Skip to content

Commit cf1f8c0

Browse files
Merge branch 'master' into feat/allow_new_users
2 parents fde50c8 + 14512f1 commit cf1f8c0

30 files changed

Lines changed: 635 additions & 1005 deletions

File tree

.github/workflows/mozcloud-publish.yaml

Lines changed: 0 additions & 136 deletions
Original file line numberDiff line numberDiff line change
@@ -172,142 +172,6 @@ jobs:
172172
tags: ${{ env.IMAGE_TAGS }}
173173
cache-from: type=gha
174174

175-
# Note: we are moving towards renaming all images `syncserver`, the union of sync and tokenserver.
176-
# This presently remains for the time being to simplify deploys by maintaining `image_name: syncstorage-rs-spanner-python-utils`.
177-
# Historical context: <https://github.com/mozilla-services/syncstorage-rs/pull/1306>
178-
build-and-push-syncstorage-rs-spanner-python-utils:
179-
needs: check
180-
permissions:
181-
contents: read
182-
id-token: write
183-
packages: write
184-
runs-on: ubuntu-latest
185-
steps:
186-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
187-
with:
188-
persist-credentials: false
189-
190-
- uses: ./.github/actions/setup-build-and-push
191-
id: setup
192-
with:
193-
workload_identity_provider: ${{ vars.GCPV2_GITHUB_WORKLOAD_IDENTITY_PROVIDER }}
194-
gcp_service_account: "${{ vars.SERVICE_ACCOUNT_NAME || 'artifact-writer' }}@moz-fx-sync-prod.iam.gserviceaccount.com"
195-
version_json_path: ./tools/spanner/version.json
196-
197-
- name: Compute tags
198-
run: |
199-
TAGS=$(cat <<EOF
200-
us-docker.pkg.dev/moz-fx-sync-prod/sync-prod/syncstorage-rs-spanner-python-utils:${IMAGE_TAG}
201-
ghcr.io/${{ github.repository }}/syncstorage-rs-spanner-python-utils:${IMAGE_TAG}
202-
EOF
203-
)
204-
if [[ "${PUSH_LATEST}" == "true" ]]; then
205-
TAGS="$TAGS
206-
us-docker.pkg.dev/moz-fx-sync-prod/sync-prod/syncstorage-rs-spanner-python-utils:latest
207-
ghcr.io/${{ github.repository }}/syncstorage-rs-spanner-python-utils:latest"
208-
fi
209-
echo "IMAGE_TAGS<<EOF" >> "$GITHUB_ENV"
210-
echo "$TAGS" >> "$GITHUB_ENV"
211-
echo "EOF" >> "$GITHUB_ENV"
212-
env:
213-
IMAGE_TAG: ${{ steps.setup.outputs.image_tag }}
214-
PUSH_LATEST: ${{ steps.setup.outputs.push_latest }}
215-
216-
- uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7
217-
with:
218-
context: tools/spanner
219-
file: tools/spanner/Dockerfile
220-
push: true
221-
tags: ${{ env.IMAGE_TAGS }}
222-
cache-from: type=gha
223-
cache-to: type=gha,mode=max
224-
225-
build-and-push-syncserver-postgres-python-utils:
226-
needs: check
227-
permissions:
228-
contents: read
229-
id-token: write
230-
packages: write
231-
runs-on: ubuntu-latest
232-
steps:
233-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
234-
with:
235-
persist-credentials: false
236-
237-
- uses: ./.github/actions/setup-build-and-push
238-
id: setup
239-
with:
240-
workload_identity_provider: ${{ vars.GCPV2_GITHUB_WORKLOAD_IDENTITY_PROVIDER }}
241-
gcp_service_account: "${{ vars.SERVICE_ACCOUNT_NAME || 'artifact-writer' }}@moz-fx-sync-prod.iam.gserviceaccount.com"
242-
version_json_path: ./tools/postgres/version.json
243-
244-
- name: Compute tags
245-
run: |
246-
TAGS=$(cat <<EOF
247-
us-docker.pkg.dev/moz-fx-sync-prod/sync-prod/syncserver-postgres-python-utils:${IMAGE_TAG}
248-
ghcr.io/${{ github.repository }}/syncserver-postgres-python-utils:${IMAGE_TAG}
249-
EOF
250-
)
251-
if [[ "${PUSH_LATEST}" == "true" ]]; then
252-
TAGS="$TAGS
253-
us-docker.pkg.dev/moz-fx-sync-prod/sync-prod/syncserver-postgres-python-utils:latest
254-
ghcr.io/${{ github.repository }}/syncserver-postgres-python-utils:latest"
255-
fi
256-
echo "IMAGE_TAGS<<EOF" >> "$GITHUB_ENV"
257-
echo "$TAGS" >> "$GITHUB_ENV"
258-
echo "EOF" >> "$GITHUB_ENV"
259-
env:
260-
IMAGE_TAG: ${{ steps.setup.outputs.image_tag }}
261-
PUSH_LATEST: ${{ steps.setup.outputs.push_latest }}
262-
263-
- name: Build and push to prod GAR and ghcr
264-
uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7
265-
with:
266-
context: tools/postgres
267-
file: tools/postgres/Dockerfile
268-
push: true
269-
tags: ${{ env.IMAGE_TAGS }}
270-
cache-from: type=gha
271-
cache-to: type=gha,mode=max
272-
273-
- name: GCP auth (enterprise)
274-
id: gcp_auth_ent
275-
uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3
276-
with:
277-
workload_identity_provider: ${{ vars.GCPV2_GITHUB_WORKLOAD_IDENTITY_PROVIDER }}
278-
service_account: "${{ vars.SERVICE_ACCOUNT_NAME || 'artifact-writer' }}@moz-fx-fx-enterprise-prod.iam.gserviceaccount.com"
279-
token_format: access_token
280-
281-
- name: Log in to enterprise GAR
282-
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
283-
with:
284-
registry: us-docker.pkg.dev
285-
username: oauth2accesstoken
286-
password: ${{ steps.gcp_auth_ent.outputs.access_token }}
287-
288-
- name: Compute enterprise tags
289-
run: |
290-
TAGS="us-docker.pkg.dev/moz-fx-fx-enterprise-prod/fx-enterprise-private/syncserver-postgres-python-utils:${IMAGE_TAG}"
291-
if [[ "${PUSH_LATEST}" == "true" ]]; then
292-
TAGS="$TAGS
293-
us-docker.pkg.dev/moz-fx-fx-enterprise-prod/fx-enterprise-private/syncserver-postgres-python-utils:latest"
294-
fi
295-
echo "IMAGE_TAGS<<EOF" >> "$GITHUB_ENV"
296-
echo "$TAGS" >> "$GITHUB_ENV"
297-
echo "EOF" >> "$GITHUB_ENV"
298-
env:
299-
IMAGE_TAG: ${{ steps.setup.outputs.image_tag }}
300-
PUSH_LATEST: ${{ steps.setup.outputs.push_latest }}
301-
302-
- name: Build and push to enterprise GAR
303-
uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7
304-
with:
305-
context: tools/postgres
306-
file: tools/postgres/Dockerfile
307-
push: true
308-
tags: ${{ env.IMAGE_TAGS }}
309-
cache-from: type=gha
310-
311175
build-and-push-syncserver-mysql:
312176
needs: check
313177
permissions:

CHANGELOG.md

Lines changed: 70 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,73 @@
1+
<a name="0.23.2"></a>
2+
## 0.23.2 (2026-06-17)
3+
4+
5+
#### Performance
6+
7+
* spanner mutation limit increase to 80000 max_total_records (#2327) ([a70ca645](https://github.com/mozilla-services/syncstorage-rs/commit/a70ca64588527887a90db8679155581cb33c3979))
8+
9+
#### Chore
10+
11+
* stop publishing the separate Docker purge-script images (#2377) ([a4ede2f1](https://github.com/mozilla-services/syncstorage-rs/commit/a4ede2f15e6096b4100d8cf42e24ef888579c7ee))
12+
* kill the removed BsoModified/Expiry secondary indices (#2382) ([d7e33e7e](https://github.com/mozilla-services/syncstorage-rs/commit/d7e33e7eb264997dac606f50cb03fd6fedb82e20))
13+
* tag 0.23.1 (#2385) ([b28317e9](https://github.com/mozilla-services/syncstorage-rs/commit/b28317e972f40a982c792a743554c13abe1cd2b2))
14+
* **deps:** bump pyjwt in /tools/syncstorage-loadtest (#2392) ([12dc1bf6](https://github.com/mozilla-services/syncstorage-rs/commit/12dc1bf63ffc59a89f11eeaacdb776abdc95dd32))
15+
16+
#### Bug Fixes
17+
18+
* add settings for FxA acct event SET `aud` and `iss` (#2393) ([a9a08fbd](https://github.com/mozilla-services/syncstorage-rs/commit/a9a08fbdc60b68474b52b2ca4090f2b91aa2eb42))
19+
* expose tokenserver endpoints only when enabled (#2394) ([f5e1b1c7](https://github.com/mozilla-services/syncstorage-rs/commit/f5e1b1c7f0f55d8b96ede583a7e0149a88f4c906))
20+
21+
22+
23+
<a name="0.23.1"></a>
24+
## 0.23.1 (2026-06-11)
25+
26+
27+
#### Chore
28+
29+
* pre commit hooks (#2360) ([a79f719c](https://github.com/mozilla-services/syncstorage-rs/commit/a79f719cac644c3a2c2b29977bafbf318f613cfa))
30+
* bump diesel async deadpool (#2340) ([a79eab8d](https://github.com/mozilla-services/syncstorage-rs/commit/a79eab8dd0a2c0fcceb43116504e62d56ec68a61))
31+
* rmv dependabot rebase (#2346) ([1f47d232](https://github.com/mozilla-services/syncstorage-rs/commit/1f47d23206aa6a98855ca9394e611dbef0b15463))
32+
* auto-rebase open Dependabot PRs on master merge (#2336) ([3a6051c8](https://github.com/mozilla-services/syncstorage-rs/commit/3a6051c81c5efcda36b7cfe173a763fcf47d310e))
33+
* classify tickets by work category in jira-status skill (#2338) ([81c94ead](https://github.com/mozilla-services/syncstorage-rs/commit/81c94ead3f99dcbe0296c01e3275402c405b1500))
34+
* bump low risk prod deps (#2334) ([c601009c](https://github.com/mozilla-services/syncstorage-rs/commit/c601009c409e28ff85eb6d52b98a7a87b1d172e6))
35+
* tag 0.23.0 (#2325) ([5bf90441](https://github.com/mozilla-services/syncstorage-rs/commit/5bf90441000e828db0ebde08c74742d782e7dae8))
36+
* **ci:** add ssdlc sbom workflow (#2368) ([6755204f](https://github.com/mozilla-services/syncstorage-rs/commit/6755204f18fcc83a3a0e61b90e6d2bbf0caa5fe7))
37+
* **deps:**
38+
* bump aiohttp in /tools/syncstorage-loadtest (#2364) ([e5085498](https://github.com/mozilla-services/syncstorage-rs/commit/e5085498ebf6d2ff94723a945a7186217c3b1c46))
39+
* bump webob from 1.8.9 to 1.8.10 in /tools/hawk (#2365) ([c17c04c7](https://github.com/mozilla-services/syncstorage-rs/commit/c17c04c76ec6fa85a98e01364df4fe4a25917f51))
40+
* bump cryptography in / (#2348) ([31e12ab4](https://github.com/mozilla-services/syncstorage-rs/commit/31e12ab4045db0d2837f9646ace2999e5f1418c2))
41+
* bump the actions-deps group across 1 directory with 4 updates (#2345) ([3f8cd35f](https://github.com/mozilla-services/syncstorage-rs/commit/3f8cd35f9c97def9d64f9a4b9aade05e398c3d0e))
42+
* bump openssl from 0.10.79 to 0.10.80 (#2321) ([94cc7c9b](https://github.com/mozilla-services/syncstorage-rs/commit/94cc7c9ba261deea95909dbee7a8441c93f8b134))
43+
* bump idna from 3.13 to 3.15 in /tools/integration_tests (#2320) ([4ecbda7c](https://github.com/mozilla-services/syncstorage-rs/commit/4ecbda7c0753fc9ec83e63a876cd7a8513a77f6f))
44+
* bump idna from 3.13 to 3.15 (#2319) ([f5ad19c2](https://github.com/mozilla-services/syncstorage-rs/commit/f5ad19c295f3113548d78217a2a27312cc9c3877))
45+
* bump idna from 3.13 to 3.15 in /tools/tokenserver (#2318) ([7b64575c](https://github.com/mozilla-services/syncstorage-rs/commit/7b64575c7fdfc79045e59fe64129a39d925224e8))
46+
* bump idna from 3.11 to 3.15 in /tools/syncstorage-loadtest (#2317) ([c094a90e](https://github.com/mozilla-services/syncstorage-rs/commit/c094a90e53939e088e08ce396bbf5f61bf2c5090))
47+
* bump idna from 3.11 to 3.15 in /tools/spanner (#2316) ([9bd34300](https://github.com/mozilla-services/syncstorage-rs/commit/9bd34300d955a09e20359d161d3b6e03c8821d1d))
48+
* bump idna from 3.11 to 3.15 in /tools/tokenserver/loadtests (#2315) ([4da7ae55](https://github.com/mozilla-services/syncstorage-rs/commit/4da7ae55359113cb5b4aa649dccb7944e525396a))
49+
* **settings:** fail fast when DATABASE_URL is unset (#2362) ([28df1660](https://github.com/mozilla-services/syncstorage-rs/commit/28df16601b126abb41e534da4ecebd36c67e4bea))
50+
51+
#### Bug Fixes
52+
53+
* use ms for generation value in account webhook event (#2366) ([65f169a9](https://github.com/mozilla-services/syncstorage-rs/commit/65f169a972933da315484d45de4750e46524496b))
54+
* update user_collection_quota (#2328) ([4d3f61f0](https://github.com/mozilla-services/syncstorage-rs/commit/4d3f61f0c06b37a9374659628165b7072b78d565))
55+
56+
#### Refactor
57+
58+
* **db:** use Spanner INSERT OR UPDATE DML (#2314) ([6eacda8b](https://github.com/mozilla-services/syncstorage-rs/commit/6eacda8be54e5bb46b0a022330bea54cc757ff1c))
59+
60+
#### Features
61+
62+
* add account webhook metrics and metrics-only mode (#2378) ([01d9e037](https://github.com/mozilla-services/syncstorage-rs/commit/01d9e037265b0eddff8188a3781aeab75852f818))
63+
* simplify spanner setup and tests with skill (#2330) ([c5329523](https://github.com/mozilla-services/syncstorage-rs/commit/c532952313f7aad2a7411a0ed93d271e369edd87))
64+
65+
#### Doc
66+
67+
* we run clog with --setversion (#2322) ([3b80cc85](https://github.com/mozilla-services/syncstorage-rs/commit/3b80cc85f8f2818bdbbbda1b2dbae2097eb8bc1c))
68+
69+
70+
171
<a name="0.23.0"></a>
272
## 0.23.0 (2026-05-21)
373

0 commit comments

Comments
 (0)