devel: rename manifests/ to kustomizations/
This commit is contained in:
Jonas Juselius
@@ -0,0 +1,14 @@
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/livenessProbe/httpGet/path
|
||||
value: /healthz
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/readinessProbe/httpGet/path
|
||||
value: /healthz
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/env/-
|
||||
value:
|
||||
name: INTRERNAL_PORT
|
||||
value: "8000"
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/envFrom
|
||||
value: []
|
||||
@@ -0,0 +1,14 @@
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
patches:
|
||||
- target:
|
||||
version: v1
|
||||
group: apps
|
||||
kind: Deployment
|
||||
path: deployment_patch.yaml
|
||||
- target:
|
||||
version: v1
|
||||
kind: Service
|
||||
path: service_patch.yaml
|
||||
resources:
|
||||
- _manifest.yaml
|
||||
@@ -0,0 +1,7 @@
|
||||
- op: add
|
||||
path: /spec/ports/-
|
||||
value:
|
||||
name: intra
|
||||
port: 8000
|
||||
protocol: TCP
|
||||
targetPort: 8000
|
||||
@@ -0,0 +1 @@
|
||||
oceanbox/atlantis
|
||||
@@ -0,0 +1,36 @@
|
||||
{
|
||||
"oidc": {
|
||||
"issuer": "https://idp.oceanbox.io/dex",
|
||||
"authorization_endpoint": "https://idp.oceanbox.io/dex/auth",
|
||||
"token_endpoint": "https://idp.oceanbox.io/dex/token",
|
||||
"jwks_uri": "https://idp.oceanbox.io/dex/keys",
|
||||
"userinfo_endpoint": "https://idp.oceanbox.io/dex/userinfo",
|
||||
"device_authorization_endpoint": "https://idp.oceanbox.io/dex/device/code",
|
||||
"clientId": "atlantis",
|
||||
"clientSecret": "",
|
||||
"scopes": [
|
||||
"openid",
|
||||
"email",
|
||||
"offline_access",
|
||||
"profile"
|
||||
]
|
||||
},
|
||||
"sso": {
|
||||
"cookieDomain": ".oceanbox.io",
|
||||
"signedOutRedirectUri": "https://idp.oceanbox.io/dex/static/logout.html",
|
||||
"redis": "prod-redis-master.redis.svc,user=default,password=secret",
|
||||
"appDomain": "atlantis",
|
||||
"dataProtectionKeys": "DataProtection-Keys"
|
||||
},
|
||||
"archmeister" : "https://archmeister.srv.oceanbox.io",
|
||||
"sorcerer" : "https://sorcerer.data.oceanbox.io",
|
||||
"allowedOrigins": [
|
||||
"http://maps.oceanbox.io",
|
||||
"https://maps.oceanbox.io",
|
||||
"http://atlantis.srv.oceanbox.io",
|
||||
"https://atlantis.srv.oceanbox.io"
|
||||
],
|
||||
"logService" : "https://seq.adm.oceanbox.io",
|
||||
"logApiKey": "",
|
||||
"deployEnv": "prod"
|
||||
}
|
||||
@@ -0,0 +1,2 @@
|
||||
client-id=simen.kirkvik@tromso.serit.no:simkir-tilt-atlantis
|
||||
secret=d9tInZ1XpeDAxD.DySv'*SB=P
|
||||
@@ -0,0 +1,2 @@
|
||||
OIDC_CLIENT_SECRET=KOJ6bDHzE5vdyfSrzgwLjtM5PzA809Zm
|
||||
SEQ_APIKEY=v9RfeLBD9Si7OkFlkjPm
|
||||
@@ -0,0 +1,41 @@
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/0
|
||||
value:
|
||||
name: LOG_LEVEL
|
||||
value: "4"
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/env/-
|
||||
value:
|
||||
name: BARENTSWATCH_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: prod-atlantis-barentswatch
|
||||
key: secret
|
||||
optional: true
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/env/-
|
||||
value:
|
||||
name: BARENTSWATCH_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: prod-atlantis-barentswatch
|
||||
key: client-id
|
||||
optional: true
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/env/-
|
||||
value:
|
||||
name: REDIS_USER
|
||||
value: default
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/env/-
|
||||
value:
|
||||
name: REDIS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: prod-redis
|
||||
key: redis-password
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/envFrom/-
|
||||
value:
|
||||
secretRef:
|
||||
name: prod-atlantis-env
|
||||
@@ -0,0 +1,21 @@
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
||||
secretGenerator:
|
||||
- name: prod-atlantis-appsettings
|
||||
files:
|
||||
- appsettings.json
|
||||
- name: prod-atlantis-env
|
||||
envs:
|
||||
- default.env
|
||||
- name: prod-atlantis-barentswatch
|
||||
envs:
|
||||
- barentswatch-api.env
|
||||
patches:
|
||||
- target:
|
||||
group: apps
|
||||
version: v1
|
||||
kind: Deployment
|
||||
path: deployment_patch.yaml
|
||||
resources:
|
||||
- ../base
|
||||
- subscriptions.yaml
|
||||
@@ -0,0 +1,25 @@
|
||||
apiVersion: dapr.io/v1alpha1
|
||||
kind: Subscription
|
||||
metadata:
|
||||
name: hipster-events
|
||||
spec:
|
||||
topic: hipster
|
||||
route: /hipster-events
|
||||
pubsubname: pubsub
|
||||
metadata:
|
||||
queueType: quorum
|
||||
scopes:
|
||||
- prod-atlantis
|
||||
---
|
||||
apiVersion: dapr.io/v1alpha1
|
||||
kind: Subscription
|
||||
metadata:
|
||||
name: inbox-events
|
||||
spec:
|
||||
topic: inbox
|
||||
route: /inbox-events
|
||||
pubsubname: pubsub
|
||||
metadata:
|
||||
queueType: quorum
|
||||
scopes:
|
||||
- prod-atlantis
|
||||
@@ -0,0 +1,34 @@
|
||||
{
|
||||
"oidc": {
|
||||
"issuer": "https://idp.oceanbox.io/dex",
|
||||
"authorization_endpoint": "https://idp.oceanbox.io/dex/auth",
|
||||
"token_endpoint": "https://idp.oceanbox.io/dex/token",
|
||||
"jwks_uri": "https://idp.oceanbox.io/dex/keys",
|
||||
"userinfo_endpoint": "https://idp.oceanbox.io/dex/userinfo",
|
||||
"device_authorization_endpoint": "https://idp.oceanbox.io/dex/device/code",
|
||||
"clientId": "atlantis_dev",
|
||||
"clientSecret": "",
|
||||
"scopes": [
|
||||
"openid",
|
||||
"email",
|
||||
"offline_access",
|
||||
"profile"
|
||||
]
|
||||
},
|
||||
"sso": {
|
||||
"cookieDomain": ".oceanbox.io",
|
||||
"signedOutRedirectUri": "https://idp.oceanbox.io/dex/static/logout.html",
|
||||
"redis": "staging-redis-master.redis.svc,user=default,password=secret",
|
||||
"appDomain": "atlantis",
|
||||
"dataProtectionKeys": "DataProtection-Keys"
|
||||
},
|
||||
"archmeister" : "https://archmeister.beta.oceanbox.io",
|
||||
"sorcerer" : "https://sorcerer.ekman.oceanbox.io",
|
||||
"allowedOrigins": [
|
||||
"http://atlantis.beta.oceanbox.io",
|
||||
"https://atlantis.beta.oceanbox.io"
|
||||
],
|
||||
"logService" : "https://seq.adm.oceanbox.io",
|
||||
"logApiKey": "",
|
||||
"deployEnv": "staging"
|
||||
}
|
||||
@@ -0,0 +1 @@
|
||||
oceanbox:$apr1$4njCUY7A$fmWQSymNJ6abSHvwDpNGU/
|
||||
@@ -0,0 +1,2 @@
|
||||
client-id=simen.kirkvik@tromso.serit.no:simkir-tilt-atlantis
|
||||
secret=d9tInZ1XpeDAxD.DySv'*SB=P
|
||||
@@ -0,0 +1,2 @@
|
||||
OIDC_CLIENT_SECRET=3QjfSPmAemjn34XVA2o1fvoS7I4gKvOR
|
||||
SEQ_APIKEY=v9RfeLBD9Si7OkFlkjPm
|
||||
@@ -0,0 +1,41 @@
|
||||
- op: replace
|
||||
path: /spec/template/spec/containers/0/env/0
|
||||
value:
|
||||
name: LOG_LEVEL
|
||||
value: "4"
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/env/-
|
||||
value:
|
||||
name: BARENTSWATCH_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: staging-atlantis-barentswatch
|
||||
key: secret
|
||||
optional: true
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/env/-
|
||||
value:
|
||||
name: BARENTSWATCH_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: staging-atlantis-barentswatch
|
||||
key: client-id
|
||||
optional: true
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/env/-
|
||||
value:
|
||||
name: REDIS_USER
|
||||
value: default
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/env/-
|
||||
value:
|
||||
name: REDIS_PASSWORD
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: staging-redis
|
||||
key: redis-password
|
||||
- op: add
|
||||
path: /spec/template/spec/containers/0/envFrom/-
|
||||
value:
|
||||
secretRef:
|
||||
name: staging-atlantis-env
|
||||
@@ -0,0 +1,21 @@
|
||||
generatorOptions:
|
||||
