charm-k8s-discourse

Merge ~kotodama/charm-k8s-discourse:s3_storage into charm-k8s-discourse:master

  1. Git
  2. lp:~kotodama/charm-k8s-discourse
  3. s3_storage
  4. Merge into master
Proposed by Loïc Gomez
Status: Merged
Approved by: Tom Haddon
Approved revision: 70d5de3315b437da407d3610a9d0badb9f935639
Merged at revision: 0df9bf214e523b084497453bba033bdc71214c4c
Proposed branch: ~kotodama/charm-k8s-discourse:s3_storage
Merge into: charm-k8s-discourse:master
Prerequisite: ~kotodama/charm-k8s-discourse:fix_unit_tests
Diff against target: 512 lines (+413/-0)
7 files modified
config.yaml (+62/-0)
image/scripts/pod_setup (+10/-0)
src/charm.py (+30/-0)
tests/unit/fixtures/config_invalid_missing_required_s3_options.yaml (+28/-0)
tests/unit/fixtures/config_valid_complete.yaml (+26/-0)
tests/unit/fixtures/config_valid_no_s3.yaml (+120/-0)
tests/unit/fixtures/config_valid_s3_only_required_options.yaml (+137/-0)
Reviewer Review Type Date Requested Status
Tom Haddon Approve
🤖 prod-jenkaas-is (community) continuous-integration Approve
Canonical IS Reviewers Pending
Review via email: mp+414970@code.launchpad.net

Commit message

Add S3 support for uploaded objects storage

To post a comment you must log in.
Revision history for this message
Loïc Gomez (kotodama) wrote :

Careful: prerequisite branch ~kotodama/charm-k8s-discourse:fix_unit_tests

Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

This merge proposal is being monitored by mergebot. Change the status to Approved to merge.

Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Unable to determine commit message from repository - please click "Set commit message" and enter the commit message manually.

Revision history for this message
🤖 prod-jenkaas-is (prod-jenkaas-is) wrote :

A CI job is currently in progress. A follow up comment will be added when it completes.

Revision history for this message
🤖 prod-jenkaas-is (prod-jenkaas-is) wrote :

FAILED: Continuous integration, rev:45c0d961fab14a396e475d944f64e9e9b4285c0c

No commit message was specified in the merge proposal. Click on the following link and set the commit message (if you want jenkins to rebuild you need to trigger it yourself):
https://code.launchpad.net/~kotodama/charm-k8s-discourse/+git/charm-k8s-discourse/+merge/414970/+edit-commit-message

https://jenkins.canonical.com/is/job/lp-charm-k8s-discourse-ci/47/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/is/job/lp-charm-test/167/
    None: https://jenkins.canonical.com/is/job/lp-update-mp/677791/

Click here to trigger a rebuild:
https://jenkins.canonical.com/is/job/lp-charm-k8s-discourse-ci/47//rebuild

review: Needs Fixing (continuous-integration)
Revision history for this message
🤖 prod-jenkaas-is (prod-jenkaas-is) wrote :

A CI job is currently in progress. A follow up comment will be added when it completes.

Revision history for this message
🤖 prod-jenkaas-is (prod-jenkaas-is) wrote :

PASSED: Continuous integration, rev:2cb1be3f9fb6d1bf885b2efb79b4d94c7fb6ff8c
https://jenkins.canonical.com/is/job/lp-charm-k8s-discourse-ci/49/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/is/job/lp-charm-test/169/
    None: https://jenkins.canonical.com/is/job/lp-update-mp/679353/

Click here to trigger a rebuild:
https://jenkins.canonical.com/is/job/lp-charm-k8s-discourse-ci/49//rebuild

review: Approve (continuous-integration)
Revision history for this message
Tom Haddon (mthaddon) wrote :

Some comments inline. Also, since we're spinning up a staging instance for this, let's test before merging.

Revision history for this message
Loïc Gomez (kotodama) wrote :

Thanks, fixed.
Also, changed naming of s3_config to s3_env, as it felt more natural (we're compiling S3 configuration into S3 environment variables actually).

Will set to Need Review again when it's been tested.

Revision history for this message
🤖 prod-jenkaas-is (prod-jenkaas-is) wrote :

A CI job is currently in progress. A follow up comment will be added when it completes.

