old-portfolio/infra-hideyoshi.com
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updates Secrets Creation

Browse Source
This commit is contained in:
Vitor Hideyoshi
2023-09-26 07:23:33 -03:00
parent f20d40896f
commit 94083f63bd
7 changed files with 63 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
deploy.sh
View File

@@ -16,12 +16,11 @@ function application_deploy() {
kubectl apply -f ./deployment/portfolio-namespace.yaml;
kubectl apply -f ./deployment/postgres/postgres-secret.yaml;
kubectl apply -f ./deployment/redis/redis-secret.yaml;
kubectl apply -f ./deployment/storage/storage-secret.yaml;
kubectl apply -f ./deployment/backend/backend-secret.yaml;
kubectl apply -f ./deployment/frontend/frontend-secret.yaml;
kubectl create secret generic backend-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/backendSecret.json);
kubectl create secret generic frontend-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/frontendSecret.json);
kubectl create secret generic postgres-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/postgresSecret.json);
kubectl create secret generic redis-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/redisSecret.json);
kubectl create secret generic storage-secret -n portfolio --from-env-file <(jq -r "to_entries|map(\"\(.key)=\(.value|tostring)\")|.[]" ./deployment/secrets/storageSecret.json);
kubectl apply -f \
./deployment/cert-manager/cert-manager-certificate.yaml;

36
deployment/backend/backend.yaml
View File

@@ -24,49 +24,49 @@ spec:
valueFrom:
secretKeyRef:
name: frontend-secret
key: frontend_path
key: frontendPath
- name: TOKEN_SECRET
valueFrom:
secretKeyRef:
name: backend-secret
key: token_secret
key: tokenSecret
- name: ACCESS_TOKEN_DURATION
valueFrom:
secretKeyRef:
name: backend-secret
key: access_token_duration
key: accessTokenDuration
- name: REFRESH_TOKEN_DURATION
valueFrom:
secretKeyRef:
name: backend-secret
key: refresh_token_duration
key: refreshTokenDuration
- name: DEFAULT_USER_FULLNAME
valueFrom:
secretKeyRef:
name: backend-secret
key: default_user_fullname
key: defaultUserFullName
- name: DEFAULT_USER_EMAIL
valueFrom:
secretKeyRef:
name: backend-secret
key: default_user_email
key: defaultUserEmail
- name: DEFAULT_USER_USERNAME
valueFrom:
secretKeyRef:
name: backend-secret
key: default_user_username
key: defaultUserUsername
- name: DEFAULT_USER_PASSWORD
valueFrom:
secretKeyRef:
name: backend-secret
key: default_user_password
key: defaultUserPassword
- name: PORT
valueFrom:
@@ -78,37 +78,37 @@ spec:
valueFrom:
secretKeyRef:
name: backend-secret
key: google_client_id
key: googleClientId
- name: GOOGLE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: backend-secret
key: google_client_secret
key: googleClientSecret
- name: GOOGLE_REDIRECT_URL
valueFrom:
secretKeyRef:
name: backend-secret
key: google_redirect_url
key: googleRedirectUrl
- name: GITHUB_CLIENT_ID
valueFrom:
secretKeyRef:
name: backend-secret
key: github_client_id
key: githubClientId
- name: GITHUB_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: backend-secret
key: github_client_secret
key: githubClientSecret
- name: GITHUB_REDIRECT_URL
valueFrom:
secretKeyRef:
name: backend-secret
key: github_redirect_url
key: githubRedirectUrl
- name: POSTGRES_URL
valueFrom:
@@ -120,7 +120,7 @@ spec:
valueFrom:
secretKeyRef:
name: postgres-secret
key: POSTGRES_DB
key: postgresDatabase
- name: DATABASE_URL
value: "postgresql://$(POSTGRES_URL):5432/$(POSTGRES_DB)"
@@ -129,13 +129,13 @@ spec:
valueFrom:
secretKeyRef:
name: postgres-secret
key: POSTGRES_USER
key: postgresUser
- name: DATABASE_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: POSTGRES_PASSWORD
key: postgresPassword
- name: REDIS_URL
valueFrom:
@@ -153,7 +153,7 @@ spec:
valueFrom:
secretKeyRef:
name: redis-secret
key: redis-password
key: redisPassword
- name: STORAGE_SERVICE_URL
valueFrom:

