Merge pull request #2537 from wireapp/release_2022-07-05_09_26

Release 2022-07-05 - (expected chart version 4.18.0)

.gitignore

@@ -59,6 +59,7 @@ spar.integration-aws.yaml
 integration-aws.yaml
 DOCKER_ID*
 swagger-ui
+!charts/nginz/static/swagger-ui
 deploy/services-demo/resources/templates/*
 deploy/services-demo/conf/nginz/zwagger-ui/*
 

CHANGELOG.md

@@ -1,3 +1,175 @@
+# [2022-07-05] (Chart Release 4.18.0)
+
+## Release notes
+
+
+* For users of the (currently alpha) coturn Helm chart:
+ **manual intervention may be required** when upgrading to
+ this version of the chart from a prior version, due to [a bug in
+ Kubernetes](https://github.com/kubernetes/kubernetes/issues/39188) which
+ may interfere with applying changes to pod and service port configuration
+ correctly.
+
+ If, after updating this chart, the coturn pods do not have both a `coturn-udp`
+ port and a `coturn-tcp` port, then the coturn `StatefulSet` must be manually
+ deleted from the cluster, and then recreated by re-running Helm. Similarly, if
+ the coturn `Service` does not have both a `coturn-udp` port and a `coturn-tcp`
+ port, this `Service` must also be deleted and recreated. (#2500)
+
+* The `nginz{-tcp,-http}` services have been unified into a `nginz` service, and
+ moved into the nginz chart.
+
+ The nginz-ingress-services chart simply targets the `nginz` service, so there's
+ no need to set matching `service.nginz.external{Http,Tcp}Port` inside the
+ `nginx-ingress-services` chart anymore.
+
+ The `config.http.httpPort` and `config.ws.wsPort` values in the `nginz` chart
+ still configure the ports the `nginz` service is listening on.
+
+ Metrics were moved from `config.http.httpPort` to a new `http-metrics` port.
+
+ The `nginz` chart also gained support for `metrics.serviceMonitor.enabled`,
+ creating a `ServiceMonitor` resource to scrape metrics, like for other wire
+ services.
+
+ (#2476)
+
+* Upgrade webapp version to 2022-06-30-production.0-v0.30.5-0-3e2aaf6 (#2302)
+
+* In the helm charts, the `wireService` label has been removed.
+
+ In some cases, we were already setting the `app` label too.
+
+ Now we consistently use the `app` label to label different wire services.
+
+ The `wireService` label was also used in the `spec.selector.matchLabels` field
+ on existing `Deployment` / `StatefulSet` resources.
+ As these fields being immutable, changing them isn't possible without recreation.
+
+ If you encounter an issue like
+
+ > field is immutable && cannot patch "*" with kind *
+
+ you need to manually delete these StatefulSet and Deployment resources, and apply helm again, which will recreate them.
+
+ This means downtime, so plan a maintenance window for it.
+
+ The `wire-server-metrics` chart was previously running some custom
+ configuration to automatically add all payloads with a `wireService` label into
+ metrics scraping.
+
+ With the removal of the `wireService` label, this custom configuration has been
+ removed.
+
+ Instead, all services that expose metrics will now create `ServiceMonitor`
+ resources, if their helm chart is applied with `metrics.serviceMonitor.enable`
+ set to true.
+
+ This prevents scraping agents from querying services that don't expose metrics
+ at /i/metrics unnecessarily.
+
+ Additionally, makes it easier to run other metric scraping operators, like
+ `grafana-agent-operator`, without the need to also create some custom
+ `wireService` label config there.
+
+ Generally, if you have any monitoring solution installed in your cluster that