Revision history for this message
Loïc Gomez (kotodama) wrote :

Fixed default s3_endpoint, requires https:// prefix.
Charm tested on https://discourse-is.staging.canonical.com/ using AWS S3 buckets.

Revision history for this message
🤖 prod-jenkaas-is (prod-jenkaas-is) wrote :

PASSED: Continuous integration, rev:42f931199b4b4c4d5c992e3062125b4537bbc48e
https://jenkins.canonical.com/is/job/lp-charm-k8s-discourse-ci/50/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/is/job/lp-charm-test/171/
    None: https://jenkins.canonical.com/is/job/lp-update-mp/693362/

Click here to trigger a rebuild:
https://jenkins.canonical.com/is/job/lp-charm-k8s-discourse-ci/50//rebuild

review: Approve (continuous-integration)
Revision history for this message
🤖 prod-jenkaas-is (prod-jenkaas-is) wrote :

A CI job is currently in progress. A follow up comment will be added when it completes.

Revision history for this message
🤖 prod-jenkaas-is (prod-jenkaas-is) wrote :

PASSED: Continuous integration, rev:70d5de3315b437da407d3610a9d0badb9f935639
https://jenkins.canonical.com/is/job/lp-charm-k8s-discourse-ci/51/
Executed test runs:
    SUCCESS: https://jenkins.canonical.com/is/job/lp-charm-test/172/
    None: https://jenkins.canonical.com/is/job/lp-update-mp/693503/

Click here to trigger a rebuild:
https://jenkins.canonical.com/is/job/lp-charm-k8s-discourse-ci/51//rebuild

review: Approve (continuous-integration)
Revision history for this message
Tom Haddon (mthaddon) wrote :

LGTM, thx

review: Approve
Revision history for this message
🤖 Canonical IS Merge Bot (canonical-is-mergebot) wrote :

