From 08045d0d8e4de042b1b6d0f19e1e2b048f1bbf4f Mon Sep 17 00:00:00 2001 From: droot Date: Fri, 2 Sep 2022 11:52:45 -0700 Subject: [PATCH 01/65] bank-of-anthos: monolith package --- bank-of-anthos/Kptfile | 8 ++ bank-of-anthos/README.md | 21 ++++ bank-of-anthos/accounts-db.yaml | 97 +++++++++++++++ bank-of-anthos/balance-reader.yaml | 134 +++++++++++++++++++++ bank-of-anthos/config.yaml | 48 ++++++++ bank-of-anthos/contacts.yaml | 106 +++++++++++++++++ bank-of-anthos/frontend.yaml | 151 ++++++++++++++++++++++++ bank-of-anthos/ledger-db.yaml | 89 ++++++++++++++ bank-of-anthos/ledger-writer.yaml | 123 +++++++++++++++++++ bank-of-anthos/loadgenerator.yaml | 64 ++++++++++ bank-of-anthos/package-context.yaml | 8 ++ bank-of-anthos/transaction-history.yaml | 139 ++++++++++++++++++++++ bank-of-anthos/userservice.yaml | 114 ++++++++++++++++++ 13 files changed, 1102 insertions(+) create mode 100644 bank-of-anthos/Kptfile create mode 100644 bank-of-anthos/README.md create mode 100644 bank-of-anthos/accounts-db.yaml create mode 100644 bank-of-anthos/balance-reader.yaml create mode 100644 bank-of-anthos/config.yaml create mode 100644 bank-of-anthos/contacts.yaml create mode 100644 bank-of-anthos/frontend.yaml create mode 100644 bank-of-anthos/ledger-db.yaml create mode 100644 bank-of-anthos/ledger-writer.yaml create mode 100644 bank-of-anthos/loadgenerator.yaml create mode 100644 bank-of-anthos/package-context.yaml create mode 100644 bank-of-anthos/transaction-history.yaml create mode 100644 bank-of-anthos/userservice.yaml diff --git a/bank-of-anthos/Kptfile b/bank-of-anthos/Kptfile new file mode 100644 index 0000000..70bd536 --- /dev/null +++ b/bank-of-anthos/Kptfile @@ -0,0 +1,8 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: bank-of-anthos + annotations: + config.kubernetes.io/local-config: "true" +info: + description: sample description diff --git a/bank-of-anthos/README.md b/bank-of-anthos/README.md new file mode 100644 index 0000000..047b2df --- /dev/null +++ b/bank-of-anthos/README.md @@ -0,0 +1,21 @@ +# anthos-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] anthos-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree anthos-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init anthos-app +kpt live apply anthos-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/bank-of-anthos/accounts-db.yaml b/bank-of-anthos/accounts-db.yaml new file mode 100644 index 0000000..bcf7940 --- /dev/null +++ b/bank-of-anthos/accounts-db.yaml @@ -0,0 +1,97 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# [START gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: accounts-db + labels: + app: accounts-db + tier: db +spec: + serviceName: "accounts-db" + replicas: 1 + selector: + matchLabels: + app: accounts-db + tier: db + template: + metadata: + labels: + app: accounts-db + tier: db + spec: + serviceAccountName: default + containers: + - name: accounts-db + image: gcr.io/bank-of-anthos-ci/accounts-db:v0.5.6 + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + - configMapRef: + name: demo-data-config + ports: + - containerPort: 5432 + name: postgredb + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 512Mi + volumeMounts: + - name: postgresdb + mountPath: /var/lib/postgresql/data + subPath: postgres + volumes: + - name: postgresdb + emptyDir: {} +# [END gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] +--- +# [START gke_boa_kubernetes_manifests_accounts_db_service_accounts_db] +apiVersion: v1 +kind: Service +metadata: + name: accounts-db + labels: + app: accounts-db + tier: db +spec: + ports: + - port: 5432 + name: tcp + targetPort: 5432 + protocol: TCP + selector: + app: accounts-db + tier: db +# [END gke_boa_kubernetes_manifests_accounts_db_service_accounts_db] +--- +# [START gke_boa_kubernetes_manifests_accounts_db_configmap_accounts_db_config] +apiVersion: v1 +kind: ConfigMap +metadata: + name: accounts-db-config + labels: + app: accounts-db +data: + POSTGRES_DB: accounts-db + POSTGRES_USER: accounts-admin + POSTGRES_PASSWORD: accounts-pwd + ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db +# [END gke_boa_kubernetes_manifests_accounts_db_configmap_accounts_db_config] \ No newline at end of file diff --git a/bank-of-anthos/balance-reader.yaml b/bank-of-anthos/balance-reader.yaml new file mode 100644 index 0000000..c88e4c5 --- /dev/null +++ b/bank-of-anthos/balance-reader.yaml @@ -0,0 +1,134 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# [START gke_boa_kubernetes_manifests_balance_reader_deployment_balancereader] +apiVersion: apps/v1 +kind: Deployment +metadata: + name: balancereader +spec: + selector: + matchLabels: + app: balancereader + template: + metadata: + labels: + app: balancereader + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: balancereader + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/balancereader:v0.5.6 + volumeMounts: + - name: publickey + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + env: + - name: VERSION + value: "v0.5.6" + - name: PORT + value: "8080" + # toggle Cloud Trace export + - name: ENABLE_TRACING + value: "true" + - name: ENABLE_METRICS + value: "true" + - name: POLL_MS + value: "100" + - name: CACHE_SIZE + value: "1000000" + # tell Java to obey container memory limits + - name: JVM_OPTS + value: "-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m" + # Valid levels are debug, info, warn, error, fatal. + # If no valid level is set, will default to info. + - name: LOG_LEVEL + value: "info" + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + # add ledger-db credentials from ConfigMap + - configMapRef: + name: ledger-db-config + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 5 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /healthy + port: 8080 + initialDelaySeconds: 120 + periodSeconds: 5 + timeoutSeconds: 10 + startupProbe: + httpGet: + path: /healthy + port: 8080 + failureThreshold: 30 + periodSeconds: 10 + volumes: + - name: publickey + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp +# [END gke_boa_kubernetes_manifests_balance_reader_deployment_balancereader] +--- +# [START gke_boa_kubernetes_manifests_balance_reader_service_balancereader] +apiVersion: v1 +kind: Service +metadata: + name: balancereader +spec: + type: ClusterIP + selector: + app: balancereader + ports: + - name: http + port: 8080 + targetPort: 8080 +# [END gke_boa_kubernetes_manifests_balance_reader_service_balancereader] \ No newline at end of file diff --git a/bank-of-anthos/config.yaml b/bank-of-anthos/config.yaml new file mode 100644 index 0000000..5ef421d --- /dev/null +++ b/bank-of-anthos/config.yaml @@ -0,0 +1,48 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# [START gke_boa_kubernetes_manifests_config_configmap_environment_config] +apiVersion: v1 +kind: ConfigMap +metadata: + name: environment-config +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: "/tmp/.ssh/publickey" +# [END gke_boa_kubernetes_manifests_config_configmap_environment_config] +--- +# [START gke_boa_kubernetes_manifests_config_configmap_service_api_config] +apiVersion: v1 +kind: ConfigMap +metadata: + name: service-api-config +data: + TRANSACTIONS_API_ADDR: "ledgerwriter:8080" + BALANCES_API_ADDR: "balancereader:8080" + HISTORY_API_ADDR: "transactionhistory:8080" + CONTACTS_API_ADDR: "contacts:8080" + USERSERVICE_API_ADDR: "userservice:8080" +# [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] +--- +# [START gke_boa_kubernetes_manifests_config_configmap_demo_data_config] +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: "testuser" + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: "bankofanthos" +# [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] \ No newline at end of file diff --git a/bank-of-anthos/contacts.yaml b/bank-of-anthos/contacts.yaml new file mode 100644 index 0000000..c4ce572 --- /dev/null +++ b/bank-of-anthos/contacts.yaml @@ -0,0 +1,106 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# [START gke_boa_kubernetes_manifests_contacts_deployment_contacts] +apiVersion: apps/v1 +kind: Deployment +metadata: + name: contacts +spec: + selector: + matchLabels: + app: contacts + template: + metadata: + labels: + app: contacts + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: contacts + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/contacts:v0.5.6 + volumeMounts: + - name: publickey + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + env: + - name: VERSION + value: "v0.5.6" + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + # Valid levels are debug, info, warning, error, critical. + # If no valid level is set, will default to info. + - name: LOG_LEVEL + value: "info" + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + resources: + requests: + cpu: 100m + memory: 64Mi + limits: + cpu: 250m + memory: 128Mi + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + volumes: + - name: publickey + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp +# [END gke_boa_kubernetes_manifests_contacts_deployment_contacts] +--- +# [START gke_boa_kubernetes_manifests_contacts_service_contacts] +apiVersion: v1 +kind: Service +metadata: + name: contacts +spec: + type: ClusterIP + selector: + app: contacts + ports: + - name: http + port: 8080 + targetPort: 8080 +# [END gke_boa_kubernetes_manifests_contacts_service_contacts] \ No newline at end of file diff --git a/bank-of-anthos/frontend.yaml b/bank-of-anthos/frontend.yaml new file mode 100644 index 0000000..7b6fb89 --- /dev/null +++ b/bank-of-anthos/frontend.yaml @@ -0,0 +1,151 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# [START gke_boa_kubernetes_manifests_frontend_deployment_frontend] +apiVersion: apps/v1 +kind: Deployment +metadata: + name: frontend +spec: + selector: + matchLabels: + app: frontend + template: + metadata: + labels: + app: frontend + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: front + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/frontend:v0.5.6 + volumeMounts: + - name: publickey + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + env: + - name: VERSION + value: "v0.5.6" + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: SCHEME + value: "http" + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: "info" + # Set to "true" to enable the CymbalBank logo + title + # - name: CYMBAL_LOGO + # value: "false" + # Customize the bank name used in the header. Defaults to 'Bank of Anthos' - when CYMBAL_LOGO is true, uses 'CymbalBank' + # - name: BANK_NAME + # value: "" + # Customize the cluster name if it cannot be retrieved from the metadata server + #- name: CLUSTER_NAME + # value: "my-cluster" + - name: DEFAULT_USERNAME + valueFrom: + configMapKeyRef: + name: demo-data-config + key: DEMO_LOGIN_USERNAME + - name: DEFAULT_PASSWORD + valueFrom: + configMapKeyRef: + name: demo-data-config + key: DEMO_LOGIN_PASSWORD + - name: REGISTERED_OAUTH_CLIENT_ID + valueFrom: + configMapKeyRef: + name: oauth-config + key: DEMO_OAUTH_CLIENT_ID + optional: true + - name: ALLOWED_OAUTH_REDIRECT_URI + valueFrom: + configMapKeyRef: + name: oauth-config + key: DEMO_OAUTH_REDIRECT_URI + optional: true + # Customize the metadata server hostname to query for metadata + #- name: METADATA_SERVER + # value: "my-metadata-server" + # Customize the pod zone if it cannot be retrieved from the metadata server + #- name: POD_ZONE + # value: "my-zone" + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: service-api-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 30 + resources: + requests: + cpu: 100m + memory: 64Mi + limits: + cpu: 250m + memory: 128Mi + volumes: + - name: publickey + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp +# [END gke_boa_kubernetes_manifests_frontend_deployment_frontend] +--- +# [START gke_boa_kubernetes_manifests_frontend_service_frontend] +apiVersion: v1 +kind: Service +metadata: + name: frontend +spec: + type: LoadBalancer + selector: + app: frontend + ports: + - name: http + port: 80 + targetPort: 8080 +# [END gke_boa_kubernetes_manifests_frontend_service_frontend] diff --git a/bank-of-anthos/ledger-db.yaml b/bank-of-anthos/ledger-db.yaml new file mode 100644 index 0000000..de9801f --- /dev/null +++ b/bank-of-anthos/ledger-db.yaml @@ -0,0 +1,89 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# [START gke_boa_kubernetes_manifests_ledger_db_statefulset_ledger_db] +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: ledger-db +spec: + serviceName: "ledger-db" + replicas: 1 + selector: + matchLabels: + app: ledger-db + template: + metadata: + labels: + app: ledger-db + spec: + serviceAccountName: default + containers: + - name: postgres + image: gcr.io/bank-of-anthos-ci/ledger-db:v0.5.6 + ports: + - containerPort: 5432 + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: ledger-db-config + - configMapRef: + name: demo-data-config + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 250m + memory: 1Gi + volumeMounts: + - name: postgresdb + mountPath: /var/lib/postgresql/data + subPath: postgres + volumes: + - name: postgresdb + emptyDir: {} +# [END gke_boa_kubernetes_manifests_ledger_db_statefulset_ledger_db] +--- +# [START gke_boa_kubernetes_manifests_ledger_db_configmap_ledger_db_config] +apiVersion: v1 +kind: ConfigMap +metadata: + name: ledger-db-config + labels: + app: postgres +data: + POSTGRES_DB: postgresdb + POSTGRES_USER: admin + POSTGRES_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb + SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD +# [END gke_boa_kubernetes_manifests_ledger_db_configmap_ledger_db_config] +--- +# [START gke_boa_kubernetes_manifests_ledger_db_service_ledger_db] +apiVersion: v1 +kind: Service +metadata: + name: ledger-db +spec: + type: ClusterIP + selector: + app: ledger-db + ports: + - name: tcp + port: 5432 + targetPort: 5432 +# [END gke_boa_kubernetes_manifests_ledger_db_service_ledger_db] \ No newline at end of file diff --git a/bank-of-anthos/ledger-writer.yaml b/bank-of-anthos/ledger-writer.yaml new file mode 100644 index 0000000..256133f --- /dev/null +++ b/bank-of-anthos/ledger-writer.yaml @@ -0,0 +1,123 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# [START gke_boa_kubernetes_manifests_ledger_writer_deployment_ledgerwriter] +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ledgerwriter +spec: + selector: + matchLabels: + app: ledgerwriter + template: + metadata: + labels: + app: ledgerwriter + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: ledgerwriter + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/ledgerwriter:v0.5.6 + volumeMounts: + - name: publickey + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + env: + - name: VERSION + value: "v0.5.6" + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: ENABLE_METRICS + value: "true" + # tell Java to obey container memory limits + - name: JVM_OPTS + value: "-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m" + # service level override of log level + - name: LOG_LEVEL + value: "info" + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: service-api-config + # add ledger-db credentials from ConfigMap + - configMapRef: + name: ledger-db-config + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 5 + timeoutSeconds: 10 + startupProbe: + httpGet: + path: /ready + port: 8080 + failureThreshold: 30 + periodSeconds: 10 + volumes: + - name: publickey + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp +# [END gke_boa_kubernetes_manifests_ledger_writer_deployment_ledgerwriter] +--- +# [START gke_boa_kubernetes_manifests_ledger_writer_service_ledgerwriter] +apiVersion: v1 +kind: Service +metadata: + name: ledgerwriter +spec: + type: ClusterIP + selector: + app: ledgerwriter + ports: + - name: http + port: 8080 + targetPort: 8080 +# [END gke_boa_kubernetes_manifests_ledger_writer_service_ledgerwriter] \ No newline at end of file diff --git a/bank-of-anthos/loadgenerator.yaml b/bank-of-anthos/loadgenerator.yaml new file mode 100644 index 0000000..06eb5ba --- /dev/null +++ b/bank-of-anthos/loadgenerator.yaml @@ -0,0 +1,64 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# [START gke_boa_kubernetes_manifests_loadgenerator_deployment_loadgenerator] +apiVersion: apps/v1 +kind: Deployment +metadata: + name: loadgenerator +spec: + selector: + matchLabels: + app: loadgenerator + replicas: 1 + template: + metadata: + labels: + app: loadgenerator + annotations: + sidecar.istio.io/rewriteAppHTTPProbers: "true" + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + restartPolicy: Always + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: loadgenerator + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/loadgenerator:v0.5.6 + env: + - name: FRONTEND_ADDR + value: "frontend:80" + - name: USERS + value: "5" + - name: LOG_LEVEL + value: "error" + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 250m + memory: 1Gi +# [END gke_boa_kubernetes_manifests_loadgenerator_deployment_loadgenerator] \ No newline at end of file diff --git a/bank-of-anthos/package-context.yaml b/bank-of-anthos/package-context.yaml new file mode 100644 index 0000000..6c33d9e --- /dev/null +++ b/bank-of-anthos/package-context.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" +data: + name: example diff --git a/bank-of-anthos/transaction-history.yaml b/bank-of-anthos/transaction-history.yaml new file mode 100644 index 0000000..956ce42 --- /dev/null +++ b/bank-of-anthos/transaction-history.yaml @@ -0,0 +1,139 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# [START gke_boa_kubernetes_manifests_transaction_history_deployment_transactionhistory] +apiVersion: apps/v1 +kind: Deployment +metadata: + name: transactionhistory +spec: + selector: + matchLabels: + app: transactionhistory + template: + metadata: + labels: + app: transactionhistory + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: transactionhistory + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/transactionhistory:v0.5.6 + volumeMounts: + - name: publickey + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + env: + - name: VERSION + value: "v0.5.6" + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: ENABLE_METRICS + value: "true" + - name: POLL_MS + value: "100" + - name: CACHE_SIZE + value: "1000" + - name: CACHE_MINUTES + value: "60" + - name: HISTORY_LIMIT + value: "100" + # tell Java to obey container memory limits + - name: JVM_OPTS + value: "-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m" + #- name: EXTRA_LATENCY_MILLIS + # value: "5000" + # Valid levels are debug, info, warn, error, fatal. + # If no valid level is set, will default to info. + - name: LOG_LEVEL + value: "info" + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + # add ledger-db credentials from ConfigMap + - configMapRef: + name: ledger-db-config + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 5 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /healthy + port: 8080 + initialDelaySeconds: 120 + periodSeconds: 5 + timeoutSeconds: 10 + startupProbe: + httpGet: + path: /healthy + port: 8080 + failureThreshold: 30 + periodSeconds: 10 + volumes: + - name: publickey + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp +# [END gke_boa_kubernetes_manifests_transaction_history_deployment_transactionhistory] +--- +# [START gke_boa_kubernetes_manifests_transaction_history_service_transactionhistory] +apiVersion: v1 +kind: Service +metadata: + name: transactionhistory +spec: + type: ClusterIP + selector: + app: transactionhistory + ports: + - name: http + port: 8080 + targetPort: 8080 +# [END gke_boa_kubernetes_manifests_transaction_history_service_transactionhistory] \ No newline at end of file diff --git a/bank-of-anthos/userservice.yaml b/bank-of-anthos/userservice.yaml new file mode 100644 index 0000000..94764ac --- /dev/null +++ b/bank-of-anthos/userservice.yaml @@ -0,0 +1,114 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# [START gke_boa_kubernetes_manifests_userservice_deployment_userservice] +apiVersion: apps/v1 +kind: Deployment +metadata: + name: userservice +spec: + selector: + matchLabels: + app: userservice + template: + metadata: + labels: + app: userservice + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: userservice + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/userservice:v0.5.6 + volumeMounts: + - name: keys + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: "v0.5.6" + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: TOKEN_EXPIRY_SECONDS + value: "3600" + - name: PRIV_KEY_PATH + value: "/tmp/.ssh/privatekey" + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: "info" + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + resources: + requests: + cpu: 200m + memory: 64Mi + limits: + cpu: 500m + memory: 256Mi + volumes: + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key + path: privatekey + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp +# [END gke_boa_kubernetes_manifests_userservice_deployment_userservice] +--- +# [START gke_boa_kubernetes_manifests_userservice_service_userservice] +apiVersion: v1 +kind: Service +metadata: + name: userservice +spec: + type: ClusterIP + selector: + app: userservice + ports: + - name: http + port: 8080 + targetPort: 8080 +# [END gke_boa_kubernetes_manifests_userservice_service_userservice] \ No newline at end of file From 2609576d455e697ae879635a473423bca07f0a5c Mon Sep 17 00:00:00 2001 From: droot Date: Fri, 2 Sep 2022 15:16:25 -0700 Subject: [PATCH 02/65] added namespace --- bank-of-anthos/Kptfile | 4 ++++ bank-of-anthos/accounts-db.yaml | 24 ++++++++++++++---------- bank-of-anthos/balance-reader.yaml | 8 +++++--- bank-of-anthos/config.yaml | 8 ++++++-- bank-of-anthos/contacts.yaml | 8 +++++--- bank-of-anthos/frontend.yaml | 9 ++++++--- bank-of-anthos/ledger-db.yaml | 8 ++++++-- bank-of-anthos/ledger-writer.yaml | 10 ++++++---- bank-of-anthos/loadgenerator.yaml | 6 +++--- bank-of-anthos/transaction-history.yaml | 8 +++++--- bank-of-anthos/userservice.yaml | 8 +++++--- 11 files changed, 65 insertions(+), 36 deletions(-) diff --git a/bank-of-anthos/Kptfile b/bank-of-anthos/Kptfile index 70bd536..6e71893 100644 --- a/bank-of-anthos/Kptfile +++ b/bank-of-anthos/Kptfile @@ -6,3 +6,7 @@ metadata: config.kubernetes.io/local-config: "true" info: description: sample description +pipeline: + mutators: + - image: gcr.io/kpt-fn/set-namespace:v0.4.1 + configPath: package-context.yaml diff --git a/bank-of-anthos/accounts-db.yaml b/bank-of-anthos/accounts-db.yaml index bcf7940..efce9f3 100644 --- a/bank-of-anthos/accounts-db.yaml +++ b/bank-of-anthos/accounts-db.yaml @@ -11,7 +11,6 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # [START gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] kind: StatefulSet apiVersion: apps/v1 @@ -20,6 +19,7 @@ metadata: labels: app: accounts-db tier: db + namespace: example spec: serviceName: "accounts-db" replicas: 1 @@ -38,15 +38,15 @@ spec: - name: accounts-db image: gcr.io/bank-of-anthos-ci/accounts-db:v0.5.6 envFrom: - - configMapRef: - name: environment-config - - configMapRef: - name: accounts-db-config - - configMapRef: - name: demo-data-config + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + - configMapRef: + name: demo-data-config ports: - - containerPort: 5432 - name: postgredb + - containerPort: 5432 + name: postgredb resources: requests: cpu: 100m @@ -61,6 +61,7 @@ spec: volumes: - name: postgresdb emptyDir: {} + # [END gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] # [END gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] --- # [START gke_boa_kubernetes_manifests_accounts_db_service_accounts_db] @@ -71,6 +72,7 @@ metadata: labels: app: accounts-db tier: db + namespace: example spec: ports: - port: 5432 @@ -80,6 +82,7 @@ spec: selector: app: accounts-db tier: db + # [END gke_boa_kubernetes_manifests_accounts_db_service_accounts_db] # [END gke_boa_kubernetes_manifests_accounts_db_service_accounts_db] --- # [START gke_boa_kubernetes_manifests_accounts_db_configmap_accounts_db_config] @@ -89,9 +92,10 @@ metadata: name: accounts-db-config labels: app: accounts-db + namespace: example data: POSTGRES_DB: accounts-db POSTGRES_USER: accounts-admin POSTGRES_PASSWORD: accounts-pwd ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db -# [END gke_boa_kubernetes_manifests_accounts_db_configmap_accounts_db_config] \ No newline at end of file + # [END gke_boa_kubernetes_manifests_accounts_db_configmap_accounts_db_config] diff --git a/bank-of-anthos/balance-reader.yaml b/bank-of-anthos/balance-reader.yaml index c88e4c5..e1a5090 100644 --- a/bank-of-anthos/balance-reader.yaml +++ b/bank-of-anthos/balance-reader.yaml @@ -11,12 +11,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # [START gke_boa_kubernetes_manifests_balance_reader_deployment_balancereader] apiVersion: apps/v1 kind: Deployment metadata: name: balancereader + namespace: example spec: selector: matchLabels: @@ -39,7 +39,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - all + - all privileged: false readOnlyRootFilesystem: true image: gcr.io/bank-of-anthos-ci/balancereader:v0.5.6 @@ -116,6 +116,7 @@ spec: path: publickey - emptyDir: {} name: tmp + # [END gke_boa_kubernetes_manifests_balance_reader_deployment_balancereader] # [END gke_boa_kubernetes_manifests_balance_reader_deployment_balancereader] --- # [START gke_boa_kubernetes_manifests_balance_reader_service_balancereader] @@ -123,6 +124,7 @@ apiVersion: v1 kind: Service metadata: name: balancereader + namespace: example spec: type: ClusterIP selector: @@ -131,4 +133,4 @@ spec: - name: http port: 8080 targetPort: 8080 -# [END gke_boa_kubernetes_manifests_balance_reader_service_balancereader] \ No newline at end of file + # [END gke_boa_kubernetes_manifests_balance_reader_service_balancereader] diff --git a/bank-of-anthos/config.yaml b/bank-of-anthos/config.yaml index 5ef421d..9d9e956 100644 --- a/bank-of-anthos/config.yaml +++ b/bank-of-anthos/config.yaml @@ -11,15 +11,16 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # [START gke_boa_kubernetes_manifests_config_configmap_environment_config] apiVersion: v1 kind: ConfigMap metadata: name: environment-config + namespace: example data: LOCAL_ROUTING_NUM: "883745000" PUB_KEY_PATH: "/tmp/.ssh/publickey" + # [END gke_boa_kubernetes_manifests_config_configmap_environment_config] # [END gke_boa_kubernetes_manifests_config_configmap_environment_config] --- # [START gke_boa_kubernetes_manifests_config_configmap_service_api_config] @@ -27,12 +28,14 @@ apiVersion: v1 kind: ConfigMap metadata: name: service-api-config + namespace: example data: TRANSACTIONS_API_ADDR: "ledgerwriter:8080" BALANCES_API_ADDR: "balancereader:8080" HISTORY_API_ADDR: "transactionhistory:8080" CONTACTS_API_ADDR: "contacts:8080" USERSERVICE_API_ADDR: "userservice:8080" + # [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] # [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] --- # [START gke_boa_kubernetes_manifests_config_configmap_demo_data_config] @@ -40,9 +43,10 @@ apiVersion: v1 kind: ConfigMap metadata: name: demo-data-config + namespace: example data: USE_DEMO_DATA: "True" DEMO_LOGIN_USERNAME: "testuser" # All demo user accounts are hardcoded to use the login password 'bankofanthos' DEMO_LOGIN_PASSWORD: "bankofanthos" -# [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] \ No newline at end of file + # [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] diff --git a/bank-of-anthos/contacts.yaml b/bank-of-anthos/contacts.yaml index c4ce572..4fb54e3 100644 --- a/bank-of-anthos/contacts.yaml +++ b/bank-of-anthos/contacts.yaml @@ -11,12 +11,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # [START gke_boa_kubernetes_manifests_contacts_deployment_contacts] apiVersion: apps/v1 kind: Deployment metadata: name: contacts + namespace: example spec: selector: matchLabels: @@ -39,7 +39,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - all + - all privileged: false readOnlyRootFilesystem: true image: gcr.io/bank-of-anthos-ci/contacts:v0.5.6 @@ -88,6 +88,7 @@ spec: path: publickey - emptyDir: {} name: tmp + # [END gke_boa_kubernetes_manifests_contacts_deployment_contacts] # [END gke_boa_kubernetes_manifests_contacts_deployment_contacts] --- # [START gke_boa_kubernetes_manifests_contacts_service_contacts] @@ -95,6 +96,7 @@ apiVersion: v1 kind: Service metadata: name: contacts + namespace: example spec: type: ClusterIP selector: @@ -103,4 +105,4 @@ spec: - name: http port: 8080 targetPort: 8080 -# [END gke_boa_kubernetes_manifests_contacts_service_contacts] \ No newline at end of file + # [END gke_boa_kubernetes_manifests_contacts_service_contacts] diff --git a/bank-of-anthos/frontend.yaml b/bank-of-anthos/frontend.yaml index 7b6fb89..a401332 100644 --- a/bank-of-anthos/frontend.yaml +++ b/bank-of-anthos/frontend.yaml @@ -11,12 +11,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # [START gke_boa_kubernetes_manifests_frontend_deployment_frontend] apiVersion: apps/v1 kind: Deployment metadata: name: frontend + namespace: example spec: selector: matchLabels: @@ -39,7 +39,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - all + - all privileged: false readOnlyRootFilesystem: true image: gcr.io/bank-of-anthos-ci/frontend:v0.5.6 @@ -58,7 +58,7 @@ spec: value: "true" - name: SCHEME value: "http" - # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL value: "info" # Set to "true" to enable the CymbalBank logo + title @@ -133,6 +133,7 @@ spec: path: publickey - emptyDir: {} name: tmp + # [END gke_boa_kubernetes_manifests_frontend_deployment_frontend] # [END gke_boa_kubernetes_manifests_frontend_deployment_frontend] --- # [START gke_boa_kubernetes_manifests_frontend_service_frontend] @@ -140,6 +141,7 @@ apiVersion: v1 kind: Service metadata: name: frontend + namespace: example spec: type: LoadBalancer selector: @@ -148,4 +150,5 @@ spec: - name: http port: 80 targetPort: 8080 + # [END gke_boa_kubernetes_manifests_frontend_service_frontend] # [END gke_boa_kubernetes_manifests_frontend_service_frontend] diff --git a/bank-of-anthos/ledger-db.yaml b/bank-of-anthos/ledger-db.yaml index de9801f..7edbcf7 100644 --- a/bank-of-anthos/ledger-db.yaml +++ b/bank-of-anthos/ledger-db.yaml @@ -11,12 +11,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # [START gke_boa_kubernetes_manifests_ledger_db_statefulset_ledger_db] kind: StatefulSet apiVersion: apps/v1 metadata: name: ledger-db + namespace: example spec: serviceName: "ledger-db" replicas: 1 @@ -55,6 +55,7 @@ spec: volumes: - name: postgresdb emptyDir: {} + # [END gke_boa_kubernetes_manifests_ledger_db_statefulset_ledger_db] # [END gke_boa_kubernetes_manifests_ledger_db_statefulset_ledger_db] --- # [START gke_boa_kubernetes_manifests_ledger_db_configmap_ledger_db_config] @@ -64,6 +65,7 @@ metadata: name: ledger-db-config labels: app: postgres + namespace: example data: POSTGRES_DB: postgresdb POSTGRES_USER: admin @@ -71,6 +73,7 @@ data: SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD + # [END gke_boa_kubernetes_manifests_ledger_db_configmap_ledger_db_config] # [END gke_boa_kubernetes_manifests_ledger_db_configmap_ledger_db_config] --- # [START gke_boa_kubernetes_manifests_ledger_db_service_ledger_db] @@ -78,6 +81,7 @@ apiVersion: v1 kind: Service metadata: name: ledger-db + namespace: example spec: type: ClusterIP selector: @@ -86,4 +90,4 @@ spec: - name: tcp port: 5432 targetPort: 5432 -# [END gke_boa_kubernetes_manifests_ledger_db_service_ledger_db] \ No newline at end of file + # [END gke_boa_kubernetes_manifests_ledger_db_service_ledger_db] diff --git a/bank-of-anthos/ledger-writer.yaml b/bank-of-anthos/ledger-writer.yaml index 256133f..4dfaba3 100644 --- a/bank-of-anthos/ledger-writer.yaml +++ b/bank-of-anthos/ledger-writer.yaml @@ -11,12 +11,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # [START gke_boa_kubernetes_manifests_ledger_writer_deployment_ledgerwriter] apiVersion: apps/v1 kind: Deployment metadata: name: ledgerwriter + namespace: example spec: selector: matchLabels: @@ -39,7 +39,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - all + - all privileged: false readOnlyRootFilesystem: true image: gcr.io/bank-of-anthos-ci/ledgerwriter:v0.5.6 @@ -58,7 +58,7 @@ spec: value: "true" - name: ENABLE_METRICS value: "true" - # tell Java to obey container memory limits + # tell Java to obey container memory limits - name: JVM_OPTS value: "-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m" # service level override of log level @@ -105,6 +105,7 @@ spec: path: publickey - emptyDir: {} name: tmp + # [END gke_boa_kubernetes_manifests_ledger_writer_deployment_ledgerwriter] # [END gke_boa_kubernetes_manifests_ledger_writer_deployment_ledgerwriter] --- # [START gke_boa_kubernetes_manifests_ledger_writer_service_ledgerwriter] @@ -112,6 +113,7 @@ apiVersion: v1 kind: Service metadata: name: ledgerwriter + namespace: example spec: type: ClusterIP selector: @@ -120,4 +122,4 @@ spec: - name: http port: 8080 targetPort: 8080 -# [END gke_boa_kubernetes_manifests_ledger_writer_service_ledgerwriter] \ No newline at end of file + # [END gke_boa_kubernetes_manifests_ledger_writer_service_ledgerwriter] diff --git a/bank-of-anthos/loadgenerator.yaml b/bank-of-anthos/loadgenerator.yaml index 06eb5ba..abb113c 100644 --- a/bank-of-anthos/loadgenerator.yaml +++ b/bank-of-anthos/loadgenerator.yaml @@ -11,12 +11,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # [START gke_boa_kubernetes_manifests_loadgenerator_deployment_loadgenerator] apiVersion: apps/v1 kind: Deployment metadata: name: loadgenerator + namespace: example spec: selector: matchLabels: @@ -43,7 +43,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - all + - all privileged: false readOnlyRootFilesystem: true image: gcr.io/bank-of-anthos-ci/loadgenerator:v0.5.6 @@ -61,4 +61,4 @@ spec: limits: cpu: 250m memory: 1Gi -# [END gke_boa_kubernetes_manifests_loadgenerator_deployment_loadgenerator] \ No newline at end of file + # [END gke_boa_kubernetes_manifests_loadgenerator_deployment_loadgenerator] diff --git a/bank-of-anthos/transaction-history.yaml b/bank-of-anthos/transaction-history.yaml index 956ce42..7dd6688 100644 --- a/bank-of-anthos/transaction-history.yaml +++ b/bank-of-anthos/transaction-history.yaml @@ -11,12 +11,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # [START gke_boa_kubernetes_manifests_transaction_history_deployment_transactionhistory] apiVersion: apps/v1 kind: Deployment metadata: name: transactionhistory + namespace: example spec: selector: matchLabels: @@ -39,7 +39,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - all + - all privileged: false readOnlyRootFilesystem: true image: gcr.io/bank-of-anthos-ci/transactionhistory:v0.5.6 @@ -121,6 +121,7 @@ spec: path: publickey - emptyDir: {} name: tmp + # [END gke_boa_kubernetes_manifests_transaction_history_deployment_transactionhistory] # [END gke_boa_kubernetes_manifests_transaction_history_deployment_transactionhistory] --- # [START gke_boa_kubernetes_manifests_transaction_history_service_transactionhistory] @@ -128,6 +129,7 @@ apiVersion: v1 kind: Service metadata: name: transactionhistory + namespace: example spec: type: ClusterIP selector: @@ -136,4 +138,4 @@ spec: - name: http port: 8080 targetPort: 8080 -# [END gke_boa_kubernetes_manifests_transaction_history_service_transactionhistory] \ No newline at end of file + # [END gke_boa_kubernetes_manifests_transaction_history_service_transactionhistory] diff --git a/bank-of-anthos/userservice.yaml b/bank-of-anthos/userservice.yaml index 94764ac..51af3c5 100644 --- a/bank-of-anthos/userservice.yaml +++ b/bank-of-anthos/userservice.yaml @@ -11,12 +11,12 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - # [START gke_boa_kubernetes_manifests_userservice_deployment_userservice] apiVersion: apps/v1 kind: Deployment metadata: name: userservice + namespace: example spec: selector: matchLabels: @@ -39,7 +39,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - all + - all privileged: false readOnlyRootFilesystem: true image: gcr.io/bank-of-anthos-ci/userservice:v0.5.6 @@ -96,6 +96,7 @@ spec: path: publickey - emptyDir: {} name: tmp + # [END gke_boa_kubernetes_manifests_userservice_deployment_userservice] # [END gke_boa_kubernetes_manifests_userservice_deployment_userservice] --- # [START gke_boa_kubernetes_manifests_userservice_service_userservice] @@ -103,6 +104,7 @@ apiVersion: v1 kind: Service metadata: name: userservice + namespace: example spec: type: ClusterIP selector: @@ -111,4 +113,4 @@ spec: - name: http port: 8080 targetPort: 8080 -# [END gke_boa_kubernetes_manifests_userservice_service_userservice] \ No newline at end of file + # [END gke_boa_kubernetes_manifests_userservice_service_userservice] From ce6a2f52ce1a967f7aed7d7a49217164082e1f7b Mon Sep 17 00:00:00 2001 From: droot Date: Fri, 2 Sep 2022 17:38:59 -0700 Subject: [PATCH 03/65] base-app: first version --- base-app/Kptfile | 8 ++++ base-app/README.md | 21 +++++++++ base-app/configmap.yaml | 8 ++++ base-app/deployment.yaml | 81 +++++++++++++++++++++++++++++++++++ base-app/package-context.yaml | 8 ++++ base-app/service.yaml | 13 ++++++ 6 files changed, 139 insertions(+) create mode 100644 base-app/Kptfile create mode 100644 base-app/README.md create mode 100644 base-app/configmap.yaml create mode 100644 base-app/deployment.yaml create mode 100644 base-app/package-context.yaml create mode 100644 base-app/service.yaml diff --git a/base-app/Kptfile b/base-app/Kptfile new file mode 100644 index 0000000..b4e89af --- /dev/null +++ b/base-app/Kptfile @@ -0,0 +1,8 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: base-app + annotations: + config.kubernetes.io/local-config: "true" +info: + description: sample description diff --git a/base-app/README.md b/base-app/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/base-app/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/base-app/configmap.yaml b/base-app/configmap.yaml new file mode 100644 index 0000000..ac2e7e6 --- /dev/null +++ b/base-app/configmap.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: environment-config + namespace: example +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: "/tmp/.ssh/publickey" \ No newline at end of file diff --git a/base-app/deployment.yaml b/base-app/deployment.yaml new file mode 100644 index 0000000..e551fe9 --- /dev/null +++ b/base-app/deployment.yaml @@ -0,0 +1,81 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: base-app +spec: + selector: + matchLabels: + app: base-app + template: + metadata: + labels: + app: base-app + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/base-app:app-version + volumeMounts: + - name: keys + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: "app-version" + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: TOKEN_EXPIRY_SECONDS + value: "3600" + - name: PRIV_KEY_PATH + value: "/tmp/.ssh/privatekey" + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: "info" + envFrom: + - configMapRef: + name: environment-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + resources: + requests: + cpu: 200m + memory: 64Mi + limits: + cpu: 500m + memory: 256Mi + volumes: + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key + path: privatekey + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp \ No newline at end of file diff --git a/base-app/package-context.yaml b/base-app/package-context.yaml new file mode 100644 index 0000000..6c33d9e --- /dev/null +++ b/base-app/package-context.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" +data: + name: example diff --git a/base-app/service.yaml b/base-app/service.yaml new file mode 100644 index 0000000..30559ee --- /dev/null +++ b/base-app/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: base-app + namespace: example +spec: + type: LoadBalancer + selector: + app: base-app + ports: + - name: http + port: 80 + targetPort: 8080 \ No newline at end of file From ce016c3fda1eec4959bc77c9acbbb294a6298f3a Mon Sep 17 00:00:00 2001 From: droot Date: Fri, 2 Sep 2022 18:16:43 -0700 Subject: [PATCH 04/65] frontend: bank of anthos frontend package without customization --- frontend/Kptfile | 22 ++++++++++ frontend/README.md | 21 +++++++++ frontend/configmap.yaml | 10 +++++ frontend/deployment.yaml | 83 +++++++++++++++++++++++++++++++++++ frontend/package-context.yaml | 9 ++++ frontend/service.yaml | 15 +++++++ 6 files changed, 160 insertions(+) create mode 100644 frontend/Kptfile create mode 100644 frontend/README.md create mode 100644 frontend/configmap.yaml create mode 100644 frontend/deployment.yaml create mode 100644 frontend/package-context.yaml create mode 100644 frontend/service.yaml diff --git a/frontend/Kptfile b/frontend/Kptfile new file mode 100644 index 0000000..e9b9043 --- /dev/null +++ b/frontend/Kptfile @@ -0,0 +1,22 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: frontend + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + commit: ce6a2f52ce1a967f7aed7d7a49217164082e1f7b +info: + description: sample description diff --git a/frontend/README.md b/frontend/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/frontend/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/frontend/configmap.yaml b/frontend/configmap.yaml new file mode 100644 index 0000000..fe35f25 --- /dev/null +++ b/frontend/configmap.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: "/tmp/.ssh/publickey" diff --git a/frontend/deployment.yaml b/frontend/deployment.yaml new file mode 100644 index 0000000..23286dc --- /dev/null +++ b/frontend/deployment.yaml @@ -0,0 +1,83 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: /base-app + name: base-app + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|default|base-app +spec: + selector: + matchLabels: + app: base-app + template: + metadata: + labels: + app: base-app + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/base-app:app-version + volumeMounts: + - name: keys + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: "app-version" + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: TOKEN_EXPIRY_SECONDS + value: "3600" + - name: PRIV_KEY_PATH + value: "/tmp/.ssh/privatekey" + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: "info" + envFrom: + - configMapRef: + name: environment-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + resources: + requests: + cpu: 200m + memory: 64Mi + limits: + cpu: 500m + memory: 256Mi + volumes: + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key + path: privatekey + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp diff --git a/frontend/package-context.yaml b/frontend/package-context.yaml new file mode 100644 index 0000000..3f47840 --- /dev/null +++ b/frontend/package-context.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: /kptfile.kpt.dev + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' +data: + name: example diff --git a/frontend/service.yaml b/frontend/service.yaml new file mode 100644 index 0000000..f8d00f5 --- /dev/null +++ b/frontend/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: base-app + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: base-app + ports: + - name: http + port: 80 + targetPort: 8080 From ea61b0bf3c0b7ca16251a7a765fd9a79bcf56ff7 Mon Sep 17 00:00:00 2001 From: droot Date: Sat, 3 Sep 2022 09:33:57 -0700 Subject: [PATCH 05/65] base-app: renamed the env configmap --- base-app/configmap-env-config.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 base-app/configmap-env-config.yaml diff --git a/base-app/configmap-env-config.yaml b/base-app/configmap-env-config.yaml new file mode 100644 index 0000000..ac2e7e6 --- /dev/null +++ b/base-app/configmap-env-config.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: environment-config + namespace: example +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: "/tmp/.ssh/publickey" \ No newline at end of file From b571e0d0f8afc6ee115c0b616cd7d379d99c2a39 Mon Sep 17 00:00:00 2001 From: droot Date: Sat, 3 Sep 2022 09:34:33 -0700 Subject: [PATCH 06/65] frontend: initial import of frontend package --- base-app/configmap.yaml | 8 ------ frontend/configmap-demo-data.yaml | 10 +++++++ frontend/configmap-env-config.yaml | 37 ++++++++++++++++++++++++++ frontend/configmap-service-config.yaml | 24 +++++++++++++++++ frontend/configmap.yaml | 10 ------- frontend/deployment.yaml | 34 +++++++++++++++++++---- frontend/service.yaml | 4 +-- 7 files changed, 102 insertions(+), 25 deletions(-) delete mode 100644 base-app/configmap.yaml create mode 100644 frontend/configmap-demo-data.yaml create mode 100644 frontend/configmap-env-config.yaml create mode 100644 frontend/configmap-service-config.yaml delete mode 100644 frontend/configmap.yaml diff --git a/base-app/configmap.yaml b/base-app/configmap.yaml deleted file mode 100644 index ac2e7e6..0000000 --- a/base-app/configmap.yaml +++ /dev/null @@ -1,8 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: environment-config - namespace: example -data: - LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" \ No newline at end of file diff --git a/frontend/configmap-demo-data.yaml b/frontend/configmap-demo-data.yaml new file mode 100644 index 0000000..a87b707 --- /dev/null +++ b/frontend/configmap-demo-data.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config + namespace: example +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: "testuser" + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: "bankofanthos" \ No newline at end of file diff --git a/frontend/configmap-env-config.yaml b/frontend/configmap-env-config.yaml new file mode 100644 index 0000000..93a6449 --- /dev/null +++ b/frontend/configmap-env-config.yaml @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: "/tmp/.ssh/publickey" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: service-api-config + namespace: example +data: + TRANSACTIONS_API_ADDR: "ledgerwriter:8080" + BALANCES_API_ADDR: "balancereader:8080" + HISTORY_API_ADDR: "transactionhistory:8080" + CONTACTS_API_ADDR: "contacts:8080" + USERSERVICE_API_ADDR: "userservice:8080" + # [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] +# [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] +--- +# [START gke_boa_kubernetes_manifests_config_configmap_demo_data_config] +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config + namespace: example +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: "testuser" + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: "bankofanthos" + # [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] \ No newline at end of file diff --git a/frontend/configmap-service-config.yaml b/frontend/configmap-service-config.yaml new file mode 100644 index 0000000..a74110d --- /dev/null +++ b/frontend/configmap-service-config.yaml @@ -0,0 +1,24 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: service-api-config + namespace: example +data: + TRANSACTIONS_API_ADDR: "ledgerwriter:8080" + BALANCES_API_ADDR: "balancereader:8080" + HISTORY_API_ADDR: "transactionhistory:8080" + CONTACTS_API_ADDR: "contacts:8080" + USERSERVICE_API_ADDR: "userservice:8080" +--- +# [START gke_boa_kubernetes_manifests_config_configmap_demo_data_config] +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config + namespace: example +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: "testuser" + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: "bankofanthos" + # [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] \ No newline at end of file diff --git a/frontend/configmap.yaml b/frontend/configmap.yaml deleted file mode 100644 index fe35f25..0000000 --- a/frontend/configmap.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: # kpt-merge: example/environment-config - name: environment-config - namespace: example - annotations: - internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' -data: - LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" diff --git a/frontend/deployment.yaml b/frontend/deployment.yaml index 23286dc..1e80638 100644 --- a/frontend/deployment.yaml +++ b/frontend/deployment.yaml @@ -1,17 +1,17 @@ apiVersion: apps/v1 kind: Deployment metadata: # kpt-merge: /base-app - name: base-app + name: frontend annotations: internal.kpt.dev/upstream-identifier: apps|Deployment|default|base-app spec: selector: matchLabels: - app: base-app + app: frontend template: metadata: labels: - app: base-app + app: frontend spec: serviceAccountName: default terminationGracePeriodSeconds: 5 @@ -29,7 +29,7 @@ spec: - all privileged: false readOnlyRootFilesystem: true - image: gcr.io/bank-of-anthos-ci/base-app:app-version + image: gcr.io/bank-of-anthos-ci/frontend:v0.5.6 volumeMounts: - name: keys mountPath: "/tmp/.ssh" @@ -41,7 +41,7 @@ spec: containerPort: 8080 env: - name: VERSION - value: "app-version" + value: "v0.5.6" - name: PORT value: "8080" - name: ENABLE_TRACING @@ -53,9 +53,33 @@ spec: # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL value: "info" + - name: DEFAULT_USERNAME + valueFrom: + configMapKeyRef: + name: demo-data-config + key: DEMO_LOGIN_USERNAME + - name: DEFAULT_PASSWORD + valueFrom: + configMapKeyRef: + name: demo-data-config + key: DEMO_LOGIN_PASSWORD + - name: REGISTERED_OAUTH_CLIENT_ID + valueFrom: + configMapKeyRef: + name: oauth-config + key: DEMO_OAUTH_CLIENT_ID + optional: true + - name: ALLOWED_OAUTH_REDIRECT_URI + valueFrom: + configMapKeyRef: + name: oauth-config + key: DEMO_OAUTH_REDIRECT_URI + optional: true envFrom: - configMapRef: name: environment-config + - configMapRef: + name: service-api-config readinessProbe: httpGet: path: /ready diff --git a/frontend/service.yaml b/frontend/service.yaml index f8d00f5..0886f44 100644 --- a/frontend/service.yaml +++ b/frontend/service.yaml @@ -1,14 +1,14 @@ apiVersion: v1 kind: Service metadata: # kpt-merge: example/base-app - name: base-app + name: frontend namespace: example annotations: internal.kpt.dev/upstream-identifier: '|Service|example|base-app' spec: type: LoadBalancer selector: - app: base-app + app: frontend ports: - name: http port: 80 From 3546f51df06c2455d8f84881dfd4dec7ebe7c412 Mon Sep 17 00:00:00 2001 From: droot Date: Sat, 3 Sep 2022 09:45:06 -0700 Subject: [PATCH 07/65] ledger-db: initial package --- ledger-db/Kptfile | 8 ++++ ledger-db/README.md | 21 +++++++++++ ledger-db/configmap-db-config.yaml | 14 +++++++ ledger-db/configmap-demo-data.yaml | 10 +++++ ledger-db/configmap-env-config.yaml | 37 +++++++++++++++++++ ledger-db/package-context.yaml | 8 ++++ ledger-db/service.yaml | 13 +++++++ ledger-db/statefulset.yaml | 57 +++++++++++++++++++++++++++++ 8 files changed, 168 insertions(+) create mode 100644 ledger-db/Kptfile create mode 100644 ledger-db/README.md create mode 100644 ledger-db/configmap-db-config.yaml create mode 100644 ledger-db/configmap-demo-data.yaml create mode 100644 ledger-db/configmap-env-config.yaml create mode 100644 ledger-db/package-context.yaml create mode 100644 ledger-db/service.yaml create mode 100644 ledger-db/statefulset.yaml diff --git a/ledger-db/Kptfile b/ledger-db/Kptfile new file mode 100644 index 0000000..703b783 --- /dev/null +++ b/ledger-db/Kptfile @@ -0,0 +1,8 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: ledger-db + annotations: + config.kubernetes.io/local-config: "true" +info: + description: sample description diff --git a/ledger-db/README.md b/ledger-db/README.md new file mode 100644 index 0000000..a4f62f4 --- /dev/null +++ b/ledger-db/README.md @@ -0,0 +1,21 @@ +# ledger-db + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] ledger-db` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree ledger-db` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init ledger-db +kpt live apply ledger-db --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/ledger-db/configmap-db-config.yaml b/ledger-db/configmap-db-config.yaml new file mode 100644 index 0000000..d72216b --- /dev/null +++ b/ledger-db/configmap-db-config.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: ledger-db-config + labels: + app: postgres + namespace: example +data: + POSTGRES_DB: postgresdb + POSTGRES_USER: admin + POSTGRES_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb + SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD \ No newline at end of file diff --git a/ledger-db/configmap-demo-data.yaml b/ledger-db/configmap-demo-data.yaml new file mode 100644 index 0000000..a87b707 --- /dev/null +++ b/ledger-db/configmap-demo-data.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config + namespace: example +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: "testuser" + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: "bankofanthos" \ No newline at end of file diff --git a/ledger-db/configmap-env-config.yaml b/ledger-db/configmap-env-config.yaml new file mode 100644 index 0000000..93a6449 --- /dev/null +++ b/ledger-db/configmap-env-config.yaml @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: "/tmp/.ssh/publickey" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: service-api-config + namespace: example +data: + TRANSACTIONS_API_ADDR: "ledgerwriter:8080" + BALANCES_API_ADDR: "balancereader:8080" + HISTORY_API_ADDR: "transactionhistory:8080" + CONTACTS_API_ADDR: "contacts:8080" + USERSERVICE_API_ADDR: "userservice:8080" + # [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] +# [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] +--- +# [START gke_boa_kubernetes_manifests_config_configmap_demo_data_config] +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config + namespace: example +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: "testuser" + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: "bankofanthos" + # [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] \ No newline at end of file diff --git a/ledger-db/package-context.yaml b/ledger-db/package-context.yaml new file mode 100644 index 0000000..6c33d9e --- /dev/null +++ b/ledger-db/package-context.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" +data: + name: example diff --git a/ledger-db/service.yaml b/ledger-db/service.yaml new file mode 100644 index 0000000..412d6b6 --- /dev/null +++ b/ledger-db/service.yaml @@ -0,0 +1,13 @@ +apiVersion: v1 +kind: Service +metadata: + name: ledger-db + namespace: example +spec: + type: ClusterIP + selector: + app: ledger-db + ports: + - name: tcp + port: 5432 + targetPort: 5432 \ No newline at end of file diff --git a/ledger-db/statefulset.yaml b/ledger-db/statefulset.yaml new file mode 100644 index 0000000..f720342 --- /dev/null +++ b/ledger-db/statefulset.yaml @@ -0,0 +1,57 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# [START gke_boa_kubernetes_manifests_ledger_db_statefulset_ledger_db] +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: ledger-db + namespace: example +spec: + serviceName: "ledger-db" + replicas: 1 + selector: + matchLabels: + app: ledger-db + template: + metadata: + labels: + app: ledger-db + spec: + serviceAccountName: default + containers: + - name: postgres + image: gcr.io/bank-of-anthos-ci/ledger-db:v0.5.6 + ports: + - containerPort: 5432 + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: ledger-db-config + - configMapRef: + name: demo-data-config + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 250m + memory: 1Gi + volumeMounts: + - name: postgresdb + mountPath: /var/lib/postgresql/data + subPath: postgres + volumes: + - name: postgresdb + emptyDir: {} \ No newline at end of file From 2f6693c11020d2bf87362b4303aa9d49738d7023 Mon Sep 17 00:00:00 2001 From: droot Date: Sat, 3 Sep 2022 09:55:57 -0700 Subject: [PATCH 08/65] accounts-db: initial version --- accounts-db/Kptfile | 8 ++++ accounts-db/README.md | 21 +++++++++ accounts-db/configmap-db-config.yaml | 12 +++++ accounts-db/configmap-demo-data.yaml | 10 +++++ accounts-db/configmap-env-config.yaml | 37 ++++++++++++++++ accounts-db/package-context.yaml | 8 ++++ accounts-db/service.yaml | 17 ++++++++ accounts-db/statefulset.yaml | 63 +++++++++++++++++++++++++++ 8 files changed, 176 insertions(+) create mode 100644 accounts-db/Kptfile create mode 100644 accounts-db/README.md create mode 100644 accounts-db/configmap-db-config.yaml create mode 100644 accounts-db/configmap-demo-data.yaml create mode 100644 accounts-db/configmap-env-config.yaml create mode 100644 accounts-db/package-context.yaml create mode 100644 accounts-db/service.yaml create mode 100644 accounts-db/statefulset.yaml diff --git a/accounts-db/Kptfile b/accounts-db/Kptfile new file mode 100644 index 0000000..643b0bd --- /dev/null +++ b/accounts-db/Kptfile @@ -0,0 +1,8 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: accounts-db + annotations: + config.kubernetes.io/local-config: "true" +info: + description: sample description diff --git a/accounts-db/README.md b/accounts-db/README.md new file mode 100644 index 0000000..8abcfde --- /dev/null +++ b/accounts-db/README.md @@ -0,0 +1,21 @@ +# accounts-db + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] accounts-db` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree accounts-db` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init accounts-db +kpt live apply accounts-db --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/accounts-db/configmap-db-config.yaml b/accounts-db/configmap-db-config.yaml new file mode 100644 index 0000000..200d6b9 --- /dev/null +++ b/accounts-db/configmap-db-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: accounts-db-config + labels: + app: accounts-db + namespace: example +data: + POSTGRES_DB: accounts-db + POSTGRES_USER: accounts-admin + POSTGRES_PASSWORD: accounts-pwd + ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db \ No newline at end of file diff --git a/accounts-db/configmap-demo-data.yaml b/accounts-db/configmap-demo-data.yaml new file mode 100644 index 0000000..a87b707 --- /dev/null +++ b/accounts-db/configmap-demo-data.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config + namespace: example +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: "testuser" + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: "bankofanthos" \ No newline at end of file diff --git a/accounts-db/configmap-env-config.yaml b/accounts-db/configmap-env-config.yaml new file mode 100644 index 0000000..93a6449 --- /dev/null +++ b/accounts-db/configmap-env-config.yaml @@ -0,0 +1,37 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: "/tmp/.ssh/publickey" +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: service-api-config + namespace: example +data: + TRANSACTIONS_API_ADDR: "ledgerwriter:8080" + BALANCES_API_ADDR: "balancereader:8080" + HISTORY_API_ADDR: "transactionhistory:8080" + CONTACTS_API_ADDR: "contacts:8080" + USERSERVICE_API_ADDR: "userservice:8080" + # [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] +# [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] +--- +# [START gke_boa_kubernetes_manifests_config_configmap_demo_data_config] +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config + namespace: example +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: "testuser" + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: "bankofanthos" + # [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] \ No newline at end of file diff --git a/accounts-db/package-context.yaml b/accounts-db/package-context.yaml new file mode 100644 index 0000000..6c33d9e --- /dev/null +++ b/accounts-db/package-context.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" +data: + name: example diff --git a/accounts-db/service.yaml b/accounts-db/service.yaml new file mode 100644 index 0000000..0abc9e8 --- /dev/null +++ b/accounts-db/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: accounts-db + labels: + app: accounts-db + tier: db + namespace: example +spec: + ports: + - port: 5432 + name: tcp + targetPort: 5432 + protocol: TCP + selector: + app: accounts-db + tier: db \ No newline at end of file diff --git a/accounts-db/statefulset.yaml b/accounts-db/statefulset.yaml new file mode 100644 index 0000000..074b75a --- /dev/null +++ b/accounts-db/statefulset.yaml @@ -0,0 +1,63 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# [START gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: accounts-db + labels: + app: accounts-db + tier: db + namespace: example +spec: + serviceName: "accounts-db" + replicas: 1 + selector: + matchLabels: + app: accounts-db + tier: db + template: + metadata: + labels: + app: accounts-db + tier: db + spec: + serviceAccountName: default + containers: + - name: accounts-db + image: gcr.io/bank-of-anthos-ci/accounts-db:v0.5.6 + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + - configMapRef: + name: demo-data-config + ports: + - containerPort: 5432 + name: postgredb + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 512Mi + volumeMounts: + - name: postgresdb + mountPath: /var/lib/postgresql/data + subPath: postgres + volumes: + - name: postgresdb + emptyDir: {} \ No newline at end of file From 6a42dfa96cc2f92a21f75f22c136e8da3a772c08 Mon Sep 17 00:00:00 2001 From: droot Date: Sat, 3 Sep 2022 10:02:19 -0700 Subject: [PATCH 09/65] contacts: initial version of contacts --- contacts/Kptfile | 22 ++++++++ contacts/README.md | 21 ++++++++ contacts/configmap-db-config.yaml | 12 +++++ contacts/configmap-env-config.yaml | 10 ++++ contacts/deployment.yaml | 85 ++++++++++++++++++++++++++++++ contacts/package-context.yaml | 9 ++++ contacts/service.yaml | 15 ++++++ 7 files changed, 174 insertions(+) create mode 100644 contacts/Kptfile create mode 100644 contacts/README.md create mode 100644 contacts/configmap-db-config.yaml create mode 100644 contacts/configmap-env-config.yaml create mode 100644 contacts/deployment.yaml create mode 100644 contacts/package-context.yaml create mode 100644 contacts/service.yaml diff --git a/contacts/Kptfile b/contacts/Kptfile new file mode 100644 index 0000000..48656fa --- /dev/null +++ b/contacts/Kptfile @@ -0,0 +1,22 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: contacts + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + commit: 2f6693c11020d2bf87362b4303aa9d49738d7023 +info: + description: sample description diff --git a/contacts/README.md b/contacts/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/contacts/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/contacts/configmap-db-config.yaml b/contacts/configmap-db-config.yaml new file mode 100644 index 0000000..4b29549 --- /dev/null +++ b/contacts/configmap-db-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: accounts-db-config + labels: + app: contacts + namespace: example +data: + POSTGRES_DB: accounts-db + POSTGRES_USER: accounts-admin + POSTGRES_PASSWORD: accounts-pwd + ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db \ No newline at end of file diff --git a/contacts/configmap-env-config.yaml b/contacts/configmap-env-config.yaml new file mode 100644 index 0000000..fe35f25 --- /dev/null +++ b/contacts/configmap-env-config.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: "/tmp/.ssh/publickey" diff --git a/contacts/deployment.yaml b/contacts/deployment.yaml new file mode 100644 index 0000000..1d1c007 --- /dev/null +++ b/contacts/deployment.yaml @@ -0,0 +1,85 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: /base-app + name: contacts + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|default|base-app +spec: + selector: + matchLabels: + app: contacts + template: + metadata: + labels: + app: contacts + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/contacts:v0.5.6 + volumeMounts: + - name: keys + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: "v0.5.6" + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: TOKEN_EXPIRY_SECONDS + value: "3600" + - name: PRIV_KEY_PATH + value: "/tmp/.ssh/privatekey" + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: "info" + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + resources: + requests: + cpu: 200m + memory: 64Mi + limits: + cpu: 500m + memory: 256Mi + volumes: + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key + path: privatekey + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp diff --git a/contacts/package-context.yaml b/contacts/package-context.yaml new file mode 100644 index 0000000..3f47840 --- /dev/null +++ b/contacts/package-context.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: /kptfile.kpt.dev + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' +data: + name: example diff --git a/contacts/service.yaml b/contacts/service.yaml new file mode 100644 index 0000000..0f1b79b --- /dev/null +++ b/contacts/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: contacts + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: contacts + ports: + - name: http + port: 80 + targetPort: 8080 \ No newline at end of file From c0e4498887d8c0256146f1fb68d6f88504e8c62f Mon Sep 17 00:00:00 2001 From: droot Date: Sat, 3 Sep 2022 10:04:24 -0700 Subject: [PATCH 10/65] base-app: added NAMESPACE env variable --- base-app/deployment.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/base-app/deployment.yaml b/base-app/deployment.yaml index e551fe9..0e244a1 100644 --- a/base-app/deployment.yaml +++ b/base-app/deployment.yaml @@ -51,6 +51,10 @@ spec: # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL value: "info" + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace envFrom: - configMapRef: name: environment-config From a5502a9491060a79369fcaeb055e3686149ed6dd Mon Sep 17 00:00:00 2001 From: droot Date: Sat, 3 Sep 2022 10:11:38 -0700 Subject: [PATCH 11/65] balancereader: initial version --- balancereader/Kptfile | 22 +++++ balancereader/README.md | 21 +++++ balancereader/configmap-db-config.yaml | 14 +++ balancereader/configmap-env-config.yaml | 10 +++ balancereader/deployment.yaml | 109 ++++++++++++++++++++++++ balancereader/package-context.yaml | 9 ++ balancereader/service.yaml | 15 ++++ 7 files changed, 200 insertions(+) create mode 100644 balancereader/Kptfile create mode 100644 balancereader/README.md create mode 100644 balancereader/configmap-db-config.yaml create mode 100644 balancereader/configmap-env-config.yaml create mode 100644 balancereader/deployment.yaml create mode 100644 balancereader/package-context.yaml create mode 100644 balancereader/service.yaml diff --git a/balancereader/Kptfile b/balancereader/Kptfile new file mode 100644 index 0000000..89a50aa --- /dev/null +++ b/balancereader/Kptfile @@ -0,0 +1,22 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: balancereader + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + commit: c0e4498887d8c0256146f1fb68d6f88504e8c62f +info: + description: sample description diff --git a/balancereader/README.md b/balancereader/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/balancereader/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/balancereader/configmap-db-config.yaml b/balancereader/configmap-db-config.yaml new file mode 100644 index 0000000..f108c09 --- /dev/null +++ b/balancereader/configmap-db-config.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: ledger-db-config + labels: + app: balancereader + namespace: example +data: + POSTGRES_DB: postgresdb + POSTGRES_USER: admin + POSTGRES_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb + SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD \ No newline at end of file diff --git a/balancereader/configmap-env-config.yaml b/balancereader/configmap-env-config.yaml new file mode 100644 index 0000000..fe35f25 --- /dev/null +++ b/balancereader/configmap-env-config.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: "/tmp/.ssh/publickey" diff --git a/balancereader/deployment.yaml b/balancereader/deployment.yaml new file mode 100644 index 0000000..772f6b3 --- /dev/null +++ b/balancereader/deployment.yaml @@ -0,0 +1,109 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: /base-app + name: balancereader + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|default|base-app +spec: + selector: + matchLabels: + app: balancereader + template: + metadata: + labels: + app: balancereader + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/balancereader:v0.5.6 + volumeMounts: + - name: keys + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: "v0.5.6" + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: POLL_MS + value: "100" + - name: CACHE_SIZE + value: "1000000" + # tell Java to obey container memory limits + - name: JVM_OPTS + value: "-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m" + - name: TOKEN_EXPIRY_SECONDS + value: "3600" + - name: PRIV_KEY_PATH + value: "/tmp/.ssh/privatekey" + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: "info" + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: ledger-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /healthy + port: 8080 + initialDelaySeconds: 120 + periodSeconds: 5 + timeoutSeconds: 10 + startupProbe: + httpGet: + path: /healthy + port: 8080 + failureThreshold: 30 + periodSeconds: 10 + resources: + requests: + cpu: 200m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + volumes: + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key + path: privatekey + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp diff --git a/balancereader/package-context.yaml b/balancereader/package-context.yaml new file mode 100644 index 0000000..3f47840 --- /dev/null +++ b/balancereader/package-context.