Merge pull request #309 from wireapp/release_2020-07-07

Release_2020_07_07

.github/ISSUE_TEMPLATE/bug-repport.md

@@ -14,9 +14,11 @@ assignees: ''
 * Cloud-Provider: <!-- e.g. AWS, GCP, none, etc. -->
 * Installation type: <!-- demo / production -->
 * Kubernetes version: <!-- run 'kubectl version' -->
+* Helm version: <!-- run 'helm version' -->
 * Installed with Kubespray: <!-- no / yes (version?) --> 
-* Helm chart version: <!-- Chart(s) & Version -->
-* Other related technology + version: <!-- Ansible, Helm, Terraform -->
+* (Helm) Charts version: <!-- run 'helm show chart wire/wire-server | grep -m 1 version' -->
+* List of installed top-level charts: <!-- e.g. database-ephemeral, demo-smtp --> 
+* Other related technologies + version: <!-- Ansible, Helm, Terraform -->
 
 
 ### What is the expected result?

.github/ISSUE_TEMPLATE/question.md

@@ -14,9 +14,11 @@ assignees: ''
 * Cloud-Provider: <!-- e.g. AWS, GCP, none, etc. -->
 * Installation type: <!-- demo / production -->
 * Kubernetes version: <!-- run 'kubectl version' -->
+* Helm version: <!-- run 'helm version' -->
 * Installed with Kubespray: <!-- no / yes (version?) --> 
-* Helm chart version: <!-- Chart(s) & Version -->
-* Other related technology + version: <!-- Ansible, Helm, Terraform -->
+* (Helm) Charts version: <!-- run 'helm show chart wire/wire-server | grep -m 1 version' -->
+* List of installed top-level charts: <!-- e.g. database-ephemeral, demo-smtp --> 
+* Other related technologies + version: <!-- Ansible, Helm, Terraform -->
 
 
 ### How did you install Wire?

CHANGELOG.md

@@ -1,3 +1,25 @@
+# 2020-07-07
+
+## Notes
+
+This release contains a staging version of the webapp. So, you might want to be a bit more cautious or
+even skip this one entirely.
+
+## Features
+
+None
+
+## Bug Fixes
+
+* [charts] Update frontend apps version: webapp (#308)
+* removed unused replicaCount settings (#304)
+
+## Internal Changes
+
+* team-settings: Set default of `FEATURE_ENABLE_PAYMENT` to false (#294)
+* [terraform modules] Add a module to create some DNS records (#298)
+
+
 # 2020-06-26
 
 ## Features
@@ -12,7 +34,7 @@
 
 ## Internal Changes
 
-* cleanup scripts used in automation (#300)
+* cleanup scripts used in automation (#295)
 * ongoing work in several Terraform modules: ingress, CORS, cargohold
 
 For more information, please refer to the [diff](https://github.com/wireapp/wire-server-deploy/compare/v2020-06-19...v2020-06-26) 

charts/team-settings/templates/deployment.yaml

@@ -40,6 +40,10 @@ spec:
             value: https://{{ .Values.config.externalUrls.backendRest }}
           - name: BACKEND_WS
             value: wss://{{ .Values.config.externalUrls.backendWebsocket }}
+            # NOTE defaults to 'true', but since we assume on-prem here, we default to 'false'
+            # SRC https://github.com/wireapp/wire-web-config-default/blob/master/wire-team-settings/.env.defaults#L48
+          - name: FEATURE_ENABLE_PAYMENT
+            value: {{ .Values.config.enablePayment | default false | quote }}
       {{- range $key, $val := .Values.envVars }}
           - name: {{ $key }}
             value: {{ $val | quote }}

charts/webapp/values.yaml

@@ -9,7 +9,7 @@ resources:
     cpu: "1"
 image:
   repository: quay.io/wire/webapp
-  tag: 53287-0.1.0-a268bc-v0.24.78-production
+  tag: "53834-0.1.0-4dbb18-v0.24.86-staging"
 service:
   https:
     externalPort: 443

terraform/modules/aws-dns-records/README.md

@@ -0,0 +1,38 @@
+Terraform module: DNS records
+=============================
+
+State: __experimental__
+
+This module creates a set of DNS entries on AWS. As of now it's capable of managing the following type of records:
+
+* A (`ips`)
+* CNAME (`cnames`)
+
+AWS resources: route53
+
+
+#### How to use the module
+
+```hcl
+module "dns_records" {
+  source = "github.com/wireapp/wire-server-deploy.git//terraform/modules/aws-dns-records?ref=develop"
+  
+  environment = "staging"
+
+  zone_fqdn = "example.com"
+  ips = [ "9.9.9.10", "23.42.23.42" ]
+}
+```
+
+If not further specified, it creates entries for the following FQDNs:
+
+* `nginz-https.staging.example.com`
+* `nginz-ssl.staging.example.com`
+* `webapp.staging.example.com`
+* `assets.staging.example.com`
+* `account.staging.example.com`
+* `teams.staging.example.com`
+
+These sub-domains represent the primary set of FQDNs used in a
+[`wire-server` installation](https://docs.wire.com/how-to/install/helm-prod.html#how-to-set-up-dns-records),
+to expose all frontend applications as well as necessary HTTP & websocket endpoints.

