Merge branch 'master' of https://github.com/Sefaria/Sefaria-Project

helm-chart/templates/_helpers.tpl

@@ -1,25 +1,3 @@
-{{/*
-Create the name of the local-settings secret
-*/}}
-{{/*{{- define "localSettings.env" }} 
-{{- range $key, $val := $.Values.localSettings }}
-          - name: {{ $key }}
-            valueFrom:
-              configMapKeyRef:
-                name: local-settings-{{ $.Values.deployEnv }}
-                key: {{ $key }}
-{{- end }}
-{{- end }}
-*/}}
-
-{{- define "secrets.localSettings" -}} 
-{{- if .Values.secrets.localSettings.ref }}
-{{- .Values.secrets.localSettings.ref }}
-{{- else -}}
-local-settings-secrets-{{ .Values.deployEnv }}
-{{- end }}
-{{- end }}
-
 {{- define "secrets.googleClient" }} 
 {{- if .Values.web.secrets.googleClient.ref -}}
 {{- .Values.web.secrets.googleClient.ref }}

helm-chart/templates/cronjob/daily-email-notifications.yaml

@@ -32,7 +32,11 @@ spec:
               value: "varnish-{{ .Values.deployEnv }}-{{ .Release.Revision }}"
             envFrom:
               - secretRef:
-                name: {{ template "secrets.localSettings" . }}
+                  name: {{ .Values.secrets.localSettings.ref }}
+                  optional: true
+              - secretRef:
+                  name: local-settings-secrets-{{ .Values.deployEnv }}
+                  optional: true
               - configMapRef:
                 name: local-settings-{{ .Values.deployEnv }}
             volumeMounts:

helm-chart/templates/cronjob/index-from-queue.yaml

@@ -44,7 +44,11 @@ spec:
               value: "varnish-{{ .Values.deployEnv }}-{{ .Release.Revision }}"
             envFrom:
               - secretRef:
-                name: {{ template "secrets.localSettings" . }}
+                  name: {{ .Values.secrets.localSettings.ref }}
+                  optional: true
+              - secretRef:
+                  name: local-settings-secrets-{{ .Values.deployEnv }}
+                  optional: true
               - configMapRef:
                 name: local-settings-{{ .Values.deployEnv }}
             volumeMounts:

helm-chart/templates/cronjob/metrics.yaml

@@ -31,7 +31,11 @@ spec:
               value: "varnish-{{ .Values.deployEnv }}-{{ .Release.Revision }}"
             envFrom:
               - secretRef:
-                name: {{ template "secrets.localSettings" . }}
+                  name: {{ .Values.secrets.localSettings.ref }}
+                  optional: true
+              - secretRef:
+                  name: local-settings-secrets-{{ .Values.deployEnv }}
+                  optional: true
               - configMapRef:
                 name: local-settings-{{ .Values.deployEnv }}
             volumeMounts:

helm-chart/templates/cronjob/nation-builder-sync.yaml

@@ -32,7 +32,11 @@ spec:
               value: "varnish-{{ .Values.deployEnv }}-{{ .Release.Revision }}"
             envFrom:
               - secretRef:
-                name: {{ template "secrets.localSettings" . }}
+                  name: {{ .Values.secrets.localSettings.ref }}
+                  optional: true
+              - secretRef:
+                  name: local-settings-secrets-{{ .Values.deployEnv }}
+                  optional: true
               - configMapRef:
                 name: local-settings-{{ .Values.deployEnv }}
             volumeMounts:

helm-chart/templates/cronjob/regenerate-long-cached-data.yaml

@@ -32,7 +32,11 @@ spec:
               value: "varnish-{{ .Values.deployEnv }}-{{ .Release.Revision }}"
             envFrom:
               - secretRef:
-                name: {{ template "secrets.localSettings" . }}
+                  name: {{ .Values.secrets.localSettings.ref }}
+                  optional: true
+              - secretRef:
+                  name: local-settings-secrets-{{ .Values.deployEnv }}
+                  optional: true
               - configMapRef:
                 name: local-settings-{{ .Values.deployEnv }}
             volumeMounts:

helm-chart/templates/cronjob/reindex-elasticsearch.yaml

@@ -53,7 +53,11 @@ spec:
                   key: slack-webhook
             envFrom:
               - secretRef:
-                name: {{ template "secrets.localSettings" . }}
+                  name: {{ .Values.secrets.localSettings.ref }}
+                  optional: true
+              - secretRef:
+                  name: local-settings-secrets-{{ .Values.deployEnv }}
+                  optional: true
               - configMapRef:
                 name: local-settings-{{ .Values.deployEnv }}
             volumeMounts:

helm-chart/templates/cronjob/sitemaps.yaml

@@ -38,7 +38,11 @@ spec:
               value: "varnish-{{ .Values.deployEnv }}-{{ .Release.Revision }}"
             envFrom:
               - secretRef:
-                name: {{ template "secrets.localSettings" . }}
+                  name: {{ .Values.secrets.localSettings.ref }}
+                  optional: true
+              - secretRef:
+                  name: local-settings-secrets-{{ .Values.deployEnv }}
+                  optional: true
               - configMapRef:
                 name: local-settings-{{ .Values.deployEnv }}
             volumeMounts:

helm-chart/templates/cronjob/topics-indexing.yaml

@@ -28,7 +28,11 @@ spec:
                 value: "varnish-{{ .Values.deployEnv }}-{{ .Release.Revision }}"
               envFrom:
                 - secretRef:
-                  name: {{ template "secrets.localSettings" . }}
+                    name: {{ .Values.secrets.localSettings.ref }}
+                    optional: true
+                - secretRef:
+                    name: local-settings-secrets-{{ .Values.deployEnv }}
+                    optional: true
                 - configMapRef:
                   name: local-settings-{{ .Values.deployEnv }}
               volumeMounts:

helm-chart/templates/cronjob/weekly-email-notifications.yaml

@@ -32,7 +32,11 @@ spec:
               value: "varnish-{{ .Values.deployEnv }}-{{ .Release.Revision }}"
             envFrom:
               - secretRef:
-                name: {{ template "secrets.localSettings" . }}
+                  name: {{ .Values.secrets.localSettings.ref }}
+                  optional: true
+              - secretRef:
+                  name: local-settings-secrets-{{ .Values.deployEnv }}
+                  optional: true
               - configMapRef:
                 name: local-settings-{{ .Values.deployEnv }}
             volumeMounts:

helm-chart/templates/rollout/monitor.yaml

@@ -67,7 +67,11 @@ spec:
             value: "varnish-{{ .Values.deployEnv }}-{{ .Release.Revision }}"
         envFrom:
           - secretRef:
-              name: {{ template "secrets.localSettings" . }}
+              name: {{ .Values.secrets.localSettings.ref }}
+              optional: true
+          - secretRef:
+              name: local-settings-secrets-{{ .Values.deployEnv }}
+              optional: true
           - configMapRef:
               name: local-settings-{{ .Values.deployEnv }}
         resources: {{ toYaml .Values.monitor.resources | nindent 10 }}

helm-chart/templates/rollout/web.yaml

@@ -85,7 +85,11 @@ spec:
             value: "{{ .Release.Revision }}"
         envFrom:
           - secretRef:
-              name: {{ template "secrets.localSettings" . }}
+              name: {{ .Values.secrets.localSettings.ref }}
+              optional: true
+          - secretRef:
+              name: local-settings-secrets-{{ .Values.deployEnv }}
+              optional: true
           - configMapRef:
               name: local-settings-{{ .Values.deployEnv }}
         ports:

helm-chart/templates/secret/local-settings.yaml

@@ -1,4 +1,4 @@
-{{- if .Values.secrets.localSettings.DATABASES_HOST }}
+{{- if .Values.secrets.localSettings.data }}
 apiVersion: v1
 kind: Secret
 metadata:
@@ -8,44 +8,7 @@ metadata:
     {{- include "sefaria.labels" . | nindent 4 }}
 type: Opaque
 data:
-  {{- with .Values.secrets.localSettings }}
-  DATABASES_HOST: {{ .DATABASES_HOST | b64enc }}
-  DATABASES_PASS: {{ .DATABASES_PASS | b64enc }}
-  DATABASES_USER: {{ .DATABASES_USER | b64enc }}
-  DATABASES_PORT: {{ .DATABASES_PORT | b64enc }}
-  GOOGLE_OAUTH2_CLIENT_ID: {{ .GOOGLE_OAUTH2_CLIENT_ID | b64enc }}
-  GOOGLE_OAUTH2_CLIENT_SECRET: {{ .GOOGLE_OAUTH2_CLIENT_SECRET | b64enc }}
-  SECRET_KEY: {{ .SECRET_KEY | b64enc }}
-  MANDRILL_API_KEY: {{ .MANDRILL_API_KEY | b64enc }}
-  SEFARIA_DB: {{ .SEFARIA_DB | b64enc }}
-  SEFARIA_DB_USER: {{ .SEFARIA_DB_USER | b64enc }}
-  SEFARIA_DB_PASSWORD: {{ .SEFARIA_DB_PASSWORD | b64enc }}
-  SEARCH_ADMIN_USER: {{ .SEARCH_ADMIN_USER | b64enc }}
-  SEARCH_ADMIN_PW: {{ .SEARCH_ADMIN_PW | b64enc }}
-  SEARCH_ADMIN_K8S: {{ .SEARCH_ADMIN_K8S | b64enc }}
-  TURN_SECRET: {{ .TURN_SECRET | b64enc }}
-  TURN_USER: {{ .TURN_USER | b64enc }}
-  SEFARIA_BOT_API_KEY: {{ .SEFARIA_BOT_API_KEY | b64enc }}
-  CLOUDFLARE_ZONE: {{ .CLOUDFLARE_ZONE | b64enc }}
-  CLOUDFLARE_EMAIL: {{ .CLOUDFLARE_EMAIL | b64enc }}
-  CLOUDFLARE_TOKEN: {{ .CLOUDFLARE_TOKEN | b64enc }}
-  GOOGLE_TAG_MANAGER_CODE: {{ .GOOGLE_TAG_MANAGER_CODE | b64enc }}
-  GOOGLE_ANALYTICS_CODE: {{ .GOOGLE_ANALYTICS_CODE | b64enc }}
-  GOOGLE_MAPS_API_KEY: {{ .GOOGLE_MAPS_API_KEY | b64enc }}
-  MIXPANEL_CODE: {{ .MIXPANEL_CODE | b64enc }}
-  HOTJAR_ID: {{ .HOTJAR_ID | b64enc }}
-  AWS_ACCESS_KEY: {{ .AWS_ACCESS_KEY | b64enc }}
-  AWS_SECRET_KEY: {{ .AWS_SECRET_KEY | b64enc }}
-  S3_BUCKET: {{ .S3_BUCKET | b64enc }}
-  NATIONBUILDER_TOKEN: {{ .NATIONBUILDER_TOKEN | b64enc }}
-  NATIONBUILDER_CLIENT_ID: {{ .NATIONBUILDER_CLIENT_ID | b64enc }}
-  NATIONBUILDER_CLIENT_SECRET: {{ .NATIONBUILDER_CLIENT_SECRET | b64enc }}
-  MAILCHIMP_API_KEY: {{ .MAILCHIMP_API_KEY | b64enc }}
-  MAILCHIMP_ANNOUNCE_ID: {{ .MAILCHIMP_ANNOUNCE_ID | b64enc }}
-  MAILCHIMP_WEBHOOK_KEY: {{ .MAILCHIMP_WEBHOOK_KEY | b64enc }}
-  RECAPTCHA_PUBLIC_KEY: {{ .RECAPTCHA_PUBLIC_KEY | b64enc }}
-  RECAPTCHA_PRIVATE_KEY: {{ .RECAPTCHA_PRIVATE_KEY | b64enc }}
-  SIMPLE_JWT_SIGNING_KEY: {{ .SIMPLE_JWT_SIGNING_KEY | b64enc }}
-  MOBILE_APP_KEY: {{ .MOBILE_APP_KEY | b64enc }}
+  {{- range $k, $v := .Values.secrets.localSettings.data }}
+  {{ $k }}: {{ $v | b64enc }}
   {{- end }}
 {{- end }}

helm-chart/values.yaml

@@ -203,50 +203,50 @@ monitor:
 
