: $position + + + + /nomcom/defaults/position/questionnaire.txt + Questionnaire sent to the nomine + $position: Position + plain + Enter here the questionnaire for the position $position: + +Questionnaire + + + + /nomcom/defaults/position/requirements + Position requirements + $position: Position + rst + These are the requirements for the position $position: + +Requirements. + + + + /nomcom/defaults/position/header_questionnaire.txt + Header of the email that contains the questionnaire sent to the nomine + $nominee: Full name of the nomine +$position: Position + plain + Hi $nominee, this is the questionnaire for the position $position: + + + + + + /nomcom/defaults/email/nomination_accept_reminder.txt + Email sent to nominees asking them to accept (or decline) the nominations. + $positions: Nomination positions + plain + Hi, + +You have been nominated for the position of $position. + +The NomCom would appreciate receiving an indication of whether or not you accept this nomination to stand for consideration as a candidate for this position. + +You can accept the nomination via web going to the following link https://$domain$accept_url or decline the nomination going the following link https://$domain$decline_url + +If you accept, you will need to fill out a questionnaire. + +Best regards, + + + + /nomcom/defaults/email/nomination_receipt.txt + Email sent to nominator to get a confirmation mail containing feedback in cleartext + $nominee: Full name of the nominee +$position: Name of the position +$domain: Server domain +$accept_url: Url hash to accept nominations +$decline_url: Url hash to decline nominations + plain + Hi, + +Your nomination of $nominee for the position of +$position has been received and registered. + +The following comments have also been registered: + +-------------------------------------------------------------------------- +$comments +-------------------------------------------------------------------------- + +Thank you, + + + + /nomcom/defaults/email/feedback_receipt.txt + Email sent to feedback author to get a confirmation mail containing feedback in cleartext + $nominee: Full name of the nominee +$position: Nomination position +$comments: Comments on this candidate + plain + Hi, + +Your input regarding $about has been received and registered. + +The following comments have been registered: + +-------------------------------------------------------------------------- +$comments +-------------------------------------------------------------------------- + +Thank you, + + + + /nomcom/defaults/email/questionnaire_reminder.txt + Email sent to nominees reminding them to complete a questionnaire + $positions: Nomination positions + plain + +Thank you for accepting your nomination for the position of $position. + +Please remember to complete and return the questionnaire for this position at your earliest opportunity. +The questionnaire is repeated below for your convenience. + +-------- + + + + /nomcom/defaults/topic/description + Description of Topic + $topic: Topic' + rst + This is a description of the topic "$topic" + +Describe the topic and add any information/instructions for the responder here. + + + + /nomcom/defaults/iesg_requirements + Generic IESG Requirements + rst + Generic IESG Requirements Yo! + + diff --git a/ietf/secr/static/js/dynamic_inlines.js b/ietf/secr/static/js/dynamic_inlines.js index a1abc2d0e..d0753a3a6 100644 --- a/ietf/secr/static/js/dynamic_inlines.js +++ b/ietf/secr/static/js/dynamic_inlines.js @@ -1,71 +1,71 @@ -/* Following functions based off code written by Arne Brodowski -http://www.arnebrodowski.de/blog/507-Add-and-remove-Django-Admin-Inlines-with-JavaScript.html - -2012-02-01 customized for new Rolodex. Email formset doesn't have an id field, rather a "address" -field as primary key. Also for some reason the "active" boolean field doesn't get saved properly -if the checkbox input has an empty "value" argument. -*/ -import $ from 'jquery'; - -function increment_form_ids(el, to, name) { - var from = to-1 - $(':input', $(el)).each(function(i,e){ - var old_name = $(e).attr('name') - var old_id = $(e).attr('id') - $(e).attr('name', old_name.replace(from, to)) - $(e).attr('id', old_id.replace(from, to)) - if ($(e).attr('type') != 'checkbox') { - $(e).val('') - } - }) -} - -function add_inline_form(name) { - if (name=="email") { - var first = $('#id_'+name+'-0-address').parents('.inline-related') - } - else { - var first = $('#id_'+name+'-0-id').parents('.inline-related') - } - // check to see if this is a stacked or tabular inline - if (first.hasClass("tabular")) { - var field_table = first.parent().find('table > tbody') - const children = field_table.children('tr.dynamic-inline') - var count = children.length - const last = $(children[count-1]) - var copy = last.clone(true) - copy.removeClass("row1 row2") - copy.find("input[name$='address']").attr("readonly", false) - copy.addClass("row"+((count % 2) ? 2 : 1)) - copy.insertAfter(last) - increment_form_ids($(copy), count, name) - } - else { - var last = $(first).parent().children('.last-related') - var copy = $(last).clone(true) - var count = $(first).parent().children('.inline-related').length - $(last).removeClass('last-related') - var header = $('h3', copy) - header.html(header.html().replace("#"+count, "#"+(count+1))) - $(last).after(copy) - increment_form_ids($(first).parents('.inline-group').children('.last-related'), count, name) - } - $('input#id_'+name+'-TOTAL_FORMS').val(count+1) - return false; -} - -// Add all the "Add Another" links to the bottom of each inline group -$(function() { - var html_template = '' - $('.inline-group').each(function(i) { - //prefix is in the name of the input fields before the "-" - var prefix = $("input[type='hidden'][name!='csrfmiddlewaretoken']", this).attr("name").split("-")[0]; - $(this).append(html_template.replace("{{prefix}}", prefix)); - $('#addlink-' + prefix).on('click', () => add_inline_form(prefix)); - }) -}) +/* Following functions based off code written by Arne Brodowski +http://www.arnebrodowski.de/blog/507-Add-and-remove-Django-Admin-Inlines-with-JavaScript.html + +2012-02-01 customized for new Rolodex. Email formset doesn't have an id field, rather a "address" +field as primary key. Also for some reason the "active" boolean field doesn't get saved properly +if the checkbox input has an empty "value" argument. +*/ +import $ from 'jquery'; + +function increment_form_ids(el, to, name) { + var from = to-1 + $(':input', $(el)).each(function(i,e){ + var old_name = $(e).attr('name') + var old_id = $(e).attr('id') + $(e).attr('name', old_name.replace(from, to)) + $(e).attr('id', old_id.replace(from, to)) + if ($(e).attr('type') != 'checkbox') { + $(e).val('') + } + }) +} + +function add_inline_form(name) { + if (name=="email") { + var first = $('#id_'+name+'-0-address').parents('.inline-related') + } + else { + var first = $('#id_'+name+'-0-id').parents('.inline-related') + } + // check to see if this is a stacked or tabular inline + if (first.hasClass("tabular")) { + var field_table = first.parent().find('table > tbody') + const children = field_table.children('tr.dynamic-inline') + var count = children.length + const last = $(children[count-1]) + var copy = last.clone(true) + copy.removeClass("row1 row2") + copy.find("input[name$='address']").attr("readonly", false) + copy.addClass("row"+((count % 2) ? 2 : 1)) + copy.insertAfter(last) + increment_form_ids($(copy), count, name) + } + else { + var last = $(first).parent().children('.last-related') + var copy = $(last).clone(true) + var count = $(first).parent().children('.inline-related').length + $(last).removeClass('last-related') + var header = $('h3', copy) + header.html(header.html().replace("#"+count, "#"+(count+1))) + $(last).after(copy) + increment_form_ids($(first).parents('.inline-group').children('.last-related'), count, name) + } + $('input#id_'+name+'-TOTAL_FORMS').val(count+1) + return false; +} + +// Add all the "Add Another" links to the bottom of each inline group +$(function() { + var html_template = '' + $('.inline-group').each(function(i) { + //prefix is in the name of the input fields before the "-" + var prefix = $("input[type='hidden'][name!='csrfmiddlewaretoken']", this).attr("name").split("-")[0]; + $(this).append(html_template.replace("{{prefix}}", prefix)); + $('#addlink-' + prefix).on('click', () => add_inline_form(prefix)); + }) +}) diff --git a/k8s/README.md b/k8s/README.md index 73b597867..3966101ab 100644 --- a/k8s/README.md +++ b/k8s/README.md @@ -1,5 +1,5 @@ -# Kustomize deployment - -## Run locally - +# Kustomize deployment + +## Run locally + The `secrets.yaml` file is provided as a reference only and must be referenced manually in the `kustomization.yaml` file. \ No newline at end of file diff --git a/k8s/kustomization.yaml b/k8s/kustomization.yaml index 4b79f0075..2b623da2b 100644 --- a/k8s/kustomization.yaml +++ b/k8s/kustomization.yaml @@ -1,16 +1,16 @@ -namespace: datatracker -namePrefix: dt- -configMapGenerator: - - name: files-cfgmap - files: - - nginx-logging.conf - - nginx-auth.conf - - nginx-datatracker.conf - - settings_local.py -resources: - - auth.yaml - - beat.yaml - - celery.yaml - - datatracker.yaml - - memcached.yaml - - rabbitmq.yaml +namespace: datatracker +namePrefix: dt- +configMapGenerator: + - name: files-cfgmap + files: + - nginx-logging.conf + - nginx-auth.conf + - nginx-datatracker.conf + - settings_local.py +resources: + - auth.yaml + - beat.yaml + - celery.yaml + - datatracker.yaml + - memcached.yaml + - rabbitmq.yaml diff --git a/k8s/memcached.yaml b/k8s/memcached.yaml index 4b362c88c..5a4c9f0ae 100644 --- a/k8s/memcached.yaml +++ b/k8s/memcached.yaml @@ -1,80 +1,80 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: - name: memcached -spec: - replicas: 1 - revisionHistoryLimit: 2 - selector: - matchLabels: - app: memcached - template: - metadata: - labels: - app: memcached - spec: - securityContext: - runAsNonRoot: true - containers: - # ----------------------------------------------------- - # Memcached - # ----------------------------------------------------- - - image: "memcached:1.6-alpine" - imagePullPolicy: IfNotPresent - args: ["-m", "1024"] - name: memcached - ports: - - name: memcached - containerPort: 11211 - protocol: TCP - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - # memcached image sets up uid/gid 11211 - runAsUser: 11211 - runAsGroup: 11211 - # ----------------------------------------------------- - # Memcached Exporter for Prometheus - # ----------------------------------------------------- - - image: "quay.io/prometheus/memcached-exporter:v0.14.3" - imagePullPolicy: IfNotPresent - name: memcached-exporter - ports: - - name: metrics - containerPort: 9150 - protocol: TCP - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - ALL - readOnlyRootFilesystem: true - runAsUser: 65534 # nobody - runAsGroup: 65534 # nobody - dnsPolicy: ClusterFirst - restartPolicy: Always - terminationGracePeriodSeconds: 30 ---- -apiVersion: v1 -kind: Service -metadata: - name: memcached - annotations: - k8s.grafana.com/scrape: "true" # this is not a bool - k8s.grafana.com/metrics.portName: "metrics" -spec: - type: ClusterIP - ports: - - port: 11211 - targetPort: memcached - protocol: TCP - name: memcached - - port: 9150 - targetPort: metrics - protocol: TCP - name: metrics - selector: - app: memcached +apiVersion: apps/v1 +kind: Deployment +metadata: + name: memcached +spec: + replicas: 1 + revisionHistoryLimit: 2 + selector: + matchLabels: + app: memcached + template: + metadata: + labels: + app: memcached + spec: + securityContext: + runAsNonRoot: true + containers: + # ----------------------------------------------------- + # Memcached + # ----------------------------------------------------- + - image: "memcached:1.6-alpine" + imagePullPolicy: IfNotPresent + args: ["-m", "1024"] + name: memcached + ports: + - name: memcached + containerPort: 11211 + protocol: TCP + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + # memcached image sets up uid/gid 11211 + runAsUser: 11211 + runAsGroup: 11211 + # ----------------------------------------------------- + # Memcached Exporter for Prometheus + # ----------------------------------------------------- + - image: "quay.io/prometheus/memcached-exporter:v0.14.3" + imagePullPolicy: IfNotPresent + name: memcached-exporter + ports: + - name: metrics + containerPort: 9150 + protocol: TCP + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + readOnlyRootFilesystem: true + runAsUser: 65534 # nobody + runAsGroup: 65534 # nobody + dnsPolicy: ClusterFirst + restartPolicy: Always + terminationGracePeriodSeconds: 30 +--- +apiVersion: v1 +kind: Service +metadata: + name: memcached + annotations: + k8s.grafana.com/scrape: "true" # this is not a bool + k8s.grafana.com/metrics.portName: "metrics" +spec: + type: ClusterIP + ports: + - port: 11211 + targetPort: memcached + protocol: TCP + name: memcached + - port: 9150 + targetPort: metrics + protocol: TCP + name: metrics + selector: + app: memcached diff --git a/k8s/secrets.yaml b/k8s/secrets.yaml index 4e76a86a5..ba90af9c2 100644 --- a/k8s/secrets.yaml +++ b/k8s/secrets.yaml @@ -1,83 +1,83 @@ -apiVersion: v1 -kind: Secret -metadata: - name: secrets-env -type: Opaque -stringData: - DATATRACKER_SERVER_MODE: "development" # development for staging, production for production - DATATRACKER_ADMINS: |- - Robert Sparks - Ryan Cross - Kesara Rathnayake - Jennifer Richards - Nicolas Giard - DATATRACKER_ALLOWED_HOSTS: ".ietf.org" # newline-separated list also allowed - # DATATRACKER_DATATRACKER_DEBUG: "false" - - # DB access details - needs to be filled in - # DATATRACKER_DB_HOST: "db" - # DATATRACKER_DB_PORT: "5432" - # DATATRACKER_DB_NAME: "datatracker" - # DATATRACKER_DB_USER: "django" # secret - # DATATRACKER_DB_PASS: "RkTkDPFnKpko" # secret - # DATATRACKER_DB_CONN_MAX_AGE: "0" # connection per request if not set, no limit if set to "None" - # DATATRACKER_DB_CONN_HEALTH_CHECKS: "false" - - DATATRACKER_DJANGO_SECRET_KEY: "PDwXboUq!