* chore: increase nginx proxy_read_timeout
* refactor: speed up bluesheet_data
The affiliation helper was extremely slow. Using
queryset annotation speeds it up by almost an order
of magnitude.
* chore: delint
* feat: nginx + robots.txt
* feat: minimal /health/ endpoint
* ci: startupProbe for datatracker pod
* ci: probe auth pod; set timeoutSeconds
* feat: add CSP and other headers to nginx
* fix: typo in nginx.conf
* feat: split auth/dt nginx confs
* test: test health endpoint
* ci: auth service on port 80
We'll remove http-old (8080) in the future.
* ci: rename auth container/nginx cfg
* refactor: always use console log handler
* refactor: json for k8s, plain otherwise
* chore: remove syslog from wsgi.py
* chore: remove debug.log()
* chore: drop syslog from settings.py
* refactor: use log.log() in person.utils
* refactor: fetch_meeting_attendance->log.log()
* chore: gunicorn logs as JSON (wip)
* feat: better json log formatting
* refactor: improve log config
* feat: gunicorn access log fields
* fix: remove type hints
The gunicorn logger plays tricks with the
LogRecord args parameter to let it have string
keys instead of being a simple tuple.
The mypy tests rightly flag this. Rather
than fighting the typing, just remove the
hints and leave a comment warning not to
use the gunicorn-specific formatter with
other loggers.
* refactor: generate group aliases on the fly
* chore: remove group alias file check
* chore: drop group alias settings, fix lint
* refactor: rename var to hint it's ignored
* test: update tests
* refactor: move utility to utils
* test: add test
---------
Co-authored-by: Robert Sparks <rjsparks@nostrum.com>
* refactor: compute draft aliases on demand
n.b., very slow for full set of aliases
* refactor: simplify and cache email_aliases
The name != "" case is, as far as I can see, unused.
* chore: remove draft alias checks
* chore: remove draft alias/virtual settings
* chore: remove lint
* test: update tests
* test: better mocking
* refactor: move utility to utils
* test: add tests
* chore: handle TERM in datatracker-start.sh
* chore: delay celery start if migration needed
* chore: skip-checks when migrating
* chore: label beat/celery as deleteBeforeUpgrade
Used by the infra-k8s deployment process to flag
these as needing to be shut down before a new
release rolls out.
* chore: increase termination grace periods
* ci: remove stray serviceName
* ci: volumeClaimTemplate name -> volumeMount, not volume
* ci: datatracker listens on containerPort 8000
* ci: services/containers have dt- prefix
* chore: adjust indent for k8s yaml
* ci: use a secret for CELERY_PASSWORD
* fix: touched wrong CELERY_PASSWORD setting
* ci: get rid of the celery pw secretGenerator
* ci: use DB_PASS instead of DBPASS (etc) for k8s
* ci: Fill in django-config.yaml from env vars
* ci: add vault-mappings.txt
* ci: use $CELERY_PASSWORD in rabbitmq.yaml
* ci: moving vault-mappings.txt out of this repo
* Revert "ci: Fill in django-config.yaml from env vars"
This reverts commit 75cd181deb390d3ab21d6887b091d66c80e1d18e.
* Revert "ci: use $CELERY_PASSWORD in rabbitmq.yaml"
This reverts commit f251f9920d07c65413f72fd165cc06acd562c2c7.
* ci: parameterize db OPTIONS setting
