WIP Adding a toggleable additional Gitea external mirror #2071

craddm · 2024-08-01T15:36:49Z

✅ Checklist

You have given your pull request a meaningful title (e.g. Enable foobar integration rather than 515 foobar).
You are targeting the appropriate branch. If you're not certain which one this is, it should be develop.
Your branch is up-to-date with the target branch (it probably was when you started, but it may have changed since then).

🚦 Depends on

⤴️ Summary

Adds an optionally deployable second Gitea instance intended for use as an external mirror that can then be accessed via the internal Gitea instance.

🌂 Related issues

Relates to milestone for release 5.1.0 an all Gitea issues e.g. #1998

🔬 Tests

Ongoing

data_safe_haven/config/sre_config.py

jemrobinson · 2024-08-01T15:40:17Z

data_safe_haven/infrastructure/programs/sre/gitea_external_server.py

+class SREGiteaExternalServerComponent(ComponentResource):
+    """Deploy Gitea server with Pulumi"""


There's a lot of overlap between this and the SREGiteaServerComponent. Can we combine both into a single reusable component?

Yes, that's what I'm actually doing, I just haven't pushed yet

jemrobinson · 2024-08-01T15:42:03Z

data_safe_haven/infrastructure/programs/sre/user_services.py

+        if props.gitea_servers == GiteaServers.BOTH:
+            gitea_servers = ["external", "internal"]
+        else:
+            gitea_servers = ["internal"]


Suggested change

if props.gitea_servers == GiteaServers.BOTH:

gitea_servers = ["external", "internal"]

else:

gitea_servers = ["internal"]

gitea_servers = ["external", "internal"] if (props.gitea_servers == GiteaServers.BOTH) else ["internal"]

not sure this is clearer though

I'm also switching to using a boolean True/False for deploying the external mirror anyway, as we'd (presumably) always want the internal one anyway

Sounds like I should stop commenting on your WIP PR 😆

Already some good points to nip some things in the bud 😆

jemrobinson · 2024-08-01T15:42:35Z

data_safe_haven/infrastructure/programs/sre/user_services.py

+                    ldap_server_hostname=props.ldap_server_hostname,
+                    ldap_server_port=props.ldap_server_port,
+                    ldap_username_attribute=props.ldap_username_attribute,
+                    ldap_user_filter=props.ldap_user_filter,
+                    ldap_user_search_base=props.ldap_user_search_base,


We ~~probably don't want~~ don't need the external server to plug in to our LDAP directory.

Some notes on Gitea configuration here

jemrobinson · 2024-08-01T15:53:15Z

One other thing to consider - you'll probably want the external mirror deployed into its own subnet so that we can set the networking rules accordingly (external one will be allowed internet access but no access from workspaces; internal one will have no internet access but access allowed from workspaces).

…irror

craddm added 15 commits August 1, 2024 11:31

add gitea_external_server

e4a00ae

add additional files for external gitea

ce965cf

Add gitea_external_mirror config flag

fa62af6

Create enum for GiteaServerAvailability

cb70be7

Create GiteaServerAvailability type

73259e4

Add gitea_external_mirror to config template

34b25cd

add gitea_server field to GiteaServerProps

b218499

change gitea_external_mirror field entry to list

15dcbf0

add gitea_servers field to SREUserServiceProps

7f5c04c

change gitea enum name and possible responses

2acba92

change GiteaServer type

39845fe

Change use of GiteaServers enum

700f6f2

Change GiteaServer Enum possible values

4042d1e

Iterate over gitea_servers to deploy multiple types

27f0c00

Modify config template

26b5f47

craddm added the enhancement New functionality that should be added to the Safe Haven label Aug 1, 2024

