Add elon-staging manifests

This commit is contained in:
Rob Watson 2022-05-25 07:09:29 +02:00
parent 8dfa4651b4
commit 6b251aeb54
7 changed files with 128 additions and 0 deletions

View File

@ -0,0 +1,78 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: elon-staging
labels:
app.kubernetes.io/name: elon-staging
app.kubernetes.io/instance: elon-staging
spec:
selector:
matchLabels:
app.kubernetes.io/name: elon-staging
app.kubernetes.io/instance: elon-staging
template:
metadata:
labels:
app.kubernetes.io/name: elon-staging
app.kubernetes.io/instance: elon-staging
spec:
containers:
- image: netfluxio/elon:latest
imagePullPolicy: Always
name: elon-staging
ports:
- name: http
protocol: TCP
containerPort: 8000
env:
- name: ELON_TWITTER_AUTHORIZE_URL
value: https://twitter.com/i/oauth2/authorize
- name: ELON_TWITTER_TOKEN_URL
value: https://api.twitter.com/2/oauth2/token
- name: ELON_DATABASE_URL
valueFrom:
secretKeyRef:
name: elon-staging-credentials
key: database-url
- name: ELON_SESSION_KEY
valueFrom:
secretKeyRef:
name: elon-staging-credentials
key: session-key
- name: ELON_TWITTER_CLIENT_ID
valueFrom:
secretKeyRef:
name: elon-staging-credentials
key: twitter-client-id
- name: ELON_TWITTER_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: elon-staging-credentials
key: twitter-client-secret
- name: ELON_TWITTER_CALLBACK_URL
valueFrom:
secretKeyRef:
name: elon-staging-credentials
key: twitter-callback-url
- name: ELON_TWITTER_BEARER_TOKEN
valueFrom:
secretKeyRef:
name: elon-staging-credentials
key: twitter-bearer-token
resources:
requests:
memory: "16Mi"
cpu: "20m"
limits:
memory: "32Mi"
cpu: "50m"
livenessProbe:
failureThreshold: 10
httpGet:
path: /
port: 8000
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10

View File

@ -64,3 +64,13 @@ spec:
name: drone name: drone
port: port:
name: http name: http
- host: elon-staging.internal
http:
paths:
- pathType: Prefix
path: "/"
backend:
service:
name: elon-staging
port:
name: http

View File

@ -87,6 +87,9 @@ resources:
- role-drone-runner.yaml - role-drone-runner.yaml
- rolebinding-drone-runner.yaml - rolebinding-drone-runner.yaml
- deploy-elon-staging.yaml
- svc-elon-staging.yaml
configMapGenerator: configMapGenerator:
- name: gitea-scripts - name: gitea-scripts
files: files:

View File

@ -0,0 +1,17 @@
apiVersion: v1
kind: Service
metadata:
labels:
app.kubernetes.io/instance: elon-staging
app.kubernetes.io/name: elon-staging
name: elon-staging
spec:
ports:
- name: http
port: 8000
protocol: TCP
targetPort: 8000
selector:
app.kubernetes.io/instance: elon-staging
app.kubernetes.io/name: elon-staging
type: ClusterIP

View File

@ -71,6 +71,14 @@ secretGenerator:
- gitea-client-id=55847c4a-c80e-4e77-ab36-c6d102273115 - gitea-client-id=55847c4a-c80e-4e77-ab36-c6d102273115
- gitea-client-secret=IU4cb59RNNLuI9PRkUbldcEQ5wYPEZMBK5s6p7vTdVfe - gitea-client-secret=IU4cb59RNNLuI9PRkUbldcEQ5wYPEZMBK5s6p7vTdVfe
- rpc-secret=f5ec349109bb9bbdf00e4394afd28754 - rpc-secret=f5ec349109bb9bbdf00e4394afd28754
- name: elon-staging-credentials
literals:
- session-key=secret
- twitter-client-id=foo
- twitter-client-secret=bar
- twitter-callback-url=http://localhost:8000/callback
- twitter-bearer-token=secret
- database-url=postgres://postgres:postgres@dev-db:5432/elon_staging?sslmode=disable
patches: patches:
# Patch the metrics-server to not require TLS in dev cluster. # Patch the metrics-server to not require TLS in dev cluster.

View File

@ -14,6 +14,7 @@
- element.netflux.io - element.netflux.io
- git.netflux.io - git.netflux.io
- drone.netflux.io - drone.netflux.io
- staging.eloneatsmytweets.com
secretName: prod-ingress-tls secretName: prod-ingress-tls
- op: replace - op: replace
path: /spec/rules/0/host path: /spec/rules/0/host
@ -30,3 +31,6 @@
- op: replace - op: replace
path: /spec/rules/4/host path: /spec/rules/4/host
value: drone.netflux.io value: drone.netflux.io
- op: replace
path: /spec/rules/5/host
value: staging.eloneatsmytweets.com

View File

@ -60,6 +60,14 @@ secretGenerator:
- gitea-client-id=secrets/drone-gitea-client-id - gitea-client-id=secrets/drone-gitea-client-id
- gitea-client-secret=secrets/drone-gitea-client-secret - gitea-client-secret=secrets/drone-gitea-client-secret
- rpc-secret=secrets/drone-rpc-secret - rpc-secret=secrets/drone-rpc-secret
- name: elon-staging-credentials
files:
- session-key=secrets/elon-staging-session-key
- twitter-client-id=secrets/elon-staging-twitter-client-id
- twitter-client-secret=secrets/elon-staging-twitter-client-secret
- twitter-callback-url=secrets/elon-staging-twitter-callback-url
- twitter-bearer-token=secrets/elon-staging-twitter-bearer-token
- database-url=secrets/elon-staging-database-url
patches: patches:
# Patch the ingress-nginx deployment to allow it to use a service with a # Patch the ingress-nginx deployment to allow it to use a service with a