diff --git a/.secrets.baseline b/.secrets.baseline index b2328594..51a33818 100644 --- a/.secrets.baseline +++ b/.secrets.baseline @@ -3,7 +3,7 @@ "files": "^.secrets.baseline$", "lines": null }, - "generated_at": "2024-03-15T18:22:32Z", + "generated_at": "2024-04-02T20:57:28Z", "plugins_used": [ { "name": "AWSKeyDetector" @@ -108,6 +108,15 @@ "type": "Secret Keyword" } ], + "docs/kubernetes-in-docker.md": [ + { + "hashed_secret": "5320294d100314ce19330d99abada8c26c4993a3", + "is_secret": false, + "is_verified": false, + "line_number": 96, + "type": "Secret Keyword" + } + ], "examples/gke_dev_values.yaml": [ { "hashed_secret": "75cb4c02576c9abae38fadc84bc832f2af203f3e", @@ -143,18 +152,25 @@ } ], "helm/audit/README.md": [ + { + "hashed_secret": "a04a85e28ae4f699c0f8d014ad41160c9b9206f0", + "is_secret": false, + "is_verified": false, + "line_number": 39, + "type": "Secret Keyword" + }, { "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900", "is_secret": false, "is_verified": false, - "line_number": 64, + "line_number": 65, "type": "Secret Keyword" }, { "hashed_secret": "f09dd6e359833a12f48c4c4255d6e87a6e55cfe9", "is_secret": false, "is_verified": false, - "line_number": 84, + "line_number": 85, "type": "Secret Keyword" } ], @@ -210,7 +226,7 @@ ], "helm/fence/README.md": [ { - "hashed_secret": "4d10c0e4e0b7e73c9e709a15b81dbfa7ed3d91cc", + "hashed_secret": "7f57cb0116aa983d9844a39f6da9244cf98036b1", "is_secret": false, "is_verified": false, "line_number": 92, @@ -220,28 +236,28 @@ "hashed_secret": "b266a6d0f00bb36f6b98134bf4cec71f2d7943a3", "is_secret": false, "is_verified": false, - "line_number": 100, + "line_number": 102, "type": "Secret Keyword" }, { "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900", "is_secret": false, "is_verified": false, - "line_number": 125, + "line_number": 127, "type": "Secret Keyword" }, { "hashed_secret": "f09dd6e359833a12f48c4c4255d6e87a6e55cfe9", "is_secret": false, "is_verified": false, - "line_number": 152, + "line_number": 154, "type": "Secret Keyword" }, { "hashed_secret": "9d8fada0e01336e865c461bb3549084d206fe6da", "is_secret": false, "is_verified": false, - "line_number": 198, + "line_number": 200, "type": "Secret Keyword" } ], @@ -305,23 +321,23 @@ "hashed_secret": "5d07e1b80e448a213b392049888111e1779a52db", "is_secret": false, "is_verified": false, - "line_number": 1957, + "line_number": 1961, "type": "Secret Keyword" } ], "helm/gen3/README.md": [ { - "hashed_secret": "b266a6d0f00bb36f6b98134bf4cec71f2d7943a3", + "hashed_secret": "7422c958ec5a8e5f87c9e81cdf426ef0e193332c", "is_secret": false, "is_verified": false, - "line_number": 99, + "line_number": 75, "type": "Secret Keyword" }, { "hashed_secret": "1740c48fa3141d4851b14f97e3bc0f46f7670672", "is_secret": false, "is_verified": false, - "line_number": 133, + "line_number": 107, "type": "Secret Keyword" } ], @@ -369,25 +385,32 @@ } ], "helm/indexd/README.md": [ + { + "hashed_secret": "167402961a8c8a8b3764e865e865efa9ada95369", + "is_secret": false, + "is_verified": false, + "line_number": 30, + "type": "Secret Keyword" + }, { "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900", "is_secret": false, "is_verified": false, - "line_number": 54, + "line_number": 55, "type": "Secret Keyword" }, { "hashed_secret": "f09dd6e359833a12f48c4c4255d6e87a6e55cfe9", "is_secret": false, "is_verified": false, - "line_number": 73, + "line_number": 74, "type": "Secret Keyword" }, { "hashed_secret": "1cc98556e7b1353c7bd08344f9190808b0d3d6d4", "is_secret": true, "is_verified": false, - "line_number": 