Wpb 23988 disable smallstep#882
Wpb 23988 disable smallstep#882mohitrajain wants to merge 6 commits intowpb-23988-fix-internet-access-wiab-stagfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Disables deployment of the smallstep-accomp Helm chart in WIAB-related flows, aligning deployment automation and WIAB staging documentation with the intent to no longer include smallstep in those environments.
Changes:
- Remove
smallstep-accompfrombin/helm-operations.shchart processing and deployment order. - Update WIAB staging documentation to no longer list or link
smallstep-accomp. - Remove
smallstep-accompfrom the demo Ansible inventory chart deployment list. - Add a changelog entry documenting the change.
Reviewed changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| offline/wiab-staging.md | Updates WIAB staging docs to exclude smallstep-accomp from deployed charts and further-reading links. |
| bin/helm-operations.sh | Stops preparing values for and deploying the smallstep-accomp chart. |
| ansible/inventory/demo/host.yml | Removes smallstep-accomp from charts_to_deploy. |
| changelog.d/3-deploy-builds/disable-smallstep | Adds release note about disabling smallstep deployments in WIAB environments. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
mohitrajain
force-pushed
the
wpb-23988-fix-internet-access-wiab-stag
branch
from
5fe8c25 to
d6ff314
Compare
mohitrajain
force-pushed
the
wpb-23988-disable-smallstep
branch
from
58e620e to
6a10c35
Compare
offline/wiab-staging.md
Outdated
| **Charts deployed by the script:** | ||
| - External datastores and helpers: `cassandra-external`, `elasticsearch-external`, `minio-external`, `rabbitmq-external`,`postgresql-external`, `databases-ephemeral`, `reaper`, `fake-aws`, `demo-smtp`. | ||
| - Wire services: `wire-server`, `webapp`, `account-pages`, `team-settings`, `smallstep-accomp`. | ||
| - External datastores and helpers: `cassandra-external`, `elasticsearch-external`, `minio-external`, `rabbitmq-external`,`postgresql-external`, `databases-ephemeral`, `reaper`, `fake-aws`, `smtp`. |
There was a problem hiding this comment.
why the change from demo-smtp to smtp ? is that related to the smallstep stuff or should it be done separately?
There was a problem hiding this comment.
this was an old typo, which i found and I fixed it in the documentation.
mohitrajain
force-pushed
the
wpb-23988-disable-smallstep
branch
from
3adadd4 to
70ff9cd
Compare
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 5 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| on: | ||
| pull_request: | ||
| branches: ["**"] | ||
| push: | ||
| branches: ["master"] |
There was a problem hiding this comment.
With the new push trigger enabled, the workflow will now run on merge commits and other pushes. The script’s push path currently diffs against HEAD~1, which can miss changes when a push contains multiple commits; use github.event.before (or otherwise diff ${{ github.sha }} against the correct base) to cover the full push range. Also consider whether develop should be included here for consistency with other workflows that run on push to master, develop.
offline/wiab-staging.md
Outdated
| - External datastores and helpers: `cassandra-external`, `elasticsearch-external`, `minio-external`, `rabbitmq-external`,`postgresql-external`, `databases-ephemeral`, `reaper`, `fake-aws`, `smtp`. | ||
| - Wire services: `wire-server`, `webapp`, `account-pages`, `team-settings`. | ||
| - Ingress and certificates: `ingress-nginx-controller`, `cert-manager`, `nginx-ingress-services`. |
There was a problem hiding this comment.
This list implies cert-manager is always deployed, but bin/helm-operations.sh only installs it when DEPLOY_CERT_MANAGER=TRUE (and docs above mention disabling it). Consider marking cert-manager/nginx-ingress-services as conditional in this list to avoid confusing users. Also there’s a missing space after the comma between rabbitmq-external and postgresql-external in the same line.
| - External datastores and helpers: `cassandra-external`, `elasticsearch-external`, `minio-external`, `rabbitmq-external`,`postgresql-external`, `databases-ephemeral`, `reaper`, `fake-aws`, `smtp`. | |
| - Wire services: `wire-server`, `webapp`, `account-pages`, `team-settings`. | |
| - Ingress and certificates: `ingress-nginx-controller`, `cert-manager`, `nginx-ingress-services`. | |
| - External datastores and helpers: `cassandra-external`, `elasticsearch-external`, `minio-external`, `rabbitmq-external`, `postgresql-external`, `databases-ephemeral`, `reaper`, `fake-aws`, `smtp`. | |
| - Wire services: `wire-server`, `webapp`, `account-pages`, `team-settings`. | |
| - Ingress and certificates (conditional on `DEPLOY_CERT_MANAGER=TRUE`): `ingress-nginx-controller`, `cert-manager`, `nginx-ingress-services`. |
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 4 out of 5 changed files in this pull request and generated 2 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| @@ -0,0 +1 @@ | |||
| Fixed: stop deploying smallstep in wiab-staging and wiab-dev environments | |||
There was a problem hiding this comment.
The changelog entry says “smallstep”, but the actual component removed from deployments/docs appears to be the smallstep-accomp chart. Please update the entry to use the precise chart/component name to avoid ambiguity.
| Fixed: stop deploying smallstep in wiab-staging and wiab-dev environments | |
| Fixed: stop deploying the smallstep-accomp chart in wiab-staging and wiab-dev environments |
| push: | ||
| branches: ["master"] |
There was a problem hiding this comment.
Now that this workflow also runs on push to master, the push-event diff base should use github.event.before (the pre-push SHA) instead of git rev-parse HEAD~1. Using HEAD~1 can miss changelog changes when a push contains multiple commits, causing false failures/successes.
| on: | ||
| pull_request: | ||
| branches: ["**"] | ||
| push: |
There was a problem hiding this comment.
how is this change related?
There was a problem hiding this comment.
no, not related but it is part of chained changes in chained PRs.
mohitrajain
force-pushed
the
wpb-23988-fix-internet-access-wiab-stag
branch
from
926eaa8 to
b56f8b2
Compare
…ound running commands
mohitrajain
force-pushed
the
wpb-23988-disable-smallstep
branch
from
70ff9cd to
ddc104f
Compare
|
Fixed: stop deploying smallstep in wiab-staging and wiab-dev environments
Change type
Basic information
Testing
Offline Build CI (label-based)
Add one or more labels to trigger offline builds:
build-default- Full production build (ansible, terraform, all packages)build-demo- Demo/WIAB buildbuild-wiab-staging- WIAB-staging buildbuild-min- Minimal build (fastest, essential charts only)build-all- Run all three buildsNote: No builds run by default. Add a label to trigger CI.
Tracking
changelog.dKnowledge Transfer
Motivation
Objective
Reason
Use case