Created
September 17, 2021 16:17
-
-
Save geofffranks/fa6f210a54f92231f0b4fa8e43e26bb8 to your computer and use it in GitHub Desktop.
a bit o' spruce, from http://play.spruce.cf
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"flavor":"1.27.0","prune":[],"env":["HOME=/home/user","BUILD_URL=build","REPO_SOURCE_URL=source"],"cherry_pick":[],"yaml":[{"filename":"file1.yml","contents":"---\napiVersion: v1\nkind: List\nmetadata:\n name: satellite-mesh-api-deployment\n namespace: armada\n annotations:\n version: (( grab $TRAVIS_COMMIT || \"dev\" ))\n razee.io/source-url: (( grab $REPO_SOURCE_URL ))\n razee.io/build-url: (( grab $BUILD_URL ))\nitems:\n - apiVersion: apps/v1\n kind: Deployment\n metadata:\n name: satellite-mesh-api\n namespace: armada\n annotations:\n version: (( grab $TRAVIS_COMMIT || \"dev\" ))\n razee.io/source-url: (( grab $REPO_SOURCE_URL ))\n razee.io/build-url: (( grab $BUILD_URL ))\n labels:\n razee/restart-on-config-change: \"true\"\n addonmanager.kubernetes.io/mode: Reconcile\n edge: \"true\"\n spec:\n replicas: 1\n selector:\n matchLabels:\n app: satellite-mesh-api\n strategy:\n type: RollingUpdate\n revisionHistoryLimit: 0\n template:\n metadata:\n labels:\n app: satellite-mesh-api\n edge: \"true\"\n annotations:\n version: (( grab $TRAVIS_COMMIT || \"dev\" ))\n prometheus.io/scrape: 'true'\n prometheus.io/port: '7979'\n razee.io/source-url: (( grab $REPO_SOURCE_URL ))\n razee.io/build-url: (( grab $BUILD_URL ))\n scheduler.alpha.kubernetes.io/affinity: \u003e\n {\n \"podAntiAffinity\": {\n \"preferredDuringSchedulingIgnoredDuringExecution\": [\n {\n \"weight\": 100,\n \"podAffinityTerm\": {\n \"labelSelector\": {\n \"matchExpressions\": [\n {\n \"key\": \"app\",\n \"operator\": \"In\",\n \"values\": [\"satellite-mesh-api\"]\n }\n ]\n },\n \"topologyKey\": \"kubernetes.io/hostname\"\n }\n }\n ]\n }\n }\n spec:\n tolerations:\n - key: dedicated\n operator: Equal\n value: armada\n effect: NoSchedule\n containers:\n - name: satellite-mesh-api\n image: (( concat \"{{ DOCKER_REGISTRY }}/armada/satellite-mesh-api:\" metadata.annotations.version ))\n resources:\n limits:\n cpu: \"2\"\n memory: \"1Gi\"\n requests:\n memory: \"300Mi\"\n cpu: \"0.5\"\n ports:\n - containerPort: 7979\n volumeMounts:\n - name: etcd-certs-volume\n mountPath: /opt/tls_certs\n readOnly: true\n - name: events-volume\n mountPath: /var/log/at\n - name: etcd-operator-certs-volume\n mountPath: /opt/tls_certs_operator\n env:\n - name: MAX_AllOWED_USER_DEF_COUNT_IBMERS\n value: \"25\"\n - name: MAX_AllOWED_USER_DEF_COUNT\n value: \"20\"\n - name: CERT_PATH_ETCD_OPERATOR\n value: \"/opt/tls_certs_operator\"\n - name: ETCD_USE_OPERATOR\n valueFrom:\n configMapKeyRef:\n name: armada-etcd-configmap\n key: ETCD_USE_OPERATOR\n - name: ETCD_ENDPOINTS_OPERATOR\n valueFrom:\n configMapKeyRef:\n name: armada-etcd-configmap\n key: ETCD_ENDPOINTS_OPERATOR\n - name: ETCD_ENDPOINTS\n valueFrom:\n configMapKeyRef:\n name: armada-etcd-configmap\n key: ETCD_ENDPOINTS\n - name: ETCD_AUTH\n valueFrom:\n configMapKeyRef:\n name: armada-etcd-configmap\n key: ETCD_AUTH\n - name: ETCD_USER\n valueFrom:\n configMapKeyRef:\n name: armada-etcd-configmap\n key: ETCD_USER\n - name: ETCD_V3\n valueFrom:\n configMapKeyRef:\n name: armada-etcd-configmap\n key: ETCD_V3\n - name: ETCD_READ_ONLY\n valueFrom:\n configMapKeyRef:\n name: armada-etcd-configmap\n key: ETCD_READ_ONLY\n - name: ETCD_SECRET\n