-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathvalues.yaml
131 lines (121 loc) · 3.76 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
replicaCount: 2
image:
repository: "{{ .Values.ciRepository }}"
pullPolicy: Always
# Overrides the image tag whose default is the chart appVersion.
tag: "{{ .Values.ciTag }}"
run:
command:
- /bin/sh
args:
- -c
- >
ls -al . ;
ls -al server; cat server/config.json;
echo "Environment: {{ .Release.Namespace }}";
node --max-old-space-size=4096 .
service:
type: ClusterIP
externalPort: 80
internalPort: 3000
volumes:
- name: config-volume
configMap:
name: "{{ .Release.Name }}-cm"
- name: secrets-volume
secret:
secretName: "{{ .Release.Name }}-s"
secrets:
"{{ .Release.Name }}-s":
type: Opaque
data:
component-config.json: "{{ .Values.secretsJson.COMPONENT_CONFIG }}"
datasources.json: "{{ .Values.secretsJson.DATASOURCES }}"
functionalAccounts.json: "{{ .Values.secretsJson.FUNCTIONAL_ACCOUNTS }}"
providers.json: "{{ .Values.secretsJson.PROVIDERS }}"
mail_auth: "{{ .Values.secretsJson.MAIL_AUTH }}"
express_session: "{{ .Values.secretsJson.EXPRESS_SESSION_SECRET }}"
ingresses:
- enabled: true
annotations:
kubernetes.io/ingress.class: nginx
cert-manager.io/cluster-issuer: letsencrypt-prod
nginx.ingress.kubernetes.io/proxy-body-size: 50m
nginx.ingress.kubernetes.io/proxy-read-timeout: "600"
hosts:
- host: "{{ .Values.host }}"
paths:
- path: "/"
pathType: Prefix
tls:
- hosts:
- "{{ .Values.host }}"
secretName: "scicat-be-certificate"
- enabled: true
name: backend-login
annotations:
kubernetes.io/ingress.class: nginx
b64/nginx.ingress.kubernetes.io/whitelist-source-range: "{{ .Values.secretsJson.WHITELISTED_IPS }}"
hosts:
- host: "{{ .Values.host }}"
paths:
- path: /api/v3/Users/login
pathType: Exact
- path: /api/v3/auth/msad
pathType: Exact
configMaps:
"{{ .Release.Name }}-cm":
config.local.js: "{{ .Values.CONFIG_LOCAL }}"
login-callbacks.js: "{{ .Values.LOGIN_CALLBACKS }}"
middleware.json: "{{ .Values.MIDDLEWARE }}"
job-template.html: "{{ .Values.EMAIL_TEMPLATE }}"
hideEmail.js: "{{ .Values.HIDE_EMAIL }}"
authorized-jobs.js: "{{ .Values.AUTHORIZED_JOBS }}"
env:
- name: ENV
value: "{{ .Values.envValue }}"
- name: MAIL_AUTH
valueFrom:
secretKeyRef:
name: "{{ .Release.Name }}-s"
key: mail_auth
- name: EXPRESS_SESSION_SECRET
valueFrom:
secretKeyRef:
name: "{{ .Release.Name }}-s"
key: express_session
volumeMounts:
- name: config-volume
mountPath: /home/node/app/server/config.local.js
subPath: config.local.js
- name: config-volume
mountPath: /home/node/app/server/middleware.local.json
subPath: middleware.json
- name: config-volume
mountPath: /home/node/app/server/boot/login-callbacks.js
subPath: login-callbacks.js
- name: config-volume
mountPath: /home/node/app/email-templates/job-template.html
subPath: job-template.html
- name: config-volume
mountPath: /home/node/app/server/boot/hideEmail.js
subPath: hideEmail.js
- name: config-volume
mountPath: /home/node/app/server/boot/authorized-jobs.js
subPath: authorized-jobs.js
- name: secrets-volume
mountPath: /home/node/app/server/providers.json
subPath: providers.json
- name: secrets-volume
mountPath: /home/node/app/server/datasources.json
subPath: datasources.json
- name: secrets-volume
mountPath: /home/node/app/server/functionalAccounts.json
subPath: functionalAccounts.json
- name: secrets-volume
mountPath: /home/node/app/server/component-config.json
subPath: component-config.json
probeChecks:
periodSeconds: 20
timeoutSeconds: 5
failureThreshold: 5