From 4dcc398700e48081ffe416078a7a0ea2c28face5 Mon Sep 17 00:00:00 2001
From: Martin Weise <martin.weise@tuwien.ac.at>
Date: Mon, 7 Apr 2025 14:03:50 +0200
Subject: [PATCH] Updated the charts
Signed-off-by: Martin Weise <martin.weise@tuwien.ac.at>
---
.../target/create-event-listener.jar | Bin 10142 -> 10139 bytes
dbrepo-gateway-service/dbrepo.conf | 24 -------------
dbrepo-storage-service/init/Dockerfile | 6 ++--
dbrepo-storage-service/init/init.sh | 10 +++---
docker-compose.yml | 7 ++--
helm/dbrepo/files/create-event-listener.jar | Bin 10142 -> 10139 bytes
helm/dbrepo/templates/dashboard-secret.yaml | 6 ++--
helm/dbrepo/templates/dashboard-service.yaml | 19 ++++++++++
.../dashboard-ui-prov-datasources-secret.yaml | 33 ------------------
helm/dbrepo/templates/gateway-configmap.yaml | 1 -
helm/dbrepo/values.yaml | 8 +----
lib/python/dbrepo/core/client/search.py | 6 ++--
12 files changed, 37 insertions(+), 83 deletions(-)
create mode 100644 helm/dbrepo/templates/dashboard-service.yaml
delete mode 100644 helm/dbrepo/templates/dashboard-ui-prov-datasources-secret.yaml
diff --git a/dbrepo-auth-service/listeners/target/create-event-listener.jar b/dbrepo-auth-service/listeners/target/create-event-listener.jar
index a36663dc0993c612b1f3701b5f2aebf5f9732665..4e688861f7947c1b94a9ed12d8a82eecf5488216 100644
GIT binary patch
delta 899
zcmbQ|KigkAz?+#xgn@yBgF&dEJ?cBt+S!GS3=C(O7#Kt*-&GQ??+rTbci2E+kNYY6
zAM81k?JjAVbFr`B@_1Spe_J}sv{0*h@}>R9eHA;n7};-UzpqHQd2L;=?TEu4*4hod
z+7W7cm!6zb7LeL!A@YXLs^rb3*S&8qY~DCSMzH%@SeyRYY4+~|j%RN+v2@$EMM@*=
zk^eL;of(00<-G0F%xo6CUsHdq_{jm=SKjm0=VsO%oYt+zvWzdMx9u*&(v!J+S8s50
zum3#Palc^KOa7nrMRx1MS#Jxxby9p<w_ki4Pt&cvuIdil3YoDl6({7IZk21cIXO8~
zsQ29CO)Y$E`?5pC?iBpEIWgm{^Mm7jB0O1>{eS(nz4CFV_Ul{Q>+ByC3s#>vUN8Co
zfZeNE@uue%F0+#_iQN<Rs(nh~y)9lZmQ9Pcd9kYTtw6_&DZBo2%j{lZX*Va_Ou*{P
z@<Z8g-gK6&GMRGf%;}mXCCkzy&F0R$SYtQq+-4z$DTiWww^-h-{&sbG@&3#SPXtqC
zZC(B^T`DfbTAR`7w(O)eC`z~(7&sUhgbF5aVpL@kESP+gQ4d6MGRcD|EhaT4p@PXl
zOxhr-p2-wMZDaBV$uTpZ15uZmdzb_ZHYc*oWnvO6*u>7m3F7hz)Cz*s_A1T>QCdn<
zIN{Mg`M8p$Jc!4D1UTVr0fx7Zizmw~OMpzbRF+{pH91UK5yYufmJ$8M$iR?Tq95SR
z$RxrHalBx`<W<Tt?9xnNnaP1F!WgFWqnPeI`M<Ip$XW6#GE4<bllz%uCr7DpDWJPa
zA4S)4kV5In^Hr4O1q<4v{>*E0>SADE_`txxpaECNz_6t8%j5?t<{<Y<s>(1PnQW#S
z2;y|A$}k17OfF<GnS5K72PE=RRfg#!+hhTDiOKS6U=dw48K(dIlM7kYCl{$1FwK#j
z+|MLEdB2(_$g!`~WSHs{p(0X~ZPmrV-W2u-IhV}9z_5{lfk7C>9nzDF)YaJ5D}e+7
Dp@lCn
delta 1018
zcmbR3KhIw{z?+#xgn@yBgTdXdJ*wsXbHkE}!ix0=^ByY*?2Z0p|ADzdcDd)Z?aQif
zxaEd>&EDIecw@m0i>8g2|NIqFFWnk=^&11vndEzqdHWx%Iq2|*|5rkE_@<bY%%bOl
z9H#Md-rqQEt;$|sz4q-zq~bF5BbzpFeWtzl@%ieIkGE`m{U(}*F&_2$b2O+|_43r?
zwWk*@*5!Xuy}JH`lx2~B+okKC%cJ8rUERdn80x;w?Q9+6(v!8D*Kc%mkN+I&_+MGX
zT>i=alRG2rr{s8V;a@tX{jg(%FiR<Ww_k&h!zHW7iWA<8l*%>RoSvL1)I0BJDywZz
zjs3<=4~`w)-sh5C&tCV+;pBpgn_q6IZ&I`SesI^j(i{ChW_H*<sdqi6e<S_shuzmK
zLrk7DXPw$VtxYj?&h}W<klQC@<wEZs%HwhI@iP6x+E;r;M*dv3G>7c3;)kZ+zCB6}
z^D)sf`26#Vh}HG($a#<2t@;F{p}rdNXC?i8DX%9lQSiT<tQ)N$yj8zX<%@J<ZWW
zq~xMdug~OqP*iX+FmNz1xHH;KUeBn?<YqVd8lxVQyWM0qCV3F0&ZGvS{F$^tR1K3U
zh}z8L&E#e`iTNBz{RQS8CU?8daV&G0K=fZW9!?O=El?{6Qro3C8$_uqP2q&c_v9l=
zmLS3ZN-~VgCd(*GD7e|RM=>A)Avjxr;jQCY#>o$uMJ8t`^JIg}fXgv3FfhY8AccP!
z85j~v^aH#ZnM9bOK0`B^3q^w*6Ieq@X?bR99-6+%_myQB-6sE0mIJv}Mn#6Pcyfb^
zj5a>g^-)Y;HMv2>4irWQRAiXGGffs?)|$+r$^-VT&u^AhdJGH<It&a9PH<fe3`-i1
zGf#fN>@vARl}7>O+y9@Mcl$FjFkEA0U@$^a7|Jp^kHuv24X8rye}aE*aWF8f6JTHv
zLs9sJZ89&r#AF#Y9*|G8)MS{L1SaRPs87yUGhm!Qd4ZZM*rwg<9wdRB0>ZW^1~e*8
qUZ`d|`Me?*)c1%CEbI|-E}4OWVIu<rgD{FFxykwJYHXX7K!N}W!AVH~
diff --git a/dbrepo-gateway-service/dbrepo.conf b/dbrepo-gateway-service/dbrepo.conf
index 659300566e..dbd796fcb8 100644
--- a/dbrepo-gateway-service/dbrepo.conf
+++ b/dbrepo-gateway-service/dbrepo.conf
@@ -16,30 +16,6 @@ server {
listen 8080 default_server;
server_name _;
- location /dashboard/ {
- rewrite ^/dashboard/(.*) /$1 break;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_pass http://dashboard-ui:3000;
- proxy_read_timeout 90;
- }
-
- # Proxy Grafana Live WebSocket connections.
