diff --git a/Breaking-Changes.md b/Breaking-Changes.md index e1a06b7a1..e5604abc5 100644 --- a/Breaking-Changes.md +++ b/Breaking-Changes.md @@ -1,5 +1,11 @@ # 2GIS On-Premise Breaking-Changes +## [NEWVERSION] + +### pro-api +- `kafka.eventsTopic.readerGroupId` is now required for tasks-worker deployment +- `keys` service is completely removed from values + ## [1.43.0] ### navi-attractor diff --git a/charts/pro-api/Chart.yaml b/charts/pro-api/Chart.yaml index 9b31b7bdb..a7657c58f 100644 --- a/charts/pro-api/Chart.yaml +++ b/charts/pro-api/Chart.yaml @@ -5,7 +5,7 @@ description: Geo API for getting geo data type: application version: 2.0.0 -appVersion: 2.26.0 +appVersion: 2.31.1 maintainers: - name: 2gis diff --git a/charts/pro-api/README.md b/charts/pro-api/README.md index 946aabf40..8425d7312 100644 --- a/charts/pro-api/README.md +++ b/charts/pro-api/README.md @@ -8,7 +8,7 @@ | ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------- | | `api.appName` | Name of the service | `pro-api` | | `api.image.repository` | Repository | `2gis-on-premise/pro-api` | -| `api.image.tag` | Tag | `2.26.0` | +| `api.image.tag` | Tag | `2.31.1` | | `api.image.pullPolicy` | Pull Policy | `IfNotPresent` | | `api.ingress.enabled` | If Ingress is enabled for the service. | `false` | | `api.ingress.className` | Name of the Ingress controller class. | `nginx` | @@ -77,7 +77,7 @@ | Name | Description | Value | | ------------------------------------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | ------------------------------------- | | `permissions.image.repository` | Repository | `2gis-on-premise/pro-permissions-api` | -| `permissions.image.tag` | Tag | `2.26.0` | +| `permissions.image.tag` | Tag | `2.31.1` | | `permissions.image.pullPolicy` | Pull Policy | `IfNotPresent` | | `permissions.ingress.enabled` | If Ingress is enabled for the service | `false` | | `permissions.ingress.className` | Name of the Ingress controller class | `nginx` | @@ -129,7 +129,7 @@ | Name | Description | Value | | ---------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------- | | `tasks.image.repository` | Repository | `2gis-on-premise/pro-tasks-api` | -| `tasks.image.tag` | Tag | `2.26.0` | +| `tasks.image.tag` | Tag | `2.31.1` | | `tasks.image.pullPolicy` | Pull Policy | `IfNotPresent` | | `tasks.ingress.enabled` | If Ingress is enabled for the service | `false` | | `tasks.ingress.className` | Name of the Ingress controller class | `nginx` | @@ -179,7 +179,7 @@ | `tasks.settings.worker.resourceIntensiveTasksWorkersCount` | Number of threads that will be used by Hangfire-server to performs resource-intensive tasks | `5` | | `tasks.settings.worker.regularTasksWorkersCount` | Number of threads that will be used by Hangfire-server to performs other tasks | `5` | | `tasks.settings.worker.longRunningTasksWorkersCount` | Number of threads that will be used by Hangfire-server to performs long tasks | `1` | -| `tasks.settings.features.auditLogging.enabled` | Enable audit log feature | `false` | +| `tasks.settings.features.auditLogging.enabled` | Enable audit log feature | `true` | | `tasks.settings.admin.auth.schema` | Authentication scheme for Tasks Admin UI (Basic, OIDC, Undefined) | `Undefined` | | `tasks.settings.admin.auth.basic.username` | Username for Basic authentication scheme | `admin` | | `tasks.settings.admin.auth.basic.password` | Password for Basic authentication scheme | `""` | @@ -196,7 +196,7 @@ | -------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------ | | `assetImporter.appName` | Data Import job name. | `asset-importer` | | `assetImporter.repository` | Docker Repository Image. | `2gis-on-premise/pro-importer` | -| `assetImporter.tag` | Docker image tag. | `2.26.0` | +| `assetImporter.tag` | Docker image tag. | `2.31.1` | | `assetImporter.imagePullSecrets` | Kubernetes image pull