=hPjnrtG2=ge#N$Dwy+wn@uivrugwpic8mxyPfHk" # secret - - # Set this to point testing / staging at the production statics server until we - # sort that out - # DATATRACKER_STATIC_URL: "https://static.ietf.org/dt/12.10.0/" - - # DATATRACKER_EMAIL_DEBUG: "true" - - # Outgoing email details - # DATATRACKER_EMAIL_HOST: "localhost" # defaults to localhost - # DATATRACKER_EMAIL_PORT: "2025" # defaults to 2025 - - # The value here is the default from settings.py (i.e., not actually secret) - DATATRACKER_NOMCOM_APP_SECRET_B64: "m9pzMezVoFNJfsvU9XSZxGnXnwup6P5ZgCQeEnROOoQ=" # secret - - DATATRACKER_IANA_SYNC_PASSWORD: "this-is-the-iana-sync-password" # secret - DATATRACKER_RFC_EDITOR_SYNC_PASSWORD: "this-is-the-rfc-editor-sync-password" # secret - DATATRACKER_YOUTUBE_API_KEY: "this-is-the-youtube-api-key" # secret - DATATRACKER_GITHUB_BACKUP_API_KEY: "this-is-the-github-backup-api-key" # secret - - # API key configuration - DATATRACKER_API_KEY_TYPE: "ES265" - # secret - value here is the default from settings.py (i.e., not actually secret) - DATATRACKER_API_PUBLIC_KEY_PEM_B64: |- - Ci0tLS0tQkVHSU4gUFVCTElDIEtFWS0tLS0tCk1Ga3dFd1lIS29aSXpqMENBUVlJS - 29aSXpqMERBUWNEUWdBRXFWb2pzYW9mREpTY3VNSk4rdHNodW15Tk01TUUKZ2Fyel - ZQcWtWb3ZtRjZ5RTdJSi9kdjRGY1YrUUtDdEovck9TOGUzNlk4WkFFVll1dWtoZXM - weVoxdz09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= - # secret - value here is the default from settings.py (i.e., not actually secret) - DATATRACKER_API_PRIVATE_KEY_PEM_B64: |- - Ci0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLQpNSUdIQWdFQU1CTUdCeXFHU000O - UFnRUdDQ3FHU000OUF3RUhCRzB3YXdJQkFRUWdvSTZMSmtvcEtxOFhySGk5ClFxR1 - F2RTRBODNURllqcUx6KzhnVUxZZWNzcWhSQU5DQUFTcFdpT3hxaDhNbEp5NHdrMzY - yeUc2Ykkwemt3U0IKcXZOVStxUldpK1lYcklUc2duOTIvZ1Z4WDVBb0swbitzNUx4 - N2ZwanhrQVJWaTY2U0Y2elRKblgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= - - #DATATRACKER_REGISTRATION_API_KEY: "some-key" # secret" - - # DATATRACKER_MEETECHO_API_BASE: "https://meetings.conf.meetecho.com/api/v1/" - DATATRACKER_MEETECHO_CLIENT_ID: "this-is-the-meetecho-client-id" # secret - DATATRACKER_MEETECHO_CLIENT_SECRET: "this-is-the-meetecho-client-secret" # secret - - # DATATRACKER_MATOMO_SITE_ID: "7" # must be present to enable Matomo - # DATATRACKER_MATOMO_DOMAIN_PATH: "analytics.ietf.org" - - CELERY_PASSWORD: "this-is-a-secret" # secret - - # Only one of these may be set - # DATATRACKER_APP_API_TOKENS_JSON_B64: "e30K" # secret - # DATATRACKER_APP_API_TOKENS_JSON: "{}" # secret - - # use this to override default - one entry per line - # DATATRACKER_CSRF_TRUSTED_ORIGINS: |- - # https://datatracker.staging.ietf.org - - # Scout configuration - DATATRACKER_SCOUT_KEY: "this-is-the-scout-key" +apiVersion: v1 +kind: Secret +metadata: + name: secrets-env +type: Opaque +stringData: + DATATRACKER_SERVER_MODE: "development" # development for staging, production for production + DATATRACKER_ADMINS: |- + Robert Sparks + Ryan Cross + Kesara Rathnayake + Jennifer Richards + Nicolas Giard + DATATRACKER_ALLOWED_HOSTS: ".ietf.org" # newline-separated list also allowed + # DATATRACKER_DATATRACKER_DEBUG: "false" + + # DB access details - needs to be filled in + # DATATRACKER_DB_HOST: "db" + # DATATRACKER_DB_PORT: "5432" + # DATATRACKER_DB_NAME: "datatracker" + # DATATRACKER_DB_USER: "django" # secret + # DATATRACKER_DB_PASS: "RkTkDPFnKpko" # secret + # DATATRACKER_DB_CONN_MAX_AGE: "0" # connection per request if not set, no limit if set to "None" + # DATATRACKER_DB_CONN_HEALTH_CHECKS: "false" + + DATATRACKER_DJANGO_SECRET_KEY: "PDwXboUq!=hPjnrtG2=ge#N$Dwy+wn@uivrugwpic8mxyPfHk" # secret + + # Set this to point testing / staging at the production statics server until we + # sort that out + # DATATRACKER_STATIC_URL: "https://static.ietf.org/dt/12.10.0/" + + # DATATRACKER_EMAIL_DEBUG: "true" + + # Outgoing email details + # DATATRACKER_EMAIL_HOST: "localhost" # defaults to localhost + # DATATRACKER_EMAIL_PORT: "2025" # defaults to 2025 + + # The value here is the default from settings.py (i.e., not actually secret) + DATATRACKER_NOMCOM_APP_SECRET_B64: "m9pzMezVoFNJfsvU9XSZxGnXnwup6P5ZgCQeEnROOoQ=" # secret + + DATATRACKER_IANA_SYNC_PASSWORD: "this-is-the-iana-sync-password" # secret + DATATRACKER_RFC_EDITOR_SYNC_PASSWORD: "this-is-the-rfc-editor-sync-password" # secret + DATATRACKER_YOUTUBE_API_KEY: "this-is-the-youtube-api-key" # secret + DATATRACKER_GITHUB_BACKUP_API_KEY: "this-is-the-github-backup-api-key" # secret + + # API key configuration + DATATRACKER_API_KEY_TYPE: "ES265" + # secret - value here is the default from settings.py (i.e., not actually secret) + DATATRACKER_API_PUBLIC_KEY_PEM_B64: |- + Ci0tLS0tQkVHSU4gUFVCTElDIEtFWS0tLS0tCk1Ga3dFd1lIS29aSXpqMENBUVlJS + 29aSXpqMERBUWNEUWdBRXFWb2pzYW9mREpTY3VNSk4rdHNodW15Tk01TUUKZ2Fyel + ZQcWtWb3ZtRjZ5RTdJSi9kdjRGY1YrUUtDdEovck9TOGUzNlk4WkFFVll1dWtoZXM + weVoxdz09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= + # secret - value here is the default from settings.py (i.e., not actually secret) + DATATRACKER_API_PRIVATE_KEY_PEM_B64: |- + Ci0tLS0tQkVHSU4gUFJJVkFURSBLRVktLS0tLQpNSUdIQWdFQU1CTUdCeXFHU000O + UFnRUdDQ3FHU000OUF3RUhCRzB3YXdJQkFRUWdvSTZMSmtvcEtxOFhySGk5ClFxR1 + F2RTRBODNURllqcUx6KzhnVUxZZWNzcWhSQU5DQUFTcFdpT3hxaDhNbEp5NHdrMzY + yeUc2Ykkwemt3U0IKcXZOVStxUldpK1lYcklUc2duOTIvZ1Z4WDVBb0swbitzNUx4 + N2ZwanhrQVJWaTY2U0Y2elRKblgKLS0tLS1FTkQgUFJJVkFURSBLRVktLS0tLQo= + + #DATATRACKER_REGISTRATION_API_KEY: "some-key" # secret" + + # DATATRACKER_MEETECHO_API_BASE: "https://meetings.conf.meetecho.com/api/v1/" + DATATRACKER_MEETECHO_CLIENT_ID: "this-is-the-meetecho-client-id" # secret + DATATRACKER_MEETECHO_CLIENT_SECRET: "this-is-the-meetecho-client-secret" # secret + + # DATATRACKER_MATOMO_SITE_ID: "7" # must be present to enable Matomo + # DATATRACKER_MATOMO_DOMAIN_PATH: "analytics.ietf.org" + + CELERY_PASSWORD: "this-is-a-secret" # secret + + # Only one of these may be set + # DATATRACKER_APP_API_TOKENS_JSON_B64: "e30K" # secret + # DATATRACKER_APP_API_TOKENS_JSON: "{}" # secret + + # use this to override default - one entry per line + # DATATRACKER_CSRF_TRUSTED_ORIGINS: |- + # https://datatracker.staging.ietf.org + + # Scout configuration + DATATRACKER_SCOUT_KEY: "this-is-the-scout-key" DATATRACKER_SCOUT_NAME: "StagingDatatracker" \ No newline at end of file