<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Thu Feb 08 23:19:24 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[FOLIO-2265] Create preview namespace and Okapi for PR preview</title>
                <link>https://folio-org.atlassian.net/browse/FOLIO-2265</link>
                <project id="10290" key="FOLIO">FOLIO</project>
                    <description>&lt;p&gt;Create a new preview namespace on kuberenetes. This okapi will run the tenants for PR previews.&lt;/p&gt;

&lt;p&gt;Components:&lt;/p&gt;
&lt;ul&gt;
	&lt;li&gt;New namespace on CI kubernetes cluster (called preview)&lt;/li&gt;
	&lt;li&gt;New database/okapi running in preview namespace&lt;/li&gt;
&lt;/ul&gt;
</description>
                <environment></environment>
        <key id="81400">FOLIO-2265</key>
            <summary>Create preview namespace and Okapi for PR preview</summary>
                <type id="10003" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium">Task</type>
                                            <priority id="10001" iconUrl="https://dev.folio.org/assets/jira-priority/jira-p2.svg">P2</priority>
                        <status id="6" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="green"/>
                                    <resolution id="10003">Done</resolution>
                                                        <assignee accountid="5cd423bebc70090d6ce241b1">Ian Hardy</assignee>
                                                                <reporter accountid="5cd423bebc70090d6ce241b1">Ian Hardy</reporter>
                                    <labels>
                            <label>ci</label>
                            <label>devops</label>
                            <label>platform-backlog</label>
                    </labels>
                <created>Tue, 17 Sep 2019 18:50:16 +0000</created>
                <updated>Wed, 3 Jun 2020 16:40:08 +0000</updated>
                            <resolved>Tue, 1 Oct 2019 17:38:08 +0000</resolved>
                                                                        <due></due>
                            <votes>0</votes>
                                    <watches>5</watches>
                                                                <comments>
                                                            <comment id="193184" author="5cd423bebc70090d6ce241b1" created="Tue, 24 Sep 2019 20:30:03 +0000"  >&lt;p&gt;Created database for preview okapi plus deployment, service, and ingress. Need to bridge namespaces for the modules required to secure the supertenant in order to secure.&lt;/p&gt;</comment>
                                                            <comment id="193189" author="5cd423bebc70090d6ce241b1" created="Fri, 27 Sep 2019 15:25:11 +0000"  >&lt;blockquote&gt;&lt;p&gt;Need to bridge namespaces for the modules required to secure the supertenant in order to secure.&lt;/p&gt;&lt;/blockquote&gt;

&lt;p&gt;^ My mistake, this is a very bad idea. I set up the second okapi this way and caused problems with the supertenant. The issue was overlapping DB between thew two okapi instances since the module schemas for supertenant_mod* share the same name. Instead, proceed by deploying a separate set of the modules required for auth using their own db for this namespace.&lt;/p&gt;

&lt;p&gt;Practically speaking I can&apos;t think of any reasons outside of CI to have two different okapi clusters share a set of modules. But for CI and any other application it is critical that tenant ids are unique between the two okapis. This has to be managed by sysadmins since okapi of course will not force unique Ids against another okapi not in the same cluster.&lt;/p&gt;

&lt;p&gt;As a side note, one way to fix this on k8s was:&lt;/p&gt;

&lt;p&gt;1. spin up bastion host on cluster (used an ubuntu container and install the psql client)&lt;br/&gt;
2. login to rds database and check which modules are enabled:&lt;/p&gt;
&lt;div class=&quot;preformatted panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;preformattedContent panelContent&quot;&gt;
&lt;pre&gt; SELECT tenantjson from tenants WHERE tenantjson-&amp;gt;&apos;descriptor&apos;-&amp;gt;&amp;gt;&apos;id&apos; = &apos;supertenant&apos;;&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;
&lt;p&gt;3. Update excluding mod-authtoken from the list of enabled modules (be sure to use the current enabled modules not the values below)&lt;/p&gt;
&lt;div class=&quot;preformatted panel&quot; style=&quot;border-width: 1px;&quot;&gt;&lt;div class=&quot;preformattedContent panelContent&quot;&gt;
&lt;pre&gt;UPDATE tenants
SET tenantjson = &apos;{&quot;enabled&quot;: {&quot;okapi-2.32.0&quot;: true, &quot;mod-login-6.0.0&quot;: true, &quot;mod-users-15.6.1&quot;: true, &quot;mod-permissions-5.8.1&quot;: true}, &quot;descriptor&quot;: {&quot;id&quot;: &quot;supertenant&quot;, &quot;name&quot;: &quot;supertenant&quot;, &quot;description&quot;: &quot;Okapi built-in super tenant&quot;}}&apos;
WHERE tenantjson-&amp;gt;&apos;descriptor&apos;-&amp;gt;&amp;gt;&apos;id&apos; = &apos;supertenant&apos;;
&lt;/pre&gt;
&lt;/div&gt;&lt;/div&gt;
&lt;p&gt;4. restart or redeploy okapi&lt;br/&gt;
5. Follow the steps in the okapi guide to rebuild superuser accounts and credentials ending w/enabling authtoken through the okapi API as normal&lt;/p&gt;
</comment>
                                                            <comment id="193195" author="5cd423bebc70090d6ce241b1" created="Tue, 1 Oct 2019 13:45:59 +0000"  >&lt;p&gt;Would like to update the design to use a separate RDS instance for the preview Okapi&apos;s okapi database and module database (only for those modules involved in securing the supertenant). There are errors occuring when trying to enable modules because the roles that need to be created for the supertenant already exist.&lt;/p&gt;</comment>
                                                            <comment id="193200" author="5cd423bebc70090d6ce241b1" created="Tue, 1 Oct 2019 17:38:08 +0000"  >&lt;ul&gt;
	&lt;li&gt;Created RDS instance for the preview okapi&apos;s okapi DB and for the modules involved in securing the supertenant.&lt;/li&gt;
	&lt;li&gt;secured supertenant&lt;/li&gt;
	&lt;li&gt;verified by creating tenant previewtest and enabling a module running in the okapi-default namespace (using an alias service to cross namespaces): &lt;a href=&quot;https://okapi-preview.ci.folio.org/_/proxy/tenants/previewtest/modules&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://okapi-preview.ci.folio.org/_/proxy/tenants/previewtest/modules&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;
</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10000">
                    <name>Blocks</name>
                                            <outwardlinks description="blocks">
                                        <issuelink>
            <issuekey id="11293">UXPROD-2066</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10057" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Development Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10144"><![CDATA[Core: Platform]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|hzx6nl:4d</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="1419">CP: sprint 73</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10044" key="com.atlassian.jira.plugin.system.customfieldtypes:float">
                        <customfieldname>Story Points</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10025" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>[CHART] Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>