SECURESIGN-1476 | Add the Redis backfill job to Ansible collection #101
Conversation
JasonPowr
force-pushed
the
add-backfill-redis-job
branch
2 times, most recently
from
ca2ca28 to
e67ba38
Compare
roles/tas_single_node/templates/manifests/rekor/backfill_redis.sh.j2
Outdated
Show resolved
Hide resolved
|
Additionally, ideally you could add a workable test for this within |
Im not really sure there is a good way to test this if I am honest, ill take a look, but really we would only be testing to make sure that we can configure it with ansible and thats already done here |
roles/tas_single_node/templates/manifests/rekor/backfill_redis.sh.j2
Outdated
Show resolved
Hide resolved
roles/tas_single_node/templates/manifests/rekor/backfill_redis.sh.j2
Outdated
Show resolved
Hide resolved
roles/tas_single_node/templates/manifests/rekor/backfill_redis.sh.j2
Outdated
Show resolved
Hide resolved
roles/tas_single_node/templates/manifests/rekor/backfill_redis.sh.j2
Outdated
Show resolved
Hide resolved
JasonPowr
force-pushed
the
add-backfill-redis-job
branch
from
262b902 to
e77eed2
Compare
|
Marking as draft until an image with my changes becomes available |
JasonPowr
force-pushed
the
add-backfill-redis-job
branch
2 times, most recently
from
6a8c099 to
7f85533
Compare
JasonPowr
force-pushed
the
add-backfill-redis-job
branch
from
7f85533 to
47f2774
Compare
There was a problem hiding this comment.
Hi, thanks for putting all the additional work in. This looks really good, I just have one minor comment on the config variable we're introducing.
Also a question: Did you try to see if the timer execution works correctly? (e.g. by modifying the timer locally to execute every minute or something like that to actually see it execute repeatedly)
Thinking about this further, I think we should expose the timer configuration as a variable under tas_single_node_backfill_redis (see my first comment about modifying this variable). This will both allow users to run the job when they want to and allow us to easily test this feature.
| @@ -19,6 +19,7 @@ Deploy the [RHTAS](https://docs.redhat.com/en/documentation/red_hat_trusted_arti | |||
| |---|---|---|---| | |||
| | tas_single_node_podman_network | Name of the Podman network for containers to use. | str | `rhtas` | | |||
| | tas_single_node_rekor_redis | Details on the Redis connection for Rekor. You can set this to a custom Redis instance. | dict of 'tas_single_node_rekor_redis' options | `{'database_deploy': True, 'redis': {'host': 'rekor-redis-pod', 'port': 6379, 'password': 'password'}}` | | |||
| | tas_single_node_backfill_redis_enabled | Enable or disable the backfill redis job | bool | `True` | | |||
There was a problem hiding this comment.
Let's change this so that it's a dict with keys - right now we would only have
tas_single_node_backfill_redis:
enabled: true
But in the future, this structure allows us to provide more options for the backfill job and have them grouped together logically in one place.
I did yes, everything worked as expected :)
Makes sense :) sure thing |
Pr to add the backfill redis, setting as draft for now as it should only be merged after #100
Upstream pr: sigstore/rekor#2280