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: /kptfile.kpt.dev + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' +data: + name: example diff --git a/balancereader/service.yaml b/balancereader/service.yaml new file mode 100644 index 0000000..5a4cb0d --- /dev/null +++ b/balancereader/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: balancereader + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: balancereader + ports: + - name: http + port: 80 + targetPort: 8080 From eada93a5047da4303bd22bce89b471dfe08e5b19 Mon Sep 17 00:00:00 2001 From: droot Date: Sat, 3 Sep 2022 10:23:43 -0700 Subject: [PATCH 12/65] ledgerwriter: initial version --- frontend/configmap-service-config.yaml | 15 +-- ledgerwriter/Kptfile | 22 +++++ ledgerwriter/README.md | 21 +++++ ledgerwriter/configmap-db-config.yaml | 14 +++ ledgerwriter/configmap-env-config.yaml | 10 ++ ledgerwriter/configmap-service-config.yaml | 11 +++ ledgerwriter/deployment.yaml | 101 +++++++++++++++++++++ ledgerwriter/package-context.yaml | 9 ++ ledgerwriter/service.yaml | 15 +++ 9 files changed, 204 insertions(+), 14 deletions(-) create mode 100644 ledgerwriter/Kptfile create mode 100644 ledgerwriter/README.md create mode 100644 ledgerwriter/configmap-db-config.yaml create mode 100644 ledgerwriter/configmap-env-config.yaml create mode 100644 ledgerwriter/configmap-service-config.yaml create mode 100644 ledgerwriter/deployment.yaml create mode 100644 ledgerwriter/package-context.yaml create mode 100644 ledgerwriter/service.yaml diff --git a/frontend/configmap-service-config.yaml b/frontend/configmap-service-config.yaml index a74110d..917c467 100644 --- a/frontend/configmap-service-config.yaml +++ b/frontend/configmap-service-config.yaml @@ -8,17 +8,4 @@ data: BALANCES_API_ADDR: "balancereader:8080" HISTORY_API_ADDR: "transactionhistory:8080" CONTACTS_API_ADDR: "contacts:8080" - USERSERVICE_API_ADDR: "userservice:8080" ---- -# [START gke_boa_kubernetes_manifests_config_configmap_demo_data_config] -apiVersion: v1 -kind: ConfigMap -metadata: - name: demo-data-config - namespace: example -data: - USE_DEMO_DATA: "True" - DEMO_LOGIN_USERNAME: "testuser" - # All demo user accounts are hardcoded to use the login password 'bankofanthos' - DEMO_LOGIN_PASSWORD: "bankofanthos" - # [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] \ No newline at end of file + USERSERVICE_API_ADDR: "userservice:8080" \ No newline at end of file diff --git a/ledgerwriter/Kptfile b/ledgerwriter/Kptfile new file mode 100644 index 0000000..f0e7664 --- /dev/null +++ b/ledgerwriter/Kptfile @@ -0,0 +1,22 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: ledgerwriter + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + commit: a5502a9491060a79369fcaeb055e3686149ed6dd +info: + description: sample description diff --git a/ledgerwriter/README.md b/ledgerwriter/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/ledgerwriter/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/ledgerwriter/configmap-db-config.yaml b/ledgerwriter/configmap-db-config.yaml new file mode 100644 index 0000000..d72216b --- /dev/null +++ b/ledgerwriter/configmap-db-config.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: ledger-db-config + labels: + app: postgres + namespace: example +data: + POSTGRES_DB: postgresdb + POSTGRES_USER: admin + POSTGRES_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb + SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD \ No newline at end of file diff --git a/ledgerwriter/configmap-env-config.yaml b/ledgerwriter/configmap-env-config.yaml new file mode 100644 index 0000000..fe35f25 --- /dev/null +++ b/ledgerwriter/configmap-env-config.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: "/tmp/.ssh/publickey" diff --git a/ledgerwriter/configmap-service-config.yaml b/ledgerwriter/configmap-service-config.yaml new file mode 100644 index 0000000..917c467 --- /dev/null +++ b/ledgerwriter/configmap-service-config.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: service-api-config + namespace: example +data: + TRANSACTIONS_API_ADDR: "ledgerwriter:8080" + BALANCES_API_ADDR: "balancereader:8080" + HISTORY_API_ADDR: "transactionhistory:8080" + CONTACTS_API_ADDR: "contacts:8080" + USERSERVICE_API_ADDR: "userservice:8080" \ No newline at end of file diff --git a/ledgerwriter/deployment.yaml b/ledgerwriter/deployment.yaml new file mode 100644 index 0000000..0eab151 --- /dev/null +++ b/ledgerwriter/deployment.yaml @@ -0,0 +1,101 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: /base-app + name: ledgerwriter + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|default|base-app +spec: + selector: + matchLabels: + app: ledgerwriter + template: + metadata: + labels: + app: ledgerwriter + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/ledgerwriter:v0.5.6 + volumeMounts: + - name: keys + mountPath: "/tmp/.ssh" + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: "v0.5.6" + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: ENABLE_METRICS + value: "true" + # tell Java to obey container memory limits + - name: JVM_OPTS + value: "-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m" + - name: PRIV_KEY_PATH + value: "/tmp/.ssh/privatekey" + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: "info" + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: service-api-config + # add ledger-db credentials from ConfigMap + - configMapRef: + name: ledger-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + startupProbe: + httpGet: + path: /ready + port: 8080 + failureThreshold: 30 + periodSeconds: 10 + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + volumes: + - name: publickey + secret: + secretName: jwt-key + items: + - key: jwtRS256.key + path: privatekey + - key: jwtRS256.key.pub + path: publickey + - emptyDir: {} + name: tmp diff --git a/ledgerwriter/package-context.yaml b/ledgerwriter/package-context.yaml new file mode 100644 index 0000000..3f47840 --- /dev/null +++ b/ledgerwriter/package-context.yaml @@ -0,0 +1,9 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: /kptfile.kpt.dev + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' +data: + name: example diff --git a/ledgerwriter/service.yaml b/ledgerwriter/service.yaml new file mode 100644 index 0000000..360da27 --- /dev/null +++ b/ledgerwriter/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: ledgerwriter + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: ledgerwriter + ports: + - name: http + port: 80 + targetPort: 8080 From 1c963e2529f541594cc359ab2c74cf1dc08cbf03 Mon Sep 17 00:00:00 2001 From: droot Date: Sat, 3 Sep 2022 10:26:12 -0700 Subject: [PATCH 13/65] loadgenerator: initial version of loadgenerator --- loadgenerator/Kptfile | 8 ++++ loadgenerator/README.md | 21 ++++++++++ loadgenerator/loadgenerator.yaml | 64 ++++++++++++++++++++++++++++++ loadgenerator/package-context.yaml | 8 ++++ 4 files changed, 101 insertions(+) create mode 100644 loadgenerator/Kptfile create mode 100644 loadgenerator/README.md create mode 100644 loadgenerator/loadgenerator.yaml create mode 100644 loadgenerator/package-context.yaml diff --git a/loadgenerator/Kptfile b/loadgenerator/Kptfile new file mode 100644 index 0000000..be38718 --- /dev/null +++ b/loadgenerator/Kptfile @@ -0,0 +1,8 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: loadgenerator + annotations: + config.kubernetes.io/local-config: "true" +info: + description: sample description diff --git a/loadgenerator/README.md b/loadgenerator/README.md new file mode 100644 index 0000000..f9fce36 --- /dev/null +++ b/loadgenerator/README.md @@ -0,0 +1,21 @@ +# loadgenerator + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] loadgenerator` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree loadgenerator` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init loadgenerator +kpt live apply loadgenerator --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/loadgenerator/loadgenerator.yaml b/loadgenerator/loadgenerator.yaml new file mode 100644 index 0000000..abb113c --- /dev/null +++ b/loadgenerator/loadgenerator.yaml @@ -0,0 +1,64 @@ +# Copyright 2020 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# [START gke_boa_kubernetes_manifests_loadgenerator_deployment_loadgenerator] +apiVersion: apps/v1 +kind: Deployment +metadata: + name: loadgenerator + namespace: example +spec: + selector: + matchLabels: + app: loadgenerator + replicas: 1 + template: + metadata: + labels: + app: loadgenerator + annotations: + sidecar.istio.io/rewriteAppHTTPProbers: "true" + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + restartPolicy: Always + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: loadgenerator + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/loadgenerator:v0.5.6 + env: + - name: FRONTEND_ADDR + value: "frontend:80" + - name: USERS + value: "5" + - name: LOG_LEVEL + value: "error" + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 250m + memory: 1Gi + # [END gke_boa_kubernetes_manifests_loadgenerator_deployment_loadgenerator] diff --git a/loadgenerator/package-context.yaml b/loadgenerator/package-context.yaml new file mode 100644 index 0000000..6c33d9e --- /dev/null +++ b/loadgenerator/package-context.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" +data: + name: example From 8752fc725dbfda12713d085d8a49683d8e003794 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 11:10:12 -0700 Subject: [PATCH 14/65] base-app: made the base-app minimal --- bank-of-anthos/frontend.yaml | 14 -------------- base-app/deployment.yaml | 23 ++++++++++++++--------- frontend/configmap-env-config.yaml | 29 +---------------------------- 3 files changed, 15 insertions(+), 51 deletions(-) diff --git a/bank-of-anthos/frontend.yaml b/bank-of-anthos/frontend.yaml index a401332..3464126 100644 --- a/bank-of-anthos/frontend.yaml +++ b/bank-of-anthos/frontend.yaml @@ -1,17 +1,3 @@ -# Copyright 2021 Google LLC -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# [START gke_boa_kubernetes_manifests_frontend_deployment_frontend] apiVersion: apps/v1 kind: Deployment metadata: diff --git a/base-app/deployment.yaml b/base-app/deployment.yaml index 0e244a1..16b455f 100644 --- a/base-app/deployment.yaml +++ b/base-app/deployment.yaml @@ -44,10 +44,6 @@ spec: value: "8080" - name: ENABLE_TRACING value: "true" - - name: TOKEN_EXPIRY_SECONDS - value: "3600" - - name: PRIV_KEY_PATH - value: "/tmp/.ssh/privatekey" # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL value: "info" @@ -65,21 +61,30 @@ spec: initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 30 resources: requests: - cpu: 200m + cpu: 100m memory: 64Mi limits: - cpu: 500m - memory: 256Mi + cpu: 250m + memory: 128Mi volumes: +# droot: should this be part of the base-app ? - name: keys secret: secretName: jwt-key items: - - key: jwtRS256.key - path: privatekey - key: jwtRS256.key.pub path: publickey +# base-app exposes only public key by default +# - key: jwtRS256.key +# path: privatekey - emptyDir: {} name: tmp \ No newline at end of file diff --git a/frontend/configmap-env-config.yaml b/frontend/configmap-env-config.yaml index 93a6449..19196bd 100644 --- a/frontend/configmap-env-config.yaml +++ b/frontend/configmap-env-config.yaml @@ -7,31 +7,4 @@ metadata: # kpt-merge: example/environment-config internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' data: LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: service-api-config - namespace: example -data: - TRANSACTIONS_API_ADDR: "ledgerwriter:8080" - BALANCES_API_ADDR: "balancereader:8080" - HISTORY_API_ADDR: "transactionhistory:8080" - CONTACTS_API_ADDR: "contacts:8080" - USERSERVICE_API_ADDR: "userservice:8080" - # [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] -# [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] ---- -# [START gke_boa_kubernetes_manifests_config_configmap_demo_data_config] -apiVersion: v1 -kind: ConfigMap -metadata: - name: demo-data-config - namespace: example -data: - USE_DEMO_DATA: "True" - DEMO_LOGIN_USERNAME: "testuser" - # All demo user accounts are hardcoded to use the login password 'bankofanthos' - DEMO_LOGIN_PASSWORD: "bankofanthos" - # [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] \ No newline at end of file + PUB_KEY_PATH: "/tmp/.ssh/publickey" \ No newline at end of file From 237fce5731b706576caccb2ba52bf2053ec6707c Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 11:12:34 -0700 Subject: [PATCH 15/65] base-app: added set-namespace --- base-app/Kptfile | 4 ++++ base-app/configmap-env-config.yaml | 2 +- base-app/deployment.yaml | 13 +++++++------ base-app/service.yaml | 2 +- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/base-app/Kptfile b/base-app/Kptfile index b4e89af..7e18e8f 100644 --- a/base-app/Kptfile +++ b/base-app/Kptfile @@ -6,3 +6,7 @@ metadata: config.kubernetes.io/local-config: "true" info: description: sample description +pipeline: + mutators: + - image: gcr.io/kpt-fn/set-namespace:v0.4.1 + configPath: package-context.yaml diff --git a/base-app/configmap-env-config.yaml b/base-app/configmap-env-config.yaml index ac2e7e6..ffafd8a 100644 --- a/base-app/configmap-env-config.yaml +++ b/base-app/configmap-env-config.yaml @@ -5,4 +5,4 @@ metadata: namespace: example data: LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" \ No newline at end of file + PUB_KEY_PATH: "/tmp/.ssh/publickey" diff --git a/base-app/deployment.yaml b/base-app/deployment.yaml index 16b455f..c504e7f 100644 --- a/base-app/deployment.yaml +++ b/base-app/deployment.yaml @@ -2,6 +2,7 @@ apiVersion: apps/v1 kind: Deployment metadata: name: base-app + namespace: example spec: selector: matchLabels: @@ -24,7 +25,7 @@ spec: allowPrivilegeEscalation: false capabilities: drop: - - all + - all privileged: false readOnlyRootFilesystem: true image: gcr.io/bank-of-anthos-ci/base-app:app-version @@ -76,15 +77,15 @@ spec: cpu: 250m memory: 128Mi volumes: -# droot: should this be part of the base-app ? + # droot: should this be part of the base-app ? - name: keys secret: secretName: jwt-key items: - key: jwtRS256.key.pub path: publickey -# base-app exposes only public key by default -# - key: jwtRS256.key -# path: privatekey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey - emptyDir: {} - name: tmp \ No newline at end of file + name: tmp diff --git a/base-app/service.yaml b/base-app/service.yaml index 30559ee..70b9c66 100644 --- a/base-app/service.yaml +++ b/base-app/service.yaml @@ -10,4 +10,4 @@ spec: ports: - name: http port: 80 - targetPort: 8080 \ No newline at end of file + targetPort: 8080 From 7d2f5ae104e4fcb6082e2bf58cf1fcabb9bf7bb8 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 11:19:11 -0700 Subject: [PATCH 16/65] frontend: removed it --- frontend/Kptfile | 22 ----- frontend/README.md | 21 ----- frontend/configmap-demo-data.yaml | 10 --- frontend/configmap-env-config.yaml | 10 --- frontend/configmap-service-config.yaml | 11 --- frontend/deployment.yaml | 107 ------------------------- frontend/package-context.yaml | 9 --- frontend/service.yaml | 15 ---- 8 files changed, 205 deletions(-) delete mode 100644 frontend/Kptfile delete mode 100644 frontend/README.md delete mode 100644 frontend/configmap-demo-data.yaml delete mode 100644 frontend/configmap-env-config.yaml delete mode 100644 frontend/configmap-service-config.yaml delete mode 100644 frontend/deployment.yaml delete mode 100644 frontend/package-context.yaml delete mode 100644 frontend/service.yaml diff --git a/frontend/Kptfile b/frontend/Kptfile deleted file mode 100644 index e9b9043..0000000 --- a/frontend/Kptfile +++ /dev/null @@ -1,22 +0,0 @@ -apiVersion: kpt.dev/v1 -kind: Kptfile -metadata: - name: frontend - annotations: - config.kubernetes.io/local-config: "true" -upstream: - type: git - git: - repo: git@github.com:droot/kpt-samples - directory: /base-app - ref: bank-of-anthos-pkgs - updateStrategy: resource-merge -upstreamLock: - type: git - git: - repo: git@github.com:droot/kpt-samples - directory: /base-app - ref: bank-of-anthos-pkgs - commit: ce6a2f52ce1a967f7aed7d7a49217164082e1f7b -info: - description: sample description diff --git a/frontend/README.md b/frontend/README.md deleted file mode 100644 index f978af1..0000000 --- a/frontend/README.md +++ /dev/null @@ -1,21 +0,0 @@ -# base-app - -## Description -sample description - -## Usage - -### Fetch the package -`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` -Details: https://kpt.dev/reference/cli/pkg/get/ - -### View package content -`kpt pkg tree base-app` -Details: https://kpt.dev/reference/cli/pkg/tree/ - -### Apply the package -``` -kpt live init base-app -kpt live apply base-app --reconcile-timeout=2m --output=table -``` -Details: https://kpt.dev/reference/cli/live/ diff --git a/frontend/configmap-demo-data.yaml b/frontend/configmap-demo-data.yaml deleted file mode 100644 index a87b707..0000000 --- a/frontend/configmap-demo-data.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: demo-data-config - namespace: example -data: - USE_DEMO_DATA: "True" - DEMO_LOGIN_USERNAME: "testuser" - # All demo user accounts are hardcoded to use the login password 'bankofanthos' - DEMO_LOGIN_PASSWORD: "bankofanthos" \ No newline at end of file diff --git a/frontend/configmap-env-config.yaml b/frontend/configmap-env-config.yaml deleted file mode 100644 index 19196bd..0000000 --- a/frontend/configmap-env-config.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: # kpt-merge: example/environment-config - name: environment-config - namespace: example - annotations: - internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' -data: - LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" \ No newline at end of file diff --git a/frontend/configmap-service-config.yaml b/frontend/configmap-service-config.yaml deleted file mode 100644 index 917c467..0000000 --- a/frontend/configmap-service-config.yaml +++ /dev/null @@ -1,11 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: service-api-config - namespace: example -data: - TRANSACTIONS_API_ADDR: "ledgerwriter:8080" - BALANCES_API_ADDR: "balancereader:8080" - HISTORY_API_ADDR: "transactionhistory:8080" - CONTACTS_API_ADDR: "contacts:8080" - USERSERVICE_API_ADDR: "userservice:8080" \ No newline at end of file diff --git a/frontend/deployment.yaml b/frontend/deployment.yaml deleted file mode 100644 index 1e80638..0000000 --- a/frontend/deployment.yaml +++ /dev/null @@ -1,107 +0,0 @@ -apiVersion: apps/v1 -kind: Deployment -metadata: # kpt-merge: /base-app - name: frontend - annotations: - internal.kpt.dev/upstream-identifier: apps|Deployment|default|base-app -spec: - selector: - matchLabels: - app: frontend - template: - metadata: - labels: - app: frontend - spec: - serviceAccountName: default - terminationGracePeriodSeconds: 5 - securityContext: - fsGroup: 1000 - runAsGroup: 1000 - runAsNonRoot: true - runAsUser: 1000 - containers: - - name: primary - securityContext: - allowPrivilegeEscalation: false - capabilities: - drop: - - all - privileged: false - readOnlyRootFilesystem: true - image: gcr.io/bank-of-anthos-ci/frontend:v0.5.6 - volumeMounts: - - name: keys - mountPath: "/tmp/.ssh" - readOnly: true - - mountPath: /tmp - name: tmp - ports: - - name: http-server - containerPort: 8080 - env: - - name: VERSION - value: "v0.5.6" - - name: PORT - value: "8080" - - name: ENABLE_TRACING - value: "true" - - name: TOKEN_EXPIRY_SECONDS - value: "3600" - - name: PRIV_KEY_PATH - value: "/tmp/.ssh/privatekey" - # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - - name: LOG_LEVEL - value: "info" - - name: DEFAULT_USERNAME - valueFrom: - configMapKeyRef: - name: demo-data-config - key: DEMO_LOGIN_USERNAME - - name: DEFAULT_PASSWORD - valueFrom: - configMapKeyRef: - name: demo-data-config - key: DEMO_LOGIN_PASSWORD - - name: REGISTERED_OAUTH_CLIENT_ID - valueFrom: - configMapKeyRef: - name: oauth-config - key: DEMO_OAUTH_CLIENT_ID - optional: true - - name: ALLOWED_OAUTH_REDIRECT_URI - valueFrom: - configMapKeyRef: - name: oauth-config - key: DEMO_OAUTH_REDIRECT_URI - optional: true - envFrom: - - configMapRef: - name: environment-config - - configMapRef: - name: service-api-config - readinessProbe: - httpGet: - path: /ready - port: 8080 - initialDelaySeconds: 10 - periodSeconds: 5 - timeoutSeconds: 10 - resources: - requests: - cpu: 200m - memory: 64Mi - limits: - cpu: 500m - memory: 256Mi - volumes: - - name: keys - secret: - secretName: jwt-key - items: - - key: jwtRS256.key - path: privatekey - - key: jwtRS256.key.pub - path: publickey - - emptyDir: {} - name: tmp diff --git a/frontend/package-context.yaml b/frontend/package-context.yaml deleted file mode 100644 index 3f47840..0000000 --- a/frontend/package-context.yaml +++ /dev/null @@ -1,9 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: # kpt-merge: /kptfile.kpt.dev - name: kptfile.kpt.dev - annotations: - config.kubernetes.io/local-config: "true" - internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' -data: - name: example diff --git a/frontend/service.yaml b/frontend/service.yaml deleted file mode 100644 index 0886f44..0000000 --- a/frontend/service.yaml +++ /dev/null @@ -1,15 +0,0 @@ -apiVersion: v1 -kind: Service -metadata: # kpt-merge: example/base-app - name: frontend - namespace: example - annotations: - internal.kpt.dev/upstream-identifier: '|Service|example|base-app' -spec: - type: LoadBalancer - selector: - app: frontend - ports: - - name: http - port: 80 - targetPort: 8080 From dc6bc17e1a0367361a681a51527c936f569659da Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 12:44:35 -0700 Subject: [PATCH 17/65] base-app: added set-labels --- base-app/Kptfile | 6 +++++- base-app/configmap-env-config.yaml | 4 +++- base-app/deployment.yaml | 8 +++++--- base-app/fn-config-setlabels.yaml | 10 ++++++++++ base-app/package-context.yaml | 2 ++ base-app/service.yaml | 2 ++ 6 files changed, 27 insertions(+), 5 deletions(-) create mode 100644 base-app/fn-config-setlabels.yaml diff --git a/base-app/Kptfile b/base-app/Kptfile index 7e18e8f..eab0c0b 100644 --- a/base-app/Kptfile +++ b/base-app/Kptfile @@ -4,9 +4,13 @@ metadata: name: base-app annotations: config.kubernetes.io/local-config: "true" + labels: + app: base-app info: description: sample description pipeline: mutators: - - image: gcr.io/kpt-fn/set-namespace:v0.4.1 + - image: set-namespace:v0.4.1 configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml diff --git a/base-app/configmap-env-config.yaml b/base-app/configmap-env-config.yaml index ffafd8a..8e0e5b6 100644 --- a/base-app/configmap-env-config.yaml +++ b/base-app/configmap-env-config.yaml @@ -3,6 +3,8 @@ kind: ConfigMap metadata: name: environment-config namespace: example + labels: + app: base-app data: LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/base-app/deployment.yaml b/base-app/deployment.yaml index c504e7f..993318a 100644 --- a/base-app/deployment.yaml +++ b/base-app/deployment.yaml @@ -3,6 +3,8 @@ kind: Deployment metadata: name: base-app namespace: example + labels: + app: base-app spec: selector: matchLabels: @@ -31,7 +33,7 @@ spec: image: gcr.io/bank-of-anthos-ci/base-app:app-version volumeMounts: - name: keys - mountPath: "/tmp/.ssh" + mountPath: /tmp/.ssh readOnly: true - mountPath: /tmp name: tmp @@ -40,14 +42,14 @@ spec: containerPort: 8080 env: - name: VERSION - value: "app-version" + value: app-version - name: PORT value: "8080" - name: ENABLE_TRACING value: "true" # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL - value: "info" + value: info - name: NAMESPACE valueFrom: fieldRef: diff --git a/base-app/fn-config-setlabels.yaml b/base-app/fn-config-setlabels.yaml new file mode 100644 index 0000000..b72cba0 --- /dev/null +++ b/base-app/fn-config-setlabels.yaml @@ -0,0 +1,10 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: + name: set-labels + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: base-app +labels: + app: base-app diff --git a/base-app/package-context.yaml b/base-app/package-context.yaml index 6c33d9e..34c0c19 100644 --- a/base-app/package-context.yaml +++ b/base-app/package-context.yaml @@ -4,5 +4,7 @@ metadata: name: kptfile.kpt.dev annotations: config.kubernetes.io/local-config: "true" + labels: + app: base-app data: name: example diff --git a/base-app/service.yaml b/base-app/service.yaml index 70b9c66..aeb953b 100644 --- a/base-app/service.yaml +++ b/base-app/service.yaml @@ -3,6 +3,8 @@ kind: Service metadata: name: base-app namespace: example + labels: + app: base-app spec: type: LoadBalancer selector: From 1f7d94a04244809b18da8c30e71dbec76c71f132 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 13:00:43 -0700 Subject: [PATCH 18/65] base-app: added capability to rename resources --- base-app/Kptfile | 2 ++ base-app/fn-config-setname.yaml | 30 ++++++++++++++++++++++++++++++ 2 files changed, 32 insertions(+) create mode 100644 base-app/fn-config-setname.yaml diff --git a/base-app/Kptfile b/base-app/Kptfile index eab0c0b..0e9e276 100644 --- a/base-app/Kptfile +++ b/base-app/Kptfile @@ -14,3 +14,5 @@ pipeline: configPath: package-context.yaml - image: set-labels:v0.1.5 configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml diff --git a/base-app/fn-config-setname.yaml b/base-app/fn-config-setname.yaml new file mode 100644 index 0000000..145033d --- /dev/null +++ b/base-app/fn-config-setname.yaml @@ -0,0 +1,30 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: + name: set-name + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: base-app +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) From 592da52b02e4a5d02d92baf82ce3be7186c8f40b Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 13:09:07 -0700 Subject: [PATCH 19/65] base-app: added set-image functionality --- base-app/Kptfile | 2 ++ base-app/fn-config-setimage.yaml | 10 ++++++++++ 2 files changed, 12 insertions(+) create mode 100644 base-app/fn-config-setimage.yaml diff --git a/base-app/Kptfile b/base-app/Kptfile index 0e9e276..396c34f 100644 --- a/base-app/Kptfile +++ b/base-app/Kptfile @@ -16,3 +16,5 @@ pipeline: configPath: fn-config-setlabels.yaml - image: starlark:v0.4.3 configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/base-app/fn-config-setimage.yaml b/base-app/fn-config-setimage.yaml new file mode 100644 index 0000000..5f4acce --- /dev/null +++ b/base-app/fn-config-setimage.yaml @@ -0,0 +1,10 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: + name: set-image + labels: + app: base-app +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/base-app + newTag: app-version From 0e8fc7cce629686d67882c6e9b04a95f92775556 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 13:13:10 -0700 Subject: [PATCH 20/65] frontend: initial version of frontend --- frontend/Kptfile | 34 +++++++++++ frontend/README.md | 21 +++++++ frontend/configmap-env-config.yaml | 12 ++++ frontend/deployment.yaml | 95 ++++++++++++++++++++++++++++++ frontend/fn-config-setimage.yaml | 12 ++++ frontend/fn-config-setlabels.yaml | 11 ++++ frontend/fn-config-setname.yaml | 31 ++++++++++ frontend/package-context.yaml | 11 ++++ frontend/service.yaml | 17 ++++++ 9 files changed, 244 insertions(+) create mode 100644 frontend/Kptfile create mode 100644 frontend/README.md create mode 100644 frontend/configmap-env-config.yaml create mode 100644 frontend/deployment.yaml create mode 100644 frontend/fn-config-setimage.yaml create mode 100644 frontend/fn-config-setlabels.yaml create mode 100644 frontend/fn-config-setname.yaml create mode 100644 frontend/package-context.yaml create mode 100644 frontend/service.yaml diff --git a/frontend/Kptfile b/frontend/Kptfile new file mode 100644 index 0000000..5ce5643 --- /dev/null +++ b/frontend/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: frontend + labels: + app: frontend + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + commit: 592da52b02e4a5d02d92baf82ce3be7186c8f40b +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/frontend/README.md b/frontend/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/frontend/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/frontend/configmap-env-config.yaml b/frontend/configmap-env-config.yaml new file mode 100644 index 0000000..1d760a1 --- /dev/null +++ b/frontend/configmap-env-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: example + labels: + app: frontend + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/frontend/deployment.yaml b/frontend/deployment.yaml new file mode 100644 index 0000000..b47781d --- /dev/null +++ b/frontend/deployment.yaml @@ -0,0 +1,95 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: example/base-app + name: frontend + namespace: example + labels: + app: frontend + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app +spec: + selector: + matchLabels: + app: frontend + template: + metadata: + labels: + app: frontend + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/frontend:v0.5.6 + volumeMounts: + - name: keys + mountPath: /tmp/.ssh + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: v0.5.6 + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: info + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 30 + resources: + requests: + cpu: 100m + memory: 64Mi + limits: + cpu: 250m + memory: 128Mi + volumes: + # droot: should this be part of the base-app ? + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey + - emptyDir: {} + name: tmp diff --git a/frontend/fn-config-setimage.yaml b/frontend/fn-config-setimage.yaml new file mode 100644 index 0000000..8931967 --- /dev/null +++ b/frontend/fn-config-setimage.yaml @@ -0,0 +1,12 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: frontend + annotations: + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/frontend + newTag: v0.5.6 diff --git a/frontend/fn-config-setlabels.yaml b/frontend/fn-config-setlabels.yaml new file mode 100644 index 0000000..560a880 --- /dev/null +++ b/frontend/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: frontend + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: frontend diff --git a/frontend/fn-config-setname.yaml b/frontend/fn-config-setname.yaml new file mode 100644 index 0000000..a6d6d01 --- /dev/null +++ b/frontend/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: frontend + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/frontend/package-context.yaml b/frontend/package-context.yaml new file mode 100644 index 0000000..67482ad --- /dev/null +++ b/frontend/package-context.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: /kptfile.kpt.dev + name: kptfile.kpt.dev + labels: + app: frontend + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' +data: + name: example diff --git a/frontend/service.yaml b/frontend/service.yaml new file mode 100644 index 0000000..11fb6ec --- /dev/null +++ b/frontend/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: frontend + namespace: example + labels: + app: frontend + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: frontend + ports: + - name: http + port: 80 + targetPort: 8080 From 54d41d0446cb5c2d8e08a8282287ba03d5c84ccf Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 13:30:55 -0700 Subject: [PATCH 21/65] frontend: initial import --- frontend/Kptfile | 4 ++-- frontend/configmap-env-config.yaml | 2 +- frontend/deployment.yaml | 10 +++++----- frontend/fn-config-setimage.yaml | 6 +++--- frontend/fn-config-setlabels.yaml | 4 ++-- frontend/fn-config-setname.yaml | 2 +- frontend/package-context.yaml | 2 +- frontend/service.yaml | 4 ++-- 8 files changed, 17 insertions(+), 17 deletions(-) diff --git a/frontend/Kptfile b/frontend/Kptfile index 5ce5643..9dc305c 100644 --- a/frontend/Kptfile +++ b/frontend/Kptfile @@ -3,7 +3,7 @@ kind: Kptfile metadata: name: frontend labels: - app: frontend + app: base-app annotations: config.kubernetes.io/local-config: "true" upstream: @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: 592da52b02e4a5d02d92baf82ce3be7186c8f40b + commit: 0e8fc7cce629686d67882c6e9b04a95f92775556 info: description: sample description pipeline: diff --git a/frontend/configmap-env-config.yaml b/frontend/configmap-env-config.yaml index 1d760a1..74d9a61 100644 --- a/frontend/configmap-env-config.yaml +++ b/frontend/configmap-env-config.yaml @@ -4,7 +4,7 @@ metadata: # kpt-merge: example/environment-config name: environment-config namespace: example labels: - app: frontend + app: base-app annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' data: diff --git a/frontend/deployment.yaml b/frontend/deployment.yaml index b47781d..d89c1e8 100644 --- a/frontend/deployment.yaml +++ b/frontend/deployment.yaml @@ -4,17 +4,17 @@ metadata: # kpt-merge: example/base-app name: frontend namespace: example labels: - app: frontend + app: base-app annotations: internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app spec: selector: matchLabels: - app: frontend + app: base-app template: metadata: labels: - app: frontend + app: base-app spec: serviceAccountName: default terminationGracePeriodSeconds: 5 @@ -32,7 +32,7 @@ spec: - all privileged: false readOnlyRootFilesystem: true - image: gcr.io/bank-of-anthos-ci/frontend:v0.5.6 + image: gcr.io/bank-of-anthos-ci/base-app:app-version volumeMounts: - name: keys mountPath: /tmp/.ssh @@ -44,7 +44,7 @@ spec: containerPort: 8080 env: - name: VERSION - value: v0.5.6 + value: app-version - name: PORT value: "8080" - name: ENABLE_TRACING diff --git a/frontend/fn-config-setimage.yaml b/frontend/fn-config-setimage.yaml index 8931967..3121abf 100644 --- a/frontend/fn-config-setimage.yaml +++ b/frontend/fn-config-setimage.yaml @@ -3,10 +3,10 @@ kind: SetImage metadata: # kpt-merge: /set-image name: set-image labels: - app: frontend + app: base-app annotations: internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image image: name: gcr.io/bank-of-anthos-ci/base-app - newName: gcr.io/bank-of-anthos-ci/frontend - newTag: v0.5.6 + newName: gcr.io/bank-of-anthos-ci/base-app + newTag: app-version diff --git a/frontend/fn-config-setlabels.yaml b/frontend/fn-config-setlabels.yaml index 560a880..f09b74a 100644 --- a/frontend/fn-config-setlabels.yaml +++ b/frontend/fn-config-setlabels.yaml @@ -3,9 +3,9 @@ kind: SetLabels metadata: # kpt-merge: /set-labels name: set-labels labels: - app: frontend + app: base-app annotations: config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels labels: - app: frontend + app: base-app diff --git a/frontend/fn-config-setname.yaml b/frontend/fn-config-setname.yaml index a6d6d01..b3cf4a3 100644 --- a/frontend/fn-config-setname.yaml +++ b/frontend/fn-config-setname.yaml @@ -3,7 +3,7 @@ kind: StarlarkRun metadata: # kpt-merge: /set-name name: set-name labels: - app: frontend + app: base-app annotations: config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name diff --git a/frontend/package-context.yaml b/frontend/package-context.yaml index 67482ad..f983289 100644 --- a/frontend/package-context.yaml +++ b/frontend/package-context.yaml @@ -3,7 +3,7 @@ kind: ConfigMap metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev labels: - app: frontend + app: base-app annotations: config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' diff --git a/frontend/service.yaml b/frontend/service.yaml index 11fb6ec..53fd506 100644 --- a/frontend/service.yaml +++ b/frontend/service.yaml @@ -4,13 +4,13 @@ metadata: # kpt-merge: example/base-app name: frontend namespace: example labels: - app: frontend + app: base-app annotations: internal.kpt.dev/upstream-identifier: '|Service|example|base-app' spec: type: LoadBalancer selector: - app: frontend + app: base-app ports: - name: http port: 80 From 737a2d9cf805c7cfb7486a0f82014e0b9d6c0148 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 13:39:15 -0700 Subject: [PATCH 22/65] frontend: customization complete --- frontend/Kptfile | 2 +- frontend/configmap-env-config.yaml | 2 +- frontend/deployment.yaml | 10 +++++----- frontend/fn-config-setimage.yaml | 6 +++--- frontend/fn-config-setlabels.yaml | 4 ++-- frontend/fn-config-setname.yaml | 2 +- frontend/package-context.yaml | 2 +- frontend/service.yaml | 4 ++-- 8 files changed, 16 insertions(+), 16 deletions(-) diff --git a/frontend/Kptfile b/frontend/Kptfile index 9dc305c..3bccc18 100644 --- a/frontend/Kptfile +++ b/frontend/Kptfile @@ -3,7 +3,7 @@ kind: Kptfile metadata: name: frontend labels: - app: base-app + app: frontend annotations: config.kubernetes.io/local-config: "true" upstream: diff --git a/frontend/configmap-env-config.yaml b/frontend/configmap-env-config.yaml index 74d9a61..1d760a1 100644 --- a/frontend/configmap-env-config.yaml +++ b/frontend/configmap-env-config.yaml @@ -4,7 +4,7 @@ metadata: # kpt-merge: example/environment-config name: environment-config namespace: example labels: - app: base-app + app: frontend annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' data: diff --git a/frontend/deployment.yaml b/frontend/deployment.yaml index d89c1e8..b47781d 100644 --- a/frontend/deployment.yaml +++ b/frontend/deployment.yaml @@ -4,17 +4,17 @@ metadata: # kpt-merge: example/base-app name: frontend namespace: example labels: - app: base-app + app: frontend annotations: internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app spec: selector: matchLabels: - app: base-app + app: frontend template: metadata: labels: - app: base-app + app: frontend spec: serviceAccountName: default terminationGracePeriodSeconds: 5 @@ -32,7 +32,7 @@ spec: - all privileged: false readOnlyRootFilesystem: true - image: gcr.io/bank-of-anthos-ci/base-app:app-version + image: gcr.io/bank-of-anthos-ci/frontend:v0.5.6 volumeMounts: - name: keys mountPath: /tmp/.ssh @@ -44,7 +44,7 @@ spec: containerPort: 8080 env: - name: VERSION - value: app-version + value: v0.5.6 - name: PORT value: "8080" - name: ENABLE_TRACING diff --git a/frontend/fn-config-setimage.yaml b/frontend/fn-config-setimage.yaml index 3121abf..8931967 100644 --- a/frontend/fn-config-setimage.yaml +++ b/frontend/fn-config-setimage.yaml @@ -3,10 +3,10 @@ kind: SetImage metadata: # kpt-merge: /set-image name: set-image labels: - app: base-app + app: frontend annotations: internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image image: name: gcr.io/bank-of-anthos-ci/base-app - newName: gcr.io/bank-of-anthos-ci/base-app - newTag: app-version + newName: gcr.io/bank-of-anthos-ci/frontend + newTag: v0.5.6 diff --git a/frontend/fn-config-setlabels.yaml b/frontend/fn-config-setlabels.yaml index f09b74a..560a880 100644 --- a/frontend/fn-config-setlabels.yaml +++ b/frontend/fn-config-setlabels.yaml @@ -3,9 +3,9 @@ kind: SetLabels metadata: # kpt-merge: /set-labels name: set-labels labels: - app: base-app + app: frontend annotations: config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels labels: - app: base-app + app: frontend diff --git a/frontend/fn-config-setname.yaml b/frontend/fn-config-setname.yaml index b3cf4a3..a6d6d01 100644 --- a/frontend/fn-config-setname.yaml +++ b/frontend/fn-config-setname.yaml @@ -3,7 +3,7 @@ kind: StarlarkRun metadata: # kpt-merge: /set-name name: set-name labels: - app: base-app + app: frontend annotations: config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name diff --git a/frontend/package-context.yaml b/frontend/package-context.yaml index f983289..67482ad 100644 --- a/frontend/package-context.yaml +++ b/frontend/package-context.yaml @@ -3,7 +3,7 @@ kind: ConfigMap metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev labels: - app: base-app + app: frontend annotations: config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' diff --git a/frontend/service.yaml b/frontend/service.yaml index 53fd506..11fb6ec 100644 --- a/frontend/service.yaml +++ b/frontend/service.yaml @@ -4,13 +4,13 @@ metadata: # kpt-merge: example/base-app name: frontend namespace: example labels: - app: base-app + app: frontend annotations: internal.kpt.dev/upstream-identifier: '|Service|example|base-app' spec: type: LoadBalancer selector: - app: base-app + app: frontend ports: - name: http port: 80 From 75dd7c768c1ade40085d460e7316b32e841e069d Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 13:42:53 -0700 Subject: [PATCH 23/65] frontend-dev: initial version of frontend-dev --- frontend-dev/Kptfile | 34 +++++++++ frontend-dev/README.md | 21 ++++++ frontend-dev/configmap-env-config.yaml | 12 ++++ frontend-dev/deployment.yaml | 95 ++++++++++++++++++++++++++ frontend-dev/fn-config-setimage.yaml | 12 ++++ frontend-dev/fn-config-setlabels.yaml | 11 +++ frontend-dev/fn-config-setname.yaml | 31 +++++++++ frontend-dev/package-context.yaml | 10 +++ frontend-dev/service.yaml | 17 +++++ 9 files changed, 243 insertions(+) create mode 100644 frontend-dev/Kptfile create mode 100644 frontend-dev/README.md create mode 100644 frontend-dev/configmap-env-config.yaml create mode 100644 frontend-dev/deployment.yaml create mode 100644 frontend-dev/fn-config-setimage.yaml create mode 100644 frontend-dev/fn-config-setlabels.yaml create mode 100644 frontend-dev/fn-config-setname.yaml create mode 100644 frontend-dev/package-context.yaml create mode 100644 frontend-dev/service.yaml diff --git a/frontend-dev/Kptfile b/frontend-dev/Kptfile new file mode 100644 index 0000000..9939b5f --- /dev/null +++ b/frontend-dev/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: frontend-dev + labels: + app: frontend + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /frontend + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /frontend + ref: bank-of-anthos-pkgs + commit: 737a2d9cf805c7cfb7486a0f82014e0b9d6c0148 +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/frontend-dev/README.md b/frontend-dev/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/frontend-dev/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/frontend-dev/configmap-env-config.yaml b/frontend-dev/configmap-env-config.yaml new file mode 100644 index 0000000..7428663 --- /dev/null +++ b/frontend-dev/configmap-env-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: frontend-dev + labels: + app: frontend + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/frontend-dev/deployment.yaml b/frontend-dev/deployment.yaml new file mode 100644 index 0000000..1602bf1 --- /dev/null +++ b/frontend-dev/deployment.yaml @@ -0,0 +1,95 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: example/base-app + name: frontend + namespace: frontend-dev + labels: + app: frontend + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app +spec: + selector: + matchLabels: + app: frontend + template: + metadata: + labels: + app: frontend + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/frontend:v0.5.6 + volumeMounts: + - name: keys + mountPath: /tmp/.ssh + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: v0.5.6 + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: info + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 30 + resources: + requests: + cpu: 100m + memory: 64Mi + limits: + cpu: 250m + memory: 128Mi + volumes: + # droot: should this be part of the base-app ? + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey + - emptyDir: {} + name: tmp diff --git a/frontend-dev/fn-config-setimage.yaml b/frontend-dev/fn-config-setimage.yaml new file mode 100644 index 0000000..8931967 --- /dev/null +++ b/frontend-dev/fn-config-setimage.yaml @@ -0,0 +1,12 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: frontend + annotations: + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/frontend + newTag: v0.5.6 diff --git a/frontend-dev/fn-config-setlabels.yaml b/frontend-dev/fn-config-setlabels.yaml new file mode 100644 index 0000000..560a880 --- /dev/null +++ b/frontend-dev/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: frontend + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: frontend diff --git a/frontend-dev/fn-config-setname.yaml b/frontend-dev/fn-config-setname.yaml new file mode 100644 index 0000000..a6d6d01 --- /dev/null +++ b/frontend-dev/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: frontend + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/frontend-dev/package-context.yaml b/frontend-dev/package-context.yaml new file mode 100644 index 0000000..7219a2c --- /dev/null +++ b/frontend-dev/package-context.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: frontend +data: + name: frontend-dev diff --git a/frontend-dev/service.yaml b/frontend-dev/service.yaml new file mode 100644 index 0000000..ee4c0aa --- /dev/null +++ b/frontend-dev/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: frontend + namespace: frontend-dev + labels: + app: frontend + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: frontend + ports: + - name: http + port: 80 + targetPort: 8080 From 907006c9e479b88fdf346c4d7100323167f7f72e Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 15:05:38 -0700 Subject: [PATCH 24/65] frontend: customized environment variable --- frontend/deployment.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/frontend/deployment.yaml b/frontend/deployment.yaml index b47781d..b9540e7 100644 --- a/frontend/deployment.yaml +++ b/frontend/deployment.yaml @@ -56,9 +56,33 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: DEFAULT_USERNAME + valueFrom: + configMapKeyRef: + name: demo-data-config + key: DEMO_LOGIN_USERNAME + - name: DEFAULT_PASSWORD + valueFrom: + configMapKeyRef: + name: demo-data-config + key: DEMO_LOGIN_PASSWORD + - name: REGISTERED_OAUTH_CLIENT_ID + valueFrom: + configMapKeyRef: + name: oauth-config + key: DEMO_OAUTH_CLIENT_ID + optional: true + - name: ALLOWED_OAUTH_REDIRECT_URI + valueFrom: + configMapKeyRef: + name: oauth-config + key: DEMO_OAUTH_REDIRECT_URI + optional: true envFrom: - configMapRef: name: environment-config + - configMapRef: + name: service-api-config readinessProbe: httpGet: path: /ready From 1da40755003be4d51aa3ea870e237f05633a3be0 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 15:08:08 -0700 Subject: [PATCH 25/65] frontend-dev: rebased with the upstream changes --- frontend-dev/Kptfile | 2 +- frontend-dev/deployment.yaml | 24 ++++++++++++++++++++++++ frontend-dev/package-context.yaml | 7 ++++--- 3 files changed, 29 insertions(+), 4 deletions(-) diff --git a/frontend-dev/Kptfile b/frontend-dev/Kptfile index 9939b5f..c988651 100644 --- a/frontend-dev/Kptfile +++ b/frontend-dev/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /frontend ref: bank-of-anthos-pkgs - commit: 737a2d9cf805c7cfb7486a0f82014e0b9d6c0148 + commit: 907006c9e479b88fdf346c4d7100323167f7f72e info: description: sample description pipeline: diff --git a/frontend-dev/deployment.yaml b/frontend-dev/deployment.yaml index 1602bf1..ce6a2b3 100644 --- a/frontend-dev/deployment.yaml +++ b/frontend-dev/deployment.yaml @@ -56,9 +56,33 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: DEFAULT_USERNAME + valueFrom: + configMapKeyRef: + key: DEMO_LOGIN_USERNAME + name: demo-data-config + - name: DEFAULT_PASSWORD + valueFrom: + configMapKeyRef: + key: DEMO_LOGIN_PASSWORD + name: demo-data-config + - name: REGISTERED_OAUTH_CLIENT_ID + valueFrom: + configMapKeyRef: + key: DEMO_OAUTH_CLIENT_ID + name: oauth-config + optional: true + - name: ALLOWED_OAUTH_REDIRECT_URI + valueFrom: + configMapKeyRef: + key: DEMO_OAUTH_REDIRECT_URI + name: oauth-config + optional: true envFrom: - configMapRef: name: environment-config + - configMapRef: + name: service-api-config readinessProbe: httpGet: path: /ready diff --git a/frontend-dev/package-context.yaml b/frontend-dev/package-context.yaml index 7219a2c..74f1ffa 100644 --- a/frontend-dev/package-context.yaml +++ b/frontend-dev/package-context.yaml @@ -1,10 +1,11 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev - annotations: - config.kubernetes.io/local-config: "true" labels: app: frontend + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' data: name: frontend-dev From c959e8514bd3bbb88b1bc276e56d699b48c40b61 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 15:15:07 -0700 Subject: [PATCH 26/65] fn-config-setimage.yaml --- base-app/fn-config-setimage.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/base-app/fn-config-setimage.yaml b/base-app/fn-config-setimage.yaml index 5f4acce..e21a2f2 100644 --- a/base-app/fn-config-setimage.yaml +++ b/base-app/fn-config-setimage.yaml @@ -2,6 +2,8 @@ apiVersion: fn.kpt.dev/v1alpha1 kind: SetImage metadata: name: set-image + annotations: + config.kubernetes.io/local-config: "true" labels: app: base-app image: From 8fa58c9ba3a25ee636c9b1d43b126d00df90f409 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 15:16:45 -0700 Subject: [PATCH 27/65] frontend: updated to latest base-app --- frontend/Kptfile | 2 +- frontend/fn-config-setimage.yaml | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/frontend/Kptfile b/frontend/Kptfile index 3bccc18..288cd60 100644 --- a/frontend/Kptfile +++ b/frontend/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: 0e8fc7cce629686d67882c6e9b04a95f92775556 + commit: c959e8514bd3bbb88b1bc276e56d699b48c40b61 info: description: sample description pipeline: diff --git a/frontend/fn-config-setimage.yaml b/frontend/fn-config-setimage.yaml index 8931967..1ea04b4 100644 --- a/frontend/fn-config-setimage.yaml +++ b/frontend/fn-config-setimage.yaml @@ -5,6 +5,7 @@ metadata: # kpt-merge: /set-image labels: app: frontend annotations: + config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image image: name: gcr.io/bank-of-anthos-ci/base-app From 55458bfbdcd4fab30e62b12a4e0de319f8de6924 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 15:28:33 -0700 Subject: [PATCH 28/65] frontend: added service-api and demo configuration --- frontend/configmap-demo-data.yaml | 10 ++++++++++ frontend/configmap-service-config.yaml | 11 +++++++++++ 2 files changed, 21 insertions(+) create mode 100644 frontend/configmap-demo-data.yaml create mode 100644 frontend/configmap-service-config.yaml diff --git a/frontend/configmap-demo-data.yaml b/frontend/configmap-demo-data.yaml new file mode 100644 index 0000000..a87b707 --- /dev/null +++ b/frontend/configmap-demo-data.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config + namespace: example +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: "testuser" + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: "bankofanthos" \ No newline at end of file diff --git a/frontend/configmap-service-config.yaml b/frontend/configmap-service-config.yaml new file mode 100644 index 0000000..917c467 --- /dev/null +++ b/frontend/configmap-service-config.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: service-api-config + namespace: example +data: + TRANSACTIONS_API_ADDR: "ledgerwriter:8080" + BALANCES_API_ADDR: "balancereader:8080" + HISTORY_API_ADDR: "transactionhistory:8080" + CONTACTS_API_ADDR: "contacts:8080" + USERSERVICE_API_ADDR: "userservice:8080" \ No newline at end of file From 00281ada7592a6505c85a26a6dd3e9c68bceb48b Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 15:46:13 -0700 Subject: [PATCH 29/65] frontend-dev: resolved all the dependencies --- frontend-dev/Kptfile | 2 +- frontend-dev/configmap-demo-data.yaml | 14 ++++++++++++++ frontend-dev/configmap-service-config.yaml | 15 +++++++++++++++ frontend-dev/fn-config-setimage.yaml | 1 + frontend-dev/resourcegroup.yaml | 10 ++++++++++ 5 files changed, 41 insertions(+), 1 deletion(-) create mode 100644 frontend-dev/configmap-demo-data.yaml create mode 100644 frontend-dev/configmap-service-config.yaml create mode 100644 frontend-dev/resourcegroup.yaml diff --git a/frontend-dev/Kptfile b/frontend-dev/Kptfile index c988651..a2733d7 100644 --- a/frontend-dev/Kptfile +++ b/frontend-dev/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /frontend ref: bank-of-anthos-pkgs - commit: 907006c9e479b88fdf346c4d7100323167f7f72e + commit: 55458bfbdcd4fab30e62b12a4e0de319f8de6924 info: description: sample description pipeline: diff --git a/frontend-dev/configmap-demo-data.yaml b/frontend-dev/configmap-demo-data.yaml new file mode 100644 index 0000000..aba43ae --- /dev/null +++ b/frontend-dev/configmap-demo-data.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/demo-data-config + name: demo-data-config + namespace: frontend-dev + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|demo-data-config' + labels: + app: frontend +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: testuser + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: bankofanthos diff --git a/frontend-dev/configmap-service-config.yaml b/frontend-dev/configmap-service-config.yaml new file mode 100644 index 0000000..5daa959 --- /dev/null +++ b/frontend-dev/configmap-service-config.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/service-api-config + name: service-api-config + namespace: frontend-dev + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|service-api-config' + labels: + app: frontend +data: + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + BALANCES_API_ADDR: balancereader:8080 + HISTORY_API_ADDR: transactionhistory:8080 + CONTACTS_API_ADDR: contacts:8080 + USERSERVICE_API_ADDR: userservice:8080 diff --git a/frontend-dev/fn-config-setimage.yaml b/frontend-dev/fn-config-setimage.yaml index 8931967..1ea04b4 100644 --- a/frontend-dev/fn-config-setimage.yaml +++ b/frontend-dev/fn-config-setimage.yaml @@ -5,6 +5,7 @@ metadata: # kpt-merge: /set-image labels: app: frontend annotations: + config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image image: name: gcr.io/bank-of-anthos-ci/base-app diff --git a/frontend-dev/resourcegroup.yaml b/frontend-dev/resourcegroup.yaml new file mode 100644 index 0000000..5bb5c34 --- /dev/null +++ b/frontend-dev/resourcegroup.yaml @@ -0,0 +1,10 @@ +apiVersion: kpt.dev/v1alpha1 +kind: ResourceGroup +metadata: # kpt-merge: frontend-dev/inventory-29793115 + name: inventory-29793115 + namespace: frontend-dev + labels: + cli-utils.sigs.k8s.io/inventory-id: 00a3f1485cc776bc3ae747614211a010b4cd3dae-1662502354176157000 + app: frontend + annotations: + internal.kpt.dev/upstream-identifier: kpt.dev|ResourceGroup|frontend-dev|inventory-29793115 From 5977900d020b2099f1a22b2ece6aed454ed97d29 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 16:07:56 -0700 Subject: [PATCH 30/65] contacts: reinitialized the package --- contacts/Kptfile | 14 ++++++- ...config.yaml => configmap-accounts-db.yaml} | 2 +- contacts/configmap-env-config.yaml | 4 +- contacts/deployment.yaml | 40 ++++++++++++------- contacts/fn-config-setimage.yaml | 13 ++++++ contacts/fn-config-setlabels.yaml | 11 +++++ contacts/fn-config-setname.yaml | 31 ++++++++++++++ contacts/package-context.yaml | 2 + contacts/service.yaml | 4 +- 9 files changed, 103 insertions(+), 18 deletions(-) rename contacts/{configmap-db-config.yaml => configmap-accounts-db.yaml} (91%) create mode 100644 contacts/fn-config-setimage.yaml create mode 100644 contacts/fn-config-setlabels.yaml create mode 100644 contacts/fn-config-setname.yaml diff --git a/contacts/Kptfile b/contacts/Kptfile index 48656fa..2c4f585 100644 --- a/contacts/Kptfile +++ b/contacts/Kptfile @@ -2,6 +2,8 @@ apiVersion: kpt.dev/v1 kind: Kptfile metadata: name: contacts + labels: + app: contacts annotations: config.kubernetes.io/local-config: "true" upstream: @@ -17,6 +19,16 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: 2f6693c11020d2bf87362b4303aa9d49738d7023 + commit: 00281ada7592a6505c85a26a6dd3e9c68bceb48b info: description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/contacts/configmap-db-config.yaml b/contacts/configmap-accounts-db.yaml similarity index 91% rename from contacts/configmap-db-config.yaml rename to contacts/configmap-accounts-db.yaml index 4b29549..02b5449 100644 --- a/contacts/configmap-db-config.yaml +++ b/contacts/configmap-accounts-db.yaml @@ -9,4 +9,4 @@ data: POSTGRES_DB: accounts-db POSTGRES_USER: accounts-admin POSTGRES_PASSWORD: accounts-pwd - ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db \ No newline at end of file + ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db diff --git a/contacts/configmap-env-config.yaml b/contacts/configmap-env-config.yaml index fe35f25..ad89d36 100644 --- a/contacts/configmap-env-config.yaml +++ b/contacts/configmap-env-config.yaml @@ -3,8 +3,10 @@ kind: ConfigMap metadata: # kpt-merge: example/environment-config name: environment-config namespace: example + labels: + app: contacts annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' data: LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/contacts/deployment.yaml b/contacts/deployment.yaml index 1d1c007..844ac85 100644 --- a/contacts/deployment.yaml +++ b/contacts/deployment.yaml @@ -1,9 +1,12 @@ apiVersion: apps/v1 kind: Deployment -metadata: # kpt-merge: /base-app +metadata: # kpt-merge: example/base-app name: contacts + namespace: example + labels: + app: contacts annotations: - internal.kpt.dev/upstream-identifier: apps|Deployment|default|base-app + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app spec: selector: matchLabels: @@ -32,7 +35,7 @@ spec: image: gcr.io/bank-of-anthos-ci/contacts:v0.5.6 volumeMounts: - name: keys - mountPath: "/tmp/.ssh" + mountPath: /tmp/.ssh readOnly: true - mountPath: /tmp name: tmp @@ -41,18 +44,18 @@ spec: containerPort: 8080 env: - name: VERSION - value: "v0.5.6" + value: v0.5.6 - name: PORT value: "8080" - name: ENABLE_TRACING value: "true" - - name: TOKEN_EXPIRY_SECONDS - value: "3600" - - name: PRIV_KEY_PATH - value: "/tmp/.ssh/privatekey" # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL - value: "info" + value: info + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace envFrom: - configMapRef: name: environment-config @@ -65,21 +68,30 @@ spec: initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 30 resources: requests: - cpu: 200m + cpu: 100m memory: 64Mi limits: - cpu: 500m - memory: 256Mi + cpu: 250m + memory: 128Mi volumes: + # droot: should this be part of the base-app ? - name: keys secret: secretName: jwt-key items: - - key: jwtRS256.key - path: privatekey - key: jwtRS256.key.pub path: publickey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey - emptyDir: {} name: tmp diff --git a/contacts/fn-config-setimage.yaml b/contacts/fn-config-setimage.yaml new file mode 100644 index 0000000..1d7131b --- /dev/null +++ b/contacts/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: contacts + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/contacts + newTag: v0.5.6 diff --git a/contacts/fn-config-setlabels.yaml b/contacts/fn-config-setlabels.yaml new file mode 100644 index 0000000..40e8e6c --- /dev/null +++ b/contacts/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: contacts + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: contacts diff --git a/contacts/fn-config-setname.yaml b/contacts/fn-config-setname.yaml new file mode 100644 index 0000000..1a9212c --- /dev/null +++ b/contacts/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: contacts + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/contacts/package-context.yaml b/contacts/package-context.yaml index 3f47840..cfe2183 100644 --- a/contacts/package-context.yaml +++ b/contacts/package-context.yaml @@ -2,6 +2,8 @@ apiVersion: v1 kind: ConfigMap metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev + labels: + app: contacts annotations: config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' diff --git a/contacts/service.yaml b/contacts/service.yaml index 0f1b79b..0ac7520 100644 --- a/contacts/service.yaml +++ b/contacts/service.yaml @@ -3,6 +3,8 @@ kind: Service metadata: # kpt-merge: example/base-app name: contacts namespace: example + labels: + app: contacts annotations: internal.kpt.dev/upstream-identifier: '|Service|example|base-app' spec: @@ -12,4 +14,4 @@ spec: ports: - name: http port: 80 - targetPort: 8080 \ No newline at end of file + targetPort: 8080 From cf58241bdd8f6b798a74d5f7a3e0daabf4b691d3 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 16:09:42 -0700 Subject: [PATCH 31/65] contacts-dev: initialized deployable instance --- contacts-dev/Kptfile | 34 +++++++++ contacts-dev/README.md | 21 ++++++ contacts-dev/configmap-accounts-db.yaml | 14 ++++ contacts-dev/configmap-env-config.yaml | 12 +++ contacts-dev/deployment.yaml | 97 +++++++++++++++++++++++++ contacts-dev/fn-config-setimage.yaml | 13 ++++ contacts-dev/fn-config-setlabels.yaml | 11 +++ contacts-dev/fn-config-setname.yaml | 31 ++++++++ contacts-dev/package-context.yaml | 10 +++ contacts-dev/service.yaml | 17 +++++ 10 files changed, 260 insertions(+) create mode 100644 contacts-dev/Kptfile create mode 100644 contacts-dev/README.md create mode 100644 contacts-dev/configmap-accounts-db.yaml create mode 100644 contacts-dev/configmap-env-config.yaml create mode 100644 contacts-dev/deployment.yaml create mode 100644 contacts-dev/fn-config-setimage.yaml create mode 100644 contacts-dev/fn-config-setlabels.yaml create mode 100644 contacts-dev/fn-config-setname.yaml create mode 100644 contacts-dev/package-context.yaml create mode 100644 contacts-dev/service.yaml diff --git a/contacts-dev/Kptfile b/contacts-dev/Kptfile new file mode 100644 index 0000000..199545c --- /dev/null +++ b/contacts-dev/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: contacts-dev + labels: + app: contacts + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /contacts + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /contacts + ref: bank-of-anthos-pkgs + commit: 5977900d020b2099f1a22b2ece6aed454ed97d29 +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/contacts-dev/README.md b/contacts-dev/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/contacts-dev/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/contacts-dev/configmap-accounts-db.yaml b/contacts-dev/configmap-accounts-db.yaml new file mode 100644 index 0000000..595989b --- /dev/null +++ b/contacts-dev/configmap-accounts-db.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/accounts-db-config + name: accounts-db-config + labels: + app: contacts + namespace: contacts-dev + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|accounts-db-config' +data: + POSTGRES_DB: accounts-db + POSTGRES_USER: accounts-admin + POSTGRES_PASSWORD: accounts-pwd + ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db diff --git a/contacts-dev/configmap-env-config.yaml b/contacts-dev/configmap-env-config.yaml new file mode 100644 index 0000000..e0b55d5 --- /dev/null +++ b/contacts-dev/configmap-env-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: contacts-dev + labels: + app: contacts + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/contacts-dev/deployment.yaml b/contacts-dev/deployment.yaml new file mode 100644 index 0000000..936f300 --- /dev/null +++ b/contacts-dev/deployment.yaml @@ -0,0 +1,97 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: example/base-app + name: contacts + namespace: contacts-dev + labels: + app: contacts + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app +spec: + selector: + matchLabels: + app: contacts + template: + metadata: + labels: + app: contacts + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/contacts:v0.5.6 + volumeMounts: + - name: keys + mountPath: /tmp/.ssh + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: v0.5.6 + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: info + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 15 + timeoutSeconds: 30 + resources: + requests: + cpu: 100m + memory: 64Mi + limits: + cpu: 250m + memory: 128Mi + volumes: + # droot: should this be part of the base-app ? + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey + - emptyDir: {} + name: tmp diff --git a/contacts-dev/fn-config-setimage.yaml b/contacts-dev/fn-config-setimage.yaml new file mode 100644 index 0000000..1d7131b --- /dev/null +++ b/contacts-dev/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: contacts + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/contacts + newTag: v0.5.6 diff --git a/contacts-dev/fn-config-setlabels.yaml b/contacts-dev/fn-config-setlabels.yaml new file mode 100644 index 0000000..40e8e6c --- /dev/null +++ b/contacts-dev/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: contacts + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: contacts diff --git a/contacts-dev/fn-config-setname.yaml b/contacts-dev/fn-config-setname.yaml new file mode 100644 index 0000000..1a9212c --- /dev/null +++ b/contacts-dev/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: contacts + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/contacts-dev/package-context.yaml b/contacts-dev/package-context.yaml new file mode 100644 index 0000000..8135fc7 --- /dev/null +++ b/contacts-dev/package-context.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: contacts +data: + name: contacts-dev diff --git a/contacts-dev/service.yaml b/contacts-dev/service.yaml new file mode 100644 index 0000000..34a19b3 --- /dev/null +++ b/contacts-dev/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: contacts + namespace: contacts-dev + labels: + app: contacts + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: contacts + ports: + - name: http + port: 80 + targetPort: 8080 From ab2f631249aecc8f0a5e33675e30198f534c6465 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 16:47:02 -0700 Subject: [PATCH 32/65] balancereader: reinitialized the package --- balancereader/Kptfile | 14 ++++++- balancereader/configmap-env-config.yaml | 4 +- ...b-config.yaml => configmap-ledger-db.yaml} | 2 +- balancereader/deployment.yaml | 37 +++++++++---------- balancereader/fn-config-setimage.yaml | 13 +++++++ balancereader/fn-config-setlabels.yaml | 11 ++++++ balancereader/fn-config-setname.yaml | 31 ++++++++++++++++ balancereader/package-context.yaml | 2 + balancereader/service.yaml | 2 + 9 files changed, 93 insertions(+), 23 deletions(-) rename balancereader/{configmap-db-config.yaml => configmap-ledger-db.yaml} (98%) create mode 100644 balancereader/fn-config-setimage.yaml create mode 100644 balancereader/fn-config-setlabels.yaml create mode 100644 balancereader/fn-config-setname.yaml diff --git a/balancereader/Kptfile b/balancereader/Kptfile index 89a50aa..e9998f0 100644 --- a/balancereader/Kptfile +++ b/balancereader/Kptfile @@ -2,6 +2,8 @@ apiVersion: kpt.dev/v1 kind: Kptfile metadata: name: balancereader + labels: + app: balancereader annotations: config.kubernetes.io/local-config: "true" upstream: @@ -17,6 +19,16 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: c0e4498887d8c0256146f1fb68d6f88504e8c62f + commit: 5977900d020b2099f1a22b2ece6aed454ed97d29 info: description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/balancereader/configmap-env-config.yaml b/balancereader/configmap-env-config.yaml index fe35f25..87d0c52 100644 --- a/balancereader/configmap-env-config.yaml +++ b/balancereader/configmap-env-config.yaml @@ -3,8 +3,10 @@ kind: ConfigMap metadata: # kpt-merge: example/environment-config name: environment-config namespace: example + labels: + app: balancereader annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' data: LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/balancereader/configmap-db-config.yaml b/balancereader/configmap-ledger-db.yaml similarity index 98% rename from balancereader/configmap-db-config.yaml rename to balancereader/configmap-ledger-db.yaml index f108c09..4e8852f 100644 --- a/balancereader/configmap-db-config.yaml +++ b/balancereader/configmap-ledger-db.yaml @@ -11,4 +11,4 @@ data: POSTGRES_PASSWORD: password SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD \ No newline at end of file + SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD diff --git a/balancereader/deployment.yaml b/balancereader/deployment.yaml index 772f6b3..fb36c30 100644 --- a/balancereader/deployment.yaml +++ b/balancereader/deployment.yaml @@ -1,9 +1,12 @@ apiVersion: apps/v1 kind: Deployment -metadata: # kpt-merge: /base-app +metadata: # kpt-merge: example/base-app name: balancereader + namespace: example + labels: + app: balancereader annotations: - internal.kpt.dev/upstream-identifier: apps|Deployment|default|base-app + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app spec: selector: matchLabels: @@ -32,7 +35,7 @@ spec: image: gcr.io/bank-of-anthos-ci/balancereader:v0.5.6 volumeMounts: - name: keys - mountPath: "/tmp/.ssh" + mountPath: /tmp/.ssh readOnly: true - mountPath: /tmp name: tmp @@ -41,25 +44,23 @@ spec: containerPort: 8080 env: - name: VERSION - value: "v0.5.6" + value: v0.5.6 - name: PORT value: "8080" - name: ENABLE_TRACING value: "true" + - name: ENABLE_METRICS + value: "true" - name: POLL_MS value: "100" - name: CACHE_SIZE value: "1000000" # tell Java to obey container memory limits - name: JVM_OPTS - value: "-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m" - - name: TOKEN_EXPIRY_SECONDS - value: "3600" - - name: PRIV_KEY_PATH - value: "/tmp/.ssh/privatekey" + value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL - value: "info" + value: info - name: NAMESPACE valueFrom: fieldRef: @@ -73,7 +74,7 @@ spec: httpGet: path: /ready port: 8080 - initialDelaySeconds: 10 + initialDelaySeconds: 60 periodSeconds: 5 timeoutSeconds: 10 livenessProbe: @@ -83,27 +84,23 @@ spec: initialDelaySeconds: 120 periodSeconds: 5 timeoutSeconds: 10 - startupProbe: - httpGet: - path: /healthy - port: 8080 - failureThreshold: 30 - periodSeconds: 10 resources: requests: - cpu: 200m + cpu: 100m memory: 256Mi limits: cpu: 500m memory: 512Mi volumes: + # droot: should this be part of the base-app ? - name: keys secret: secretName: jwt-key items: - - key: jwtRS256.key - path: privatekey - key: jwtRS256.key.pub path: publickey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey - emptyDir: {} name: tmp diff --git a/balancereader/fn-config-setimage.yaml b/balancereader/fn-config-setimage.yaml new file mode 100644 index 0000000..f43ba16 --- /dev/null +++ b/balancereader/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: balancereader + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/balancereader + newTag: v0.5.6 diff --git a/balancereader/fn-config-setlabels.yaml b/balancereader/fn-config-setlabels.yaml new file mode 100644 index 0000000..a97c441 --- /dev/null +++ b/balancereader/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: balancereader + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: balancereader diff --git a/balancereader/fn-config-setname.yaml b/balancereader/fn-config-setname.yaml new file mode 100644 index 0000000..4ccea00 --- /dev/null +++ b/balancereader/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: balancereader + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/balancereader/package-context.yaml b/balancereader/package-context.yaml index 3f47840..38f6847 100644 --- a/balancereader/package-context.yaml +++ b/balancereader/package-context.yaml @@ -2,6 +2,8 @@ apiVersion: v1 kind: ConfigMap metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev + labels: + app: balancereader annotations: config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' diff --git a/balancereader/service.yaml b/balancereader/service.yaml index 5a4cb0d..159ab4b 100644 --- a/balancereader/service.yaml +++ b/balancereader/service.yaml @@ -3,6 +3,8 @@ kind: Service metadata: # kpt-merge: example/base-app name: balancereader namespace: example + labels: + app: balancereader annotations: internal.kpt.dev/upstream-identifier: '|Service|example|base-app' spec: From fac064d10c34564488ed3cce49812b6991ccefe3 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 16:53:22 -0700 Subject: [PATCH 33/65] balancereader-dev: created deployable instance --- balancereader-dev/Kptfile | 34 +++++++ balancereader-dev/README.md | 21 ++++ balancereader-dev/configmap-env-config.yaml | 12 +++ balancereader-dev/configmap-ledger-db.yaml | 16 +++ balancereader-dev/deployment.yaml | 106 ++++++++++++++++++++ balancereader-dev/fn-config-setimage.yaml | 13 +++ balancereader-dev/fn-config-setlabels.yaml | 11 ++ balancereader-dev/fn-config-setname.yaml | 31 ++++++ balancereader-dev/package-context.yaml | 10 ++ balancereader-dev/resourcegroup.yaml | 7 ++ balancereader-dev/service.yaml | 17 ++++ 11 files changed, 278 insertions(+) create mode 100644 balancereader-dev/Kptfile create mode 100644 balancereader-dev/README.md create mode 100644 balancereader-dev/configmap-env-config.yaml create mode 100644 balancereader-dev/configmap-ledger-db.yaml create mode 100644 balancereader-dev/deployment.yaml create mode 100644 balancereader-dev/fn-config-setimage.yaml create mode 100644 balancereader-dev/fn-config-setlabels.yaml create mode 100644 balancereader-dev/fn-config-setname.yaml create mode 100644 balancereader-dev/package-context.yaml create mode 100644 balancereader-dev/resourcegroup.yaml create mode 100644 balancereader-dev/service.yaml diff --git a/balancereader-dev/Kptfile b/balancereader-dev/Kptfile new file mode 100644 index 0000000..2d56248 --- /dev/null +++ b/balancereader-dev/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: balancereader-dev + labels: + app: balancereader + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /balancereader + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /balancereader + ref: bank-of-anthos-pkgs + commit: ab2f631249aecc8f0a5e33675e30198f534c6465 +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/balancereader-dev/README.md b/balancereader-dev/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/balancereader-dev/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/balancereader-dev/configmap-env-config.yaml b/balancereader-dev/configmap-env-config.yaml new file mode 100644 index 0000000..24c38d6 --- /dev/null +++ b/balancereader-dev/configmap-env-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: balancereader-dev + labels: + app: balancereader + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/balancereader-dev/configmap-ledger-db.yaml b/balancereader-dev/configmap-ledger-db.yaml new file mode 100644 index 0000000..d9c29ae --- /dev/null +++ b/balancereader-dev/configmap-ledger-db.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/ledger-db-config + name: ledger-db-config + labels: + app: balancereader + namespace: balancereader-dev + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|ledger-db-config' +data: + POSTGRES_DB: postgresdb + POSTGRES_USER: admin + POSTGRES_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb + SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD diff --git a/balancereader-dev/deployment.yaml b/balancereader-dev/deployment.yaml new file mode 100644 index 0000000..38d9202 --- /dev/null +++ b/balancereader-dev/deployment.yaml @@ -0,0 +1,106 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: example/base-app + name: balancereader + namespace: balancereader-dev + labels: + app: balancereader + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app +spec: + selector: + matchLabels: + app: balancereader + template: + metadata: + labels: + app: balancereader + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/balancereader:v0.5.6 + volumeMounts: + - name: keys + mountPath: /tmp/.ssh + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: v0.5.6 + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: ENABLE_METRICS + value: "true" + - name: POLL_MS + value: "100" + - name: CACHE_SIZE + value: "1000000" + # tell Java to obey container memory limits + - name: JVM_OPTS + value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: info + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: ledger-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 5 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /healthy + port: 8080 + initialDelaySeconds: 120 + periodSeconds: 5 + timeoutSeconds: 10 + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + volumes: + # droot: should this be part of the base-app ? + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey + - emptyDir: {} + name: tmp diff --git a/balancereader-dev/fn-config-setimage.yaml b/balancereader-dev/fn-config-setimage.yaml new file mode 100644 index 0000000..f43ba16 --- /dev/null +++ b/balancereader-dev/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: balancereader + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/balancereader + newTag: v0.5.6 diff --git a/balancereader-dev/fn-config-setlabels.yaml b/balancereader-dev/fn-config-setlabels.yaml new file mode 100644 index 0000000..a97c441 --- /dev/null +++ b/balancereader-dev/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: balancereader + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: balancereader diff --git a/balancereader-dev/fn-config-setname.yaml b/balancereader-dev/fn-config-setname.yaml new file mode 100644 index 0000000..4ccea00 --- /dev/null +++ b/balancereader-dev/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: balancereader + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/balancereader-dev/package-context.yaml b/balancereader-dev/package-context.yaml new file mode 100644 index 0000000..d4f123c --- /dev/null +++ b/balancereader-dev/package-context.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: balancereader +data: + name: balancereader-dev diff --git a/balancereader-dev/resourcegroup.yaml b/balancereader-dev/resourcegroup.yaml new file mode 100644 index 0000000..5171e8e --- /dev/null +++ b/balancereader-dev/resourcegroup.yaml @@ -0,0 +1,7 @@ +apiVersion: kpt.dev/v1alpha1 +kind: ResourceGroup +metadata: + name: inventory-52957346 + namespace: balancereader-dev + labels: + cli-utils.sigs.k8s.io/inventory-id: 2ff98c7dfb36097fb10b38d6b5ee1a178b0dd47c-1662508216914293000 diff --git a/balancereader-dev/service.yaml b/balancereader-dev/service.yaml new file mode 100644 index 0000000..b5f46d9 --- /dev/null +++ b/balancereader-dev/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: balancereader + namespace: balancereader-dev + labels: + app: balancereader + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: balancereader + ports: + - name: http + port: 80 + targetPort: 8080 From 7b68923ee22beb4e8bf0095b0c50f85f3ab88eb1 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 17:01:54 -0700 Subject: [PATCH 34/65] ledgerwriter: reinitialized --- ledgerwriter/Kptfile | 14 ++++++++++- ledgerwriter/configmap-db-config.yaml | 4 ++-- ledgerwriter/configmap-env-config.yaml | 4 +++- ledgerwriter/configmap-service-config.yaml | 12 ++++++---- ledgerwriter/deployment.yaml | 28 ++++++++++++---------- ledgerwriter/package-context.yaml | 2 ++ ledgerwriter/service.yaml | 2 ++ 7 files changed, 44 insertions(+), 22 deletions(-) diff --git a/ledgerwriter/Kptfile b/ledgerwriter/Kptfile index f0e7664..5c095cb 100644 --- a/ledgerwriter/Kptfile +++ b/ledgerwriter/Kptfile @@ -2,6 +2,8 @@ apiVersion: kpt.dev/v1 kind: Kptfile metadata: name: ledgerwriter + labels: + app: ledgerwriter annotations: config.kubernetes.io/local-config: "true" upstream: @@ -17,6 +19,16 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: a5502a9491060a79369fcaeb055e3686149ed6dd + commit: fac064d10c34564488ed3cce49812b6991ccefe3 info: description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/ledgerwriter/configmap-db-config.yaml b/ledgerwriter/configmap-db-config.yaml index d72216b..5ec5911 100644 --- a/ledgerwriter/configmap-db-config.yaml +++ b/ledgerwriter/configmap-db-config.yaml @@ -3,7 +3,7 @@ kind: ConfigMap metadata: name: ledger-db-config labels: - app: postgres + app: ledgerwriter namespace: example data: POSTGRES_DB: postgresdb @@ -11,4 +11,4 @@ data: POSTGRES_PASSWORD: password SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD \ No newline at end of file + SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD diff --git a/ledgerwriter/configmap-env-config.yaml b/ledgerwriter/configmap-env-config.yaml index fe35f25..7a50ab3 100644 --- a/ledgerwriter/configmap-env-config.yaml +++ b/ledgerwriter/configmap-env-config.yaml @@ -3,8 +3,10 @@ kind: ConfigMap metadata: # kpt-merge: example/environment-config name: environment-config namespace: example + labels: + app: ledgerwriter annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' data: LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/ledgerwriter/configmap-service-config.yaml b/ledgerwriter/configmap-service-config.yaml index 917c467..3cc72c9 100644 --- a/ledgerwriter/configmap-service-config.yaml +++ b/ledgerwriter/configmap-service-config.yaml @@ -3,9 +3,11 @@ kind: ConfigMap metadata: name: service-api-config namespace: example + labels: + app: ledgerwriter data: - TRANSACTIONS_API_ADDR: "ledgerwriter:8080" - BALANCES_API_ADDR: "balancereader:8080" - HISTORY_API_ADDR: "transactionhistory:8080" - CONTACTS_API_ADDR: "contacts:8080" - USERSERVICE_API_ADDR: "userservice:8080" \ No newline at end of file + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + BALANCES_API_ADDR: balancereader:8080 + HISTORY_API_ADDR: transactionhistory:8080 + CONTACTS_API_ADDR: contacts:8080 + USERSERVICE_API_ADDR: userservice:8080 diff --git a/ledgerwriter/deployment.yaml b/ledgerwriter/deployment.yaml index 0eab151..9ed653f 100644 --- a/ledgerwriter/deployment.yaml +++ b/ledgerwriter/deployment.yaml @@ -1,9 +1,12 @@ apiVersion: apps/v1 kind: Deployment -metadata: # kpt-merge: /base-app +metadata: # kpt-merge: example/base-app name: ledgerwriter + namespace: example + labels: + app: ledgerwriter annotations: - internal.kpt.dev/upstream-identifier: apps|Deployment|default|base-app + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app spec: selector: matchLabels: @@ -32,7 +35,7 @@ spec: image: gcr.io/bank-of-anthos-ci/ledgerwriter:v0.5.6 volumeMounts: - name: keys - mountPath: "/tmp/.ssh" + mountPath: /tmp/.ssh readOnly: true - mountPath: /tmp name: tmp @@ -41,7 +44,7 @@ spec: containerPort: 8080 env: - name: VERSION - value: "v0.5.6" + value: v0.5.6 - name: PORT value: "8080" - name: ENABLE_TRACING @@ -50,12 +53,10 @@ spec: value: "true" # tell Java to obey container memory limits - name: JVM_OPTS - value: "-XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m" - - name: PRIV_KEY_PATH - value: "/tmp/.ssh/privatekey" + value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL - value: "info" + value: info - name: NAMESPACE valueFrom: fieldRef: @@ -65,14 +66,13 @@ spec: name: environment-config - configMapRef: name: service-api-config - # add ledger-db credentials from ConfigMap - configMapRef: name: ledger-db-config readinessProbe: httpGet: path: /ready port: 8080 - initialDelaySeconds: 10 + initialDelaySeconds: 60 periodSeconds: 5 timeoutSeconds: 10 startupProbe: @@ -89,13 +89,15 @@ spec: cpu: 500m memory: 512Mi volumes: - - name: publickey + # droot: should this be part of the base-app ? + - name: keys secret: secretName: jwt-key items: - - key: jwtRS256.key - path: privatekey - key: jwtRS256.key.pub path: publickey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey - emptyDir: {} name: tmp diff --git a/ledgerwriter/package-context.yaml b/ledgerwriter/package-context.yaml index 3f47840..e6a4b5e 100644 --- a/ledgerwriter/package-context.yaml +++ b/ledgerwriter/package-context.yaml @@ -2,6 +2,8 @@ apiVersion: v1 kind: ConfigMap metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev + labels: + app: ledgerwriter annotations: config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' diff --git a/ledgerwriter/service.yaml b/ledgerwriter/service.yaml index 360da27..2784738 100644 --- a/ledgerwriter/service.yaml +++ b/ledgerwriter/service.yaml @@ -3,6 +3,8 @@ kind: Service metadata: # kpt-merge: example/base-app name: ledgerwriter namespace: example + labels: + app: ledgerwriter annotations: internal.kpt.dev/upstream-identifier: '|Service|example|base-app' spec: From b6c291942386f40bd00e67d8b1f8508c14ce6c10 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 17:04:46 -0700 Subject: [PATCH 35/65] ledgerwriter: added missing files --- ledgerwriter/fn-config-setimage.yaml | 13 +++++++++++ ledgerwriter/fn-config-setlabels.yaml | 11 ++++++++++ ledgerwriter/fn-config-setname.yaml | 31 +++++++++++++++++++++++++++ 3 files changed, 55 insertions(+) create mode 100644 ledgerwriter/fn-config-setimage.yaml create mode 100644 ledgerwriter/fn-config-setlabels.yaml create mode 100644 ledgerwriter/fn-config-setname.yaml diff --git a/ledgerwriter/fn-config-setimage.yaml b/ledgerwriter/fn-config-setimage.yaml new file mode 100644 index 0000000..a12940b --- /dev/null +++ b/ledgerwriter/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: ledgerwriter + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/ledgerwriter + newTag: v0.5.6 diff --git a/ledgerwriter/fn-config-setlabels.yaml b/ledgerwriter/fn-config-setlabels.yaml new file mode 100644 index 0000000..879e48c --- /dev/null +++ b/ledgerwriter/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: ledgerwriter + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: ledgerwriter diff --git a/ledgerwriter/fn-config-setname.yaml b/ledgerwriter/fn-config-setname.yaml new file mode 100644 index 0000000..bd9441d --- /dev/null +++ b/ledgerwriter/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: ledgerwriter + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) From 44efb8fe03f578ec2ea301544942ab756e4b6b6f Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 17:09:14 -0700 Subject: [PATCH 36/65] ledgerwriter-dev: added the deployable instance --- ledgerwriter-dev/Kptfile | 34 ++++++ ledgerwriter-dev/README.md | 21 ++++ ledgerwriter-dev/configmap-db-config.yaml | 16 +++ ledgerwriter-dev/configmap-env-config.yaml | 12 ++ .../configmap-service-config.yaml | 15 +++ ledgerwriter-dev/deployment.yaml | 103 ++++++++++++++++++ ledgerwriter-dev/fn-config-setimage.yaml | 13 +++ ledgerwriter-dev/fn-config-setlabels.yaml | 11 ++ ledgerwriter-dev/fn-config-setname.yaml | 31 ++++++ ledgerwriter-dev/package-context.yaml | 10 ++ ledgerwriter-dev/resourcegroup.yaml | 7 ++ ledgerwriter-dev/service.yaml | 17 +++ 12 files changed, 290 insertions(+) create mode 100644 ledgerwriter-dev/Kptfile create mode 100644 ledgerwriter-dev/README.md create mode 100644 ledgerwriter-dev/configmap-db-config.yaml create mode 100644 ledgerwriter-dev/configmap-env-config.yaml create mode 100644 ledgerwriter-dev/configmap-service-config.yaml create mode 100644 ledgerwriter-dev/deployment.yaml create mode 100644 ledgerwriter-dev/fn-config-setimage.yaml create mode 100644 ledgerwriter-dev/fn-config-setlabels.yaml create mode 100644 ledgerwriter-dev/fn-config-setname.yaml create mode 100644 ledgerwriter-dev/package-context.yaml create mode 100644 ledgerwriter-dev/resourcegroup.yaml create mode 100644 ledgerwriter-dev/service.yaml diff --git a/ledgerwriter-dev/Kptfile b/ledgerwriter-dev/Kptfile new file mode 100644 index 0000000..9036fe5 --- /dev/null +++ b/ledgerwriter-dev/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: ledgerwriter-dev + labels: + app: ledgerwriter + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /ledgerwriter + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /ledgerwriter + ref: bank-of-anthos-pkgs + commit: b6c291942386f40bd00e67d8b1f8508c14ce6c10 +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/ledgerwriter-dev/README.md b/ledgerwriter-dev/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/ledgerwriter-dev/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/ledgerwriter-dev/configmap-db-config.yaml b/ledgerwriter-dev/configmap-db-config.yaml new file mode 100644 index 0000000..c18cb4a --- /dev/null +++ b/ledgerwriter-dev/configmap-db-config.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/ledger-db-config + name: ledger-db-config + labels: + app: ledgerwriter + namespace: ledgerwriter-dev + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|ledger-db-config' +data: + POSTGRES_DB: postgresdb + POSTGRES_USER: admin + POSTGRES_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb + SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD diff --git a/ledgerwriter-dev/configmap-env-config.yaml b/ledgerwriter-dev/configmap-env-config.yaml new file mode 100644 index 0000000..b5e7c52 --- /dev/null +++ b/ledgerwriter-dev/configmap-env-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: ledgerwriter-dev + labels: + app: ledgerwriter + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/ledgerwriter-dev/configmap-service-config.yaml b/ledgerwriter-dev/configmap-service-config.yaml new file mode 100644 index 0000000..f08bfc8 --- /dev/null +++ b/ledgerwriter-dev/configmap-service-config.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/service-api-config + name: service-api-config + namespace: ledgerwriter-dev + labels: + app: ledgerwriter + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|service-api-config' +data: + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + BALANCES_API_ADDR: balancereader:8080 + HISTORY_API_ADDR: transactionhistory:8080 + CONTACTS_API_ADDR: contacts:8080 + USERSERVICE_API_ADDR: userservice:8080 diff --git a/ledgerwriter-dev/deployment.yaml b/ledgerwriter-dev/deployment.yaml new file mode 100644 index 0000000..cdf2fef --- /dev/null +++ b/ledgerwriter-dev/deployment.yaml @@ -0,0 +1,103 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: example/base-app + name: ledgerwriter + namespace: ledgerwriter-dev + labels: + app: ledgerwriter + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app +spec: + selector: + matchLabels: + app: ledgerwriter + template: + metadata: + labels: + app: ledgerwriter + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/ledgerwriter:v0.5.6 + volumeMounts: + - name: keys + mountPath: /tmp/.ssh + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: v0.5.6 + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: ENABLE_METRICS + value: "true" + # tell Java to obey container memory limits + - name: JVM_OPTS + value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: info + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: service-api-config + - configMapRef: + name: ledger-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 5 + timeoutSeconds: 10 + startupProbe: + httpGet: + path: /ready + port: 8080 + failureThreshold: 30 + periodSeconds: 10 + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + volumes: + # droot: should this be part of the base-app ? + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey + - emptyDir: {} + name: tmp diff --git a/ledgerwriter-dev/fn-config-setimage.yaml b/ledgerwriter-dev/fn-config-setimage.yaml new file mode 100644 index 0000000..a12940b --- /dev/null +++ b/ledgerwriter-dev/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: ledgerwriter + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/ledgerwriter + newTag: v0.5.6 diff --git a/ledgerwriter-dev/fn-config-setlabels.yaml b/ledgerwriter-dev/fn-config-setlabels.yaml new file mode 100644 index 0000000..879e48c --- /dev/null +++ b/ledgerwriter-dev/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: ledgerwriter + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: ledgerwriter diff --git a/ledgerwriter-dev/fn-config-setname.yaml b/ledgerwriter-dev/fn-config-setname.yaml new file mode 100644 index 0000000..bd9441d --- /dev/null +++ b/ledgerwriter-dev/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: ledgerwriter + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/ledgerwriter-dev/package-context.yaml b/ledgerwriter-dev/package-context.yaml new file mode 100644 index 0000000..a270633 --- /dev/null +++ b/ledgerwriter-dev/package-context.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: ledgerwriter +data: + name: ledgerwriter-dev diff --git a/ledgerwriter-dev/resourcegroup.yaml b/ledgerwriter-dev/resourcegroup.yaml new file mode 100644 index 0000000..c634efe --- /dev/null +++ b/ledgerwriter-dev/resourcegroup.yaml @@ -0,0 +1,7 @@ +apiVersion: kpt.dev/v1alpha1 +kind: ResourceGroup +metadata: + name: inventory-22531502 + namespace: ledgerwriter-dev + labels: + cli-utils.sigs.k8s.io/inventory-id: 1802fd43d94cc4583d4850ba1edaba5164bb6d48-1662509199816075000 diff --git a/ledgerwriter-dev/service.yaml b/ledgerwriter-dev/service.yaml new file mode 100644 index 0000000..41e0bfb --- /dev/null +++ b/ledgerwriter-dev/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: ledgerwriter + namespace: ledgerwriter-dev + labels: + app: ledgerwriter + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: ledgerwriter + ports: + - name: http + port: 80 + targetPort: 8080 From 794ca904d32119dc97d9c7c61a22ac5ba54da596 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 17:19:26 -0700 Subject: [PATCH 37/65] transactionhistory: added initial version --- transactionhistory/Kptfile | 34 ++++++ transactionhistory/README.md | 21 ++++ transactionhistory/configmap-db-config.yaml | 14 +++ transactionhistory/configmap-env-config.yaml | 12 ++ transactionhistory/deployment.yaml | 116 +++++++++++++++++++ transactionhistory/fn-config-setimage.yaml | 13 +++ transactionhistory/fn-config-setlabels.yaml | 11 ++ transactionhistory/fn-config-setname.yaml | 31 +++++ transactionhistory/package-context.yaml | 11 ++ transactionhistory/service.yaml | 17 +++ 10 files changed, 280 insertions(+) create mode 100644 transactionhistory/Kptfile create mode 100644 transactionhistory/README.md create mode 100644 transactionhistory/configmap-db-config.yaml create mode 100644 transactionhistory/configmap-env-config.yaml create mode 100644 transactionhistory/deployment.yaml create mode 100644 transactionhistory/fn-config-setimage.yaml create mode 100644 transactionhistory/fn-config-setlabels.yaml create mode 100644 transactionhistory/fn-config-setname.yaml create mode 100644 transactionhistory/package-context.yaml create mode 100644 transactionhistory/service.yaml diff --git a/transactionhistory/Kptfile b/transactionhistory/Kptfile new file mode 100644 index 0000000..ef5094f --- /dev/null +++ b/transactionhistory/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: transactionhistory + labels: + app: transactionhistory + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + commit: 44efb8fe03f578ec2ea301544942ab756e4b6b6f +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/transactionhistory/README.md b/transactionhistory/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/transactionhistory/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/transactionhistory/configmap-db-config.yaml b/transactionhistory/configmap-db-config.yaml new file mode 100644 index 0000000..f1e99ec --- /dev/null +++ b/transactionhistory/configmap-db-config.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: ledger-db-config + labels: + app: transactionhistory + namespace: example +data: + POSTGRES_DB: postgresdb + POSTGRES_USER: admin + POSTGRES_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb + SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD diff --git a/transactionhistory/configmap-env-config.yaml b/transactionhistory/configmap-env-config.yaml new file mode 100644 index 0000000..3d4864d --- /dev/null +++ b/transactionhistory/configmap-env-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: example + labels: + app: transactionhistory + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/transactionhistory/deployment.yaml b/transactionhistory/deployment.yaml new file mode 100644 index 0000000..6bb81cb --- /dev/null +++ b/transactionhistory/deployment.yaml @@ -0,0 +1,116 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: example/base-app + name: transactionhistory + namespace: example + labels: + app: transactionhistory + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app +spec: + selector: + matchLabels: + app: transactionhistory + template: + metadata: + labels: + app: transactionhistory + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/transactionhistory:v0.5.6 + volumeMounts: + - name: keys + mountPath: /tmp/.ssh + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: v0.5.6 + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: ENABLE_METRICS + value: "true" + - name: POLL_MS + value: "100" + - name: CACHE_SIZE + value: "1000" + - name: CACHE_MINUTES + value: "60" + - name: HISTORY_LIMIT + value: "100" + # tell Java to obey container memory limits + - name: JVM_OPTS + value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: info + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: ledger-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 5 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /healthy + port: 8080 + initialDelaySeconds: 120 + periodSeconds: 5 + timeoutSeconds: 10 + startupProbe: + httpGet: + path: /healthy + port: 8080 + failureThreshold: 30 + periodSeconds: 10 + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + volumes: + # droot: should this be part of the base-app ? + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey + - emptyDir: {} + name: tmp diff --git a/transactionhistory/fn-config-setimage.yaml b/transactionhistory/fn-config-setimage.yaml new file mode 100644 index 0000000..6fffff0 --- /dev/null +++ b/transactionhistory/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: transactionhistory + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/transactionhistory + newTag: v0.5.6 diff --git a/transactionhistory/fn-config-setlabels.yaml b/transactionhistory/fn-config-setlabels.yaml new file mode 100644 index 0000000..9666d80 --- /dev/null +++ b/transactionhistory/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: transactionhistory + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: transactionhistory diff --git a/transactionhistory/fn-config-setname.yaml b/transactionhistory/fn-config-setname.yaml new file mode 100644 index 0000000..57b976b --- /dev/null +++ b/transactionhistory/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: transactionhistory + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/transactionhistory/package-context.yaml b/transactionhistory/package-context.yaml new file mode 100644 index 0000000..b9f3a6b --- /dev/null +++ b/transactionhistory/package-context.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: /kptfile.kpt.dev + name: kptfile.kpt.dev + labels: + app: transactionhistory + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' +data: + name: example diff --git a/transactionhistory/service.yaml b/transactionhistory/service.yaml new file mode 100644 index 0000000..b221e3e --- /dev/null +++ b/transactionhistory/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: transactionhistory + namespace: example + labels: + app: transactionhistory + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: transactionhistory + ports: + - name: http + port: 80 + targetPort: 8080 From fa21da5cec9f33f839741665cde8bffe4da6af44 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 17:23:20 -0700 Subject: [PATCH 38/65] transactionhistory-dev: created a deployable instance --- transactionhistory-dev/Kptfile | 34 +++++ transactionhistory-dev/README.md | 21 ++++ .../configmap-db-config.yaml | 16 +++ .../configmap-env-config.yaml | 12 ++ transactionhistory-dev/deployment.yaml | 116 ++++++++++++++++++ .../fn-config-setimage.yaml | 13 ++ .../fn-config-setlabels.yaml | 11 ++ transactionhistory-dev/fn-config-setname.yaml | 31 +++++ transactionhistory-dev/package-context.yaml | 10 ++ transactionhistory-dev/resourcegroup.yaml | 7 ++ transactionhistory-dev/service.yaml | 17 +++ 11 files changed, 288 insertions(+) create mode 100644 transactionhistory-dev/Kptfile create mode 100644 transactionhistory-dev/README.md create mode 100644 transactionhistory-dev/configmap-db-config.yaml create mode 100644 transactionhistory-dev/configmap-env-config.yaml create mode 100644 transactionhistory-dev/deployment.yaml create mode 100644 transactionhistory-dev/fn-config-setimage.yaml create mode 100644 transactionhistory-dev/fn-config-setlabels.yaml create mode 100644 transactionhistory-dev/fn-config-setname.yaml create mode 100644 transactionhistory-dev/package-context.yaml create mode 100644 transactionhistory-dev/resourcegroup.yaml create mode 100644 transactionhistory-dev/service.yaml diff --git a/transactionhistory-dev/Kptfile b/transactionhistory-dev/Kptfile new file mode 100644 index 0000000..8811df1 --- /dev/null +++ b/transactionhistory-dev/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: transactionhistory-dev + labels: + app: transactionhistory + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /transactionhistory + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /transactionhistory + ref: bank-of-anthos-pkgs + commit: 794ca904d32119dc97d9c7c61a22ac5ba54da596 +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/transactionhistory-dev/README.md b/transactionhistory-dev/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/transactionhistory-dev/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/transactionhistory-dev/configmap-db-config.yaml b/transactionhistory-dev/configmap-db-config.yaml new file mode 100644 index 0000000..f7c7c27 --- /dev/null +++ b/transactionhistory-dev/configmap-db-config.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/ledger-db-config + name: ledger-db-config + labels: + app: transactionhistory + namespace: transactionhistory-dev + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|ledger-db-config' +data: + POSTGRES_DB: postgresdb + POSTGRES_USER: admin + POSTGRES_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb + SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD diff --git a/transactionhistory-dev/configmap-env-config.yaml b/transactionhistory-dev/configmap-env-config.yaml new file mode 100644 index 0000000..6ab3ba8 --- /dev/null +++ b/transactionhistory-dev/configmap-env-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: transactionhistory-dev + labels: + app: transactionhistory + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/transactionhistory-dev/deployment.yaml b/transactionhistory-dev/deployment.yaml new file mode 100644 index 0000000..678ced1 --- /dev/null +++ b/transactionhistory-dev/deployment.yaml @@ -0,0 +1,116 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: example/base-app + name: transactionhistory + namespace: transactionhistory-dev + labels: + app: transactionhistory + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app +spec: + selector: + matchLabels: + app: transactionhistory + template: + metadata: + labels: + app: transactionhistory + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/transactionhistory:v0.5.6 + volumeMounts: + - name: keys + mountPath: /tmp/.ssh + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: v0.5.6 + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: ENABLE_METRICS + value: "true" + - name: POLL_MS + value: "100" + - name: CACHE_SIZE + value: "1000" + - name: CACHE_MINUTES + value: "60" + - name: HISTORY_LIMIT + value: "100" + # tell Java to obey container memory limits + - name: JVM_OPTS + value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: info + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: ledger-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 60 + periodSeconds: 5 + timeoutSeconds: 10 + livenessProbe: + httpGet: + path: /healthy + port: 8080 + initialDelaySeconds: 120 + periodSeconds: 5 + timeoutSeconds: 10 + startupProbe: + httpGet: + path: /healthy + port: 8080 + failureThreshold: 30 + periodSeconds: 10 + resources: + requests: + cpu: 100m + memory: 256Mi + limits: + cpu: 500m + memory: 512Mi + volumes: + # droot: should this be part of the base-app ? + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + # base-app exposes only public key by default + # - key: jwtRS256.key + # path: privatekey + - emptyDir: {} + name: tmp diff --git a/transactionhistory-dev/fn-config-setimage.yaml b/transactionhistory-dev/fn-config-setimage.yaml new file mode 100644 index 0000000..6fffff0 --- /dev/null +++ b/transactionhistory-dev/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: transactionhistory + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/transactionhistory + newTag: v0.5.6 diff --git a/transactionhistory-dev/fn-config-setlabels.yaml b/transactionhistory-dev/fn-config-setlabels.yaml new file mode 100644 index 0000000..9666d80 --- /dev/null +++ b/transactionhistory-dev/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: transactionhistory + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: transactionhistory diff --git a/transactionhistory-dev/fn-config-setname.yaml b/transactionhistory-dev/fn-config-setname.yaml new file mode 100644 index 0000000..57b976b --- /dev/null +++ b/transactionhistory-dev/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: transactionhistory + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/transactionhistory-dev/package-context.yaml b/transactionhistory-dev/package-context.yaml new file mode 100644 index 0000000..738591c --- /dev/null +++ b/transactionhistory-dev/package-context.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: transactionhistory +data: + name: transactionhistory-dev diff --git a/transactionhistory-dev/resourcegroup.yaml b/transactionhistory-dev/resourcegroup.yaml new file mode 100644 index 0000000..333cd54 --- /dev/null +++ b/transactionhistory-dev/resourcegroup.yaml @@ -0,0 +1,7 @@ +apiVersion: kpt.dev/v1alpha1 +kind: ResourceGroup +metadata: + name: inventory-44246773 + namespace: transactionhistory-dev + labels: + cli-utils.sigs.k8s.io/inventory-id: 5f2e51fa06ff172974a6750abd2e15f4d820d42b-1662510089262370000 diff --git a/transactionhistory-dev/service.yaml b/transactionhistory-dev/service.yaml new file mode 100644 index 0000000..9dc0cdb --- /dev/null +++ b/transactionhistory-dev/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: transactionhistory + namespace: transactionhistory-dev + labels: + app: transactionhistory + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: transactionhistory + ports: + - name: http + port: 80 + targetPort: 8080 From 4eb19740d844e63f88bcc9dac530d1b6ba2297da Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 17:30:07 -0700 Subject: [PATCH 39/65] userservice: added initial version --- userservice/Kptfile | 34 ++++++++++ userservice/README.md | 21 ++++++ userservice/configmap-db-config.yaml | 12 ++++ userservice/configmap-env-config.yaml | 12 ++++ userservice/deployment.yaml | 93 +++++++++++++++++++++++++++ userservice/fn-config-setimage.yaml | 13 ++++ userservice/fn-config-setlabels.yaml | 11 ++++ userservice/fn-config-setname.yaml | 31 +++++++++ userservice/package-context.yaml | 11 ++++ userservice/service.yaml | 17 +++++ 10 files changed, 255 insertions(+) create mode 100644 userservice/Kptfile create mode 100644 userservice/README.md create mode 100644 userservice/configmap-db-config.yaml create mode 100644 userservice/configmap-env-config.yaml create mode 100644 userservice/deployment.yaml create mode 100644 userservice/fn-config-setimage.yaml create mode 100644 userservice/fn-config-setlabels.yaml create mode 100644 userservice/fn-config-setname.yaml create mode 100644 userservice/package-context.yaml create mode 100644 userservice/service.yaml diff --git a/userservice/Kptfile b/userservice/Kptfile new file mode 100644 index 0000000..9256302 --- /dev/null +++ b/userservice/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: userservice + labels: + app: userservice + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-app + ref: bank-of-anthos-pkgs + commit: fa21da5cec9f33f839741665cde8bffe4da6af44 +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/userservice/README.md b/userservice/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/userservice/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/userservice/configmap-db-config.yaml b/userservice/configmap-db-config.yaml new file mode 100644 index 0000000..49ffa19 --- /dev/null +++ b/userservice/configmap-db-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: accounts-db-config + namespace: example + labels: + app: userservice +data: + POSTGRES_DB: accounts-db + POSTGRES_USER: accounts-admin + POSTGRES_PASSWORD: accounts-pwd + ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db diff --git a/userservice/configmap-env-config.yaml b/userservice/configmap-env-config.yaml new file mode 100644 index 0000000..9ca07f4 --- /dev/null +++ b/userservice/configmap-env-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: example + labels: + app: userservice + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/userservice/deployment.yaml b/userservice/deployment.yaml new file mode 100644 index 0000000..aaf482a --- /dev/null +++ b/userservice/deployment.yaml @@ -0,0 +1,93 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: example/base-app + name: userservice + namespace: example + labels: + app: userservice + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app +spec: + selector: + matchLabels: + app: userservice + template: + metadata: + labels: + app: userservice + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/userservice:v0.5.6 + volumeMounts: + - name: keys + mountPath: /tmp/.ssh + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: v0.5.6 + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: TOKEN_EXPIRY_SECONDS + value: "3600" + - name: PRIV_KEY_PATH + value: /tmp/.ssh/privatekey + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: info + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + resources: + requests: + cpu: 200m + memory: 64Mi + limits: + cpu: 500m + memory: 256Mi + volumes: + # droot: should this be part of the base-app ? + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + - key: jwtRS256.key + path: privatekey + - emptyDir: {} + name: tmp diff --git a/userservice/fn-config-setimage.yaml b/userservice/fn-config-setimage.yaml new file mode 100644 index 0000000..2404390 --- /dev/null +++ b/userservice/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: userservice + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/userservice + newTag: v0.5.6 diff --git a/userservice/fn-config-setlabels.yaml b/userservice/fn-config-setlabels.yaml new file mode 100644 index 0000000..e35f8a0 --- /dev/null +++ b/userservice/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: userservice + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: userservice diff --git a/userservice/fn-config-setname.yaml b/userservice/fn-config-setname.yaml new file mode 100644 index 0000000..1aa9e30 --- /dev/null +++ b/userservice/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: userservice + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/userservice/package-context.yaml b/userservice/package-context.yaml new file mode 100644 index 0000000..b054f86 --- /dev/null +++ b/userservice/package-context.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: /kptfile.kpt.dev + name: kptfile.kpt.dev + labels: + app: userservice + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' +data: + name: example diff --git a/userservice/service.yaml b/userservice/service.yaml new file mode 100644 index 0000000..cbab652 --- /dev/null +++ b/userservice/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: userservice + namespace: example + labels: + app: userservice + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: userservice + ports: + - name: http + port: 80 + targetPort: 8080 From f5fcc16562e486d679922a7fb30055efbd602223 Mon Sep 17 00:00:00 2001 From: droot Date: Tue, 6 Sep 2022 17:33:11 -0700 Subject: [PATCH 40/65] userservice-dev: created a deployable instance --- userservice-dev/Kptfile | 34 +++++++++ userservice-dev/README.md | 21 +++++ userservice-dev/configmap-db-config.yaml | 14 ++++ userservice-dev/configmap-env-config.yaml | 12 +++ userservice-dev/deployment.yaml | 93 +++++++++++++++++++++++ userservice-dev/fn-config-setimage.yaml | 13 ++++ userservice-dev/fn-config-setlabels.yaml | 11 +++ userservice-dev/fn-config-setname.yaml | 31 ++++++++ userservice-dev/package-context.yaml | 10 +++ userservice-dev/resourcegroup.yaml | 7 ++ userservice-dev/service.yaml | 17 +++++ 11 files changed, 263 insertions(+) create mode 100644 userservice-dev/Kptfile create mode 100644 userservice-dev/README.md create mode 100644 userservice-dev/configmap-db-config.yaml create mode 100644 userservice-dev/configmap-env-config.yaml create mode 100644 userservice-dev/deployment.yaml create mode 100644 userservice-dev/fn-config-setimage.yaml create mode 100644 userservice-dev/fn-config-setlabels.yaml create mode 100644 userservice-dev/fn-config-setname.yaml create mode 100644 userservice-dev/package-context.yaml create mode 100644 userservice-dev/resourcegroup.yaml create mode 100644 userservice-dev/service.yaml diff --git a/userservice-dev/Kptfile b/userservice-dev/Kptfile new file mode 100644 index 0000000..1ff9c4b --- /dev/null +++ b/userservice-dev/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: userservice-dev + labels: + app: userservice + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /userservice + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /userservice + ref: bank-of-anthos-pkgs + commit: 4eb19740d844e63f88bcc9dac530d1b6ba2297da +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/userservice-dev/README.md b/userservice-dev/README.md new file mode 100644 index 0000000..f978af1 --- /dev/null +++ b/userservice-dev/README.md @@ -0,0 +1,21 @@ +# base-app + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-app` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-app` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-app +kpt live apply base-app --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/userservice-dev/configmap-db-config.yaml b/userservice-dev/configmap-db-config.yaml new file mode 100644 index 0000000..928f56b --- /dev/null +++ b/userservice-dev/configmap-db-config.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/accounts-db-config + name: accounts-db-config + namespace: userservice-dev + labels: + app: userservice + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|accounts-db-config' +data: + POSTGRES_DB: accounts-db + POSTGRES_USER: accounts-admin + POSTGRES_PASSWORD: accounts-pwd + ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db diff --git a/userservice-dev/configmap-env-config.yaml b/userservice-dev/configmap-env-config.yaml new file mode 100644 index 0000000..bbbb61f --- /dev/null +++ b/userservice-dev/configmap-env-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: userservice-dev + labels: + app: userservice + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/userservice-dev/deployment.yaml b/userservice-dev/deployment.yaml new file mode 100644 index 0000000..4a3173f --- /dev/null +++ b/userservice-dev/deployment.yaml @@ -0,0 +1,93 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: # kpt-merge: example/base-app + name: userservice + namespace: userservice-dev + labels: + app: userservice + annotations: + internal.kpt.dev/upstream-identifier: apps|Deployment|example|base-app +spec: + selector: + matchLabels: + app: userservice + template: + metadata: + labels: + app: userservice + spec: + serviceAccountName: default + terminationGracePeriodSeconds: 5 + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + containers: + - name: primary + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + image: gcr.io/bank-of-anthos-ci/userservice:v0.5.6 + volumeMounts: + - name: keys + mountPath: /tmp/.ssh + readOnly: true + - mountPath: /tmp + name: tmp + ports: + - name: http-server + containerPort: 8080 + env: + - name: VERSION + value: v0.5.6 + - name: PORT + value: "8080" + - name: ENABLE_TRACING + value: "true" + - name: TOKEN_EXPIRY_SECONDS + value: "3600" + - name: PRIV_KEY_PATH + value: /tmp/.ssh/privatekey + # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. + - name: LOG_LEVEL + value: info + - name: NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + readinessProbe: + httpGet: + path: /ready + port: 8080 + initialDelaySeconds: 10 + periodSeconds: 5 + timeoutSeconds: 10 + resources: + requests: + cpu: 200m + memory: 64Mi + limits: + cpu: 500m + memory: 256Mi + volumes: + # droot: should this be part of the base-app ? + - name: keys + secret: + secretName: jwt-key + items: + - key: jwtRS256.key.pub + path: publickey + - key: jwtRS256.key + path: privatekey + - emptyDir: {} + name: tmp diff --git a/userservice-dev/fn-config-setimage.yaml b/userservice-dev/fn-config-setimage.yaml new file mode 100644 index 0000000..2404390 --- /dev/null +++ b/userservice-dev/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: userservice + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-app + newName: gcr.io/bank-of-anthos-ci/userservice + newTag: v0.5.6 diff --git a/userservice-dev/fn-config-setlabels.yaml b/userservice-dev/fn-config-setlabels.yaml new file mode 100644 index 0000000..e35f8a0 --- /dev/null +++ b/userservice-dev/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: userservice + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: userservice diff --git a/userservice-dev/fn-config-setname.yaml b/userservice-dev/fn-config-setname.yaml new file mode 100644 index 0000000..1aa9e30 --- /dev/null +++ b/userservice-dev/fn-config-setname.yaml @@ -0,0 +1,31 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: userservice + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/userservice-dev/package-context.yaml b/userservice-dev/package-context.yaml new file mode 100644 index 0000000..ec469b2 --- /dev/null +++ b/userservice-dev/package-context.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: userservice +data: + name: userservice-dev diff --git a/userservice-dev/resourcegroup.yaml b/userservice-dev/resourcegroup.yaml new file mode 100644 index 0000000..70459c9 --- /dev/null +++ b/userservice-dev/resourcegroup.yaml @@ -0,0 +1,7 @@ +apiVersion: kpt.dev/v1alpha1 +kind: ResourceGroup +metadata: + name: inventory-19648536 + namespace: userservice-dev + labels: + cli-utils.sigs.k8s.io/inventory-id: b0c9fc5bdb4a0728aea685a250d2fb2e0d592506-1662510690668497000 diff --git a/userservice-dev/service.yaml b/userservice-dev/service.yaml new file mode 100644 index 0000000..9fc55df --- /dev/null +++ b/userservice-dev/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-app + name: userservice + namespace: userservice-dev + labels: + app: userservice + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-app' +spec: + type: LoadBalancer + selector: + app: userservice + ports: + - name: http + port: 80 + targetPort: 8080 From 2fa6bbc17479453bd72963b6b6d9dfb82d995a3c Mon Sep 17 00:00:00 2001 From: droot Date: Wed, 7 Sep 2022 11:06:09 -0700 Subject: [PATCH 41/65] base-db: initial version --- base-db/Kptfile | 20 ++++++++++ base-db/README.md | 21 +++++++++++ base-db/configmap-db-config.yaml | 12 ++++++ base-db/fn-config-setimage.yaml | 12 ++++++ base-db/fn-config-setlabels.yaml | 10 +++++ base-db/fn-config-setname.yaml | 30 +++++++++++++++ base-db/package-context.yaml | 10 +++++ base-db/service.yaml | 17 +++++++++ base-db/statefulset.yaml | 63 ++++++++++++++++++++++++++++++++ 9 files changed, 195 insertions(+) create mode 100644 base-db/Kptfile create mode 100644 base-db/README.md create mode 100644 base-db/configmap-db-config.yaml create mode 100644 base-db/fn-config-setimage.yaml create mode 100644 base-db/fn-config-setlabels.yaml create mode 100644 base-db/fn-config-setname.yaml create mode 100644 base-db/package-context.yaml create mode 100644 base-db/service.yaml create mode 100644 base-db/statefulset.yaml diff --git a/base-db/Kptfile b/base-db/Kptfile new file mode 100644 index 0000000..e88711c --- /dev/null +++ b/base-db/Kptfile @@ -0,0 +1,20 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: base-db + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: base-db +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/base-db/README.md b/base-db/README.md new file mode 100644 index 0000000..8bffa25 --- /dev/null +++ b/base-db/README.md @@ -0,0 +1,21 @@ +# base-db + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-db` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-db` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-db +kpt live apply base-db --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/base-db/configmap-db-config.yaml b/base-db/configmap-db-config.yaml new file mode 100644 index 0000000..3f6ca1c --- /dev/null +++ b/base-db/configmap-db-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: db-config + namespace: example + labels: + app: base-db +data: + POSTGRES_DB: base-db + POSTGRES_USER: base-db-admin + POSTGRES_PASSWORD: base-db-pwd + ACCOUNTS_DB_URI: postgresql://base-db-admin:base-db-pwd@base-db:5432/base-db diff --git a/base-db/fn-config-setimage.yaml b/base-db/fn-config-setimage.yaml new file mode 100644 index 0000000..b15ff9e --- /dev/null +++ b/base-db/fn-config-setimage.yaml @@ -0,0 +1,12 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: + name: set-image + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: base-db +image: + name: gcr.io/bank-of-anthos-ci/base-db + newName: gcr.io/bank-of-anthos-ci/base-db + newTag: db-version diff --git a/base-db/fn-config-setlabels.yaml b/base-db/fn-config-setlabels.yaml new file mode 100644 index 0000000..b0a9125 --- /dev/null +++ b/base-db/fn-config-setlabels.yaml @@ -0,0 +1,10 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: + name: set-labels + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: base-db +labels: + app: base-db diff --git a/base-db/fn-config-setname.yaml b/base-db/fn-config-setname.yaml new file mode 100644 index 0000000..57d4fc5 --- /dev/null +++ b/base-db/fn-config-setname.yaml @@ -0,0 +1,30 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: + name: set-name + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: base-db +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "Deployment": + resource["metadata"]["name"] = pkgName + set_name(ctx.resource_list["items"]) diff --git a/base-db/package-context.yaml b/base-db/package-context.yaml new file mode 100644 index 0000000..d352989 --- /dev/null +++ b/base-db/package-context.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: base-db +data: + name: example diff --git a/base-db/service.yaml b/base-db/service.yaml new file mode 100644 index 0000000..d6efaa1 --- /dev/null +++ b/base-db/service.yaml @@ -0,0 +1,17 @@ +apiVersion: v1 +kind: Service +metadata: + name: base-db + labels: + tier: db + app: base-db + namespace: example +spec: + ports: + - port: 5432 + name: tcp + targetPort: 5432 + protocol: TCP + selector: + tier: db + app: base-db diff --git a/base-db/statefulset.yaml b/base-db/statefulset.yaml new file mode 100644 index 0000000..c5d3bd7 --- /dev/null +++ b/base-db/statefulset.yaml @@ -0,0 +1,63 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# [START gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] +kind: StatefulSet +apiVersion: apps/v1 +metadata: + name: base-db + labels: + tier: db + app: base-db + namespace: example +spec: + serviceName: base-db + replicas: 1 + selector: + matchLabels: + tier: db + app: base-db + template: + metadata: + labels: + tier: db + app: base-db + spec: + serviceAccountName: default + containers: + - name: primary + image: gcr.io/bank-of-anthos-ci/base-db:db-version + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: db-config + - configMapRef: + name: demo-data-config + ports: + - containerPort: 5432 + name: postgredb + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 512Mi + volumeMounts: + - name: postgresdb + mountPath: /var/lib/postgresql/data + subPath: postgres + volumes: + - name: postgresdb + emptyDir: {} From 4c4d5c5e2b5fe6dea6851f5985e33711afc753f8 Mon Sep 17 00:00:00 2001 From: droot Date: Wed, 7 Sep 2022 13:02:03 -0700 Subject: [PATCH 42/65] base-db: updated db config --- base-db/configmap-db-config.yaml | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/base-db/configmap-db-config.yaml b/base-db/configmap-db-config.yaml index 3f6ca1c..17a9f88 100644 --- a/base-db/configmap-db-config.yaml +++ b/base-db/configmap-db-config.yaml @@ -3,10 +3,8 @@ kind: ConfigMap metadata: name: db-config namespace: example - labels: - app: base-db data: - POSTGRES_DB: base-db - POSTGRES_USER: base-db-admin - POSTGRES_PASSWORD: base-db-pwd - ACCOUNTS_DB_URI: postgresql://base-db-admin:base-db-pwd@base-db:5432/base-db + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@base-db:5432/base-db From f584104995f11738d0d07891223c0b0af8b82588 Mon Sep 17 00:00:00 2001 From: droot Date: Wed, 7 Sep 2022 13:09:48 -0700 Subject: [PATCH 43/65] base-db: updated setname function --- base-db/fn-config-setname.yaml | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/base-db/fn-config-setname.yaml b/base-db/fn-config-setname.yaml index 57d4fc5..081b6b4 100644 --- a/base-db/fn-config-setname.yaml +++ b/base-db/fn-config-setname.yaml @@ -1,11 +1,12 @@ apiVersion: fn.kpt.dev/v1alpha1 kind: StarlarkRun -metadata: +metadata: # kpt-merge: /set-name name: set-name + labels: + app: accounts-db annotations: config.kubernetes.io/local-config: "true" - labels: - app: base-db + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name source: |- def set_name(resources): pkgName = "" @@ -25,6 +26,8 @@ source: |- for resource in ctx.resource_list["items"]: if resource["kind"] == "Service": resource["metadata"]["name"] = pkgName - if resource["kind"] == "Deployment": + if resource["kind"] == "StatefulSet": resource["metadata"]["name"] = pkgName + resource["spec"]["serviceName"] = pkgName + set_name(ctx.resource_list["items"]) From ec20a32b220a63998476c683e36f6b48912bbf85 Mon Sep 17 00:00:00 2001 From: droot Date: Wed, 7 Sep 2022 13:10:17 -0700 Subject: [PATCH 44/65] accounts-db: initial package --- accounts-db/Kptfile | 26 +++++++++++++++++++ accounts-db/README.md | 10 ++++---- accounts-db/configmap-db-config.yaml | 16 +++++++----- accounts-db/configmap-demo-data.yaml | 10 -------- accounts-db/configmap-env-config.yaml | 37 --------------------------- accounts-db/fn-config-setimage.yaml | 13 ++++++++++ accounts-db/fn-config-setlabels.yaml | 11 ++++++++ accounts-db/fn-config-setname.yaml | 33 ++++++++++++++++++++++++ accounts-db/package-context.yaml | 5 +++- accounts-db/service.yaml | 8 +++--- accounts-db/statefulset.yaml | 18 +++++++------ 11 files changed, 116 insertions(+), 71 deletions(-) delete mode 100644 accounts-db/configmap-demo-data.yaml delete mode 100644 accounts-db/configmap-env-config.yaml create mode 100644 accounts-db/fn-config-setimage.yaml create mode 100644 accounts-db/fn-config-setlabels.yaml create mode 100644 accounts-db/fn-config-setname.yaml diff --git a/accounts-db/Kptfile b/accounts-db/Kptfile index 643b0bd..6d235a5 100644 --- a/accounts-db/Kptfile +++ b/accounts-db/Kptfile @@ -2,7 +2,33 @@ apiVersion: kpt.dev/v1 kind: Kptfile metadata: name: accounts-db + labels: + app: accounts-db annotations: config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-db + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-db + ref: bank-of-anthos-pkgs + commit: 4c4d5c5e2b5fe6dea6851f5985e33711afc753f8 info: description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/accounts-db/README.md b/accounts-db/README.md index 8abcfde..8bffa25 100644 --- a/accounts-db/README.md +++ b/accounts-db/README.md @@ -1,4 +1,4 @@ -# accounts-db +# base-db ## Description sample description @@ -6,16 +6,16 @@ sample description ## Usage ### Fetch the package -`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] accounts-db` +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-db` Details: https://kpt.dev/reference/cli/pkg/get/ ### View package content -`kpt pkg tree accounts-db` +`kpt pkg tree base-db` Details: https://kpt.dev/reference/cli/pkg/tree/ ### Apply the package ``` -kpt live init accounts-db -kpt live apply accounts-db --reconcile-timeout=2m --output=table +kpt live init base-db +kpt live apply base-db --reconcile-timeout=2m --output=table ``` Details: https://kpt.dev/reference/cli/live/ diff --git a/accounts-db/configmap-db-config.yaml b/accounts-db/configmap-db-config.yaml index 200d6b9..1a2a828 100644 --- a/accounts-db/configmap-db-config.yaml +++ b/accounts-db/configmap-db-config.yaml @@ -1,12 +1,14 @@ apiVersion: v1 kind: ConfigMap -metadata: - name: accounts-db-config +metadata: # kpt-merge: example/db-config + name: db-config + namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|db-config' labels: app: accounts-db - namespace: example data: - POSTGRES_DB: accounts-db - POSTGRES_USER: accounts-admin - POSTGRES_PASSWORD: accounts-pwd - ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db \ No newline at end of file + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@base-db:5432/base-db diff --git a/accounts-db/configmap-demo-data.yaml b/accounts-db/configmap-demo-data.yaml deleted file mode 100644 index a87b707..0000000 --- a/accounts-db/configmap-demo-data.yaml +++ /dev/null @@ -1,10 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: - name: demo-data-config - namespace: example -data: - USE_DEMO_DATA: "True" - DEMO_LOGIN_USERNAME: "testuser" - # All demo user accounts are hardcoded to use the login password 'bankofanthos' - DEMO_LOGIN_PASSWORD: "bankofanthos" \ No newline at end of file diff --git a/accounts-db/configmap-env-config.yaml b/accounts-db/configmap-env-config.yaml deleted file mode 100644 index 93a6449..0000000 --- a/accounts-db/configmap-env-config.yaml +++ /dev/null @@ -1,37 +0,0 @@ -apiVersion: v1 -kind: ConfigMap -metadata: # kpt-merge: example/environment-config - name: environment-config - namespace: example - annotations: - internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' -data: - LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: service-api-config - namespace: example -data: - TRANSACTIONS_API_ADDR: "ledgerwriter:8080" - BALANCES_API_ADDR: "balancereader:8080" - HISTORY_API_ADDR: "transactionhistory:8080" - CONTACTS_API_ADDR: "contacts:8080" - USERSERVICE_API_ADDR: "userservice:8080" - # [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] -# [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] ---- -# [START gke_boa_kubernetes_manifests_config_configmap_demo_data_config] -apiVersion: v1 -kind: ConfigMap -metadata: - name: demo-data-config - namespace: example -data: - USE_DEMO_DATA: "True" - DEMO_LOGIN_USERNAME: "testuser" - # All demo user accounts are hardcoded to use the login password 'bankofanthos' - DEMO_LOGIN_PASSWORD: "bankofanthos" - # [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] \ No newline at end of file diff --git a/accounts-db/fn-config-setimage.yaml b/accounts-db/fn-config-setimage.yaml new file mode 100644 index 0000000..3020e0a --- /dev/null +++ b/accounts-db/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: accounts-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-db + newName: gcr.io/bank-of-anthos-ci/accounts-db + newTag: v0.5.6 diff --git a/accounts-db/fn-config-setlabels.yaml b/accounts-db/fn-config-setlabels.yaml new file mode 100644 index 0000000..90191c1 --- /dev/null +++ b/accounts-db/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: accounts-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: accounts-db diff --git a/accounts-db/fn-config-setname.yaml b/accounts-db/fn-config-setname.yaml new file mode 100644 index 0000000..081b6b4 --- /dev/null +++ b/accounts-db/fn-config-setname.yaml @@ -0,0 +1,33 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: accounts-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "StatefulSet": + resource["metadata"]["name"] = pkgName + resource["spec"]["serviceName"] = pkgName + + set_name(ctx.resource_list["items"]) diff --git a/accounts-db/package-context.yaml b/accounts-db/package-context.yaml index 6c33d9e..f339b39 100644 --- a/accounts-db/package-context.yaml +++ b/accounts-db/package-context.yaml @@ -1,8 +1,11 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev + labels: + app: accounts-db annotations: config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' data: name: example diff --git a/accounts-db/service.yaml b/accounts-db/service.yaml index 0abc9e8..d2a5c64 100644 --- a/accounts-db/service.yaml +++ b/accounts-db/service.yaml @@ -1,11 +1,13 @@ apiVersion: v1 kind: Service -metadata: +metadata: # kpt-merge: example/base-db name: accounts-db labels: - app: accounts-db tier: db + app: accounts-db namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-db' spec: ports: - port: 5432 @@ -13,5 +15,5 @@ spec: targetPort: 5432 protocol: TCP selector: + tier: db app: accounts-db - tier: db \ No newline at end of file diff --git a/accounts-db/statefulset.yaml b/accounts-db/statefulset.yaml index 074b75a..eae795d 100644 --- a/accounts-db/statefulset.yaml +++ b/accounts-db/statefulset.yaml @@ -14,34 +14,36 @@ # [START gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] kind: StatefulSet apiVersion: apps/v1 -metadata: +metadata: # kpt-merge: example/base-db name: accounts-db labels: - app: accounts-db tier: db + app: accounts-db namespace: example + annotations: + internal.kpt.dev/upstream-identifier: apps|StatefulSet|example|base-db spec: - serviceName: "accounts-db" + serviceName: accounts-db replicas: 1 selector: matchLabels: - app: accounts-db tier: db + app: accounts-db template: metadata: labels: - app: accounts-db tier: db + app: accounts-db spec: serviceAccountName: default containers: - - name: accounts-db + - name: primary image: gcr.io/bank-of-anthos-ci/accounts-db:v0.5.6 envFrom: - configMapRef: name: environment-config - configMapRef: - name: accounts-db-config + name: db-config - configMapRef: name: demo-data-config ports: @@ -60,4 +62,4 @@ spec: subPath: postgres volumes: - name: postgresdb - emptyDir: {} \ No newline at end of file + emptyDir: {} From ad8cd97c46cdd5d7edc2c6d5e3eddfa61acafef7 Mon Sep 17 00:00:00 2001 From: droot Date: Wed, 7 Sep 2022 13:23:06 -0700 Subject: [PATCH 45/65] base-db: added missing configmaps --- base-db/configmap-demo-data.yaml | 10 ++++++++++ base-db/configmap-env-config.yaml | 10 ++++++++++ 2 files changed, 20 insertions(+) create mode 100644 base-db/configmap-demo-data.yaml create mode 100644 base-db/configmap-env-config.yaml diff --git a/base-db/configmap-demo-data.yaml b/base-db/configmap-demo-data.yaml new file mode 100644 index 0000000..a87b707 --- /dev/null +++ b/base-db/configmap-demo-data.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config + namespace: example +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: "testuser" + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: "bankofanthos" \ No newline at end of file diff --git a/base-db/configmap-env-config.yaml b/base-db/configmap-env-config.yaml new file mode 100644 index 0000000..8e0e5b6 --- /dev/null +++ b/base-db/configmap-env-config.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: environment-config + namespace: example + labels: + app: base-app +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey From 5024944cf9a3176dbe766e4ae7cfa9ceec5b6445 Mon Sep 17 00:00:00 2001 From: droot Date: Wed, 7 Sep 2022 13:23:27 -0700 Subject: [PATCH 46/65] accounts-db-dev: deployble instance --- accounts-db-dev/Kptfile | 34 ++++++++++++ accounts-db-dev/README.md | 21 ++++++++ accounts-db-dev/configmap-db-config.yaml | 14 +++++ accounts-db-dev/configmap-demo-data.yaml | 12 +++++ accounts-db-dev/configmap-env-config.yaml | 10 ++++ accounts-db-dev/fn-config-setimage.yaml | 13 +++++ accounts-db-dev/fn-config-setlabels.yaml | 11 ++++ accounts-db-dev/fn-config-setname.yaml | 33 ++++++++++++ accounts-db-dev/package-context.yaml | 10 ++++ accounts-db-dev/resourcegroup.yaml | 8 +++ accounts-db-dev/service.yaml | 19 +++++++ accounts-db-dev/statefulset.yaml | 65 +++++++++++++++++++++++ 12 files changed, 250 insertions(+) create mode 100644 accounts-db-dev/Kptfile create mode 100644 accounts-db-dev/README.md create mode 100644 accounts-db-dev/configmap-db-config.yaml create mode 100644 accounts-db-dev/configmap-demo-data.yaml create mode 100644 accounts-db-dev/configmap-env-config.yaml create mode 100644 accounts-db-dev/fn-config-setimage.yaml create mode 100644 accounts-db-dev/fn-config-setlabels.yaml create mode 100644 accounts-db-dev/fn-config-setname.yaml create mode 100644 accounts-db-dev/package-context.yaml create mode 100644 accounts-db-dev/resourcegroup.yaml create mode 100644 accounts-db-dev/service.yaml create mode 100644 accounts-db-dev/statefulset.yaml diff --git a/accounts-db-dev/Kptfile b/accounts-db-dev/Kptfile new file mode 100644 index 0000000..0d8e6f1 --- /dev/null +++ b/accounts-db-dev/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: accounts-db-dev + labels: + app: accounts-db + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /accounts-db + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /accounts-db + ref: bank-of-anthos-pkgs + commit: ec20a32b220a63998476c683e36f6b48912bbf85 +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/accounts-db-dev/README.md b/accounts-db-dev/README.md new file mode 100644 index 0000000..8bffa25 --- /dev/null +++ b/accounts-db-dev/README.md @@ -0,0 +1,21 @@ +# base-db + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-db` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-db` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-db +kpt live apply base-db --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/accounts-db-dev/configmap-db-config.yaml b/accounts-db-dev/configmap-db-config.yaml new file mode 100644 index 0000000..f2d7057 --- /dev/null +++ b/accounts-db-dev/configmap-db-config.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/db-config + name: db-config + namespace: accounts-db-dev + labels: + app: accounts-db + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|db-config' +data: + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@base-db:5432/base-db diff --git a/accounts-db-dev/configmap-demo-data.yaml b/accounts-db-dev/configmap-demo-data.yaml new file mode 100644 index 0000000..c5b1d5f --- /dev/null +++ b/accounts-db-dev/configmap-demo-data.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: demo-data-config + namespace: accounts-db-dev + labels: + app: accounts-db +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: testuser + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: bankofanthos diff --git a/accounts-db-dev/configmap-env-config.yaml b/accounts-db-dev/configmap-env-config.yaml new file mode 100644 index 0000000..1059dfe --- /dev/null +++ b/accounts-db-dev/configmap-env-config.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: environment-config + namespace: accounts-db-dev + labels: + app: accounts-db +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/accounts-db-dev/fn-config-setimage.yaml b/accounts-db-dev/fn-config-setimage.yaml new file mode 100644 index 0000000..3020e0a --- /dev/null +++ b/accounts-db-dev/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: accounts-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-db + newName: gcr.io/bank-of-anthos-ci/accounts-db + newTag: v0.5.6 diff --git a/accounts-db-dev/fn-config-setlabels.yaml b/accounts-db-dev/fn-config-setlabels.yaml new file mode 100644 index 0000000..90191c1 --- /dev/null +++ b/accounts-db-dev/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: accounts-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: accounts-db diff --git a/accounts-db-dev/fn-config-setname.yaml b/accounts-db-dev/fn-config-setname.yaml new file mode 100644 index 0000000..081b6b4 --- /dev/null +++ b/accounts-db-dev/fn-config-setname.yaml @@ -0,0 +1,33 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: accounts-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "StatefulSet": + resource["metadata"]["name"] = pkgName + resource["spec"]["serviceName"] = pkgName + + set_name(ctx.resource_list["items"]) diff --git a/accounts-db-dev/package-context.yaml b/accounts-db-dev/package-context.yaml new file mode 100644 index 0000000..633ccd2 --- /dev/null +++ b/accounts-db-dev/package-context.