(PXP-6977): make mds creds required for service startup #32
Conversation
| } | ||
|
|
||
| // Test that CheckIndexingJobsImageConfig returns an error when MDS creds | ||
| // have not been configured. |
There was a problem hiding this comment.
i don't get why we're making this non backwards compatible - what if we need ssjdispatcher in a commons that doesn't use MDS?
There was a problem hiding this comment.
This is meant as an extra precaution against the latest SSJDispatcher/indexs3client being deployed to a commons without MDS creds configured for SSJDispatcher, causing this new feature not to work. It's intended to be an automated way to signal to DevOps that SSJDispatcher/indexs3client are not healthy.
If SSJDispatcher is needed in a commons that doesn't use MDS, would it be reasonable to just use an older version of SSJDispatcher?
Also, one thing to keep in mind with this PR is that it only requires MDS creds for "name": "indexing" jobs, so it's not going to affect SSJDispatcher deployments in which there is no indexing job configured (not sure if that's the case for any commons).
There was a problem hiding this comment.
If SSJDispatcher is needed in a commons that doesn't use MDS, would it be reasonable to just use an older version of SSJDispatcher?
no, i don't think so. The ability to upload or index data (SSJDispatcher) is not dependent on whether the MDS is used. MDS is an optional service; all Commons should be able to get the latest SSJDispatcher patches regardless of whether they use MDS
There was a problem hiding this comment.
we need to have the backward compatibility. Some commons do not require MDS
There was a problem hiding this comment.
mds is no longer optional
there's no reason to not run mds
it adds complexity and new ways to eff up if we make it optional
There was a problem hiding this comment.
then @johnfrancismccann can you update your "Deployment changes" to make it very clear that we need to add the MDS to the manifest
There was a problem hiding this comment.
For sure, I'll make note of that in "Deployment changes" in the indexs3client PR as well.
Jira Ticket: PXP-6977
In combination with the indexing job updating the Metadata Service after file upload, require Indexd and MDS creds for all
"name": "indexing"jobs configured for SSJDispatcher.This SSJDispatcher PR should go out in the same monthly release as the corresponding indexing job PR.
Breaking Changes
"imageConfig": {section for every"name": "indexing"job configured for SSJDispatcher. Without both Indexd and Metadata Service creds configured for all"name": "indexing"jobs, SSJDispatcher will exit immediately on startup.Improvements
Deployment changes
metadata-servicemust already be present or added to the"versions": {section of thecdis-manifest. Aftermetadata-servicehas been confirmed to be in thecdis-manifest, the now-required Metadata Service creds for SSJDispatcher must be configured by runninggen3 roll allwithJENKINS_HOMEnot set.gen3 roll allcallsgen3 kube-setup-ssjdispatcher, which now automatically configures the SSJDispatcher secret with Metadata Service creds.