disableNameSuffixHash: true
|
||||
secretGenerator:
|
||||
- name: staging-atlantis-appsettings
|
||||
files:
|
||||
- appsettings.json
|
||||
- name: staging-atlantis-env
|
||||
envs:
|
||||
- default.env
|
||||
- name: staging-atlantis-barentswatch
|
||||
envs:
|
||||
- barentswatch-api.env
|
||||
patches:
|
||||
- target:
|
||||
group: apps
|
||||
version: v1
|
||||
kind: Deployment
|
||||
path: deployment_patch.yaml
|
||||
resources:
|
||||
- ../base
|
||||
- subscriptions.yaml
|
||||
@@ -0,0 +1,25 @@
|
||||
apiVersion: dapr.io/v1alpha1
|
||||
kind: Subscription
|
||||
metadata:
|
||||
name: hipster-events
|
||||
spec:
|
||||
topic: hipster
|
||||
route: /hipster-events
|
||||
pubsubname: pubsub
|
||||
metadata:
|
||||
queueType: quorum
|
||||
scopes:
|
||||
- staging-atlantis
|
||||
---
|
||||
apiVersion: dapr.io/v1alpha1
|
||||
kind: Subscription
|
||||
metadata:
|
||||
name: inbox-events
|
||||
spec:
|
||||
topic: inbox
|
||||
route: /inbox-events
|
||||
pubsubname: pubsub
|
||||
metadata:
|
||||
queueType: quorum
|
||||
scopes:
|
||||
- staging-atlantis
|
||||
@@ -0,0 +1,44 @@
|
||||
podAnnotations:
|
||||
dapr.io/app-id: "prod-atlantis"
|
||||
dapr.io/enabled: "true"
|
||||
dapr.io/app-port: "8000"
|
||||
dapr.io/config: "tracing"
|
||||
dapr.io/app-protocol: "http"
|
||||
dapr.io/enable-app-health-check: "true"
|
||||
dapr.io/app-health-check-path: "/healthz"
|
||||
dapr.io/app-health-probe-interval: "3"
|
||||
dapr.io/app-health-probe-timeout: "200"
|
||||
dapr.io/app-health-threshold: "2"
|
||||
dapr.io/sidecar-cpu-request: "100m"
|
||||
dapr.io/sidecar-memory-request: "250Mi"
|
||||
dapr.io/sidecar-cpu-limit: "300m"
|
||||
dapr.io/sidecar-memory-limit: "1000Mi"
|
||||
dapr.io/log-as-json: "true"
|
||||
|
||||
ingress:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
|
||||
hosts:
|
||||
- host: atlantis.srv.oceanbox.io
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
- host: maps.oceanbox.io
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- hosts:
|
||||
- atlantis.srv.oceanbox.io
|
||||
- maps.oceanbox.io
|
||||
secretName: atlantis-tls
|
||||
|
||||
resources:
|
||||
limits:
|
||||
cpu: 250m
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 250m
|
||||
memory: 1Gi
|
||||
|
||||
@@ -0,0 +1,50 @@
|
||||
podAnnotations:
|
||||
dapr.io/app-id: "staging-atlantis"
|
||||
dapr.io/enabled: "true"
|
||||
dapr.io/app-port: "8000"
|
||||
dapr.io/config: "tracing"
|
||||
dapr.io/app-protocol: "http"
|
||||
dapr.io/enable-app-health-check: "true"
|
||||
dapr.io/app-health-check-path: "/healthz"
|
||||
dapr.io/app-health-probe-interval: "3"
|
||||
dapr.io/app-health-probe-timeout: "200"
|
||||
dapr.io/app-health-threshold: "2"
|
||||
dapr.io/sidecar-cpu-request: "100m"
|
||||
dapr.io/sidecar-memory-request: "250Mi"
|
||||
dapr.io/sidecar-cpu-limit: "300m"
|
||||
dapr.io/sidecar-memory-limit: "1000Mi"
|
||||
dapr.io/log-as-json: "true"
|
||||
|
||||
image:
|
||||
tag: c0c8de05-debug
|
||||
ingress:
|
||||
annotations:
|
||||
cert-manager.io/cluster-issuer: letsencrypt-production
|
||||
nginx.ingress.kubernetes.io/proxy-buffer-size: 128k
|
||||
# atlantis.oceanbox.io/expose: internal
|
||||
hosts:
|
||||
- host: atlantis.beta.oceanbox.io
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
- host: atlas.oceanbox.io
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
- host: beta.oceanbox.io
|
||||
paths:
|
||||
- path: /
|
||||
pathType: ImplementationSpecific
|
||||
tls:
|
||||
- hosts:
|
||||
- atlantis.beta.oceanbox.io
|
||||
- atlas.oceanbox.io
|
||||
- beta.oceanbox.io
|
||||
secretName: staging-atlantis-tls
|
||||
resources:
|
||||
limits:
|
||||
cpu: 250m
|
||||
memory: 1Gi
|
||||
requests:
|
||||
cpu: 250m
|
||||
memory: 1Gi
|
||||
Reference in New Issue
Block a user