analysis/result-ingestion/service-result-ingestion.yaml - infra/luci/luci-go - Git at Google

 # Copyright 2022 The LUCI Authors.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #      http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.

 runtime: go122
 instance_class: F4
 service: result-ingestion
 service_account: ${SERVICE_ACCOUNT}

 automatic_scaling:
   target_throughput_utilization: 0.90
   target_cpu_utilization: 0.90
   # Limited to 5 to ensure GAE remains within memory limits.
   max_concurrent_requests: 5

 # Note: this is interpreted by gae.py, it maps the app ID being deployed to
 # values of ${...} vars.
 # Reference: https://chromium.googlesource.com/infra/luci/luci-go/+/HEAD/examples/appengine/helloworld_v2/app.yaml
 #
 # This configuration is only used for developer testing. The
 # configuration used for development and production instances is
 # contained in the infradata/gae repo. Refer to LUCI GAE Automatic
 # Deployment for more (go/luci/how_to_deploy.md) (Googlers only).
 #
 # IMPORTANT: Keep in sync between app.yaml, service-api.yaml and service-result-ingestion.yaml.
 # IMPORTANT: Keep in sync with app.star files in
 # https://chrome-internal.googlesource.com/infradata/gae/+/refs/heads/main/apps/luci-analysis/
 # and in
 # https://chrome-internal.googlesource.com/infradata/gae/+/refs/heads/main/apps/weetbix/
 luci_gae_vars:
   luci-analysis-dev:
     AUTH_SERVICE_HOST: chrome-infra-auth-dev.appspot.com
     CONFIG_SERVICE_HOST: config.luci.app
     CRON_AUTHORIZED_CALLER: cloud-scheduler-jobs@luci-analysis-dev.iam.gserviceaccount.com
     LUCI_ANALYSIS_HOST: VERSION.staging.analysis.api.luci.app
     PUBSUB_AUTHORIZED_CALLER: cloud-pubsub-pusher@luci-analysis-dev.iam.gserviceaccount.com
     TQ_PUSH_AS: cloud-tasks-pusher@luci-analysis-dev.iam.gserviceaccount.com
     TQ_TARGET_HOST: staging.analysis.api.luci.app
     TS_MON_ACCOUNT: app-engine-metric-publishers@prodx-mon-chrome-infra.google.com.iam.gserviceaccount.com
     OAUTH_CLIENT_ID: 171536942974-su83vlacqnbccpm2h32ki6gs5a2hi7eo.apps.googleusercontent.com
     OAUTH_CLIENT_SECRET: sm://oauth-client-secret
     OAUTH_REDIRECT_URL: https://luci-analysis-dev.appspot.com/auth/openid/callback
     ROOT_SECRET: sm://root-secret
     TINK_AEAD_KEY: sm://tink-aead-primary
     SPANNER_DB: projects/luci-analysis-dev/instances/dev/databases/luci-analysis-dev
     DISABLE_PROJECT_SCOPED_AUTH: TRUE
     BUGANIZER_MODE: disable
     BUGANIZER_ENDPOINT_BASE: placeholder-issuetracker-c2p
     BUGANIZER_ENDPOINT_OAUTH_SCOPE: https://www.googleapis.com/auth/placeholder
     BUGANIZER_TEST_COMPONENT_ID: 12345
     BUGANIZER_TEST_MODE: false
     BUGANIZER_SELF_EMAIL: email@google.com
     SERVICE_ACCOUNT: luci-analysis-dev-service@luci-analysis-dev.iam.gserviceaccount.com
     PROFILING_PROBABILITY: "0.25"

 # IMPORTANT: Except for /static, keep in sync between app.yaml, service-api.yaml and service-result-ingestion.yaml.
 handlers:
 - url: /_ah/push-handlers/.*
   script: auto
   login: admin
   secure: always

