Deployment Details
Core implementation
- Java/Spring server app
- Postgres DB
- ElasticSearch
- Blob storage (Azure or Google Cloud)
- React/TypeScript UI
Deployment specific details for open-vsx.org deployment
application.yml- Eclipse Foundation specific UI
- Publisher’s agreement
Scripts and Github actions for publishing
-
extensions.jsonfile for list of extensions to auto-publish - Github action for nightly auto-publishing
- log of results
- Other Github actions for publishing extensions
- One must first have signed the Publisher Agreement.
- Publisher agreement status visible in one's profile.
- Create a
.vsixfile with thevsce packagecommand - Minimal package includes
extension.jsandpackage.json
- Click 'Publish' and drag and drop
.vsixfile in the UI. - Use the
ovsx publish --p [personal access token]command. Requires a personal access token one generates from profile settings. - Because file processing is asynchronous, extension will temporarily show as inactive until file processing completes, assuming no errors.
Documentation on architecture of implementation and instructions for building and deploying.
user_data
extension
extension_review
extension_version
file_resource
namespace
namespace_membership
namespace_social_links
personal_access_token
- update-download-counts - hourly
- MonthlyAdminStatistics - monthly
- ElasticSearchUpdateIndex - daily
- DataMirror, if enabled - configurable
- File processing on publish
- Namespace rename/merge
- DB migration
- Extension file removal
- Generate/delete keypair for extension signing
- Create/delete extension signature
- Production Kube Cluster
- 2 server pods (with up to 5 CPUs and 8 GB of RAM)
- 3 elastic search pods (with up to 4 CPUs and 6 GB of RAM)
- Staging Kube Cluster
- 1 server pod (with up to 1 CPU and 2 GB of RAM)
- 1 elastic search pod (with up to 1 CPU and 2 GB of RAM)
- Spring Boot
v3.1.0
- Java
eclipse-temurin:17.0.7_7-jdk
- Postgres
- version?
- 39GB
- Elastic
v8.7.1- 5MB
- Azure Blob storage
- 1.5TB
- Better Uptime
- SRE creates a pull request in the
eclipse/openvsxrepository. - GitHub runs Eclipse Contributor Agreement action to check that the committer has signed the Eclipse Contributor Agreement.
- GitHub action runs unit tests and integration tests.
- SRE merges the pull request into the
eclipse/openvsxmasterbranch. - SRE creates new release in the
eclipse/openvsxrepository:- SRE merges
@dependabotpull requests to fix vulnerabilities. - SRE drafts a new release and publishes it.
- GitHub action creates server and webui Docker images.
- if
webuihas changed, then SRE publishes newopenvsx-webuiversion to NPM. - if
clihas changed, then SRE publishes newovsxversion to NPM. - SRE updates release post with links to
serverandwebuiDocker images and, if changed,openvsx-webuiandovsxNPM packages.
- SRE merges
- SRE updates
DockerFileinamvanbaren/open-vsx.orgrepository with newopenvsx-serverDocker image version and, if changed, newopenvsx-webuipackage version. - if
openvsx-webuiversion has changed, then SRE updates theopenvsx-webuiversion in thewebsite/package.jsonfile and runsyarn installto update theyarn.lockfile. - SRE commits and pushes the changes to a new branch in the
amvanbaren/open-vsx.orgrepository. - SRE creates pull request to merge the new
amvanbaren/open-vsx.orgbranch intoEclipseFdn/open-vsx.orgrepositorymainbranch. - GitHub runs Eclipse Contributor Agreement action to check that the committer has signed the Eclipse Contributor Agreement.
- GitHub action kicks off Jenkins job to verify the new Docker image.
- SRE merges the pull request into the
mainbranch. - GitHub action kicks off Jenkins job to build the Docker image and deploy it to
staging. - SRE checks the staging server and does some quick smoke testing.
- SRE creates pull request in
EclipseFdn/open-vsx.orgrepository to merge themainbranch into theproductionbranch. - Independent review and approval of the pull request.
- SRE merges the pull request into the
productionbranch. - GitHub action kicks off Jenkins job to build the Docker image and deploy it to
production. - SRE monitors production for ~15 min to make sure the deployment succeeded and the server is stable.
- ElasticSearch unresponsive:
- Delete ElasticSearch pods.
- In server application.yml set
ovsx.elasticsearch.clear-on-start: true. - Wait until all ElasticSearch pods have started.
- Deploy server application.
- In server application.yml remove
ovsx.elasticsearch.clear-on-start: true.
- Open VSX server unresponsive:
- Delete Open VSX server pod.
- Wait until new pod has started.
- Repeat the previous steps until all Open VSX server pods are renewed.
- Too much load:
- Delete pod that is under load.
- Wait until new pod has started.
- Administration requests appear as issues.
- Ensure there is not a compelling reason a person should not be granted ownership, e.g. a random person requesting ownership of 'redhat' namespace.
- There is no current owner
- There are no other contributors ('Openvsx', auto-publishing ID, is a special case)
- If there are existing contributors to the namespace, attempt to contact them by Github ID in the namespace ownership issue.
- If the namespace doesn't exist, create it.
- Assign the user (by Github ID) as owner, by adding or by changing status from 'Contributor' to 'Owner'.
- If extensions are already being auto-published in this namespace, alert the new owner
- This is an intensive process.
- If un-publishing a larger number of versions, authentication will time out. Keep a second browser tab open to continually refresh.
- One may need to break up a large number of versions into smaller sets
- Background process that can take some time (exponential back off/retry)
- Ensure all involved in the namespace are aware of the pending change
- Consult license at https://marketplace.visualstudio.com/ and code repository (if available)
- These are handled by Open VSX Program Manager working with license@eclipse-foundation.org
- Committers on https://github.com/open-vsx/publish-extensions do this.