terraform/modules/aws-dns-records/data.tf

@@ -0,0 +1,3 @@
+data "aws_route53_zone" "rz" {
+  name = "${var.zone_fqdn}."
+}

terraform/modules/aws-dns-records/locals.tf

@@ -0,0 +1,6 @@
+locals {
+  name_suffix = concat(
+    var.inject_addition_subtree ? [(var.domain != null ? var.domain : var.environment)] : [],
+    [var.zone_fqdn]
+  )
+}

terraform/modules/aws-dns-records/main.tf

@@ -0,0 +1,3 @@
+terraform {
+  required_version = "~> 0.12"
+}

terraform/modules/aws-dns-records/resources.route53.tf

@@ -0,0 +1,20 @@
+resource "aws_route53_record" "a" {
+  for_each = toset(length(var.ips) > 0 ? var.subdomains : [])
+
+  zone_id = data.aws_route53_zone.rz.zone_id
+  name    = join(".", concat([each.value], local.name_suffix))
+  type    = "A"
+  ttl     = var.ttl
+  records = var.ips
+}
+
+
+resource "aws_route53_record" "cname" {
+  for_each = toset(length(var.cnames) > 0 ? var.subdomains : [])
+
+  zone_id = data.aws_route53_zone.rz.zone_id
+  name    = join(".", concat([each.value], local.name_suffix))
+  type    = "CNAME"
+  ttl     = var.ttl
+  records = var.cnames
+}

terraform/modules/aws-dns-records/variables.tf

@@ -0,0 +1,53 @@
+variable "environment" {
+  type        = string
+  description = "name of the environment as a scope for the created resources (default: 'dev'; example: 'prod', 'staging')"
+  default     = "dev"
+}
+
+variable "zone_fqdn" {
+  type        = string
+  description = "FQDN of the DNS zone root (required; example: example.com; will append: '.')"
+}
+
+variable "domain" {
+  type        = string
+  description = "name of the sub-tree all given subdomains are append to (defaults to $environment; example: $subdomains[0].$domain.$zone_fqdn)"
+  default     = null
+}
+
+variable "subdomains" {
+  type        = list(string)
+  description = "list of sub-domains that will be registered under the given root domain"
+  default = [
+    "nginz-https",
+    "nginz-ssl",
+    "webapp",
+    "assets",
+    "account",
+    "teams"
+  ]
+}
+
+variable "inject_addition_subtree" {
+  type        = bool
+  description = "flag to indicate whether an additional level of depth based on environment name is injected into the DNS tree (e.g. webapp.dev.example.com vs. webapp.example.com"
+  default     = true
+}
+
+variable "ips" {
+  type        = list(string)
+  description = "a list of IPs used to create A records for the given list of subdomains"
+  default     = []
+}
+
+variable "cnames" {
+  type        = list(string)
+  description = "a list of FQDNs used to create CNAME records for the given list of subdomains"
+  default     = []
+}
+
+variable "ttl" {
+  type        = number
+  description = "time to live for the DNS entries (defaults to 1 minute)"
+  default     = 60
+}

values/wire-server/demo-values.example.yaml

@@ -168,7 +168,7 @@ team-settings:
       backendRest: nginz-https.example.com
       backendWebsocket: nginz-ssl.example.com
       backendDomain: example.com
-      appHost: webapp.example.com
+      appHost: teams.example.com
 
 account-pages:
   replicaCount: 1
@@ -178,4 +178,4 @@ account-pages:
     externalUrls:
       backendRest: nginz-https.example.com
       backendDomain: example.com
-      appHost: webapp.example.com
+      appHost: account.example.com

values/wire-server/prod-values.example.yaml

@@ -22,7 +22,6 @@ brig:
   config:
     cassandra:
       host: cassandra-external
-      replicaCount: 3
     elasticsearch:
       host: elasticsearch-external
     useSES: false
@@ -128,7 +127,6 @@ galley:
   config:
     cassandra:
       host: cassandra-external
-      replicaCount: 3
     settings:
       # prefix URI used when inviting users to a conversation by link
       conversationCodeURI: https://webapp.example.com/join/ # change this
@@ -148,7 +146,6 @@ gundeck:
   config:
     cassandra:
       host: cassandra-external
-      replicaCount: 3
     aws:
       # change if using real AWS
       account: "123456789012"
@@ -187,7 +184,6 @@ spar:
   config:
     cassandra:
       host: cassandra-external
-      replicaCount: 3
     logLevel: Debug
     domain: example.com
     appUri: https://nginz-https.example.com
@@ -257,7 +253,7 @@ team-settings:
       backendRest: nginz-https.example.com
       backendWebsocket: nginz-ssl.example.com
       backendDomain: example.com
-      appHost: webapp.example.com
+      appHost: teams.example.com
   envVars:
     APP_NAME: "Team Settings"
     ENFORCE_HTTPS: "false"
@@ -289,7 +285,7 @@ account-pages:
     externalUrls:
       backendRest: nginz-https.example.com
       backendDomain: example.com
-      appHost: webapp.example.com
+      appHost: account.example.com
   envVars:
     APP_NAME: "Wire Account Management"
     COMPANY_NAME: "YourCompany"