Skip to content

Commit ee6fa84

Browse files
thenav56thenav56
authored
feat(montandon-eoapi): sync prod with staging changes (#153)
1 parent d6f583d commit ee6fa84

6 files changed

Lines changed: 575 additions & 38 deletions

File tree

applications/argocd/production/applications/montandon-eoapi.yaml renamed to applications/argocd/production/applications/montandon-eoapi/application.yaml

Lines changed: 53 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -9,16 +9,13 @@ spec:
99
project: default
1010
sources:
1111
- repoURL: https://devseed.com/eoapi-k8s/
12-
# - repoURL: https://github.com/developmentseed/eoapi-k8s.git
1312
chart: eoapi
14-
targetRevision: 0.7.10
15-
# targetRevision: "stac.overrideRootPath"
16-
# path: charts/eoapi
13+
targetRevision: 0.10.0
1714
helm:
1815
valuesObject:
1916
ingress:
2017
enabled: false
21-
# host: "montandon-eoapi-stage.ifrc.org"
18+
# host: "montandon-eoapi.ifrc.org"
2219
# tls:
2320
# enabled: true
2421
# secretName: montandon-eoapi-helm-secret-cert
@@ -31,6 +28,9 @@ spec:
3128
raster:
3229
enabled: false
3330
stac:
31+
image:
32+
tag: 6.1.2
33+
overrideRootPath: ""
3434
settings:
3535
labels:
3636
azure.workload.identity/use: "true"
@@ -42,16 +42,18 @@ spec:
4242
memory: "4096Mi"
4343
cpu: "1000m"
4444
envVars:
45+
ENABLE_TRANSACTIONS_EXTENSIONS: "TRUE"
4546
FORWARDED_ALLOW_IPS: "*"
4647
PROXY_HEADERS: True
47-
POSTGRES_USER: postgres
48-
POSTGRES_PORT: 5432
49-
CORS_HEADERS: '["*"]'
50-
CORS_METHODS: '["GET","OPTIONS"]'
51-
CORS_ORIGINS: '["http://localhost:8000"]'
52-
CORS_CREDENTIALS: "True"
53-
# https://stac-utils.github.io/stac-fastapi-pgstac/settings/#application-extension
54-
ENABLE_TRANSACTIONS_EXTENSIONS: "TRUE"
48+
CORS_ORIGINS: "https://localhost:3000,https://alerthub.ifrc.org,https://montandon-eoapi.ifrc.org"
49+
CORS_ORIGIN_REGEX: ".*"
50+
CORS_HEADERS: "Accept, Authorization, Content-Type, Origin, X-Requested-With"
51+
CORS_METHODS: "GET,OPTIONS,POST"
52+
CORS_CREDENTIALS: "true"
53+
STAC_FASTAPI_VERSION: "6.1.2"
54+
STAC_FASTAPI_TITLE: "Montandon STAC API"
55+
STAC_FASTAPI_DESCRIPTION: "Welcome to the [Montandon](https://ifrcgo.org/monty-stac-extension/) STAC API. This API provides the main entry to access the Global Crisis Data Bank, a database that brings in hazard and impact data for current, historical and forecasted disasters around the globe"
56+
STAC_FASTAPI_LANDING_ID: "montandon-eoapi"
5557
extraVolumeMounts:
5658
- name: azure-keyvault-secrets
5759
mountPath: /mnt/secrets-store
@@ -74,27 +76,28 @@ spec:
7476
labels:
7577
azure.workload.identity/use: "true"
7678

77-
pgstacBootstrap:
78-
enabled: false
79-
# image:
80-
# name: ghcr.io/stac-utils/pgstac
81-
# tag: v0.9.5
82-
settings:
83-
labels:
84-
azure.workload.identity/use: "true"
85-
extraEnvVars:
86-
POSTGRES_USER: postgres
87-
POSTGRES_PORT: 5432
88-
# extraEnvFrom:
89-
# - secretRef:
90-
# name: pgstac-secrets-montandon-eoapi
91-
extraVolumes:
92-
- name: azure-keyvault-secrets
93-
csi:
94-
driver: secrets-store.csi.k8s.io
95-
readOnly: true
96-
volumeAttributes:
97-
secretProviderClass: azure-secret-provider-montandon-eoapi
79+
# pgstacBootstrap:
80+
# enabled: true
81+
# settings:
82+
# annotations:
83+
# argocd.argoproj.io/hook: Sync
84+
# # labels:
85+
# # azure.workload.identity/use: "true"
86+
# # extraVolumes:
87+
# # - name: azure-keyvault-secrets
88+
# # csi:
89+
# # driver: secrets-store.csi.k8s.io
90+
# # readOnly: true
91+
# # volumeAttributes:
92+
# # secretProviderClass: azure-secret-provider-montandon-eoapi
93+
# queryables:
94+
# # configMap
95+
# - name: "stac-queryables.json"
96+
# configMapRef:
97+
# name: montandon-eoapi-stac-queryables
98+
# key: stac_queryables.json
99+
# indexFields: ["monty:hazard_codes", "monty:country_codes", "roles"]
100+
# deleteMissing: true
98101
postgresql:
99102
type: "external-secret"
100103
external:
@@ -111,9 +114,19 @@ spec:
111114

112115
postgrescluster:
113116
enabled: false
114-
115-
- path: applications/argocd/production/applications/montandon-eoapi/
116-
targetRevision: master
117+
# instances:
118+
# - name: eoapi
119+
# replicas: 1
120+
# dataVolumeClaimSpec:
121+
# accessModes:
122+
# - "ReadWriteOnce"
123+
# resources:
124+
# requests:
125+
# storage: "600Gi"
126+
# cpu: "1024m"
127+
# memory: "3048Mi"
128+
- path: applications/argocd/production/applications/montandon-eoapi/internal/
129+
targetRevision: develop
117130
repoURL: https://github.com/IFRCGo/go-deploy.git
118131
- repoURL: https://github.com/developmentseed/stac-auth-proxy.git
119132
targetRevision: v0.9.2
@@ -122,11 +135,13 @@ spec:
122135
valuesObject:
123136
env:
124137
UPSTREAM_URL: "http://montandon-eoapi-stac:8080"
138+
# UPSTREAM_URL: "https://montandon-eoapi.ifrc.org/stac"
125139
OIDC_DISCOVERY_URL: "https://goadmin.ifrc.org/o/.well-known/openid-configuration"
126140
OVERRIDE_HOST: "0"
141+
ROOT_PATH: "/stac"
127142
ingress:
128143
enabled: "true"
129-
host: "montandon-eoapi.ifrc.org" # Decide on URL etc
144+
host: "montandon-eoapi.ifrc.org"
130145
className: "nginx"
131146
tls:
132147
enabled: "true"

applications/argocd/production/applications/montandon-eoapi/montandon-eoapi-spc.yaml renamed to applications/argocd/production/applications/montandon-eoapi/internal/montandon-eoapi-spc.yaml

File renamed without changes.

applications/argocd/production/applications/montandon-eoapi/internal/pgstac-load-samples.yaml

Lines changed: 90 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,90 @@
1+
# Static job for loading PgSTAC sample data
2+
# This job can be used to load sample data into PgSTAC
3+
# Currently, this is a dummy job to fix dependencies in STAC API start
4+
---
5+
apiVersion: batch/v1
6+
kind: Job
7+
metadata:
8+
name: montandon-eoapi-pgstac-load-samples
9+
labels:
10+
app: montandon-eoapi-pgstac-load-samples
11+
component: database
12+
spec:
13+
template:
14+
metadata:
15+
labels:
16+
app: montandon-eoapi-pgstac-load-samples
17+
component: database
18+
spec:
19+
restartPolicy: Never
20+
containers:
21+
- name: dummy-load-samples
22+
image: ghcr.io/stac-utils/pgstac-pypgstac:v0.9.8 # Customize: image version
23+
command:
24+
- "/bin/sh"
25+
- "-c"
26+
args:
27+
- |
28+
# Wait for database readiness
29+
echo "Double-checking database readiness..."
30+
pypgstac pgready
31+
env:
32+
# Database connection settings
33+
- name: POSTGRES_HOST
34+
valueFrom:
35+
secretKeyRef:
36+
name: pgstac-secrets-montandon-eoapi
37+
key: DB_HOST
38+
- name: PGHOST
39+
valueFrom:
40+
secretKeyRef:
41+
name: pgstac-secrets-montandon-eoapi
42+
key: DB_HOST
43+
- name: POSTGRES_PORT
44+
valueFrom:
45+
secretKeyRef:
46+
name: pgstac-secrets-montandon-eoapi
47+
key: DB_PORT
48+
- name: PGPORT
49+
valueFrom:
50+
secretKeyRef:
51+
name: pgstac-secrets-montandon-eoapi
52+
key: DB_PORT
53+
- name: POSTGRES_USER
54+
valueFrom:
55+
secretKeyRef:
56+
name: pgstac-secrets-montandon-eoapi
57+
key: DB_USER
58+
- name: PGUSER
59+
valueFrom:
60+
secretKeyRef:
61+
name: pgstac-secrets-montandon-eoapi
62+
key: DB_USER
63+
- name: POSTGRES_DB
64+
valueFrom:
65+
secretKeyRef:
66+
name: pgstac-secrets-montandon-eoapi
67+
key: DB_NAME
68+
- name: PGDATABASE
69+
valueFrom:
70+
secretKeyRef:
71+
name: pgstac-secrets-montandon-eoapi
72+
key: DB_NAME
73+
- name: POSTGRES_PASSWORD
74+
valueFrom:
75+
secretKeyRef:
76+
name: pgstac-secrets-montandon-eoapi
77+
key: DB_PASSWORD
78+
- name: PGPASSWORD
79+
valueFrom:
80+
secretKeyRef:
81+
name: pgstac-secrets-montandon-eoapi
82+
key: DB_PASSWORD
83+
84+
# Optional PgSTAC settings
85+
- name: PGSTAC_USE_QUEUE
86+
value: "false" # Customize: enable/disable queue
87+
- name: PGSTAC_QUEUE_TIMEOUT
88+
value: "30" # Customize: queue timeout in seconds
89+
90+
backoffLimit: 3 # Customize: number of retries

applications/argocd/production/applications/montandon-eoapi/internal/pgstac-migrate-job.yaml

Lines changed: 98 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,98 @@
1+
# Static job for PgSTAC schema migration
2+
# This job can be used independently of the pgstacBootstrap feature
3+
# Uncomment and customize the values below for your deployment
4+
---
5+
apiVersion: batch/v1
6+
kind: Job
7+
metadata:
8+
name: montandon-eoapi-pgstac-migrate
9+
labels:
10+
app: montandon-eoapi-pgstac-migrate
11+
component: database
12+
spec:
13+
template:
14+
metadata:
15+
labels:
16+
app: montandon-eoapi-pgstac-migrate
17+
component: database
18+
spec:
19+
restartPolicy: Never
20+
containers:
21+
- name: pgstac-migrate
22+
image: ghcr.io/stac-utils/pgstac-pypgstac:v0.9.8 # Customize: image version
23+
command:
24+
- "/bin/sh"
25+
- "-c"
26+
args:
27+
- |
28+
# Exit on any error
29+
set -e
30+
31+
# Wait for database readiness
32+
echo "Double-checking database readiness..."
33+
pypgstac pgready
34+
# Run PgSTAC migrations
35+
echo "Running PgSTAC migrations..."
36+
pypgstac migrate
37+
38+
echo "PgSTAC migration complete"
39+
env:
40+
# Database connection settings
41+
- name: POSTGRES_HOST
42+
valueFrom:
43+
secretKeyRef:
44+
name: pgstac-secrets-montandon-eoapi
45+
key: DB_HOST
46+
- name: PGHOST
47+
valueFrom:
48+
secretKeyRef:
49+
name: pgstac-secrets-montandon-eoapi
50+
key: DB_HOST
51+
- name: POSTGRES_PORT
52+
valueFrom:
53+
secretKeyRef:
54+
name: pgstac-secrets-montandon-eoapi
55+
key: DB_PORT
56+
- name: PGPORT
57+
valueFrom:
58+
secretKeyRef:
59+
name: pgstac-secrets-montandon-eoapi
60+
key: DB_PORT
61+
- name: POSTGRES_USER
62+
valueFrom:
63+
secretKeyRef:
64+
name: pgstac-secrets-montandon-eoapi
65+
key: DB_USER
66+
- name: PGUSER
67+
valueFrom:
68+
secretKeyRef:
69+
name: pgstac-secrets-montandon-eoapi
70+
key: DB_USER
71+
- name: POSTGRES_DB
72+
valueFrom:
73+
secretKeyRef:
74+
name: pgstac-secrets-montandon-eoapi
75+
key: DB_NAME
76+
- name: PGDATABASE
77+
valueFrom:
78+
secretKeyRef:
79+
name: pgstac-secrets-montandon-eoapi
80+
key: DB_NAME
81+
- name: POSTGRES_PASSWORD
82+
valueFrom:
83+
secretKeyRef:
84+
name: pgstac-secrets-montandon-eoapi
85+
key: DB_PASSWORD
86+
- name: PGPASSWORD
87+
valueFrom:
88+
secretKeyRef:
89+
name: pgstac-secrets-montandon-eoapi
90+
key: DB_PASSWORD
91+
92+
# Optional PgSTAC settings
93+
- name: PGSTAC_USE_QUEUE
94+
value: "false" # Customize: enable/disable queue
95+
- name: PGSTAC_QUEUE_TIMEOUT
96+
value: "30" # Customize: queue timeout in seconds
97+
98+
backoffLimit: 3 # Customize: number of retries

0 commit comments

Comments
 (0)