Infrastructure/ansible
3
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Datagrepper: add live/ready probes and CSP

Browse source 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
This commit is contained in:
Aurélien Bompard 2021-09-28 18:25:54 +02:00
parent 62b1e6fbd6
commit de38d9d65a
No known key found for this signature in database
GPG key ID: 31584CFEB9BF64AD
2 changed files with 18 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

4
roles/openshift-apps/datagrepper/templates/datagrepper.cfg.py
View file

@ -5,3 +5,7 @@
APP_PATH = "https://apps{{ env_suffix }}.fedoraproject.org/datagrepper2" APP_PATH = "https://apps{{ env_suffix }}.fedoraproject.org/datagrepper2"
DEFAULT_QUERY_DELTA = 3600 DEFAULT_QUERY_DELTA = 3600
DATANOMMER_SQLALCHEMY_URL = "postgresql://{{ datanommerDBUser }}:{{ (env == 'production')|ternary(datanommerDBPassword, datanommer_stg_db_password) }}@db-datanommer01{{ env_suffix }}.iad2.fedoraproject.org/datanommer2" DATANOMMER_SQLALCHEMY_URL = "postgresql://{{ datanommerDBUser }}:{{ (env == 'production')|ternary(datanommerDBPassword, datanommer_stg_db_password) }}@db-datanommer01{{ env_suffix }}.iad2.fedoraproject.org/datanommer2"
# Only allow ajax/websockets connections back to our domains.
# https://github.com/fedora-infra/datagrepper/pull/192
CONTENT_SECURITY_POLICY = "connect-src https://*.fedoraproject.org wss://*.fedoraproject.org"

29
roles/openshift-apps/datagrepper/templates/deploymentconfig.yml
View file

@ -30,7 +30,6 @@ spec:
imagePullPolicy: Always imagePullPolicy: Always
ports: ports:
- containerPort: 8080 - containerPort: 8080
#protocol: TCP
#resources: {} #resources: {}
#terminationMessagePath: /dev/termination-log #terminationMessagePath: /dev/termination-log
#terminationMessagePolicy: File #terminationMessagePolicy: File
@ -50,20 +49,20 @@ spec:
value: "/etc/datagrepper/gunicorn.conf.py" value: "/etc/datagrepper/gunicorn.conf.py"
- name: SCRIPT_NAME - name: SCRIPT_NAME
value: "/datagrepper2" value: "/datagrepper2"
# readinessProbe: readinessProbe:
# timeoutSeconds: 10 timeoutSeconds: 10
# initialDelaySeconds: 5 initialDelaySeconds: 5
# periodSeconds: 60 periodSeconds: 60
# httpGet: httpGet:
# path: "/datagrepper/healthz/ready" path: "/datagrepper/healthz/ready"
# port: 8080 port: 8080
# livenessProbe: livenessProbe:
# timeoutSeconds: 10 timeoutSeconds: 10
# initialDelaySeconds: 10 initialDelaySeconds: 3
# periodSeconds: 60 periodSeconds: 60
# httpGet: httpGet:
# path: "/datagrepper/healthz/live" path: "/datagrepper/healthz/live"
# port: 8080 port: 8080
volumes: volumes:
- name: datagrepper-config-volume - name: datagrepper-config-volume
configMap: configMap: