From 5fe05cedf9b1efe84a412eb60d37047052fc6da5 Mon Sep 17 00:00:00 2001 From: Anish Lakhwara Date: Wed, 5 Feb 2025 10:45:35 -0800 Subject: [PATCH 1/2] fix: we use sslmode not pgsslmode in the deploy repos --- docs/admin/deploy/docker-single-container/index.mdx | 2 +- docs/admin/deploy/kubernetes/index.mdx | 8 ++++---- docs/admin/external_services/postgres.mdx | 10 +++++----- docs/admin/updates/migrator/migrator-operations.mdx | 4 ++-- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/docs/admin/deploy/docker-single-container/index.mdx b/docs/admin/deploy/docker-single-container/index.mdx index ab0090331..e48e72385 100644 --- a/docs/admin/deploy/docker-single-container/index.mdx +++ b/docs/admin/deploy/docker-single-container/index.mdx @@ -220,7 +220,7 @@ $ docker run \ -e PGUSER='sg' \ -e PGPASSWORD='sg' \ -e PGDATABASE='sourcegraph' \ - -e PGSSLMODE='disable' \ + -e SSLMODE='disable' \ -e CODEINTEL_PGHOST='pgsql' \ -e CODEINTEL_PGPORT='5432' \ -e CODEINTEL_PGUSER='sg' \ diff --git a/docs/admin/deploy/kubernetes/index.mdx b/docs/admin/deploy/kubernetes/index.mdx index 0f70d4468..0ad9e1254 100644 --- a/docs/admin/deploy/kubernetes/index.mdx +++ b/docs/admin/deploy/kubernetes/index.mdx @@ -103,7 +103,7 @@ data: password: "" port: "" user: "" - pgsslmode: "require" # optional, enable if using SSL + sslmode: "require" # optional, enable if using SSL --- apiVersion: v1 kind: Secret @@ -116,7 +116,7 @@ data: password: "" port: "" user: "" - pgsslmode: "require" # optional, enable if using SSL + sslmode: "require" # optional, enable if using SSL --- apiVersion: v1 kind: Secret @@ -129,7 +129,7 @@ data: password: "" port: "" user: "" - pgsslmode: "require" # optional, enable if using SSL + sslmode: "require" # optional, enable if using SSL ``` The above Secrets should be deployed to the same namespace as the existing Sourcegraph deployment. @@ -166,7 +166,7 @@ pgsql: user: "new-user" password: "new-password" port: "5432" - pgsslmode: "require" # optional, enable if using SSL + sslmode: "require" # optional, enable if using SSL ``` #### Using external Redis instances diff --git a/docs/admin/external_services/postgres.mdx b/docs/admin/external_services/postgres.mdx index e943a1e54..aa6292df6 100644 --- a/docs/admin/external_services/postgres.mdx +++ b/docs/admin/external_services/postgres.mdx @@ -26,7 +26,7 @@ The addition of `PG*` environment variables to your Sourcegraph deployment files - `PGUSER` - `PGPASSWORD` - `PGDATABASE` -- `PGSSLMODE` +- `SSLMODE` To externalize the _code navigation database_, use the following prefixed `CODEINTEL_PG*` variables: @@ -49,7 +49,7 @@ docker run [...] -e PGUSER=sourcegraph -e PGPASSWORD=secret -e PGDATABASE=sourcegraph --e PGSSLMODE=require +-e SSLMODE=require -e CODEINTEL_PGHOST=psql2.mycompany.org -e CODEINTEL_PGUSER=sourcegraph -e CODEINTEL_PGPASSWORD=secret @@ -69,7 +69,7 @@ sourcegraph-frontend-0: - 'PGUSER=sourcegraph' - 'PGPASSWORD=secret' - 'PGDATABASE=sourcegraph' - - 'PGSSLMODE=require' + - 'SSLMODE=require' - 'CODEINTEL_PGHOST=psql2.mycompany.org' - 'CODEINTEL_PGUSER=sourcegraph' - 'CODEINTEL_PGPASSWORD=secret' @@ -125,7 +125,7 @@ In order to enable IAM Auth, you first need to: For [every services that require postgres database connection](https://github.com/sourcegraph/sourcegraph-public-snapshot/blob/main/lib/servicecatalog/service-catalog.yaml), ensure below environment variables are configured: - `PG_CONNECTION_UPDATER=EC2_ROLE_CREDENTIALS` -- `PGSSLMODE=require` +- `SSLMODE=require` - `PGHOST=<>` - `PGPORT=<>` - `PGUSER=<>` - this should be the database accounts created above @@ -208,7 +208,7 @@ spec: value: sourcegraph-pgbouncer - name: PGPORT value: "5432" - - name: PGSSLMODE + - name: SSLMODE value: disable - name: PGUSER value: sg diff --git a/docs/admin/updates/migrator/migrator-operations.mdx b/docs/admin/updates/migrator/migrator-operations.mdx