litecharms/midrandbooks
1
0
Fork 0
Code Issues 9 Pull Requests Actions Packages Projects 1 Releases 64 Wiki Activity
Files
8ddf769fab42a856ffde6ef50d0a18e32f915d4b
midrandbooks/midrandbooks-uat.yml
T
Khwezi Mngoma 8ddf769fab
continuous-integration/drone/pr Build is passing
Details
Refactored manifest
2026-06-14 11:49:08 +02:00

246 lines
12 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: Namespace
metadata:
name: midrandbooks-uat
---
apiVersion: v1
kind: ConfigMap
metadata:
name: midrandbooks-config
namespace: midrandbooks-uat
data:
ASPNETCORE_ENVIRONMENT: "Development"
ASPNETCORE_URLS: "http://0.0.0.0:8080"
Monitoring__Address: "http://aspire-dashboard-service.aspire.svc.cluster.local:18889"
Monitoring__ServiceName: "MidrandBooks.Uat"
HasherSettings__MinHashLength: "11"
BookshopS3Settings__ServiceUrl: "http://garage.garage.svc.cluster.local:3900"
BookshopS3Settings__Region: "garage"
BookshopS3Settings__BucketName: "bookshop"
BookshopS3Settings__CdnBaseUrl: "https://bookshop.cdn.khongisa.co.za"
PayfastSettings__CheckoutUrl: "https://sandbox.payfast.co.za/eng/process"
PayfastSettings__ValidHosts__0: "www.payfast.co.za"
PayfastSettings__ValidHosts__1: "sandbox.payfast.co.za"
PayfastSettings__ValidHosts__2: "ips.payfast.co.za"
PayfastSettings__ValidHosts__3: "api.payfast.co.za"
PayfastSettings__ValidHosts__4: "payment.payfast.io"
LiteCharmsSettings__Authority: "https://sts.security.khongisa.co.za"
LiteCharmsSettings__Audience: "midrandbooks-api"
ASPNETCORE_FORWARDEDHEADERS_ENABLED: "true"
LiteCharmsClientSettings__Authority: "https://sts.security.khongisa.co.za"
LiteCharmsClientSettings__GrantType: "client_credentials"
LiteCharmsClientSettings__Scope: "midrandbooks-api"
---
apiVersion: v1
kind: Secret
metadata:
name: midrandbooks-secrets
namespace: midrandbooks-uat
type: Opaque
data:
connection-string: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPW1pZHJhbmRzaG9wLWRldjtVc2VybmFtZT1taWRyYW5kc2hvcC1kZXYtdXNlcjtQYXNzd29yZD1hUFh5a0tnM3RTOWNtRDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZQ==
dataprotection-connection-string: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPW1pZHJhbmRzaG9wLWRldjtVc2VybmFtZT1taWRyYW5kc2hvcC1kZXYtdXNlcjtQYXNzd29yZD1hUFh5a0tnM3RTOWNtRDtQZXJzaXN0IFNlY3VyaXR5IEluZm89VHJ1ZQ==
connection-string-quartz: SG9zdD0xOTIuMTY4LjEuMTcwO0RhdGFiYXNlPXNjaGVkdWxlci1kZXY7VXNlcm5hbWU9c2NoZWR1bGVyLWRldi11c2VyO1Bhc3N3b3JkPWtWVm1vV0tKM3h6Z1FYO1BlcnNpc3QgU2VjdXJpdHkgSW5mbz1UcnVl
aspire-apikey: bWMzRzYzSzJqNVpPRXNpMEFqTW9qTFRYbTFLRVpGY3R6SUlqU3dEaVRHdXQ4cUdTa1B1V3d4R1AxUmJzY0pVbw==
hasher-salt: VEdsbmFIUWdRMmhoY20xekxDQk5hV1J5WVc1a1FtOXZhM01nYldGclpTQnNiM1J6SUc5bUlHMXZibVY1SUdGdVpDQmhjbVVnWVNCemRXTmpaWE56Wm5Wc0lIWnBjbUZzSUhOMGIzSjVJR2x1SUZOdmRYUm9JRUZtY21sallRPT0=
bookshop-s3-accesskey: R0s1MTRkMmNlOGRjNjkyMzdhMDVjMDFlZWY=
bookshop-s3-secretkey: ZWFhZmVkYTFhZWQ0MDllY2ZlNjA3MTRlY2RhNTQ5YjgyYmRmNWEzZGFmOWYxOGRkNjFmNjZiNDk3M2E2NDgyZQ==
litecharms-clientid: bWlkcmFuZGJvb2tzLXVhdA==
litecharms-clientsecret: c2VjcmV0Xzc3OGJkODM3NWFjNGE3Mzg2N2QxZDdhNjcwODJlZTJjNGU4NmUwODYwYmI0Y2ZlZWI5NDExOTQ5OTk2ZThhOGU=
payfast-passphrase: OUdBSVIwdFdwaFgwcU8=
payfast-merchantid: MTAwNDkzMDc=
payfast-merchantkey: anU2bmF2bjBqY2JmMA==
litecharms-client-clientid: bWlkcmFuZGJvb2tzLWFwaS1zY2FsZXItdWF0
litecharms-client-clientsecret: c2VjcmV0XzBhOGRjMWY5OTA2MTU5MGE1MmIxMjcyZGIzYTE4NzFkMjc2MWM3OWZiZDA1OGIyYTk2ODkxMTAyOWU0YjIwOGE=
dataprotection-cert: |
MIIKgAIBAzCCCjYGCSqGSIb3DQEHAaCCCicEggojMIIKHzCCBFIGCSqGSIb3DQEHBqCCBEMwggQ/AgEAMIIEOAYJKoZIhvcNAQcBMFcGCSqGSIb3DQEFDTBKMCkGCSqGSIb3DQEFDDAcBAh9qkaVgGmz/gICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEKb2CyrUL6BTZjUF5py8BLWAggPQ7c0M6pLz8pH5B3xfcC11DeteY9ixT9hpyxYTgcBCfxxv0hunGMxoi0OZc+YGp7YEp8XSAfGd34g9xDs2TmAnwjQqVibGLGR3fpISZH20T5DHaSwgWppxeFVE7UvedixCnkwH6W9EN8cUHVd2ISVN+EhrrOJRVI6X+62uJQwq3BmY9IouuaH8dpMqmtV1xSkVd3W54goY30yZtBlP8s17lRwHXnYJRPa2Qyv0qclyTK46ktmm5eNjWhNZwYmrFgX7yxZqPw/zk2Q1f0tmE7yJpGC6xnpbPhQXxHR2X89OCB6S9hMm3uiEic01fTsaTEBIVoSwT71IZVUCa4wZaer0xS07oWQK3Yl0nu/IfmbJCk+IHRHrBMZ+uOk7EW133n+Cr48mpgr2gvCe/V3KeiDcAQYVfht7ihgME27GV6VD7Z30JmjF7DhON921zh/7NhoIiLKoIMlR1kID39M78yG4n5Xf6YdQbdWE2PTtPtBNJdk0C1vLMOcKVfm4MVnV/B4uiYZXztd0nKMD4v/kgApxDOpw/HYN5psVbAeC3Y1clpP0UsbMJ//VWPMAkpbm/GzIMHleid5rLP7UIgxxopUYOwIP6hl8wnsosOlLo09XNIARoPqANorh6x+9QlhN+58JSYILjnFnkr47EYxZHqCIzCLv1VZdmfpbQ8fKJ02LjGu9SGXsQD3qvQkvLGyegBcp3+8gXka1TiaKTOKHwy85RhH3uq1qW5fV4nxQpvV3+MlEVPRsh7FcMhSeK+66CHOCZ7JEG4JQA7ocd0UkatXksF+ds8yX02ugLX40tmFvnlDg4XXzJ1yEpHc0u+73qqC+9s56qGsm84VZ0hn7Zdc98DrXZ+U7HklZycPnvtpPwxzvlIpfDrbYbU+yj/+iriYDhFt94GzajEKsmlq9HtW8wSWg60mJoUIlz5AV/ZSwT7S8y2WplE+TMFFyg1TjOb4Jq/THpInUInfz+oQjr6w56fPdUkDW7f5+Si3YYWvVfTDgAqT7/xVvliMc8pQ7gZebzeBBjZCmV5qTLeeOphjRL9yMNwHkrVh1qW5eGvHUESgNVdU5B/m1VrctW2NPcVfXMqDg3hvfwapMlEm9LXw/bXtNfK8LJZ0fI7S8USTP8aX/BVkN/wad7V0GjLGJgq5kZTKRFqZDfIy7lH8FcUMZ22Ex0II2uv0ohAnimZtUYkBLPXRiYg4AdOV0YsP6KwU/62uUFiXx/GBmKY4AI2+qT2DcJ0umed9qW/U25H91z9iasrNvE+hXNv4tEzJew+tIYpUvK0jRqLeT1Wjbk8eprTCCBcUGCSqGSIb3DQEHAaCCBbYEggWyMIIFrjCCBaoGCyqGSIb3DQEMCgECoIIFMTCCBS0wVwYJKoZIhvcNAQUNMEowKQYJKoZIhvcNAQUMMBwECNV0zVDMR21/AgIIADAMBggqhkiG9w0CCQUAMB0GCWCGSAFlAwQBKgQQmFQv8M4PJNOzsnkTAj+KWASCBND06MB//M0VAlAOf2k8HYiTg/T3SaFxohZWia0rkyoK/bKYIghehUzSyiQ0jssCrAP/wNz+CpA3WTLXrOiDh8WX/2EjR2/jsvtTKCdbjb07JKWEQp4Q5Ho5uf1catT59dAse+IueVN94liEVEtISWNaIXh+eXpBm2ozZ8DIR4Cn3Ju4Od/oF45pHYgOGiB/kmMoAC02wMOdsVvtKoXPMYsFfw0Zjp9fL5uro6rWXDh9a6v8LKhrkHvYtsyYViE2h8o9mliTgtkjov4e6Lj6nUbEn3IyDe7mrlZ5Me27KW5fWYrjsXM9hQLvLkuUHwm6gKkUqvZygez77BIkO0kH+8Ww3oO0XLXYOHhgAl++wCLGL/BXV3+C9Gb5dvQQGkKyP7eZDKF/TF6jSzK7kGvY1Ik61AKHw1qg7NDHe6Ga3TXQ0D6Uuum/u0tZmDcljOTjVWZR/JDQknF6UNPeB9Q8F3woTixTzyuihR9vxg5ry6Wpfp3+dSut5wwn6mSWIdjvJrJa58FpMDnpZtlEEwd3h4Fva6YswsJD24TfZTXQUIiVXRZTciB9SomLp0n2okjzRZop672yxXeRCKfowxDJHSSAm8PYAF0e2x6QrewMZxQEvueC8uk6+7cjuzq8VbPFx8OAOK7liIAeGshOhMrN8Bl5v0R00ybiH8S3SSp8op/wEcAWFrhXM1epS8AyIjNRXShB3KZhNPUh8XpJH4ATXgmyInI9MVt5FYhepjj8PsBEbDTSvQN2czxi0Yabc3vqMe+q+uNoK9kXnoI8cVK0RjsWm/Cf5QANgPEUX8kcFBuZbgQ68xL1/JeX9bRX/QIS4YojQY7F4mZulHRJQhseOuMRwe2yafMgkusjBPSgD0Nmw55/kzWssYLqoocLZ08DFV7eCQgamu0SWdjeIVGmo27PnbQuLUnJMc6ncBLIrbp711NfGilCb4j77/ol1Sff3KNiphkoIc51lfHQ3QqBLZbbosRBaPxIlH8soZP8Zr1R/sGjTyth4epKIBZL6/R0iopzJcTMbrUcqrMmHIPCuYdcX+hHFhSEochSH9wJee4Bd8/T8tXmMUmBUvKTRRfHkc7s/exCfLLf8qOX23RUpkdI5ufoLQEOepROj7ekPUGyMyOxrwkCPtaaRjOpv9MKbdL6p5EBGzJ0Tlr+ztClerhgNFu9eg/5t9WaLXrl+KBThsayjzS7qZppPkxvEiSBgCFeRK863l+uW2uQnmN8m53iGLP84K2NCBPPmJ3uzp1PbH/MBwXzFnml+ojLL4BoorTmgSPThhHvLnMP11tOYkN2WAHvzP2JK1A2Zv6VMVnAOGbG+wDmqsAmQZ7BuyQrxfASqpg+HLTxqad776/zvp4zuY3JVbrlm6cT6pDn+uJG5HKFtp/pA5X9oAYnSbIDWMjRhaTLIweCblMEEMTsS95iEcobhvU6s3nTSASFIZ95RhaBHcluQ1ydNYeaZMRFWx9SPrKEUOJiz9LwiTL1jKtAtnwhrBdO6i0S7Jbb+UW4bgGr5XRrTTGJDWIL7zrw/53axCz6TKgrWK1NbcCuGKktX5wB+Vq1eQYP4V2aboabryJiAio8gFCtgA7bE0p1OWs2VcCy2zWv+UM7kZyXEye8vXj5C1CypnE+n5r36O2ZSzFmMCMGCSqGSIb3DQEJFTEWBBQ1lQ+totrkZkQb7uE6lOz/gPzqKTA/BgkqhkiG9w0BCRQxMh4wAEwAaQB0AGUAQwBoAGEAcgBtAHMARABhAHQAYQBQAHIAbwB0AGUAYwB0AGkAbwBuMEEwMTANBglghkgBZQMEAgEFAAQgAW7Ot+6j9Xu4nT7pL9rF43iOnSd5qLd+yJM5A5q2wDAECH1pO/hUEzlNAgIIAA==
dataprotection-password: OWlIUSMmcl41eWZYRXc=
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: midrandbooks-pvc
namespace: midrandbooks-uat
spec:
accessModes: ["ReadWriteMany"]
storageClassName: nfs-storage
resources:
requests:
storage: 2Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: midrandbooks
namespace: midrandbooks-uat
spec:
replicas: 2
selector:
matchLabels:
app: midrandbooks
template:
metadata:
labels:
app: midrandbooks
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/control-plane
operator: DoesNotExist
containers:
- name: midrandbooks
image: nexus.khongisa.co.za/midrandbooks:latest
imagePullPolicy: Always
resources:
limits:
memory: "512Mi"
cpu: "500m"
requests:
memory: "256Mi"
cpu: "100m"
ports:
- containerPort: 8080
envFrom:
- configMapRef:
name: midrandbooks-config
env:
- name: DataProtection__Certificate
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: dataprotection-cert
- name: DataProtection__Password
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: dataprotection-password
- name: LiteCharmsSettings__ClientId
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: litecharms-clientid
- name: LiteCharmsSettings__ClientSecret
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: litecharms-clientsecret
- name: BookshopS3Settings__AccessKey
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: bookshop-s3-accesskey
- name: BookshopS3Settings__SecretKey
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: bookshop-s3-secretkey
- name: HasherSettings__Salt
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: hasher-salt
- name: PayfastSettings__Passphrase
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: payfast-passphrase
- name: PayfastSettings__MerchantId
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: payfast-merchantid
- name: PayfastSettings__MerchantKey
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: payfast-merchantkey
- name: LiteCharmsClientSettings__ClientId
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: litecharms-client-clientid
- name: LiteCharmsClientSettings__ClientSecret
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: litecharms-client-clientsecret
- name: ConnectionStrings__PostgresScheduler
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: connection-string-quartz
- name: ConnectionStrings__PostgresMidrandBooks
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: connection-string
- name: ConnectionStrings__PostgresDataProtection
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: dataprotection-connection-string
- name: Monitoring__ApiKey
valueFrom:
secretKeyRef:
name: midrandbooks-secrets
key: aspire-apikey
volumeMounts:
- name: data
mountPath: /app/wwwroot/content
subPath: bookshop-content
livenessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 5
periodSeconds: 10
readinessProbe:
httpGet:
path: /health
port: 8080
initialDelaySeconds: 3
periodSeconds: 5
volumes:
- name: data
persistentVolumeClaim:
claimName: midrandbooks-pvc
---
apiVersion: v1
kind: Service
metadata:
name: midrandbooks-service
namespace: midrandbooks-uat
spec:
type: ClusterIP
selector:
app: midrandbooks
ports:
- name: http
protocol: TCP
port: 80
targetPort: 8080
---
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: midrandbooks-web-secure
namespace: midrandbooks-uat
spec:
entryPoints:
- websecure
routes:
- match: Host(`uat.midrandbooks.co.za`)
kind: Rule
services:
- name: midrandbooks-service
port: 80
sticky:
cookie:
name: "lp-sticky-session"
httpOnly: true
secure: true
tls: {}
Reference in New Issue View Git Blame Copy Permalink