4
deployment/frontend/frontend.yaml
View File

@@ -28,12 +28,12 @@ spec:
valueFrom:
secretKeyRef:
name: frontend-secret
key: backend_url
key: backendUrl
- name: BACKEND_OAUTH_URL
valueFrom:
secretKeyRef:
name: frontend-secret
key: backend_oauth_url
key: backendOAuthUrl
---
apiVersion: v1

21
deployment/postgres/postgres.yaml
View File

@@ -19,9 +19,24 @@ spec:
imagePullPolicy: "IfNotPresent"
ports:
- containerPort: 5432
envFrom:
- secretRef:
name: postgres-secret
env:
- name: POSTGRES_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-secret
key: postgresPassword
- name: POSTGRES_USER
valueFrom:
secretKeyRef:
name: postgres-secret
key: postgresUser
- name: POSTGRES_DB
valueFrom:
secretKeyRef:
name: postgres-secret
key: postgresDatabase
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: postgredb

2
deployment/redis/redis.yaml
View File

@@ -24,7 +24,7 @@ spec:
valueFrom:
secretKeyRef:
name: redis-secret
key: redis-password
key: redisPassword
---
apiVersion: v1

21
deployment/storage/storage-processor.yaml
View File

@@ -20,7 +20,7 @@ spec:
args: [ "-q" ]
imagePullPolicy: "Always"
env:
- name: REDIS_BASE_URL
- name: REDIS_HOST
valueFrom:
configMapKeyRef:
name: redis-config
@@ -36,49 +36,46 @@ spec:
valueFrom:
secretKeyRef:
name: redis-secret
key: redis-password
- name: REDIS_URL
value: "redis://:$(REDIS_PASSWORD)@$(REDIS_BASE_URL):$(REDIS_PORT)"
key: redisPassword
- name: STORAGE_TYPE
valueFrom:
secretKeyRef:
name: storage-secret
key: storage_type
key: storageType
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_access_key_id
key: awsAccessKeyId
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_access_access_key
key: awsSecretAccessKey
- name: AWS_REGION_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_region_name
key: awsRegion
- name: AWS_BUCKET_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_bucket_name
key: awsBucket
- name: VIRUS_CHECKER_TYPE
valueFrom:
secretKeyRef:
name: storage-secret
key: virus_checker_type
key: virusCheckerType
- name: VIRUS_CHECKER_API_KEY
valueFrom:
secretKeyRef:
name: storage-secret
key: virus_checher_api_key
key: virusCheckerApiKey

20
deployment/storage/storage.yaml
View File

@@ -24,13 +24,13 @@ spec:
valueFrom:
secretKeyRef:
name: frontend-secret
key: backend_url
key: frontendPath
- name: EXPIRES_IN
valueFrom:
secretKeyRef:
name: backend-secret
key: access_token_duration
key: accessTokenDuration
- name: SERVER_PORT
valueFrom:
@@ -54,49 +54,49 @@ spec:
valueFrom:
secretKeyRef:
name: redis-secret
key: redis-password
key: redisPassword
- name: STORAGE_TYPE
valueFrom:
secretKeyRef:
name: storage-secret
key: storage_type
key: storageType
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_access_key_id
key: awsAccessKeyId
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_access_access_key
key: awsSecretAccessKey
- name: AWS_REGION_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_region_name
key: awsRegion
- name: AWS_BUCKET_NAME
valueFrom:
secretKeyRef:
name: storage-secret
key: aws_bucket_name
key: awsBucket
- name: VIRUS_CHECKER_TYPE
valueFrom:
secretKeyRef:
name: storage-secret
key: virus_checker_type
key: virusCheckerType
- name: VIRUS_CHECKER_API_KEY
valueFrom:
secretKeyRef:
name: storage-secret
key: virus_checher_api_key
key: virusCheckerApiKey
---
apiVersion: v1