altf4arnold/datatracker
1
0
Fork 0
Code Issues Pull requests Actions 3 Packages Projects Releases Wiki Activity
16144 commits 1 branch 0 tags 2.6 GiB
Commit graph

16144 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jennifer Richards 8f87573144 ci: Fill in settings_local for docker 2024-05-13 21:41:36 -04:00
Jennifer Richards 4e2b9ce7a6 ci: Non-root for celery containers (#7368) 2024-05-13 21:41:36 -04:00
Jennifer Richards 70c32254a9 ci: non-root user for scout containers 2024-05-13 21:41:36 -04:00
Jennifer Richards c8ee43da95 ci: run datatracker pod as non-root user (#7366) 
* feat: patch_libraries management command

* ci: Patch libraries in docker img build

* ci: non-root datatracker user

* ci: securityContext for datatracker pod
 2024-05-13 21:41:36 -04:00
Jennifer Richards 30a4a5a77b ci: run rabbitmq as non-root (#7362) 
* ci: securityContext for rabbitmq

* ci: logs from rabbitmq as json to console

* ci: tmp volume for rabbitmq

Needed since rootfs is now read-only

* ci: fix permissions on /var/lib/rabbitmq vol

Rabbitmq needs to be able to write to the fs at
/var/lib/rabbitmq. It may be possible to get rid
of the initContainer and use fsGroup in the pod
securityContext to manage this, but that does not
work for the hostVolume mounts I use for dev.
The solution here moves the actual mount to the
rabbitmq/ directory in the rabbitmq-data volume
and uses an initContainer to set the permissions
on that. That should work for any volume type.
 2024-05-13 21:41:36 -04:00
Jennifer Richards 2c9c61d878 ci: more memcached mem; set securityContext (#7356) 2024-05-13 21:41:36 -04:00
Jennifer Richards 9379bbad7d ci: remove reminder comment 2024-05-13 21:41:36 -04:00
Jennifer Richards b50e60b05f ci: default to static.ietf.org in helm chart 2024-05-13 21:41:36 -04:00
Jennifer Richards 26f2306316 ci: add scout container to celery pod (#7354) 
* ci: Add scout container to celery pod

* ci: Refactor scoutapm settings in values.yaml
 2024-05-13 21:41:36 -04:00
Jennifer Richards 6ccde89a68 ci: do not re-run yarn / collectstatics (#7353) 2024-05-13 21:41:36 -04:00
Jennifer Richards d14cbd10e9 ci: refactor scout sidecar (#7338) 
* ci: remove stray comma in settings_local.py

* ci: move scout sidecar to containers

initContainers sidecars not supported until kubernetes 1.29
 2024-05-13 21:41:36 -04:00
Jennifer Richards 90dc303293 ci: Add scoutapm sidecar container (#7330) 
* ci: Add scoutapm sidecar container

* ci: Configure ScoutAPM via helm
 2024-05-13 21:41:36 -04:00
Jennifer Richards ffcf74bd03 chore: Remove accidental commits... (#7329) 2024-05-13 21:41:36 -04:00
Jennifer Richards 64441be330 chore: Remove accidentally committed file 2024-05-13 21:41:36 -04:00
Jennifer Richards ac5155122c ci: label PVCs 2024-05-13 21:41:36 -04:00
Jennifer Richards c81b5f7088 ci: nindent instead of indent 2024-05-13 21:41:36 -04:00
Jennifer Richards ebaf6b5680 ci: quotes around shell parameters 2024-05-13 21:41:36 -04:00
Jennifer Richards 48f908020f ci: collect statics when building image 2024-05-13 21:41:36 -04:00
Jennifer Richards 8a4fcf7024 ci: comment out DATATRACKER_STATIC_URL env 2024-05-13 21:41:36 -04:00
Jennifer Richards 39d2199a74 ci: allow override of csrf_trusted_origins 2024-05-13 21:41:36 -04:00
Jennifer Richards e99286f400 ci: use values for PVClaims, STATIC_URL (#7317) 
* ci: Expose PV parameters as values

