<!-- 
RSS generated by JIRA (1001.0.0-SNAPSHOT#100246-sha1:7a5c50119eb0633d306e14180817ddef5e80c75d) at Thu Feb 08 23:22:38 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary add field=key&field=summary to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>FOLIO Jira</title>
    <link>https://folio-org.atlassian.net</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>1001.0.0-SNAPSHOT</version>
        <build-number>100246</build-number>
        <build-date>07-02-2024</build-date>
    </build-info>

<item>
            <title>[FOLIO-2705] Create dedicated S3 buckets for FOLIO dev teams</title>
                <link>https://folio-org.atlassian.net/browse/FOLIO-2705</link>
                <project id="10290" key="FOLIO">FOLIO</project>
                    <description>&lt;p&gt;Create a dedicated S3 bucket in us-west-2 for each dev team and provide write access and credentials to each dev team.    This is primarily to support the data-import/export modules but  can be used for other team tasks.    Determine feasibility of public read-only access. &lt;/p&gt;</description>
                <environment></environment>
        <key id="81756">FOLIO-2705</key>
            <summary>Create dedicated S3 buckets for FOLIO dev teams</summary>
                <type id="10003" iconUrl="https://folio-org.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10318?size=medium">Task</type>
                                            <priority id="10001" iconUrl="https://dev.folio.org/assets/jira-priority/jira-p2.svg">P2</priority>
                        <status id="6" iconUrl="https://folio-org.atlassian.net/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="green"/>
                                    <resolution id="10003">Done</resolution>
                                                        <assignee accountid="5f9abc1eb45b2e007453f423">John Malconian</assignee>
                                                                <reporter accountid="5f9abc1eb45b2e007453f423">John Malconian</reporter>
                                    <labels>
                            <label>dev-environment</label>
                            <label>devops-backlog</label>
                    </labels>
                <created>Mon, 27 Jul 2020 21:13:37 +0000</created>
                <updated>Fri, 14 Aug 2020 21:10:45 +0000</updated>
                            <resolved>Fri, 14 Aug 2020 19:40:32 +0000</resolved>
                                                                        <due></due>
                            <votes>0</votes>
                                    <watches>6</watches>
                                                                <comments>
                                                            <comment id="199393" author="5cd423bebc70090d6ce241b1" created="Wed, 29 Jul 2020 13:26:34 +0000"  >&lt;p&gt;fwiw, this is the policy we&apos;re currently using for the reference envs for data export: &lt;a href=&quot;https://github.com/folio-org-priv/folio-infrastructure/blob/master/CI/ansible/roles/s3-data-export/templates/policy.json.j2&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.com/folio-org-priv/folio-infrastructure/blob/master/CI/ansible/roles/s3-data-export/templates/policy.json.j2&lt;/a&gt;. &lt;/p&gt;

&lt;p&gt;mod-data-export on all of those builds (snapshot, testing etc) has the same IAM account which is granted list at the bucket root, and CRUD on sub-directories in the policy above. mod-data-export will create a directory named after the tenant it is enabled. To provide access it creates a magic link that expires in some time and shares it with the user in the UI.&lt;/p&gt;</comment>
                                                            <comment id="199394" author="5f9abc1eb45b2e007453f423" created="Wed, 12 Aug 2020 19:28:01 +0000"  >&lt;p&gt;I&apos;ve created an Ansible playbook in folio-infrastructure called &apos;dev-env-s3.yml&apos; which creates an S3 bucket for each of the dev teams configured in Rancher.   I&apos;ve created buckets for each team already.   The name of each bucket is the name of the dev team prepended with &apos;folio-&apos;.    For example,  &apos;folio-firebird&apos;.   &lt;/p&gt;

&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Each bucket is read/write when EITHER the correct AWS credentials are specified OR the bucket is accessed from any pods on the folio-eks-2-us-west-2 K8s worker nodes.&lt;/li&gt;
&lt;/ul&gt;