Change successfully merged at revision 0df9bf214e523b084497453bba033bdc71214c4c

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/config.yaml b/config.yaml
2index f8bd1bc..cd002bc 100644
3--- a/config.yaml
4+++ b/config.yaml
5@@ -87,3 +87,65 @@ options:
6 type: int
7 description: "Max allowed body-size (for file uploads) in megabytes, set to 0 to disable limits"
8 default: 20
9+ s3_enabled:
10+ type: boolean
11+ description: |
12+ Store uploaded objects in an S3-compatible object storage service instead of a local directory.
13+
14+ If true, sets DISCOURSE_USE_S3=true.
15+ Check https://meta.discourse.org/t/using-object-storage-for-uploads-s3-clones/148916 for more details.
16+ default: false
17+ s3_endpoint:
18+ type: string
19+ description: |
20+ The S3 endpoint to use. This may be a non-Amazon S3-compatible endpoint.
21+
22+ Sets DISCOURSE_S3_ENDPOINT
23+ default: "https://s3.amazonaws.com"
24+ s3_bucket:
25+ type: string
26+ description: |
27+ The S3 bucket to use.
28+
29+ Sets DISCOURSE_S3_BUCKET.
30+ Required if s3_enabled is true.
31+ default: ""
32+ s3_access_key_id:
33+ type: string
34+ description: |
35+ The S3 access key ID to use.
36+
37+ Sets DISCOURSE_S3_ACCESS_KEY_ID.
38+ Required if s3_enabled is true.
39+ default: ""
40+ s3_secret_access_key:
41+ type: string
42+ description: |
43+ The S3 secret key to use.
44+
45+ Sets DISCOURSE_S3_SECRET_ACCESS_KEY.
46+ Required if s3_enabled is true.
47+ default: ""
48+ s3_region:
49+ type: string
50+ description: |
51+ The S3 region to use.
52+
53+ Sets DISCOURSE_S3_REGION.
54+ Required if s3_enabled is true.
55+ default: ""
56+ s3_backup_bucket:
57+ type: string
58+ description: |
59+ The S3 bucket to use for backups.
60+
61+ Sets DISCOURSE_S3_BACKUP_BUCKET.
62+ Also sets DISCOURSE_BACKUP_LOCATION=s3.
63+ default: ""
64+ s3_cdn_url:
65+ type: string
66+ description: |
67+ The S3 Content Delivery Network URL.
68+
69+ Sets DISCOURSE_S3_CDN_URL.
70+ default: ""
71diff --git a/image/scripts/pod_setup b/image/scripts/pod_setup
72index 69b7b55..4893723 100755
73--- a/image/scripts/pod_setup
74+++ b/image/scripts/pod_setup
75@@ -45,3 +45,13 @@ su -s /bin/bash -c "bin/bundle exec rake assets:precompile RAILS_ENV=$RAILS_ENV"
76 su -s /bin/bash -c "bin/bundle exec rake assets:precompile RAILS_ENV=$RAILS_ENV" ${CONTAINER_APP_USERNAME} 2>&1 |sed 's/^/asset-build-2: /'
77 # LP#1952681: Third run consistently succeeds
78 su -s /bin/bash -c "bin/bundle exec rake assets:precompile RAILS_ENV=$RAILS_ENV" ${CONTAINER_APP_USERNAME} 2>&1 |sed 's/^/asset-build-3: /'
79+
80+if [ ! -z "${DISCOURSE_USE_S3}" ] && [ "${DISCOURSE_USE_S3}" == "true" ]; then
81+ echo "Discourse is configured to use S3:"
82+ echo "S3_ENDPOINT=${DISCOURSE_S3_ENDPOINT}"
83+ echo "S3_BUCKET=${DISCOURSE_S3_BUCKET}"
84+ echo "Running migration to S3..."
85+ su -s /bin/bash -c "bin/bundle exec rake s3:upload_assets RAILS_ENV=$RAILS_ENV" ${CONTAINER_APP_USERNAME} 2>&1
86+else
87+ echo "Not running migration to S3 (DISCOURSE_USE_S3=${DISCOURSE_USE_S3})."
88+fi
89diff --git a/src/charm.py b/src/charm.py
90index 4085867..4710b2c 100755
91--- a/src/charm.py
92+++ b/src/charm.py
93@@ -40,6 +40,7 @@ THROTTLE_LEVELS = {