+ uses the Prometheus CRDs, set `metrics.serviceMonitor.enable` for the following charts:
+
+ - brig
+ - cannon
+ - cargohold
+ - galley
+ - gundeck
+ - proxy
+ - spar (#2413)
+
+
+## API changes
+
+
+* The request body of `POST /conversations` endpoint can now contain an optional `creator_client` field. The `creator_client` field is only relevant for MLS conversations, in which case it must be set to the ID of the client making the request. (#2486)
+
+* Retire deprecated feature config API endpoints for API version V2 (#2492)
+
+
+## Features
+
+
+* Prevent race conditions in concurrent MLS commit requests. (#2525)
+
+* charts/wire-server: Optionally include backoffice (#2490)
+
+* The coturn chart has new functionality to enable graceful pod termination, by
+ waiting for all active allocations on a coturn instance to drain first. When
+ combined with a suitable external service discovery mechanism which can steer
+ client traffic away from terminating coturn pods, this can be used to implement
+ graceful rolling restarts of clusters of coturn instances. (#2456)
+
+* `./deploy/services-demo/create_team_members.sh` creates users with given roles now (#2137)
+
+* MLS implementation progress:
+ - Remote users can be added to MLS conversations
+ - MLS messages (both handshake and application) are now propagates to remote
+ conversation participants. (#2415)
+
+* charts/nginz: Serve swagger-ui for viewing swagger-1.2 docs (#2466)
+
+* `GET teams/:tid` response now contains an optional field `splash_screen` which contains the asset key of the team's splash screen. `PUT teams/:tid` now supports updating the splash screen asset key. (#2474)
+
+* Missing feature config mapping added (#2494)
+
+* Add MLS team feature configuration (#2499)
+
+* Team feature API now includes endpoints to get and set the `searchVisibilityInbound` feature (#2503)
+
+
+## Bug fixes and other updates
+
+
+* charts/backoffice: Fix version of frontend and auto-bump version of stern on every release (#2490)
+
+* The service definitions in the coturn Helm chart were missing the control plane
+ UDP port used by coturn. (#2500)
+
+* In nginx-ingress-services chart, when enabling useCertManager, now correctly creates the required issuer by default. (#2532)
+
+* Fix handling of creator client in MLS conversations (#2486)
+
+* Fix all clients having the same MLS public key (#2501)
+
+* A user now cannot delete an identity provider that they are authenticated with any more (#2519)
+
+
+## Internal changes
+
+
+* brig-types: remove all re-exports (#2505)
+
+* Fixed flakiness of email update test, related to the test user account being suspended, causing subsequent runs of the test to fail. (#2497)
+
+* galley-types: remove all re-exports (#2504)
+
+* Enforce some IdP invariants (#2533)
+
+* Switch to new MLS test CLI (https://github.com/wireapp/mls-test-cli) (#2508)
+
+* Forward /i/users/:uid/features/:feature to brig (#2468)
+
+* charts/nginz: Forward `/i/legalhold/whitelisted-teams` to galley instead of brig (#2460)
+
+* make the ldap-scim-bridge chart deployable once per team, and improve docs. (#1843)
+
+* Refactored and simplified the feature config API (#2435)
+
+* Removed deprecated internal feature config API endpoints (#2496)
+
+* Deactivated gundeck's integration tests for local steps (`make ci`). (#2510)
+
+* retry gundeck's Redis connection in case of network errors such as IP changes or network outages (#2512)
+
+* Add AWS security token metrics to all services (#2473)
+
+
 # [2022-06-14] (Chart Release 4.14.0)
 
 ## Release notes

Makefile

@@ -360,8 +360,8 @@ kube-integration-teardown-sans-federation:
 
 .PHONY: kube-restart-%
 kube-restart-%:
- kubectl delete pod -n $(NAMESPACE) -l wireService=$(*)
- kubectl delete pod -n $(NAMESPACE)-fed2 -l wireService=$(*)
+ kubectl delete pod -n $(NAMESPACE) -l app=$(*)
+ kubectl delete pod -n $(NAMESPACE)-fed2 -l app=$(*)
 
 .PHONY: latest-tag
 latest-tag:
@@ -522,8 +522,8 @@ kind-restart-nginx-ingress: .local/kind-kubeconfig
 
 kind-restart-%: .local/kind-kubeconfig
  export KUBECONFIG=$(CURDIR)/.local/kind-kubeconfig && \
- kubectl delete pod -n $(NAMESPACE) -l wireService=$(*) && \
- kubectl delete pod -n $(NAMESPACE)-fed2 -l wireService=$(*)
+ kubectl delete pod -n $(NAMESPACE) -l app=$(*) && \
+ kubectl delete pod -n $(NAMESPACE)-fed2 -l app=$(*)
 
 # This target can be used to template a helm chart with values filled in from
 # hack/helm_vars (what CI uses) as overrrides, if available. This allows debugging helm

build/ubuntu/Dockerfile.deps

@@ -10,20 +10,29 @@ RUN export DEBIAN_FRONTEND=noninteractive && \
  export SODIUM_USE_PKG_CONFIG=1 && \
  cargo build --release
 
-# compile core-crypto cli tool
+# FUTUREWORK: remove core-crypto once #2508 is merged
+# compile legacy core-crypto cli tool
 RUN cd /tmp && \
  apt-get install -y libssl-dev && \
  git clone -b cli https://github.com/wireapp/core-crypto && \
  cd core-crypto/cli && \
  cargo build --release
 
+# compile mls-test-cli tool
+RUN cd /tmp && \
+ git clone https://github.com/wireapp/mls-test-cli && \
+ cd mls-test-cli && \
+ cargo build --release
+
 # Minimal dependencies for ubuntu-compiled, dynamically linked wire-server Haskell services
 FROM ubuntu:20.04
 
 COPY --from=cryptobox-builder /tmp/cryptobox-c/target/release/libcryptobox.so /usr/lib
 
-# FUTUREWORK: only copy crypto-cli executable if we are building an integration test image
+# FUTUREWORK: only copy crypto-cli and mls-test-cli executables if we are building an
+# integration test image
 COPY --from=cryptobox-builder /tmp/core-crypto/cli/target/release/crypto-cli /usr/bin
+COPY --from=cryptobox-builder /tmp/mls-test-cli/target/release/mls-test-cli /usr/bin
 
 RUN export DEBIAN_FRONTEND=noninteractive && \
  apt-get update && \

cabal.project

@@ -157,7 +157,7 @@ source-repository-package
 allow-older: *
 allow-newer: *
 
--- Changes by ./tools/convert-to-cabal/generate.sh 
+-- Changes by ./tools/convert-to-cabal/generate.sh
 
 tests: True
 benchmarks: True

cassandra-schema.cql

@@ -143,6 +143,11 @@ CREATE TABLE galley_test.team_features (
  guest_links_lock_status int,
  guest_links_status int,
  legalhold_status int,
+ mls_allowed_ciphersuites set<int>,
+ mls_default_ciphersuite int,
+ mls_default_protocol int,
+ mls_protocol_toggle_users set<uuid>,
+ mls_status int,
  search_visibility_inbound_status int,
  search_visibility_status int,
  self_deleting_messages_lock_status int,
@@ -267,6 +272,7 @@ CREATE TABLE galley_test.member_remote_user (
  user_remote_domain text,
  user_remote_id uuid,
  conversation_role text,
+ mls_clients set<text>,
  PRIMARY KEY (conv, user_remote_domain, user_remote_id)
 ) WITH CLUSTERING ORDER BY (user_remote_domain ASC, user_remote_id ASC)
  AND bloom_filter_fp_chance = 0.1
@@ -471,6 +477,26 @@ CREATE TABLE galley_test.team_conv (
  AND read_repair_chance = 0.0
  AND speculative_retry = '99PERCENTILE';
 
+CREATE TABLE galley_test.mls_commit_locks (
+ group_id blob,
+ epoch bigint,
+ PRIMARY KEY (group_id, epoch)
+) WITH CLUSTERING ORDER BY (epoch ASC)
+ AND bloom_filter_fp_chance = 0.01
+ AND caching = {'keys': 'ALL', 'rows_per_partition': 'NONE'}
+ AND comment = ''
+ AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'}
+ AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'}
+ AND crc_check_chance = 1.0
+ AND dclocal_read_repair_chance = 0.1
+ AND default_time_to_live = 0
+ AND gc_grace_seconds = 864000
+ AND max_index_interval = 2048
+ AND memtable_flush_period_in_ms = 0
+ AND min_index_interval = 128
+ AND read_repair_chance = 0.0
+ AND speculative_retry = '99PERCENTILE';
+
 CREATE TABLE galley_test.team (
  team uuid PRIMARY KEY,
  binding boolean,
@@ -480,6 +506,7 @@ CREATE TABLE galley_test.team (
  icon_key text,
  name text,
  search_visibility int,
+ splash_screen text,
  status int
 ) WITH bloom_filter_fp_chance = 0.1
  AND caching = {'keys': 'ALL', 'rows_per_partition': 'NONE'}

charts/account-pages/templates/deployment.yaml

@@ -3,7 +3,7 @@ kind: Deployment
 metadata:
  name: account-pages
  labels:
- wireService: account-pages
+ app: account-pages
  chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
  release: {{ .Release.Name }}
  heritage: {{ .Release.Service }}
@@ -16,12 +16,10 @@ spec:
  maxSurge: {{ .Values.replicaCount | mul 2 }}
  selector:
  matchLabels:
- wireService: account-pages
  app: account-pages
  template:
  metadata:
  labels:
- wireService: account-pages
  app: account-pages
  release: {{ .Release.Name }}
  spec:

charts/aws-ingress/templates/ELB_account_pages_https.yaml

@@ -14,7 +14,7 @@ metadata:
 spec:
  type: LoadBalancer
  selector:
- wireService: account-pages
+ app: account-pages
  ports:
  - name: https
  protocol: TCP

charts/aws-ingress/templates/ELB_nginz_https.yaml

@@ -13,7 +13,7 @@ metadata:
 spec:
  type: LoadBalancer
  selector:
- wireService: nginz
+ app: nginz
  ports:
  - name: https
  protocol: TCP

charts/aws-ingress/templates/ELB_nginz_wss.yaml

@@ -14,7 +14,7 @@ metadata:
 spec:
  type: LoadBalancer
  selector:
- wireService: nginz
+ app: nginz
  ports:
  - name: wss
  protocol: TCP

charts/aws-ingress/templates/ELB_team_settings_https.yaml

@@ -14,7 +14,7 @@ metadata:
 spec:
  type: LoadBalancer
  selector:
- wireService: team-settings
+ app: team-settings
  ports:
  - name: https
  protocol: TCP

charts/aws-ingress/templates/ELB_webapp_https.yaml

@@ -13,7 +13,7 @@ metadata:
 spec:
  type: LoadBalancer
  selector:
- wireService: webapp
+ app: webapp
  ports:
  - name: https
  protocol: TCP

charts/backoffice/templates/deployment.yaml

@@ -3,7 +3,7 @@ kind: Deployment
 metadata:
  name: backoffice
  labels:
- wireService: backoffice
+ app: backoffice
  chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
  release: {{ .Release.Name }}
  heritage: {{ .Release.Service }}
@@ -16,11 +16,11 @@ spec:
  maxSurge: {{ .Values.replicaCount }}
  selector:
  matchLabels:
- wireService: backoffice
+ app: backoffice
  template:
  metadata:
  labels:
- wireService: backoffice
+ app: backoffice
  release: {{ .Release.Name }}
  annotations:
  # An annotation of the configmap checksum ensures changes to the configmap cause a redeployment upon `helm upgrade`