altf4arnold/datatracker
1
0
Fork 0
Code Issues Pull requests Actions 3 Packages Projects Releases Wiki Activity
16140 commits 1 branch 0 tags 2.6 GiB
Commit graph

21 commits

Author SHA1 Message Date
Jennifer Richards 30a4a5a77b ci: run rabbitmq as non-root (#7362) 
* ci: securityContext for rabbitmq

* ci: logs from rabbitmq as json to console

* ci: tmp volume for rabbitmq

Needed since rootfs is now read-only

* ci: fix permissions on /var/lib/rabbitmq vol

Rabbitmq needs to be able to write to the fs at
/var/lib/rabbitmq. It may be possible to get rid
of the initContainer and use fsGroup in the pod
securityContext to manage this, but that does not
work for the hostVolume mounts I use for dev.
The solution here moves the actual mount to the
rabbitmq/ directory in the rabbitmq-data volume
and uses an initContainer to set the permissions
on that. That should work for any volume type.
 2024-05-13 21:41:36 -04:00
Jennifer Richards 2c9c61d878 ci: more memcached mem; set securityContext (#7356) 2024-05-13 21:41:36 -04:00
Jennifer Richards 26f2306316 ci: add scout container to celery pod (#7354) 
* ci: Add scout container to celery pod

* ci: Refactor scoutapm settings in values.yaml
 2024-05-13 21:41:36 -04:00
Jennifer Richards 90dc303293 ci: Add scoutapm sidecar container (#7330) 
* ci: Add scoutapm sidecar container

* ci: Configure ScoutAPM via helm
 2024-05-13 21:41:36 -04:00
Jennifer Richards 8a4fcf7024 ci: comment out DATATRACKER_STATIC_URL env 2024-05-13 21:41:36 -04:00
Jennifer Richards 39d2199a74 ci: allow override of csrf_trusted_origins 2024-05-13 21:41:36 -04:00
Jennifer Richards e99286f400 ci: use values for PVClaims, STATIC_URL (#7317) 
* ci: Expose PV parameters as values

* ci: complain about missing value in dev mode

* ci: Allow override of STATIC_URL
 2024-05-13 21:41:36 -04:00
Jennifer Richards 206a4bb749 ci: clean up labels and service values (#7314) 
* ci: Remove unused service values

* ci: Reorg labels
 2024-05-13 21:41:36 -04:00
Jennifer Richards c4a2ea9822 ci: Adjust secrets in values.yaml (#7288) 
* ci: Require secrets, even in "development"

* ci: More secrets-requiring

* ci: Strip whitespace out before b64 decoding

* ci: Adjust values.yaml

* ci: Comment in values.yaml
 2024-05-13 21:41:36 -04:00
Jennifer Richards 46e521ea9a ci: shared PersistentVolumeClaim on /a (#7283) 
* ci: shared PersistentVolumeClaim on /a

* ci: Increase storage request, add comment
 2024-05-13 21:41:36 -04:00
Jennifer Richards 8872e31e30 ci: Get APP_API_TOKENS from env (#7271) 
* ci: Get APP_API_TOKENS from env

* ci: chart fixup

* ci: Remove canned APP_API_TOKENs

(setec astronomy)
 2024-05-13 21:41:36 -04:00
Jennifer Richards f58bbc3caa ci: parameterize / update settings (#7248) 
* ci: parameterize gunicorn in datatracker-start.sh

* fix: typo

* ci: update settings_local for helm chart

* ci: Add todo comment

* ci: Drop redundant USE_TZ setting

* ci: Require secrets in production

* ci: fix indentation

* style: Black

* ci: memcached cfg from env in settings.py

* ci: set SITE_URL in settings.py

* refactor: /www/htpasswd -> /a/www/htpasswd

(it's a symlink on production)

* refactor: Remove obsolete SECR_ settings

* refactor: SECR_MAX_UPLOAD_SIZE -> DATATRACKER_...

* refactor: SECR_PPT2PDF_COMMAND -> PPT2PDF_COMMAND

* ci: Fix up helm/settings_local

* ci: Remove commented-out settings

* ci: Refactor/improve env var guards

* ci: More env refactoring / guards
 2024-05-13 21:41:36 -04:00
Robert Sparks 1c90789b49 chore: reduce worker count and disable live checks for the datatracker pod (#7240) 2024-05-13 21:41:36 -04:00
Jennifer Richards ad34104f68 ci: Deploy rabbitmq with a password (#7239) 2024-05-13 21:41:36 -04:00
Jennifer Richards f1e6c3729f ci: give rabbitmq a persistent volume claim (#7235) 
* ci: give rabbitmq a persistent volume claim

This relies on minikube's dynamic creation of
persistent volumes - expect changes likely
needed for production deployment.

* ci: that's not an f-string

* ci: todo is todone
 2024-05-13 21:41:36 -04:00
Jennifer Richards c987bacc95 ci: Rabbitmq progress (wip) (#7233) 
* ci: rabbitmq service (wip)

* ci: customize rabbitmq config
 2024-05-13 21:41:36 -04:00
Jennifer Richards c6372992c6 ci: use datatracker image values for celery/beat (#7213) 
* ci: use datatracker image values for celery/beat

* ci: refactor exec command lists as JSON

---------

Co-authored-by: Robert Sparks <rjsparks@nostrum.com>
 2024-05-13 21:41:36 -04:00
Robert Sparks f91ea45813 chore: CRLF -> LF (#7214) 2024-05-13 21:41:36 -04:00
Jennifer Richards 6ed19bb2ab ci: nearly deployable helm chart (wip) (#7176) 
* style: CRLF -> LF

* build: Use AppVersion for image

* chore: Helm YAML indent_size = 2

* ci: Deploy settings_local.py via helm

* ci: misc progress on the helm chart (WIP)

* ci: move configmap to env in values.yaml

* ci: Refactor env and configmap formats

* ci: merge fixup + helm debugging

* ci: Fix rabbitmq.yaml and its values

* ci: fix up other deployments

* ci: fix copy error in beat.yaml and celery.yaml

* ci: install correct images and volumes
 2024-05-13 21:41:36 -04:00
Nicolas Giard c867d6f0da ci: helm values + deployment files for all 5 services (wip) 2024-05-13 21:41:36 -04:00
Nicolas Giard e3de3943e2
ci: add release docker image build + base helm template 2024-01-25 21:57:10 -05:00