94 'DISCOURSE_MAX_REQS_RATE_LIMIT_ON_PRIVATE': 'false',
95 },
96 }
97+REQUIRED_S3_SETTINGS = ['s3_access_key_id', 's3_bucket', 's3_region', 's3_secret_access_key']
98
99
100 def create_discourse_pod_config(config):
101@@ -71,6 +72,9 @@ def create_discourse_pod_config(config):
102 for key in saml_config:
103 pod_config[key] = saml_config[key]
104
105+ if config.get('s3_enabled'):
106+ pod_config.update(get_s3_env(config))
107+
108 # We only get valid throttle levels here, otherwise it would be caught
109 # by `check_for_config_problems`, so we can be sure this won't raise a
110 # KeyError.
111@@ -105,6 +109,29 @@ def get_saml_config(config):
112 return saml_config
113
114
115+def get_s3_env(config):
116+ """Get the list of S3-related environment variables from charm's configuration."""
117+ if not config.get('s3_enabled'):
118+ return {}
119+
120+ s3_env = {
121+ 'DISCOURSE_USE_S3': True,
122+ 'DISCOURSE_S3_REGION': config['s3_region'],
123+ 'DISCOURSE_S3_ENDPOINT': config.get('s3_endpoint', 's3.amazonaws.com'),
124+ 'DISCOURSE_S3_ACCESS_KEY_ID': config['s3_access_key_id'],
125+ 'DISCOURSE_S3_SECRET_ACCESS_KEY': config['s3_secret_access_key'],
126+ 'DISCOURSE_S3_BUCKET': config['s3_bucket'],
127+ }
128+
129+ if config.get('s3_backup_bucket'):
130+ s3_env['DISCOURSE_S3_BACKUP_BUCKET'] = config['s3_backup_bucket']
131+ s3_env['DISCOURSE_BACKUP_LOCATION'] = 's3'
132+ if config.get('s3_cdn_url'):
133+ s3_env['DISCOURSE_S3_CDN_URL'] = config['s3_cdn_url']
134+
135+ return s3_env
136+
137+
138 def create_ingress_config(app_name, config):
139 """Create the ingress config form the juju config."""
140 annotations = {}
141@@ -201,6 +228,9 @@ def check_for_config_problems(config, stored):
142 if config['saml_sync_groups'] and not config['saml_target_url']:
143 errors.append("'saml_sync_groups' cannot be specified without a 'saml_target_url'")
144
145+ if config.get('s3_enabled'):
146+ errors.extend(["'s3_enabled' requires '{}'".format(x) for x in REQUIRED_S3_SETTINGS if x not in config])
147+
148 return errors
149
150
151diff --git a/tests/unit/fixtures/config_invalid_missing_required_s3_options.yaml b/tests/unit/fixtures/config_invalid_missing_required_s3_options.yaml
152new file mode 100644
153index 0000000..f542315
154--- /dev/null
155+++ b/tests/unit/fixtures/config_invalid_missing_required_s3_options.yaml
156@@ -0,0 +1,28 @@
157+config:
158+ cors_origin: '*'
159+ db_name: discourse
160+ developer_emails: some.person@example.com
161+ discourse_image: discourse-k8s:1.0.7f
162+ enable_cors: true
163+ external_hostname: discourse.local
164+ image_pass: ''
165+ image_user: ''
166+ redis_host: 10.9.89.197
167+ smtp_address: 167.89.123.58
168+ smtp_authentication: login
169+ smtp_domain: example.com
170+ smtp_openssl_verify_mode: none
171+ smtp_password: OBV10USLYF4K3
172+ smtp_port: 587
173+ smtp_username: apikey
174+ saml_sync_groups: ''
175+ saml_target_url: https://login.ubuntu.com/+saml
176+ force_saml_login: true
177+ throttle_level: none
178+ s3_enabled: true
179+config_problems:
180+ - "'s3_enabled' requires 's3_access_key_id'"
181+ - "'s3_enabled' requires 's3_bucket'"
182+ - "'s3_enabled' requires 's3_region'"