 - url: /.*
   script: auto
   secure: always

 # IMPORTANT: Keep in sync between app.yaml, service-api.yaml and service-result-ingestion.yaml.
 entrypoint: >
   main
   -auth-service-host ${AUTH_SERVICE_HOST}
   -config-service-host ${CONFIG_SERVICE_HOST}
   -cron-authorized-caller ${CRON_AUTHORIZED_CALLER}
   -tq-default-target-host ${TQ_TARGET_HOST}
   -tq-push-as ${TQ_PUSH_AS}
   -tq-sweep-initiation-launcher ${CRON_AUTHORIZED_CALLER}
   -luci-analysis-host ${LUCI_ANALYSIS_HOST}
   -pubsub-authorized-caller ${PUBSUB_AUTHORIZED_CALLER}
   -ts-mon-account ${TS_MON_ACCOUNT}
   -encrypted-cookies-client-id ${OAUTH_CLIENT_ID}
   -frontend-client-id ${OAUTH_CLIENT_ID}
   -encrypted-cookies-client-secret ${OAUTH_CLIENT_SECRET}
   -encrypted-cookies-expose-state-endpoint
   -encrypted-cookies-redirect-url ${OAUTH_REDIRECT_URL}
   -encrypted-cookies-tink-aead-key ${TINK_AEAD_KEY}
   -root-secret ${ROOT_SECRET}
   -spanner-database ${SPANNER_DB}
   -disable-project-scoped-auth=${DISABLE_PROJECT_SCOPED_AUTH}
   -buganizer-mode=${BUGANIZER_MODE}
   -buganizer-endpoint-base=${BUGANIZER_ENDPOINT_BASE}
   -buganizer-endpoint-oauth-scope=${BUGANIZER_ENDPOINT_OAUTH_SCOPE}
   -buganizer-test-component-id=${BUGANIZER_TEST_COMPONENT_ID}
   -buganizer-self-email=${BUGANIZER_SELF_EMAIL}
   -buganizer-test-mode=${BUGANIZER_TEST_MODE}
   -profiling-probability=${PROFILING_PROBABILITY}
	# Copyright 2022 The LUCI Authors.
	#
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software
	# distributed under the License is distributed on an "AS IS" BASIS,
	# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	# See the License for the specific language governing permissions and
	# limitations under the License.

	runtime: go122
	instance_class: F4
	service: result-ingestion
	service_account: ${SERVICE_ACCOUNT}

	automatic_scaling:
	target_throughput_utilization: 0.90
	target_cpu_utilization: 0.90
	# Limited to 5 to ensure GAE remains within memory limits.
	max_concurrent_requests: 5