valueFrom:\n secretKeyRef:\n name: armada-etcd-secrets\n key: ETCD_SECRET\n - name: ETCD_PASSWORD\n valueFrom:\n secretKeyRef:\n name: armada-etcd-secrets\n key: ETCD_PASSWORD\n - name: ETCD_CERT_PATH\n value: \"/opt/tls_certs/compose-ca.pem\"\n - name: ETCD_RULES_DISABLED\n valueFrom:\n configMapKeyRef:\n name: armada-etcd-configmap\n key: ETCD_RULES_DISABLED\n - name: SERVICE_NAME\n value: \"satellite-mesh-api\"\n - name: ENABLE_SLACK_NOTIFICATIONS\n valueFrom:\n configMapKeyRef:\n name: satellite-mesh-api-configmap\n key: ENABLE_SLACK_NOTIFICATIONS\n - name: SLACK_WEBHOOK_URL\n valueFrom:\n secretKeyRef:\n name: satellite-mesh-api-secret\n key: SLACK_WEBHOOK_URL\n - name: SLACK_ALERT_CHANNEL\n valueFrom:\n configMapKeyRef:\n name: satellite-mesh-api-configmap\n key: SLACK_ALERT_CHANNEL\n - name: SLACK_FAILURE_CHANNEL\n valueFrom:\n configMapKeyRef:\n name: satellite-mesh-api-configmap\n key: SLACK_FAILURE_CHANNEL\n - name: ENABLE_COS_LOGS\n valueFrom:\n configMapKeyRef:\n name: satellite-mesh-api-configmap\n key: ENABLE_COS_LOGS\n - name: COS_LOGS_ENDPOINT\n valueFrom:\n configMapKeyRef:\n name: satellite-mesh-api-configmap\n key: COS_LOGS_ENDPOINT\n - name: COS_LOGS_LINK_TIMEOUT_HOURS\n valueFrom:\n configMapKeyRef:\n name: satellite-mesh-api-configmap\n key: COS_LOGS_LINK_TIMEOUT_HOURS\n - name: COS_LOGS_BUCKET\n valueFrom:\n configMapKeyRef:\n name: satellite-mesh-api-configmap\n key: COS_LOGS_BUCKET\n - name: COS_LOGS_S3_ACCESS_KEY\n valueFrom:\n secretKeyRef:\n name: satellite-mesh-api-secret\n key: COS_LOGS_S3_ACCESS_KEY\n - name: COS_LOGS_S3_SECRET_ACCESS_KEY\n valueFrom:\n secretKeyRef:\n name: satellite-mesh-api-secret\n key: COS_LOGS_S3_SECRET_ACCESS_KEY\n - name: CARRIER_NAME\n valueFrom:\n configMapKeyRef:\n name: armada-info-configmap\n key: CARRIER_NAME\n - name: REGION_NAME\n valueFrom:\n configMapKeyRef:\n name: armada-info-configmap\n key: REGION_NAME\n - name: ENV_PREFIX\n valueFrom:\n configMapKeyRef:\n name: armada-info-configmap\n key: ENV_PREFIX\n - name: ENV\n valueFrom:\n configMapKeyRef:\n name: armada-info-configmap\n key: ENV\n - name: CRN_BASE\n valueFrom:\n configMapKeyRef:\n name: armada-info-configmap\n key: CRN_BASE\n - name: CRN_CNAME\n valueFrom:\n configMapKeyRef:\n name: armada-info-configmap\n key: CRN_CNAME\n - name: CRN_CTYPE\n valueFrom:\n configMapKeyRef:\n name: armada-info-configmap\n key: CRN_CTYPE\n - name: IAM_LOGIN_ENDPOINT\n valueFrom:\n configMapKeyRef:\n name: armada-iam-configmap\n key: IAM_LOGIN_ENDPOINT\n - name: IAM_PDP_ENDPOINT\n valueFrom:\n configMapKeyRef:\n name: armada-iam-configmap\n key: IAM_PDP_ENDPOINT\n - name: IAM_V2_PDP_URL\n valueFrom:\n configMapKeyRef:\n name: armada-iam-configmap\n key: IAM_PDP_ENDPOINT\n - name: IAM_PAP_ENDPOINT\n valueFrom:\n configMapKeyRef:\n name: armada-iam-configmap\n key: IAM_PAP_ENDPOINT\n - name: IAM_ISSUER\n valueFrom:\n configMapKeyRef:\n name: armada-iam-configmap\n key: IAM_ISSUER\n - name: IAM_CLIENT_ID\n valueFrom:\n secretKeyRef:\n name: armada-iam-secrets\n key: IAM_CLIENT_ID\n - name: IAM_CLIENT_SECRET\n valueFrom:\n secretKeyRef:\n name: armada-iam-secrets\n key: IAM_CLIENT_SECRET\n - name: IAM_API_KEY\n valueFrom:\n secretKeyRef:\n name: armada-iam-secrets\n key: IAM_API_KEY\n - name: ACCT_URL\n valueFrom:\n configMapKeyRef:\n optional: true\n name: armada-uaa-configmap\n key: ACCT_URL\n - name: OAUTH_TOKEN_URL\n valueFrom:\n configMapKeyRef:\n optional: true\n name: armada-uaa-configmap\n key: OAUTH_TOKEN_URL\n - name: CLIENT_ID\n valueFrom:\n secretKeyRef:\n optional: true\n name: armada-uaa-secrets\n key: CLIENT_ID\n - name: CLIENT_SECRET\n valueFrom:\n secretKeyRef:\n optional: true\n name: armada-uaa-secrets\n key: CLIENT_SECRET\n - name: POD_NAME\n valueFrom:\n fieldRef:\n fieldPath: metadata.name\n - name: RES_MGR_URL\n valueFrom:\n configMapKeyRef:\n name: bss-config-configmap\n key: RES_MGR_URL\n ########################################\n # Key protect configuration\n ########################################\n - name: LD_SDK_KEY\n valueFrom:\n secretKeyRef:\n name: armada-launch-darkly-secrets\n key: ARMADA_LAUNCH_DARKLY_USERS_SDK_KEY\n - name: KP_URL\n valueFrom:\n configMapKeyRef:\n name: kp-configmap\n key: KP_URL\n - name: KP_INSTANCE_ID\n valueFrom:\n configMapKeyRef:\n name: kp-configmap\n key: KP_INSTANCE_ID\n - name: KP_API_KEY\n valueFrom:\n secretKeyRef:\n name: kp-secrets\n key: KP_API_KEY\n - name: KP_TOKEN_URL\n valueFrom:\n configMapKeyRef:\n name: kp-configmap\n key: KP_TOKEN_URL\n - name: KP_ETCDCACHE_EXPIRATION_MINS\n valueFrom:\n configMapKeyRef:\n name: kp-configmap\n key: KP_ETCDCACHE_EXPIRATION_MINS\n - name: KP_ETCDCACHE_VERIFICATION_MINS\n valueFrom:\n configMapKeyRef:\n name: kp-configmap\n key: KP_ETCDCACHE_VERIFICATION_MINS\n - name: KP_CACHE_DISABLED\n valueFrom:\n configMapKeyRef:\n name: kp-configmap\n key: KP_CACHE_DISABLED\n # use for analytics middleware\n - name: SEGMENT_WRITE_KEY\n valueFrom:\n secretKeyRef:\n optional: true\n name: armada-api-secrets\n key: SEGMENT_API_KEY\n # Event-client library configuration\n - name: EVENTS_CLIENT_USE_V2_FORMAT\n valueFrom:\n configMapKeyRef:\n name: armada-info-configmap\n key: EVENTS_CLIENT_USE_V2_FORMAT\n securityContext:\n runAsUser: 2000\n runAsGroup: 2000\n volumes:\n - name: etcd-certs-volume\n secret:\n secretName: armada-etcd-secrets\n items:\n - key: compose-ca.pem\n path: compose-ca.pem\n - name: events-volume\n hostPath:\n path: /var/log/at\n type: Directory\n - name: etcd-operator-certs-volume\n secret:\n secretName: etcd-1-armada-{{ armada.armada-info-configmap.ARMADA_REGION_NAME }}-client-tls\n optional: true\n - apiVersion: v1\n kind: Service\n metadata:\n name: satellite-mesh-api\n namespace: armada\n labels:\n app: satellite-mesh-api\n annotations:\n version: (( grab $TRAVIS_COMMIT || \"dev\" ))\n razee.io/source-url: (( grab $REPO_SOURCE_URL ))\n razee.io/build-url: (( grab $BUILD_URL ))\n prometheus.io/scrape: 'true'\n prometheus.io/probepath: '/metrics'\n prometheus.io/port: '7979'\n spec:\n type: ClusterIP\n ports:\n - port: 7979\n name: http-web\n selector:\n app: satellite-mesh-api\n - apiVersion: networking.k8s.io/v1beta1\n kind: Ingress\n metadata:\n name: satellite-mesh-api-regional-ingress\n namespace: armada\n labels:\n addonmanager.kubernetes.io/mode: Reconcile\n spec:\n tls:\n - hosts:\n - \"{{ armada.satellite-mesh-api-configmap.regional_glb_host }}\"\n secretName: satellite-mesh-regional-api-public-certs\n ingressClassName: public-iks-k8s-nginx\n rules:\n - host: \"{{ armada.satellite-mesh-api-configmap.regional_glb_host }}\"\n http:\n paths:\n - path: /\n backend:\n serviceName: satellite-mesh-api\n servicePort: 7979\n"}],"skip_eval":false,"fallback_append":false,"go_patch":false,"debug":false,"trace":false} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment