github.com/freiheit-com/kuberpult@v1.24.2-0.20240328135542-315d5630abe6/charts/kuberpult/templates/frontend-service.yaml (about) 1 # This file is part of kuberpult. 2 3 # Kuberpult is free software: you can redistribute it and/or modify 4 # it under the terms of the Expat(MIT) License as published by 5 # the Free Software Foundation. 6 7 # Kuberpult is distributed in the hope that it will be useful, 8 # but WITHOUT ANY WARRANTY; without even the implied warranty of 9 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 10 # MIT License for more details. 11 12 # You should have received a copy of the MIT License 13 # along with kuberpult. If not, see <https://directory.fsf.org/wiki/License:Expat>. 14 15 # Copyright 2023 freiheit.com 16 # This file is part of kuberpult. 17 18 # Kuberpult is free software: you can redistribute it and/or modify 19 # it under the terms of the Expat(MIT) License as published by 20 # the Free Software Foundation. 21 22 # Kuberpult is distributed in the hope that it will be useful, 23 # but WITHOUT ANY WARRANTY; without even the implied warranty of 24 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 25 # MIT License for more details. 26 27 # You should have received a copy of the MIT License 28 # along with kuberpult. If not, see <https://directory.fsf.org/wiki/License:Expat>. 29 30 # Copyright 2023 freiheit.com 31 32 {{- if .Values.frontend.tag }} 33 {{ fail "Values.frontend.tag cannot be used anymore. We only support the same appVersion for all services at this point."}} 34 {{ end -}} 35 36 --- 37 apiVersion: apps/v1 38 kind: Deployment 39 metadata: 40 name: kuberpult-frontend-service 41 labels: 42 app: kuberpult-frontend-service 43 spec: 44 replicas: 2 45 selector: 46 matchLabels: 47 app: kuberpult-frontend-service 48 template: 49 metadata: 50 labels: 51 app: kuberpult-frontend-service 52 {{- if .Values.datadogTracing.enabled }} 53 tags.datadoghq.com/env: {{ .Values.datadogTracing.environment }} 54 tags.datadoghq.com/service: kuberpult-frontend-service 55 tags.datadoghq.com/version: {{ $.Chart.AppVersion }} 56 annotations: 57 apm.datadoghq.com/env: '{"DD_SERVICE":"kuberpult-frontend-service","DD_ENV":"{{ .Values.datadogTracing.environment }}","DD_VERSION":"{{ $.Chart.AppVersion }}"}' 58 {{- end }} 59 spec: 60 {{- with .Values.imagePullSecrets }} 61 imagePullSecrets: 62 {{- toYaml . | nindent 8 }} 63 {{- end }} 64 containers: 65 - name: service 66 image: "{{ .Values.hub }}/{{ .Values.frontend.image }}:{{ $.Chart.AppVersion }}" 67 ports: 68 - name: http 69 containerPort: 8081 70 protocol: TCP 71 readinessProbe: 72 httpGet: 73 path: /healthz 74 port: http 75 initialDelaySeconds: 5 76 periodSeconds: 10 77 livenessProbe: 78 httpGet: 79 path: /healthz 80 port: http 81 resources: 82 limits: 83 cpu: "{{ .Values.frontend.resources.limits.cpu }}" 84 memory: "{{ .Values.frontend.resources.limits.memory }}" 85 requests: 86 cpu: "{{ .Values.frontend.resources.requests.cpu }}" 87 memory: "{{ .Values.frontend.resources.requests.memory }}" 88 env: 89 - name: KUBERPULT_GIT_AUTHOR_NAME 90 value: {{ .Values.git.author.name | quote }} 91 - name: KUBERPULT_GIT_AUTHOR_EMAIL 92 value: {{ .Values.git.author.email | quote }} 93 - name: KUBERPULT_CDSERVER 94 value: kuberpult-cd-service:8443 95 - name: KUBERPULT_ARGOCD_BASE_URL 96 value: {{ .Values.argocd.baseUrl | quote }} 97 - name: KUBERPULT_ARGOCD_NAMESPACE 98 value: {{ .Values.argocd.namespace | quote }} 99 - name: KUBERPULT_BATCH_CLIENT_TIMEOUT 100 value: {{ .Values.frontend.batchClient.timeout | quote }} 101 - name: KUBERPULT_VERSION 102 value: {{ $.Chart.AppVersion | quote}} 103 - name: KUBERPULT_SOURCE_REPO_URL 104 value: {{ .Values.git.sourceRepoUrl | quote}} 105 - name: KUBERPULT_MANIFEST_REPO_URL 106 value: {{ .Values.git.manifestRepoUrl | quote}} 107 - name: LOG_FORMAT 108 value: {{ .Values.log.format | quote }} 109 - name: LOG_LEVEL 110 value: {{ .Values.log.level | quote }} 111 - name: KUBERPULT_GKE_BACKEND_SERVICE_ID 112 value: "{{ .Values.gke.backend_service_id }}" 113 - name: KUBERPULT_GKE_BACKEND_SERVICE_NAME 114 value: "{{ .Values.gke.backend_service_name }}" 115 - name: KUBERPULT_GKE_PROJECT_NUMBER 116 value: "{{ .Values.gke.project_number }}" 117 - name: KUBERPULT_ALLOWED_ORIGINS 118 value: "https://{{ .Values.ingress.domainName }}" 119 - name: KUBERPULT_GIT_BRANCH 120 value: {{ .Values.git.branch | quote }} 121 - name: KUBERPULT_IAP_ENABLED 122 value: {{ .Values.ingress.iap.enabled | quote }} 123 - name: KUBERPULT_API_ENABLE_DESPITE_NO_AUTH 124 value: {{ .Values.auth.api.enableDespiteNoAuth | quote }} 125 {{- if .Values.datadogTracing.enabled }} 126 - name: DD_AGENT_HOST 127 valueFrom: 128 fieldRef: 129 fieldPath: status.hostIP 130 - name: DD_ENV 131 valueFrom: 132 fieldRef: 133 fieldPath: metadata.labels['tags.datadoghq.com/env'] 134 - name: DD_SERVICE 135 valueFrom: 136 fieldRef: 137 fieldPath: metadata.labels['tags.datadoghq.com/service'] 138 - name: DD_VERSION 139 valueFrom: 140 fieldRef: 141 fieldPath: metadata.labels['tags.datadoghq.com/version'] 142 - name: KUBERPULT_ENABLE_TRACING 143 value: "{{ .Values.datadogTracing.enabled }}" 144 {{- end }} 145 - name: KUBERPULT_DEX_ENABLED 146 value: "{{ .Values.auth.dexAuth.enabled }}" 147 {{- if .Values.auth.dexAuth.enabled }} 148 - name: KUBERPULT_DEX_CLIENT_ID 149 value: "{{ .Values.auth.dexAuth.clientId }}" 150 - name: KUBERPULT_DEX_CLIENT_SECRET 151 value: "{{ .Values.auth.dexAuth.clientSecret }}" 152 - name: KUBERPULT_DEX_BASE_URL 153 value: "{{ .Values.auth.dexAuth.baseURL }}" 154 - name: KUBERPULT_DEX_SCOPES 155 value: "{{ .Values.auth.dexAuth.scopes }}" 156 {{- end }} 157 {{- if .Values.pgp.keyRing }} 158 - name: KUBERPULT_PGP_KEY_RING_PATH 159 value: /keyring/keyring.gpg 160 {{- end }} 161 - name: KUBERPULT_AZURE_ENABLE_AUTH 162 value: "{{ .Values.auth.azureAuth.enabled }}" 163 {{- if .Values.auth.azureAuth.enabled }} 164 - name: KUBERPULT_AZURE_CLOUD_INSTANCE 165 value: "{{ .Values.auth.azureAuth.cloudInstance }}" 166 - name: KUBERPULT_AZURE_CLIENT_ID 167 value: "{{ .Values.auth.azureAuth.clientId }}" 168 - name: KUBERPULT_AZURE_TENANT_ID 169 value: "{{ .Values.auth.azureAuth.tenantId }}" 170 - name: KUBERPULT_AZURE_REDIRECT_URL 171 value: "https://{{ .Values.ingress.domainName }}" 172 {{- end }} 173 - name: KUBERPULT_ROLLOUTSERVER 174 {{- if .Values.rollout.enabled }} 175 value: "kuberpult-rollout-service:8443" 176 {{- else }} 177 value: "" 178 {{- end }} 179 - name: KUBERPULT_MAX_WAIT_DURATION 180 value: {{ .Values.frontend.maxWaitDuration | quote }} 181 volumeMounts: 182 {{- if .Values.pgp.keyRing }} 183 - name: keyring 184 mountPath: /keyring 185 {{- end }} 186 volumes: 187 {{- if .Values.pgp.keyRing }} 188 - name: keyring 189 configMap: 190 name: kuberpult-keyring 191 {{- end }} 192 193 --- 194 apiVersion: v1 195 kind: Service 196 metadata: 197 name: kuberpult-frontend-service 198 annotations: 199 {{- if .Values.ingress.iap.enabled }} 200 cloud.google.com/backend-config: '{"default": "kuberpult"}' 201 {{- end }} 202 {{- range $key, $value := .Values.frontend.service.annotations }} 203 {{ $key | quote}}: {{ $value | quote}} 204 {{- end }} 205 spec: 206 ports: 207 - name: http 208 port: 80 209 targetPort: http 210 selector: 211 app: kuberpult-frontend-service 212 type: NodePort