diff --git a/ci/resfdeploy.jsonnet b/ci/resfdeploy.jsonnet index 321b32de..d739a1ce 100644 --- a/ci/resfdeploy.jsonnet +++ b/ci/resfdeploy.jsonnet @@ -63,7 +63,7 @@ local manifestYamlStream = function (value, indent_array_in_object=false, c_docu protocol: 'TCP', }]); local services = if std.objectHas(info, 'services') then info.services else - [{ name: '%s-%s-%s' % [metadata.name, port.name, env], port: port.containerPort, expose: if std.objectHas(port, 'expose') then port.expose else false } for env in envs for port in ports]; + [{ name: '%s-%s-%s' % [metadata.name, port.name, env], port: port.containerPort, portName: port.name, expose: if std.objectHas(port, 'expose') then port.expose else false } for env in envs for port in ports]; local file_yaml_prefix = if helm_mode then 'helm-' else ''; local nssa = '%s001-ns-sa.yaml' % file_yaml_prefix; @@ -283,6 +283,7 @@ local manifestYamlStream = function (value, indent_array_in_object=false, c_docu }, srv.port, srv.port, + portName=srv.portName, selector=metadata.name, env=mappings.get_env_from_svc(srv.name) ) for srv in services]) + diff --git a/hack/k8s_dev_pf b/hack/k8s_dev_pf index 4cc1a246..7b463688 100755 --- a/hack/k8s_dev_pf +++ b/hack/k8s_dev_pf @@ -37,4 +37,5 @@ trap "trap - SIGTERM && kill -- -$$" SIGINT SIGTERM EXIT USER="$(whoami)" kubectl -n "$USER-dev" port-forward svc/spicedb-grpc-dev-service 50051 & kubectl -n "$USER-dev" port-forward svc/hydra-admin-http-dev-service 4445 & -kubectl -n "$USER-dev" port-forward svc/hydra-public-http-dev-service 4444 +kubectl -n "$USER-dev" port-forward svc/hydra-public-http-dev-service 4444 & +sudo kubectl --kubeconfig $KUBECONFIG -n "istio-system" port-forward --address 0.0.0.0 deployment/istio-ingressgateway 80:8080 443:8443 diff --git a/hack/setup_dev_temporal b/hack/setup_dev_temporal index a9de4a1c..ec4fe6c9 100755 --- a/hack/setup_dev_temporal +++ b/hack/setup_dev_temporal @@ -43,19 +43,20 @@ fi cd "$DIR_TO_TEMPORAL" || exit 1 -export SQL_PLUGIN=postgres +export SQL_PLUGIN=postgres12 export SQL_HOST=localhost export SQL_PORT=$POSTGRES_PORT export SQL_USER=postgres export SQL_PASSWORD=postgres -./temporal-sql-tool create-database temporal -SQL_DATABASE=temporal ./temporal-sql-tool setup-schema -v 0.0 -SQL_DATABASE=temporal ./temporal-sql-tool update -schema-dir schema/postgresql/v96/temporal/versioned +./temporal-sql-tool -database temporal create-database +./temporal-sql-tool -database temporal_visibility create-database + +SQL_DATABASE=temporal ./temporal-sql-tool setup-schema -v 0.0 +SQL_DATABASE=temporal ./temporal-sql-tool update -schema-dir schema/postgresql/v12/temporal/versioned -./temporal-sql-tool create-database temporal_visibility SQL_DATABASE=temporal_visibility ./temporal-sql-tool setup-schema -v 0.0 -SQL_DATABASE=temporal_visibility ./temporal-sql-tool update -schema-dir schema/postgresql/v96/visibility/versioned +SQL_DATABASE=temporal_visibility ./temporal-sql-tool update -schema-dir schema/postgresql/v12/visibility/versioned sleep 10 diff --git a/hydra/deploy/admin/deploy.jsonnet b/hydra/deploy/admin/deploy.jsonnet index 824efd57..456fc7b7 100644 --- a/hydra/deploy/admin/deploy.jsonnet +++ b/hydra/deploy/admin/deploy.jsonnet @@ -36,6 +36,7 @@ resfdeploy.new({ name: 'http', containerPort: 4445, protocol: 'TCP', + expose: true, }, ], health: { diff --git a/infrastructure/dev-helm/temporal/templates/server-deployment.yaml b/infrastructure/dev-helm/temporal/templates/server-deployment.yaml index 90db29ea..996d54e2 100644 --- a/infrastructure/dev-helm/temporal/templates/server-deployment.yaml +++ b/infrastructure/dev-helm/temporal/templates/server-deployment.yaml @@ -128,7 +128,7 @@ spec: - name: metrics containerPort: 9090 protocol: TCP - - name: grpc-membership + - name: membership protocol: TCP containerPort: {{ include (printf "temporal.%s.membershipPort" $service) $ }} {{- if ne $service "worker"}} diff --git a/infrastructure/dev-helm/temporal/values.yaml b/infrastructure/dev-helm/temporal/values.yaml index 9a150f5f..26232d9d 100644 --- a/infrastructure/dev-helm/temporal/values.yaml +++ b/infrastructure/dev-helm/temporal/values.yaml @@ -21,7 +21,7 @@ server: sidecarContainers: {} image: repository: temporalio/server - tag: 1.22.4 + tag: "1.20" pullPolicy: IfNotPresent # Global default settings (can be overridden per service) @@ -198,6 +198,7 @@ server: annotations: {} # Evaluated as template type: ClusterIP port: 7233 + membershipPort: 6933 metrics: annotations: enabled: true @@ -220,6 +221,7 @@ server: service: # type: ClusterIP port: 7234 + membershipPort: 6934 metrics: annotations: enabled: true @@ -242,6 +244,7 @@ server: service: # type: ClusterIP port: 7235 + membershipPort: 6935 metrics: annotations: enabled: false @@ -264,6 +267,7 @@ server: service: # type: ClusterIP port: 7239 + membershipPort: 6939 metrics: annotations: enabled: true @@ -372,7 +376,7 @@ web: additionalEnv: [] containerSecurityContext: {} - + securityContext: {} schema: diff --git a/spicedb/deploy/Dockerfile b/spicedb/deploy/Dockerfile index e1a3865e..493745b5 100644 --- a/spicedb/deploy/Dockerfile +++ b/spicedb/deploy/Dockerfile @@ -1,5 +1,5 @@ -FROM quay.io/authzed/spicedb:v1.2.0 as spicedb -FROM quay.io/rockylinux/rockylinux:8 +FROM quay.io/authzed/spicedb:v1.28.0 as spicedb +FROM quay.io/rockylinux/rockylinux:9 COPY --from=spicedb /usr/local/bin/spicedb /usr/local/bin/spicedb COPY --from=spicedb /usr/local/bin/grpc_health_probe /usr/local/bin/grpc_health_probe diff --git a/spicedb/deploy/common.jsonnet b/spicedb/deploy/common.jsonnet index 575ace58..1ee5d52a 100644 --- a/spicedb/deploy/common.jsonnet +++ b/spicedb/deploy/common.jsonnet @@ -6,7 +6,7 @@ local DSN = db.dsn('hydra'); { image: 'quay.io/peridot/spicedb', - tag: 'v0.3.21', + tag: 'v0.3.29', legacyDb: true, dsn: { name: 'DSN',