* ci: complain about missing value in dev mode

* ci: Allow override of STATIC_URL
 2024-05-13 21:41:36 -04:00
Jennifer Richards 206a4bb749 ci: clean up labels and service values (#7314) 
* ci: Remove unused service values

* ci: Reorg labels
 2024-05-13 21:41:36 -04:00
Jennifer Richards c4a2ea9822 ci: Adjust secrets in values.yaml (#7288) 
* ci: Require secrets, even in "development"

* ci: More secrets-requiring

* ci: Strip whitespace out before b64 decoding

* ci: Adjust values.yaml

* ci: Comment in values.yaml
 2024-05-13 21:41:36 -04:00
Jennifer Richards 46e521ea9a ci: shared PersistentVolumeClaim on /a (#7283) 
* ci: shared PersistentVolumeClaim on /a

* ci: Increase storage request, add comment
 2024-05-13 21:41:36 -04:00
Jennifer Richards 8872e31e30 ci: Get APP_API_TOKENS from env (#7271) 
* ci: Get APP_API_TOKENS from env

* ci: chart fixup

* ci: Remove canned APP_API_TOKENs

(setec astronomy)
 2024-05-13 21:41:36 -04:00
Jennifer Richards 253ba1dfbd fix: mypy/flakes lint 2024-05-13 21:41:36 -04:00
Jennifer Richards f58bbc3caa ci: parameterize / update settings (#7248) 
* ci: parameterize gunicorn in datatracker-start.sh

* fix: typo

* ci: update settings_local for helm chart

* ci: Add todo comment

* ci: Drop redundant USE_TZ setting

* ci: Require secrets in production

* ci: fix indentation

* style: Black

* ci: memcached cfg from env in settings.py

* ci: set SITE_URL in settings.py

* refactor: /www/htpasswd -> /a/www/htpasswd

(it's a symlink on production)

* refactor: Remove obsolete SECR_ settings

* refactor: SECR_MAX_UPLOAD_SIZE -> DATATRACKER_...

* refactor: SECR_PPT2PDF_COMMAND -> PPT2PDF_COMMAND

* ci: Fix up helm/settings_local

* ci: Remove commented-out settings

* ci: Refactor/improve env var guards

* ci: More env refactoring / guards
 2024-05-13 21:41:36 -04:00
Jennifer Richards e3d0290480 ci: install libreoffice (#7262) 
Use bullseye-backports to get something more recent
(ietfa has 7.3.6.2; bullseye has 7.0.x.x;
bullseye-backports has 7.4.7.2)
 2024-05-13 21:41:36 -04:00
Jennifer Richards 7a238a363e ci: collectstatic --no-input (#7252) 2024-05-13 21:41:36 -04:00
Robert Sparks 1c90789b49 chore: reduce worker count and disable live checks for the datatracker pod (#7240) 2024-05-13 21:41:36 -04:00
Jennifer Richards ad34104f68 ci: Deploy rabbitmq with a password (#7239) 2024-05-13 21:41:36 -04:00
Robert Sparks b36ff61805 feat: use gunicorn (#7215) 
* feat: use gunicorn

* fix: let gunicorn emit logs to stdout/stderr

* fix: log to stdout/stderr in json format

* fix: run collectstatic for the local copy of the statics
 2024-05-13 21:41:36 -04:00
Jennifer Richards f1e6c3729f ci: give rabbitmq a persistent volume claim (#7235) 
* ci: give rabbitmq a persistent volume claim

This relies on minikube's dynamic creation of
persistent volumes - expect changes likely
needed for production deployment.

