Add elon-staging manifests
This commit is contained in:
parent
8dfa4651b4
commit
6b251aeb54
|
@ -0,0 +1,78 @@
|
|||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: elon-staging
|
||||
labels:
|
||||
app.kubernetes.io/name: elon-staging
|
||||
app.kubernetes.io/instance: elon-staging
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: elon-staging
|
||||
app.kubernetes.io/instance: elon-staging
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: elon-staging
|
||||
app.kubernetes.io/instance: elon-staging
|
||||
spec:
|
||||
containers:
|
||||
- image: netfluxio/elon:latest
|
||||
imagePullPolicy: Always
|
||||
name: elon-staging
|
||||
ports:
|
||||
- name: http
|
||||
protocol: TCP
|
||||
containerPort: 8000
|
||||
env:
|
||||
- name: ELON_TWITTER_AUTHORIZE_URL
|
||||
value: https://twitter.com/i/oauth2/authorize
|
||||
- name: ELON_TWITTER_TOKEN_URL
|
||||
value: https://api.twitter.com/2/oauth2/token
|
||||
- name: ELON_DATABASE_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: elon-staging-credentials
|
||||
key: database-url
|
||||
- name: ELON_SESSION_KEY
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: elon-staging-credentials
|
||||
key: session-key
|
||||
- name: ELON_TWITTER_CLIENT_ID
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: elon-staging-credentials
|
||||
key: twitter-client-id
|
||||
- name: ELON_TWITTER_CLIENT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: elon-staging-credentials
|
||||
key: twitter-client-secret
|
||||
- name: ELON_TWITTER_CALLBACK_URL
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: elon-staging-credentials
|
||||
key: twitter-callback-url
|
||||
- name: ELON_TWITTER_BEARER_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: elon-staging-credentials
|
||||
key: twitter-bearer-token
|
||||
resources:
|
||||
requests:
|
||||
memory: "16Mi"
|
||||
cpu: "20m"
|
||||
limits:
|
||||
memory: "32Mi"
|
||||
cpu: "50m"
|
||||
livenessProbe:
|
||||
failureThreshold: 10
|
||||
httpGet:
|
||||
path: /
|
||||
port: 8000
|
||||
scheme: HTTP
|
||||
initialDelaySeconds: 30
|
||||
periodSeconds: 10
|
||||
successThreshold: 1
|
||||
timeoutSeconds: 10
|
|
@ -64,3 +64,13 @@ spec:
|
|||
name: drone
|
||||
port:
|
||||
name: http
|
||||
- host: elon-staging.internal
|
||||
http:
|
||||
paths:
|
||||
- pathType: Prefix
|
||||
path: "/"
|
||||
backend:
|
||||
service:
|
||||
name: elon-staging
|
||||
port:
|
||||
name: http
|
||||
|
|
|
@ -87,6 +87,9 @@ resources:
|
|||
- role-drone-runner.yaml
|
||||
- rolebinding-drone-runner.yaml
|
||||
|
||||
- deploy-elon-staging.yaml
|
||||
- svc-elon-staging.yaml
|
||||
|
||||
configMapGenerator:
|
||||
- name: gitea-scripts
|
||||
files:
|
||||
|
|
|
@ -0,0 +1,17 @@
|
|||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/instance: elon-staging
|
||||
app.kubernetes.io/name: elon-staging
|
||||
name: elon-staging
|
||||
spec:
|
||||
ports:
|
||||
- name: http
|
||||
port: 8000
|
||||
protocol: TCP
|
||||
targetPort: 8000
|
||||
selector:
|
||||
app.kubernetes.io/instance: elon-staging
|
||||
app.kubernetes.io/name: elon-staging
|
||||
type: ClusterIP
|
|
@ -71,6 +71,14 @@ secretGenerator:
|
|||
- gitea-client-id=55847c4a-c80e-4e77-ab36-c6d102273115
|
||||
- gitea-client-secret=IU4cb59RNNLuI9PRkUbldcEQ5wYPEZMBK5s6p7vTdVfe
|
||||
- rpc-secret=f5ec349109bb9bbdf00e4394afd28754
|
||||
- name: elon-staging-credentials
|
||||
literals:
|
||||
- session-key=secret
|
||||
- twitter-client-id=foo
|
||||
- twitter-client-secret=bar
|
||||
- twitter-callback-url=http://localhost:8000/callback
|
||||
- twitter-bearer-token=secret
|
||||
- database-url=postgres://postgres:postgres@dev-db:5432/elon_staging?sslmode=disable
|
||||
|
||||
patches:
|
||||
# Patch the metrics-server to not require TLS in dev cluster.
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
- element.netflux.io
|
||||
- git.netflux.io
|
||||
- drone.netflux.io
|
||||
- staging.eloneatsmytweets.com
|
||||
secretName: prod-ingress-tls
|
||||
- op: replace
|
||||
path: /spec/rules/0/host
|
||||
|
@ -30,3 +31,6 @@
|
|||
- op: replace
|
||||
path: /spec/rules/4/host
|
||||
value: drone.netflux.io
|
||||
- op: replace
|
||||
path: /spec/rules/5/host
|
||||
value: staging.eloneatsmytweets.com
|
||||
|
|
|
@ -60,6 +60,14 @@ secretGenerator:
|
|||
- gitea-client-id=secrets/drone-gitea-client-id
|
||||
- gitea-client-secret=secrets/drone-gitea-client-secret
|
||||
- rpc-secret=secrets/drone-rpc-secret
|
||||
- name: elon-staging-credentials
|
||||
files:
|
||||
- session-key=secrets/elon-staging-session-key
|
||||
- twitter-client-id=secrets/elon-staging-twitter-client-id
|
||||
- twitter-client-secret=secrets/elon-staging-twitter-client-secret
|
||||
- twitter-callback-url=secrets/elon-staging-twitter-callback-url
|
||||
- twitter-bearer-token=secrets/elon-staging-twitter-bearer-token
|
||||
- database-url=secrets/elon-staging-database-url
|
||||
|
||||
patches:
|
||||
# Patch the ingress-nginx deployment to allow it to use a service with a
|
||||
|
|
Loading…
Reference in New Issue