From 69512391ff3f25802e4cf7d201dc7564701d5637 Mon Sep 17 00:00:00 2001 From: Donavan Fritz Date: Thu, 28 May 2026 10:04:24 -0500 Subject: [PATCH] site-publish: default S3 endpoint to garage-s3 (data-only Service) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The existing garage Service round-robined S3 across all three garage pods, including the gateway. The gateway pod uses an emptyDir for /data, so its in-memory auth table is unreliable after restart — site-publish runs hit intermittent 'Forbidden: No such key' errors during aws s3 sync. The new garage-s3 Service in fritzlab/apps@d9aa376 selects only garage-role=data pods (nas001 + nas002), bypassing the gateway entirely. --- action.yaml | 5 ++++- scripts/utils.py | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/action.yaml b/action.yaml index c93fd9e..505170e 100644 --- a/action.yaml +++ b/action.yaml @@ -11,9 +11,12 @@ inputs: description: Garage ci-deploy-key secret access key required: true s3-endpoint: + # Targets garage-s3 (data-only Service) so requests do not round-robin onto + # the gateway pod, whose emptyDir-backed metadata view intermittently + # returns "No such key" through the S3 API. description: Garage S3 endpoint URL required: false - default: http://garage.storage.svc:3900 + default: http://garage-s3.storage.svc:3900 garage-admin-token: description: Garage admin API token (required only when site.yaml has aliases — used to reconcile bucket globalAliases) required: false diff --git a/scripts/utils.py b/scripts/utils.py index fcb7436..b06bfa7 100644 --- a/scripts/utils.py +++ b/scripts/utils.py @@ -12,7 +12,7 @@ from jinja2 import Environment, FileSystemLoader APPS_REPO = "fritzlab/apps" GITEA_HOST = "code.fritzlab.net" NAMESPACE = "websites" -DEFAULT_S3_ENDPOINT = "http://garage.storage.svc:3900" +DEFAULT_S3_ENDPOINT = "http://garage-s3.storage.svc:3900" EXCLUDE_FILES = { ".git", ".gitea", ".gitignore", "site.yaml",