* ci: that's not an f-string

* ci: todo is todone
 2024-05-13 21:41:36 -04:00
Jennifer Richards c987bacc95 ci: Rabbitmq progress (wip) (#7233) 
* ci: rabbitmq service (wip)

* ci: customize rabbitmq config
 2024-05-13 21:41:36 -04:00
Nicolas Giard f6db3e8e1b ci: Update Dockerfile 2024-05-13 21:41:36 -04:00
Nicolas Giard 0faf4d868c ci: Update Dockerfile 2024-05-13 21:41:36 -04:00
Jennifer Richards c6372992c6 ci: use datatracker image values for celery/beat (#7213) 
* ci: use datatracker image values for celery/beat

* ci: refactor exec command lists as JSON

---------

Co-authored-by: Robert Sparks <rjsparks@nostrum.com>
 2024-05-13 21:41:36 -04:00
Robert Sparks f91ea45813 chore: CRLF -> LF (#7214) 2024-05-13 21:41:36 -04:00
Jennifer Richards cd225018f9 ci: Memcached service (#7185) 
* ci: service.yaml -> services/datatracker.yaml

* ci: memcached service

* ci: simplify memcached service name

* ci: Use correct service.type for memcached
 2024-05-13 21:41:36 -04:00
Jennifer Richards dca77db250 ci: package and push helm chart 2024-05-13 21:41:36 -04:00
Jennifer Richards 6ed19bb2ab ci: nearly deployable helm chart (wip) (#7176) 
* style: CRLF -> LF

* build: Use AppVersion for image

* chore: Helm YAML indent_size = 2

* ci: Deploy settings_local.py via helm

* ci: misc progress on the helm chart (WIP)

* ci: move configmap to env in values.yaml

* ci: Refactor env and configmap formats

* ci: merge fixup + helm debugging

* ci: Fix rabbitmq.yaml and its values

* ci: fix up other deployments

* ci: fix copy error in beat.yaml and celery.yaml

* ci: install correct images and volumes
 2024-05-13 21:41:36 -04:00
Jennifer Richards bf74f2db31 ci: still need to chmod start.sh 2024-05-13 21:41:36 -04:00
Jennifer Richards f980954336 ci: add missing "&&" 2024-05-13 21:41:36 -04:00
Nicolas Giard c867d6f0da ci: helm values + deployment files for all 5 services (wip) 2024-05-13 21:41:36 -04:00
Robert Sparks ff228a5913 feat: merge dt and celery container builds (#6973) 
* feat: merge dt and celery container builds

* fix: mount /a instead of /assets

* feat: use consolidated script

* fix: get start.sh dependencies. Remove watchdog

* fix: correct source path
 2024-05-13 21:41:36 -04:00
Jennifer Richards 661941dbf1 feat: Split datatracker/celery start scripts (#6974) 2024-05-13 21:41:36 -04:00
dependabot[bot] 565486ee83
chore(deps): bump codecov/codecov-action from 4.3.0 to 4.3.1 (#7394) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.0 to 4.3.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4.3.0...v4.3.1)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-06 10:06:24 -04:00
dependabot[bot] 5fbeb8cd90
chore(deps): bump tar in /dev/deploy-to-container in the npm group (#7397) 
Bumps the npm group in /dev/deploy-to-container with 1 update: [tar](https://github.com/isaacs/node-tar).


Updates `tar` from 7.0.1 to 7.1.0
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.0.1...v7.1.0)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-06 10:04:47 -04:00
dependabot[bot] 342905fef8
chore(deps): bump tar from 7.0.1 to 7.1.0 in /dev/diff in the npm group (#7398) 
Bumps the npm group in /dev/diff with 1 update: [tar](https://github.com/isaacs/node-tar).


Updates `tar` from 7.0.1 to 7.1.0
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.0.1...v7.1.0)

---
updated-dependencies:
- dependency-name: tar
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-06 10:04:18 -04:00
Robert Sparks bd25bc6034
fix: improve file investigation results (#7376) 2024-05-06 07:45:36 -05:00