go.chromium.org/luci@v0.0.0-20240309015107-7cdc2e660f33/milo/app.yaml (about) 1 service: default 2 runtime: go121 3 4 instance_class: F4_1G 5 6 automatic_scaling: 7 min_idle_instances: 10 8 max_idle_instances: automatic # default value 9 min_pending_latency: 10ms 10 max_pending_latency: 30ms # default value 11 max_concurrent_requests: 8 # note: the default value is 10 12 13 # luci_gae_vars is interpreted by gae.py, for apps deployed manually. 14 # It maps the app ID being deployed to values of vars used below. 15 luci_gae_vars: 16 luci-milo-dev: 17 AUTH_SERVICE_HOST: chrome-infra-auth-dev.appspot.com 18 CONFIG_SERVICE_HOST: config.luci.app 19 TS_MON_ACCOUNT: app-engine-metric-publishers@prodx-mon-chrome-infra.google.com.iam.gserviceaccount.com 20 OAUTH_CLIENT_ID: 897369734084-d3t2c39aht2aqeop0f42pp48ejpr54up.apps.googleusercontent.com 21 OAUTH_CLIENT_SECRET: sm://oauth-client-secret 22 OAUTH_REDIRECT_URL: https://luci-milo-dev.appspot.com/auth/openid/callback 23 ROOT_SECRET: sm://root-secret 24 TINK_AEAD_KEY: sm://tink-aead-primary 25 REDIS_ADDR: 10.82.28.60:6379 26 DS_CACHE: redis 27 VPC_CONNECTOR: projects/luci-milo-dev/locations/us-central1/connectors/connector 28 GTM_CONTAINER_ID: GTM-5SMGXGB 29 LOGIN_SESSIONS_ROOT_URL: https://luci-milo-dev.appspot.com 30 31 vpc_access_connector: 32 name: ${VPC_CONNECTOR} 33 34 handlers: 35 # Single robots.txt file, must be served under root. 36 - url: /robots.txt 37 static_files: frontend/static/robots.txt 38 upload: frontend/static/robots.txt 39 40 # Static resources such as css and js files. 41 - url: /static 42 secure: always 43 static_dir: frontend/static 44 45 # Immutable SPA static resources. 46 - url: /ui/immutable 47 secure: always 48 static_dir: ui/out/immutable 49 # All files have content hash in their filenames. 50 # So they can be cached longer. 51 expiration: 7d 52 53 # Host root_sw.js at root so it can have root scope. 54 - url: /(root_sw\.js(\.map)?)$ 55 secure: always 56 static_files: ui/out/\1 57 upload: ui/out/root_sw\.js(\.map)?$ 58 59 # Some other SPA static resources. 60 - url: /ui/(ui_sw\.js(\.map)?|manifest\.webmanifest)$ 61 secure: always 62 static_files: ui/out/\1 63 upload: ui/out/(ui_sw\.js(\.map)?|manifest\.webmanifest)$ 64 # These resources are cached by the service worker. Don't serve the old 65 # content when the service worker tries to fetch a new version. 66 expiration: 0s 67 68 # Serve the service worker on the old URL. 69 # TODO(weiweilin): remove this once no traffic are hitting the old path. 70 - url: /ui/service-worker.js 71 secure: always 72 static_files: ui/out/ui_sw.js 73 upload: ui/out/ui_sw.js 74 # These resources are cached by the service worker. Don't serve the old 75 # content when the service worker tries to fetch a new version. 76 expiration: 0s 77 78 # SPA frontend routes. 79 - url: /ui(/.*)? 80 secure: always 81 static_files: ui/out/index.html 82 upload: ui/out/index.html 83 # These resources are cached by the service worker. Don't serve the old 84 # content when the service worker tries to fetch a new version. 85 expiration: 0s 86 87 # The rest is handled by Go code. 88 - url: /.* 89 script: auto 90 secure: always 91 92 inbound_services: 93 - warmup 94 95 entrypoint: > 96 main 97 -auth-service-host ${AUTH_SERVICE_HOST} 98 -config-service-host ${CONFIG_SERVICE_HOST} 99 -ts-mon-account ${TS_MON_ACCOUNT} 100 -cloud-error-reporting 101 -root-secret ${ROOT_SECRET} 102 -primary-tink-aead-key ${TINK_AEAD_KEY} 103 -encrypted-cookies-client-id ${OAUTH_CLIENT_ID} 104 -encrypted-cookies-client-secret ${OAUTH_CLIENT_SECRET} 105 -encrypted-cookies-redirect-url ${OAUTH_REDIRECT_URL} 106 -encrypted-cookies-required-scopes https://www.googleapis.com/auth/gerritcodereview 107 -encrypted-cookies-optional-scopes https://www.googleapis.com/auth/buganizer 108 -encrypted-cookies-expose-state-endpoint 109 -redis-addr ${REDIS_ADDR} 110 -ds-cache ${DS_CACHE} 111 -gtm-container-id ${GTM_CONTAINER_ID} 112 -login-sessions-root-url ${LOGIN_SESSIONS_ROOT_URL}