- location /dashboard/api/live/ {
- rewrite ^/dashboard/(.*) /$1 break;
- proxy_set_header X-Real-IP $remote_addr;
- proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
- proxy_set_header X-Forwarded-Host $host;
- proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header Upgrade $http_upgrade;
- proxy_set_header Connection $connection_upgrade;
- proxy_http_version 1.1;
- proxy_pass http://dashboard-ui:3000;
- proxy_read_timeout 90;
- }
-
# Proxy Keycloak OIDC connections, c.f. https://www.keycloak.org/server/reverseproxy#_exposed_path_recommendations
location /realms {
proxy_set_header X-Real-IP $remote_addr;
diff --git a/dbrepo-storage-service/init/Dockerfile b/dbrepo-storage-service/init/Dockerfile
index be95322ff4..4c3c671a05 100644
--- a/dbrepo-storage-service/init/Dockerfile
+++ b/dbrepo-storage-service/init/Dockerfile
@@ -4,10 +4,10 @@ LABEL org.opencontainers.image.authors="martin.weise@tuwien.ac.at"
RUN apk add --no-cache bash \
&& pip install s3cmd
-USER 1001
-
WORKDIR /app
-COPY --chown=1001 --chmod=0777 ./init.sh /app/init.sh
+RUN adduser -D dbrepo --uid 1001
+
+COPY --chown=1001 --chmod=0744 ./init.sh /app/init.sh
ENTRYPOINT [ "bash", "-c", "/app/init.sh" ]
diff --git a/dbrepo-storage-service/init/init.sh b/dbrepo-storage-service/init/init.sh
index 91a1c41aad..2339978957 100644
--- a/dbrepo-storage-service/init/init.sh
+++ b/dbrepo-storage-service/init/init.sh
@@ -1,17 +1,17 @@
#!/bin/bash
-cat << EOF > /app/config/.s3cfg
+cat << EOF > /app/.s3cfg
access_key = ${S3_ACCESS_KEY_ID}
secret_key = ${S3_SECRET_ACCESS_KEY}
# Setup endpoint
host_base = ${STORAGE_ENDPOINT}
-host_bucket = ${STORAGE_ENDPOINT}
+host_bucket = ${S3_BUCKET}
use_https = False
# Enable S3 v4 signature APIs
signature_v2 = False
EOF
-s3cmd --config=/app/config/.s3cfg ls | grep "s3://${S3_BUCKET}"
-if s3cmd --config=/app/config/.s3cfg ls | grep -q "s3://${S3_BUCKET}"; then
+s3cmd --config=/app/.s3cfg ls | grep "s3://${S3_BUCKET}"
+if s3cmd --config=/app/.s3cfg ls | grep -q "s3://${S3_BUCKET}"; then
echo "Bucket s3://${S3_BUCKET} already exists, skip."
exit 0
fi
-s3cmd --config=/app/config/.s3cfg mb s3://${S3_BUCKET}
\ No newline at end of file
+s3cmd --config=/app/.s3cfg mb s3://${S3_BUCKET}
\ No newline at end of file
diff --git a/docker-compose.yml b/docker-compose.yml
