Conversation
…omad jobs Same fix as 5c599a2 for orchestrator: set mode=file and explicit destination to prevent Nomad from switching to folder mode when multiple objects share a prefix.
… clean-nfs-cache Move env-conditional version query param logic out of HCL job templates into Terraform, matching the orchestrator pattern. Removes checksum options block from template-manager and external checksum data source from clean-nfs-cache in favor of GCS object generation.
Removed bash script and replaced with native object version taken from object data source. Non-dev environments are now using object version as well.
PR SummaryMedium Risk Overview Reviewed by Cursor Bugbot for commit 4e003f9. Bugbot is set up for automated code reviews on this repo. Configure here. |
![claude[bot]](https://avatars.githubusercontent.com/in/1236702?s=60&v=4){kind=small}
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 29c3c09b89
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 2 potential issues.
Bugbot Autofix prepared fixes for both issues found in the latest run.
- ✅ Fixed: Dev/prod conditional retained for clean-nfs-cache artifact URL
- Updated
clean_nfs_cache_artifact_sourceto always include the?version=generation parameter for all environments.
- Updated
- ✅ Fixed: GCS generation number used as MD5 checksum
- Replaced the checksum input with a real MD5 hex digest derived from the GCS object's
md5hashvia an external data step and passed that to the autoscaler job template.
- Replaced the checksum input with a real MD5 hex digest derived from the GCS object's
Or push these changes by commenting:
@cursor push 21ea3a2166
Preview (21ea3a2166)
diff --git a/iac/provider-gcp/nomad/main.tf b/iac/provider-gcp/nomad/main.tf
--- a/iac/provider-gcp/nomad/main.tf
+++ b/iac/provider-gcp/nomad/main.tf
@@ -485,6 +485,27 @@
bucket = var.fc_env_pipeline_bucket_name
}
+data "external" "nomad_nodepool_apm_checksum" {
+ count = var.template_manages_clusters_size_gt_1 ? 1 : 0
+
+ program = [
+ "python3",
+ "-c",
+ <<-EOT
+import base64
+import json
+import sys
+
+query = json.load(sys.stdin)
+print(json.dumps({"hex": base64.b64decode(query["md5hash"]).hex()}))
+EOT
+ ]
+
+ query = {
+ md5hash = data.google_storage_bucket_object.nomad_nodepool_apm[0].md5hash
+ }
+}
+
module "template_manager_autoscaler" {
source = "../../modules/job-template-manager-autoscaler"
count = var.template_manages_clusters_size_gt_1 ? 1 : 0
@@ -493,7 +514,7 @@
autoscaler_version = var.nomad_autoscaler_version
nomad_token = var.nomad_acl_token_secret
apm_plugin_artifact_source = "gcs::https://www.googleapis.com/storage/v1/${var.fc_env_pipeline_bucket_name}/nomad-nodepool-apm?version=${data.google_storage_bucket_object.nomad_nodepool_apm[0].generation}"
- apm_plugin_checksum = data.google_storage_bucket_object.nomad_nodepool_apm[0].generation
+ apm_plugin_checksum = data.external.nomad_nodepool_apm_checksum[0].result.hex
}
module "loki" {
@@ -609,7 +630,7 @@
}
locals {
- clean_nfs_cache_artifact_source = var.environment == "dev" ? "gcs::https://www.googleapis.com/storage/v1/${var.fc_env_pipeline_bucket_name}/clean-nfs-cache?version=${data.google_storage_bucket_object.filestore_cleanup.generation}" : "gcs::https://www.googleapis.com/storage/v1/${var.fc_env_pipeline_bucket_name}/clean-nfs-cache"
+ clean_nfs_cache_artifact_source = "gcs::https://www.googleapis.com/storage/v1/${var.fc_env_pipeline_bucket_name}/clean-nfs-cache?version=${data.google_storage_bucket_object.filestore_cleanup.generation}"
}
resource "nomad_job" "clean_nfs_cache" {This Bugbot Autofix run was free. To enable autofix for future PRs, go to the Cursor dashboard.
Reviewed by Cursor Bugbot for commit 29c3c09. Configure here.
- Remove apm_plugin_checksum from autoscaler module; rely on ?etag=/?version= query param for artifact pinning (consistent with orchestrator/template-manager) - Fix locals. → local. typo in AWS autoscaler module call - Remove obsolete template_manager_checksum argument from AWS template_manager module call - Inline autoscaler artifact source URL directly (was a local with empty-string fallback) - Fix clean_nfs_cache_artifact_source to always include ?version= (remove dev-only conditional)
sitole
changed the title
2 participants
Summary
checksum.shbash script +data "external"with GCS object's native.generationfield as the version/checksumclean-nfs-cacheNomad job setup from its ownclean-nfs-cache.tffile intomain.tfalongside other jobsartifact_sourceURL from Terraform into the HCL job templates fortemplate-managerandclean-nfs-cacheinstead of constructing it inside the templatetemplate_manager_checksumvariable (superseded by version in the URL)mode = "file"anddestinationfortemplate-managerandclean-nfs-cachejobs