SFI Compliance #259
Merged
SFI Compliance #259
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Introduced a new Helm chart for managing Azure Blob-backed PersistentVolumes and PersistentVolumeClaims. - Updated blade_configuration.bicep to include storage account name parameter. - Modified main.bicep to remove unnecessary shares and include airflow logs and dags. - Created values.yaml to define necessary parameters for the chart. - Added pv.yaml and pvc.yaml templates for PersistentVolume and PersistentVolumeClaim resources. - Removed outdated storage.yaml file.
…lease configuration
…r Airflow compatibility
github-actions
bot
added
documentation
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR aims to improve Azure resource configurations, Kubernetes storage management, and deployment script flexibility. Key changes include updates to Bicep templates for Cosmos DB and storage accounts, the addition of a new Helm chart for managing Azure Blob-backed persistent volumes and claims, and refinements to the storage share job in deployment scripts.
Reviewed Changes
Copilot reviewed 19 out of 27 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| software/applications/osdu-reference/unit.yaml | Updated PVC name for unit service |
| software/applications/osdu-reference/crs-conversion.yaml | Updated PVC name for CRS conversion service |
| software/applications/osdu-reference/crs-catalog.yaml | Updated PVC name for CRS catalog service |
| charts/storage-volumes/README.md | Added instructions for installing storage volumes Helm chart |
| charts/osdu-developer-base/values.yaml & templates/storage-share-job.yaml | Adjustments to share job for better PVC referencing |
Files not reviewed (8)
- bicep/main.bicep: Language not supported
- bicep/main.parameters.json: Language not supported
- bicep/modules/blade_cluster.bicep: Language not supported
- bicep/modules/blade_configuration.bicep: Language not supported
- bicep/modules/blade_partition.bicep: Language not supported
- bicep/modules/cosmos-db/main.bicep: Language not supported
- bicep/modules/cosmosdb-sql-role-assignment.bicep: Language not supported
- scripts/pre-provision.ps1: Language not supported
Comments suppressed due to low confidence (3)
software/applications/osdu-reference/unit.yaml:67
- The PVC name 'share-unit' in this file might be inconsistent with the referenced PVC name in base.yaml ('share-unit-pvc'). Consider standardizing the naming convention to include the '-pvc' suffix if that is the intended pattern.
- name: share-unit
software/applications/osdu-reference/crs-catalog.yaml:67
- The PVC name 'share-crs' appears to be inconsistent with the deployment reference 'share-crs-pvc' in base.yaml. Consider aligning the names to avoid potential mismatches.
- name: share-crs
software/applications/osdu-reference/crs-conversion.yaml:67
- The PVC name 'share-crs-conversion' does not include the '-pvc' suffix as seen in base.yaml ('share-crs-conversion-pvc'). Standardizing this naming could prevent confusion during PVC lookups.
- name: share-crs-conversion
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request introduces several changes to improve Azure resource configurations, enhance Kubernetes storage management, and refine deployment scripts. Key updates include modifications to Bicep templates for Azure resource management, enhancements to Helm charts for Kubernetes storage volumes, and adjustments to deployment scripts for better flexibility. Below is a categorized summary of the most important changes:
Azure Resource Configuration Updates:
bicep/modules/cosmos-db/main.bicepto2024-11-15for compatibility with newer features.cosmosdb-sql-role-assignment.bicepto handle SQL role assignments for Cosmos DB accounts, enabling fine-grained access control.bicep/main.bicepto disable hierarchical namespaces (required for Airflow) and disallow shared key access for improved security.Kubernetes Storage Enhancements:
storage-volumesfor creating Azure Blob-backed PersistentVolumes (PV) and PersistentVolumeClaims (PVC) in Kubernetes, with extensive configuration options. [1] [2] [3] [4] [5]charts/osdu-developer-base/templates/storage-share-job.yamlto streamline PVC usage and improve file copying logic, including support for dynamic directory creation and file installation. [1] [2]Deployment Script Improvements:
ServiceManagementReferencetoscripts/pre-provision.ps1for additional flexibility in specifying service management references during pre-provisioning.These changes collectively enhance the security, maintainability, and flexibility of the infrastructure and deployment processes.