From 94083f63bd057566adbbd6234048b0fa95d6c9f8 Mon Sep 17 00:00:00 2001 From: Vitor Hideyoshi Date: Tue, 26 Sep 2023 07:23:33 -0300 Subject: [PATCH] Updates Secrets Creation --- deploy.sh | 11 ++++--- deployment/backend/backend.yaml | 36 +++++++++++------------ deployment/frontend/frontend.yaml | 4 +-- deployment/postgres/postgres.yaml | 21 +++++++++++-- deployment/redis/redis.yaml | 2 +- deployment/storage/storage-processor.yaml | 21 ++++++------- deployment/storage/storage.yaml | 20 ++++++------- 7 files changed, 63 insertions(+), 52 deletions(-) diff --git a/deploy.sh b/deploy.sh index 568eeb6..333929e 100755 --- a/deploy.sh +++ b/deploy.sh @@ -16,12 +16,11 @@ function application_deploy() { kubectl apply -f ./deployment/portfolio-namespace.yaml; - - kubectl apply -f ./deployment/postgres/postgres-secret.yaml; - kubectl apply -f ./deployment/redis/redis-secret.yaml; - kubectl apply -f ./deployment/storage/storage-secret.yaml; - kubectl apply -f ./deployment/backend/backend-secret.yaml; - kubectl apply -f ./deployment/frontend/frontend-secret.yaml; + kubectl create secret generic backend-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/backendSecret.json); + kubectl create secret generic frontend-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/frontendSecret.json); + kubectl create secret generic postgres-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/postgresSecret.json); + kubectl create secret generic redis-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/redisSecret.json); + kubectl create secret generic storage-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/storageSecret.json); kubectl apply -f \ ./deployment/cert-manager/cert-manager-certificate.yaml; diff --git a/deployment/backend/backend.yaml b/deployment/backend/backend.yaml index 7f4662a..7420a44 100644 --- a/deployment/backend/backend.yaml +++ b/deployment/backend/backend.yaml @@ -24,49 +24,49 @@ spec: valueFrom: secretKeyRef: name: frontend-secret - key: frontend_path + key: frontendPath - name: TOKEN_SECRET valueFrom: secretKeyRef: name: backend-secret - key: token_secret + key: tokenSecret - name: ACCESS_TOKEN_DURATION valueFrom: secretKeyRef: name: backend-secret - key: access_token_duration + key: accessTokenDuration - name: REFRESH_TOKEN_DURATION valueFrom: secretKeyRef: name: backend-secret - key: refresh_token_duration + key: refreshTokenDuration - name: DEFAULT_USER_FULLNAME valueFrom: secretKeyRef: name: backend-secret - key: default_user_fullname + key: defaultUserFullName - name: DEFAULT_USER_EMAIL valueFrom: secretKeyRef: name: backend-secret - key: default_user_email + key: defaultUserEmail - name: DEFAULT_USER_USERNAME valueFrom: secretKeyRef: name: backend-secret - key: default_user_username + key: defaultUserUsername - name: DEFAULT_USER_PASSWORD valueFrom: secretKeyRef: name: backend-secret - key: default_user_password + key: defaultUserPassword - name: PORT valueFrom: @@ -78,37 +78,37 @@ spec: valueFrom: secretKeyRef: name: backend-secret - key: google_client_id + key: googleClientId - name: GOOGLE_CLIENT_SECRET valueFrom: secretKeyRef: name: backend-secret - key: google_client_secret + key: googleClientSecret - name: GOOGLE_REDIRECT_URL valueFrom: secretKeyRef: name: backend-secret - key: google_redirect_url + key: googleRedirectUrl - name: GITHUB_CLIENT_ID valueFrom: secretKeyRef: name: backend-secret - key: github_client_id + key: githubClientId - name: GITHUB_CLIENT_SECRET valueFrom: secretKeyRef: name: backend-secret - key: github_client_secret + key: githubClientSecret - name: GITHUB_REDIRECT_URL valueFrom: secretKeyRef: name: backend-secret - key: github_redirect_url + key: githubRedirectUrl - name: POSTGRES_URL valueFrom: @@ -120,7 +120,7 @@ spec: valueFrom: secretKeyRef: name: postgres-secret - key: POSTGRES_DB + key: postgresDatabase - name: DATABASE_URL value: "postgresql://$(POSTGRES_URL):5432/$(POSTGRES_DB)" @@ -129,13 +129,13 @@ spec: valueFrom: secretKeyRef: name: postgres-secret - key: POSTGRES_USER + key: postgresUser - name: DATABASE_PASSWORD valueFrom: secretKeyRef: name: postgres-secret - key: POSTGRES_PASSWORD + key: postgresPassword - name: REDIS_URL valueFrom: @@ -153,7 +153,7 @@ spec: valueFrom: secretKeyRef: name: redis-secret - key: redis-password + key: redisPassword - name: STORAGE_SERVICE_URL valueFrom: diff --git a/deployment/frontend/frontend.yaml b/deployment/frontend/frontend.yaml index be8cc34..8a28cc6 100644 --- a/deployment/frontend/frontend.yaml +++ b/deployment/frontend/frontend.yaml @@ -28,12 +28,12 @@ spec: valueFrom: secretKeyRef: name: frontend-secret - key: backend_url + key: backendUrl - name: BACKEND_OAUTH_URL valueFrom: secretKeyRef: name: frontend-secret - key: backend_oauth_url + key: backendOAuthUrl --- apiVersion: v1 diff --git a/deployment/postgres/postgres.yaml b/deployment/postgres/postgres.yaml index 406307e..4177bb5 100644 --- a/deployment/postgres/postgres.yaml +++ b/deployment/postgres/postgres.yaml @@ -19,9 +19,24 @@ spec: imagePullPolicy: "IfNotPresent" ports: - containerPort: 5432 - envFrom: - - secretRef: - name: postgres-secret + env: + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: postgres-secret + key: postgresPassword + + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: postgres-secret + key: postgresUser + + - name: POSTGRES_DB + valueFrom: + secretKeyRef: + name: postgres-secret + key: postgresDatabase volumeMounts: - mountPath: /var/lib/postgresql/data name: postgredb diff --git a/deployment/redis/redis.yaml b/deployment/redis/redis.yaml index 78b8126..8a2c17a 100644 --- a/deployment/redis/redis.yaml +++ b/deployment/redis/redis.yaml @@ -24,7 +24,7 @@ spec: valueFrom: secretKeyRef: name: redis-secret - key: redis-password + key: redisPassword --- apiVersion: v1 diff --git a/deployment/storage/storage-processor.yaml b/deployment/storage/storage-processor.yaml index 32d0679..872df8d 100644 --- a/deployment/storage/storage-processor.yaml +++ b/deployment/storage/storage-processor.yaml @@ -20,7 +20,7 @@ spec: args: [ "-q" ] imagePullPolicy: "Always" env: - - name: REDIS_BASE_URL + - name: REDIS_HOST valueFrom: configMapKeyRef: name: redis-config @@ -36,49 +36,46 @@ spec: valueFrom: secretKeyRef: name: redis-secret - key: redis-password - - - name: REDIS_URL - value: "redis://:$(REDIS_PASSWORD)@$(REDIS_BASE_URL):$(REDIS_PORT)" + key: redisPassword - name: STORAGE_TYPE valueFrom: secretKeyRef: name: storage-secret - key: storage_type + key: storageType - name: AWS_ACCESS_KEY_ID valueFrom: secretKeyRef: name: storage-secret - key: aws_access_key_id + key: awsAccessKeyId - name: AWS_SECRET_ACCESS_KEY valueFrom: secretKeyRef: name: storage-secret - key: aws_access_access_key + key: awsSecretAccessKey - name: AWS_REGION_NAME valueFrom: secretKeyRef: name: storage-secret - key: aws_region_name + key: awsRegion - name: AWS_BUCKET_NAME valueFrom: secretKeyRef: name: storage-secret - key: aws_bucket_name + key: awsBucket - name: VIRUS_CHECKER_TYPE valueFrom: secretKeyRef: name: storage-secret - key: virus_checker_type + key: virusCheckerType - name: VIRUS_CHECKER_API_KEY valueFrom: secretKeyRef: name: storage-secret - key: virus_checher_api_key \ No newline at end of file + key: virusCheckerApiKey \ No newline at end of file diff --git a/deployment/storage/storage.yaml b/deployment/storage/storage.yaml index 73d14dc..27cc550 100644 --- a/deployment/storage/storage.yaml +++ b/deployment/storage/storage.yaml @@ -24,13 +24,13 @@ spec: valueFrom: secretKeyRef: name: frontend-secret - key: backend_url + key: frontendPath - name: EXPIRES_IN valueFrom: secretKeyRef: name: backend-secret - key: access_token_duration + key: accessTokenDuration - name: SERVER_PORT valueFrom: @@ -54,49 +54,49 @@ spec: valueFrom: secretKeyRef: name: redis-secret - key: redis-password + key: redisPassword - name: STORAGE_TYPE valueFrom: secretKeyRef: name: storage-secret - key: storage_type + key: storageType - name: AWS_ACCESS_KEY_ID valueFrom: secretKeyRef: name: storage-secret - key: aws_access_key_id + key: awsAccessKeyId - name: AWS_SECRET_ACCESS_KEY valueFrom: secretKeyRef: name: storage-secret - key: aws_access_access_key + key: awsSecretAccessKey - name: AWS_REGION_NAME valueFrom: secretKeyRef: name: storage-secret - key: aws_region_name + key: awsRegion - name: AWS_BUCKET_NAME valueFrom: secretKeyRef: name: storage-secret - key: aws_bucket_name + key: awsBucket - name: VIRUS_CHECKER_TYPE valueFrom: secretKeyRef: name: storage-secret - key: virus_checker_type + key: virusCheckerType - name: VIRUS_CHECKER_API_KEY valueFrom: secretKeyRef: name: storage-secret - key: virus_checher_api_key + key: virusCheckerApiKey --- apiVersion: v1