secrets. | `[]` | | `assetImporter.schedule` | Import job schedule. | `0 18 * * *` | | `assetImporter.backoffLimit` | The number of [retries](https://kubernetes.io/docs/concepts/workloads/controllers/job/#pod-backoff-failure-policy) before considering a Job as failed. | `2` | @@ -342,13 +342,6 @@ ### digger settings -### Keys Service settings - -| Name | Description | Value | -| ------------ | ---------------------------------------------------------------------------------------- | ----- | -| `keys.url` | API URL of service for managing partners' keys to 2GIS services (keys.api). **Required** | `""` | -| `keys.token` | keys.api access token. **Required** | `""` | - ### Catalog API settings | Name | Description | Value | diff --git a/charts/pro-api/templates/asset-importer.yaml b/charts/pro-api/templates/asset-importer.yaml index 1145b4e5a..6bc2d8a46 100644 --- a/charts/pro-api/templates/asset-importer.yaml +++ b/charts/pro-api/templates/asset-importer.yaml @@ -132,15 +132,13 @@ spec: value: {{ .Values.assetImporter.settings.esMetricsEnabled | quote }} - name: Common__TtlSecondsAfterFinished value: {{ .Values.assetImporter.settings.ttlSecondsAfterFinished | quote }} - - name: Digger__Address + - name: Digger__Url value: {{ .Values.digger.url | quote }} - - name: Digger__UserName - value: {{ .Values.digger.userName | quote }} - {{ if .Values.digger.password }} - - name: Digger__Password + {{ if .Values.digger.authToken }} + - name: Digger__AuthToken valueFrom: secretKeyRef: - key: diggerPassword + key: diggerAuthToken name: {{ include "pro-api.name" . }}-secret {{ end }} - name: Navi__Url diff --git a/charts/pro-api/templates/deployment.yaml b/charts/pro-api/templates/deployment.yaml index 35c6c2c88..7ba34881e 100644 --- a/charts/pro-api/templates/deployment.yaml +++ b/charts/pro-api/templates/deployment.yaml @@ -76,7 +76,7 @@ spec: containerPort: 8080 protocol: TCP volumeMounts: - - mountPath: "{{ .Values.api.settings.tempPath }}" + - mountPath: {{ .Values.api.settings.tempPath | quote }} name: temp-volume livenessProbe: httpGet: @@ -173,6 +173,8 @@ spec: value: {{ .Values.api.settings.corsOrigins | quote }} - name: Common__FilterByZoneCodes value: {{ .Values.api.settings.filterByZoneCodes | quote }} + - name: Common__DataCenterId + value: {{ .Values.api.settings.dataCenterId | quote }} - name: Postgres__ConnectionString value: {{ include "pro-api.connectionString" . }} - name: Postgres__ConnectionStringReadonly @@ -295,15 +297,6 @@ spec: value: {{ .Values.api.settings.auth.skipShareLinksPermissionsCheck | quote }} - name: License__Key value: {{ required "A valid .Values.api.settings.licenseKey entry required" $.Values.api.settings.licenseKey }} - - name: KEYS_SERVICE_URL - value: {{ .Values.keys.url | quote }} - {{- if .Values.keys.token }} - - name: KEYS_SERVICE_TOKEN - valueFrom: - secretKeyRef: - key: keysServiceToken - name: {{ include "pro-api.name" . }}-secret - {{- end }} - name: Redis__Host value: {{ required "A valid .Values.redis.host entry required" $.Values.redis.host }} - name: Redis__Port @@ -359,5 +352,10 @@ spec: value: {{ .Values.ecommerce.url | quote }} - name: SberEcommerceApi__UserName value: {{ .Values.ecommerce.username | quote }} + {{- if .Values.ecommerce.password }} - name: SberEcommerceApi__Password - value: {{ .Values.ecommerce.password | quote }} + valueFrom: + secretKeyRef: + key: ecommercePassword + name: {{ include "pro-api.name" . }}-secret + {{- end }} \ No newline at end of file diff --git a/charts/pro-api/templates/permissions-api/permissions-api-deployment.yaml b/charts/pro-api/templates/permissions-api/permissions-api-deployment.yaml index 57505f0ef..08cf3263e 100644 --- a/charts/pro-api/templates/permissions-api/permissions-api-deployment.yaml +++ b/charts/pro-api/templates/permissions-api/permissions-api-deployment.yaml @@ -136,15 +136,6 @@ spec: secretKeyRef: key: permissionsApiKey name: {{ include "pro-api.name" . }}-secret - - name: KEYS_SERVICE_URL - value: {{ .Values.keys.url | quote }} - {{- if .Values.keys.token }} - - name: KEYS_SERVICE_TOKEN - valueFrom: - secretKeyRef: - key: keysServiceToken - name: {{ include "pro-api.name" . }}-secret - {{- end }} - name: Redis__Host value: {{ required "A valid .Values.redis.host entry required" $.Values.redis.host }} - name: Redis__Port diff --git a/charts/pro-api/templates/secrets.yaml b/charts/pro-api/templates/secrets.yaml index 237894e21..ed46fff67 100644 --- a/charts/pro-api/templates/secrets.yaml +++ b/charts/pro-api/templates/secrets.yaml @@ -22,16 +22,13 @@ data: {{ end }} s3AccessKey: {{ required "Valid .Values.dgctlStorage.accessKey required!" .Values.dgctlStorage.accessKey | b64enc }} s3SecretKey: {{ required "Valid .Values.dgctlStorage.secretKey required!" .Values.dgctlStorage.secretKey | b64enc }} - {{ if .Values.digger.password }} - diggerPassword: {{ .Values.digger.password | b64enc }} + {{ if .Values.digger.authToken }} + diggerAuthToken: {{ .Values.digger.authToken | b64enc }} {{ end }} permissionsApiKey: {{ required "Valid .Values.permissions.settings.auth.apiKey required!" .Values.permissions.settings.auth.apiKey | b64enc }} {{ if .Values.elastic.password }} esPassword: {{ .Values.elastic.password | b64enc }} {{ end }} - {{ if .Values.keys.token }} - keysServiceToken: {{ .Values.keys.token | b64enc }} - {{ end }} {{ if .Values.api.settings.auth.apiKey }} apiKey: {{ .Values.api.settings.auth.apiKey | b64enc }} {{ end }} @@ -50,3 +47,6 @@ data: {{ if .Values.tasks.settings.admin.auth.oidc.clientSecret }} tasksAdminAuthOidcClientSecret: {{ .Values.tasks.settings.admin.auth.oidc.clientSecret | b64enc }} {{ end }} + {{ if .Values.ecommerce.password }} + ecommercePassword: {{ .Values.ecommerce.password | b64enc }} + {{ end }} \ No newline at end of file diff --git a/charts/pro-api/templates/tasks-api/deployment.yaml b/charts/pro-api/templates/tasks-api/deployment.yaml index fc3f40e26..326ec1b98 100644 --- a/charts/pro-api/templates/tasks-api/deployment.yaml +++ b/charts/pro-api/templates/tasks-api/deployment.yaml @@ -142,6 +142,8 @@ spec: value: {{ $.Values.tasks.settings.features.emailNotifications.enabled | quote }} - name: FeatureManagement__UserManagement value: {{ $.Values.tasks.settings.features.userManagement.enabled | quote }} + - name: FeatureManagement__RemoveExpiredSmbDashboards + value: {{ $.Values.tasks.settings.features.removeExpiredSmbDashboards.enabled | quote }} - name: Common__Logging__Format value: {{ .Values.tasks.settings.logging.format | quote }} @@ -164,6 +166,8 @@ spec: {{- end }} - name: Kafka__EventsTopicSettings__Name value: {{ required "A valid .Values.kafka.eventsTopic.name entry required" $.Values.kafka.eventsTopic.name }} + - name: Kafka__EventsTopicSettings__ReaderGroupId + value: {{ required "A valid .Values.kafka.eventsTopic.readerGroupId entry required" $.Values.kafka.eventsTopic.readerGroupId }} - name: Kafka__UseReplicaTopics value: {{ $.Values.kafka.useReplicaTopics | quote }} - name: Common__Mode @@ -219,4 +223,18 @@ spec: - name: Admin__Auth__Oidc__RequiredRole value: {{ .Values.tasks.settings.admin.auth.oidc.requiredRole | quote }} {{- end }} + + - name: Redis__Host + value: {{ required "A valid .Values.redis.host entry required" $.Values.redis.host }} + - name: Redis__Port + value: {{ .Values.redis.port | quote }} + - name: Redis__Username + value: {{ $.Values.redis.username }} + {{- if .Values.redis.password }} + - name: Redis__Password + valueFrom: + secretKeyRef: + key: redisPassword + name: {{ include "pro-api.name" . }}-secret + {{- end }} {{- end }} diff --git a/charts/pro-api/templates/tasks-worker/deployment.yaml b/charts/pro-api/templates/tasks-worker/deployment.yaml index 508544181..929a61f0e 100644 --- a/charts/pro-api/templates/tasks-worker/deployment.yaml +++ b/charts/pro-api/templates/tasks-worker/deployment.yaml @@ -140,6 +140,8 @@ spec: value: {{ $.Values.tasks.settings.features.emailNotifications.enabled | quote }} - name: FeatureManagement__UserManagement value: {{ $.Values.tasks.settings.features.userManagement.enabled | quote }} + - name: FeatureManagement__RemoveExpiredSmbDashboards + value: {{ $.Values.tasks.settings.features.removeExpiredSmbDashboards.enabled | quote }} - name: Common__Logging__Format value: {{ .Values.tasks.settings.logging.format | quote }} @@ -162,6 +164,8 @@ spec: {{ end }} - name: Kafka__EventsTopicSettings__Name value: {{ required "A valid .Values.kafka.eventsTopic.name entry required" $.Values.kafka.eventsTopic.name }} + - name: Kafka__EventsTopicSettings__ReaderGroupId + value: {{ required "A valid .Values.kafka.eventsTopic.readerGroupId entry required" $.Values.kafka.eventsTopic.readerGroupId }} - name: Kafka__UseReplicaTopics value: {{ $.Values.kafka.useReplicaTopics | quote }} - name: Common__Mode @@ -196,15 +200,13 @@ spec: - name: Elastic__EnableHttpCompression value: {{ $.Values.elastic.enableHttpCompression | quote }} - - name: Digger__Address + - name: Digger__Url value: {{ .Values.digger.url | quote }} - - name: Digger__UserName - value: {{ .Values.digger.userName | quote }} - {{ if .Values.digger.password }} - - name: Digger__Password + {{ if .Values.digger.authToken }} + - name: Digger__AuthToken valueFrom: secretKeyRef: - key: diggerPassword + key: diggerAuthToken name: {{ include "pro-api.name" . }}-secret {{ end }} diff --git a/charts/pro-api/values.yaml b/charts/pro-api/values.yaml index 0ce6377cd..04a756ce7 100644 --- a/charts/pro-api/values.yaml +++ b/charts/pro-api/values.yaml @@ -1,4 +1,4 @@ -# @section Geo API configuration & settings +# @section Geo API configuration & settings api: @@ -10,7 +10,7 @@ api: # @param api.image.pullPolicy Pull Policy image: repository: 2gis-on-premise/pro-api - tag: 2.26.0 + tag: 2.31.1 pullPolicy: IfNotPresent # @param api.ingress.enabled If Ingress is enabled for the service. @@ -192,7 +192,7 @@ permissions: # @param permissions.image.pullPolicy Pull Policy image: repository: 2gis-on-premise/pro-permissions-api - tag: 2.26.0 + tag: 2.31.1 pullPolicy: IfNotPresent # @param permissions.ingress.enabled If Ingress is enabled for the service @@ -308,7 +308,7 @@ tasks: # @param tasks.image.pullPolicy Pull Policy image: repository: 2gis-on-premise/pro-tasks-api - tag: 2.26.0 + tag: 2.31.1 pullPolicy: IfNotPresent # @param tasks.ingress.enabled If Ingress is enabled for the service @@ -430,6 +430,7 @@ tasks: # @skip tasks.settings.features.removeUnusedUserAssetFiles # @skip tasks.settings.features.emailNotifications # @skip tasks.settings.features.userManagement + # @skip tasks.settings.features.removeExpiredSmbDashboards settings: enabled: true env: '' @@ -445,7 +446,7 @@ tasks: longRunningTasksWorkersCount: 1 admin: auth: - schema: Undefined + schema: 'Undefined' basic: username: admin password: '' @@ -461,7 +462,7 @@ tasks: enabled: false segments: '' auditLogging: - enabled: false + enabled: true cleanCitylensFrames: enabled: false removeUnusedUserAssetFiles: @@ -470,6 +471,8 @@ tasks: enabled: false userManagement: enabled: true + removeExpiredSmbDashboards: + enabled: false # @section asset importer settings @@ -504,7 +507,7 @@ tasks: assetImporter: appName: asset-importer repository: 2gis-on-premise/pro-importer - tag: 2.26.0 + tag: 2.31.1 imagePullSecrets: [] schedule: 0 18 * * * backoffLimit: 2 @@ -758,19 +761,7 @@ redis: digger: url: '' - userName: '' - password: '' - - -# @section Keys Service settings - -# @param keys.url API URL of service for managing partners' keys to 2GIS services (keys.api). **Required** -# @param keys.token keys.api access token. **Required** - -keys: - url: '' - token: '' - + authToken: '' # @section Catalog API settings