--- apiVersion: v1 kind: Namespace metadata: name: midrandbooks-uat --- apiVersion: v1 kind: ConfigMap metadata: name: midrandbooks-config namespace: midrandbooks-uat data: ASPNETCORE_ENVIRONMENT: "Development" ASPNETCORE_URLS: "http://0.0.0.0:8080" Monitoring__Address: "http://aspire-dashboard-service.aspire.svc.cluster.local:18889" Monitoring__ServiceName: "MidrandBooks.Uat" HasherSettings__MinHashLength: "11" BookshopS3Settings__ServiceUrl: "http://garage.garage.svc.cluster.local:3900" BookshopS3Settings__Region: "garage" BookshopS3Settings__BucketName: "bookshop" BookshopS3Settings__CdnBaseUrl: "https://bookshop.cdn.khongisa.co.za" ValidPayfastHosts__0: "www.payfast.co.za" ValidPayfastHosts__1: "sandbox.payfast.co.za" ValidPayfastHosts__2: "w1w.payfast.co.za" ValidPayfastHosts__3: "w2w.payfast.co.za" ValidPayfastHosts__4: "ips.payfast.co.za" ValidPayfastHosts__5: "api.payfast.co.za" ValidPayfastHosts__6: "payment.payfast.io" AuthentikSettings__Authority: "https://id.khongisa.co.za/application/o/midrand-books-api-uat/" AuthentikSettings__MetadataEndpoint: "https://id.khongisa.co.za/application/o/midrand-books-uat/.well-known/openid-configuration" AuthentikSettings__RevokationEndpoint: "https://id.khongisa.co.za/application/o/revoke/" --- apiVersion: v1 kind: Secret metadata: name: midrandbooks-secrets namespace: midrandbooks-uat type: Opaque data: connection-string: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPW1pZHJhbmRzaG9wLWRldjtVc2VybmFtZT1taWRyYW5kc2hvcC1kZXYtdXNlcjtQYXNzd29yZD1hUFh5a0tnM3RTOWNtRDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZQ== connection-string-quartz: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPXNjaGVkdWxlci1kZXY7VXNlcm5hbWU9c2NoZWR1bGVyLWRldi11c2VyO1Bhc3N3b3JkPWtWVm1vV0tKM3h6Z1FYO1BlcnNpc3QgU2VjdXJpdHkgSW5mbz1UcnVl aspire-apikey: bWMzRzYzSzJqNVpPRXNpMEFqTW9qTFRYbTFLRVpGY3R6SUlqU3dEaVRHdXQ4cUdTa1B1V3d4R1AxUmJzY0pVbw== hasher-salt: VEdsbmFIUWdRMmhoY20xekxDQk5hV1J5WVc1a1FtOXZhM01nYldGclpTQnNiM1J6SUc5bUlHMXZibVY1SUdGdVpDQmhjbVVnWVNCemRXTmpaWE56Wm5Wc0lIWnBjbUZzSUhOMGIzSjVJR2x1SUZOdmRYUm9JRUZtY21sallRPT0= hasher-payfastpassphrase: OUdBSVIwdFdwaFgwcU8= bookshop-s3-accesskey: R0s1MTRkMmNlOGRjNjkyMzdhMDVjMDFlZWY= bookshop-s3-secretkey: ZWFhZmVkYTFhZWQ0MDllY2ZlNjA3MTRlY2RhNTQ5YjgyYmRmNWEzZGFmOWYxOGRkNjFmNjZiNDk3M2E2NDgyZQ== authentik-clientid: Nm9oZk1lSndQNWR0YWY1RFMzZU9MY2NNSHF6WXlma1YzRTNGeE5Tbw== authentik-clientsecret: TXV2a0FLQklHR3BkdEsyaFlabVU1dFRaUmNuM2FhRzhoMWhlVE1nazFYOGVwczYyMzNCS0REWGdpNXo0T01RalVzMGZEUEFmakpmVVRNN1h3ZjllMU01MTQyVGlvOXRycUdmZTM1THhPaExEUnp6N2gxSm5jVkNLYXZXUllndmQ= --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: midrandbooks-pvc namespace: midrandbooks-uat spec: accessModes: ["ReadWriteMany"] storageClassName: nfs-storage resources: requests: storage: 2Gi --- apiVersion: apps/v1 kind: Deployment metadata: name: midrandbooks namespace: midrandbooks-uat spec: replicas: 2 selector: matchLabels: app: midrandbooks template: metadata: labels: app: midrandbooks spec: affinity: nodeAffinity: requiredDuringSchedulingIgnoredDuringExecution: nodeSelectorTerms: - matchExpressions: - key: node-role.kubernetes.io/control-plane operator: DoesNotExist containers: - name: midrandbooks image: nexus.khongisa.co.za/midrandbooks:latest imagePullPolicy: Always resources: limits: memory: "512Mi" cpu: "500m" requests: memory: "256Mi" cpu: "100m" ports: - containerPort: 8080 envFrom: - configMapRef: name: midrandbooks-config env: - name: AuthentikSettings__ClientId valueFrom: secretKeyRef: name: midrandbooks-secrets key: authentik-clientid - name: AuthentikSettings__ClientSecret valueFrom: secretKeyRef: name: midrandbooks-secrets key: authentik-clientsecret - name: BookshopS3Settings__AccessKey valueFrom: secretKeyRef: name: midrandbooks-secrets key: bookshop-s3-accesskey - name: BookshopS3Settings__SecretKey valueFrom: secretKeyRef: name: midrandbooks-secrets key: bookshop-s3-secretkey - name: HasherSettings__Salt valueFrom: secretKeyRef: name: midrandbooks-secrets key: hasher-salt - name: HasherSettings__PayfastPassphrase valueFrom: secretKeyRef: name: midrandbooks-secrets key: hasher-payfastpassphrase - name: ConnectionStrings__PostgresScheduler valueFrom: secretKeyRef: name: midrandbooks-secrets key: connection-string-quartz - name: ConnectionStrings__PostgresMidrandBooks valueFrom: secretKeyRef: name: midrandbooks-secrets key: connection-string - name: Monitoring__ApiKey valueFrom: secretKeyRef: name: midrandbooks-secrets key: aspire-apikey volumeMounts: - name: data mountPath: /app/wwwroot/content resources: livenessProbe: httpGet: path: /health port: 8080 initialDelaySeconds: 5 periodSeconds: 10 readinessProbe: httpGet: path: /health port: 8080 initialDelaySeconds: 3 periodSeconds: 5 volumes: - name: data persistentVolumeClaim: claimName: midrandbooks-pvc --- apiVersion: v1 kind: Service metadata: name: midrandbooks-service namespace: midrandbooks-uat spec: type: ClusterIP selector: app: midrandbooks ports: - name: http protocol: TCP port: 80 targetPort: 8080 --- apiVersion: traefik.io/v1alpha1 kind: IngressRoute metadata: name: midrandbooks-web-secure namespace: midrandbooks-uat spec: entryPoints: - websecure routes: - match: Host(`uat.midrandbooks.co.za`) kind: Rule services: - name: midrandbooks-service port: 80 sticky: cookie: name: "lp-sticky-session" httpOnly: true secure: true tls: {}