index 85ae727ebf..97ab75d5d3 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -376,6 +376,8 @@ services:
condition: service_healthy
dbrepo-dashboard-service:
condition: service_healthy
+ dbrepo-dashboard-ui:
+ condition: service_healthy
dbrepo-ui:
condition: service_healthy
logging:
@@ -574,7 +576,6 @@ services:
environment:
BASE_URL: "${BASE_URL:-http://localhost}"
GF_INSTALL_PLUGINS: "yesoreyeram-infinity-datasource"
- GF_SERVER_DOMAIN: "dashboard-service"
GF_SECURITY_DISABLE_INITIAL_ADMIN_CREATION: "true"
LDAP_ADMIN_USERNAME: "${IDENTITY_SERVICE_ADMIN_USERNAME:-admin}"
LDAP_ADMIN_PASSWORD: "${IDENTITY_SERVICE_ADMIN_PASSWORD:-admin}"
@@ -585,8 +586,8 @@ services:
timeout: 5s
retries: 12
depends_on:
- dbrepo-metric-db:
- condition: service_started
+ dbrepo-data-db:
+ condition: service_healthy
extra_hosts:
- "localhost:host-gateway"
logging:
diff --git a/helm/dbrepo/files/create-event-listener.jar b/helm/dbrepo/files/create-event-listener.jar
index a36663dc0993c612b1f3701b5f2aebf5f9732665..4e688861f7947c1b94a9ed12d8a82eecf5488216 100644
GIT binary patch
delta 899
zcmbQ|KigkAz?+#xgn@yBgF&dEJ?cBt+S!GS3=C(O7#Kt*-&GQ??+rTbci2E+kNYY6
zAM81k?JjAVbFr`B@_1Spe_J}sv{0*h@}>R9eHA;n7};-UzpqHQd2L;=?TEu4*4hod
z+7W7cm!6zb7LeL!A@YXLs^rb3*S&8qY~DCSMzH%@SeyRYY4+~|j%RN+v2@$EMM@*=
zk^eL;of(00<-G0F%xo6CUsHdq_{jm=SKjm0=VsO%oYt+zvWzdMx9u*&(v!J+S8s50
zum3#Palc^KOa7nrMRx1MS#Jxxby9p<w_ki4Pt&cvuIdil3YoDl6({7IZk21cIXO8~
zsQ29CO)Y$E`?5pC?iBpEIWgm{^Mm7jB0O1>{eS(nz4CFV_Ul{Q>+ByC3s#>vUN8Co
zfZeNE@uue%F0+#_iQN<Rs(nh~y)9lZmQ9Pcd9kYTtw6_&DZBo2%j{lZX*Va_Ou*{P
z@<Z8g-gK6&GMRGf%;}mXCCkzy&F0R$SYtQq+-4z$DTiWww^-h-{&sbG@&3#SPXtqC
zZC(B^T`DfbTAR`7w(O)eC`z~(7&sUhgbF5aVpL@kESP+gQ4d6MGRcD|EhaT4p@PXl
zOxhr-p2-wMZDaBV$uTpZ15uZmdzb_ZHYc*oWnvO6*u>7m3F7hz)Cz*s_A1T>QCdn<
zIN{Mg`M8p$Jc!4D1UTVr0fx7Zizmw~OMpzbRF+{pH91UK5yYufmJ$8M$iR?Tq95SR
z$RxrHalBx`<W<Tt?9xnNnaP1F!WgFWqnPeI`M<Ip$XW6#GE4<bllz%uCr7DpDWJPa
zA4S)4kV5In^Hr4O1q<4v{>*E0>SADE_`txxpaECNz_6t8%j5?t<{<Y<s>(1PnQW#S
z2;y|A$}k17OfF<GnS5K72PE=RRfg#!+hhTDiOKS6U=dw48K(dIlM7kYCl{$1FwK#j
z+|MLEdB2(_$g!`~WSHs{p(0X~ZPmrV-W2u-IhV}9z_5{lfk7C>9nzDF)YaJ5D}e+7
Dp@lCn
delta 1018
zcmbR3KhIw{z?+#xgn@yBgTdXdJ*wsXbHkE}!ix0=^ByY*?2Z0p|ADzdcDd)Z?aQif
zxaEd>&EDIecw@m0i>8g2|NIqFFWnk=^&11vndEzqdHWx%Iq2|*|5rkE_@<bY%%bOl
z9H#Md-rqQEt;$|sz4q-zq~bF5BbzpFeWtzl@%ieIkGE`m{U(}*F&_2$b2O+|_43r?