183+ - "'s3_enabled' requires 's3_secret_access_key'"
184+missing_fields: []
185diff --git a/tests/unit/fixtures/config_valid_complete.yaml b/tests/unit/fixtures/config_valid_complete.yaml
186index 87127e5..1d14364 100644
187--- a/tests/unit/fixtures/config_valid_complete.yaml
188+++ b/tests/unit/fixtures/config_valid_complete.yaml
189@@ -21,7 +21,16 @@ config:
190 saml_target_url: https://login.ubuntu.com/+saml
191 force_saml_login: true
192 throttle_level: none
193+ s3_enabled: true
194+ s3_endpoint: 'not.aws.endpoi.nt'
195+ s3_bucket: 'who-s-a-good-bucket?'
196+ s3_access_key_id: '3|33+'
197+ s3_secret_access_key: 's|kI0ure_k3Y'
198+ s3_region: 'the-infinite-and-beyond'
199+ s3_backup_bucket: 'backups-please'
200+ s3_cdn_url: 'https://cdn.my.domain'
201 pod_config:
202+ DISCOURSE_BACKUP_LOCATION: 's3'
203 DISCOURSE_CORS_ORIGIN: '*'
204 DISCOURSE_DEVELOPER_EMAILS: some.person@example.com
205 DISCOURSE_ENABLE_CORS: true
206@@ -40,6 +49,14 @@ pod_config:
207 DISCOURSE_SMTP_PORT: 587
208 DISCOURSE_SMTP_USER_NAME: apikey
209 DISCOURSE_REFRESH_MAXMIND_DB_DURING_PRECOMPILE_DAYS: '0'
210+ DISCOURSE_USE_S3: true
211+ DISCOURSE_S3_ACCESS_KEY_ID: '3|33+'
212+ DISCOURSE_S3_BACKUP_BUCKET: 'backups-please'
213+ DISCOURSE_S3_BUCKET: 'who-s-a-good-bucket?'
214+ DISCOURSE_S3_CDN_URL: 'https://cdn.my.domain'
215+ DISCOURSE_S3_ENDPOINT: 'not.aws.endpoi.nt'
216+ DISCOURSE_S3_REGION: 'the-infinite-and-beyond'
217+ DISCOURSE_S3_SECRET_ACCESS_KEY: 's|kI0ure_k3Y'
218 DISCOURSE_SERVE_STATIC_ASSETS: 'true'
219 DISCOURSE_SAML_GROUPS_FULLSYNC: 'false'
220 DISCOURSE_SAML_SYNC_GROUPS: 'true'
221@@ -54,6 +71,7 @@ pod_spec:
222 containers:
223 - name: discourse-k8s
224 envConfig:
225+ DISCOURSE_BACKUP_LOCATION: 's3'
226 DISCOURSE_CORS_ORIGIN: '*'
227 DISCOURSE_DEVELOPER_EMAILS: some.person@example.com
228 DISCOURSE_ENABLE_CORS: true
229@@ -71,6 +89,14 @@ pod_spec:
230 DISCOURSE_SMTP_PASSWORD: OBV10USLYF4K3
231 DISCOURSE_SMTP_PORT: 587
232 DISCOURSE_SMTP_USER_NAME: apikey
233+ DISCOURSE_USE_S3: true
234+ DISCOURSE_S3_ACCESS_KEY_ID: '3|33+'
235+ DISCOURSE_S3_BACKUP_BUCKET: 'backups-please'
236+ DISCOURSE_S3_BUCKET: 'who-s-a-good-bucket?'
237+ DISCOURSE_S3_CDN_URL: 'https://cdn.my.domain'
238+ DISCOURSE_S3_ENDPOINT: 'not.aws.endpoi.nt'
239+ DISCOURSE_S3_REGION: 'the-infinite-and-beyond'
240+ DISCOURSE_S3_SECRET_ACCESS_KEY: 's|kI0ure_k3Y'
241 DISCOURSE_REFRESH_MAXMIND_DB_DURING_PRECOMPILE_DAYS: '0'
242 DISCOURSE_SERVE_STATIC_ASSETS: 'true'
243 DISCOURSE_SAML_GROUPS_FULLSYNC: 'false'
244diff --git a/tests/unit/fixtures/config_valid_no_s3.yaml b/tests/unit/fixtures/config_valid_no_s3.yaml
245new file mode 100644
246index 0000000..87127e5
247--- /dev/null
248+++ b/tests/unit/fixtures/config_valid_no_s3.yaml
249@@ -0,0 +1,120 @@
250+config:
251+ cors_origin: '*'
252+ db_name: discourse
253+ developer_emails: some.person@example.com
254+ discourse_image: discourse-k8s:1.0.7f
255+ enable_cors: true
256+ external_hostname: discourse.local
257+ image_pass: 'somepass'
258+ image_user: 'someuser'
259+ max_body_size: 25
260+ redis_host: 10.9.89.197
261+ smtp_address: 167.89.123.58
262+ smtp_authentication: login
