-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdeployment.yaml
More file actions
146 lines (146 loc) · 3.71 KB
/
deployment.yaml
File metadata and controls
146 lines (146 loc) · 3.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
#@ load("@ytt:data", "data")
---
apiVersion: v1
kind: Namespace
metadata:
name: issues2stories
labels:
app: issues2stories
---
apiVersion: v1
kind: Secret
metadata:
name: issues2stories-api-tokens
namespace: issues2stories
labels:
app: issues2stories
type: Opaque
stringData:
tracker: #@ data.values.tracker_token
github: #@ data.values.github_token
---
apiVersion: v1
kind: Secret
metadata:
name: issues2stories-basic-auth
namespace: issues2stories
labels:
app: issues2stories
type: kubernetes.io/basic-auth
stringData:
username: #@ data.values.basic_auth_username
password: #@ data.values.basic_auth_password
---
kind: ConfigMap
apiVersion: v1
metadata:
name: issues2stories-configmap
namespace: issues2stories
labels:
app: issues2stories
data:
#@yaml/text-templated-strings
config.yaml: |
tracker_id_to_github_username_mapping: (@= data.values.tracker_id_to_github_username_mapping or "null" @)
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: issues2stories
namespace: issues2stories
labels:
app: issues2stories
spec:
replicas: 2
selector:
matchLabels:
app: issues2stories
template:
metadata:
labels:
app: issues2stories
spec:
containers:
- name: issues2stories
image: #@ data.values.container_image
imagePullPolicy: Always
volumeMounts:
- name: config-volume
mountPath: /etc/config
env:
- name: GITHUB_ORG
value: #@ data.values.github_org
- name: GITHUB_REPO
value: #@ data.values.github_repo
- name: TRACKER_API_TOKEN
valueFrom:
secretKeyRef:
name: issues2stories-api-tokens
key: tracker
- name: GITHUB_API_TOKEN
valueFrom:
secretKeyRef:
name: issues2stories-api-tokens
key: github
- name: BASIC_AUTH_USERNAME
valueFrom:
secretKeyRef:
name: issues2stories-basic-auth
key: username
- name: BASIC_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: issues2stories-basic-auth
key: password
volumes:
- name: config-volume
configMap:
name: issues2stories-configmap
---
apiVersion: v1
kind: Service
metadata:
name: issues2stories
namespace: issues2stories
labels:
app: issues2stories
spec:
type: NodePort
selector:
app: issues2stories
ports:
- protocol: TCP
port: 60000
targetPort: 8080
---
#! Create a Google-managed TLS cert for the app, which will be associated with the ingress below
apiVersion: networking.gke.io/v1beta2 #! note that this may need to use v1 on newer GKE clusters
kind: ManagedCertificate
metadata:
name: issues2stories
namespace: issues2stories
labels:
app: issues2stories
spec:
domains:
- #@ data.values.domain_name
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: issues2stories
namespace: issues2stories
labels:
app: issues2stories
annotations:
kubernetes.io/ingress.class: gce #! External load balancer
kubernetes.io/ingress.allow-http: "false" #! Turn off http. Must be the string "false" (not the boolean).
networking.gke.io/managed-certificates: issues2stories #! Name of ManagedCertificate above.
#! Static IP must defined in advance here: https://console.cloud.google.com/networking/addresses/list
kubernetes.io/ingress.global-static-ip-name: #@ data.values.ingress_global_static_ip_name
spec:
defaultBackend:
service:
name: issues2stories
port:
number: 60000