swh/web: Generate configuration for gitlab pipeline if needed
Related to swh/devel/swh-web#4760 (closed)
These modifications will update the webapp configuration to trigger a Gitlab pipeline for add-forge-now requests processing.
Helm-diff
[swh] Comparing changes between branches production and staging_webapp_afnr (per environment)...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/staging_webapp_afnr'.
[swh] Generate config in staging_webapp_afnr branch for environment staging...
[swh] Generate config in staging_webapp_afnr branch for environment staging...
[swh] Generate config in staging_webapp_afnr branch for environment staging...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/staging_webapp_afnr'.
[swh] Generate config in staging_webapp_afnr branch for environment production...
[swh] Generate config in staging_webapp_afnr branch for environment production...
[swh] Generate config in staging_webapp_afnr branch for environment production...
------------- diff for environment staging namespace swh -------------
--- /tmp/swh-chart.swh.GkWGO1vd/staging-swh.before 2023-11-14 16:56:43.271993762 +0100
+++ /tmp/swh-chart.swh.GkWGO1vd/staging-swh.after 2023-11-14 16:56:43.731999706 +0100
@@ -4601,20 +4601,25 @@
cls: remote
url: http://indexer-storage-rpc-ingress
counters_backend: swh-counters
counters:
cls: remote
url: http://counters0.internal.staging.swh.network:5011/
deposit:
private_api_url: https://deposit-rp.internal.staging.swh.network/1/private/
private_api_user: ${DEPOSIT_USERNAME}
private_api_password: ${DEPOSIT_PASSWORD}
+ add_forge_now:
+ email_address: add-forge-now@webapp.staging.swh.network
+ gitlab_pipeline:
+ gitlab_token: ${GITLAB_AFN_TOKEN}
+ trigger_url: https://gitlab.softwareheritage.org/api/v4/projects/474/trigger/pipeline
secret_key: ${DJANGO_SECRET_KEY}
production_db:
host: db1.internal.staging.swh.network
port: 5432
name: swh-web
user: swh-web
password: ${POSTGRESQL_PASSWORD}
client_config:
@@ -4642,22 +4647,20 @@
swh_api_origin_search:
limiter_rate:
default: 10/m
swh_api_origin_visit_latest:
limiter_rate:
default: 700/m
swh_save_origin:
limiter_rate:
POST: 10/h
default: 120/h
- add_forge_now:
- email_address: add-forge-now@webapp.staging.swh.network
content_display_max_size: 5242880
give:
public_key: ${GIVE_PUBLIC_KEY}
token: ${GIVE_PRIVATE_TOKEN}
history_counters_url: http://counters0.internal.staging.swh.network:5011/counters_history/history.json
keycloak:
realm_name: SoftwareHeritageStaging
server_url: https://auth.softwareheritage.org/auth/
matomo: {}
search_config:
@@ -14499,21 +14502,21 @@
app: web
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
template:
metadata:
labels:
app: web
annotations:
- checksum/config: 62ed1306cf893122baef33d2322d8e0b323cc323890d2918709c1f15b083265a
+ checksum/config: f5bc233e775b04a77cfe29b8f95c8e459edd25efbbdc18ae77ade760b89b85fa
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: swh/web
operator: In
values:
- "true"
@@ -14571,20 +14574,28 @@
# 'name' secret must exist & include that ^ key
optional: false
- name: GIVE_PUBLIC_KEY
valueFrom:
secretKeyRef:
name: web-give-secrets
key: public-key
# 'name' secret must exist & include that ^ key
optional: false
+ - name: GITLAB_AFN_TOKEN
+ valueFrom:
+ secretKeyRef:
+ name: common-secrets
+ key: gitlab_token
+ # 'name' secret must exist & include that ^ key
+ optional: false
- name: SWH_SENTRY_DSN
valueFrom:
secretKeyRef:
name: common-secrets
key: web-sentry-dsn
# 'name' secret should exist & include key
# if the setting doesn't exist, sentry pushes will be disabled
optional: false
volumeMounts:
------------- diff for environment staging namespace swh-cassandra -------------
--- /tmp/swh-chart.swh.GkWGO1vd/staging-swh-cassandra.before 2023-11-14 16:56:43.395995363 +0100
