From 32181e1ea50ee81243c93be1aeca204c988ec69e Mon Sep 17 00:00:00 2001
From: Nicolas Dandrimont <nicolas@dandrimont.eu>
Date: Fri, 14 Mar 2025 10:49:59 +0100
Subject: [PATCH] staging: Allow VPN access to read-only indexer storage
endpoints
---
swh/values/staging/swh-cassandra.yaml | 38 +++++++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/swh/values/staging/swh-cassandra.yaml b/swh/values/staging/swh-cassandra.yaml
index 54728cdd..b5d0451b 100644
--- a/swh/values/staging/swh-cassandra.yaml
+++ b/swh/values/staging/swh-cassandra.yaml
@@ -1846,6 +1846,7 @@ indexerStorage:
journalWriterConfigurationRef: indexerJournalWriterConfiguration
hosts:
- indexer-storage-rpc-ingress
+ - indexer.internal.staging.swh.network
ingress:
enabled: true
extraAnnotations:
@@ -1860,6 +1861,43 @@ indexerStorage:
default:
paths:
- path: /
+ read-only:
+ paths:
+ - path: /
+ pathType: Exact
+ - path: /content_mimetype
+ pathType: Exact
+ - path: /content_mimetype/missing
+ pathType: Exact
+ - path: /content_mimetype/range
+ pathType: Exact
+ - path: /content/fossology_license
+ pathType: Exact
+ - path: /content/fossology_license/range
+ pathType: Exact
+ - path: /content_metadata
+ pathType: Exact
+ - path: /content_metadata/missing
+ pathType: Exact
+ - path: /directory_intrinsic_metadata
+ pathType: Exact
+ - path: /directory_intrinsic_metadata/missing
+ pathType: Exact
+ - path: /origin_intrinsic_metadata
+ pathType: Exact
+ - path: /origin_intrinsic_metadata/search/fulltext
+ pathType: Exact
+ - path: /origin_intrinsic_metadata/search/by_producer
+ pathType: Exact
+ - path: /origin_intrinsic_metadata/stats
+ pathType: Exact
+ - path: /origin_extrinsic_metadata
+ pathType: Exact
+ - path: /indexer_configuration/data
+ pathType: Exact
+ extraWhitelistSourceRange:
+ # vpn network
+ - 192.168.101.0/24
gunicorn:
threads: 2
workers: 4
--
GitLab