zwWk*@*5!Xuy}JH`lx2~B+okKC%cJ8rUERdn80x;w?Q9+6(v!8D*Kc%mkN+I&_+MGX
zT>i=alRG2rr{s8V;a@tX{jg(%FiR<Ww_k&h!zHW7iWA<8l*%>RoSvL1)I0BJDywZz
zjs3<=4~`w)-sh5C&tCV+;pBpgn_q6IZ&I`SesI^j(i{ChW_H*<sdqi6e<S_shuzmK
zLrk7DXPw$VtxYj?&h}W<klQC@<wEZs%HwhI@iP6x+E;r;M*dv3G>7c3;)kZ+zCB6}
z^D)sf`26#Vh}HG($a#<2t@;F{p}rdNXC?i8DX%9lQSiT<tQ)N$yj8zX<%@J<ZWW
zq~xMdug~OqP*iX+FmNz1xHH;KUeBn?<YqVd8lxVQyWM0qCV3F0&ZGvS{F$^tR1K3U
zh}z8L&E#e`iTNBz{RQS8CU?8daV&G0K=fZW9!?O=El?{6Qro3C8$_uqP2q&c_v9l=
zmLS3ZN-~VgCd(*GD7e|RM=>A)Avjxr;jQCY#>o$uMJ8t`^JIg}fXgv3FfhY8AccP!
z85j~v^aH#ZnM9bOK0`B^3q^w*6Ieq@X?bR99-6+%_myQB-6sE0mIJv}Mn#6Pcyfb^
zj5a>g^-)Y;HMv2>4irWQRAiXGGffs?)|$+r$^-VT&u^AhdJGH<It&a9PH<fe3`-i1
zGf#fN>@vARl}7>O+y9@Mcl$FjFkEA0U@$^a7|Jp^kHuv24X8rye}aE*aWF8f6JTHv
zLs9sJZ89&r#AF#Y9*|G8)MS{L1SaRPs87yUGhm!Qd4ZZM*rwg<9wdRB0>ZW^1~e*8
qUZ`d|`Me?*)c1%CEbI|-E}4OWVIu<rgD{FFxykwJYHXX7K!N}W!AVH~
diff --git a/helm/dbrepo/templates/dashboard-secret.yaml b/helm/dbrepo/templates/dashboard-secret.yaml
index 21ae5b1311..e9486d671c 100644
--- a/helm/dbrepo/templates/dashboard-secret.yaml
+++ b/helm/dbrepo/templates/dashboard-secret.yaml
@@ -6,12 +6,10 @@ metadata:
name: dashboard-service-secret
namespace: {{ include "common.names.namespace" . | quote }}
stringData:
- AUTH_SERVICE_ADMIN: "{{ .Values.authservice.auth.adminUser }}"
- AUTH_SERVICE_ADMIN_PASSWORD: "{{ .Values.authservice.auth.adminPassword }}"
AUTH_SERVICE_ENDPOINT: "{{ .Values.authservice.endpoint }}"
BASE_URL: "{{ .Values.gateway }}"
DASHBOARD_UI_ENDPOINT: "{{ .Values.dashboardui.endpoint }}"
METADATA_SERVICE_ENDPOINT: "{{ .Values.metadataservice.endpoint }}"
- SYSTEM_USERNAME: "{{ .Values.identityservice.users }}"
- SYSTEM_PASSWORD: "{{ .Values.identityservice.userPasswords }}"
+ SYSTEM_USERNAME: "{{ .Values.authservice.auth.adminUser }}"
+ SYSTEM_PASSWORD: "{{ .Values.authservice.auth.adminPassword }}"
{{- end }}
diff --git a/helm/dbrepo/templates/dashboard-service.yaml b/helm/dbrepo/templates/dashboard-service.yaml
new file mode 100644
index 0000000000..4bace46dfc
--- /dev/null
+++ b/helm/dbrepo/templates/dashboard-service.yaml
@@ -0,0 +1,19 @@
+{{- if .Values.dashboardservice.enabled }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: dashboard-service
+ namespace: {{ include "common.names.namespace" . | quote }}
+ labels:
+ service: dashboard-service
+spec:
+ type: ClusterIP
+ ports:
+ - name: "dashboard-service"
+ port: 80
+ targetPort: 8080
+ protocol: TCP
+ selector:
+ service: dashboard-service
+{{- end }}
diff --git a/helm/dbrepo/templates/dashboard-ui-prov-datasources-secret.yaml b/helm/dbrepo/templates/dashboard-ui-prov-datasources-secret.yaml
deleted file mode 100644
index 2d10baefd2..0000000000
--- a/helm/dbrepo/templates/dashboard-ui-prov-datasources-secret.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-{{- if .Values.dashboardui.enabled }}
----
-apiVersion: v1
-kind: Secret
-metadata:
- name: dashboard-ui-prov-datasources-secret
- namespace: {{ include "common.names.namespace" . | quote }}
-stringData:
- infinity.yaml: |-
- apiVersion: 1
- datasources:
- - name: dbrepo-json
- uid: dbrepojson0
- type: yesoreyeram-infinity-datasource
- basicAuth: true
- basicAuthUser: {{ .Values.datadb.db.user }}
- url: {{ .Values.gateway }}
- jsonData:
- auth_method: 'basicAuth'
- httpHeaderName1: Accept
- allowedHosts:
- - '{{ .Values.gateway }}'
- secureJsonData:
- basicAuthPassword: {{ .Values.datadb.db.password }}
- httpHeaderValue1: application/json
- prometheus.yaml: |-
- apiVersion: 1
- datasources:
- - name: dbrepo-metrics
- type: prometheus
- uid: dbrepometrics0
- url: {{ .Values.metricdb.endpoint }}
-{{- end }}
diff --git a/helm/dbrepo/templates/gateway-configmap.yaml b/helm/dbrepo/templates/gateway-configmap.yaml
index 6b8a912db7..328efdcd92 100644
--- a/helm/dbrepo/templates/gateway-configmap.yaml
+++ b/helm/dbrepo/templates/gateway-configmap.yaml
@@ -97,7 +97,6 @@ data:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
- proxy_set_header X-Forwarded-Host $host;
proxy_pass http://dashboard-service;
proxy_read_timeout 90;
}
diff --git a/helm/dbrepo/values.yaml b/helm/dbrepo/values.yaml
index d82ab7c0d9..9346fc8cba 100644
--- a/helm/dbrepo/values.yaml
+++ b/helm/dbrepo/values.yaml
@@ -908,7 +908,7 @@ dashboardservice:
enabled: true
image:
## @skip dashboardservice.image.name
- name: registry.datalab.tuwien.ac.at/dbrepo/auth-service-init:1.8.0
+ name: registry.datalab.tuwien.ac.at/dbrepo/dashboard-service:1.8.0
## @param dashboardservice.endpoint The endpoint for the microservices.
endpoint: http://dashboard-service
## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod
@@ -1001,12 +1001,6 @@ dashboardui:
ports:
## @skip dashboardui.service.ports.grafana
grafana: 80
- datasources:
- ## @skip dashboardui.datasources.secretName
- secretName: "dashboard-ui-prov-datasources-secret"
- dashboardsProvider:
- ## @param dashboardui.dashboardsProvider.enabled Enable the default dashboard provisioning provider to routinely import dashboards from /opt/bitnami/grafana/dashboards
- enabled: true
## @section Metric Service
diff --git a/lib/python/dbrepo/core/client/search.py b/lib/python/dbrepo/core/client/search.py
index d139499fb6..033ed0beda 100644
--- a/lib/python/dbrepo/core/client/search.py
+++ b/lib/python/dbrepo/core/client/search.py
@@ -39,9 +39,9 @@ class SearchServiceClient:
@returns: The opensearch instance singleton, if successful.
"""
if self.instance is None:
- self.instance = OpenSearch(hosts=[{"host": self.host, "port": self.port}],
- http_compress=True,
- http_auth=(self.system_username, self.system_password))
+ self.instance = SearchServiceClient(hosts=[{"host": self.host, "port": self.port}],
+ http_compress=True,
+ http_auth=(self.system_username, self.system_password))
return self.instance
def database_exists(self, database_id: str):
--
GitLab