	# Note: this is interpreted by gae.py, it maps the app ID being deployed to
	# values of ${...} vars.
	# Reference: https://chromium.googlesource.com/infra/luci/luci-go/+/HEAD/examples/appengine/helloworld_v2/app.yaml
	#
	# This configuration is only used for developer testing. The
	# configuration used for development and production instances is
	# contained in the infradata/gae repo. Refer to LUCI GAE Automatic
	# Deployment for more (go/luci/how_to_deploy.md) (Googlers only).
	#
	# IMPORTANT: Keep in sync between app.yaml, service-api.yaml and service-result-ingestion.yaml.
	# IMPORTANT: Keep in sync with app.star files in
	# https://chrome-internal.googlesource.com/infradata/gae/+/refs/heads/main/apps/luci-analysis/
	# and in
	# https://chrome-internal.googlesource.com/infradata/gae/+/refs/heads/main/apps/weetbix/
	luci_gae_vars:
	luci-analysis-dev:
	AUTH_SERVICE_HOST: chrome-infra-auth-dev.appspot.com
	CONFIG_SERVICE_HOST: config.luci.app
	CRON_AUTHORIZED_CALLER: cloud-scheduler-jobs@luci-analysis-dev.iam.gserviceaccount.com
	LUCI_ANALYSIS_HOST: VERSION.staging.analysis.api.luci.app
	PUBSUB_AUTHORIZED_CALLER: cloud-pubsub-pusher@luci-analysis-dev.iam.gserviceaccount.com
	TQ_PUSH_AS: cloud-tasks-pusher@luci-analysis-dev.iam.gserviceaccount.com
	TQ_TARGET_HOST: staging.analysis.api.luci.app
	TS_MON_ACCOUNT: app-engine-metric-publishers@prodx-mon-chrome-infra.google.com.iam.gserviceaccount.com
	OAUTH_CLIENT_ID: 171536942974-su83vlacqnbccpm2h32ki6gs5a2hi7eo.apps.googleusercontent.com
	OAUTH_CLIENT_SECRET: sm://oauth-client-secret
	OAUTH_REDIRECT_URL: https://luci-analysis-dev.appspot.com/auth/openid/callback
	ROOT_SECRET: sm://root-secret
	TINK_AEAD_KEY: sm://tink-aead-primary
	SPANNER_DB: projects/luci-analysis-dev/instances/dev/databases/luci-analysis-dev
	DISABLE_PROJECT_SCOPED_AUTH: TRUE
	BUGANIZER_MODE: disable
	BUGANIZER_ENDPOINT_BASE: placeholder-issuetracker-c2p
	BUGANIZER_ENDPOINT_OAUTH_SCOPE: https://www.googleapis.com/auth/placeholder
	BUGANIZER_TEST_COMPONENT_ID: 12345
	BUGANIZER_TEST_MODE: false
	BUGANIZER_SELF_EMAIL: email@google.com
	SERVICE_ACCOUNT: luci-analysis-dev-service@luci-analysis-dev.iam.gserviceaccount.com
	PROFILING_PROBABILITY: "0.25"

	# IMPORTANT: Except for /static, keep in sync between app.yaml, service-api.yaml and service-result-ingestion.yaml.
	handlers:
	- url: /_ah/push-handlers/.*
	script: auto
	login: admin
	secure: always

	- url: /.*
	script: auto
	secure: always

	# IMPORTANT: Keep in sync between app.yaml, service-api.yaml and service-result-ingestion.yaml.
	entrypoint: >
	main
	-auth-service-host ${AUTH_SERVICE_HOST}
	-config-service-host ${CONFIG_SERVICE_HOST}
	-cron-authorized-caller ${CRON_AUTHORIZED_CALLER}
	-tq-default-target-host ${TQ_TARGET_HOST}
	-tq-push-as ${TQ_PUSH_AS}
	-tq-sweep-initiation-launcher ${CRON_AUTHORIZED_CALLER}
	-luci-analysis-host ${LUCI_ANALYSIS_HOST}
	-pubsub-authorized-caller ${PUBSUB_AUTHORIZED_CALLER}
	-ts-mon-account ${TS_MON_ACCOUNT}
	-encrypted-cookies-client-id ${OAUTH_CLIENT_ID}
	-frontend-client-id ${OAUTH_CLIENT_ID}
	-encrypted-cookies-client-secret ${OAUTH_CLIENT_SECRET}
	-encrypted-cookies-expose-state-endpoint
	-encrypted-cookies-redirect-url ${OAUTH_REDIRECT_URL}
	-encrypted-cookies-tink-aead-key ${TINK_AEAD_KEY}
	-root-secret ${ROOT_SECRET}
	-spanner-database ${SPANNER_DB}
	-disable-project-scoped-auth=${DISABLE_PROJECT_SCOPED_AUTH}
	-buganizer-mode=${BUGANIZER_MODE}
	-buganizer-endpoint-base=${BUGANIZER_ENDPOINT_BASE}
	-buganizer-endpoint-oauth-scope=${BUGANIZER_ENDPOINT_OAUTH_SCOPE}
	-buganizer-test-component-id=${BUGANIZER_TEST_COMPONENT_ID}
	-buganizer-self-email=${BUGANIZER_SELF_EMAIL}
	-buganizer-test-mode=${BUGANIZER_TEST_MODE}
	-profiling-probability=${PROFILING_PROBABILITY}