litecharms/midrandbooks-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 32 Wiki Activity
Files
1.17
midrandbooks-api/midrandbooksapi-uat.yml
T
Khwezi Mngoma c76438b881
continuous-integration/drone/pr Build is passing
Details
Updated api to use litecharms-security
2026-06-06 22:08:04 +02:00

200 lines
6.5 KiB
YAML
Raw Permalink Blame History

---
apiVersion: v1
kind: Namespace
metadata:
name: midrandbooksapi-uat
---
apiVersion: v1
kind: ConfigMap
metadata:
name: midrandbooksapi-config
namespace: midrandbooksapi-uat
data:
ASPNETCORE_ENVIRONMENT: "Development"
ASPNETCORE_URLS: "http://0.0.0.0:8080"
Monitoring__Address: "http://aspire-dashboard-service.aspire.svc.cluster.local:18889"
Monitoring__ServiceName: "MidrandBooksApi.Uat"
HasherSettings__MinHashLength: "11"
BookshopS3Settings__ServiceUrl: "http://garage.garage.svc.cluster.local:3900"
BookshopS3Settings__Region: "garage"
BookshopS3Settings__BucketName: "bookshop"
BookshopS3Settings__CdnBaseUrl: "https://bookshop.cdn.khongisa.co.za"
ValidPayfastHosts__0: "www.payfast.co.za"
ValidPayfastHosts__1: "sandbox.payfast.co.za"
ValidPayfastHosts__2: "w1w.payfast.co.za"
ValidPayfastHosts__3: "w2w.payfast.co.za"
ValidPayfastHosts__4: "ips.payfast.co.za"
ValidPayfastHosts__5: "api.payfast.co.za"
ValidPayfastHosts__6: "payment.payfast.io"
LiteCharmsSettings__Authority: "https://sts.security.khongisa.co.za"
LiteCharmsSettings__Audience: "midrandbooks-api"
---
apiVersion: v1
kind: Secret
metadata:
name: midrandbooksapi-secrets
namespace: midrandbooksapi-uat
type: Opaque
data:
connection-string: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPW1pZHJhbmRzaG9wLWRldjtVc2VybmFtZT1taWRyYW5kc2hvcC1kZXYtdXNlcjtQYXNzd29yZD1hUFh5a0tnM3RTOWNtRDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZQ==
connection-string-quartz: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPXNjaGVkdWxlci1kZXY7VXNlcm5hbWU9c2NoZWR1bGVyLWRldi11c2VyO1Bhc3N3b3JkPWtWVm1vV0tKM3h6Z1FYO1BlcnNpc3QgU2VjdXJpdHkgSW5mbz1UcnVl
aspire-apikey: bWMzRzYzSzJqNVpPRXNpMEFqTW9qTFRYbTFLRVpGY3R6SUlqU3dEaVRHdXQ4cUdTa1B1V3d4R1AxUmJzY0pVbw==
hasher-salt: VEdsbmFIUWdRMmhoY20xekxDQk5hV1J5WVc1a1FtOXZhM01nYldGclpTQnNiM1J6SUc5bUlHMXZibVY1SUdGdVpDQmhjbVVnWVNCemRXTmpaWE56Wm5Wc0lIWnBjbUZzSUhOMGIzSjVJR2x1SUZOdmRYUm9JRUZtY21sallRPT0=
hasher-payfastpassphrase: OUdBSVIwdFdwaFgwcU8=
bookshop-s3-accesskey: R0s1MTRkMmNlOGRjNjkyMzdhMDVjMDFlZWY=
bookshop-s3-secretkey: ZWFhZmVkYTFhZWQ0MDllY2ZlNjA3MTRlY2RhNTQ5YjgyYmRmNWEzZGFmOWYxOGRkNjFmNjZiNDk3M2E2NDgyZQ==
litecharms-clientid: bWlkcmFuZGJvb2tzLWFwaQ==
litecharms-clientsecret: c2VjcmV0X2YzZjA0YWNhYTMzNmVlOTEzZDRjNjdlYmQwOTE1ZWFlYzQ0NzdmYTkwOTdlYTJhYzkyZGE4ZDc0NjgzZTAyNTU=
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: midrandbooksapi-pvc
namespace: midrandbooksapi-uat
spec:
accessModes: ["ReadWriteMany"]
storageClassName: nfs-storage
resources:
requests:
storage: 2Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: midrandbooks-api
namespace: midrandbooksapi-uat
spec:
replicas: 2
selector:
matchLabels:
app: midrandbooks-api
template:
metadata:
labels:
app: midrandbooks-api
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: DoesNotExist
containers:
- name: midrandbooks-api
image: nexus.khongisa.co.za/midrandbooks-api:latest
imagePullPolicy: Always
resources:
limits:
memory: "512Mi"
cpu: "500m"
requests:
memory: "256Mi"
cpu: "100m"
ports:
- containerPort: 8080
envFrom:
- configMapRef:
name: midrandbooksapi-config
env:
- name: LiteCharmsSettings__ClientId
valueFrom:
secretKeyRef:
name: midrandbooksapi-secrets
key: litecharms-clientid
- name: LiteCharmsSettings__ClientSecret
valueFrom:
secretKeyRef:
name: midrandbooksapi-secrets
key: litecharms-clientsecret
- name: BookshopS3Settings__AccessKey
valueFrom:
secretKeyRef:
name: midrandbooksapi-secrets
key: bookshop-s3-accesskey
- name: BookshopS3Settings__SecretKey
valueFrom:
secretKeyRef:
name: midrandbooksapi-secrets
key: bookshop-s3-secretkey
- name: HasherSettings__Salt
valueFrom:
secretKeyRef:
name: midrandbooksapi-secrets
key: hasher-salt
- name: HasherSettings__PayfastPassphrase
valueFrom:
secretKeyRef:
name: midrandbooksapi-secrets
key: hasher-payfastpassphrase
- name: ConnectionStrings__PostgresScheduler
valueFrom:
secretKeyRef:
name: midrandbooksapi-secrets
key: connection-string-quartz
- name: ConnectionStrings__PostgresMidrandBooks
valueFrom:
secretKeyRef:
name: midrandbooksapi-secrets
key: connection-string
- name: Monitoring__ApiKey
valueFrom:
secretKeyRef:
name: midrandbooksapi-secrets
key: aspire-apikey
volumeMounts:
- name: data
mountPath: /app/wwwroot/content
resources:
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 5
periodSeconds: 10
readinessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 3
periodSeconds: 5
volumes:
- name: data
persistentVolumeClaim:
claimName: midrandbooksapi-pvc
---
apiVersion: v1
kind: Service
metadata:
name: midrandbooksapi-service
namespace: midrandbooksapi-uat
spec:
type: ClusterIP
selector:
app: midrandbooks-api
ports:
- name: http
protocol: TCP
port: 80
targetPort: 8080
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: midrandbooksapi-web-secure
namespace: midrandbooksapi-uat
spec:
entryPoints:
- websecure
routes:
- match: Host(`api.uat.midrandbooks.co.za`)
kind: Rule
services:
- name: midrandbooksapi-service
port: 80
sticky:
cookie:
name: "lp-sticky-session"
httpOnly: true
secure: true
tls: {}
Reference in New Issue View Git Blame Copy Permalink