107, + "line_number": 108, "type": "Secret Keyword" } ], @@ -401,11 +424,18 @@ } ], "helm/manifestservice/README.md": [ + { + "hashed_secret": "cc524de4657898e872ff46e0a9256f4e186cdfe6", + "is_secret": false, + "is_verified": false, + "line_number": 36, + "type": "Secret Keyword" + }, { "hashed_secret": "611f2e9064b518afdb23f201321f39029dd28917", "is_secret": false, "is_verified": false, - "line_number": 85, + "line_number": 86, "type": "Secret Keyword" } ], @@ -419,18 +449,25 @@ } ], "helm/metadata/README.md": [ + { + "hashed_secret": "cbdb7939a61698c9c866ea614399ef7eb7770c68", + "is_secret": false, + "is_verified": false, + "line_number": 49, + "type": "Secret Keyword" + }, { "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900", "is_secret": false, "is_verified": false, - "line_number": 72, + "line_number": 74, "type": "Secret Keyword" }, { "hashed_secret": "f09dd6e359833a12f48c4c4255d6e87a6e55cfe9", "is_secret": false, "is_verified": false, - "line_number": 91, + "line_number": 93, "type": "Secret Keyword" } ], @@ -583,27 +620,6 @@ "is_verified": false, "line_number": 79, "type": "Secret Keyword" - }, - { - "hashed_secret": "c2c4e52c03a03ce3efeb21eb202d301018d4548e", - "is_secret": false, - "is_verified": false, - "line_number": 100, - "type": "Secret Keyword" - }, - { - "hashed_secret": "afc848c316af1a89d49826c5ae9d00ed769415f3", - "is_secret": false, - "is_verified": false, - "line_number": 109, - "type": "Secret Keyword" - }, - { - "hashed_secret": "fa4497447699cdb0a81c66a7f21af28a75170195", - "is_secret": false, - "is_verified": false, - "line_number": 111, - "type": "Secret Keyword" } ], "helm/sheepdog/sheepdog-secret/config_helper.py": [ @@ -615,7 +631,7 @@ "type": "Basic Auth Credentials" } ], - "helm/sheepdog/sheepdog-secret/wsgi.py": [ + "helm/sheepdog/sheepdog-secret/settings.py": [ { "hashed_secret": "347cd9c53ff77d41a7b22aa56c7b4efaf54658e3", "is_secret": false, @@ -624,15 +640,6 @@ "type": "Basic Auth Credentials" } ], - "helm/sheepdog/values.yaml": [ - { - "hashed_secret": "afc848c316af1a89d49826c5ae9d00ed769415f3", - "is_secret": false, - "is_verified": false, - "line_number": 243, - "type": "Secret Keyword" - } - ], "helm/sower/README.md": [ { "hashed_secret": "d84ce25b0f9bc2cc263006ae39453efb22cc2900", diff --git a/helm/gen3/Chart.yaml b/helm/gen3/Chart.yaml index d06ea3e4..6efdaff5 100644 --- a/helm/gen3/Chart.yaml +++ b/helm/gen3/Chart.yaml @@ -56,7 +56,7 @@ dependencies: repository: "file://../metadata" condition: metadata.enabled - name: peregrine - version: 0.1.11 + version: 0.1.12 repository: "file://../peregrine" condition: peregrine.enabled - name: pidgin @@ -76,7 +76,7 @@ dependencies: repository: "file://../revproxy" condition: revproxy.enabled - name: sheepdog - version: 0.1.12 + version: 0.1.13 repository: "file://../sheepdog" condition: sheepdog.enabled - name: ssjdispatcher @@ -115,7 +115,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.25 +version: 0.1.26 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/gen3/README.md b/helm/gen3/README.md index 3cbd2f8b..88882bd9 100644 --- a/helm/gen3/README.md +++ b/helm/gen3/README.md @@ -1,6 +1,6 @@ # gen3 -![Version: 0.1.25](https://img.shields.io/badge/Version-0.1.25-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.26](https://img.shields.io/badge/Version-0.1.26-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) Helm chart to deploy Gen3 Data Commons @@ -31,12 +31,12 @@ Helm chart to