From 5cf6ef5f1ab109fc1a2f06c94c3faa513e5473db Mon Sep 17 00:00:00 2001
From: Elise SOUVANNAVONG <esouvannavong@takima.fr>
Date: Thu, 23 May 2024 14:49:56 +0200
Subject: [PATCH] solution
---
templates/api-config.yaml | 9 ++++
templates/api-deployment.yaml | 80 +++++++++++++++++++++++++++++++++++
templates/api-ingress.yaml | 23 ++++++++++
templates/api-service.yaml | 13 ++++++
templates/pg-config.yaml | 9 ++++
templates/pg-credentials.yaml | 10 +++++
templates/pg-deployment.yaml | 46 ++++++++++++++++++++
templates/pg-service.yaml | 14 ++++++
values.yaml | 16 ++++++-
9 files changed, 218 insertions(+), 2 deletions(-)
create mode 100644 templates/api-config.yaml
create mode 100644 templates/api-deployment.yaml
create mode 100644 templates/api-ingress.yaml
create mode 100644 templates/api-service.yaml
create mode 100644 templates/pg-config.yaml
create mode 100644 templates/pg-credentials.yaml
create mode 100644 templates/pg-deployment.yaml
create mode 100644 templates/pg-service.yaml
diff --git a/templates/api-config.yaml b/templates/api-config.yaml
new file mode 100644
index 0000000..8a1d62f
--- /dev/null
+++ b/templates/api-config.yaml
@@ -0,0 +1,9 @@
+{{- if .Values.api.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{.Values.name }}-api
+data:
+ DB_ENDPOINT: "{{ .Values.name }}:5432"
+ DB_NAME: {{ .Values.db.name }}
+{{- end }}
\ No newline at end of file
diff --git a/templates/api-deployment.yaml b/templates/api-deployment.yaml
new file mode 100644
index 0000000..7c43f76
--- /dev/null
+++ b/templates/api-deployment.yaml
@@ -0,0 +1,80 @@
+{{- if .Values.api.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{.Values.name }}-api
+ labels:
+ app: api
+spec:
+ replicas: {{ .Values.api.replicaCount }}
+ selector:
+ matchLabels:
+ app: api
+ template:
+ metadata:
+ labels:
+ app: api
+ spec:
+ securityContext:
+ runAsUser: 1001
+ runAsGroup: 1001
+ imagePullSecrets:
+ - name: takima-school-registry
+ containers:
+ - name: api
+ image: {{ .Values.api.image.repository }}:{{ .Values.api.image.tag }}
+ resources:
+ requests:
+ memory: "192M"
+ cpu: "0.2"
+ limits:
+ memory: "256M"
+ cpu: "1"
+ startupProbe:
+ httpGet:
+ path: /actuator/health
+ port: 8080
+ initialDelaySeconds: 15
+ periodSeconds: 3
+ successThreshold: 1
+ failureThreshold: 5
+ livenessProbe:
+ httpGet:
+ path: /actuator/health/liveness
+ port: 8080
+ periodSeconds: 3
+ successThreshold: 1
+ failureThreshold: 3
+ readinessProbe:
+ httpGet:
+ path: /actuator/health/readiness
+ port: 8080
+ periodSeconds: 1
+ successThreshold: 1
+ failureThreshold: 3
+ securityContext:
+ allowPrivilegeEscalation: false
+ ports:
+ - containerPort: 8080
+ env:
+ - name: DB_ENDPOINT
+ valueFrom:
+ configMapKeyRef:
+ name: api-config
+ key: DB_ENDPOINT
+ - name: POSTGRES_DB
+ valueFrom:
+ configMapKeyRef:
+ name: api-config
+ key: DB_NAME
+ - name: POSTGRES_USER
+ valueFrom:
+ secretKeyRef:
+ name: pg-credentials # Nom du secret
+ key: pg_username # nom de la clef dans le config map
+ - name: POSTGRES_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: pg-credentials # Nom du secret
+ key: pg_password
+{{- end }}
\ No newline at end of file
diff --git a/templates/api-ingress.yaml b/templates/api-ingress.yaml
new file mode 100644
index 0000000..607b85c
--- /dev/null
+++ b/templates/api-ingress.yaml
@@ -0,0 +1,23 @@
+{{- if .Values.api.enabled }}
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+ name: {{.Values.name }}-api
+spec:
+ ingressClassName: nginx
+ rules:
+ - host: {{ .Values.api.ingress.host }}
+ http:
+ paths:
+ - backend:
+ service:
+ name: {{.Values.name }}-api
+ port:
+ number: 80
+ path: /
+ pathType: Prefix
+ tls:
+ - hosts:
+ - {{ .Values.api.ingress.host }}
+ secretName: app-wildcard
+{{- end }}
diff --git a/templates/api-service.yaml b/templates/api-service.yaml
new file mode 100644
index 0000000..596b7b3
--- /dev/null
+++ b/templates/api-service.yaml
@@ -0,0 +1,13 @@
+{{- if .Values.api.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{.Values.name }}-api
+spec:
+ selector:
+ app: api
+ ports:
+ - protocol: TCP
+ port: 80
+ targetPort: 8080
+{{- end }}
\ No newline at end of file
diff --git a/templates/pg-config.yaml b/templates/pg-config.yaml
new file mode 100644
index 0000000..c493cdb
--- /dev/null
+++ b/templates/pg-config.yaml
@@ -0,0 +1,9 @@
+{{- if .Values.db.enabled }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ .Values.name }}-db
+data:
+ db_name: {{ .Values.db.name }}
+ db_path: "/var/lib/postgresql/data/pgdata"
+{{- end }}
\ No newline at end of file
diff --git a/templates/pg-credentials.yaml b/templates/pg-credentials.yaml
new file mode 100644
index 0000000..2c483f5
--- /dev/null
+++ b/templates/pg-credentials.yaml
@@ -0,0 +1,10 @@
+{{- if .Values.db.enabled }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.name }}-db
+type: Opaque
+data:
+ pg_username: YWRtaW4= # user: admin
+ pg_password: dGVzdDEyMyo= # pwd: test123*
+{{- end }}
\ No newline at end of file
diff --git a/templates/pg-deployment.yaml b/templates/pg-deployment.yaml
new file mode 100644
index 0000000..4e5777a
--- /dev/null
+++ b/templates/pg-deployment.yaml
@@ -0,0 +1,46 @@
+{{- if .Values.db.enabled }}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: {{ .Values.name }}-db
+ labels:
+ app: pg
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: pg
+ template:
+ metadata:
+ labels:
+ app: pg
+ spec:
+ containers:
+ - name: postgres
+ image: {{ .Values.db.image.repository }}:{{ .Values.db.image.tag }}
+ ports:
+ - containerPort: 80
+ env:
+ - name: POSTGRES_DB
+ valueFrom:
+ configMapKeyRef:
+ name: pg-config # Nom du configmap
+ key: db_name # nom de la clef dans le config map contenant le nom de la DB
+ - name: PGDATA
+ valueFrom:
+ configMapKeyRef:
+ name: pg-config # Nom du configmap
+ key: db_path # nom de la clef dans le configMap contenant path ou installer la db dans le volume persistant
+ - name: POSTGRES_USER
+ valueFrom:
+ secretKeyRef:
+ name: pg-credentials # Nom du secret
+ key: pg_username # nom de la clef dans le secret
+ - name: POSTGRES_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: pg-credentials # Nom du secret
+ key: pg_password # nom de la clef dans le secret contenant le password
+ imagePullSecrets:
+ - name: takima-school-registry
+{{- end }}
\ No newline at end of file
diff --git a/templates/pg-service.yaml b/templates/pg-service.yaml
new file mode 100644
index 0000000..eb3a81c
--- /dev/null
+++ b/templates/pg-service.yaml
@@ -0,0 +1,14 @@
+{{- if .Values.db.enabled }}
+apiVersion: v1
+kind: Service
+metadata:
+ name: {{ .Values.name }}-db
+ labels:
+ app: pg
+spec:
+ type: ClusterIP
+ ports:
+ - port: 5432
+ selector:
+ app: pg
+{{- end}}
diff --git a/values.yaml b/values.yaml
index a9d9921..fe13a95 100644
--- a/values.yaml
+++ b/values.yaml
@@ -5,9 +5,14 @@
name: cdb
api:
+ enabled: true
ingress:
- tlsEnabled: false
+ tlsEnabled: true
host: api.esouvannavong.takima.school
+ replicaCount: 1
+ image:
+ repository: registry.gitlab.com/takima-school/images/cdb/api
+ tag: latest
front:
enabled: true
@@ -17,4 +22,11 @@ front:
replicaCount: 1
ingress:
tlsEnabled: false
- host: www.esouvannavong.takima.school
\ No newline at end of file
+ host: www.esouvannavong.takima.school
+
+pg:
+ enabled: true
+ name: cdb-db
+ image:
+ repository: registry.takima.io/school/proxy/postgres
+ tag: latest
\ No newline at end of file
--
GitLab