Skip to content

Commit

Permalink
Merge pull request #146 from bcgov/kickstart2
Browse files Browse the repository at this point in the history 
Adding caddy
  • Loading branch information
@barrfalk
barrfalk authored Mar 30, 2024
2 parents 7b77d26 + 821101b commit 32d7160
Show file tree
Hide file tree
Showing 32 changed files with 14,287 additions and 14,732 deletions.
9 changes: 4 additions & 5 deletions .dockerignore
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,4 @@
**/node_modules
.*
*.md
Dockerfile
.git*/
build/
cypress/
node_modules/
.env
147 changes: 128 additions & 19 deletions .github/openshift/deploy.backend.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,28 @@ objects:
name: ${REGISTRY}/${PROMOTE}
referencePolicy:
type: Local
- apiVersion: v1
kind: Secret
metadata:
name: ticdi-sessions
labels:
app: ${NAME}
stringData:
cookie_secret: ${cookie_secret}
session_secret: ${session_secret}
- kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: ticdi-sessions
labels:
app: ${NAME}-${ZONE}
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: "256Mi"
storageClassName: netapp-file-standard
- apiVersion: v1
kind: DeploymentConfig
metadata:
Expand Down Expand Up @@ -73,6 +95,10 @@ objects:
app: ${NAME}-${ZONE}
deploymentconfig: ${NAME}-${ZONE}-${COMPONENT}
spec:
volumes:
- name: ticdi-sessions
persistentVolumeClaim:
claimName: ticdi-sessions
containers:
- image: ${NAME}-${ZONE}-${COMPONENT}:${IMAGE_TAG}
imagePullPolicy: Always
Expand All @@ -95,6 +121,86 @@ objects:
secretKeyRef:
name: ${NAME}-${ZONE}-database
key: database-user
- name: cookie_secret
valueFrom:
secretKeyRef:
name: ticdi-sessions
key: cookie_secret
- name: session_secret
valueFrom:
secretKeyRef:
name: ticdi-sessions
key: session_secret
- name: keycloak_base_url
valueFrom:
secretKeyRef:
name: keycloak
key: keycloak_base_url
- name: keycloak_realm
valueFrom:
secretKeyRef:
name: keycloak
key: keycloak_realm
- name: keycloak_client_id
valueFrom:
secretKeyRef:
name: keycloak
key: keycloak_client_id
- name: keycloak_secret
valueFrom:
secretKeyRef:
name: keycloak
key: keycloak_secret
- name: cdogs_service_client_id
valueFrom:
secretKeyRef:
name: cdogs
key: cdogs_service_client_id
- name: cdogs_service_client_secret
valueFrom:
secretKeyRef:
name: cdogs
key: cdogs_service_client_secret
- name: cdogs_url
valueFrom:
secretKeyRef:
name: cdogs
key: cdogs_url
- name: cdogs_token_endpoint
valueFrom:
secretKeyRef:
name: cdogs
key: cdogs_token_endpoint
- name: users_api_base_url
valueFrom:
secretKeyRef:
name: css-users-api
key: users_api_base_url
- name: css_environment
valueFrom:
secretKeyRef:
name: css-users-api
key: css_environment
- name: integration_id
valueFrom:
secretKeyRef:
name: css-users-api
key: integration_id
- name: users_api_token_url
valueFrom:
secretKeyRef:
name: css-users-api
key: users_api_token_url
- name: users_api_client_id
valueFrom:
secretKeyRef:
name: css-users-api
key: users_api_client_id
- name: users_api_client_secret
valueFrom:
secretKeyRef:
name: css-users-api
key: users_api_client_secret
ports:
- containerPort: 3000
protocol: TCP
Expand All @@ -104,7 +210,7 @@ objects:
memory: ${MEMORY_REQUEST}
readinessProbe:
httpGet:
path: /
path: /report
port: 3000
scheme: HTTP
initialDelaySeconds: 60
Expand All @@ -114,14 +220,17 @@ objects:
successThreshold: 1
failureThreshold: 3
httpGet:
path: /
path: /report
port: 3000
scheme: HTTP
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 5
securityContext:
allowPrivilegeEscalation: true
volumeMounts:
- mountPath: /mnt/sessions
name: ticdi-sessions
- apiVersion: v1
kind: Service
metadata:
Expand All @@ -136,20 +245,20 @@ objects:
targetPort: 3000
selector:
deploymentconfig: ${NAME}-${ZONE}-${COMPONENT}
# - apiVersion: route.openshift.io/v1
# kind: Route
# metadata:
# labels:
# app: ${NAME}-${ZONE}
# name: ${NAME}-${ZONE}-${COMPONENT}
# spec:
# host: ${NAME}-${ZONE}-${COMPONENT}.${DOMAIN}
# port:
# targetPort: 3000-tcp
# to:
# kind: Service
# name: ${NAME}-${ZONE}-${COMPONENT}
# weight: 100
# tls:
# termination: edge
# insecureEdgeTerminationPolicy: Redirect
- apiVersion: route.openshift.io/v1
kind: Route
metadata:
labels:
app: ${NAME}-${ZONE}
name: ${NAME}-${ZONE}-${COMPONENT}
spec:
host: ${NAME}-${ZONE}-${COMPONENT}.${DOMAIN}
port:
targetPort: 3000-tcp
to:
kind: Service
name: ${NAME}-${ZONE}-${COMPONENT}
weight: 100
tls:
termination: edge
insecureEdgeTerminationPolicy: Redirect
121 changes: 10 additions & 111 deletions .github/openshift/deploy.frontend.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,9 @@ parameters:
- name: PROMOTE
description: Image (namespace/name:tag) to promote/import
value: bcgov/nr-ticdi:prod-frontend
- name: LOG_LEVEL
description: Caddy logging level DEBUG, INFO, WARN, ERROR, PANIC, and FATAL (https://github.com/caddyserver/caddy/blob/master/logging.go)
value: "info"
objects:
- apiVersion: v1
kind: ImageStream
Expand All @@ -53,28 +56,6 @@ objects:
name: ${REGISTRY}/${PROMOTE}
referencePolicy:
type: Local
- apiVersion: v1
kind: Secret
metadata:
name: ticdi-sessions
labels:
app: ${NAME}
stringData:
cookie_secret: ${cookie_secret}
session_secret: ${session_secret}
- kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: ticdi-sessions
labels:
app: ${NAME}-${ZONE}
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: "256Mi"
storageClassName: netapp-file-standard
- apiVersion: v1
kind: DeploymentConfig
metadata:
Expand Down Expand Up @@ -103,12 +84,11 @@ objects:
app: ${NAME}-${ZONE}
deploymentconfig: ${NAME}-${ZONE}-${COMPONENT}
spec:
volumes:
- name: ticdi-sessions
persistentVolumeClaim:
claimName: ticdi-sessions
containers:
- image: ${NAME}-${ZONE}-${COMPONENT}:${IMAGE_TAG}
securityContext:
capabilities:
add: ["NET_BIND_SERVICE"]
imagePullPolicy: Always
name: ${NAME}
env:
Expand Down Expand Up @@ -149,90 +129,12 @@ objects:
secretKeyRef:
name: ttls
key: ttls_api_endpoint
- name: backend_url
value: http://${NAME}-${ZONE}-backend
- name: BACKEND_URL
value: https://${NAME}-${ZONE}-backend.${DOMAIN}
- name: session_path
value: '/mnt/sessions'
- name: cookie_secret
valueFrom:
secretKeyRef:
name: ticdi-sessions
key: cookie_secret
- name: session_secret
valueFrom:
secretKeyRef:
name: ticdi-sessions
key: session_secret
- name: keycloak_base_url
valueFrom:
secretKeyRef:
name: keycloak
key: keycloak_base_url
- name: keycloak_realm
valueFrom:
secretKeyRef:
name: keycloak
key: keycloak_realm
- name: keycloak_client_id
valueFrom:
secretKeyRef:
name: keycloak
key: keycloak_client_id
- name: keycloak_secret
valueFrom:
secretKeyRef:
name: keycloak
key: keycloak_secret
- name: cdogs_service_client_id
valueFrom:
secretKeyRef:
name: cdogs
key: cdogs_service_client_id
- name: cdogs_service_client_secret
valueFrom:
secretKeyRef:
name: cdogs
key: cdogs_service_client_secret
- name: cdogs_url
valueFrom:
secretKeyRef:
name: cdogs
key: cdogs_url
- name: cdogs_token_endpoint
valueFrom:
secretKeyRef:
name: cdogs
key: cdogs_token_endpoint
- name: users_api_base_url
valueFrom:
secretKeyRef:
name: css-users-api
key: users_api_base_url
- name: css_environment
valueFrom:
secretKeyRef:
name: css-users-api
key: css_environment
- name: integration_id
valueFrom:
secretKeyRef:
name: css-users-api
key: integration_id
- name: users_api_token_url
valueFrom:
secretKeyRef:
name: css-users-api
key: users_api_token_url
- name: users_api_client_id
valueFrom:
secretKeyRef:
name: css-users-api
key: users_api_client_id
- name: users_api_client_secret
valueFrom:
secretKeyRef:
name: css-users-api
key: users_api_client_secret
- name: LOG_LEVEL
value: ${LOG_LEVEL}
ports:
- containerPort: 3000
protocol: TCP
Expand All @@ -258,9 +160,6 @@ objects:
initialDelaySeconds: 15
periodSeconds: 30
timeoutSeconds: 5
volumeMounts:
- mountPath: /mnt/sessions
name: ticdi-sessions
- apiVersion: v1
kind: Service
metadata:
Expand Down
Loading

0 comments on commit 32d7160

Please sign in to comment.