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: accounts-db +data: + name: accounts-db-dev diff --git a/accounts-db-dev/resourcegroup.yaml b/accounts-db-dev/resourcegroup.yaml new file mode 100644 index 0000000..1872e59 --- /dev/null +++ b/accounts-db-dev/resourcegroup.yaml @@ -0,0 +1,8 @@ +apiVersion: kpt.dev/v1alpha1 +kind: ResourceGroup +metadata: + name: inventory-99865161 + namespace: accounts-db-dev + labels: + cli-utils.sigs.k8s.io/inventory-id: 2aca04e392c4f17d91507bedbcc8719d050a9806-1662581639705790000 + app: accounts-db diff --git a/accounts-db-dev/service.yaml b/accounts-db-dev/service.yaml new file mode 100644 index 0000000..0e0b451 --- /dev/null +++ b/accounts-db-dev/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-db + name: accounts-db + labels: + tier: db + app: accounts-db + namespace: accounts-db-dev + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-db' +spec: + ports: + - port: 5432 + name: tcp + targetPort: 5432 + protocol: TCP + selector: + tier: db + app: accounts-db diff --git a/accounts-db-dev/statefulset.yaml b/accounts-db-dev/statefulset.yaml new file mode 100644 index 0000000..0cedfcc --- /dev/null +++ b/accounts-db-dev/statefulset.yaml @@ -0,0 +1,65 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# [START gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] +kind: StatefulSet +apiVersion: apps/v1 +metadata: # kpt-merge: example/base-db + name: accounts-db + labels: + tier: db + app: accounts-db + namespace: accounts-db-dev + annotations: + internal.kpt.dev/upstream-identifier: apps|StatefulSet|example|base-db +spec: + serviceName: accounts-db + replicas: 1 + selector: + matchLabels: + tier: db + app: accounts-db + template: + metadata: + labels: + tier: db + app: accounts-db + spec: + serviceAccountName: default + containers: + - name: primary + image: gcr.io/bank-of-anthos-ci/accounts-db:v0.5.6 + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: db-config + - configMapRef: + name: demo-data-config + ports: + - containerPort: 5432 + name: postgredb + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + cpu: 250m + memory: 512Mi + volumeMounts: + - name: postgresdb + mountPath: /var/lib/postgresql/data + subPath: postgres + volumes: + - name: postgresdb + emptyDir: {} From 65959591c7f878ace41efda18f1ce862a1d45015 Mon Sep 17 00:00:00 2001 From: droot Date: Wed, 7 Sep 2022 13:30:46 -0700 Subject: [PATCH 47/65] base-db: updated labels --- base-db/configmap-db-config.yaml | 2 ++ base-db/configmap-demo-data.yaml | 6 ++++-- base-db/configmap-env-config.yaml | 2 +- base-db/fn-config-setname.yaml | 2 +- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/base-db/configmap-db-config.yaml b/base-db/configmap-db-config.yaml index 17a9f88..9bd689c 100644 --- a/base-db/configmap-db-config.yaml +++ b/base-db/configmap-db-config.yaml @@ -3,6 +3,8 @@ kind: ConfigMap metadata: name: db-config namespace: example + labels: + app: base-db data: POSTGRES_DB: db POSTGRES_USER: db-admin diff --git a/base-db/configmap-demo-data.yaml b/base-db/configmap-demo-data.yaml index a87b707..c681195 100644 --- a/base-db/configmap-demo-data.yaml +++ b/base-db/configmap-demo-data.yaml @@ -3,8 +3,10 @@ kind: ConfigMap metadata: name: demo-data-config namespace: example + labels: + app: base-db data: USE_DEMO_DATA: "True" - DEMO_LOGIN_USERNAME: "testuser" + DEMO_LOGIN_USERNAME: testuser # All demo user accounts are hardcoded to use the login password 'bankofanthos' - DEMO_LOGIN_PASSWORD: "bankofanthos" \ No newline at end of file + DEMO_LOGIN_PASSWORD: bankofanthos diff --git a/base-db/configmap-env-config.yaml b/base-db/configmap-env-config.yaml index 8e0e5b6..18ee7b6 100644 --- a/base-db/configmap-env-config.yaml +++ b/base-db/configmap-env-config.yaml @@ -4,7 +4,7 @@ metadata: name: environment-config namespace: example labels: - app: base-app + app: base-db data: LOCAL_ROUTING_NUM: "883745000" PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/base-db/fn-config-setname.yaml b/base-db/fn-config-setname.yaml index 081b6b4..fbda09b 100644 --- a/base-db/fn-config-setname.yaml +++ b/base-db/fn-config-setname.yaml @@ -3,7 +3,7 @@ kind: StarlarkRun metadata: # kpt-merge: /set-name name: set-name labels: - app: accounts-db + app: base-db annotations: config.kubernetes.io/local-config: "true" internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name From eeae7d23f7a71c0cd91a6bdd0b5c88fd66e84b6c Mon Sep 17 00:00:00 2001 From: droot Date: Wed, 7 Sep 2022 13:31:13 -0700 Subject: [PATCH 48/65] ledger-db: reinitialized --- ledger-db/Kptfile | 26 ++++++++++++ ledger-db/README.md | 10 ++--- ledger-db/configmap-db-config.yaml | 20 +++++----- ledger-db/configmap-demo-data.yaml | 10 +++-- ledger-db/configmap-env-config.yaml | 31 ++------------- ledger-db/fn-config-setimage.yaml | 13 ++++++ ledger-db/fn-config-setlabels.yaml | 11 +++++ ledger-db/fn-config-setname.yaml | 33 +++++++++++++++ ledger-db/package-context.yaml | 5 ++- ledger-db/service.yaml | 18 ++++++--- ledger-db/statefulset.yaml | 62 ++++++++++++++++------------- 11 files changed, 159 insertions(+), 80 deletions(-) create mode 100644 ledger-db/fn-config-setimage.yaml create mode 100644 ledger-db/fn-config-setlabels.yaml create mode 100644 ledger-db/fn-config-setname.yaml diff --git a/ledger-db/Kptfile b/ledger-db/Kptfile index 703b783..0482925 100644 --- a/ledger-db/Kptfile +++ b/ledger-db/Kptfile @@ -2,7 +2,33 @@ apiVersion: kpt.dev/v1 kind: Kptfile metadata: name: ledger-db + labels: + app: ledger-db annotations: config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-db + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /base-db + ref: bank-of-anthos-pkgs + commit: 5024944cf9a3176dbe766e4ae7cfa9ceec5b6445 info: description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/ledger-db/README.md b/ledger-db/README.md index a4f62f4..8bffa25 100644 --- a/ledger-db/README.md +++ b/ledger-db/README.md @@ -1,4 +1,4 @@ -# ledger-db +# base-db ## Description sample description @@ -6,16 +6,16 @@ sample description ## Usage ### Fetch the package -`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] ledger-db` +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-db` Details: https://kpt.dev/reference/cli/pkg/get/ ### View package content -`kpt pkg tree ledger-db` +`kpt pkg tree base-db` Details: https://kpt.dev/reference/cli/pkg/tree/ ### Apply the package ``` -kpt live init ledger-db -kpt live apply ledger-db --reconcile-timeout=2m --output=table +kpt live init base-db +kpt live apply base-db --reconcile-timeout=2m --output=table ``` Details: https://kpt.dev/reference/cli/live/ diff --git a/ledger-db/configmap-db-config.yaml b/ledger-db/configmap-db-config.yaml index d72216b..c700b0d 100644 --- a/ledger-db/configmap-db-config.yaml +++ b/ledger-db/configmap-db-config.yaml @@ -1,14 +1,14 @@ apiVersion: v1 kind: ConfigMap -metadata: - name: ledger-db-config - labels: - app: postgres +metadata: # kpt-merge: example/db-config + name: db-config namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|db-config' + labels: + app: ledger-db data: - POSTGRES_DB: postgresdb - POSTGRES_USER: admin - POSTGRES_PASSWORD: password - SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb - SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD \ No newline at end of file + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@base-db:5432/base-db diff --git a/ledger-db/configmap-demo-data.yaml b/ledger-db/configmap-demo-data.yaml index a87b707..5b0fa70 100644 --- a/ledger-db/configmap-demo-data.yaml +++ b/ledger-db/configmap-demo-data.yaml @@ -1,10 +1,14 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: example/demo-data-config name: demo-data-config namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|demo-data-config' + labels: + app: ledger-db data: USE_DEMO_DATA: "True" - DEMO_LOGIN_USERNAME: "testuser" + DEMO_LOGIN_USERNAME: testuser # All demo user accounts are hardcoded to use the login password 'bankofanthos' - DEMO_LOGIN_PASSWORD: "bankofanthos" \ No newline at end of file + DEMO_LOGIN_PASSWORD: bankofanthos diff --git a/ledger-db/configmap-env-config.yaml b/ledger-db/configmap-env-config.yaml index 93a6449..76bd6a7 100644 --- a/ledger-db/configmap-env-config.yaml +++ b/ledger-db/configmap-env-config.yaml @@ -3,35 +3,10 @@ kind: ConfigMap metadata: # kpt-merge: example/environment-config name: environment-config namespace: example + labels: + app: ledger-db annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' data: LOCAL_ROUTING_NUM: "883745000" - PUB_KEY_PATH: "/tmp/.ssh/publickey" ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: service-api-config - namespace: example -data: - TRANSACTIONS_API_ADDR: "ledgerwriter:8080" - BALANCES_API_ADDR: "balancereader:8080" - HISTORY_API_ADDR: "transactionhistory:8080" - CONTACTS_API_ADDR: "contacts:8080" - USERSERVICE_API_ADDR: "userservice:8080" - # [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] -# [END gke_boa_kubernetes_manifests_config_configmap_service_api_config] ---- -# [START gke_boa_kubernetes_manifests_config_configmap_demo_data_config] -apiVersion: v1 -kind: ConfigMap -metadata: - name: demo-data-config - namespace: example -data: - USE_DEMO_DATA: "True" - DEMO_LOGIN_USERNAME: "testuser" - # All demo user accounts are hardcoded to use the login password 'bankofanthos' - DEMO_LOGIN_PASSWORD: "bankofanthos" - # [END gke_boa_kubernetes_manifests_config_configmap_demo_data_config] \ No newline at end of file + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/ledger-db/fn-config-setimage.yaml b/ledger-db/fn-config-setimage.yaml new file mode 100644 index 0000000..85ef403 --- /dev/null +++ b/ledger-db/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: ledger-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-db + newName: gcr.io/bank-of-anthos-ci/ledger-db + newTag: v0.5.6 diff --git a/ledger-db/fn-config-setlabels.yaml b/ledger-db/fn-config-setlabels.yaml new file mode 100644 index 0000000..bea4645 --- /dev/null +++ b/ledger-db/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: ledger-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: ledger-db diff --git a/ledger-db/fn-config-setname.yaml b/ledger-db/fn-config-setname.yaml new file mode 100644 index 0000000..bb6d97b --- /dev/null +++ b/ledger-db/fn-config-setname.yaml @@ -0,0 +1,33 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: ledger-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "StatefulSet": + resource["metadata"]["name"] = pkgName + resource["spec"]["serviceName"] = pkgName + + set_name(ctx.resource_list["items"]) diff --git a/ledger-db/package-context.yaml b/ledger-db/package-context.yaml index 6c33d9e..36214f2 100644 --- a/ledger-db/package-context.yaml +++ b/ledger-db/package-context.yaml @@ -1,8 +1,11 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev + labels: + app: ledger-db annotations: config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' data: name: example diff --git a/ledger-db/service.yaml b/ledger-db/service.yaml index 412d6b6..b3a9fb3 100644 --- a/ledger-db/service.yaml +++ b/ledger-db/service.yaml @@ -1,13 +1,19 @@ apiVersion: v1 kind: Service -metadata: +metadata: # kpt-merge: example/base-db name: ledger-db + labels: + tier: db + app: ledger-db namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-db' spec: - type: ClusterIP + ports: + - port: 5432 + name: tcp + targetPort: 5432 + protocol: TCP selector: + tier: db app: ledger-db - ports: - - name: tcp - port: 5432 - targetPort: 5432 \ No newline at end of file diff --git a/ledger-db/statefulset.yaml b/ledger-db/statefulset.yaml index f720342..0a07c9f 100644 --- a/ledger-db/statefulset.yaml +++ b/ledger-db/statefulset.yaml @@ -11,47 +11,55 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# [START gke_boa_kubernetes_manifests_ledger_db_statefulset_ledger_db] +# [START gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] kind: StatefulSet apiVersion: apps/v1 -metadata: +metadata: # kpt-merge: example/base-db name: ledger-db + labels: + tier: db + app: ledger-db namespace: example + annotations: + internal.kpt.dev/upstream-identifier: apps|StatefulSet|example|base-db spec: - serviceName: "ledger-db" + serviceName: ledger-db replicas: 1 selector: matchLabels: + tier: db app: ledger-db template: metadata: labels: + tier: db app: ledger-db spec: serviceAccountName: default containers: - - name: postgres - image: gcr.io/bank-of-anthos-ci/ledger-db:v0.5.6 - ports: - - containerPort: 5432 - envFrom: - - configMapRef: - name: environment-config - - configMapRef: - name: ledger-db-config - - configMapRef: - name: demo-data-config - resources: - requests: - cpu: 100m - memory: 512Mi - limits: - cpu: 250m - memory: 1Gi - volumeMounts: - - name: postgresdb - mountPath: /var/lib/postgresql/data - subPath: postgres - volumes: + - name: primary + image: gcr.io/bank-of-anthos-ci/ledger-db:v0.5.6 + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: db-config + - configMapRef: + name: demo-data-config + ports: + - containerPort: 5432 + name: postgredb + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 250m + memory: 1Gi + volumeMounts: - name: postgresdb - emptyDir: {} \ No newline at end of file + mountPath: /var/lib/postgresql/data + subPath: postgres + volumes: + - name: postgresdb + emptyDir: {} From 3eba471b3710fa09b54d524f96424db406528acd Mon Sep 17 00:00:00 2001 From: droot Date: Wed, 7 Sep 2022 13:35:46 -0700 Subject: [PATCH 49/65] ledger-db-dev: initialized dev instance for ledger-db --- ledger-db-dev/Kptfile | 34 +++++++++++++ ledger-db-dev/README.md | 21 ++++++++ ledger-db-dev/configmap-db-config.yaml | 14 ++++++ ledger-db-dev/configmap-demo-data.yaml | 14 ++++++ ledger-db-dev/configmap-env-config.yaml | 12 +++++ ledger-db-dev/fn-config-setimage.yaml | 13 +++++ ledger-db-dev/fn-config-setlabels.yaml | 11 +++++ ledger-db-dev/fn-config-setname.yaml | 33 +++++++++++++ ledger-db-dev/package-context.yaml | 10 ++++ ledger-db-dev/resourcegroup.yaml | 7 +++ ledger-db-dev/service.yaml | 19 ++++++++ ledger-db-dev/statefulset.yaml | 65 +++++++++++++++++++++++++ 12 files changed, 253 insertions(+) create mode 100644 ledger-db-dev/Kptfile create mode 100644 ledger-db-dev/README.md create mode 100644 ledger-db-dev/configmap-db-config.yaml create mode 100644 ledger-db-dev/configmap-demo-data.yaml create mode 100644 ledger-db-dev/configmap-env-config.yaml create mode 100644 ledger-db-dev/fn-config-setimage.yaml create mode 100644 ledger-db-dev/fn-config-setlabels.yaml create mode 100644 ledger-db-dev/fn-config-setname.yaml create mode 100644 ledger-db-dev/package-context.yaml create mode 100644 ledger-db-dev/resourcegroup.yaml create mode 100644 ledger-db-dev/service.yaml create mode 100644 ledger-db-dev/statefulset.yaml diff --git a/ledger-db-dev/Kptfile b/ledger-db-dev/Kptfile new file mode 100644 index 0000000..37eb35b --- /dev/null +++ b/ledger-db-dev/Kptfile @@ -0,0 +1,34 @@ +apiVersion: kpt.dev/v1 +kind: Kptfile +metadata: + name: ledger-db-dev + labels: + app: ledger-db + annotations: + config.kubernetes.io/local-config: "true" +upstream: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /ledger-db + ref: bank-of-anthos-pkgs + updateStrategy: resource-merge +upstreamLock: + type: git + git: + repo: git@github.com:droot/kpt-samples + directory: /ledger-db + ref: bank-of-anthos-pkgs + commit: eeae7d23f7a71c0cd91a6bdd0b5c88fd66e84b6c +info: + description: sample description +pipeline: + mutators: + - image: set-namespace:v0.4.1 + configPath: package-context.yaml + - image: set-labels:v0.1.5 + configPath: fn-config-setlabels.yaml + - image: starlark:v0.4.3 + configPath: fn-config-setname.yaml + - image: set-image:v0.1.1 + configPath: fn-config-setimage.yaml diff --git a/ledger-db-dev/README.md b/ledger-db-dev/README.md new file mode 100644 index 0000000..8bffa25 --- /dev/null +++ b/ledger-db-dev/README.md @@ -0,0 +1,21 @@ +# base-db + +## Description +sample description + +## Usage + +### Fetch the package +`kpt pkg get REPO_URI[.git]/PKG_PATH[@VERSION] base-db` +Details: https://kpt.dev/reference/cli/pkg/get/ + +### View package content +`kpt pkg tree base-db` +Details: https://kpt.dev/reference/cli/pkg/tree/ + +### Apply the package +``` +kpt live init base-db +kpt live apply base-db --reconcile-timeout=2m --output=table +``` +Details: https://kpt.dev/reference/cli/live/ diff --git a/ledger-db-dev/configmap-db-config.yaml b/ledger-db-dev/configmap-db-config.yaml new file mode 100644 index 0000000..4213aff --- /dev/null +++ b/ledger-db-dev/configmap-db-config.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/db-config + name: db-config + namespace: ledger-db-dev + labels: + app: ledger-db + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|db-config' +data: + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@base-db:5432/base-db diff --git a/ledger-db-dev/configmap-demo-data.yaml b/ledger-db-dev/configmap-demo-data.yaml new file mode 100644 index 0000000..4c1b359 --- /dev/null +++ b/ledger-db-dev/configmap-demo-data.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/demo-data-config + name: demo-data-config + namespace: ledger-db-dev + labels: + app: ledger-db + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|demo-data-config' +data: + USE_DEMO_DATA: "True" + DEMO_LOGIN_USERNAME: testuser + # All demo user accounts are hardcoded to use the login password 'bankofanthos' + DEMO_LOGIN_PASSWORD: bankofanthos diff --git a/ledger-db-dev/configmap-env-config.yaml b/ledger-db-dev/configmap-env-config.yaml new file mode 100644 index 0000000..fb8d450 --- /dev/null +++ b/ledger-db-dev/configmap-env-config.yaml @@ -0,0 +1,12 @@ +apiVersion: v1 +kind: ConfigMap +metadata: # kpt-merge: example/environment-config + name: environment-config + namespace: ledger-db-dev + labels: + app: ledger-db + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|environment-config' +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/ledger-db-dev/fn-config-setimage.yaml b/ledger-db-dev/fn-config-setimage.yaml new file mode 100644 index 0000000..85ef403 --- /dev/null +++ b/ledger-db-dev/fn-config-setimage.yaml @@ -0,0 +1,13 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetImage +metadata: # kpt-merge: /set-image + name: set-image + labels: + app: ledger-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetImage|default|set-image +image: + name: gcr.io/bank-of-anthos-ci/base-db + newName: gcr.io/bank-of-anthos-ci/ledger-db + newTag: v0.5.6 diff --git a/ledger-db-dev/fn-config-setlabels.yaml b/ledger-db-dev/fn-config-setlabels.yaml new file mode 100644 index 0000000..bea4645 --- /dev/null +++ b/ledger-db-dev/fn-config-setlabels.yaml @@ -0,0 +1,11 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: SetLabels +metadata: # kpt-merge: /set-labels + name: set-labels + labels: + app: ledger-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|SetLabels|default|set-labels +labels: + app: ledger-db diff --git a/ledger-db-dev/fn-config-setname.yaml b/ledger-db-dev/fn-config-setname.yaml new file mode 100644 index 0000000..bb6d97b --- /dev/null +++ b/ledger-db-dev/fn-config-setname.yaml @@ -0,0 +1,33 @@ +apiVersion: fn.kpt.dev/v1alpha1 +kind: StarlarkRun +metadata: # kpt-merge: /set-name + name: set-name + labels: + app: ledger-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: fn.kpt.dev|StarlarkRun|default|set-name +source: |- + def set_name(resources): + pkgName = "" + isAbstractPackage = False + for resource in resources: + if resource["kind"] == "ConfigMap" and resource["metadata"]["name"] == "kptfile.kpt.dev" and resource["data"]["name"] == "example": + isAbstractPackage = True + if resource["kind"] == "Kptfile": + pkgName = resource["metadata"]["name"] + if not isAbstractPackage: + # update resource name only if this is an abstract blueprint + return + if pkgName == "": + fail("package must have a name.") + return + + for resource in ctx.resource_list["items"]: + if resource["kind"] == "Service": + resource["metadata"]["name"] = pkgName + if resource["kind"] == "StatefulSet": + resource["metadata"]["name"] = pkgName + resource["spec"]["serviceName"] = pkgName + + set_name(ctx.resource_list["items"]) diff --git a/ledger-db-dev/package-context.yaml b/ledger-db-dev/package-context.yaml new file mode 100644 index 0000000..8370822 --- /dev/null +++ b/ledger-db-dev/package-context.yaml @@ -0,0 +1,10 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: kptfile.kpt.dev + annotations: + config.kubernetes.io/local-config: "true" + labels: + app: ledger-db +data: + name: ledger-db-dev diff --git a/ledger-db-dev/resourcegroup.yaml b/ledger-db-dev/resourcegroup.yaml new file mode 100644 index 0000000..aa0c526 --- /dev/null +++ b/ledger-db-dev/resourcegroup.yaml @@ -0,0 +1,7 @@ +apiVersion: kpt.dev/v1alpha1 +kind: ResourceGroup +metadata: + name: inventory-04233442 + namespace: ledger-db-dev + labels: + cli-utils.sigs.k8s.io/inventory-id: c253a06522b00c265d26fb2969f981972c5836d5-1662582878972770000 diff --git a/ledger-db-dev/service.yaml b/ledger-db-dev/service.yaml new file mode 100644 index 0000000..82cf572 --- /dev/null +++ b/ledger-db-dev/service.yaml @@ -0,0 +1,19 @@ +apiVersion: v1 +kind: Service +metadata: # kpt-merge: example/base-db + name: ledger-db + labels: + tier: db + app: ledger-db + namespace: ledger-db-dev + annotations: + internal.kpt.dev/upstream-identifier: '|Service|example|base-db' +spec: + ports: + - port: 5432 + name: tcp + targetPort: 5432 + protocol: TCP + selector: + tier: db + app: ledger-db diff --git a/ledger-db-dev/statefulset.yaml b/ledger-db-dev/statefulset.yaml new file mode 100644 index 0000000..7bb1a09 --- /dev/null +++ b/ledger-db-dev/statefulset.yaml @@ -0,0 +1,65 @@ +# Copyright 2019 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# [START gke_boa_kubernetes_manifests_accounts_db_statefulset_accounts_db] +kind: StatefulSet +apiVersion: apps/v1 +metadata: # kpt-merge: example/base-db + name: ledger-db + labels: + tier: db + app: ledger-db + namespace: ledger-db-dev + annotations: + internal.kpt.dev/upstream-identifier: apps|StatefulSet|example|base-db +spec: + serviceName: ledger-db + replicas: 1 + selector: + matchLabels: + tier: db + app: ledger-db + template: + metadata: + labels: + tier: db + app: ledger-db + spec: + serviceAccountName: default + containers: + - name: primary + image: gcr.io/bank-of-anthos-ci/ledger-db:v0.5.6 + envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: db-config + - configMapRef: + name: demo-data-config + ports: + - containerPort: 5432 + name: postgredb + resources: + requests: + cpu: 100m + memory: 512Mi + limits: + cpu: 250m + memory: 1Gi + volumeMounts: + - name: postgresdb + mountPath: /var/lib/postgresql/data + subPath: postgres + volumes: + - name: postgresdb + emptyDir: {} From a6f36bc3a7432556d9ff831e636bafaa95fe61c2 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 08:53:02 -0700 Subject: [PATCH 50/65] bank-of-anthos-dev*: all instance level changes --- balancereader-dev/configmap-ledger-db.yaml | 12 ++++++------ balancereader-dev/deployment.yaml | 4 ++-- contacts-dev/configmap-accounts-db.yaml | 8 ++++---- contacts-dev/deployment.yaml | 2 +- contacts-dev/resourcegroup.yaml | 7 +++++++ frontend-dev/configmap-service-config.yaml | 10 +++++----- frontend-dev/deployment.yaml | 2 +- frontend-dev/resourcegroup.yaml | 9 +++------ ledgerwriter-dev/configmap-db-config.yaml | 12 ++++++------ ledgerwriter-dev/configmap-service-config.yaml | 10 +++++----- ledgerwriter-dev/deployment.yaml | 4 ++-- transactionhistory-dev/configmap-db-config.yaml | 12 ++++++------ transactionhistory-dev/deployment.yaml | 4 ++-- userservice-dev/configmap-db-config.yaml | 8 ++++---- userservice-dev/deployment.yaml | 2 +- 15 files changed, 55 insertions(+), 51 deletions(-) create mode 100644 contacts-dev/resourcegroup.yaml diff --git a/balancereader-dev/configmap-ledger-db.yaml b/balancereader-dev/configmap-ledger-db.yaml index d9c29ae..7f3d554 100644 --- a/balancereader-dev/configmap-ledger-db.yaml +++ b/balancereader-dev/configmap-ledger-db.yaml @@ -8,9 +8,9 @@ metadata: # kpt-merge: example/ledger-db-config annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|ledger-db-config' data: - POSTGRES_DB: postgresdb - POSTGRES_USER: admin - POSTGRES_PASSWORD: password - SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb - SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db + SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD diff --git a/balancereader-dev/deployment.yaml b/balancereader-dev/deployment.yaml index 38d9202..52086b2 100644 --- a/balancereader-dev/deployment.yaml +++ b/balancereader-dev/deployment.yaml @@ -48,9 +48,9 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" - name: ENABLE_METRICS - value: "true" + value: "false" - name: POLL_MS value: "100" - name: CACHE_SIZE diff --git a/contacts-dev/configmap-accounts-db.yaml b/contacts-dev/configmap-accounts-db.yaml index 595989b..4830755 100644 --- a/contacts-dev/configmap-accounts-db.yaml +++ b/contacts-dev/configmap-accounts-db.yaml @@ -8,7 +8,7 @@ metadata: # kpt-merge: example/accounts-db-config annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|accounts-db-config' data: - POSTGRES_DB: accounts-db - POSTGRES_USER: accounts-admin - POSTGRES_PASSWORD: accounts-pwd - ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db diff --git a/contacts-dev/deployment.yaml b/contacts-dev/deployment.yaml index 936f300..d2b6b79 100644 --- a/contacts-dev/deployment.yaml +++ b/contacts-dev/deployment.yaml @@ -48,7 +48,7 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL value: info diff --git a/contacts-dev/resourcegroup.yaml b/contacts-dev/resourcegroup.yaml new file mode 100644 index 0000000..8c24346 --- /dev/null +++ b/contacts-dev/resourcegroup.yaml @@ -0,0 +1,7 @@ +apiVersion: kpt.dev/v1alpha1 +kind: ResourceGroup +metadata: + name: inventory-25467069 + namespace: contacts-dev + labels: + cli-utils.sigs.k8s.io/inventory-id: 54f04b2035bc09cb760d766533f532e2ef7dedcf-1662613503253545000 diff --git a/frontend-dev/configmap-service-config.yaml b/frontend-dev/configmap-service-config.yaml index 5daa959..3337d4b 100644 --- a/frontend-dev/configmap-service-config.yaml +++ b/frontend-dev/configmap-service-config.yaml @@ -8,8 +8,8 @@ metadata: # kpt-merge: example/service-api-config labels: app: frontend data: - TRANSACTIONS_API_ADDR: ledgerwriter:8080 - BALANCES_API_ADDR: balancereader:8080 - HISTORY_API_ADDR: transactionhistory:8080 - CONTACTS_API_ADDR: contacts:8080 - USERSERVICE_API_ADDR: userservice:8080 + TRANSACTIONS_API_ADDR: ledgerwriter.ledgerwriter-dev:80 + BALANCES_API_ADDR: balancereader.balancereader-dev:80 + HISTORY_API_ADDR: transactionhistory.transactionhistory-dev:80 + CONTACTS_API_ADDR: contacts.contacts-dev:80 + USERSERVICE_API_ADDR: userservice.userservice-dev:80 diff --git a/frontend-dev/deployment.yaml b/frontend-dev/deployment.yaml index ce6a2b3..303ef9c 100644 --- a/frontend-dev/deployment.yaml +++ b/frontend-dev/deployment.yaml @@ -48,7 +48,7 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL value: info diff --git a/frontend-dev/resourcegroup.yaml b/frontend-dev/resourcegroup.yaml index 5bb5c34..c069408 100644 --- a/frontend-dev/resourcegroup.yaml +++ b/frontend-dev/resourcegroup.yaml @@ -1,10 +1,7 @@ apiVersion: kpt.dev/v1alpha1 kind: ResourceGroup -metadata: # kpt-merge: frontend-dev/inventory-29793115 - name: inventory-29793115 +metadata: + name: inventory-13747058 namespace: frontend-dev labels: - cli-utils.sigs.k8s.io/inventory-id: 00a3f1485cc776bc3ae747614211a010b4cd3dae-1662502354176157000 - app: frontend - annotations: - internal.kpt.dev/upstream-identifier: kpt.dev|ResourceGroup|frontend-dev|inventory-29793115 + cli-utils.sigs.k8s.io/inventory-id: d2f315ed7cc21c22c704b0e606b50b85466fb5c1-1662613105136819000 diff --git a/ledgerwriter-dev/configmap-db-config.yaml b/ledgerwriter-dev/configmap-db-config.yaml index c18cb4a..0150937 100644 --- a/ledgerwriter-dev/configmap-db-config.yaml +++ b/ledgerwriter-dev/configmap-db-config.yaml @@ -8,9 +8,9 @@ metadata: # kpt-merge: example/ledger-db-config annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|ledger-db-config' data: - POSTGRES_DB: postgresdb - POSTGRES_USER: admin - POSTGRES_PASSWORD: password - SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb - SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db + SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD diff --git a/ledgerwriter-dev/configmap-service-config.yaml b/ledgerwriter-dev/configmap-service-config.yaml index f08bfc8..1fbd540 100644 --- a/ledgerwriter-dev/configmap-service-config.yaml +++ b/ledgerwriter-dev/configmap-service-config.yaml @@ -8,8 +8,8 @@ metadata: # kpt-merge: example/service-api-config annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|service-api-config' data: - TRANSACTIONS_API_ADDR: ledgerwriter:8080 - BALANCES_API_ADDR: balancereader:8080 - HISTORY_API_ADDR: transactionhistory:8080 - CONTACTS_API_ADDR: contacts:8080 - USERSERVICE_API_ADDR: userservice:8080 + TRANSACTIONS_API_ADDR: ledgerwriter.ledgerwriter-dev:80 + BALANCES_API_ADDR: balancereader.balancereader-dev:80 + HISTORY_API_ADDR: transactionhistory.transactionhistory-dev:80 + CONTACTS_API_ADDR: contacts.contacts-dev:80 + USERSERVICE_API_ADDR: userservice.userservice-dev:80 \ No newline at end of file diff --git a/ledgerwriter-dev/deployment.yaml b/ledgerwriter-dev/deployment.yaml index cdf2fef..6dccc54 100644 --- a/ledgerwriter-dev/deployment.yaml +++ b/ledgerwriter-dev/deployment.yaml @@ -48,9 +48,9 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" - name: ENABLE_METRICS - value: "true" + value: "false" # tell Java to obey container memory limits - name: JVM_OPTS value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m diff --git a/transactionhistory-dev/configmap-db-config.yaml b/transactionhistory-dev/configmap-db-config.yaml index f7c7c27..721fb64 100644 --- a/transactionhistory-dev/configmap-db-config.yaml +++ b/transactionhistory-dev/configmap-db-config.yaml @@ -8,9 +8,9 @@ metadata: # kpt-merge: example/ledger-db-config annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|ledger-db-config' data: - POSTGRES_DB: postgresdb - POSTGRES_USER: admin - POSTGRES_PASSWORD: password - SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb - SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db + SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD diff --git a/transactionhistory-dev/deployment.yaml b/transactionhistory-dev/deployment.yaml index 678ced1..f5a3d81 100644 --- a/transactionhistory-dev/deployment.yaml +++ b/transactionhistory-dev/deployment.yaml @@ -48,9 +48,9 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" - name: ENABLE_METRICS - value: "true" + value: "false" - name: POLL_MS value: "100" - name: CACHE_SIZE diff --git a/userservice-dev/configmap-db-config.yaml b/userservice-dev/configmap-db-config.yaml index 928f56b..2282f3b 100644 --- a/userservice-dev/configmap-db-config.yaml +++ b/userservice-dev/configmap-db-config.yaml @@ -8,7 +8,7 @@ metadata: # kpt-merge: example/accounts-db-config annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|accounts-db-config' data: - POSTGRES_DB: accounts-db - POSTGRES_USER: accounts-admin - POSTGRES_PASSWORD: accounts-pwd - ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db diff --git a/userservice-dev/deployment.yaml b/userservice-dev/deployment.yaml index 4a3173f..d20e11b 100644 --- a/userservice-dev/deployment.yaml +++ b/userservice-dev/deployment.yaml @@ -48,7 +48,7 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" - name: TOKEN_EXPIRY_SECONDS value: "3600" - name: PRIV_KEY_PATH From ba18d8432d618af662efff7d81a63c70e9ba3ab8 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 14:50:34 -0700 Subject: [PATCH 51/65] update blueprints --- balancereader/configmap-ledger-db.yaml | 13 +++++++------ base-app/deployment.yaml | 4 +++- contacts/configmap-accounts-db.yaml | 9 +++++---- frontend/configmap-service-config.yaml | 10 +++++----- ledgerwriter/configmap-db-config.yaml | 13 +++++++------ transactionhistory/configmap-db-config.yaml | 13 +++++++------ userservice/configmap-db-config.yaml | 9 +++++---- 7 files changed, 39 insertions(+), 32 deletions(-) diff --git a/balancereader/configmap-ledger-db.yaml b/balancereader/configmap-ledger-db.yaml index 4e8852f..e9433f8 100644 --- a/balancereader/configmap-ledger-db.yaml +++ b/balancereader/configmap-ledger-db.yaml @@ -6,9 +6,10 @@ metadata: app: balancereader namespace: example data: - POSTGRES_DB: postgresdb - POSTGRES_USER: admin - POSTGRES_PASSWORD: password - SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb - SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/db +# SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.:5432/db + SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD \ No newline at end of file diff --git a/base-app/deployment.yaml b/base-app/deployment.yaml index 993318a..19a4772 100644 --- a/base-app/deployment.yaml +++ b/base-app/deployment.yaml @@ -46,7 +46,9 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" + - name: ENABLE_METRICS + value: "false" # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL value: info diff --git a/contacts/configmap-accounts-db.yaml b/contacts/configmap-accounts-db.yaml index 02b5449..5396cb1 100644 --- a/contacts/configmap-accounts-db.yaml +++ b/contacts/configmap-accounts-db.yaml @@ -6,7 +6,8 @@ metadata: app: contacts namespace: example data: - POSTGRES_DB: accounts-db - POSTGRES_USER: accounts-admin - POSTGRES_PASSWORD: accounts-pwd - ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db:5432/db +# ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db \ No newline at end of file diff --git a/frontend/configmap-service-config.yaml b/frontend/configmap-service-config.yaml index 917c467..997619c 100644 --- a/frontend/configmap-service-config.yaml +++ b/frontend/configmap-service-config.yaml @@ -4,8 +4,8 @@ metadata: name: service-api-config namespace: example data: - TRANSACTIONS_API_ADDR: "ledgerwriter:8080" - BALANCES_API_ADDR: "balancereader:8080" - HISTORY_API_ADDR: "transactionhistory:8080" - CONTACTS_API_ADDR: "contacts:8080" - USERSERVICE_API_ADDR: "userservice:8080" \ No newline at end of file + TRANSACTIONS_API_ADDR: "ledgerwriter:80" + BALANCES_API_ADDR: "balancereader:80" + HISTORY_API_ADDR: "transactionhistory:80" + CONTACTS_API_ADDR: "contacts:80" + USERSERVICE_API_ADDR: "userservice:80" \ No newline at end of file diff --git a/ledgerwriter/configmap-db-config.yaml b/ledgerwriter/configmap-db-config.yaml index 5ec5911..7be1e98 100644 --- a/ledgerwriter/configmap-db-config.yaml +++ b/ledgerwriter/configmap-db-config.yaml @@ -6,9 +6,10 @@ metadata: app: ledgerwriter namespace: example data: - POSTGRES_DB: postgresdb - POSTGRES_USER: admin - POSTGRES_PASSWORD: password - SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb - SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/db +# SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db + SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD \ No newline at end of file diff --git a/transactionhistory/configmap-db-config.yaml b/transactionhistory/configmap-db-config.yaml index f1e99ec..f97569d 100644 --- a/transactionhistory/configmap-db-config.yaml +++ b/transactionhistory/configmap-db-config.yaml @@ -6,9 +6,10 @@ metadata: app: transactionhistory namespace: example data: - POSTGRES_DB: postgresdb - POSTGRES_USER: admin - POSTGRES_PASSWORD: password - SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb - SPRING_DATASOURCE_USERNAME: admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: password # should match POSTGRES_PASSWORD + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/db +# SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db + SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER + SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD diff --git a/userservice/configmap-db-config.yaml b/userservice/configmap-db-config.yaml index 49ffa19..b15758b 100644 --- a/userservice/configmap-db-config.yaml +++ b/userservice/configmap-db-config.yaml @@ -6,7 +6,8 @@ metadata: labels: app: userservice data: - POSTGRES_DB: accounts-db - POSTGRES_USER: accounts-admin - POSTGRES_PASSWORD: accounts-pwd - ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db + POSTGRES_DB: db + POSTGRES_USER: db-admin + POSTGRES_PASSWORD: db-pwd + ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db:5432/db +# ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db \ No newline at end of file From 149a430d7f228fb4478950d99ec03ab0ef0da774 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 14:54:46 -0700 Subject: [PATCH 52/65] frontend: rebased with base-app --- frontend/Kptfile | 2 +- frontend/configmap-demo-data.yaml | 6 ++++-- frontend/configmap-service-config.yaml | 6 ++++-- frontend/deployment.yaml | 4 +++- 4 files changed, 12 insertions(+), 6 deletions(-) diff --git a/frontend/Kptfile b/frontend/Kptfile index 288cd60..3c5da97 100644 --- a/frontend/Kptfile +++ b/frontend/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: c959e8514bd3bbb88b1bc276e56d699b48c40b61 + commit: ba18d8432d618af662efff7d81a63c70e9ba3ab8 info: description: sample description pipeline: diff --git a/frontend/configmap-demo-data.yaml b/frontend/configmap-demo-data.yaml