263+ smtp_domain: example.com
264+ smtp_openssl_verify_mode: none
265+ smtp_password: OBV10USLYF4K3
266+ smtp_port: 587
267+ smtp_username: apikey
268+ tls_secret_name: discourse_local
269+ saml_sync_groups: 'canonical, ubuntu-core'
270+ saml_target_url: https://login.ubuntu.com/+saml
271+ force_saml_login: true
272+ throttle_level: none
273+pod_config:
274+ DISCOURSE_CORS_ORIGIN: '*'
275+ DISCOURSE_DEVELOPER_EMAILS: some.person@example.com
276+ DISCOURSE_ENABLE_CORS: true
277+ DISCOURSE_HOSTNAME: discourse.local
278+ DISCOURSE_DB_HOST: 10.9.89.237
279+ DISCOURSE_DB_NAME: discourse
280+ DISCOURSE_DB_PASSWORD: a_real_password
281+ DISCOURSE_DB_USERNAME: discourse_m
282+ DISCOURSE_REDIS_HOST: 10.9.89.197
283+ DISCOURSE_REDIS_PORT: 6379
284+ DISCOURSE_SMTP_ADDRESS: 167.89.123.58
285+ DISCOURSE_SMTP_AUTHENTICATION: login
286+ DISCOURSE_SMTP_DOMAIN: example.com
287+ DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none
288+ DISCOURSE_SMTP_PASSWORD: OBV10USLYF4K3
289+ DISCOURSE_SMTP_PORT: 587
290+ DISCOURSE_SMTP_USER_NAME: apikey
291+ DISCOURSE_REFRESH_MAXMIND_DB_DURING_PRECOMPILE_DAYS: '0'
292+ DISCOURSE_SERVE_STATIC_ASSETS: 'true'
293+ DISCOURSE_SAML_GROUPS_FULLSYNC: 'false'
294+ DISCOURSE_SAML_SYNC_GROUPS: 'true'
295+ DISCOURSE_SAML_SYNC_GROUPS_LIST: 'canonical|ubuntu-core'
296+ DISCOURSE_SAML_TARGET_URL: https://login.ubuntu.com/+saml
297+ DISCOURSE_SAML_FULL_SCREEN_LOGIN: "true"
298+ DISCOURSE_SAML_CERT_FINGERPRINT: 32:15:20:9F:A4:3C:8E:3E:8E:47:72:62:9A:86:8D:0E:E6:CF:45:D5
299+ DISCOURSE_MAX_REQS_PER_IP_MODE: "none"
300+ DISCOURSE_MAX_REQS_RATE_LIMIT_ON_PRIVATE: "false"
301+pod_spec:
302+ version: 3
303+ containers:
304+ - name: discourse-k8s
305+ envConfig:
306+ DISCOURSE_CORS_ORIGIN: '*'
307+ DISCOURSE_DEVELOPER_EMAILS: some.person@example.com
308+ DISCOURSE_ENABLE_CORS: true
309+ DISCOURSE_HOSTNAME: discourse.local
310+ DISCOURSE_DB_HOST: 10.9.89.237
311+ DISCOURSE_DB_NAME: discourse
312+ DISCOURSE_DB_PASSWORD: a_real_password
313+ DISCOURSE_DB_USERNAME: discourse_m
314+ DISCOURSE_REDIS_HOST: 10.9.89.197
315+ DISCOURSE_REDIS_PORT: 6379
316+ DISCOURSE_SMTP_ADDRESS: 167.89.123.58
317+ DISCOURSE_SMTP_AUTHENTICATION: login
318+ DISCOURSE_SMTP_DOMAIN: example.com
319+ DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none
320+ DISCOURSE_SMTP_PASSWORD: OBV10USLYF4K3
321+ DISCOURSE_SMTP_PORT: 587
322+ DISCOURSE_SMTP_USER_NAME: apikey
323+ DISCOURSE_REFRESH_MAXMIND_DB_DURING_PRECOMPILE_DAYS: '0'
324+ DISCOURSE_SERVE_STATIC_ASSETS: 'true'
325+ DISCOURSE_SAML_GROUPS_FULLSYNC: 'false'
326+ DISCOURSE_SAML_SYNC_GROUPS: 'true'
327+ DISCOURSE_SAML_SYNC_GROUPS_LIST: 'canonical|ubuntu-core'
328+ DISCOURSE_SAML_TARGET_URL: https://login.ubuntu.com/+saml
329+ DISCOURSE_SAML_FULL_SCREEN_LOGIN: "true"
330+ DISCOURSE_SAML_CERT_FINGERPRINT: 32:15:20:9F:A4:3C:8E:3E:8E:47:72:62:9A:86:8D:0E:E6:CF:45:D5
331+ DISCOURSE_MAX_REQS_PER_IP_MODE: "none"
332+ DISCOURSE_MAX_REQS_RATE_LIMIT_ON_PRIVATE: "false"
333+ imageDetails:
334+ imagePath: discourse-k8s:1.0.7f
335+ password: somepass
336+ username: someuser
337+ imagePullPolicy: 'IfNotPresent'
338+ kubernetes:
339+ readinessProbe:
340+ httpGet:
341+ path: '/srv/status'
342+ port: 3000
