-
Notifications
You must be signed in to change notification settings - Fork 73
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
THREESCALE-10924: Remove duplicated config .yml files, keep only those in config/ #3766
base: master
Are you sure you want to change the base?
Conversation
@@ -253,7 +253,7 @@ def cache_store_config | |||
email_sanitizer_configs = (three_scale.delete(:email_sanitizer) || {}).symbolize_keys | |||
config.three_scale.email_sanitizer.merge!(email_sanitizer_configs) | |||
|
|||
config.three_scale.merge!(three_scale.slice!(:force_ssl, :access_code)) | |||
config.three_scale.merge!(three_scale.slice!(:force_ssl)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think there was actually a bug here. This access_code
is retrieved here:
access_code.presence || ThreeScale.config.access_code |
But with this code, it was resulting in nil
. The correct way to get the value would be Rails.application.config.access_code
. But I thought it would be better to place it under three_scale
specific config.
config/zync.yml
Outdated
<<: *default | ||
endpoint: | ||
|
||
production: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This file is overwritten by 3scale operator: https://github.com/3scale/3scale-operator/blob/87c3f3b9d18b2fb625d05fa6c2cbb60b3c397d0c/pkg/3scale/amp/component/system.go#L1227-L1235
Need to figure out:
- do we need it? can't we use the built-in
zync.yml
file? - if we have one already in
config
, would operator override it?
@@ -1,3 +0,0 @@ | |||
production: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
517082c
to
fcb147f
Compare
Differences between the current and the target configs, caused by the refactoring of the config files (this is with the assumption that
Files to compare:
Files to compare: |
Script that I used to print the configs:
Example commands:
|
username: <%= ENV.fetch('CONFIG_INTERNAL_API_USER', nil) %> | ||
password: <%= ENV.fetch('CONFIG_INTERNAL_API_PASSWORD', nil) %> | ||
|
||
development: | ||
<<: *default | ||
# fake server is useful when you don't run a real backend apisonator | ||
# fake_server: 'http://localhost:3000/internal/' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
OK, this might be a potential place that a developer might want to change locally. We can add an env var for this.
@@ -0,0 +1,42 @@ | |||
base: &default | |||
<% case ENV['DATABASE_URL'].to_s |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
So, this might be controversial...
This changed file does the ENV['DATABASE_URL'].to_s
3 times 😬 (well, I guess at the execution time it will be 2.
But to be honest, for me it's much easier to understand this one than the original one: https://github.com/3scale/porta/blob/539780953ebc6eddebcc1450a842e9d3198ea571/config/examples/database.yml
But maybe I'm wrong, and the original is actually better. Opinions welcome!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I changed my mind 🙃
I will revert the format of this file to the original one.
config/segment.yml
Outdated
@@ -1,7 +1,7 @@ | |||
base: &default | |||
enabled: false | |||
stub: false | |||
write_key: 'null' | |||
write_key: true |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What is this for?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is for Segment analytics
analytics.load("<%= segment.write_key %>"); |
We use it in SaaS, on-premises it's disabled. This true
value was in openshift
configs, but the value actually doesn't matter, cause as long as it's disabled, it won't be used.
We can actually add env vars here, so we can later reuse this config in SaaS. But not sure whether to leave it for another PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If it's disabled by default in all environments, how they enable it in SaaS? I guess they need to create a configmap for this file and mount it. I think it would be better to add an env variable to enable it, and leave it disabled by default. Anyway, better to do it in another PR I think.
@@ -14,4 +14,5 @@ test: | |||
client_secret: fake_secret | |||
|
|||
production: | |||
<<: *default | |||
github: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this disable adding Github as an external auth provider?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is for "3scale-branded" GitHub integration, that is used in SaaS *
This has always been disabled in on-premises: https://github.com/3scale/porta/blob/99b24fb6622653c0f040e36b5530bd1b55e8f64b/openshift/system/config/oauth2.yml
- in SaaS we have a global GitHub client, that we allow the providers to use for authentication, without the need to set up their own GitHub OAuth application. They can still use their own GitHub apps, this setting doesn't (or at least shouldn't) prevent that.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Then I think it should be disabled by default. With current configuration it's enabled by for development, but with empty id and key:
base: &default
github:
enabled: <%= ENV.fetch('GITHUB_ENABLED', '1') == '1' %>
client_id: <%= ENV['GITHUB_CLIENT_ID'] %>
client_secret: <%= ENV['GITHUB_CLIENT_SECRET'] %>
development:
<<: *default
IMO it should be like this:
enabled: <%= ENV.fetch('GITHUB_ENABLED', '0') == '1' %>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep, makes sense 👍
It was failing because of the validation error: "From does not match the domain of your outbound email" errors.add(field, :wrong_domain) unless email.join.split('@').last == domain Caused by the change of the default no-reply email in settings from example.net to example.com
a70cde4
to
c078fe5
Compare
enabled: false | ||
stub: false | ||
write_key: 'null' | ||
enabled: <%= ENV['SEGMENT_WRITE_KEY'].present? %> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nice!
What this PR does / why we need it:
We currently have multiple places where
.yml
configuration files are set:config
- the default folderconfig/examples
- these are not added to the container image, but for development they need to be copied toconfig
openshift/system/config
- these are copied to the container image by Dockerfile commands.This causes some inconveniences:
example
to local versions againThis can be avoided by having a single set of configs. Normally, they would not collide, because we use
development
andtest
for development, andproduction
typically is only used in the container image. And even if we wanted to runproduction
locally, the values are normally configured through env variables, so it's the matter of adjusting your.env
file.Which issue(s) this PR fixes
https://issues.redhat.com/browse/THREESCALE-10924
Verification steps
See these comments:
#3766 (comment)
#3766 (comment)
Special notes for your reviewer: