Deployment & Settings Changes - v1.61.0
Release: v1.61.0 Date: 2026-04-06
Summary
Impact Level: MEDIUM
Action Required: NO
Backward Compatible: YES
Quick Decision Matrix
| Component/Area | Change Type | Risk Level | Action Required | Impact |
|---|---|---|---|---|
| Environment Variables | New (optional) | LOW | NO | GlitchTip DSNs, S3 URL override |
| Database Schema | Migrations V94-V98 | MEDIUM | NO | Auto-applied by Flyway on startup |
| Kubernetes/Helm | Modified | LOW | NO | ModSecurity disabled, converter path, GlitchTip, error pages |
| Docker Images | Modified | NONE | NO | Standard image rebuild |
| Runtime Dependencies | No changes | NONE | NO | No dependency updates |
| Monitoring/Logging | New dashboards | LOW | NO | 5 Grafana dashboards + ClickHouse datasource |
Deployment Decision
Overall Risk: LOW
Recommended Action: APPROVE
Downtime Required: NO - Zero-downtime supported
Rollback Risk: MEDIUM - Database migration V97 modifies SVG content (GUID to numeric ID replacement). The change is safe and validated but cannot be automatically reversed.
Configuration Changes
Environment Variables
New Variables
| Variable | Service | Required | Default | Description |
|---|---|---|---|---|
AWS_PUBLIC_BASE_URL |
converter-service | No | (auto-detected) | Public URL base for S3-compatible storage providers |
S3_ENDPOINT |
editor-service | No | (AWS default) | Custom S3 endpoint for Garage/MinIO |
S3_PATH_STYLE |
editor-service | No | false |
Enable path-style S3 access (required for Garage/MinIO) |
GlitchTip Error Tracking (Optional)
Per-service error tracking via self-hosted GlitchTip. All DSNs are optional – if not set, error reporting is disabled for that service.
| Helm Value | Description |
|---|---|
glitchtip.editor.dsn |
Editor frontend DSN |
glitchtip.editor.environment |
Editor frontend environment name |
glitchtip.booking.dsn |
Booking frontend DSN |
glitchtip.booking.environment |
Booking frontend environment name |
glitchtip.editorService.dsn |
Editor backend DSN |
glitchtip.editorService.environment |
Editor backend environment name |
glitchtip.bookingService.dsn |
Booking backend DSN |
glitchtip.bookingService.environment |
Booking backend environment name |
Database Changes
Migrations
New Migrations: YES (5 migrations: V94-V98)
All are applied automatically on service startup by Flyway.
Migration Files
| File | Description | Impact | Rollback Safe |
|---|---|---|---|
V94__add_last_logout_at_to_user.sql |
Adds last_logout_at TIMESTAMP column to registered_user table |
LOW - additive column | Yes |
V95__add_seat_spacing.sql |
Adds seat_spacing NUMERIC(5,2) column to group_of_seats table |
LOW - additive column | Yes |
V96__unique_organization_keys.sql |
Replaces non-unique indexes on organization.private_key and organization.public_key with unique indexes (SEAT-791) |
LOW - index change only | Yes |
V97__replace_outline_svg_guids_with_numeric_ids.sql |
Replaces UUID strings with numeric group_of_seats.id in schema.generated_outline_svg column. Affects data-section-id and sm-bind-ga attributes. Includes integrity checks (SVG structure, size validation, no remaining GUIDs) |
MEDIUM - data migration | No - original GUIDs not recoverable |
V98__add_system_config.sql |
Creates system_config table (key VARCHAR PK, value VARCHAR) |
LOW - new table | Yes |
Schema Changes
New Tables
system_config: Key-value configuration store (keyVARCHAR(255) PK,valueVARCHAR(255) NOT NULL)
Modified Tables
registered_user: Addedlast_logout_at(TIMESTAMP, nullable)group_of_seats: Addedseat_spacing(NUMERIC(5,2), nullable)organization:private_keyandpublic_keyindexes changed from non-unique to unique
Data Migrations
- V97: Replaces GUID-format strings in
generated_outline_svgwith numeric IDs fromgroup_of_seats. Safety checks skip any schema where:- SVG does not start with
<svgafter replacement - SVG missing closing
</svg> - SVG shrank by more than 50%
- GUID-shaped strings remain in
data-section-idattributes
- SVG does not start with
Performance Impact
- Expected Migration Time: V94-V96, V98 under 1 second. V97 depends on number of schemas with outline SVGs (~34 schemas in production)
- Downtime Required: NO
- Table Locks: Brief lock during V96 index recreation
Kubernetes / Helm Changes
Helm Chart Values
ModSecurity WAF
ModSecurity OWASP Core Rule Set has been disabled in the default Helm values:
# Before (1.60.x)
nginx.ingress.kubernetes.io/enable-modsecurity: "true"
nginx.ingress.kubernetes.io/enable-owasp-core-rules: "true"
# After (1.61.0)
nginx.ingress.kubernetes.io/enable-modsecurity: "false"
nginx.ingress.kubernetes.io/enable-owasp-core-rules: "false"
Reason: OWASP CRS caused false-positive HTTP 403 responses on editor and booking API PUT/POST requests containing complex JSON bodies.
Action Required: NO – the change is in default values. If you had custom ModSecurity rules, they are unaffected.
Converter Image Repository
The converter image repository path has been updated from the legacy separate project to the monorepo registry:
# Before
converter.image.repository: registry.gitlab.com/seatmap.pro/converter
# After
converter.image.repository: registry.gitlab.com/seatmap.pro/seatmap/converter-service
Action Required: If you override converter.image.repository, update to the new path.
New: Custom Error Pages Chart
A new Helm subchart custom-error-pages provides branded error pages (502, 503, 504) served by a dedicated nginx pod. These are referenced by the ingress controller’s default-backend annotation.
New: GlitchTip Configuration
glitchtip:
editor:
dsn: ""
environment: ""
booking:
dsn: ""
environment: ""
editorService:
dsn: ""
environment: ""
bookingService:
dsn: ""
environment: ""
All values default to empty (disabled). Set DSNs to enable per-service error tracking.
Observability
Five new Grafana dashboard ConfigMaps added:
| Dashboard | Description |
|---|---|
dashboard-booking.yaml |
Booking service HTTP metrics, error rates, response times |
dashboard-clients.yaml |
Client activity: domains, versions, init errors |
dashboard-deployments.yaml |
Heartbeat monitoring, instance tracking |
dashboard-editor.yaml |
Editor service metrics, API usage |
dashboard-issues.yaml |
Error tracking aggregation |
New: ClickHouse Grafana datasource (grafana-datasource-clickhouse.yaml) for the statistics service.
Action Required: NO for existing deployments. Dashboards are auto-discovered by Grafana sidecar if observability.enabled: true.
Internal Infrastructure Changes
These changes affect internal development and CI/CD infrastructure. No action required for production or self-hosted deployments.
Statistics Service
The statistics service (Python 3.11, FastAPI, ClickHouse) has been adopted into the monorepo from a separate repository. Includes per-installation instance ID tracking, component versioning, and heartbeat collection.
Flux GitOps
CI/CD deployment has been migrated from direct helm upgrade commands to Flux GitOps. The CI pipeline now updates image tags in the Flux repo, and Flux reconciles deployments.
Cloud Migration
Production cluster has been migrated to Hetzner Cloud (3x cx43 nodes with k3s). The internal (.108) cluster continues to serve dev and stage environments.
Garage S3
MicroK8s development environment now uses Garage (S3-compatible object storage) instead of direct file system storage.
Rollback
Rollback Support: Redeploy previous version via CI/CD
Database Rollback: V94, V95, V96, V98 are safe to roll back manually (additive changes). V97 is a one-way data migration – the application code works with both GUID and numeric IDs, so rolling back the application without reversing V97 is safe.
Procedure: Redeploy the previous application version. Database migrations V94-V98 are all additive or non-destructive to existing application behavior.
Related Documentation
- Release Notes - Product-focused overview
- Renderer API Changes - Frontend integration updates
- Backend API Changes - REST API modifications