&lt;ul class=&quot;alternate&quot; type=&quot;square&quot;&gt;
	&lt;li&gt;Each bucket also has public read-only permissions.  Objects in a bucket can be accessed publicly by explicitly including them in a link such as &lt;a href=&quot;http://foliio-folijet.s3.amazonaws.com/README.md&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;http://foliio-folijet.s3.amazonaws.com/README.md&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;p&gt;There are one set of AWS credentials for all buckets.    It may be necessary to set up these credentials as K8s secrets for each dev team&apos;s folio namespace since it&apos;s not clear to me whether the data-export module actually programmatically requires credentials be configured in order to function.&lt;/p&gt;
</comment>
                                                            <comment id="199395" author="70121:be6f0bd2-e000-4943-9f66-4e6e78213e31" created="Thu, 13 Aug 2020 13:46:08 +0000"  >&lt;p&gt;&lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5f9abc1eb45b2e007453f423&quot; class=&quot;user-hover&quot; rel=&quot;5f9abc1eb45b2e007453f423&quot; data-account-id=&quot;5f9abc1eb45b2e007453f423&quot; accountid=&quot;5f9abc1eb45b2e007453f423&quot; rel=&quot;noreferrer&quot;&gt;John Malconian&lt;/a&gt; For data-export we use the AWS sdk, so it looks up the credential chain for the access. There are multiple ways this could be done,  so they could be configured either as Environment variables or Web Identity Token credentials . Here are the entire list of options: &lt;a href=&quot;https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html&lt;/a&gt;&lt;/p&gt;</comment>
                                                            <comment id="199396" author="5f9abc1eb45b2e007453f423" created="Fri, 14 Aug 2020 19:00:47 +0000"  >&lt;p&gt;Thanks,  &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=70121%3Abe6f0bd2-e000-4943-9f66-4e6e78213e31&quot; class=&quot;user-hover&quot; rel=&quot;70121:be6f0bd2-e000-4943-9f66-4e6e78213e31&quot; data-account-id=&quot;70121:be6f0bd2-e000-4943-9f66-4e6e78213e31&quot; accountid=&quot;70121:be6f0bd2-e000-4943-9f66-4e6e78213e31&quot; rel=&quot;noreferrer&quot;&gt;Kruthi Vuppala&lt;/a&gt;.   My interpretation of that is that credentials &lt;b&gt;must&lt;/b&gt; be provided whether they are needed or not.   In the new dev environment,  credentials are not needed to access write to the S3 bucket,  but I can provide credentials that can be set as environment variables to the data-export pod via a Kubernetes secret.  &lt;/p&gt;
</comment>
                                                            <comment id="196415" author="5f9abc1eb45b2e007453f423" created="Fri, 14 Aug 2020 19:01:31 +0000"  >&lt;p&gt;Updated documentation about S3 access here:  &lt;a href=&quot;https://github.com/folio-org/folio-org.github.io/blob/master/_faqs/how-to-get-started-with-rancher.md&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.com/folio-org/folio-org.github.io/blob/master/_faqs/how-to-get-started-with-rancher.md&lt;/a&gt;&lt;/p&gt;</comment>
                                                            <comment id="196416" author="5f9abc1eb45b2e007453f423" created="Fri, 14 Aug 2020 19:40:18 +0000"  >&lt;p&gt;Created &lt;a href=&quot;https://github.com/folio-org-priv/folio-infrastructure/pull/217&quot; class=&quot;external-link&quot; rel=&quot;nofollow noreferrer&quot;&gt;https://github.com/folio-org-priv/folio-infrastructure/pull/217&lt;/a&gt; to add AWS credentials for team S3 bucket as K8s secret via Terraform to each dev team project.  &lt;/p&gt;</comment>
                                                            <comment id="196417" author="70121:be6f0bd2-e000-4943-9f66-4e6e78213e31" created="Fri, 14 Aug 2020 21:10:45 +0000"  >&lt;p&gt;Thanks much &lt;a href=&quot;https://folio-org.atlassian.net/secure/ViewProfile.jspa?accountId=5f9abc1eb45b2e007453f423&quot; class=&quot;user-hover&quot; rel=&quot;5f9abc1eb45b2e007453f423&quot; data-account-id=&quot;5f9abc1eb45b2e007453f423&quot; accountid=&quot;5f9abc1eb45b2e007453f423&quot; rel=&quot;noreferrer&quot;&gt;John Malconian&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10001">
                    <name>Cloners</name>
                                                                <inwardlinks description="is cloned by">
                                        <issuelink>
            <issuekey id="81831">FOLIO-2721</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10003">
                    <name>Relates</name>
                                                                <inwardlinks description="relates to">
                                        <issuelink>
            <issuekey id="64730">MODOAIPMH-178</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="64717">MODOAIPMH-209</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10000" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummarycf">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10057" key="com.atlassian.jira.plugin.system.customfieldtypes:select">
                        <customfieldname>Development Team</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10155"><![CDATA[FOLIO DevOps]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10019" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>0|i01hdn:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_10020" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="11">DevOps: Sprint 95</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_10024" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>[CHART] Date of First Response</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Wed, 29 Jul 2020 13:26:34 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10025" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>[CHART] Time in Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>