343+ ports:
344+ - containerPort: 3000
345+ protocol: TCP
346+ kubernetesResources:
347+ ingressResources:
348+ - annotations:
349+ nginx.ingress.kubernetes.io/affinity: 'cookie'
350+ nginx.ingress.kubernetes.io/affinity-mode: 'balanced'
351+ nginx.ingress.kubernetes.io/proxy-body-size: '25m'
352+ nginx.ingress.kubernetes.io/session-cookie-change-on-failure: 'true'
353+ nginx.ingress.kubernetes.io/session-cookie-max-age: '3600'
354+ nginx.ingress.kubernetes.io/session-cookie-name: 'DISCOURSE_AFFINITY'
355+ nginx.ingress.kubernetes.io/session-cookie-samesite: 'Lax'
356+ name: discourse-k8s-ingress
357+ spec:
358+ rules:
359+ - host: discourse.local
360+ http:
361+ paths:
362+ - backend:
363+ serviceName: discourse-k8s
364+ servicePort: 3000
365+ path: '/'
366+ tls:
367+ - hosts:
368+ - 'discourse.local'
369+ secretName: 'discourse_local'
370diff --git a/tests/unit/fixtures/config_valid_s3_only_required_options.yaml b/tests/unit/fixtures/config_valid_s3_only_required_options.yaml
371new file mode 100644
372index 0000000..dfd1993
373--- /dev/null
374+++ b/tests/unit/fixtures/config_valid_s3_only_required_options.yaml
375@@ -0,0 +1,137 @@
376+config:
377+ cors_origin: '*'
378+ db_name: discourse
379+ developer_emails: some.person@example.com
380+ discourse_image: discourse-k8s:1.0.7f
381+ enable_cors: true
382+ external_hostname: discourse.local
383+ image_pass: 'somepass'
384+ image_user: 'someuser'
385+ max_body_size: 25
386+ redis_host: 10.9.89.197
387+ smtp_address: 167.89.123.58
388+ smtp_authentication: login
389+ smtp_domain: example.com
390+ smtp_openssl_verify_mode: none
391+ smtp_password: OBV10USLYF4K3
392+ smtp_port: 587
393+ smtp_username: apikey
394+ tls_secret_name: discourse_local
395+ saml_sync_groups: 'canonical, ubuntu-core'
396+ saml_target_url: https://login.ubuntu.com/+saml
397+ force_saml_login: true
398+ throttle_level: none
399+ s3_enabled: true
400+ s3_bucket: 'who-s-a-good-bucket?'
401+ s3_access_key_id: '3|33+'
402+ s3_secret_access_key: 's|kI0ure_k3Y'
403+ s3_region: 'the-infinite-and-beyond'
404+pod_config:
405+ DISCOURSE_CORS_ORIGIN: '*'
406+ DISCOURSE_DEVELOPER_EMAILS: some.person@example.com
407+ DISCOURSE_ENABLE_CORS: true
408+ DISCOURSE_HOSTNAME: discourse.local
409+ DISCOURSE_DB_HOST: 10.9.89.237
410+ DISCOURSE_DB_NAME: discourse
411+ DISCOURSE_DB_PASSWORD: a_real_password
412+ DISCOURSE_DB_USERNAME: discourse_m
413+ DISCOURSE_REDIS_HOST: 10.9.89.197
414+ DISCOURSE_REDIS_PORT: 6379
415+ DISCOURSE_SMTP_ADDRESS: 167.89.123.58
416+ DISCOURSE_SMTP_AUTHENTICATION: login
417+ DISCOURSE_SMTP_DOMAIN: example.com
418+ DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none
419+ DISCOURSE_SMTP_PASSWORD: OBV10USLYF4K3
420+ DISCOURSE_SMTP_PORT: 587
421+ DISCOURSE_SMTP_USER_NAME: apikey
422+ DISCOURSE_REFRESH_MAXMIND_DB_DURING_PRECOMPILE_DAYS: '0'
423+ DISCOURSE_USE_S3: true
424+ DISCOURSE_S3_ACCESS_KEY_ID: '3|33+'
425+ DISCOURSE_S3_BUCKET: 'who-s-a-good-bucket?'
426+ DISCOURSE_S3_ENDPOINT: 's3.amazonaws.com'
427+ DISCOURSE_S3_REGION: 'the-infinite-and-beyond'
428+ DISCOURSE_S3_SECRET_ACCESS_KEY: 's|kI0ure_k3Y'
429+ DISCOURSE_SERVE_STATIC_ASSETS: 'true'
430+ DISCOURSE_SAML_GROUPS_FULLSYNC: 'false'
431+ DISCOURSE_SAML_SYNC_GROUPS: 'true'
432+ DISCOURSE_SAML_SYNC_GROUPS_LIST: 'canonical|ubuntu-core'
433+ DISCOURSE_SAML_TARGET_URL: https://login.ubuntu.com/+saml
434+ DISCOURSE_SAML_FULL_SCREEN_LOGIN: "true"
435+ DISCOURSE_SAML_CERT_FINGERPRINT: 32:15:20:9F:A4:3C:8E:3E:8E:47:72:62:9A:86:8D:0E:E6:CF:45:D5
436+ DISCOURSE_MAX_REQS_PER_IP_MODE: "none"
437+ DISCOURSE_MAX_REQS_RATE_LIMIT_ON_PRIVATE: "false"
438+pod_spec:
439+ version: 3
440+ containers:
441+ - name: discourse-k8s
442+ envConfig:
443+ DISCOURSE_CORS_ORIGIN: '*'
444+ DISCOURSE_DEVELOPER_EMAILS: some.person@example.com
445+ DISCOURSE_ENABLE_CORS: true
446+ DISCOURSE_HOSTNAME: discourse.local
447+ DISCOURSE_DB_HOST: 10.9.89.237
448+ DISCOURSE_DB_NAME: discourse
449+ DISCOURSE_DB_PASSWORD: a_real_password
450+ DISCOURSE_DB_USERNAME: discourse_m
451+ DISCOURSE_REDIS_HOST: 10.9.89.197
452+ DISCOURSE_REDIS_PORT: 6379
453+ DISCOURSE_SMTP_ADDRESS: 167.89.123.58
454+ DISCOURSE_SMTP_AUTHENTICATION: login
455+ DISCOURSE_SMTP_DOMAIN: example.com
456+ DISCOURSE_SMTP_OPENSSL_VERIFY_MODE: none
457+ DISCOURSE_SMTP_PASSWORD: OBV10USLYF4K3
458+ DISCOURSE_SMTP_PORT: 587
459+ DISCOURSE_SMTP_USER_NAME: apikey
460+ DISCOURSE_USE_S3: true
461+ DISCOURSE_S3_ACCESS_KEY_ID: '3|33+'
462+ DISCOURSE_S3_BUCKET: 'who-s-a-good-bucket?'
463+ DISCOURSE_S3_ENDPOINT: 's3.amazonaws.com'
464+ DISCOURSE_S3_REGION: 'the-infinite-and-beyond'
465+ DISCOURSE_S3_SECRET_ACCESS_KEY: 's|kI0ure_k3Y'
466+ DISCOURSE_REFRESH_MAXMIND_DB_DURING_PRECOMPILE_DAYS: '0'
467+ DISCOURSE_SERVE_STATIC_ASSETS: 'true'
468+ DISCOURSE_SAML_GROUPS_FULLSYNC: 'false'
469+ DISCOURSE_SAML_SYNC_GROUPS: 'true'
470+ DISCOURSE_SAML_SYNC_GROUPS_LIST: 'canonical|ubuntu-core'
471+ DISCOURSE_SAML_TARGET_URL: https://login.ubuntu.com/+saml
472+ DISCOURSE_SAML_FULL_SCREEN_LOGIN: "true"
473+ DISCOURSE_SAML_CERT_FINGERPRINT: 32:15:20:9F:A4:3C:8E:3E:8E:47:72:62:9A:86:8D:0E:E6:CF:45:D5
474+ DISCOURSE_MAX_REQS_PER_IP_MODE: "none"
475+ DISCOURSE_MAX_REQS_RATE_LIMIT_ON_PRIVATE: "false"
476+ imageDetails:
477+ imagePath: discourse-k8s:1.0.7f
478+ password: somepass
479+ username: someuser
480+ imagePullPolicy: 'IfNotPresent'
481+ kubernetes:
482+ readinessProbe:
483+ httpGet:
484+ path: '/srv/status'
485+ port: 3000
486+ ports:
487+ - containerPort: 3000
488+ protocol: TCP
489+ kubernetesResources:
490+ ingressResources:
491+ - annotations:
492+ nginx.ingress.kubernetes.io/affinity: 'cookie'
493+ nginx.ingress.kubernetes.io/affinity-mode: 'balanced'
494+ nginx.ingress.kubernetes.io/proxy-body-size: '25m'
495+ nginx.ingress.kubernetes.io/session-cookie-change-on-failure: 'true'
496+ nginx.ingress.kubernetes.io/session-cookie-max-age: '3600'
497+ nginx.ingress.kubernetes.io/session-cookie-name: 'DISCOURSE_AFFINITY'
498+ nginx.ingress.kubernetes.io/session-cookie-samesite: 'Lax'
499+ name: discourse-k8s-ingress
500+ spec:
501+ rules:
502+ - host: discourse.local
503+ http:
504+ paths:
505+ - backend:
506+ serviceName: discourse-k8s
507+ servicePort: 3000
508+ path: '/'
509+ tls:
510+ - hosts:
511+ - 'discourse.local'
512+ secretName: 'discourse_local'

Subscribers

People subscribed via source and target branches