From 9abdc9df45ca4fda28dc3d90199c7f9a0e98918a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20Huss?= Date: Mon, 27 May 2024 12:45:36 +0200 Subject: [PATCH] fix --- apps/taiga/taiga_ConfigMap.tf | 32 +++++++++++++++++++- apps/taiga/taiga_workload.tf | 56 +++++++++++++++++++++-------------- 2 files changed, 64 insertions(+), 24 deletions(-) diff --git a/apps/taiga/taiga_ConfigMap.tf b/apps/taiga/taiga_ConfigMap.tf index f6cc10a..5e4993f 100644 --- a/apps/taiga/taiga_ConfigMap.tf +++ b/apps/taiga/taiga_ConfigMap.tf @@ -26,7 +26,6 @@ resource "kubectl_manifest" "cm_env_back" { ENABLE_JIRA_IMPORTER: "False" ENABLE_TRELLO_IMPORTER: "False" OPENID_CONNECT_SCOPES: "openid email profile" - EOF } @@ -79,6 +78,11 @@ resource "kubectl_manifest" "cm_env_front" { EOF } +# awk '/taiga-events-rabbitmq/||/taiga-async-rabbitmq/' < /taiga-back/settings/config.py +# EVENTS_PUSH_BACKEND_URL = f"amqp://{ os.getenv('RABBITMQ_USER') }:{ os.getenv('RABBITMQ_PASS') }@taiga-events-rabbitmq:5672/taiga" +# CELERY_BROKER_URL = f"amqp://{ os.getenv('RABBITMQ_USER') }:{ os.getenv('RABBITMQ_PASS') }@taiga-async-rabbitmq:5672/taiga" + + resource "kubectl_manifest" "cm_scripts" { yaml_body = <<-EOF apiVersion: v1 @@ -88,6 +92,32 @@ resource "kubectl_manifest" "cm_scripts" { labels: ${jsonencode(local.postcfg_all_labels)} namespace: ${var.namespace} data: + back_entrypoint.sh: |- + #!/usr/bin/env bash + set -euo pipefail + python manage.py migrate + python manage.py loaddata initial_project_templates + chown -R taiga:taiga /taiga-back + sed -i 's/taiga-events-rabbitmq/{ os.getenv('TAIGA_EVENTS_RABBITMQ_HOST') }/;s/taiga-async-rabbitmq/{ os.getenv('TAIGA_ASYNC_RABBITMQ_HOST') }/' /taiga-back/settings/config.py + echo Starting Taiga API... + exec gosu taiga gunicorn taiga.wsgi:application \ + --name taiga_api \ + --bind 0.0.0.0:8000 \ + --workers 3 \ + --worker-tmp-dir /dev/shm \ + --log-level=info \ + --access-logfile - \ + "$@" + async_entrypoint.sh: |- + #!/usr/bin/env bash + set -euo pipefail + chown -R taiga:taiga /taiga-back + sed -i 's/taiga-events-rabbitmq/{ os.getenv('TAIGA_EVENTS_RABBITMQ_HOST') }/;s/taiga-async-rabbitmq/{ os.getenv('TAIGA_ASYNC_RABBITMQ_HOST') }/' /taiga-back/settings/config.py + echo Starting Celery... + exec gosu taiga celery -A taiga.celery worker -B \ + --concurrency 4 \ + -l INFO \ + "$@" postconfig.py: |- #!/usr/bin/env python import time diff --git a/apps/taiga/taiga_workload.tf b/apps/taiga/taiga_workload.tf index 95331d9..e51ff6c 100644 --- a/apps/taiga/taiga_workload.tf +++ b/apps/taiga/taiga_workload.tf @@ -82,24 +82,6 @@ resource "kubectl_manifest" "Deployment_taiga-events" { path: env.template EOF } - # livenessProbe: - # httpGet: - # path: /admin/login/ - # port: 8000 - # initialDelaySeconds: 20 - # periodSeconds: 10 - # timeoutSeconds: 5 - # successThreshold: 1 - # failureThreshold: 3 - # readinessProbe: - # httpGet: - # path: /admin/login/ - # port: 8000 - # initialDelaySeconds: 5 - # periodSeconds: 10 - # timeoutSeconds: 1 - # successThreshold: 1 - # failureThreshold: 3 resource "kubectl_manifest" "Deployment_taiga-front" { yaml_body = <<-EOF @@ -123,7 +105,10 @@ resource "kubectl_manifest" "Deployment_taiga-front" { imagePullPolicy: ${var.images.front.pull_policy} env: - name: GITLAB_CLIENT_ID - value: gitlab-api-client-id + valueFrom: + secretKeyRef: + name: ${module.oauth2.secret_client_id_name} + key: ${module.oauth2.secret_client_id_key} envFrom: - configMapRef: name: ${kubectl_manifest.cm_env_front.name} @@ -177,6 +162,10 @@ resource "kubectl_manifest" "Deployment_taiga-protected" { ports: - name: taiga-protected containerPort: 8003 + livenessProbe: + initialDelaySeconds: 10 + exec: + command: ["/bin/sh", "-c", "pidof -x gunicorn"] EOF } @@ -200,6 +189,7 @@ resource "kubectl_manifest" "Deployment_taiga-back" { - name: taiga-back image: "${var.images.back.registry}/${var.images.back.repository}:${var.images.back.tag}" imagePullPolicy: ${var.images.back.pull_policy} + command: ["/bin/back_entrypoint.sh"] env: - name: TAIGA_EVENTS_RABBITMQ_HOST value: ${kubectl_manifest.rabbit.name} @@ -216,9 +206,15 @@ resource "kubectl_manifest" "Deployment_taiga-back" { name: ${kubectl_manifest.rabbit_user_secret.name} key: password - name: GITLAB_API_CLIENT_ID - value: gitlab-api-client-id + valueFrom: + secretKeyRef: + name: ${module.oauth2.secret_client_id_name} + key: ${module.oauth2.secret_client_id_key} - name: GITLAB_API_CLIENT_SECRET - value: gitlab-api-client-secret + valueFrom: + secretKeyRef: + name: ${module.oauth2.secret_client_secret_name} + key: ${module.oauth2.secret_client_secret_key} - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: @@ -233,6 +229,9 @@ resource "kubectl_manifest" "Deployment_taiga-back" { - name: taiga-back containerPort: 8000 volumeMounts: + - name: scripts + mountPath: /bin/back_entrypoint.sh + subPath: back_entrypoint.sh - name: data mountPath: /taiga-back/static subPath: static @@ -260,8 +259,7 @@ resource "kubectl_manifest" "Deployment_taiga-back" { - name: taiga-async image: "${var.images.back.registry}/${var.images.back.repository}:${var.images.back.tag}" imagePullPolicy: ${var.images.back.pull_policy} - command: - - /taiga-back/docker/async_entrypoint.sh + command: ["/bin/async_entrypoint.sh"] env: - name: RABBITMQ_USER valueFrom: @@ -284,6 +282,9 @@ resource "kubectl_manifest" "Deployment_taiga-back" { - configMapRef: name: ${kubectl_manifest.cm_env_back.name} volumeMounts: + - name: scripts + mountPath: /bin/async_entrypoint.sh + subPath: async_entrypoint.sh - name: data mountPath: /taiga-back/static subPath: static @@ -306,6 +307,15 @@ resource "kubectl_manifest" "Deployment_taiga-back" { - name: taiga-conf mountPath: /etc/nginx/conf.d/ volumes: + - name: scripts + configMap: + name: ${kubectl_manifest.cm_scripts.name} + defaultMode: 0755 + items: + - key: back_entrypoint.sh + path: back_entrypoint.sh + - key: async_entrypoint.sh + path: async_entrypoint.sh - name: data persistentVolumeClaim: claimName: ${kubectl_manifest.pvc.name}