+++ /tmp/swh-chart.swh.GkWGO1vd/staging-swh-cassandra.after 2023-11-14 16:56:43.896001826 +0100
@@ -4413,20 +4413,25 @@
vault:
cls: remote
url: http://vault-rpc-ingress
indexer_storage:
cls: remote
url: http://indexer-storage-rpc-ingress
counters_backend: swh-counters
counters:
cls: remote
url: http://counters0.internal.staging.swh.network:5011/
+ add_forge_now:
+ email_address: add-forge-now@webapp.staging.swh.network
+ gitlab_pipeline:
+ gitlab_token: ${GITLAB_AFN_TOKEN}
+ trigger_url: https://gitlab.softwareheritage.org/api/v4/projects/474/trigger/pipeline
secret_key: ${DJANGO_SECRET_KEY}
production_db:
host: db1.internal.staging.swh.network
port: 5432
name: swh-web
user: swh-web
password: ${POSTGRESQL_PASSWORD}
client_config:
@@ -4454,22 +4459,20 @@
swh_api_origin_search:
limiter_rate:
default: 10/m
swh_api_origin_visit_latest:
limiter_rate:
default: 700/m
swh_save_origin:
limiter_rate:
POST: 10/h
default: 120/h
- add_forge_now:
- email_address: add-forge-now@webapp.staging.swh.network
content_display_max_size: 5242880
give:
public_key: ${GIVE_PUBLIC_KEY}
token: ${GIVE_PRIVATE_TOKEN}
history_counters_url: http://counters0.internal.staging.swh.network:5011/counters_history/history.json
keycloak:
realm_name: SoftwareHeritageStaging
server_url: https://auth.softwareheritage.org/auth/
matomo: {}
search_config:
@@ -12601,21 +12604,21 @@
app: web
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
template:
metadata:
labels:
app: web
annotations:
- checksum/config: df0c429fe323cde5162b3341aaceb8b5a8a2416058006d9345c4b859d1bae2d5
+ checksum/config: 39367f82fc5191f75d68157a566999b7a7a4fab2834864686f7a3706247c73f2
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: swh/web
operator: In
values:
- "true"
@@ -12657,20 +12660,28 @@
# 'name' secret must exist & include that ^ key
optional: false
- name: GIVE_PUBLIC_KEY
valueFrom:
secretKeyRef:
name: web-give-secrets
key: public-key
# 'name' secret must exist & include that ^ key
optional: false
+ - name: GITLAB_AFN_TOKEN
+ valueFrom:
+ secretKeyRef:
+ name: common-secrets
+ key: gitlab_token
+ # 'name' secret must exist & include that ^ key
+ optional: false
- name: SWH_SENTRY_DSN
valueFrom:
secretKeyRef:
name: common-secrets
key: web-sentry-dsn
# 'name' secret should exist & include key
# if the setting doesn't exist, sentry pushes will be disabled
optional: false
volumeMounts:
------------- diff for environment staging namespace swh-cassandra-next-version -------------
--- /tmp/swh-chart.swh.GkWGO1vd/staging-swh-cassandra-next-version.before 2023-11-14 16:56:43.515996915 +0100
+++ /tmp/swh-chart.swh.GkWGO1vd/staging-swh-cassandra-next-version.after 2023-11-14 16:56:44.052003842 +0100
@@ -3914,20 +3914,25 @@
vault:
cls: remote
url: http://vault-rpc-ingress-next-version
indexer_storage:
cls: remote
url: http://indexer-storage-rpc-ingress
counters_backend: swh-counters
counters:
cls: remote
url: http://counters0.internal.staging.swh.network:5011/
+ add_forge_now:
+ email_address: add-forge-now@webapp.staging.swh.network
+ gitlab_pipeline:
+ gitlab_token: ${GITLAB_AFN_TOKEN}
+ trigger_url: https://gitlab.softwareheritage.org/api/v4/projects/474/trigger/pipeline
secret_key: ${DJANGO_SECRET_KEY}
production_db:
host: db1.internal.staging.swh.network
port: 5432
name: swh-web-next-version
user: swh-web-next-version
password: ${POSTGRESQL_PASSWORD}
client_config:
@@ -3955,22 +3960,20 @@
swh_api_origin_search:
limiter_rate:
default: 10/m
swh_api_origin_visit_latest:
limiter_rate:
default: 700/m
swh_save_origin:
limiter_rate:
POST: 10/h
default: 120/h
- add_forge_now:
- email_address: add-forge-now@webapp.staging.swh.network
content_display_max_size: 5242880
give:
public_key: ${GIVE_PUBLIC_KEY}
