Skip to content

Commit

Permalink
Fixes for clowdapp (#121)
Browse files Browse the repository at this point in the history 
* Fixes for clowdapp

- resolve indentation issues
- update probe ports
- add `ENV_NAME` for clowder
- update `envFrom` to `valueFrom` (was having issues in deploying)
- setup `default-entitlements-config` volume
- `API_REPLICAS` to `REPLICAS`

* Point to correct app selector for service pods
  • Loading branch information
@coderbydesign
coderbydesign authored Apr 21, 2023
1 parent d28a006 commit 7fc9ce4
Showing 1 changed file with 98 additions and 67 deletions.
165 changes: 98 additions & 67 deletions deployment/clowdapp.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,12 @@ objects:
webServices:
public:
enabled: True
minReplicas: ${{API_REPLICAS}}
minReplicas: ${{REPLICAS}}
podSpec:
volumes:
- configMap:
name: ${CONFIG_MAP_NAME}
name: default-entitlements-config
initContainers:
- name: bundle-sync
image: quay.io/cloudservices/entitlements-api-go:${IMAGE_TAG}
Expand All @@ -30,93 +34,117 @@ objects:
value: 'true'
- name: ENT_RUN_BUNDLE_SYNC
value: ${RUN_BUNDLE_SYNC}
envFrom:
- secretRef:
name: go-api-certs
- name: ENT_CERT
valueFrom:
secretKeyRef:
name: go-api-certs
key: ENT_CERT
optional: true
- name: ENT_KEY
valueFrom:
secretKeyRef:
name: go-api-certs
key: ENT_KEY
optional: true
volumeMounts:
- mountPath: /bundles
name: default-entitlements-config
inheritEnv: true
inheritEnv: true
minReadySeconds: 15
progressDeadlineSeconds: 600
image: quay.io/cloudservices/entitlements-api-go:${IMAGE_TAG}
livenessProbe:
failureThreshold: 3
httpGet:
path: /status
port: 3000
port: 8000
initialDelaySeconds: 20
timeoutSeconds: 60
readinessProbe:
httpGet:
path: /status
port: 3000
initialDelaySeconds: 30
timeoutSeconds: 60
readinessProbe:
httpGet:
path: /status
port: 8000
initialDelaySeconds: 30
timeoutSeconds: 60
resources:
limits:
cpu: 500m
memory: 500Mi
requests:
cpu: 100m
memory: 250Mi
envFrom:
- secretRef:
name: go-api-certs
env:
- name: ENT_PORT
value: ${PORT}
- name: ENT_ENTITLE_ALL
value: ${ENTITLE_ALL}
- name: ENT_CERTS_FROM_ENV
value: 'true'
- name: ENT_LOG_LEVEL
value: ${LOG_LEVEL}
- name: ENT_AMS_HOST
value: ${AMS_HOST}
- name: ENT_BOP_URL
value: ${BOP_URL}
- name: ENT_CA_PATH
value: /resources/ca.crt
- name: ENT_SUBS_HOST
value: ${SUBS_HOST}
- name: ENT_COMPLIANCE_HOST
value: ${COMPLIANCE_HOST}
- name: ENT_OPENAPI_SPEC_PATH
value: /apispec/api.spec.json
- name: ENT_BUNDLE_INFO_YAML
value: /bundles/bundles.yml
- name: GLITCHTIP_DSN
valueFrom:
secretKeyRef:
name: ${GLITCHTIP_SECRET}
key: dsn
optional: true
- name: ENT_OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: oidc
key: client_id
- name: ENT_OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: oidc
key: client_secret
- name: ENT_BOP_CLIENT_ID
valueFrom:
secretKeyRef:
name: entitlements-api
key: client_id
- name: ENT_BOP_TOKEN
valueFrom:
secretKeyRef:
name: entitlements-api
key: token
volumeMounts:
- mountPath: /bundles
name: default-entitlements-config
env:
- name: ENT_PORT
value: ${PORT}
- name: ENT_ENTITLE_ALL
value: ${ENTITLE_ALL}
- name: ENT_CERTS_FROM_ENV
value: 'true'
- name: ENT_LOG_LEVEL
value: ${LOG_LEVEL}
- name: ENT_AMS_HOST
value: ${AMS_HOST}
- name: ENT_BOP_URL
value: ${BOP_URL}
- name: ENT_CA_PATH
value: /resources/ca.crt
- name: ENT_SUBS_HOST
value: ${SUBS_HOST}
- name: ENT_COMPLIANCE_HOST
value: ${COMPLIANCE_HOST}
- name: ENT_OPENAPI_SPEC_PATH
value: /apispec/api.spec.json
- name: ENT_BUNDLE_INFO_YAML
value: /bundles/bundles.yml
- name: GLITCHTIP_DSN
valueFrom:
secretKeyRef:
name: ${GLITCHTIP_SECRET}
key: dsn
optional: true
- name: ENT_CERT
valueFrom:
secretKeyRef:
name: go-api-certs
key: ENT_CERT
optional: true
- name: ENT_KEY
valueFrom:
secretKeyRef:
name: go-api-certs
key: ENT_KEY
- name: ENT_OIDC_CLIENT_ID
valueFrom:
secretKeyRef:
name: oidc
key: client_id
- name: ENT_OIDC_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: oidc
key: client_secret
- name: ENT_BOP_CLIENT_ID
valueFrom:
secretKeyRef:
name: entitlements-api
key: client_id
- name: ENT_BOP_TOKEN
valueFrom:
secretKeyRef:
name: entitlements-api
key: token
volumes:
- configMap:
name: ${CONFIG_MAP_NAME}
name: default-entitlements-config
- apiVersion: v1
kind: Service
metadata:
annotations:
prometheus.io/port: '3000'
prometheus.io/port: '8000'
prometheus.io/scrape: 'true'
labels:
app: entitlements-api-go
Expand All @@ -128,7 +156,7 @@ objects:
protocol: TCP
targetPort: 8000
selector:
app: entitlements-service
app: entitlements-api-go
sessionAffinity: None
type: ClusterIP
status:
Expand Down Expand Up @@ -174,4 +202,7 @@ parameters:
- description: The name of the Glitchtip secret
name: GLITCHTIP_SECRET
required: false
value: 'entitlements-secret'
value: 'entitlements-secret'
- description: ClowdEnv Name
name: ENV_NAME
required: true

0 comments on commit 7fc9ce4

Please sign in to comment.