craddm added this to the Release 5.1.0 milestone Aug 1, 2024

craddm self-assigned this Aug 1, 2024

jemrobinson reviewed Aug 1, 2024

View reviewed changes

data_safe_haven/config/sre_config.py Outdated Show resolved Hide resolved

jemrobinson reviewed Aug 1, 2024

View reviewed changes

craddm added 2 commits August 1, 2024 15:42

Remove seperate gitea component for external mirror

ebcc502

Switch to boolean toggle for external mirror

a9643f1

craddm added 5 commits August 2, 2024 08:59

Remove GiteaServers enum

5fa097b

Change gitea flag to boolean

3adc136

Use new fieldname

3a20cc8

Switch to boolean toggle for external mirror

dfbaf54

Run lint:fmt

d9067f9

craddm and others added 9 commits August 2, 2024 12:12

Switch to boolean toggle and change logic for deploying multiple servers

4705e22

Merge branch 'alan-turing-institute:develop' into gitea_external_mirror

5ab174d

remove deprecated enum

b6f3a50

switch to external_git_mirror

d8e7ee5

rename gitea property

486261e

comment out external subnet while testing

da2b231

comment out external subnet while testing

cb242ac

use separate fileshares for external and internal gitea servers

d499684

don't setup ldap on external gitea server

599f771

jemrobinson changed the base branch from develop-v5.1.0 to develop September 2, 2024 05:47

craddm force-pushed the gitea_external_mirror branch from 50e9c1e to 599f771 Compare September 13, 2024 11:26

craddm and others added 17 commits September 13, 2024 11:30

Merge remote-tracking branch 'upstream/develop' into gitea_external_m…

a575e71

…irror

fix linting error

0d32339

Add ip range for external git mirror

426c6d6

add subnet and nsg for external git mirror

424b18b

add enum for git mirror nsg rule

c86beec

differentiate between internal and external gitea hosts

52badd4

add some test NSG rules

92669fc

differentiate between internal and external gitea servers

343b20c

create list of gitea servers

3b7e1f9

add type hint

e8d3488

swap gitea over

72e7cc1

Merge remote-tracking branch 'upstream/develop' into gitea_external_m…

638982b

…irror

Capture gitea hostnames correctly

cf31e76

Use dicts rather than lists for gitea server related variables

dfb6d7e

Fix setting hostnames for external and internal gitea

b53ac70

populate gitea_hostnames

36a8cd6

Merge branch 'alan-turing-institute:develop' into gitea_external_mirror

53c88a7

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

WIP Adding a toggleable additional Gitea external mirror #2071

WIP Adding a toggleable additional Gitea external mirror #2071

craddm commented Aug 1, 2024

jemrobinson Aug 1, 2024

craddm Aug 1, 2024

jemrobinson Aug 1, 2024

craddm Aug 1, 2024

jemrobinson Aug 1, 2024

craddm Aug 1, 2024

jemrobinson Aug 1, 2024 •

edited

Loading

JimMadge Aug 2, 2024

jemrobinson commented Aug 1, 2024

		class SREGiteaExternalServerComponent(ComponentResource):
		"""Deploy Gitea server with Pulumi"""

WIP Adding a toggleable additional Gitea external mirror #2071

Are you sure you want to change the base?

WIP Adding a toggleable additional Gitea external mirror #2071

Conversation

craddm commented Aug 1, 2024

✅ Checklist

🚦 Depends on

⤴️ Summary

🌂 Related issues

🔬 Tests

jemrobinson Aug 1, 2024

Choose a reason for hiding this comment

craddm Aug 1, 2024

Choose a reason for hiding this comment

jemrobinson Aug 1, 2024

Choose a reason for hiding this comment

craddm Aug 1, 2024

Choose a reason for hiding this comment

jemrobinson Aug 1, 2024

Choose a reason for hiding this comment

craddm Aug 1, 2024

Choose a reason for hiding this comment

jemrobinson Aug 1, 2024 • edited Loading

Choose a reason for hiding this comment

JimMadge Aug 2, 2024

Choose a reason for hiding this comment

jemrobinson commented Aug 1, 2024

jemrobinson Aug 1, 2024 •

edited

Loading