 secrets:
   localSettings:
-    # If you're using a refenrece to an existing secret then the data: section
-    # should be commented out and vice-versa.
+    # A reference to a secret containing the local settings
     ref:
-    # Add the value of these variables in the data: field for local use only.
-    # Also, it is understood that if you're adding one value you're adding
-    # all variable values
-    DATABASES_HOST:
-    DATABASES_PASS:
-    DATABASES_USER:
-    DATABASES_PORT:
-    GOOGLE_OAUTH2_CLIENT_ID:
-    GOOGLE_OAUTH2_CLIENT_SECRET:
-    SECRET_KEY:
-    MANDRILL_API_KEY:
-    SEFARIA_DB:
-    SEFARIA_DB_USER:
-    SEFARIA_DB_PASSWORD:
-    SEARCH_ADMIN_USER:
-    SEARCH_ADMIN_PW:
-    SEARCH_ADMIN_K8S:
-    TURN_SECRET:
-    TURN_USER:
-    SEFARIA_BOT_API_KEY:
-    CLOUDFLARE_ZONE:
-    CLOUDFLARE_EMAIL:
-    CLOUDFLARE_TOKEN:
-    GOOGLE_TAG_MANAGER_CODE:
-    GOOGLE_ANALYTICS_CODE:
-    GOOGLE_MAPS_API_KEY:
-    MIXPANEL_CODE:
-    HOTJAR_ID:
-    AWS_ACCESS_KEY:
-    AWS_SECRET_KEY:
-    S3_BUCKET:
-    NATIONBUILDER_TOKEN:
-    NATIONBUILDER_CLIENT_ID:
-    NATIONBUILDER_CLIENT_SECRET:
-    MAILCHIMP_API_KEY:
-    MAILCHIMP_ANNOUNCE_ID:
-    MAILCHIMP_WEBHOOK_KEY:
-    RECAPTCHA_PUBLIC_KEY:
-    RECAPTCHA_PRIVATE_KEY:
-    SIMPLE_JWT_SIGNING_KEY:
-    MOBILE_APP_KEY:
+    # The data keys can be used to override values in the local settings secret.
+    # This is intended for local development use and CI, do not use this in
+    # production.
+    #data:
+    #  DATABASES_HOST:
+    #  DATABASES_PASS:
+    #  DATABASES_USER:
+    #  DATABASES_PORT:
+    #  GOOGLE_OAUTH2_CLIENT_ID:
+    #  GOOGLE_OAUTH2_CLIENT_SECRET:
+    #  SECRET_KEY:
+    #  MANDRILL_API_KEY:
+    #  SEFARIA_DB:
+    #  SEFARIA_DB_USER:
+    #  SEFARIA_DB_PASSWORD:
+    #  SEARCH_ADMIN_USER:
+    #  SEARCH_ADMIN_PW:
+    #  SEARCH_ADMIN_K8S:
+    #  TURN_SECRET:
+    #  TURN_USER:
+    #  SEFARIA_BOT_API_KEY:
+    #  CLOUDFLARE_ZONE:
+    #  CLOUDFLARE_EMAIL:
+    #  CLOUDFLARE_TOKEN:
+    #  GOOGLE_TAG_MANAGER_CODE:
+    #  GOOGLE_ANALYTICS_CODE:
+    #  GOOGLE_MAPS_API_KEY:
+    #  MIXPANEL_CODE:
+    #  HOTJAR_ID:
+    #  AWS_ACCESS_KEY:
+    #  AWS_SECRET_KEY:
+    #  S3_BUCKET:
+    #  NATIONBUILDER_TOKEN:
+    #  NATIONBUILDER_CLIENT_ID:
+    #  NATIONBUILDER_CLIENT_SECRET:
+    #  MAILCHIMP_API_KEY:
+    #  MAILCHIMP_ANNOUNCE_ID:
+    #  MAILCHIMP_WEBHOOK_KEY:
+    #  RECAPTCHA_PUBLIC_KEY:
+    #  RECAPTCHA_PRIVATE_KEY:
+    #  SIMPLE_JWT_SIGNING_KEY:
+    #  MOBILE_APP_KEY:
   backupManager:
     # If you're using a reference to an existing secret then the data: section
     # should be commented out and vice-versa.
@@ -256,7 +256,7 @@ secrets:
     #   serviceAccount:
   # This is used in mongobackup & reindex-elasticsearch cron jobs.
   slackWebhook:
-    # If you're using a refenrece to an existing secret then the data: section
+    # If you're using a reference to an existing secret then the data: section
     # should be commented out and vice-versa.
     ref:
     # data:

static/css/s2.css

@@ -3105,6 +3105,7 @@ a.navBlockTitle:hover {
 }
 .textTableOfContents .torahNavParshiot .tocLevel .schema-node-toc {
   flex: 1 1 50%;
+  text-decoration: none;
 }
 .textTableOfContents > .tocLevel > .schema-node-toc {
   margin: 10px 0;