diff --git a/.circleci/config.yml b/.circleci/config.yml index b91f2f81..055f36a8 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -43,8 +43,8 @@ jobs: lecoffre-back devops/charts -i -f devops/charts/values.yaml -n lecoffre --create-namespace - --set lecoffreBack.image.tag=$TAG --set lecoffreBack.image.repository='rg.fr-par.scw.cloud/lecoffre/back' + --set lecoffreBack.image.tag=$TAG workflows: diff --git a/devops/charts/templates/lecoffre-back.yaml b/devops/charts/templates/lecoffre-back.yaml index 2bffdb56..24514163 100644 --- a/devops/charts/templates/lecoffre-back.yaml +++ b/devops/charts/templates/lecoffre-back.yaml @@ -64,7 +64,7 @@ spec: - name: docker-pull-secret containers: - name: lecoffre-back - image: "{{ .Values.lecoffreBack.image.repository }}:{{ .Chart.AppVersion }}" + image: "{{ .Values.lecoffreBack.image.repository }}:v{{ .Chart.AppVersion }}" {{if .Values.lecoffreBack.resources}} resources: {{toYaml .Values.lecoffreBack.resources | indent 10}} diff --git a/temp.yaml b/temp.yaml new file mode 100644 index 00000000..a34b777c --- /dev/null +++ b/temp.yaml @@ -0,0 +1,124 @@ +--- +# Source: leCoffre-back/templates/service-account.yaml +apiVersion: v1 +kind: ServiceAccount +metadata: + name: lecoffre-back-sa +--- +# Source: leCoffre-back/templates/service-account.yaml +apiVersion: v1 +kind: Secret +metadata: + name: lecoffre-back-sa-token + annotations: + kubernetes.io/service-account.name: lecoffre-back-sa +type: kubernetes.io/service-account-token +--- +# Source: leCoffre-back/templates/lecoffre-back.yaml +apiVersion: v1 +kind: Service +metadata: + name: lecoffre-back-svc + namespace: lecoffre + labels: +spec: + ports: + - port: 80 + name: http + targetPort: 1337 + selector: + app: lecoffre-back +--- +# Source: leCoffre-back/templates/lecoffre-back.yaml +apiVersion: apps/v1 +kind: Deployment +metadata: + name: lecoffre-back + namespace: lecoffre + labels: + app: lecoffre-back +spec: + replicas: 1 + selector: + matchLabels: + app: lecoffre-back + template: + metadata: + annotations: + vault.hashicorp.com/agent-inject: "true" + vault.hashicorp.com/agent-inject-secret-envs-api: secret/data/lecoffre-back-stg/config/envs-api + vault.hashicorp.com/agent-inject-template-envs-api: | + {{ with secret "secret/data/lecoffre-back-stg/config/envs-api" }} + {{ range $k, $v := .Data.data }} + export {{ $k }}="{{ $v }}" + {{ end }} + {{ end }} + vault.hashicorp.com/agent-pre-populate-only: "true" + vault.hashicorp.com/role: custom_lecoffre-back_injector_rol + labels: + app: lecoffre-back + spec: + serviceAccountName: lecoffre-back-sa + imagePullSecrets: + - name: docker-pull-secret + containers: + - name: lecoffre-back + image: "rg.fr-par.scw.cloud/lecoffre/back:v0.3.2" + + resources: + limits: + memory: 2Gi + requests: + cpu: 200m + memory: 1Gi + + imagePullPolicy: Always + command: ['sh', '-c', '. /vault/secrets/envs-api && npm start'] +--- +# Source: leCoffre-back/templates/lecoffre-back.yaml +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: lecoffre-back + namespace: lecoffre + + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + kubernetes.io/ingress.class: nginx + nginx.ingress.kubernetes.io/force-ssl-redirect: "true" + nginx.ingress.kubernetes.io/from-to-www-redirect: "true" + +spec: + + rules: + - host: api.stg.lecoffre.smart-chain.fr + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: lecoffre-back-svc + port: + number: 80 +--- +# Source: leCoffre-back/templates/docker-pull-secret.yaml +apiVersion: external-secrets.io/v1beta1 +kind: ExternalSecret +metadata: + name: docker-pull-secret +spec: + refreshInterval: 1h + secretStoreRef: + name: dockerpullsecret-vault-cluster-secret-store + kind: ClusterSecretStore + target: + template: + type: kubernetes.io/dockerconfigjson + name: docker-pull-secret + creationPolicy: Owner + data: + - secretKey: .dockerconfigjson + remoteRef: + key: secret/data/minteed-stg/config/dockerpullsecret + property: .dockerconfigjson