index a87b707..64d3738 100644 --- a/frontend/configmap-demo-data.yaml +++ b/frontend/configmap-demo-data.yaml @@ -1,10 +1,12 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: example/demo-data-config name: demo-data-config namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|demo-data-config' data: USE_DEMO_DATA: "True" DEMO_LOGIN_USERNAME: "testuser" # All demo user accounts are hardcoded to use the login password 'bankofanthos' - DEMO_LOGIN_PASSWORD: "bankofanthos" \ No newline at end of file + DEMO_LOGIN_PASSWORD: "bankofanthos" diff --git a/frontend/configmap-service-config.yaml b/frontend/configmap-service-config.yaml index 997619c..117cc22 100644 --- a/frontend/configmap-service-config.yaml +++ b/frontend/configmap-service-config.yaml @@ -1,11 +1,13 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: example/service-api-config name: service-api-config namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|service-api-config' data: TRANSACTIONS_API_ADDR: "ledgerwriter:80" BALANCES_API_ADDR: "balancereader:80" HISTORY_API_ADDR: "transactionhistory:80" CONTACTS_API_ADDR: "contacts:80" - USERSERVICE_API_ADDR: "userservice:80" \ No newline at end of file + USERSERVICE_API_ADDR: "userservice:80" diff --git a/frontend/deployment.yaml b/frontend/deployment.yaml index b9540e7..2606fce 100644 --- a/frontend/deployment.yaml +++ b/frontend/deployment.yaml @@ -48,7 +48,7 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL value: info @@ -78,6 +78,8 @@ spec: name: oauth-config key: DEMO_OAUTH_REDIRECT_URI optional: true + - name: ENABLE_METRICS + value: "false" envFrom: - configMapRef: name: environment-config From 958c37bdad0ec736c1df77607ee7a045e30ed8e3 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 14:56:38 -0700 Subject: [PATCH 53/65] balancereader: rebased --- balancereader/Kptfile | 2 +- balancereader/configmap-ledger-db.yaml | 8 +++++--- balancereader/deployment.yaml | 4 ++-- frontend/configmap-demo-data.yaml | 6 ++++-- frontend/configmap-service-config.yaml | 12 +++++++----- 5 files changed, 19 insertions(+), 13 deletions(-) diff --git a/balancereader/Kptfile b/balancereader/Kptfile index e9998f0..6e2f3d0 100644 --- a/balancereader/Kptfile +++ b/balancereader/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: 5977900d020b2099f1a22b2ece6aed454ed97d29 + commit: ba18d8432d618af662efff7d81a63c70e9ba3ab8 info: description: sample description pipeline: diff --git a/balancereader/configmap-ledger-db.yaml b/balancereader/configmap-ledger-db.yaml index e9433f8..a385b9f 100644 --- a/balancereader/configmap-ledger-db.yaml +++ b/balancereader/configmap-ledger-db.yaml @@ -1,15 +1,17 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: example/ledger-db-config name: ledger-db-config labels: app: balancereader namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|ledger-db-config' data: POSTGRES_DB: db POSTGRES_USER: db-admin POSTGRES_PASSWORD: db-pwd SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/db -# SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.:5432/db + # SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.:5432/db SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD \ No newline at end of file + SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD diff --git a/balancereader/deployment.yaml b/balancereader/deployment.yaml index fb36c30..1160069 100644 --- a/balancereader/deployment.yaml +++ b/balancereader/deployment.yaml @@ -48,9 +48,9 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" - name: ENABLE_METRICS - value: "true" + value: "false" - name: POLL_MS value: "100" - name: CACHE_SIZE diff --git a/frontend/configmap-demo-data.yaml b/frontend/configmap-demo-data.yaml index 64d3738..e044ac9 100644 --- a/frontend/configmap-demo-data.yaml +++ b/frontend/configmap-demo-data.yaml @@ -5,8 +5,10 @@ metadata: # kpt-merge: example/demo-data-config namespace: example annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|demo-data-config' + labels: + app: frontend data: USE_DEMO_DATA: "True" - DEMO_LOGIN_USERNAME: "testuser" + DEMO_LOGIN_USERNAME: testuser # All demo user accounts are hardcoded to use the login password 'bankofanthos' - DEMO_LOGIN_PASSWORD: "bankofanthos" + DEMO_LOGIN_PASSWORD: bankofanthos diff --git a/frontend/configmap-service-config.yaml b/frontend/configmap-service-config.yaml index 117cc22..98e6673 100644 --- a/frontend/configmap-service-config.yaml +++ b/frontend/configmap-service-config.yaml @@ -5,9 +5,11 @@ metadata: # kpt-merge: example/service-api-config namespace: example annotations: internal.kpt.dev/upstream-identifier: '|ConfigMap|example|service-api-config' + labels: + app: frontend data: - TRANSACTIONS_API_ADDR: "ledgerwriter:80" - BALANCES_API_ADDR: "balancereader:80" - HISTORY_API_ADDR: "transactionhistory:80" - CONTACTS_API_ADDR: "contacts:80" - USERSERVICE_API_ADDR: "userservice:80" + TRANSACTIONS_API_ADDR: ledgerwriter:80 + BALANCES_API_ADDR: balancereader:80 + HISTORY_API_ADDR: transactionhistory:80 + CONTACTS_API_ADDR: contacts:80 + USERSERVICE_API_ADDR: userservice:80 From b296326e2133a3fc93f4867c445be7c6919f5a76 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 14:58:01 -0700 Subject: [PATCH 54/65] contacts: rebased --- contacts/Kptfile | 2 +- contacts/configmap-accounts-db.yaml | 6 ++++-- contacts/deployment.yaml | 4 +++- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/contacts/Kptfile b/contacts/Kptfile index 2c4f585..cbfc37f 100644 --- a/contacts/Kptfile +++ b/contacts/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: 00281ada7592a6505c85a26a6dd3e9c68bceb48b + commit: ba18d8432d618af662efff7d81a63c70e9ba3ab8 info: description: sample description pipeline: diff --git a/contacts/configmap-accounts-db.yaml b/contacts/configmap-accounts-db.yaml index 5396cb1..610f573 100644 --- a/contacts/configmap-accounts-db.yaml +++ b/contacts/configmap-accounts-db.yaml @@ -1,13 +1,15 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: example/accounts-db-config name: accounts-db-config labels: app: contacts namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|accounts-db-config' data: POSTGRES_DB: db POSTGRES_USER: db-admin POSTGRES_PASSWORD: db-pwd ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db:5432/db -# ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db \ No newline at end of file + # ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db diff --git a/contacts/deployment.yaml b/contacts/deployment.yaml index 844ac85..758609e 100644 --- a/contacts/deployment.yaml +++ b/contacts/deployment.yaml @@ -48,7 +48,7 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL value: info @@ -56,6 +56,8 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ENABLE_METRICS + value: "false" envFrom: - configMapRef: name: environment-config From b084e21f76a9fbf2763a5f64ce43d51ca0ed16d9 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 14:59:34 -0700 Subject: [PATCH 55/65] ledgerwriter: rebased --- ledgerwriter/Kptfile | 2 +- ledgerwriter/configmap-db-config.yaml | 8 +++++--- ledgerwriter/configmap-service-config.yaml | 4 +++- ledgerwriter/deployment.yaml | 7 ++++--- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git a/ledgerwriter/Kptfile b/ledgerwriter/Kptfile index 5c095cb..8c38cb8 100644 --- a/ledgerwriter/Kptfile +++ b/ledgerwriter/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: fac064d10c34564488ed3cce49812b6991ccefe3 + commit: ba18d8432d618af662efff7d81a63c70e9ba3ab8 info: description: sample description pipeline: diff --git a/ledgerwriter/configmap-db-config.yaml b/ledgerwriter/configmap-db-config.yaml index 7be1e98..50cb456 100644 --- a/ledgerwriter/configmap-db-config.yaml +++ b/ledgerwriter/configmap-db-config.yaml @@ -1,15 +1,17 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: example/ledger-db-config name: ledger-db-config labels: app: ledgerwriter namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|ledger-db-config' data: POSTGRES_DB: db POSTGRES_USER: db-admin POSTGRES_PASSWORD: db-pwd SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/db -# SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db + # SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER - SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD \ No newline at end of file + SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD diff --git a/ledgerwriter/configmap-service-config.yaml b/ledgerwriter/configmap-service-config.yaml index 3cc72c9..f1bdd39 100644 --- a/ledgerwriter/configmap-service-config.yaml +++ b/ledgerwriter/configmap-service-config.yaml @@ -1,10 +1,12 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: example/service-api-config name: service-api-config namespace: example labels: app: ledgerwriter + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|service-api-config' data: TRANSACTIONS_API_ADDR: ledgerwriter:8080 BALANCES_API_ADDR: balancereader:8080 diff --git a/ledgerwriter/deployment.yaml b/ledgerwriter/deployment.yaml index 9ed653f..8e4a2bb 100644 --- a/ledgerwriter/deployment.yaml +++ b/ledgerwriter/deployment.yaml @@ -48,10 +48,9 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" - name: ENABLE_METRICS - value: "true" - # tell Java to obey container memory limits + value: "false" - name: JVM_OPTS value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. @@ -88,6 +87,8 @@ spec: limits: cpu: 500m memory: 512Mi + livenessProbe: + httpGet: {} volumes: # droot: should this be part of the base-app ? - name: keys From 6081184526e10c08aca04d8ec0ca7d9eee14e5c3 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 15:00:33 -0700 Subject: [PATCH 56/65] transactionhistory: rebased --- transactionhistory/Kptfile | 2 +- transactionhistory/configmap-db-config.yaml | 6 ++++-- transactionhistory/deployment.yaml | 4 ++-- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/transactionhistory/Kptfile b/transactionhistory/Kptfile index ef5094f..34f771a 100644 --- a/transactionhistory/Kptfile +++ b/transactionhistory/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: 44efb8fe03f578ec2ea301544942ab756e4b6b6f + commit: ba18d8432d618af662efff7d81a63c70e9ba3ab8 info: description: sample description pipeline: diff --git a/transactionhistory/configmap-db-config.yaml b/transactionhistory/configmap-db-config.yaml index f97569d..d19a6cc 100644 --- a/transactionhistory/configmap-db-config.yaml +++ b/transactionhistory/configmap-db-config.yaml @@ -1,15 +1,17 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: example/ledger-db-config name: ledger-db-config labels: app: transactionhistory namespace: example + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|ledger-db-config' data: POSTGRES_DB: db POSTGRES_USER: db-admin POSTGRES_PASSWORD: db-pwd SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/db -# SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db + # SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD diff --git a/transactionhistory/deployment.yaml b/transactionhistory/deployment.yaml index 6bb81cb..4f615c5 100644 --- a/transactionhistory/deployment.yaml +++ b/transactionhistory/deployment.yaml @@ -48,9 +48,9 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" - name: ENABLE_METRICS - value: "true" + value: "false" - name: POLL_MS value: "100" - name: CACHE_SIZE From 08c7473c2b4b641c1efb4a520c39c551b87eda0b Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 15:01:27 -0700 Subject: [PATCH 57/65] userservice: rebased --- userservice/Kptfile | 2 +- userservice/configmap-db-config.yaml | 6 ++++-- userservice/deployment.yaml | 6 +++++- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/userservice/Kptfile b/userservice/Kptfile index 9256302..8d4e4ff 100644 --- a/userservice/Kptfile +++ b/userservice/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /base-app ref: bank-of-anthos-pkgs - commit: fa21da5cec9f33f839741665cde8bffe4da6af44 + commit: ba18d8432d618af662efff7d81a63c70e9ba3ab8 info: description: sample description pipeline: diff --git a/userservice/configmap-db-config.yaml b/userservice/configmap-db-config.yaml index b15758b..49e6e20 100644 --- a/userservice/configmap-db-config.yaml +++ b/userservice/configmap-db-config.yaml @@ -1,13 +1,15 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: example/accounts-db-config name: accounts-db-config namespace: example labels: app: userservice + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|accounts-db-config' data: POSTGRES_DB: db POSTGRES_USER: db-admin POSTGRES_PASSWORD: db-pwd ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db:5432/db -# ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db \ No newline at end of file + # ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db diff --git a/userservice/deployment.yaml b/userservice/deployment.yaml index aaf482a..a250402 100644 --- a/userservice/deployment.yaml +++ b/userservice/deployment.yaml @@ -48,7 +48,7 @@ spec: - name: PORT value: "8080" - name: ENABLE_TRACING - value: "true" + value: "false" - name: TOKEN_EXPIRY_SECONDS value: "3600" - name: PRIV_KEY_PATH @@ -60,6 +60,8 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ENABLE_METRICS + value: "false" envFrom: - configMapRef: name: environment-config @@ -79,6 +81,8 @@ spec: limits: cpu: 500m memory: 256Mi + livenessProbe: + httpGet: {} volumes: # droot: should this be part of the base-app ? - name: keys From 86e485de9569d1b755335bde5492f19ddd9da14d Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 16:02:22 -0700 Subject: [PATCH 58/65] frontend-dev: rebased --- frontend-dev/Kptfile | 2 +- frontend-dev/configmap-demo-data.yaml | 4 ++-- frontend-dev/configmap-service-config.yaml | 4 ++-- frontend-dev/deployment.yaml | 2 ++ frontend-dev/resourcegroup.yaml | 5 ++++- 5 files changed, 11 insertions(+), 6 deletions(-) diff --git a/frontend-dev/Kptfile b/frontend-dev/Kptfile index a2733d7..eb77a68 100644 --- a/frontend-dev/Kptfile +++ b/frontend-dev/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /frontend ref: bank-of-anthos-pkgs - commit: 55458bfbdcd4fab30e62b12a4e0de319f8de6924 + commit: 08c7473c2b4b641c1efb4a520c39c551b87eda0b info: description: sample description pipeline: diff --git a/frontend-dev/configmap-demo-data.yaml b/frontend-dev/configmap-demo-data.yaml index aba43ae..efcfb33 100644 --- a/frontend-dev/configmap-demo-data.yaml +++ b/frontend-dev/configmap-demo-data.yaml @@ -3,10 +3,10 @@ kind: ConfigMap metadata: # kpt-merge: example/demo-data-config name: demo-data-config namespace: frontend-dev - annotations: - internal.kpt.dev/upstream-identifier: '|ConfigMap|example|demo-data-config' labels: app: frontend + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|demo-data-config' data: USE_DEMO_DATA: "True" DEMO_LOGIN_USERNAME: testuser diff --git a/frontend-dev/configmap-service-config.yaml b/frontend-dev/configmap-service-config.yaml index 3337d4b..714597c 100644 --- a/frontend-dev/configmap-service-config.yaml +++ b/frontend-dev/configmap-service-config.yaml @@ -3,10 +3,10 @@ kind: ConfigMap metadata: # kpt-merge: example/service-api-config name: service-api-config namespace: frontend-dev - annotations: - internal.kpt.dev/upstream-identifier: '|ConfigMap|example|service-api-config' labels: app: frontend + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|example|service-api-config' data: TRANSACTIONS_API_ADDR: ledgerwriter.ledgerwriter-dev:80 BALANCES_API_ADDR: balancereader.balancereader-dev:80 diff --git a/frontend-dev/deployment.yaml b/frontend-dev/deployment.yaml index 303ef9c..a6a508a 100644 --- a/frontend-dev/deployment.yaml +++ b/frontend-dev/deployment.yaml @@ -78,6 +78,8 @@ spec: key: DEMO_OAUTH_REDIRECT_URI name: oauth-config optional: true + - name: ENABLE_METRICS + value: "false" envFrom: - configMapRef: name: environment-config diff --git a/frontend-dev/resourcegroup.yaml b/frontend-dev/resourcegroup.yaml index c069408..5583ab1 100644 --- a/frontend-dev/resourcegroup.yaml +++ b/frontend-dev/resourcegroup.yaml @@ -1,7 +1,10 @@ apiVersion: kpt.dev/v1alpha1 kind: ResourceGroup -metadata: +metadata: # kpt-merge: frontend-dev/inventory-13747058 name: inventory-13747058 namespace: frontend-dev labels: cli-utils.sigs.k8s.io/inventory-id: d2f315ed7cc21c22c704b0e606b50b85466fb5c1-1662613105136819000 + app: frontend + annotations: + internal.kpt.dev/upstream-identifier: kpt.dev|ResourceGroup|frontend-dev|inventory-13747058 From d5121132e5b107996a95bb8f444252e32ab5f046 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 16:03:35 -0700 Subject: [PATCH 59/65] accounts-db-dev: rebased --- accounts-db-dev/Kptfile | 2 +- accounts-db-dev/configmap-demo-data.yaml | 4 +++- accounts-db-dev/configmap-env-config.yaml | 4 +++- accounts-db-dev/package-context.yaml | 7 ++++--- accounts-db-dev/resourcegroup.yaml | 4 +++- 5 files changed, 14 insertions(+), 7 deletions(-) diff --git a/accounts-db-dev/Kptfile b/accounts-db-dev/Kptfile index 0d8e6f1..766190e 100644 --- a/accounts-db-dev/Kptfile +++ b/accounts-db-dev/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /accounts-db ref: bank-of-anthos-pkgs - commit: ec20a32b220a63998476c683e36f6b48912bbf85 + commit: 08c7473c2b4b641c1efb4a520c39c551b87eda0b info: description: sample description pipeline: diff --git a/accounts-db-dev/configmap-demo-data.yaml b/accounts-db-dev/configmap-demo-data.yaml index c5b1d5f..6b9b402 100644 --- a/accounts-db-dev/configmap-demo-data.yaml +++ b/accounts-db-dev/configmap-demo-data.yaml @@ -1,10 +1,12 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: accounts-db-dev/demo-data-config name: demo-data-config namespace: accounts-db-dev labels: app: accounts-db + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|accounts-db-dev|demo-data-config' data: USE_DEMO_DATA: "True" DEMO_LOGIN_USERNAME: testuser diff --git a/accounts-db-dev/configmap-env-config.yaml b/accounts-db-dev/configmap-env-config.yaml index 1059dfe..9be0117 100644 --- a/accounts-db-dev/configmap-env-config.yaml +++ b/accounts-db-dev/configmap-env-config.yaml @@ -1,10 +1,12 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: accounts-db-dev/environment-config name: environment-config namespace: accounts-db-dev labels: app: accounts-db + annotations: + internal.kpt.dev/upstream-identifier: '|ConfigMap|accounts-db-dev|environment-config' data: LOCAL_ROUTING_NUM: "883745000" PUB_KEY_PATH: /tmp/.ssh/publickey diff --git a/accounts-db-dev/package-context.yaml b/accounts-db-dev/package-context.yaml index 633ccd2..5fc136c 100644 --- a/accounts-db-dev/package-context.yaml +++ b/accounts-db-dev/package-context.yaml @@ -1,10 +1,11 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev - annotations: - config.kubernetes.io/local-config: "true" labels: app: accounts-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' data: name: accounts-db-dev diff --git a/accounts-db-dev/resourcegroup.yaml b/accounts-db-dev/resourcegroup.yaml index 1872e59..e024049 100644 --- a/accounts-db-dev/resourcegroup.yaml +++ b/accounts-db-dev/resourcegroup.yaml @@ -1,8 +1,10 @@ apiVersion: kpt.dev/v1alpha1 kind: ResourceGroup -metadata: +metadata: # kpt-merge: accounts-db-dev/inventory-99865161 name: inventory-99865161 namespace: accounts-db-dev labels: cli-utils.sigs.k8s.io/inventory-id: 2aca04e392c4f17d91507bedbcc8719d050a9806-1662581639705790000 app: accounts-db + annotations: + internal.kpt.dev/upstream-identifier: kpt.dev|ResourceGroup|accounts-db-dev|inventory-99865161 From f19f5da047fd8b12a6f85766517e0d8a14c0f1f4 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 16:05:38 -0700 Subject: [PATCH 60/65] balancereader-db-dev: rebased --- balancereader-dev/Kptfile | 2 +- balancereader-dev/configmap-ledger-db.yaml | 1 + balancereader-dev/package-context.yaml | 7 ++++--- balancereader-dev/resourcegroup.yaml | 5 ++++- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/balancereader-dev/Kptfile b/balancereader-dev/Kptfile index 2d56248..c1654ee 100644 --- a/balancereader-dev/Kptfile +++ b/balancereader-dev/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /balancereader ref: bank-of-anthos-pkgs - commit: ab2f631249aecc8f0a5e33675e30198f534c6465 + commit: 08c7473c2b4b641c1efb4a520c39c551b87eda0b info: description: sample description pipeline: diff --git a/balancereader-dev/configmap-ledger-db.yaml b/balancereader-dev/configmap-ledger-db.yaml index 7f3d554..941be54 100644 --- a/balancereader-dev/configmap-ledger-db.yaml +++ b/balancereader-dev/configmap-ledger-db.yaml @@ -12,5 +12,6 @@ data: POSTGRES_USER: db-admin POSTGRES_PASSWORD: db-pwd SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db + # SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.:5432/db SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD diff --git a/balancereader-dev/package-context.yaml b/balancereader-dev/package-context.yaml index d4f123c..d4186e8 100644 --- a/balancereader-dev/package-context.yaml +++ b/balancereader-dev/package-context.yaml @@ -1,10 +1,11 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev - annotations: - config.kubernetes.io/local-config: "true" labels: app: balancereader + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' data: name: balancereader-dev diff --git a/balancereader-dev/resourcegroup.yaml b/balancereader-dev/resourcegroup.yaml index 5171e8e..1ccf079 100644 --- a/balancereader-dev/resourcegroup.yaml +++ b/balancereader-dev/resourcegroup.yaml @@ -1,7 +1,10 @@ apiVersion: kpt.dev/v1alpha1 kind: ResourceGroup -metadata: +metadata: # kpt-merge: balancereader-dev/inventory-52957346 name: inventory-52957346 namespace: balancereader-dev labels: cli-utils.sigs.k8s.io/inventory-id: 2ff98c7dfb36097fb10b38d6b5ee1a178b0dd47c-1662508216914293000 + app: balancereader + annotations: + internal.kpt.dev/upstream-identifier: kpt.dev|ResourceGroup|balancereader-dev|inventory-52957346 From b1cb71475d75eb492a752f17bd734b4ba6615142 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 16:07:54 -0700 Subject: [PATCH 61/65] contacts-dev: rebased --- contacts-dev/Kptfile | 2 +- contacts-dev/configmap-accounts-db.yaml | 1 + contacts-dev/deployment.yaml | 2 ++ contacts-dev/package-context.yaml | 7 ++++--- contacts-dev/resourcegroup.yaml | 5 ++++- 5 files changed, 12 insertions(+), 5 deletions(-) diff --git a/contacts-dev/Kptfile b/contacts-dev/Kptfile index 199545c..c125a4e 100644 --- a/contacts-dev/Kptfile +++ b/contacts-dev/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /contacts ref: bank-of-anthos-pkgs - commit: 5977900d020b2099f1a22b2ece6aed454ed97d29 + commit: 08c7473c2b4b641c1efb4a520c39c551b87eda0b info: description: sample description pipeline: diff --git a/contacts-dev/configmap-accounts-db.yaml b/contacts-dev/configmap-accounts-db.yaml index 4830755..ed38439 100644 --- a/contacts-dev/configmap-accounts-db.yaml +++ b/contacts-dev/configmap-accounts-db.yaml @@ -12,3 +12,4 @@ data: POSTGRES_USER: db-admin POSTGRES_PASSWORD: db-pwd ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db + # ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db diff --git a/contacts-dev/deployment.yaml b/contacts-dev/deployment.yaml index d2b6b79..73f13b8 100644 --- a/contacts-dev/deployment.yaml +++ b/contacts-dev/deployment.yaml @@ -56,6 +56,8 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ENABLE_METRICS + value: "false" envFrom: - configMapRef: name: environment-config diff --git a/contacts-dev/package-context.yaml b/contacts-dev/package-context.yaml index 8135fc7..af48b93 100644 --- a/contacts-dev/package-context.yaml +++ b/contacts-dev/package-context.yaml @@ -1,10 +1,11 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev - annotations: - config.kubernetes.io/local-config: "true" labels: app: contacts + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' data: name: contacts-dev diff --git a/contacts-dev/resourcegroup.yaml b/contacts-dev/resourcegroup.yaml index 8c24346..9cca021 100644 --- a/contacts-dev/resourcegroup.yaml +++ b/contacts-dev/resourcegroup.yaml @@ -1,7 +1,10 @@ apiVersion: kpt.dev/v1alpha1 kind: ResourceGroup -metadata: +metadata: # kpt-merge: contacts-dev/inventory-25467069 name: inventory-25467069 namespace: contacts-dev labels: cli-utils.sigs.k8s.io/inventory-id: 54f04b2035bc09cb760d766533f532e2ef7dedcf-1662613503253545000 + app: contacts + annotations: + internal.kpt.dev/upstream-identifier: kpt.dev|ResourceGroup|contacts-dev|inventory-25467069 From 87f86bf2a906c34bad904a7f9dd9b0c91ae101fe Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 16:09:24 -0700 Subject: [PATCH 62/65] ledger-db-dev: rebased --- ledger-db-dev/Kptfile | 2 +- ledger-db-dev/package-context.yaml | 7 ++++--- ledger-db-dev/resourcegroup.yaml | 4 +++- 3 files changed, 8 insertions(+), 5 deletions(-) diff --git a/ledger-db-dev/Kptfile b/ledger-db-dev/Kptfile index 37eb35b..e8ec782 100644 --- a/ledger-db-dev/Kptfile +++ b/ledger-db-dev/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /ledger-db ref: bank-of-anthos-pkgs - commit: eeae7d23f7a71c0cd91a6bdd0b5c88fd66e84b6c + commit: 08c7473c2b4b641c1efb4a520c39c551b87eda0b info: description: sample description pipeline: diff --git a/ledger-db-dev/package-context.yaml b/ledger-db-dev/package-context.yaml index 8370822..68ae3a4 100644 --- a/ledger-db-dev/package-context.yaml +++ b/ledger-db-dev/package-context.yaml @@ -1,10 +1,11 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev - annotations: - config.kubernetes.io/local-config: "true" labels: app: ledger-db + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' data: name: ledger-db-dev diff --git a/ledger-db-dev/resourcegroup.yaml b/ledger-db-dev/resourcegroup.yaml index aa0c526..f017c5c 100644 --- a/ledger-db-dev/resourcegroup.yaml +++ b/ledger-db-dev/resourcegroup.yaml @@ -1,7 +1,9 @@ apiVersion: kpt.dev/v1alpha1 kind: ResourceGroup -metadata: +metadata: # kpt-merge: ledger-db-dev/inventory-04233442 name: inventory-04233442 namespace: ledger-db-dev labels: cli-utils.sigs.k8s.io/inventory-id: c253a06522b00c265d26fb2969f981972c5836d5-1662582878972770000 + annotations: + internal.kpt.dev/upstream-identifier: kpt.dev|ResourceGroup|ledger-db-dev|inventory-04233442 From 561b6b83b7f4ec0ffab6389b3e07c979283fe846 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 16:12:44 -0700 Subject: [PATCH 63/65] ledgerwriter-dev: rebased --- ledgerwriter-dev/Kptfile | 2 +- ledgerwriter-dev/configmap-db-config.yaml | 1 + ledgerwriter-dev/configmap-service-config.yaml | 2 +- ledgerwriter-dev/deployment.yaml | 3 ++- ledgerwriter-dev/package-context.yaml | 7 ++++--- ledgerwriter-dev/resourcegroup.yaml | 5 ++++- 6 files changed, 13 insertions(+), 7 deletions(-) diff --git a/ledgerwriter-dev/Kptfile b/ledgerwriter-dev/Kptfile index 9036fe5..453a28a 100644 --- a/ledgerwriter-dev/Kptfile +++ b/ledgerwriter-dev/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /ledgerwriter ref: bank-of-anthos-pkgs - commit: b6c291942386f40bd00e67d8b1f8508c14ce6c10 + commit: 08c7473c2b4b641c1efb4a520c39c551b87eda0b info: description: sample description pipeline: diff --git a/ledgerwriter-dev/configmap-db-config.yaml b/ledgerwriter-dev/configmap-db-config.yaml index 0150937..bb4d4e1 100644 --- a/ledgerwriter-dev/configmap-db-config.yaml +++ b/ledgerwriter-dev/configmap-db-config.yaml @@ -12,5 +12,6 @@ data: POSTGRES_USER: db-admin POSTGRES_PASSWORD: db-pwd SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db + # SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD diff --git a/ledgerwriter-dev/configmap-service-config.yaml b/ledgerwriter-dev/configmap-service-config.yaml index 1fbd540..0d9d032 100644 --- a/ledgerwriter-dev/configmap-service-config.yaml +++ b/ledgerwriter-dev/configmap-service-config.yaml @@ -12,4 +12,4 @@ data: BALANCES_API_ADDR: balancereader.balancereader-dev:80 HISTORY_API_ADDR: transactionhistory.transactionhistory-dev:80 CONTACTS_API_ADDR: contacts.contacts-dev:80 - USERSERVICE_API_ADDR: userservice.userservice-dev:80 \ No newline at end of file + USERSERVICE_API_ADDR: userservice.userservice-dev:80 diff --git a/ledgerwriter-dev/deployment.yaml b/ledgerwriter-dev/deployment.yaml index 6dccc54..5f00748 100644 --- a/ledgerwriter-dev/deployment.yaml +++ b/ledgerwriter-dev/deployment.yaml @@ -51,7 +51,6 @@ spec: value: "false" - name: ENABLE_METRICS value: "false" - # tell Java to obey container memory limits - name: JVM_OPTS value: -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Xms256m -Xmx512m # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. @@ -88,6 +87,8 @@ spec: limits: cpu: 500m memory: 512Mi + livenessProbe: + httpGet: {} volumes: # droot: should this be part of the base-app ? - name: keys diff --git a/ledgerwriter-dev/package-context.yaml b/ledgerwriter-dev/package-context.yaml index a270633..95f0d1e 100644 --- a/ledgerwriter-dev/package-context.yaml +++ b/ledgerwriter-dev/package-context.yaml @@ -1,10 +1,11 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev - annotations: - config.kubernetes.io/local-config: "true" labels: app: ledgerwriter + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' data: name: ledgerwriter-dev diff --git a/ledgerwriter-dev/resourcegroup.yaml b/ledgerwriter-dev/resourcegroup.yaml index c634efe..b0d5468 100644 --- a/ledgerwriter-dev/resourcegroup.yaml +++ b/ledgerwriter-dev/resourcegroup.yaml @@ -1,7 +1,10 @@ apiVersion: kpt.dev/v1alpha1 kind: ResourceGroup -metadata: +metadata: # kpt-merge: ledgerwriter-dev/inventory-22531502 name: inventory-22531502 namespace: ledgerwriter-dev labels: cli-utils.sigs.k8s.io/inventory-id: 1802fd43d94cc4583d4850ba1edaba5164bb6d48-1662509199816075000 + app: ledgerwriter + annotations: + internal.kpt.dev/upstream-identifier: kpt.dev|ResourceGroup|ledgerwriter-dev|inventory-22531502 From 91fd6cf730f00a7768b53052b79429291f7aff25 Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 16:14:19 -0700 Subject: [PATCH 64/65] transactionhistory-dev: rebased --- transactionhistory-dev/Kptfile | 2 +- transactionhistory-dev/configmap-db-config.yaml | 1 + transactionhistory-dev/package-context.yaml | 7 ++++--- transactionhistory-dev/resourcegroup.yaml | 5 ++++- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/transactionhistory-dev/Kptfile b/transactionhistory-dev/Kptfile index 8811df1..dba9ad8 100644 --- a/transactionhistory-dev/Kptfile +++ b/transactionhistory-dev/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /transactionhistory ref: bank-of-anthos-pkgs - commit: 794ca904d32119dc97d9c7c61a22ac5ba54da596 + commit: 08c7473c2b4b641c1efb4a520c39c551b87eda0b info: description: sample description pipeline: diff --git a/transactionhistory-dev/configmap-db-config.yaml b/transactionhistory-dev/configmap-db-config.yaml index 721fb64..c0a614b 100644 --- a/transactionhistory-dev/configmap-db-config.yaml +++ b/transactionhistory-dev/configmap-db-config.yaml @@ -12,5 +12,6 @@ data: POSTGRES_USER: db-admin POSTGRES_PASSWORD: db-pwd SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db + # SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db.ledger-db-dev:5432/db SPRING_DATASOURCE_USERNAME: db-admin # should match POSTGRES_USER SPRING_DATASOURCE_PASSWORD: db-pwd # should match POSTGRES_PASSWORD diff --git a/transactionhistory-dev/package-context.yaml b/transactionhistory-dev/package-context.yaml index 738591c..c90e31e 100644 --- a/transactionhistory-dev/package-context.yaml +++ b/transactionhistory-dev/package-context.yaml @@ -1,10 +1,11 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev - annotations: - config.kubernetes.io/local-config: "true" labels: app: transactionhistory + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' data: name: transactionhistory-dev diff --git a/transactionhistory-dev/resourcegroup.yaml b/transactionhistory-dev/resourcegroup.yaml index 333cd54..4eb77d0 100644 --- a/transactionhistory-dev/resourcegroup.yaml +++ b/transactionhistory-dev/resourcegroup.yaml @@ -1,7 +1,10 @@ apiVersion: kpt.dev/v1alpha1 kind: ResourceGroup -metadata: +metadata: # kpt-merge: transactionhistory-dev/inventory-44246773 name: inventory-44246773 namespace: transactionhistory-dev labels: cli-utils.sigs.k8s.io/inventory-id: 5f2e51fa06ff172974a6750abd2e15f4d820d42b-1662510089262370000 + app: transactionhistory + annotations: + internal.kpt.dev/upstream-identifier: kpt.dev|ResourceGroup|transactionhistory-dev|inventory-44246773 From 9ffb5c2d91b625bbdd016491283dee4afc8885be Mon Sep 17 00:00:00 2001 From: droot Date: Thu, 8 Sep 2022 16:16:05 -0700 Subject: [PATCH 65/65] userservice-dev: rebased --- userservice-dev/Kptfile | 2 +- userservice-dev/configmap-db-config.yaml | 1 + userservice-dev/deployment.yaml | 4 ++++ userservice-dev/package-context.yaml | 7 ++++--- userservice-dev/resourcegroup.yaml | 5 ++++- 5 files changed, 14 insertions(+), 5 deletions(-) diff --git a/userservice-dev/Kptfile b/userservice-dev/Kptfile index 1ff9c4b..7d9a3cd 100644 --- a/userservice-dev/Kptfile +++ b/userservice-dev/Kptfile @@ -19,7 +19,7 @@ upstreamLock: repo: git@github.com:droot/kpt-samples directory: /userservice ref: bank-of-anthos-pkgs - commit: 4eb19740d844e63f88bcc9dac530d1b6ba2297da + commit: 08c7473c2b4b641c1efb4a520c39c551b87eda0b info: description: sample description pipeline: diff --git a/userservice-dev/configmap-db-config.yaml b/userservice-dev/configmap-db-config.yaml index 2282f3b..9d1e87e 100644 --- a/userservice-dev/configmap-db-config.yaml +++ b/userservice-dev/configmap-db-config.yaml @@ -12,3 +12,4 @@ data: POSTGRES_USER: db-admin POSTGRES_PASSWORD: db-pwd ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db + # ACCOUNTS_DB_URI: postgresql://db-admin:db-pwd@accounts-db.accounts-db-dev:5432/db diff --git a/userservice-dev/deployment.yaml b/userservice-dev/deployment.yaml index d20e11b..359caf9 100644 --- a/userservice-dev/deployment.yaml +++ b/userservice-dev/deployment.yaml @@ -60,6 +60,8 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace + - name: ENABLE_METRICS + value: "false" envFrom: - configMapRef: name: environment-config @@ -79,6 +81,8 @@ spec: limits: cpu: 500m memory: 256Mi + livenessProbe: + httpGet: {} volumes: # droot: should this be part of the base-app ? - name: keys diff --git a/userservice-dev/package-context.yaml b/userservice-dev/package-context.yaml index ec469b2..c4f2e6a 100644 --- a/userservice-dev/package-context.yaml +++ b/userservice-dev/package-context.yaml @@ -1,10 +1,11 @@ apiVersion: v1 kind: ConfigMap -metadata: +metadata: # kpt-merge: /kptfile.kpt.dev name: kptfile.kpt.dev - annotations: - config.kubernetes.io/local-config: "true" labels: app: userservice + annotations: + config.kubernetes.io/local-config: "true" + internal.kpt.dev/upstream-identifier: '|ConfigMap|default|kptfile.kpt.dev' data: name: userservice-dev diff --git a/userservice-dev/resourcegroup.yaml b/userservice-dev/resourcegroup.yaml index 70459c9..0cf85fa 100644 --- a/userservice-dev/resourcegroup.yaml +++ b/userservice-dev/resourcegroup.yaml @@ -1,7 +1,10 @@ apiVersion: kpt.dev/v1alpha1 kind: ResourceGroup -metadata: +metadata: # kpt-merge: userservice-dev/inventory-19648536 name: inventory-19648536 namespace: userservice-dev labels: cli-utils.sigs.k8s.io/inventory-id: b0c9fc5bdb4a0728aea685a250d2fb2e0d592506-1662510690668497000 + app: userservice + annotations: + internal.kpt.dev/upstream-identifier: kpt.dev|ResourceGroup|userservice-dev|inventory-19648536