diff --git a/devops/gcp/deploy/templates/indexer-deploy.yml b/devops/gcp/deploy/templates/indexer-deploy.yml
index fcbe1a8708b76eb20517324fe46cec9bf1eaa6b0..2cd5d863e8075527279c5e4a26fab4d7471b78ad 100644
--- a/devops/gcp/deploy/templates/indexer-deploy.yml
+++ b/devops/gcp/deploy/templates/indexer-deploy.yml
@@ -23,7 +23,9 @@ spec:
imagePullPolicy: "{{ .Values.data.imagePullPolicy }}"
envFrom:
- configMapRef:
- name: "{{ .Values.conf.configmap }}"
+ name: "{{ .Values.conf.configmap }}"
+ - secretRef:
+ name: "{{ .Values.conf.elastic_secret_name }}"
securityContext:
allowPrivilegeEscalation: false
runAsUser: 0
diff --git a/devops/gcp/deploy/values.yaml b/devops/gcp/deploy/values.yaml
index cb2dc074295ad64cccccaf0fa60382016736fb9b..3ae46b413512e04ad6f574c68a9bbd0f9bfe557c 100644
--- a/devops/gcp/deploy/values.yaml
+++ b/devops/gcp/deploy/values.yaml
@@ -13,4 +13,5 @@ data:
conf:
configmap: "indexer-config"
+ elastic_secret_name: "elastic-secret"
app_name: "indexer"
diff --git a/provider/indexer-gcp/README.md b/provider/indexer-gcp/README.md
index c4ea917bc3ffe5d2887485c75dd0bd0b3542bed3..702ee72d8c365ae2aca410f98ff4cf7389b0fcd0 100644
--- a/provider/indexer-gcp/README.md
+++ b/provider/indexer-gcp/README.md
@@ -205,6 +205,8 @@ Storage service account should have entitlements groups listed below:
- service.storage.viewer
- service.schema-service.viewers
- data.default.viewers
+- service.storage.admin
+- service.search.admin
## Licence
Copyright © Google LLC
diff --git a/provider/indexer-gcp/docs/anthos/README.md b/provider/indexer-gcp/docs/anthos/README.md
index 90cb1a8b9ed4e39f7e9f80be0ad42524b77d7ace..9cffb88ebe038d536a29636ad7a9c7bdea69a93e 100644
--- a/provider/indexer-gcp/docs/anthos/README.md
+++ b/provider/indexer-gcp/docs/anthos/README.md
@@ -27,7 +27,7 @@ Defined in default application property file but possible to override:
| `PARTITION_HOST` | ex `https://partition.com` | Partition host | no | output of infrastructure deployment |
| `ENTITLEMENTS_HOST` | ex `https://entitlements.com` | Entitlements host | no | output of infrastructure deployment |
| `STORAGE_HOST` | ex `https://storage.com` | Storage host | no | output of infrastructure deployment |
-| `INDEXER_QUEUE_HOST` | ex `http://indexer-queue` | Indexer-Queue host | no | output of infrastructure deployment |
+| `INDEXER_QUEUE_HOST` | ex `http://indexer-queue/api/indexer-queue/v1/_dps/task-handlers/enqueue` | Indexer-Queue host endpoint used for reprocessing tasks| no | output of infrastructure deployment |
| `SCHEMA_BASE_HOST` | ex `https://schema.com` | Schema service host | no | output of infrastructure deployment |
These variables define service behavior, and are used to switch between `anthos` or `gcp` environments, their overriding and usage in mixed mode was not tested.
diff --git a/provider/indexer-gcp/docs/gcp/README.md b/provider/indexer-gcp/docs/gcp/README.md
index 494169b1634af2e093c39038688987e78de6d726..54e948b320b8053bb9d289f836e041c7814fab4b 100644
--- a/provider/indexer-gcp/docs/gcp/README.md
+++ b/provider/indexer-gcp/docs/gcp/README.md
@@ -25,7 +25,7 @@ Defined in default application property file but possible to override:
| `PARTITION_HOST` | ex `https://partition.com` | Partition host | no | output of infrastructure deployment |
| `ENTITLEMENTS_HOST` | ex `https://entitlements.com` | Entitlements host | no | output of infrastructure deployment |
| `STORAGE_HOST` | ex `https://storage.com` | Storage host | no | output of infrastructure deployment |
-| `INDEXER_QUEUE_HOST` | ex `http://indexer-queue` | Indexer-Queue host | no | output of infrastructure deployment |
+| `INDEXER_QUEUE_HOST` | ex `http://indexer-queue/api/indexer-queue/v1/_dps/task-handlers/enqueue` | Indexer-Queue host endpoint used for reprocessing tasks | no | output of infrastructure deployment |
| `SCHEMA_BASE_HOST` | ex `https://schema.com` | Schema service host | no | output of infrastructure deployment |
| `GOOGLE_APPLICATION_CREDENTIALS` | ex `/path/to/directory/service-key.json` | Service account credentials, you only need this if running locally | yes | https://console.cloud.google.com/iam-admin/serviceaccounts |