MahdiKarimipour
/ kubernetes-ci-pipeline.yaml
Created
September 28, 2021 11:21
CI Pipeline for Containerized Workload
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ASP.NET Core | |
| # Build and test ASP.NET Core projects targeting .NET Core. | |
| # Add steps that run tests, create a NuGet package, deploy, and more: | |
| # https://docs.microsoft.com/azure/devops/pipelines/languages/dotnet-core | |
| trigger: | |
| - master | |
| pool: | |
| vmImage: 'ubuntu-20.04' |
MahdiKarimipour
/ kubernetes-complete-deployment-helm-chart-with-secret-volume.yaml
Created
September 28, 2021 11:04
Complete Deployment Helm Chart with with Secret Volumes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: {{ include "ecosystem-identity-api.fullname" . }} | |
| labels: | |
| {{- include "ecosystem-identity-api.labels" . | nindent 4 }} | |
| spec: | |
| {{- if not .Values.autoscaling.enabled }} | |
| replicas: {{ .Values.replicaCount }} | |
| {{- end }} |
MahdiKarimipour
/ Kubernetes-read-secrets-at-start-up.cs
Last active
September 28, 2021 10:59
Read Secrets at Start up Time for Asp.NET APIs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Host.CreateDefaultBuilder(args) | |
| .ConfigureWebHostDefaults(webBuilder => | |
| { | |
| webBuilder.UseStartup<Startup>(); | |
| }) | |
| .ConfigureAppConfiguration((context, config) => | |
| { | |
| var builtConfig = config.SetBasePath(Directory.GetCurrentDirectory()) | |
| .AddJsonFile("appsettings.json", false) | |
| .AddJsonFile($"appsettings.Production.json", true) |
MahdiKarimipour
/ kubernetes-attach-secret-provider-to-helm-charts.yaml
Created
September 28, 2021 10:55
Attach Secret Provider to Helm Chart
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| volumes: | |
| - name: technologyleads-identity-api-azure-keyvault-volume | |
| csiSecretProviderClass: azure-es-identity-api-vault | |
| volumeMounts: | |
| - name: technologyleads-identity-api-azure-keyvault-volume | |
| readOnly: true | |
| mountPath: /root/.microsoft/usersecrets |
MahdiKarimipour
/ kubernetes-secret-provider-class.yaml
Created
September 28, 2021 09:44
Secret Provider for K8s
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: secrets-store.csi.x-k8s.io/v1alpha1 | |
| kind: SecretProviderClass | |
| metadata: | |
| name: azure-es-identity-api-vault | |
| spec: | |
| provider: azure | |
| secretObjects: | |
| - secretName: technologyleads-ecosystem-identityapi | |
| data: | |
| - objectName: JwtSecret |
MahdiKarimipour
/ kubernetes-helm-ingress-configs.yaml
Last active
November 20, 2021 06:30
Ingress Configs for Kubernetes in Prod
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ingress: | |
| enabled: true | |
| className: "" | |
| annotations: | |
| nginx.ingress.kubernetes.io/enable-cors: "true" | |
| nginx.ingress.kubernetes.io/cors-allow-origin: "http://pellerex.com" | |
| nginx.ingress.kubernetes.io/rewrite-target: /$2 | |
| kubernetes.io/ingress.class: nginx | |
| nginx.ingress.kubernetes.io/proxy-buffering: "on" | |
| nginx.ingress.kubernetes.io/proxy-buffer-size: "128k" |
MahdiKarimipour
/ kubernetes-helm-cross-service-communication.yaml
Created
September 28, 2021 08:43
Cross Container Communication using Services in Helm
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| env: | |
| - name: SubscriptionApiSettings__BaseUrl | |
| value: http://ecosystem-subscription-api-release | |
| - name: "MessagingApiSettings__BaseUrl" | |
| value: "http://ecosystem-messaging-api-release" |
MahdiKarimipour
/ kubernetes-helm-values-in-production.yaml
Last active
September 28, 2021 08:44
Helm Values File in Production
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| replicaCount: 1 | |
| image: | |
| repository: technologyleads/ecosystem-identity-api | |
| pullPolicy: Always | |
| # Overrides the image tag whose default is the chart appVersion. | |
| tag: "v1.0.0" | |
| env: | |
| - name: "ASPNETCORE_ENVIRONMENT" |
MahdiKarimipour
/ kubernetes-secret-management-app-secret-file.cs
Created
September 22, 2021 11:55
AppSecret File for Kubernetes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class AppSecrets | |
| { | |
| public string DbConnectionString { get; set; } | |
| public string JwtSecret { get; set; } | |
| public string GoogleCaptchaVerificationSecret { get; set; } | |
| public string GoogleAuthClientId { get; set; } | |
| public string GoogleAuthClientSecret { get; set; } | |
| public string MicrosoftAuthClientId { get; set; } | |
| public string MicrosoftAuthClientSecret { get; set; } | |
| public string TwitterAuthClientId { get; set; } |
MahdiKarimipour
/ kubernetes-secrets-injection-through-volumes.yaml
Created
September 22, 2021 11:47
Inject Kubernetes Secrets into Volumes
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| volumes: | |
| - name: technologyleads-identity-api-secret-volume | |
| secretRef: technologyleads-identity-api | |
| volumeMounts: | |
| - name: technologyleads-identity-api-secret-volume | |
| mountPath: /root/.microsoft/usersecrets |