diff --git a/helm-msa/helm-msa-1.0.0.tgz b/helm-msa/helm-msa-1.0.0.tgz
new file mode 100644
index 0000000000000000000000000000000000000000..937bc6d9d8084f1464eff0793491defb2b3e23a6
Binary files /dev/null and b/helm-msa/helm-msa-1.0.0.tgz differ
diff --git a/helm-msa/templates/deployment/auth-service-deployment-cors.yaml b/helm-msa/templates/deployment/auth-service-deployment-cors.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..98887b303415b8196842afcdd61bc96bcda76f17
--- /dev/null
+++ b/helm-msa/templates/deployment/auth-service-deployment-cors.yaml
@@ -0,0 +1,48 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: auth-service-deployment
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: auth-service
+ template:
+ metadata:
+ annotations:
+ linkerd.io/inject: enabled
+ labels:
+ app: auth-service
+ spec:
+ containers:
+ - name: auth-service
+ image: ginyanote/auth-service:1.0.6
+ imagePullPolicy: Always
+ ports:
+ - containerPort: 5000
+ env:
+ - name: HOST_ADDRESS
+ value: "0.0.0.0"
+ - name: DATABASE_NAME
+ value: "postgres"
+ - name: DATABASE_HOST
+ value: "user-db-postgres-service"
+ - name: DATABASE_PORT
+ value: "5432"
+ - name: EXPIRES_SECONDS
+ value: "3000"
+ - name: DATABASE_USER
+ valueFrom:
+ secretKeyRef:
+ name: user-db-secret
+ key: DATABASE_USER
+ - name: DATABASE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: user-db-secret
+ key: DATABASE_PASSWORD
+ - name: AUTH_SECRET
+ valueFrom:
+ secretKeyRef:
+ name: auth-service-secret
+ key: AUTH_SECRET
diff --git a/helm-msa/templates/deployment/cors-handler-deployment.yaml b/helm-msa/templates/deployment/cors-handler-deployment.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..55de4f70dde8bd5d991aa663162aca96d025cafb
--- /dev/null
+++ b/helm-msa/templates/deployment/cors-handler-deployment.yaml
@@ -0,0 +1,35 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: cors-handler-deployment
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: cors-handler
+ template:
+ metadata:
+ annotations:
+ linkerd.io/inject: enabled
+ labels:
+ app: cors-handler
+ spec:
+ containers:
+ - name: cors-handler
+ image: ginyanote/cors-handler:0.1.1
+ imagePullPolicy: Always
+ ports:
+ - containerPort: 5000
+ env:
+ - name: HOST_ADDRESS
+ value: "0.0.0.0"
+ - name: ALLOW_CREDENTIALS
+ value: "true"
+ - name: ALLOW_HEADERS
+ value: "authorization"
+ - name: ALLOW_METHODS
+ value: "DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT"
+ - name: ALLOW_ORIGIN
+ value: "http://134.103.212.72:30001, http://localhost:8080"
+ - name: EXPOSE_HEADERS
+ value: "*"
diff --git a/helm-msa/templates/deployment/myaktion-deployment.yaml b/helm-msa/templates/deployment/myaktion-deployment.yaml
index 42307d2d73bdeba19fa5951d30ca6153ea86de4e..adddc573c0831deb0fe1c9b8feab3ee1bef20e76 100644
--- a/helm-msa/templates/deployment/myaktion-deployment.yaml
+++ b/helm-msa/templates/deployment/myaktion-deployment.yaml
@@ -16,7 +16,7 @@ spec:
spec:
containers:
- name: myaktion
- image: ginyanote/myaktion:0.2.4
+ image: ginyanote/myaktion:0.2.8
imagePullPolicy: Always
ports:
- containerPort: 8080
diff --git a/helm-msa/templates/deployment/myaktion-frontend-deployment.yaml b/helm-msa/templates/deployment/myaktion-frontend-deployment.yaml
index a300ba9a32dadd0208c9ca6f51b601511c435ad4..31d4e816b01e5c7e9c15e924b3d99ad517fa6049 100644
--- a/helm-msa/templates/deployment/myaktion-frontend-deployment.yaml
+++ b/helm-msa/templates/deployment/myaktion-frontend-deployment.yaml
@@ -16,7 +16,7 @@ spec:
spec:
containers:
- name: myaktion-frontend
- image: ginyanote/myaktion-frontend:0.1.0
+ image: ginyanote/myaktion-frontend:0.1.3
imagePullPolicy: IfNotPresent
ports:
- - containerPort: 8080
\ No newline at end of file
+ - containerPort: 80
diff --git a/helm-msa/templates/ingress-route/auth-service-ingress-route-verify.yml b/helm-msa/templates/ingress-route/auth-service-ingress-route-verify.yml
new file mode 100644
index 0000000000000000000000000000000000000000..ad8dd78db80959b2f58c8d0eb330d264b71a964f
--- /dev/null
+++ b/helm-msa/templates/ingress-route/auth-service-ingress-route-verify.yml
@@ -0,0 +1,66 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+ annotations:
+ kubernetes.io/ingress.class: traefik
+ creationTimestamp: null
+ name: auth-service-ingress-route
+ namespace: default
+spec:
+ routes:
+ - kind: Rule
+ match: PathPrefix(`/user`)
+ services:
+ - kind: Service
+ name: auth-service-service
+ namespace: default
+ port: 5000
+ - kind: Rule
+ match: PathPrefix(`/login`)
+ services:
+ - kind: Service
+ name: auth-service-service
+ namespace: default
+ port: 5000
+ - kind: Rule
+ match: PathPrefix(`/logout`)
+ middlewares:
+ - name: fw-auth-mw
+ namespace: default
+ services:
+ - kind: Service
+ name: auth-service-service
+ namespace: default
+ port: 5000
+ - kind: Rule
+ match: PathPrefix(`/blacklist/cleanup`)
+ middlewares:
+ - name: fw-auth-mw
+ namespace: default
+ services:
+ - kind: Service
+ name: auth-service-service
+ namespace: default
+ port: 5000
+ - kind: Rule
+ match: PathPrefix(`/verify`)
+ services:
+ - kind: Service
+ name: auth-service-service
+ namespace: default
+ port: 5000
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+ creationTimestamp: null
+ name: fw-auth-mw
+ namespace: default
+spec:
+ forwardAuth:
+ address: http://auth-service-service.default.svc.cluster.local:5000/verify
+ authResponseHeaders:
+ - UserID
+ - IsAdmin
+ - UserRoles
+ tls: {}
diff --git a/helm-msa/templates/ingress-route/cors-handler-ingress-route.yaml b/helm-msa/templates/ingress-route/cors-handler-ingress-route.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..2a69864aea518acc35a0476e2c6d2230e419ca7a
--- /dev/null
+++ b/helm-msa/templates/ingress-route/cors-handler-ingress-route.yaml
@@ -0,0 +1,18 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+ annotations:
+ kubernetes.io/ingress.class: traefik
+ creationTimestamp: null
+ name: cors-handler-ingress-route
+ namespace: default
+spec:
+ routes:
+ - kind: Rule
+ match: Method(`OPTIONS`)
+ priority: 100
+ services:
+ - kind: Service
+ name: cors-handler-service
+ namespace: default
+ port: 5000
diff --git a/helm-msa/templates/ingress-route/myaktion-ingress-route-no-auth.yml b/helm-msa/templates/ingress-route/myaktion-ingress-route-no-auth.yml
new file mode 100644
index 0000000000000000000000000000000000000000..e2077f2e68c4090751068b27a45abe1020f156a8
--- /dev/null
+++ b/helm-msa/templates/ingress-route/myaktion-ingress-route-no-auth.yml
@@ -0,0 +1,82 @@
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+ annotations:
+ kubernetes.io/ingress.class: traefik
+ creationTimestamp: null
+ name: myaktion-ingress-route
+ namespace: default
+spec:
+ routes:
+ - kind: Rule
+ match: Path(`/campaigns/{id:[0-9]+}/donations`) && Method(`POST`)
+ services:
+ - kind: Service
+ name: myaktion-service
+ namespace: default
+ port: 8080
+
+ - kind: Rule
+ match: Path(`/campaigns/{id:[0-9]+}/donations`) && Method(`GET`)
+ middlewares:
+ - name: fw-auth-mw
+ namespace: default
+ services:
+ - kind: Service
+ name: myaktion-service
+ namespace: default
+ port: 8080
+
+# - kind: Rule
+# match: (Path(`/campaigns`) || Path(`/campaigns/{id:[0-9]+}`)) && Method(`OPTIONS`)
+# services:
+# - kind: Service
+# name: myaktion-service
+# namespace: default
+# port: 8080
+
+ - kind: Rule
+ match: Path(`/campaigns`) || Path(`/campaigns/{id:[0-9]+}`)
+ middlewares:
+ - name: fw-auth-mw
+ namespace: default
+ services:
+ - kind: Service
+ name: myaktion-service
+ namespace: default
+ port: 8080
+
+ - kind: Rule
+ match: Path(`/view`)
+ services:
+ - kind: Service
+ name: myaktion-monitor-service
+ namespace: default
+ port: 8081
+
+ - kind: Rule
+ match: Path(`/monitor`)
+ services:
+ - kind: Service
+ name: myaktion-monitor-service
+ namespace: default
+ port: 8081
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+ creationTimestamp: null
+ name: cors-mw
+ namespace: default
+spec:
+ headers:
+ accessControlAllowOriginList:
+ - "http://134.103.212.72:30001"
+ accessControlAllowMethods:
+ - "GET"
+ - "POST"
+ - "PUT"
+ - "DELETE"
+ - "OPTIONS"
+ accessControlMaxAge: 1000
+ addVaryHeader: true
diff --git a/helm-msa/templates/service/cors-handler-service.yaml b/helm-msa/templates/service/cors-handler-service.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..126a192126adba33d0f65c0f2f61d228f8f610c0
--- /dev/null
+++ b/helm-msa/templates/service/cors-handler-service.yaml
@@ -0,0 +1,12 @@
+apiVersion: v1
+kind: Service
+metadata:
+ name: cors-handler-service
+spec:
+ selector:
+ app: cors-handler
+ ports:
+ - protocol: TCP
+ port: 5000
+ targetPort: 5000
+ type: ClusterIP
diff --git a/helm-msa/templates/service/myaktion-frontend-service.yaml b/helm-msa/templates/service/myaktion-frontend-service.yaml
index 03344244cd993fed11a6c0634bb5e38c3c0f263d..99c139f5c943fe3bdab731341f8ab2d57c559a2b 100644
--- a/helm-msa/templates/service/myaktion-frontend-service.yaml
+++ b/helm-msa/templates/service/myaktion-frontend-service.yaml
@@ -7,7 +7,7 @@ spec:
app: myaktion-frontend
ports:
- protocol: TCP
- port: 8080
- targetPort: 8080
+ port: 8083
+ targetPort: 80
nodePort: 30001
- type: NodePort
\ No newline at end of file
+ type: NodePort