Skip to content
make swh-helm-diff
[swh] Comparing changes between branches production and make-graphql-template-multi-instance (per environment)...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
[swh] Generate config in make-graphql-template-multi-instance branch for environment staging...
[swh] Generate config in make-graphql-template-multi-instance branch for environment staging...
[swh] Generate config in make-graphql-template-multi-instance branch for environment staging...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
[swh] Generate config in make-graphql-template-multi-instance branch for environment production...
[swh] Generate config in make-graphql-template-multi-instance branch for environment production...
[swh] Generate config in make-graphql-template-multi-instance branch for environment production...


------------- diff for environment staging namespace swh -------------

No differences


------------- diff for environment staging namespace swh-cassandra -------------

No differences


------------- diff for environment staging namespace swh-cassandra-next-version -------------

No differences


------------- diff for environment production namespace swh -------------

--- /tmp/swh-chart.swh.8MgnntBE/production-swh.before   2023-12-18 14:35:46.816225149 +0100
+++ /tmp/swh-chart.swh.8MgnntBE/production-swh.after    2023-12-18 14:35:47.240225172 +0100
@@ -270,20 +270,57 @@
       anonymous: 50
       user: 500

     auth:
       server: https://auth.softwareheritage.org/auth/
       realm: SoftwareHeritage
       client: swh-web
       cache:
         url: memcached://memcached:11211
 ---
+# Source: swh/templates/graphql/configmap.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: swh
+  name: graphql-webapp1-configuration-template
+data:
+  # TODO: rename to not have a dot in the name to allow testing
+  config.yml: |
+    storage:
+      cls: pipeline
+      steps:
+      - cls: retry
+      - cls: remote
+        url: http://storage-azure-read-only-rpc-ingress
+
+    search:
+      cls: remote
+      url: http://search-rpc-ingress
+
+    debug: false
+
+    introspection: true
+
+    max_raw_content_size: 10000
+
+    max_query_cost:
+      anonymous: 50
+      user: 500
+
+    auth:
+      server: https://auth.softwareheritage.org/auth/
+      realm: SoftwareHeritage
+      client: swh-web
+      cache:
+        url: memcached://memcached:11211
+---
 # Source: swh/templates/indexer-storage/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: swh
   name: indexer-storage-read-only-configuration-template
 data:
   config.yml.template: |
     indexer_storage:
       cls: postgresql
@@ -15761,20 +15798,35 @@
   namespace: swh
 spec:
   type: ClusterIP
   selector:
     app: graphql-moma
   ports:
     - port: 5013
       targetPort: 5013
       name: rpc
 ---
+# Source: swh/templates/graphql/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: graphql-webapp1
+  namespace: swh
+spec:
+  type: ClusterIP
+  selector:
+    app: graphql-webapp1
+  ports:
+    - port: 5013
+      targetPort: 5013
+      name: rpc
+---
 # Source: swh/templates/indexer-storage/service.yaml
 apiVersion: v1
 kind: Service
 metadata:
   name: indexer-storage-read-only
   namespace: swh
 spec:
   type: ClusterIP
   selector:
     app: indexer-storage-read-only
@@ -16476,20 +16528,118 @@
             - name: config
               mountPath: /etc/swh/config.yml
               subPath: config.yml
               readOnly: true
       volumes:
         - name: config
           configMap:
             name: graphql-moma-configuration-template
             defaultMode: 0444
 ---
+# Source: swh/templates/graphql/deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: graphql-webapp1
+  namespace: swh
+  labels:
+    app: graphql-webapp1
+spec:
+  revisionHistoryLimit: 2
+  replicas: 2
+  selector:
+    matchLabels:
+      app: graphql-webapp1
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 1
+  template:
+    metadata:
+      labels:
+        app: graphql-webapp1
+      annotations:
+        # Force a rollout upgrade if the configuration changes
+        checksum/config: e2e9adacfcff60bd42641a6d0b39df1e7a79ab845a1e040e71ad89d73b38acd5
+    spec:
+      affinity:
+        nodeAffinity:
+          requiredDuringSchedulingIgnoredDuringExecution:
+            nodeSelectorTerms:
+            - matchExpressions:
+              - key: swh/rpc
+                operator: In
+                values:
+                - "true"
+      priorityClassName: swh-low-workload
+
+      containers:
+        - name: graphql-webapp1
+          image: container-registry.softwareheritage.org/swh/infra/swh-apps/graphql:20231205.3
+          imagePullPolicy: IfNotPresent
+          resources:
+            requests:
+              memory: 150Mi
+              cpu: 50m
+          ports:
+            - containerPort: 5013
+              name: rpc
+          startupProbe:
+            httpGet:
+              path: /
+              port: rpc
+            failureThreshold: 30
+            periodSeconds: 5
