From 59a31c14fe912375aee5507c916c5acc9e595a60 Mon Sep 17 00:00:00 2001 From: Theo Sanderson Date: Mon, 23 Sep 2024 12:49:35 +0100 Subject: [PATCH 1/4] ingest version checking --- .../loculus/templates/ingest-config.yaml | 2 ++ .../loculus/templates/ingest-deployment.yaml | 20 +++++++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/kubernetes/loculus/templates/ingest-config.yaml b/kubernetes/loculus/templates/ingest-config.yaml index 53f21cb85..85786a24c 100644 --- a/kubernetes/loculus/templates/ingest-config.yaml +++ b/kubernetes/loculus/templates/ingest-config.yaml @@ -1,3 +1,4 @@ +{{- $dockerTag := include "loculus.dockerTag" .Values }} {{- $testconfig := .Values.testconfig | default false }} {{- $backendHost := .Values.environment | eq "server" | ternary (printf "https://backend%s%s" .Values.subdomainSeparator $.Values.host) ($testconfig | ternary "http://localhost:8079" "http://loculus-backend-service:8079") }} {{- $keycloakHost := .Values.environment | eq "server" | ternary (printf "https://authentication%s%s" $.Values.subdomainSeparator $.Values.host) ($testconfig | ternary "http://localhost:8083" "http://loculus-keycloak-service:8083") }} @@ -12,6 +13,7 @@ metadata: data: config.yaml: | {{- $values.ingest.configFile | toYaml | nindent 4 }} + verify_loculus_version_is: {{$dockerTag}} organism: {{ $key }} backend_url: {{ $backendHost }} keycloak_token_url: {{ $keycloakHost -}}/realms/loculus/protocol/openid-connect/token diff --git a/kubernetes/loculus/templates/ingest-deployment.yaml b/kubernetes/loculus/templates/ingest-deployment.yaml index 8492c8041..ce54b328a 100644 --- a/kubernetes/loculus/templates/ingest-deployment.yaml +++ b/kubernetes/loculus/templates/ingest-deployment.yaml @@ -24,6 +24,26 @@ spec: argocd.argoproj.io/sync-options: Force=true,Replace=true spec: {{- include "possiblePriorityClassName" $ | nindent 6 }} + initContainers: + - name: version-check + image: busybox + {{- include "loculus.resources" (list "ingest-init" $.Values) | nindent 10 }} + command: ['sh', '-c', ' + CONFIG_VERSION=$(grep "verify_loculus_version_is:" /package/config/config.yaml | sed "s/verify_loculus_version_is://; s/^[[:space:]]*//; s/[[:space:]]*$//"); + DOCKER_TAG="{{ $dockerTag }}"; + echo "Config version: $CONFIG_VERSION"; + echo "Docker tag: $DOCKER_TAG"; + if [ "$CONFIG_VERSION" != "$DOCKER_TAG" ]; then + echo "Version mismatch: ConfigMap version $CONFIG_VERSION does not match docker tag $DOCKER_TAG"; + exit 1; + else + echo "Version match confirmed"; + fi + '] + volumeMounts: + - name: loculus-ingest-config-volume-{{ $key }} + mountPath: /package/config/config.yaml + subPath: config.yaml containers: - name: ingest-{{ $key }} image: {{ $value.ingest.image}}:{{ $dockerTag }} From c3474c7775ce9526ec1b36fc7451dd7088483405 Mon Sep 17 00:00:00 2001 From: Theo Sanderson Date: Mon, 23 Sep 2024 12:52:51 +0100 Subject: [PATCH 2/4] simplify --- kubernetes/loculus/templates/ingest-deployment.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kubernetes/loculus/templates/ingest-deployment.yaml b/kubernetes/loculus/templates/ingest-deployment.yaml index ce54b328a..7fd565111 100644 --- a/kubernetes/loculus/templates/ingest-deployment.yaml +++ b/kubernetes/loculus/templates/ingest-deployment.yaml @@ -29,7 +29,7 @@ spec: image: busybox {{- include "loculus.resources" (list "ingest-init" $.Values) | nindent 10 }} command: ['sh', '-c', ' - CONFIG_VERSION=$(grep "verify_loculus_version_is:" /package/config/config.yaml | sed "s/verify_loculus_version_is://; s/^[[:space:]]*//; s/[[:space:]]*$//"); + CONFIG_VERSION=$(grep "verify_loculus_version_is:" /package/config/config.yaml | sed "s/verify_loculus_version_is: //;"); DOCKER_TAG="{{ $dockerTag }}"; echo "Config version: $CONFIG_VERSION"; echo "Docker tag: $DOCKER_TAG"; @@ -129,4 +129,4 @@ spec: {{- end }} {{- end }} {{- end }} -{{- end }} \ No newline at end of file +{{- end }} From 6b9fa2b59e7a55cc390f52b44d2412477667c120 Mon Sep 17 00:00:00 2001 From: Theo Sanderson Date: Mon, 23 Sep 2024 13:14:39 +0100 Subject: [PATCH 3/4] Add reloader to ingest --- kubernetes/loculus/templates/ingest-deployment.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/kubernetes/loculus/templates/ingest-deployment.yaml b/kubernetes/loculus/templates/ingest-deployment.yaml index 7fd565111..6d1e93c3c 100644 --- a/kubernetes/loculus/templates/ingest-deployment.yaml +++ b/kubernetes/loculus/templates/ingest-deployment.yaml @@ -7,6 +7,8 @@ apiVersion: apps/v1 kind: Deployment metadata: name: loculus-ingest-deployment-{{ $key }} + annotations: + reloader.stakater.com/auto: "true" spec: replicas: 1 strategy: From 99f8ec883b4a4dae26225240017cdec53e129d4a Mon Sep 17 00:00:00 2001 From: Theo Sanderson Date: Mon, 23 Sep 2024 13:37:40 +0100 Subject: [PATCH 4/4] move argocd annotations to top level --- kubernetes/loculus/templates/ingest-deployment.yaml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/kubernetes/loculus/templates/ingest-deployment.yaml b/kubernetes/loculus/templates/ingest-deployment.yaml index 6d1e93c3c..f50ff1e30 100644 --- a/kubernetes/loculus/templates/ingest-deployment.yaml +++ b/kubernetes/loculus/templates/ingest-deployment.yaml @@ -9,6 +9,7 @@ metadata: name: loculus-ingest-deployment-{{ $key }} annotations: reloader.stakater.com/auto: "true" + argocd.argoproj.io/sync-options: Force=true,Replace=true spec: replicas: 1 strategy: @@ -22,8 +23,6 @@ spec: labels: app: loculus component: loculus-ingest-deployment-{{ $key }} - annotations: - argocd.argoproj.io/sync-options: Force=true,Replace=true spec: {{- include "possiblePriorityClassName" $ | nindent 6 }} initContainers: @@ -78,6 +77,9 @@ apiVersion: batch/v1 kind: CronJob metadata: name: loculus-revoke-and-regroup-cronjob-{{ $key }} + annotations: + argocd.argoproj.io/sync-options: Replace=true + reloader.stakater.com/auto: "true" spec: schedule: "0 0 31 2 *" # Never runs without manual trigger startingDeadlineSeconds: 60 @@ -90,9 +92,6 @@ spec: labels: app: loculus component: loculus-ingest-cronjob-{{ $key }} - annotations: - argocd.argoproj.io/sync-options: Replace=true - reloader.stakater.com/auto: "true" spec: restartPolicy: Never containers: