Merge pull request 'Support for AKV by the Freeleaps service' (#75) from Nicolas_local_ops into master
Reviewed-on: https://gitea.freeleaps.mathmast.com/freeleaps/freeleaps-ops/pulls/75
This commit is contained in:
commit
f75af2c110
@ -106,12 +106,24 @@ spec:
|
||||
{{- end}}
|
||||
env:
|
||||
{{- range $key, $value := .Values.freeleaps.configs }}
|
||||
{{- if not (or (eq $key "mongodbUri") (eq $key "jwtSecretKey") (eq $key "stripeApiKey") (eq $key "stripeWebhookSecret") (eq $key "stripeAccountWebhookSecret") (eq $key "rabbitmqPassword") (eq $key "redisUrl") (eq $key "giteaApiKey")) }}
|
||||
- name: {{ $key | snakecase | upper }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: freeleaps-config
|
||||
key: {{ $key | snakecase | upper }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.freeleaps.secrets }}
|
||||
{{ $targetSecretName := .Values.freeleaps.secrets.target.name }}
|
||||
{{- range .Values.freeleaps.secrets.data }}
|
||||
- name: {{ .key | snakecase | upper }}
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: {{ $targetSecretName }}
|
||||
key: {{ .key }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
{{- if .Values.logIngest.enabled }}
|
||||
volumeMounts:
|
||||
- name: app-logs
|
||||
|
||||
@ -10,19 +10,13 @@ data:
|
||||
SERVICE_API_ACCESS_HOST: {{ .Values.freeleaps.configs.serviceApiAccessHost | b64enc | quote }}
|
||||
SERVICE_API_ACCESS_PORT: {{ .Values.freeleaps.configs.serviceApiAccessPort | toString | b64enc }}
|
||||
MONGODB_NAME: {{ .Values.freeleaps.configs.mongodbName | b64enc | quote }}
|
||||
MONGODB_URI: {{ .Values.freeleaps.configs.mongodbUri | b64enc | quote }}
|
||||
MONGODB_PORT: {{ .Values.freeleaps.configs.mongodbPort | toString | b64enc }}
|
||||
EMAIL_FROM: {{ .Values.freeleaps.configs.emailFrom | b64enc | quote }}
|
||||
SITE_URL_ROOT: {{ .Values.freeleaps.configs.siteUrlRoot | b64enc | quote }}
|
||||
JWT_SECRET_KEY: {{ .Values.freeleaps.configs.jwtSecretKey | b64enc | quote }}
|
||||
JWT_ALGORITHM: {{ .Values.freeleaps.configs.jwtAlgorithm | b64enc | quote }}
|
||||
STRIPE_API_KEY: {{ .Values.freeleaps.configs.stripeApiKey | b64enc | quote }}
|
||||
STRIPE_WEBHOOK_SECRET: {{ .Values.freeleaps.configs.stripeWebhookSecret | b64enc | quote }}
|
||||
STRIPE_ACCOUNT_WEBHOOK_SECRET: {{ .Values.freeleaps.configs.stripeAccountWebhookSecret | b64enc | quote }}
|
||||
RABBITMQ_HOST: {{ .Values.freeleaps.configs.rabbitmqHost | b64enc | quote }}
|
||||
RABBITMQ_PORT: {{ .Values.freeleaps.configs.rabbitmqPort | toString | b64enc }}
|
||||
RABBITMQ_USERNAME: {{ .Values.freeleaps.configs.rabbitmqUsername | b64enc | quote }}
|
||||
RABBITMQ_PASSWORD: {{ .Values.freeleaps.configs.rabbitmqPassword | b64enc | quote }}
|
||||
FREELEAPS_DEVSVC_ENDPOINT: {{ .Values.freeleaps.configs.freeleapsDevsvcEndpoint | b64enc | quote }}
|
||||
FREELEAPS_CONTENT_ENDPOINT: {{ .Values.freeleaps.configs.freeleapsContentEndpoint | b64enc | quote }}
|
||||
FREELEAPS_CENTRAL_STORAGE_ENDPOINT: {{ .Values.freeleaps.configs.freeleapsCentralStorageEndpoint | b64enc | quote }}