+          livenessProbe:
+            httpGet:
+              path: /
+              port: rpc
+            initialDelaySeconds: 10
+            periodSeconds: 5
+          env:
+          - name: STATSD_HOST
+            value: prometheus-statsd-exporter
+          - name: STATSD_PORT
+            value: "9125"
+          - name: PORT
+            value: "5013"
+          - name: LOG_LEVEL
+            value: "INFO"
+          - name: THREADS
+            value: "4"
+          - name: WORKERS
+            value: "2"
+          - name: TIMEOUT
+            value: "3600"
+          - name: SWH_SENTRY_ENVIRONMENT
+            value: production
+          - name: SWH_MAIN_PACKAGE
+            value: swh.graphql
+          - name: SWH_SENTRY_DSN
+            valueFrom:
+              secretKeyRef:
+                name: common-secrets
+                key: graphql-sentry-dsn
+                # 'name' secret should exist & include key
+                # if the setting doesn't exist, sentry pushes will be disabled
+                optional: true
+          volumeMounts:
+            - name: config
+              mountPath: /etc/swh/config.yml
+              subPath: config.yml
+              readOnly: true
+      volumes:
+        - name: config
+          configMap:
+            name: graphql-webapp1-configuration-template
+            defaultMode: 0444
+---
 # Source: swh/templates/indexer-storage/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   namespace: swh
   name: indexer-storage-read-only
   labels:
     app: indexer-storage-read-only
 spec:
   revisionHistoryLimit: 2
@@ -28300,20 +28450,21 @@
 # Source: swh/templates/web/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   namespace: swh
   name: web
   labels:
     app: web
 spec:
   revisionHistoryLimit: 2
+  replicas: 2
   selector:
     matchLabels:
       app: web
   strategy:
     type: RollingUpdate
     rollingUpdate:
       maxSurge: 1
   template:
     metadata:
       labels:
@@ -28429,21 +28580,21 @@
           args:
             - -c
             - cp -r $PWD/.local/share/swh/web/static/ /usr/share/swh/web/static/
           volumeMounts:
           - name: static
             mountPath: /usr/share/swh/web/static
       containers:
         - name: web
           resources:
             requests:
-              memory: 500Mi
+              memory: 1024Mi
               cpu: 500m
           image: container-registry.softwareheritage.org/swh/infra/swh-apps/web:20231205.3
           imagePullPolicy: IfNotPresent
           ports:
             - containerPort: 5004
               name: webapp
           readinessProbe:
             httpGet:
               path: /
               port: webapp
@@ -28605,43 +28756,20 @@
   minReplicas: 2
   maxReplicas: 10
   metrics:
   - type: Resource
     resource:
       name: cpu
       target:
         type: Utilization
         averageUtilization: 150
 ---
-# Source: swh/templates/web/autoscaling.yaml
-apiVersion: autoscaling/v2
-kind: HorizontalPodAutoscaler
-metadata:
-  namespace: swh
-  name: web
-  labels:
-    app: web
-spec:
-  scaleTargetRef:
-    apiVersion: apps/v1
-    kind: Deployment
-    name: web
-  minReplicas: 2
-  maxReplicas: 4
-  metrics:
-  - type: Resource
-    resource:
-      name: cpu
-      target:
-        type: Utilization
-        averageUtilization: 100
----
 # Source: swh/templates/scheduler/update-metrics-cronjob.yaml
 apiVersion: batch/v1
 kind: CronJob
 metadata:
   name: scheduler-update-metrics-cronjob
 spec:
   # By default, every 4h at midnight
   schedule: "27 3-23/4 * * *"
   concurrencyPolicy: Forbid
   jobTemplate:
@@ -29078,20 +29206,43 @@
     http:
       paths:
       - path: /
         pathType: Prefix
         backend:
           service:
             name: graphql-moma
             port:
               number: 5013
 ---
+# Source: swh/templates/graphql/ingress.yaml
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  namespace: swh
+  name: graphql-webapp1-ingress-default
+  annotations:
+    nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16,127.0.0.0/8,192.168.100.0/24,192.168.101.0/24,192.168.200.0/22
+    nginx.ingress.kubernetes.io/rewrite-target: /
+
+spec:
+  rules:
+  - host: webapp1.internal.softwareheritage.org
+    http:
+      paths:
+      - path: /graphql/
+        pathType: Prefix
+        backend:
+          service:
+            name: graphql-webapp1
+            port:
+              number: 5013
+---
 # Source: swh/templates/indexer-storage/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
   namespace: swh
   name: indexer-storage-read-only-ingress-default
   annotations:
     nginx.ingress.kubernetes.io/whitelist-source-range: 10.42.0.0/16,10.43.0.0/16
     nginx.ingress.kubernetes.io/proxy-body-size: 4G
     nginx.ingress.kubernetes.io/proxy-connect-timeout: "90"


------------- diff for environment production namespace swh-cassandra -------------

No differences

Refs. swh/infra/sysadm-environment#5183 (closed)

Edited by Antoine R. Dumont

Merge request reports