index 015246f89..4f608899a 100644 --- a/docs/admin/updates/migrator/migrator-operations.mdx +++ b/docs/admin/updates/migrator/migrator-operations.mdx @@ -47,7 +47,7 @@ PGPORT: "5432" PGUSER: "sg" PGPASSWORD: "sg" PGDATABASE: "sg" -PGSSLMODE: "disable" +SSLMODE: "disable" CODEINTEL_PGHOST: "codeintel-db" CODEINTEL_PGPORT: "5432" CODEINTEL_PGUSER: "sg" @@ -387,7 +387,7 @@ docker run \ -e PGUSER='sg' \ -e PGPASSWORD='sg' \ -e PGDATABASE='sg' \ - -e PGSSLMODE='disable' \ + -e SSLMODE='disable' \ -e CODEINTEL_PGHOST='codeintel-db' \ -e CODEINTEL_PGPORT='5432' \ -e CODEINTEL_PGUSER='sg' \ From f57aa3b318cf97ee05f88a5a15f475919e769dfe Mon Sep 17 00:00:00 2001 From: Anish Lakhwara Date: Thu, 20 Feb 2025 10:44:02 -0800 Subject: [PATCH 2/2] fix: address Marc's comments --- docs/admin/deploy/docker-single-container/index.mdx | 2 +- docs/admin/external_services/postgres.mdx | 10 +++++----- docs/admin/updates/migrator/migrator-operations.mdx | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/docs/admin/deploy/docker-single-container/index.mdx b/docs/admin/deploy/docker-single-container/index.mdx index e48e72385..ab0090331 100644 --- a/docs/admin/deploy/docker-single-container/index.mdx +++ b/docs/admin/deploy/docker-single-container/index.mdx @@ -220,7 +220,7 @@ $ docker run \ -e PGUSER='sg' \ -e PGPASSWORD='sg' \ -e PGDATABASE='sourcegraph' \ - -e SSLMODE='disable' \ + -e PGSSLMODE='disable' \ -e CODEINTEL_PGHOST='pgsql' \ -e CODEINTEL_PGPORT='5432' \ -e CODEINTEL_PGUSER='sg' \ diff --git a/docs/admin/external_services/postgres.mdx b/docs/admin/external_services/postgres.mdx index aa6292df6..e943a1e54 100644 --- a/docs/admin/external_services/postgres.mdx +++ b/docs/admin/external_services/postgres.mdx @@ -26,7 +26,7 @@ The addition of `PG*` environment variables to your Sourcegraph deployment files - `PGUSER` - `PGPASSWORD` - `PGDATABASE` -- `SSLMODE` +- `PGSSLMODE` To externalize the _code navigation database_, use the following prefixed `CODEINTEL_PG*` variables: @@ -49,7 +49,7 @@ docker run [...] -e PGUSER=sourcegraph -e PGPASSWORD=secret -e PGDATABASE=sourcegraph --e SSLMODE=require +-e PGSSLMODE=require -e CODEINTEL_PGHOST=psql2.mycompany.org -e CODEINTEL_PGUSER=sourcegraph -e CODEINTEL_PGPASSWORD=secret @@ -69,7 +69,7 @@ sourcegraph-frontend-0: - 'PGUSER=sourcegraph' - 'PGPASSWORD=secret' - 'PGDATABASE=sourcegraph' - - 'SSLMODE=require' + - 'PGSSLMODE=require' - 'CODEINTEL_PGHOST=psql2.mycompany.org' - 'CODEINTEL_PGUSER=sourcegraph' - 'CODEINTEL_PGPASSWORD=secret' @@ -125,7 +125,7 @@ In order to enable IAM Auth, you first need to: For [every services that require postgres database connection](https://github.com/sourcegraph/sourcegraph-public-snapshot/blob/main/lib/servicecatalog/service-catalog.yaml), ensure below environment variables are configured: - `PG_CONNECTION_UPDATER=EC2_ROLE_CREDENTIALS` -- `SSLMODE=require` +- `PGSSLMODE=require` - `PGHOST=<>` - `PGPORT=<>` - `PGUSER=<>` - this should be the database accounts created above @@ -208,7 +208,7 @@ spec: value: sourcegraph-pgbouncer - name: PGPORT value: "5432" - - name: SSLMODE + - name: PGSSLMODE value: disable - name: PGUSER value: sg diff --git a/docs/admin/updates/migrator/migrator-operations.mdx b/docs/admin/updates/migrator/migrator-operations.mdx index 4f608899a..015246f89 100644 --- a/docs/admin/updates/migrator/migrator-operations.mdx +++ b/docs/admin/updates/migrator/migrator-operations.mdx @@ -47,7 +47,7 @@ PGPORT: "5432" PGUSER: "sg" PGPASSWORD: "sg" PGDATABASE: "sg" -SSLMODE: "disable" +PGSSLMODE: "disable" CODEINTEL_PGHOST: "codeintel-db" CODEINTEL_PGPORT: "5432" CODEINTEL_PGUSER: "sg" @@ -387,7 +387,7 @@ docker run \ -e PGUSER='sg' \ -e PGPASSWORD='sg' \ -e PGDATABASE='sg' \ - -e SSLMODE='disable' \ + -e PGSSLMODE='disable' \ -e CODEINTEL_PGHOST='codeintel-db' \ -e CODEINTEL_PGPORT='5432' \ -e CODEINTEL_PGUSER='sg' \