Bump wire-server to 5.25.0 and fix background-worker PostgreSQL config#867
Bump wire-server to 5.25.0 and fix background-worker PostgreSQL config#867
Conversation
Wire Server: 5.25.0 Changed charts: - account-pages: 0.9.0-pre.1 → 0.9.0-pre.49 - wire-server: 5.23.0 → 5.25.0 - redis-ephemeral: 5.23.0 → 5.25.0 - rabbitmq: 5.23.0 → 5.25.0 - rabbitmq-external: 5.23.0 → 5.25.0 - databases-ephemeral: 5.23.0 → 5.25.0 - fake-aws: 5.23.0 → 5.25.0 - fake-aws-s3: 5.23.0 → 5.25.0 - fake-aws-sqs: 5.23.0 → 5.25.0 - aws-ingress: 5.23.0 → 5.25.0 - fluent-bit: 5.23.0 → 5.25.0 - kibana: 5.23.0 → 5.25.0 - backoffice: 5.23.0 → 5.25.0 - calling-test: 5.23.0 → 5.25.0 - demo-smtp: 5.23.0 → 5.25.0 - elasticsearch-curator: 5.23.0 → 5.25.0 - elasticsearch-external: 5.23.0 → 5.25.0 - elasticsearch-ephemeral: 5.23.0 → 5.25.0 - minio-external: 5.23.0 → 5.25.0 - cassandra-external: 5.23.0 → 5.25.0 - ingress-nginx-controller: 5.23.0 → 5.25.0 - nginx-ingress-services: 5.23.0 → 5.25.0 - reaper: 5.23.0 → 5.25.0 - restund: 5.23.0 → 5.25.0 - k8ssandra-test-cluster: 5.23.0 → 5.25.0 - webapp: 0.8.0-pre.1876 → 0.8.0-pre.1963 - ldap-scim-bridge: 5.23.0 → 5.25.0 - k8ssandra-operator: 1.16.0 → 1.18.0 - step-certificates: 1.25.0 → 1.28.6 - wire-server-enterprise: 5.23.0 → 5.25.0 - postgresql-external: 0.0.44 → 0.0.45 Build: https://raw.githubusercontent.com/wireapp/wire-builds/5a74084feeb1138925dcb671b333da0c76f88f08/build.json
…ync for wire-server 5.25.0 - Add .background-worker.secrets.pgPassword to sync_pg_secrets() in bin/offline-helm.sh so the PostgreSQL password is synced to background-worker values alongside brig/galley/spar/gundeck - Add postgresql connection config (host, port, user, dbname) to background-worker section in prod-values.example.yaml - Add explicit postgresMigration.conversation=cassandra for both galley and background-worker in prod-values.example.yaml - The background-worker override is critical at Chart 5.25.0 where the Helm chart incorrectly defaults this value to "postgresql" instead of "cassandra", causing User Group to Channel sync jobs to silently skip member synchronization
|
Note on prod-values.example.yaml for 5.25.0: please keep the |
Veki301
left a comment
Veki301
left a comment
There was a problem hiding this comment.
there is alot of context here that are specific to what is on your machine or the remote you worked on (/Users/sukanta.ghosh, /home/demo/new), without any specific disclaimers of it being so, lots of hardcoding, I didn't want to leave a comment on every single one I saw so Im writing it here
Our usual customer facing language (and perspective) was from inside what we usually call wire-server-deploy directory
Have the documentation explicitly state to get a new bundle, untar it in a new directory (you can even explicitly say mkdir new and then work your way through all the steps as if you/user is in that directory
I am all in favour of automating what has to be done here, and this will probably not be an issue for the customer this has been written for, but some might refuse to run python scripts and I trust you can do all this manually if needed
| host: elasticsearch-external | ||
| rabbitmq: | ||
| host: rabbitmq # For k8s-based RabbitMQ (default). Use 'rabbitmq-external' for production external RabbitMQ VMs | ||
| host: rabbitmq-external # Use rabbitmq-external for production external RabbitMQ VMs |
There was a problem hiding this comment.
this is whats breaking the CI at the moment, Mohit has implemented rabbitmq-external deployment in our CI run in one of his PRs
Revert all rabbitmq-external changes so you guys don't step on each others toes and also the CI here will get a pass
There was a problem hiding this comment.
I wont change rather wait when CI is actually using rabbitmq-external as the PR is ready to deploy thats what i understand, let me know if i am wrong!
| # Wire Server Upgrade Changes (5.5.0 -> 5.25.0) | ||
|
|
||
| This document captures the concrete changes applied during the upgrade work so the setup can be reproduced reliably. | ||
|
|
There was a problem hiding this comment.
add the link to the bundle you used for the upgrade here
EDIT: considering my previous comments, we should build a new bundle with these in it, then reference that one here
There was a problem hiding this comment.
considering I am in agreement with your reasoning on the tools and do we ship them, use just the bundle you performed the upgrade with
Thanks for reviewing @Veki301, |
- Replace all hardcoded /home/demo/new paths with WIRE_BUNDLE_ROOT
- Update fallback defaults to /home/demo/wire-server-deploy-new
- Add global Prerequisites section in README.md
- Document kubeconfig.dec copy requirement from existing deployment
- Fix kubeconfig path to use ${WIRE_BUNDLE_ROOT}
- Add automatic script copying in cleanup-containerd-images-all.sh
- Remove duplication in CASSANDRA_MIGRATIONS.md
- Improve cross-references between documentation files
- Standardize all example paths to /home/demo/wire-server-deploy-new
Changed files:
- README.md: Added Prerequisites, fixed paths, improved structure
- CASSANDRA_MIGRATIONS.md: Removed duplication, fixed paths
- WIRE_UPGRADE_CHANGES.md: Distinguished new vs existing deployment paths
- wire_sync_lib.py: Updated BUNDLE_ROOT default
- cassandra_backup.py: Updated inventory default path
- cleanup-containerd-images-all.sh: Auto-copy script, updated paths
- upgrade-all-charts.sh: Updated BUNDLE_ROOT default
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
sghosh23
force-pushed
the
fix/bump-wire-server-5.25-pg-secrets
branch
from
b81a1a6 to
12c12d4
Compare
|
3 participants
Summary
aa181b84)background-workerPostgreSQL configuration and secret syncChanges
1.
offline/tasks/proc_pull_charts.shCherry-picked from #843 — updates wire-builds reference to 5.25.0 (
5a74084).2.
bin/offline-helm.shAdds
.background-worker.secrets.pgPasswordtosync_pg_secrets(). The function previously synced PostgreSQL passwords only to brig, galley, spar, and gundeck — butbackground-workerhas requiredpgPasswordsince Chart 5.24.0.3.
values/wire-server/prod-values.example.yamlpostgresqlconnection config (host, port, user, dbname) and explicitpostgresMigration.conversation: cassandrapostgresMigration.conversation: cassandraAt Chart 5.25.0, the
background-workerHelm chart incorrectly defaultspostgresMigration.conversationtopostgresqlinstead ofcassandra(fixed in 5.26.0). Without the explicit override added in this PR:Nothingand silently skip member synchronizationThis PR adds the explicit
cassandraoverride as a workaround.Related