|
||||
@ -33,9 +27,7 @@ data:
|
||||
FREELEAPS_NOTIFICATION_ENDPOINT: {{ .Values.freeleaps.configs.freeleapsNotificationEndpoint | b64enc | quote }}
|
||||
FREELEAPS_ENV: {{ .Values.freeleaps.configs.freeleapsEnv | b64enc | quote }}
|
||||
CERT_PATH: {{ .Values.freeleaps.configs.certPath | b64enc | quote }}
|
||||
REDIS_URL: {{ .Values.freeleaps.configs.redisUrl | b64enc | quote }}
|
||||
REDIS_IS_CLUSTER: {{ .Values.freeleaps.configs.redisIsCluster | b64enc | quote }}
|
||||
METRICS_ENABLED: {{ .Values.freeleaps.configs.metricsEnabled | default false | toString | b64enc }}
|
||||
PROBES_ENABLED: {{ .Values.freeleaps.configs.probesEnabled | default false | toString | b64enc }}
|
||||
GITEA_API_KEY: {{ .Values.freeleaps.configs.giteaApiKey | b64enc | quote }}
|
||||
GITEA_ENDPOINT: {{ .Values.freeleaps.configs.giteaEndpoint | b64enc | quote }}
|
||||
@ -0,0 +1,23 @@
|
||||
{{- if .Values.freeleaps.secrets }}
|
||||
---
|
||||
apiVersion: freeleaps.com/v1alpha1
|
||||
kind: FreeleapsSecret
|
||||
metadata:
|
||||
name: {{ .Values.freeleaps.secrets.target.name }}
|
||||
namespace: {{ .Release.Namespace }}
|
||||
spec:
|
||||
secretStoreRef:
|
||||
kind: {{ .Values.freeleaps.secrets.secretStoreRef.kind }}
|
||||
name: {{ .Values.freeleaps.secrets.secretStoreRef.name }}
|
||||
target:
|
||||
name: {{ .Values.freeleaps.secrets.target.name }}
|
||||
creationPolicy: {{ .Values.freeleaps.secrets.target.creationPolicy }}
|
||||
refreshInterval: {{ .Values.freeleaps.secrets.refreshInterval }}
|
||||
data:
|
||||
{{- range .Values.freeleaps.secrets.data }}
|
||||
- secretKey: {{ .key }}
|
||||
remoteRef:
|
||||
key: {{ .remoteRef.key }}
|
||||
type: {{ .remoteRef.type }}
|
||||
{{- end }}
|
||||
{{- end }}
|
||||
@ -61,19 +61,13 @@ freeleaps:
|
||||
serviceApiAccessHost: 0.0.0.0
|
||||
serviceApiAccessPort: 8001
|
||||
mongodbName: freeleaps2
|
||||
mongodbUri: mongodb+srv://jetli:8IHKx6dZK8BfugGp@freeleaps2.hanbj.mongodb.net/
|
||||
mongodbPort: 27017
|
||||
emailFrom: freeleaps@freeleaps.com
|
||||
siteUrlRoot: https://freeleaps-alpha.com
|
||||
jwtSecretKey: 8f87ca8c3c9c3df09a9c78e0adb0927855568f6072d9efc892534aee35f5867b
|
||||
jwtAlgorithm: HS256
|
||||
stripeApiKey: sk_test_51Ogsw5B0IyqaSJBrwczlr820jnmvA1qQQGoLZ2XxOsIzikpmXo4pRLjw4XVMTEBR8DdVTYySiAv1XX53Zv5xqynF00GfMqttFd
|
||||
stripeWebhookSecret: whsec_hUbnahlGtAvN2yckBk45a236LmrODOdm
|
||||
stripeAccountWebhookSecret: whsec_PgPnkWGhEUiQfnV8aIb5Wmruz7XETJLm
|
||||
rabbitmqHost: freeleaps-alpha-rabbitmq.freeleaps-alpha.svc.freeleaps.cluster
|
||||
rabbitmqPort: 5672
|
||||
rabbitmqUsername: user
|
||||
rabbitmqPassword: NjlhHFvnDuC7K0ir
|
||||
freeleapsDevsvcEndpoint: http://devsvc-service.freeleaps-alpha.svc.freeleaps.cluster:8007/api/devsvc/
|
||||
freeleapsContentEndpoint: http://content-service.freeleaps-alpha.svc.freeleaps.cluster:8013/api/content/
|
||||
freeleapsCentralStorageEndpoint: http://central-storage-service.freeleaps-alpha.svc.freeleaps.cluster:8005/api/central_storage/
|
||||
@ -84,12 +78,52 @@ freeleaps:
|
||||