token: ${GIVE_PRIVATE_TOKEN}
history_counters_url: http://counters0.internal.staging.swh.network:5011/counters_history/history.json
keycloak:
realm_name: SoftwareHeritageStaging
server_url: https://auth.softwareheritage.org/auth/
matomo: {}
search_config:
@@ -10688,21 +10691,21 @@
app: web
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
template:
metadata:
labels:
app: web
annotations:
- checksum/config: 08d1d1d6f86372dfa18712ca5c2c0cf6fabff54a271a613fd97c8658ca457e4d
+ checksum/config: f7976ed704efcc7b15b1da998487f7c4ae69a886a35036321c2c6e5563227b4b
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: swh/web
operator: In
values:
- "true"
@@ -10744,20 +10747,28 @@
# 'name' secret must exist & include that ^ key
optional: false
- name: GIVE_PUBLIC_KEY
valueFrom:
secretKeyRef:
name: web-give-secrets
key: public-key
# 'name' secret must exist & include that ^ key
optional: false
+ - name: GITLAB_AFN_TOKEN
+ valueFrom:
+ secretKeyRef:
+ name: common-secrets
+ key: gitlab_token
+ # 'name' secret must exist & include that ^ key
+ optional: false
- name: SWH_SENTRY_DSN
valueFrom:
secretKeyRef:
name: common-secrets
key: web-sentry-dsn
# 'name' secret should exist & include key
# if the setting doesn't exist, sentry pushes will be disabled
optional: false
volumeMounts:
------------- diff for environment production namespace swh -------------
No differences
------------- diff for environment production namespace swh-cassandra -------------
--- /tmp/swh-chart.swh.GkWGO1vd/production-swh-cassandra.before 2023-11-14 16:56:44.340007564 +0100
+++ /tmp/swh-chart.swh.GkWGO1vd/production-swh-cassandra.after 2023-11-14 16:56:44.612011079 +0100
@@ -1075,20 +1075,22 @@
vault:
cls: remote
url: http://vangogh.euwest.azure.internal.softwareheritage.org:5005/
indexer_storage:
cls: remote
url: http://saam.internal.softwareheritage.org:5007/
counters_backend: swh-counters
counters:
cls: remote
url: http://counters1.internal.softwareheritage.org:5011/
+ add_forge_now:
+ email_address: add-forge-now@archive.softwareheritage.org
secret_key: ${DJANGO_SECRET_KEY}
production_db:
host: db.internal.softwareheritage.org
port: 5432
name: swh-web
user: swh-web
password: ${POSTGRESQL_PASSWORD}
client_config:
@@ -1143,22 +1145,20 @@
default: 120/h
swh_api_origin_search:
limiter_rate:
default: 10/m
swh_api_origin_visit_latest:
limiter_rate:
default: 700/m
swh_raw_object:
limiter_rate:
default: 120/h
- add_forge_now:
- email_address: add-forge-now@archive.softwareheritage.org
content_display_max_size: 5242880
es_workers_index_url: http://esnode1.internal.softwareheritage.org:9200/swh_workers-*
give:
public_key: ${GIVE_PUBLIC_KEY}
token: ${GIVE_PRIVATE_TOKEN}
history_counters_url: http://counters1.internal.softwareheritage.org:5011/counters_history/history.json#
keycloak:
realm_name: SoftwareHeritage
server_url: https://auth.softwareheritage.org/auth/
search_config:
@@ -2932,21 +2932,21 @@
app: web
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
template:
metadata:
labels:
app: web
annotations:
- checksum/config: a3b31ddc881839bc2f0f13860ccb781fb5dc71f88dfa910831baf76607f90b83
+ checksum/config: 912fc0c4a9bf9748a4321df4ac456ef48971dcb66255c147ffeefe89338a8d27
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: swh/web
operator: In
values:
- "true"
@@ -2988,20 +2988,21 @@
# 'name' secret must exist & include that ^ key
optional: false
- name: GIVE_PUBLIC_KEY
valueFrom:
secretKeyRef:
name: web-give-secrets
key: public-key
# 'name' secret must exist & include that ^ key
optional: false
- name: SWH_SENTRY_DSN
valueFrom:
secretKeyRef:
name: common-secrets
key: web-sentry-dsn
# 'name' secret should exist & include key
# if the setting doesn't exist, sentry pushes will be disabled
optional: false
volumeMounts: