From fb6340d52a976e4c5f745a02fe0c20208f332580 Mon Sep 17 00:00:00 2001 From: Deniz Erdogan Date: Tue, 19 Sep 2023 16:53:13 +0200 Subject: [PATCH 1/4] cleanup local --- k8s/helmfile/env/local/api.values.yaml.gotmpl | 9 +-------- k8s/helmfile/env/local/mediawiki-139.values.yaml.gotmpl | 4 ++-- k8s/helmfile/env/local/ui.values.yaml.gotmpl | 2 +- 3 files changed, 4 insertions(+), 11 deletions(-) diff --git a/k8s/helmfile/env/local/api.values.yaml.gotmpl b/k8s/helmfile/env/local/api.values.yaml.gotmpl index 6fec8f218..14a39d1b9 100644 --- a/k8s/helmfile/env/local/api.values.yaml.gotmpl +++ b/k8s/helmfile/env/local/api.values.yaml.gotmpl @@ -36,20 +36,13 @@ app: smtpPasswordSecretKey: password recaptcha: minScore: 0.5 - secretSecretName: recaptcha-v3-dev-secrets + secretSecretName: {{ .Values.external.recaptcha3.secretName }} secretSecretKey: secret_key # TODO is this needed for local? gce: serviceAccountSecret: null stackdriver: enabled: false -external: - letsencrypt: - email: thomas.arrow@wikimedia.de - recaptcha2: - secretName: recaptcha-v2-secrets - recaptcha3: - secretName: recaptcha-v3-secrets replicaCount: web: 1 diff --git a/k8s/helmfile/env/local/mediawiki-139.values.yaml.gotmpl b/k8s/helmfile/env/local/mediawiki-139.values.yaml.gotmpl index 9cf2b81e0..af323c238 100644 --- a/k8s/helmfile/env/local/mediawiki-139.values.yaml.gotmpl +++ b/k8s/helmfile/env/local/mediawiki-139.values.yaml.gotmpl @@ -17,9 +17,9 @@ mw: smtpUserSecretName: null smtpPasswordSecretName: null recaptcha: - sitekeySecretName: recaptcha-v2-dev-secrets + sitekeySecretName: {{ .Values.external.recaptcha2.secretName }} sitekeySecretKey: site_key - secretkeySecretName: recaptcha-v2-dev-secrets + secretkeySecretName: {{ .Values.external.recaptcha2.secretName }} secretkeySecretKey: secret_key replicaCount: diff --git a/k8s/helmfile/env/local/ui.values.yaml.gotmpl b/k8s/helmfile/env/local/ui.values.yaml.gotmpl index 2b9289015..067ed6a6e 100644 --- a/k8s/helmfile/env/local/ui.values.yaml.gotmpl +++ b/k8s/helmfile/env/local/ui.values.yaml.gotmpl @@ -2,7 +2,7 @@ image: tag: sha-9a37f40 ui: - recaptchaSitekeySecretName: recaptcha-v3-dev-secrets + recaptchaSitekeySecretName: {{ .Values.external.recaptcha3.secretName }} recaptchaSitekeySecretKey: site_key ingress: From 1e00b27a4125801910e3ce7409de36bd309c7d85 Mon Sep 17 00:00:00 2001 From: Deniz Erdogan Date: Tue, 19 Sep 2023 16:54:26 +0200 Subject: [PATCH 2/4] cleanup staging --- k8s/helmfile/env/staging/api.values.yaml.gotmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/k8s/helmfile/env/staging/api.values.yaml.gotmpl b/k8s/helmfile/env/staging/api.values.yaml.gotmpl index b5931ad87..69a636969 100644 --- a/k8s/helmfile/env/staging/api.values.yaml.gotmpl +++ b/k8s/helmfile/env/staging/api.values.yaml.gotmpl @@ -39,7 +39,7 @@ app: smtpport: 587 recaptcha: minScore: 0.5 - secretSecretName: recaptcha-v3-secrets + secretSecretName: {{ .Values.external.recaptcha3.secretName }} secretSecretKey: secret_key trustedProxy: From c9b1c4f199daf4d14b7bfac5f45d776d11843691 Mon Sep 17 00:00:00 2001 From: Deniz Erdogan Date: Tue, 19 Sep 2023 16:55:37 +0200 Subject: [PATCH 3/4] cleanup production --- k8s/helmfile/env/production/api.values.yaml.gotmpl | 2 -- 1 file changed, 2 deletions(-) diff --git a/k8s/helmfile/env/production/api.values.yaml.gotmpl b/k8s/helmfile/env/production/api.values.yaml.gotmpl index 0b87d2dc9..0579ffe66 100644 --- a/k8s/helmfile/env/production/api.values.yaml.gotmpl +++ b/k8s/helmfile/env/production/api.values.yaml.gotmpl @@ -106,8 +106,6 @@ app: smtphost: smtp.eu.mailgun.org smtpport: 587 recaptcha: - sitekeySecretName: {{ .Values.external.recaptcha3.secretName }} - sitekeySecretKey: site_key secretSecretName: {{ .Values.external.recaptcha3.secretName }} secretSecretKey: secret_key badgehide: true From b349bd2707300db4573a883d38fabff683f59fb9 Mon Sep 17 00:00:00 2001 From: Deniz Erdogan Date: Tue, 19 Sep 2023 17:06:53 +0200 Subject: [PATCH 4/4] adjust local recaptcha secret names according to tf module --- .../local/{secrets-recapcha.tf => secrets-recaptcha.tf} | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) rename tf/env/local/{secrets-recapcha.tf => secrets-recaptcha.tf} (79%) diff --git a/tf/env/local/secrets-recapcha.tf b/tf/env/local/secrets-recaptcha.tf similarity index 79% rename from tf/env/local/secrets-recapcha.tf rename to tf/env/local/secrets-recaptcha.tf index 9f91e6db4..34e28eff9 100644 --- a/tf/env/local/secrets-recapcha.tf +++ b/tf/env/local/secrets-recaptcha.tf @@ -1,7 +1,7 @@ -resource "kubernetes_secret" "recaptcha-v3-dev-secrets" { +resource "kubernetes_secret" "recaptcha-v3-secrets" { for_each = toset(["default", "api-jobs", "adhoc-jobs"]) metadata { - name = "recaptcha-v3-dev-secrets" + name = "recaptcha-v3-secrets" # default as staging namespace = each.value } @@ -17,10 +17,10 @@ moved { to = kubernetes_secret.recaptcha-v3-dev-secrets["default"] } -resource "kubernetes_secret" "recaptcha-v2-dev-secrets" { +resource "kubernetes_secret" "recaptcha-v2-secrets" { for_each = toset(["default", "api-jobs", "adhoc-jobs"]) metadata { - name = "recaptcha-v2-dev-secrets" + name = "recaptcha-v2-secrets" # default as staging namespace = each.value }