initial commit

b1a4bd32 · Nico Benjamin Pögel · b1a4bd32 · b1a4bd32 · b1a4bd32 · b1a4bd32
Commit b1a4bd32 authored 2 years ago by Nico Benjamin Pögel
--- a/helm-msa/.helmignore
+++ b/helm-msa/.helmignore
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- a/helm-msa/Chart.yaml
+++ b/helm-msa/Chart.yaml
+apiVersion: v2
+name: helm-msa
+description: A Helm chart for Kubernetes
+
+# A chart can be either an 'application' or a 'library' chart.
+#
+# Application charts are a collection of templates that can be packaged into versioned archives
+# to be deployed.
+#
+# Library charts provide useful utilities or functions for the chart developer. They're included as
+# a dependency of application charts to inject those utilities and functions into the rendering
+# pipeline. Library charts do not define any templates and therefore cannot be deployed.
+type: application
+
+# This is the chart version. This version number should be incremented each time you make changes
+# to the chart and its templates, including the app version.
+# Versions are expected to follow Semantic Versioning (https://semver.org/)
+version: 1.0.0
+
+# This is the version number of the application being deployed. This version number should be
+# incremented each time you make changes to the application. Versions are not expected to
+# follow Semantic Versioning. They should reflect the version the application is using.
+# It is recommended to use it with quotes.
+appVersion: "1.16.0"
--- a/helm-msa/templates/deployment/auth-service-deployment.yaml
+++ b/helm-msa/templates/deployment/auth-service-deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: auth-service-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: auth-service
+  template:
+    metadata:
+      annotations:
+        linkerd.io/inject: enabled
+      labels:
+        app: auth-service
+    spec:
+      containers:
+      - name: auth-service
+        image: ginyanote/auth-service:1.0.0
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 5000
+        env:
+        - name: HOST_ADDRESS
+          value: "0.0.0.0"
+        - name: DATABASE_NAME
+          value: "postgres"
+        - name: DATABASE_HOST
+          value: "user-db-postgres-service"
+        - name: DATABASE_PORT
+          value: "5432"
+        - name: EXPIRES_SECONDS
+          value: "3000"
+        - name: DATABASE_USER
+          valueFrom:
+            secretKeyRef:
+              name: user-db-secret
+              key: DATABASE_USER
+        - name: DATABASE_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: user-db-secret
+              key: DATABASE_PASSWORD
+        - name: AUTH_SECRET
+          valueFrom:
+            secretKeyRef:
+              name: auth-service-secret
+              key: AUTH_SECRET
\ No newline at end of file
--- a/helm-msa/templates/deployment/myaktion-bank-deployment.yaml
+++ b/helm-msa/templates/deployment/myaktion-bank-deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: myaktion-bank-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: myaktion-bank
+  template:
+    metadata:
+      annotations:
+        linkerd.io/inject: enabled
+      labels:
+        app: myaktion-bank
+    spec:
+      containers:
+      - name: myaktion-bank
+        image: ginyanote/myaktion-bank:1.0.0
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 8082
+        env:
+        - name: SPRING_REDIS_HOST
+          value: "redis-service"
--- a/helm-msa/templates/deployment/myaktion-deployment.yaml
+++ b/helm-msa/templates/deployment/myaktion-deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: myaktion-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: myaktion
+  template:
+    metadata:
+      annotations:
+        linkerd.io/inject: enabled
+      labels:
+        app: myaktion
+    spec:
+      containers:
+      - name: myaktion
+        image: ginyanote/myaktion:0.1.0
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 8080
+        env:
+        - name: SPRING_DATASOURCE_URL
+          value: "jdbc:postgresql://myaktion-postgres-db/postgres"
+        - name: URL_MYAKTION_MONITOR
+          value: "http://myaktion-monitor-service/donations"
+        - name: SPRING_REDIS_HOST
+          value: "redis-service"
--- a/helm-msa/templates/deployment/myaktion-monitor-deployment.yaml
+++ b/helm-msa/templates/deployment/myaktion-monitor-deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: myaktion-monitor-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: myaktion-monitor
+  template:
+    metadata:
+      annotations:
+        linkerd.io/inject: enabled
+      labels:
+        app: myaktion-monitor
+    spec:
+      containers:
+      - name: myaktion-monitor
+        image: ginyanote/myaktion-monitor:0.1.0
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 8081
--- a/helm-msa/templates/deployment/myaktion-postgres-db-deployment.yaml
+++ b/helm-msa/templates/deployment/myaktion-postgres-db-deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: myaktion-postgres-db
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: myaktion-postgres-db
+  template:
+    metadata:
+      annotations:
+        linkerd.io/inject: enabled
+      labels:
+        app: myaktion-postgres-db
+    spec:
+      containers:
+      - name: myaktion-postgres-db
+        image: postgres:14.5
+        imagePullPolicy: IfNotPresent
+        ports:
+          - containerPort: 5432
+        env:
+        - name: POSTGRES_USER
+          valueFrom:
+            secretKeyRef:
+              name: user-db-secret
+              key: DATABASE_USER
+        - name: POSTGRES_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: user-db-secret
+              key: DATABASE_PASSWORD
+        volumeMounts:
+        - mountPath: /var/lib/postgresql/data
+          name: myaktion-postgres-db-pv-claim
+      volumes:
+      - name: myaktion-postgres-db-pv-claim
+        persistentVolumeClaim:
+          claimName: myaktion-postgres-db-pv-claim
\ No newline at end of file
--- a/helm-msa/templates/deployment/redis-deployment.yaml
+++ b/helm-msa/templates/deployment/redis-deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: redis-deployment
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: redis
+  template:
+    metadata:
+      annotations:
+        linkerd.io/inject: enabled
+      labels:
+        app: redis
+    spec:
+      containers:
+      - name: redis
+        image: redis:7.0.8
+        imagePullPolicy: IfNotPresent
+        ports:
+        - containerPort: 8080
--- a/helm-msa/templates/deployment/user-db-deployment.yaml
+++ b/helm-msa/templates/deployment/user-db-deployment.yaml
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: user-db-postgres
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: user-db-postgres
+  template:
+    metadata:
+      annotations:
+        linkerd.io/inject: enabled
+      labels:
+        app: user-db-postgres
+    spec:
+      containers:
+      - name: user-db-postgres
+        image: postgres:14.5
+        imagePullPolicy: IfNotPresent
+        ports:
+          - containerPort: 5432
+        env:
+        - name: POSTGRES_USER
+          valueFrom:
+            secretKeyRef:
+              name: user-db-secret
+              key: DATABASE_USER
+        - name: POSTGRES_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: user-db-secret
+              key: DATABASE_PASSWORD
+        volumeMounts:
+        - mountPath: /var/lib/postgresql/data
+          name: user-db-postgres-pv-claim
+      volumes:
+      - name: user-db-postgres-pv-claim
+        persistentVolumeClaim:
+          claimName: user-db-postgres-pv-claim
\ No newline at end of file
--- a/helm-msa/templates/ingress-route/auth-service-ingress-route.yml
+++ b/helm-msa/templates/ingress-route/auth-service-ingress-route.yml
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  annotations:
+    kubernetes.io/ingress.class: traefik
+  creationTimestamp: null
+  name: auth-service-ingress-route
+  namespace: default
+spec:
+  routes:
+  - kind: Rule
+    match: PathPrefix(`/user`)
+    services:
+    - kind: Service
+      name: auth-service-service
+      namespace: default
+      port: 5000
+  - kind: Rule
+    match: PathPrefix(`/login`)
+    services:
+    - kind: Service
+      name: auth-service-service
+      namespace: default
+      port: 5000
+  - kind: Rule
+    match: PathPrefix(`/logout`)
+    middlewares:
+    - name: fw-auth-mw
+      namespace: default
+    services:
+    - kind: Service
+      name: auth-service-service
+      namespace: default
+      port: 5000
+  - kind: Rule
+    match: PathPrefix(`/blacklist/cleanup`)
+    middlewares:
+    - name: fw-auth-mw
+      namespace: default
+    services:
+    - kind: Service
+      name: auth-service-service
+      namespace: default
+      port: 5000
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: Middleware
+metadata:
+  creationTimestamp: null
+  name: fw-auth-mw
+  namespace: default
+spec:
+  forwardAuth:
+    address: http://auth-service-service.default.svc.cluster.local:5000/verify
+    authResponseHeaders:
+    - UserID
+    - IsAdmin
+    - UserRoles
+    tls: {}
--- a/helm-msa/templates/ingress-route/myaktion-ingress-route.yml
+++ b/helm-msa/templates/ingress-route/myaktion-ingress-route.yml
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  annotations:
+    kubernetes.io/ingress.class: traefik
+  creationTimestamp: null
+  name: client-test-ingress-route
+  namespace: default
+spec:
+  routes:
+  - kind: Rule
+    match: pathPrefix(`/campaigns`)
+    services:
+    - kind Service
+    name: myaktion-service
+    namespace: default
+    port: 8080
\ No newline at end of file
--- a/helm-msa/templates/persistent_volume/myaktion-postgres-db-storage.yml
+++ b/helm-msa/templates/persistent_volume/myaktion-postgres-db-storage.yml
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: myaktion-postgres-db-pv
+  labels:
+    type: local
+spec:
+  storageClassName: standard
+  capacity:
+    storage: 100M
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/mnt/data/myaktion"
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  labels:
+    app: myaktion-postgres-db
+  name: myaktion-postgres-db-pv-claim
+spec:
+  storageClassName: standard
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100M
\ No newline at end of file
--- a/helm-msa/templates/persistent_volume/user-db-storage.yml
+++ b/helm-msa/templates/persistent_volume/user-db-storage.yml
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: user-db-postgres-pv
+  labels:
+    type: local
+spec:
+  storageClassName: standard
+  capacity:
+    storage: 100M
+  accessModes:
+    - ReadWriteOnce
+  hostPath:
+    path: "/mnt/data"
+---
+apiVersion: v1
+kind: PersistentVolumeClaim
+metadata:
+  labels:
+    app: user-db-postgres
+  name: user-db-postgres-pv-claim
+spec:
+  storageClassName: standard
+  accessModes:
+  - ReadWriteOnce
+  resources:
+    requests:
+      storage: 100M
--- a/helm-msa/templates/secret/auth-service-secret.yml
+++ b/helm-msa/templates/secret/auth-service-secret.yml
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: auth-service-secret
+data:
+  AUTH_SECRET: MDM4REE5MQ==
\ No newline at end of file
--- a/helm-msa/templates/secret/user-db-secret.yml
+++ b/helm-msa/templates/secret/user-db-secret.yml
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+  name: user-db-secret
+data:
+  DATABASE_USER: dXNlcjE=
+  DATABASE_PASSWORD: cGFzc3dvcmQx
\ No newline at end of file
--- a/helm-msa/templates/service/auth-service-service.yaml
+++ b/helm-msa/templates/service/auth-service-service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: auth-service-service
+spec:
+  selector:
+    app: auth-service
+  ports:
+    - protocol: TCP
+      port: 5000
+      targetPort: 5000
+  type: ClusterIP
\ No newline at end of file
--- a/helm-msa/templates/service/myaktion-bank-service.yaml
+++ b/helm-msa/templates/service/myaktion-bank-service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: myaktion-bank-service
+spec:
+  selector:
+    app: myaktion-bank
+  ports:
+    - protocol: TCP
+      port: 8082
+      targetPort: 8082
+  type: ClusterIP
\ No newline at end of file
--- a/helm-msa/templates/service/myaktion-monitor-service.yaml
+++ b/helm-msa/templates/service/myaktion-monitor-service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: myaktion-monitor-service
+spec:
+  selector:
+    app: myaktion-monitor
+  ports:
+    - protocol: TCP
+      port: 8081
+      targetPort: 8081
+  type: ClusterIP
\ No newline at end of file
--- a/helm-msa/templates/service/myaktion-postgres-db-service.yaml
+++ b/helm-msa/templates/service/myaktion-postgres-db-service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: myaktion-postgres-db-service
+spec:
+  selector:
+    app: myaktion-postgres-db
+  ports:
+    - protocol: TCP
+      port: 5432
+      targetPort: 5432
\ No newline at end of file
--- a/helm-msa/templates/service/myaktion-service.yaml
+++ b/helm-msa/templates/service/myaktion-service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: myaktion-service
+spec:
+  selector:
+    app: myaktion
+  ports:
+    - protocol: TCP
+      port: 8080
+      targetPort: 8080
+  type: ClusterIP
\ No newline at end of file