deploy Gen3 Data Commons | file://../indexd | indexd | 0.1.13 | | file://../manifestservice | manifestservice | 0.1.12 | | file://../metadata | metadata | 0.1.10 | -| file://../peregrine | peregrine | 0.1.11 | +| file://../peregrine | peregrine | 0.1.12 | | file://../pidgin | pidgin | 0.1.9 | | file://../portal | portal | 0.1.10 | | file://../requestor | requestor | 0.1.10 | | file://../revproxy | revproxy | 0.1.13 | -| file://../sheepdog | sheepdog | 0.1.12 | +| file://../sheepdog | sheepdog | 0.1.13 | | file://../sower | sower | 0.1.8 | | file://../ssjdispatcher | ssjdispatcher | 0.1.8 | | file://../wts | wts | 0.1.12 | @@ -49,7 +49,7 @@ Helm chart to deploy Gen3 Data Commons |-----|------|---------|-------------| | ambassador.enabled | bool | `true` | Whether to deploy the ambassador subchart. | | arborist.enabled | bool | `true` | Whether to deploy the arborist subchart. | -| argo-wrapper.enabled | bool | `true` | Whether to deploy the argo-wrapper subchart. | +| argo-wrapper.enabled | bool | `false` | Whether to deploy the argo-wrapper subchart. | | audit.enabled | bool | `true` | Whether to deploy the audit subchart. | | aws-es-proxy.enabled | bool | `false` | Whether to deploy the aws-es-proxy subchart. | | aws-es-proxy.esEndpoint | str | `"test.us-east-1.es.amazonaws.com"` | Elasticsearch endpoint in AWS | diff --git a/helm/gen3/values.yaml b/helm/gen3/values.yaml index 6dcc3cdf..8c2a3bbd 100644 --- a/helm/gen3/values.yaml +++ b/helm/gen3/values.yaml @@ -77,7 +77,7 @@ arborist: argo-wrapper: # -- (bool) Whether to deploy the argo-wrapper subchart. - enabled: true + enabled: false audit: # -- (bool) Whether to deploy the audit subchart. diff --git a/helm/peregrine/Chart.yaml b/helm/peregrine/Chart.yaml index eaf74f03..a7eac451 100644 --- a/helm/peregrine/Chart.yaml +++ b/helm/peregrine/Chart.yaml @@ -15,13 +15,13 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.11 +version: 0.1.12 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: "2023.01" +appVersion: "master" dependencies: diff --git a/helm/peregrine/README.md b/helm/peregrine/README.md index 8c83b684..a5910fd1 100644 --- a/helm/peregrine/README.md +++ b/helm/peregrine/README.md @@ -1,6 +1,6 @@ # peregrine -![Version: 0.1.11](https://img.shields.io/badge/Version-0.1.11-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2023.01](https://img.shields.io/badge/AppVersion-2023.01-informational?style=flat-square) +![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Peregrine service @@ -61,7 +61,7 @@ A Helm chart for gen3 Peregrine service | global.tierAccessLevel | string | `"libre"` | Access level for tiers. acceptable values for `tier_access_level` are: `libre`, `regular` and `private`. If omitted, by default common will be treated as `private` | | image.pullPolicy | string | `"IfNotPresent"` | When to pull the image. | | image.repository | string | `"quay.io/cdis/peregrine"` | The Docker image repository for the fence service | -| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| image.tag | string | `"feat_jq-audience"` | Overrides the image tag whose default is the chart appVersion. | | imagePullSecrets | list | `[]` | Docker image pull secrets. | | nameOverride | string | `""` | Override the name of the chart. | | nodeSelector | map | `{}` | Node Selector for the pods | diff --git a/helm/peregrine/values.yaml b/helm/peregrine/values.yaml index 2cec6c4a..46086658 100644 --- a/helm/peregrine/values.yaml +++ b/helm/peregrine/values.yaml @@ -113,7 +113,7 @@ image: # -- (string) When to pull the image. pullPolicy: IfNotPresent # -- (string) Overrides the image tag whose default is the chart appVersion. - tag: "" + tag: "feat_jq-audience" # -- (list) Docker image pull secrets. imagePullSecrets: [] diff --git a/helm/sheepdog/Chart.yaml b/helm/sheepdog/Chart.yaml index 46a7945d..79cf8269 100644 --- a/helm/sheepdog/Chart.yaml +++ b/helm/sheepdog/Chart.yaml @@ -15,7 +15,7 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.12 +version: 0.1.13 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to diff --git a/helm/sheepdog/README.md b/helm/sheepdog/README.md index bb94c74b..8325744c 100644 --- a/helm/sheepdog/README.md +++ b/helm/sheepdog/README.md @@ -1,6 +1,6 @@ # sheepdog -![Version: 0.1.12](https://img.shields.io/badge/Version-0.1.12-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) +![Version: 0.1.13](https://img.shields.io/badge/Version-0.1.13-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: master](https://img.shields.io/badge/AppVersion-master-informational?style=flat-square) A Helm chart for gen3 Sheepdog Service @@ -69,10 +69,10 @@ A Helm chart for gen3 Sheepdog Service | global.publicDataSets | bool | `true` | Whether public datasets are enabled. | | global.revproxyArn | string | `"arn:aws:acm:us-east-1:123456:certificate"` | ARN of the reverse proxy certificate. | | global.tierAccessLevel | string | `"libre"` | Access level for tiers. acceptable values for `tier_access_level` are: `libre`, `regular` and `private`. If omitted, by default common will be treated as `private` | -| image | map | `{"pullPolicy":"Always","repository":"quay.io/cdis/sheepdog","tag":""}` | Docker image information. | +| image | map | `{"pullPolicy":"Always","repository":"quay.io/cdis/sheepdog","tag":"bug_auth-audience"}` | Docker image information. | | image.pullPolicy | string | `"Always"` | Docker pull policy. | | image.repository | string | `"quay.io/cdis/sheepdog"` | Docker repository. | -| image.tag | string | `""` | Overrides the image tag whose default is the chart appVersion. | +| image.tag | string | `"bug_auth-audience"` | Overrides the image tag whose default is the chart appVersion. | | indexdUrl | string | `"http://indexd-service"` | URL for the indexd service | | partOf | string | `"Core-Service"` | Label to help organize pods and their use. Any value is valid, but use "_" or "-" to divide words. | | podAnnotations | map | `{"gen3.io/network-ingress":"sheepdog"}` | Annotations to add to the pod | @@ -97,22 +97,9 @@ A Helm chart for gen3 Sheepdog Service | resources.requests.cpu | string | `0.3` | The amount of CPU requested | | resources.requests.memory | string | `"12Mi"` | The amount of memory requested | | revisionHistoryLimit | int | `2` | Number of old revisions to retain | -| secrets | map | `{"awsAccessKeyId":null,"awsSecretAccessKey":null,"fence":{"database":"fence","host":"postgres-postgresql.postgres.svc.cluster.local","password":"postgres","user":"postgres"},"gdcapi":{"secretKey":null},"indexd":{"password":"postgres"},"sheepdog":{"database":"sheepdog","host":"postgres-postgresql.postgres.svc.cluster.local","password":"postgres","user":"postgres"}}` | Values for sheepdog secret. | +| secrets | map | `{"awsAccessKeyId":null,"awsSecretAccessKey":null}` | Values for sheepdog secret. | | secrets.awsAccessKeyId | str | `nil` | AWS access key ID to access the db restore job S3 bucket. Overrides global key. | | secrets.awsSecretAccessKey | str | `nil` | AWS secret access key ID to access the db restore job S3 bucket. Overrides global key. | -| secrets.fence | map | `{"database":"fence","host":"postgres-postgresql.postgres.svc.cluster.local","password":"postgres","user":"postgres"}` | Values for sheepdog's access to the fence database. | -| secrets.fence.database | string | `"fence"` | Database name for fence's db. | -| secrets.fence.host | string | `"postgres-postgresql.postgres.svc.cluster.local"` | Host for fence's db. | -| secrets.fence.password | string | `"postgres"` | Password to fence's db. | -| secrets.fence.user | string | `"postgres"` | User for fence's db. | -| secrets.gdcapi.secretKey | string | `nil` | GDCAPI token. | -| secrets.indexd | map | `{"password":"postgres"}` | Values for sheepdog's access to indexd database. | -| secrets.indexd.password | string | `"postgres"` | Password to indexd's db. | -| secrets.sheepdog | map | `{"database":"sheepdog","host":"postgres-postgresql.postgres.svc.cluster.local","password":"postgres","user":"postgres"}` | Values for sheepdog's database. | -| secrets.sheepdog.database | string | `"sheepdog"` | Database name for sheepdog's db. | -| secrets.sheepdog.host | string | `"postgres-postgresql.postgres.svc.cluster.local"` | Host for sheepdog's db. | -| secrets.sheepdog.password | string | `"postgres"` | Password to sheepdog's db. | -| secrets.sheepdog.user | string | `"postgres"` | User for sheepdog's db. | | selectorLabels | map | `nil` | Will completely override the selectorLabels defined in the common chart's _label_setup.tpl | | service | map | `{"port":80,"type":"ClusterIP"}` | Kubernetes service information. | | service.port | int | `80` | The port number that the service exposes. | diff --git a/helm/sheepdog/sheepdog-secret/wsgi.py b/helm/sheepdog/sheepdog-secret/settings.py similarity index 100% rename from helm/sheepdog/sheepdog-secret/wsgi.py rename to helm/sheepdog/sheepdog-secret/settings.py diff --git a/helm/sheepdog/values.yaml b/helm/sheepdog/values.yaml index 30291645..59b0841f 100644 --- a/helm/sheepdog/values.yaml +++ b/helm/sheepdog/values.yaml @@ -168,7 +168,7 @@ image: # -- (string) Docker pull policy. pullPolicy: Always # -- (string) Overrides the image tag whose default is the chart appVersion. - tag: "" + tag: "bug_auth-audience" # Environment Variables # -- (string) URL of the data dictionary. @@ -214,33 +214,6 @@ service: # Secrets # -- (map) Values for sheepdog secret. secrets: - # -- (map) Values for sheepdog's access to the fence database. - fence: - # -- (string) Host for fence's db. - host: postgres-postgresql.postgres.svc.cluster.local - # -- (string) User for fence's db. - user: postgres - # -- (string) Password to fence's db. - password: postgres - # -- (string) Database name for fence's db. - database: fence - # -- (map) Values for sheepdog's database. - sheepdog: - # -- (string) Host for sheepdog's db. - host: postgres-postgresql.postgres.svc.cluster.local - # -- (string) Password to sheepdog's db. - password: postgres - # -- (string) User for sheepdog's db. - user: postgres - # -- (string) Database name for sheepdog's db. - database: sheepdog - gdcapi: - # -- (string) GDCAPI token. - secretKey: - # -- (map) Values for sheepdog's access to indexd database. - indexd: - # -- (string) Password to indexd's db. - password: postgres # -- (str) AWS access key ID to access the db restore job S3 bucket. Overrides global key. awsAccessKeyId: # -- (str) AWS secret access key ID to access the db restore job S3 bucket. Overrides global key.