freeleapsAilabEndpoint: ''
|
||||
freeleapsEnv: alpha
|
||||
certPath: ''
|
||||
redisUrl: redis://:4sTqfZvUwR@freeleaps-alpha-redis-master.freeleaps-alpha.svc.freeleaps.cluster:6379
|
||||
redisIsCluster: 'false'
|
||||
metricsEnabled: 'false'
|
||||
probesEnabled: 'true'
|
||||
giteaApiKey: 737645b8a52b24bf6fc5081c461255fd4c28ab0a
|
||||
giteaEndpoint: https://alpha.gitea.freeleaps.mathmast.com/
|
||||
|
||||
secrets:
|
||||
secretStoreRef:
|
||||
kind: FreeleapsSecretStore
|
||||
name: freeleaps-main-secret-store
|
||||
target:
|
||||
name: "freeleaps-freeleaps-alpha-secrets"
|
||||
creationPolicy: "Owner"
|
||||
refreshInterval: 30s
|
||||
data:
|
||||
- key: mongodbUri
|
||||
remoteRef:
|
||||
key: "freeleaps-alpha-mongodb-uri"
|
||||
type: Secret
|
||||
- key: jwtSecretKey
|
||||
remoteRef:
|
||||
key: "freeleaps-alpha-jwt-secret-key"
|
||||
type: Secret
|
||||
- key: stripeApiKey
|
||||
remoteRef:
|
||||
key: "freeleaps-alpha-stripe-api-key"
|
||||
type: Secret
|
||||
- key: stripeWebhookSecret
|
||||
remoteRef:
|
||||
key: "freeleaps-alpha-stripe-webhook-secret"
|
||||
type: Secret
|
||||
- key: stripeAccountWebhookSecret
|
||||
remoteRef:
|
||||
key: "freeleaps-alpha-stripe-account-webhook-secret"
|
||||
type: Secret
|
||||
- key: rabbitmqPassword
|
||||
remoteRef:
|
||||
key: "freeleaps-alpha-rabbitmq-password"
|
||||
type: Secret
|
||||
- key: redisUrl
|
||||
remoteRef:
|
||||
key: "freeleaps-alpha-redis-url"
|
||||
type: Secret
|
||||
- key: giteaApiKey
|
||||
remoteRef:
|
||||
key: "freeleaps-alpha-gitea-api-key"
|
||||
type: Secret
|
||||
vpa:
|
||||
minAllowed:
|
||||
enabled: false
|
||||
|
||||
@ -53,18 +53,12 @@ freeleaps:
|
||||
serviceApiAccessPort: 8001
|
||||
mongodbName: freeleaps2
|
||||
mongodbPort: 27017
|
||||
mongodbUri: mongodb+srv://freeadmin:0eMV0bt8oyaknA0m@freeleaps2.zmsmpos.mongodb.net/?retryWrites=true&w=majority
|
||||
emailFrom: freeleaps@freeleaps.com
|
||||
siteUrlRoot: https://freeleaps.com
|
||||
jwtSecretKey: ea84edf152976b2fcec12b78aa8e45bc26a5cf0ef61bf16f5c317ae33b3fd8b0
|
||||
jwtAlgorithm: HS256
|
||||
stripeApiKey: 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
|
||||
stripeWebhookSecret: whsec_yWObkdtJTP4FOrmN2vPNEAv0EBGXbU3n
|
||||
stripeAccountWebhookSecret: whsec_cFhia4hz65OQLdhv26LZAAmjoBc6WNgg
|
||||
rabbitmqHost: freeleaps-prod-rabbitmq-headless.freeleaps-prod.svc.freeleaps.cluster
|
||||
rabbitmqPort: 5672
|
||||
rabbitmqUsername: user
|
||||
rabbitmqPassword: D3b0HKz71T0OcYF8
|
||||
freeleapsDevsvcEndpoint: http://devsvc-service.freeleaps-prod.svc.freeleaps.cluster:8007/api/devsvc/
|
||||
freeleapsContentEndpoint: http://content-service.freeleaps-prod.svc.freeleaps.cluster:8013/api/content/
|
||||
freeleapsCentralStorageEndpoint: http://central-storage-service.freeleaps-prod.svc.freeleaps.cluster:8005/api/central_storage/
|
||||
@ -73,14 +67,54 @@ freeleaps:
|
||||
freeleapsAuthenticationEndpoint: http://authentication-service.freeleaps-prod.svc.freeleaps.cluster:8004/api/auth/
|
||||
freeleapsNotificationEndpoint: http://notification-service.freeleaps-prod.svc.freeleaps.cluster:8003/api/notification/
|
||||
freeleapsAilabEndpoint: ''
|
||||
freeleapsEnv: alpha
|
||||
freeleapsEnv: prod
|
||||
certPath: ''
|
||||
redisUrl: redis://:izrZtCmYk8@freeleaps-prod-redis-redis-cluster-headless.freeleaps-prod.svc.freeleaps.cluster:6379/0
|
||||
redisIsCluster: 'true'
|
||||
metricsEnabled: 'true'
|
||||
probesEnabled: 'true'
|
||||
giteaApiKey: a61216761e1cda4797c1bc13c4cc26472e9e1eb3
|
||||
giteaEndpoint: https://gitea.freeleaps.mathmast.com/
|
||||
|
||||
secrets:
|
||||
secretStoreRef:
|
||||
kind: FreeleapsSecretStore
|
||||
name: freeleaps-main-secret-store
|
||||
target:
|
||||
name: "freeleaps-freeleaps-prod-secrets"
|
||||
creationPolicy: "Owner"
|
||||
refreshInterval: 30s
|
||||
data:
|
||||
- key: mongodbUri
|
||||
remoteRef:
|
||||
key: "freeleaps-prod-mongodb-uri"
|
||||
type: Secret
|
||||
- key: jwtSecretKey
|
||||
remoteRef:
|
||||
key: "freeleaps-prod-jwt-secret-key"
|
||||
type: Secret
|
||||
- key: stripeApiKey
|
||||
remoteRef:
|
||||
key: "freeleaps-prod-stripe-api-key"
|
||||
type: Secret
|
||||
- key: stripeWebhookSecret
|
||||
remoteRef:
|
||||
key: "freeleaps-prod-stripe-webhook-secret"
|
||||
type: Secret
|
||||
- key: stripeAccountWebhookSecret
|
||||
remoteRef:
|
||||
key: "freeleaps-prod-stripe-account-webhook-secret"
|
||||
type: Secret
|
||||
- key: rabbitmqPassword
|
||||
remoteRef:
|
||||
key: "freeleaps-prod-rabbitmq-password"
|
||||
type: Secret
|
||||
- key: redisUrl
|
||||
remoteRef:
|
||||
key: "freeleaps-prod-redis-url"
|
||||
type: Secret
|
||||
- key: giteaApiKey
|
||||
remoteRef:
|
||||
key: "freeleaps-prod-gitea-api-key"
|
||||
type: Secret
|
||||
vpa:
|
||||
minAllowed:
|
||||
enabled: true
|
||||
|
||||
@ -129,4 +129,46 @@ freeleaps:
|
||||
memory: "128Mi"
|
||||
controlledResources:
|
||||
- cpu
|
||||
- memory
|
||||
- memory
|
||||
|
||||
secrets:
|
||||
secretStoreRef:
|
||||
kind: FreeleapsSecretStore
|
||||
name: freeleaps-main-secret-store
|
||||
target:
|
||||
name: "freeleaps-freeleaps-secrets"
|
||||
creationPolicy: "Owner"
|
||||
refreshInterval: 30s
|
||||
data:
|
||||
- key: mongodbUri
|
||||
remoteRef:
|
||||
key: "freeleaps-mongodb-uri"
|
||||
type: Secret
|
||||
- key: jwtSecretKey
|
||||
remoteRef:
|
||||
key: "freeleaps-jwt-secret-key"
|
||||
type: Secret
|
||||
- key: stripeApiKey
|
||||
remoteRef:
|
||||
key: "freeleaps-stripe-api-key"
|
||||
type: Secret
|
||||
- key: stripeWebhookSecret
|
||||
remoteRef:
|
||||
key: "freeleaps-stripe-webhook-secret"
|
||||
type: Secret
|
||||
- key: stripeAccountWebhookSecret
|
||||
remoteRef:
|
||||
key: "freeleaps-stripe-account-webhook-secret"
|
||||
type: Secret
|
||||
- key: rabbitmqPassword
|
||||
remoteRef:
|
||||
key: "freeleaps-rabbitmq-password"
|
||||
type: Secret
|
||||
- key: redisUrl
|
||||
remoteRef:
|
||||
key: "freeleaps-redis-url"
|
||||
type: Secret
|
||||
- key: giteaApiKey
|
||||
remoteRef:
|
||||
key: "freeleaps-gitea-api-key"
|
||||
type: Secret
|
||||
Loading…
Reference in New Issue
Block a user