(PXP-6861): configure Metadata Service creds in kube-setup-ssjdispatcher #1428
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5e25e54 to
73e9eb5
Compare
|
Should we move: cloud-automation/gen3/bin/kube-roll-all.sh Lines 77 to 79 in e2a5880 To after: cloud-automation/gen3/bin/kube-roll-all.sh Line 193 in e2a5880 So that the MDS creds are still configured if gen3 roll all is being run for the first time or the MDS creds get rotated❓
|
frickjack
reviewed
Oct 13, 2020
There was a problem hiding this comment.
Hey John,
This looks really good to me.
Before we merge - would you do the following?
- login to each of the
jenkins-*environments:
ls -d1 /home/jenkins-*
/home/jenkins-blood
/home/jenkins-brain
/home/jenkins-dcp
/home/jenkins-genomel
/home/jenkins-niaid
/home/jenkins-perf
- in each environment:
(
cd cdis-manifst && git pull --prune)
cd cloud-automation && git pull --prune && git checkout your-branch
gen3 kube-setup-ssjdispatcher
git checkout master
)
That will get all our jenkins environments setup with the new creds, and be a good test case too.
|
Alright sounds good, so I ran: in:
And the MDS creds were set up as expected for all of these Jenkins environments with the exception of |
jacquayj
added a commit
to bioteam/cloud-automation
that referenced
this pull request
Nov 10, 2020
* commit '59bf7fdd8bc1a497b2347eb3610612b97ded3023': (234 commits) Chore/config env upgrade pip (uc-cdis#1448) Chore/remove pylib2 (uc-cdis#1447) add new dependency (uc-cdis#1446) Chore/wts fail fast (uc-cdis#1445) feat(sftp-server): Added terraform to create sftp server (uc-cdis#1437) Feat/mariner storage (uc-cdis#1442) chore(useryaml): only in usersync (uc-cdis#1440) Whitelist opportunityinsights.org (uc-cdis#1441) Fix/tform eks (uc-cdis#1439) Pybase: don't wait for wsgi.sock (uc-cdis#1438) chore(dashboard/open-links): new dash app (uc-cdis#1436) Chore/update calico 1.7 (uc-cdis#1427) fix(jenkinx-pv-size): Updated the size of the persistent volume to match manual size increase (uc-cdis#1417) Fix/configmaps del (uc-cdis#1434) Chore/vpn signed url (uc-cdis#1433) feat(access-roll): Added access-backend to kube-roll-all (uc-cdis#1431) (PXP-6861): configure Metadata Service creds in kube-setup-ssjdispatcher (uc-cdis#1428) Chore/tform custom (uc-cdis#1426) Update maintenance.md (uc-cdis#1425) fix(qa): Define submission order for gentestdata (uc-cdis#1424) ...
This was referenced Mar 11, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Jira Ticket: PXP-6861
This PR extends
kube-setup-ssjdispatcherso that if the Metadata Service is deployed and MDS basic auth creds are present, add those MDS creds to SSJDispatcher's secret. See related indexs3client PR requiring SSJDispatcher to pass it MDS creds. Going forward, the SSJDispatcher service will require MDS creds to start.Note that the addition of MDS creds will not break the "old" SSJDispatcher/indexs3client combination (i.e. versions of SSJDispatcher/indexs3client not requiring MDS creds).
New Features