Skip to content

swh/prod: TLS support for webapp-postgresql

Guillaume Samson requested to merge fix_tls_webapp-postgresql into production

Related to swh/infra/sysadm-environment#5399 (closed)

These modifications will add TLS support in ingress webapp-postgresql.internal.softwareheritage.org.
This will solve these alerts.

helm-diff 
[swh] Comparing changes between branches production and fix_tls_webapp-postgresql (per environment)...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment staging, namespace swh...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra...
[swh] Generate config in production branch for environment staging, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/fix_tls_webapp-postgresql'.
[swh] Generate config in fix_tls_webapp-postgresql branch for environment staging...
[swh] Generate config in fix_tls_webapp-postgresql branch for environment staging...
[swh] Generate config in fix_tls_webapp-postgresql branch for environment staging...
Your branch is up to date with 'origin/production'.
[swh] Generate config in production branch for environment production, namespace swh...
[swh] Generate config in production branch for environment production, namespace swh-cassandra...
[swh] Generate config in production branch for environment production, namespace swh-cassandra-next-version...
Your branch is up to date with 'origin/fix_tls_webapp-postgresql'.
[swh] Generate config in fix_tls_webapp-postgresql branch for environment production...
[swh] Generate config in fix_tls_webapp-postgresql branch for environment production...
[swh] Generate config in fix_tls_webapp-postgresql branch for environment production...


------------- diff for environment staging namespace swh -------------

     _        __  __
   _| |_   _ / _|/ _|  between /tmp/swh-chart.swh.IhqpPB1T/staging-swh.before, 139 documents
 / _' | | | | |_| |_       and /tmp/swh-chart.swh.IhqpPB1T/staging-swh.after, 139 documents
| (_| | |_| |  _|  _|
 \__,_|\__, |_| |_|   returned no differences
        |___/



------------- diff for environment staging namespace swh-cassandra -------------

     _        __  __
   _| |_   _ / _|/ _|  between /tmp/swh-chart.swh.IhqpPB1T/staging-swh-cassandra.before, 438 documents
 / _' | | | | |_| |_       and /tmp/swh-chart.swh.IhqpPB1T/staging-swh-cassandra.after, 438 documents
| (_| | |_| |  _|  _|
 \__,_|\__, |_| |_|   returned no differences
        |___/



------------- diff for environment staging namespace swh-cassandra-next-version -------------

     _        __  __
   _| |_   _ / _|/ _|  between /tmp/swh-chart.swh.IhqpPB1T/staging-swh-cassandra-next-version.before, 356 documents
 / _' | | | | |_| |_       and /tmp/swh-chart.swh.IhqpPB1T/staging-swh-cassandra-next-version.after, 356 documents
| (_| | |_| |  _|  _|
 \__,_|\__, |_| |_|   returned no differences
        |___/



------------- diff for environment production namespace swh -------------

     _        __  __
   _| |_   _ / _|/ _|  between /tmp/swh-chart.swh.IhqpPB1T/production-swh.before, 150 documents
 / _' | | | | |_| |_       and /tmp/swh-chart.swh.IhqpPB1T/production-swh.after, 150 documents
| (_| | |_| |  _|  _|
 \__,_|\__, |_| |_|   returned three differences
        |___/

metadata.annotations  (networking.k8s.io/v1/Ingress/swh/web-postgresql-ingress-authenticated)
  + three map entries added:
    cert-manager.io/cluster-issuer: letsencrypt-production-gandi
    kubernetes.io/tls-acme: "true"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"

metadata.annotations  (networking.k8s.io/v1/Ingress/swh/web-postgresql-ingress-default)
  + three map entries added:
    cert-manager.io/cluster-issuer: letsencrypt-production-gandi
    kubernetes.io/tls-acme: "true"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"

metadata.annotations  (networking.k8s.io/v1/Ingress/swh/web-postgresql-ingress-static)
  + three map entries added:
    cert-manager.io/cluster-issuer: letsencrypt-production-gandi
    kubernetes.io/tls-acme: "true"
    nginx.ingress.kubernetes.io/ssl-redirect: "true"



------------- diff for environment production namespace swh-cassandra -------------

     _        __  __
   _| |_   _ / _|/ _|  between /tmp/swh-chart.swh.IhqpPB1T/production-swh-cassandra.before, 461 documents
 / _' | | | | |_| |_       and /tmp/swh-chart.swh.IhqpPB1T/production-swh-cassandra.after, 461 documents
| (_| | |_| |  _|  _|
 \__,_|\__, |_| |_|   returned no differences
        |___/

Merge request reports