platform/manifests
1
1
Fork 0
Code Issues 7 Pull Requests 6 Actions Packages Projects Releases Wiki Activity

feat: add openfga app and kustomizations

Browse Source
This commit is contained in:
Jonas Juselius
2024-08-27 15:09:40 +02:00
parent 29fc43f796
commit ed71d76790
9 changed files with 159 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
kustomizations/openfga/base/cluster.yaml
+19
View File
@@ -0,0 +1,19 @@
apiVersion: postgresql.cnpg.io/v1
kind: Cluster
metadata:
name: openfga-db
spec:
enableSuperuserAccess: true
instances: 2
logLevel: info
storage:
pvcTemplate:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: managed-nfs-storage
volumeMode: Filesystem
resizeInUseVolumes: true
size: 1Gi
kustomizations/openfga/base/kustomization.yaml
+5
View File
@@ -0,0 +1,5 @@
generatorOptions:
disableNameSuffixHash: true
resources:
- cluster.yaml
- _manifest.yaml
kustomizations/openfga/prod/kustomization.yaml
+3
View File
@@ -0,0 +1,3 @@
namePrefix: prod-
resources:
- ../base
kustomizations/openfga/staging/cluster_patch.yaml
+3
View File
@@ -0,0 +1,3 @@
- op: replace
path: /spec/instances
value: 1
kustomizations/openfga/staging/kustomization.yaml
+9
View File
@@ -0,0 +1,9 @@
namePrefix: staging-
patches:
- target:
group: postgresql.cnpg.io
version: v1
kind: Cluster
path: cluster_patch.yaml
resources:
- ../base
kustomizations/openfga/values-prod.yaml
+36
View File
@@ -0,0 +1,36 @@
replicaCount: 2
datastore:
engine: postgres
uri: postgres://prod-openfga-db.idp.svc.cluster.local:5432/app?sslmode=disable
postgresql:
enabled: true
auth:
username: app
existingSecret: prod-openfga-db-app
secretKeys:
userPasswordKey: password
playground:
enabled: false
port: 3000
ingress:
enabled: true
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
hosts:
- host: a11n.srv.oceanbox.io
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: staging-openfga-tls
hosts:
- a11n.srv.oceanbox.io
kustomizations/openfga/values-staging.yaml
+36
View File
@@ -0,0 +1,36 @@
replicaCount: 1
datastore:
engine: postgres
uri: postgres://staging-openfga-db.idp.svc.cluster.local:5432/app?sslmode=disable
postgresql:
enabled: true
auth:
username: app
existingSecret: staging-openfga-db-app
secretKeys:
userPasswordKey: password
playground:
enabled: true
port: 3000
ingress:
enabled: true
className: nginx
annotations:
cert-manager.io/cluster-issuer: letsencrypt-staging
nginx.ingress.kubernetes.io/ssl-redirect: "true"
nginx.ingress.kubernetes.io/whitelist-source-range: 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
hosts:
- host: a11n.dev.oceanbox.io
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: staging-openfga-tls
hosts:
- a11n.dev.oceanbox.io