Skip to content

Commit

Permalink
Merge pull request #33 from WISVCH/events-path
Browse files Browse the repository at this point in the history 
WIP: Move events from events.wisv.ch to ch.tudelft.nl/events
  • Loading branch information
@JoepdeJong
JoepdeJong authored Nov 2, 2023
2 parents ae82bf3 + c97d65a commit 837da29
Show file tree
Hide file tree
Showing 6 changed files with 224 additions and 93 deletions.
170 changes: 170 additions & 0 deletions apps/events/deploy.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,170 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: events
namespace: default
labels:
app: events
spec:
replicas: 1
selector:
matchLabels:
app: events
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
template:
metadata:
labels:
app: events
spec:
serviceAccountName: events
containers:
- name: events
image: ghcr.io/wisvch/events:20231012-2728d29 # {"$imagepolicy": "flux-system:events"}
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8080
protocol: TCP
livenessProbe:
httpGet:
path: /events/actuator/health/liveness
port: http
initialDelaySeconds: 15
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 5
readinessProbe:
httpGet:
path: /events/actuator/health/readiness
port: http
initialDelaySeconds: 15
periodSeconds: 20
successThreshold: 1
timeoutSeconds: 5
env:
- name: MANAGEMENT_CONTEXT_PATH
value: /management
- name: MANAGEMENT_ENDPOINTS_ENABLED
value: "false"
- name: MANAGEMENT_ENDPOINTS_HEALTH_ENABLED
value: "true"
- name: SERVER_PORT
value: "8080"
- name: SERVER_SERVLET_CONTEXT_PATH
value: /events/
- name: SERVER_FORWARD_HEADERS_STRATEGY
value: "FRAMEWORK"
- name: SERVER_ADDRESS
value: "0.0.0.0"
- name: SPRING_MAIL_HOST
valueFrom:
secretKeyRef:
name: mail
key: host
- name: SPRING_MAIL_PORT
valueFrom:
secretKeyRef:
name: mail
key: port
- name: SPRING_MAIL_USERNAME
valueFrom:
secretKeyRef:
name: mail
key: username
- name: SPRING_MAIL_PASSWORD
valueFrom:
secretKeyRef:
name: mail
key: password
- name: SPRING_MAIL_PROPERTIES_MAIL_SMTP_AUTH
value: "true"
- name: SPRING_MAIL_PROPERTIES_MAIL_SMTP_STARTTLS_ENABLE
value: "true"
- name: SPRING_PROFILES_ACTIVE
value: production
- name: SPRING_HTTP_MULTIPART_MAX_FILE_SIZE
value: 5mb
- name: JAVA_OPTS
value: -Xms128m -Xmx192m
- name: SPRING_DATASOURCE_USERNAME
valueFrom:
secretKeyRef:
name: postgres
key: username
- name: SPRING_DATASOURCE_PASSWORD
valueFrom:
secretKeyRef:
name: postgres
key: password
- name: SPRING_DATASOURCE_URL
value: jdbc:postgresql://127.0.0.1:5432/events
- name: SPRING_JPA_HIBERNATE_HB2MDDL_AUTO
value: validate
- name: SPRING_JPA_GENERATE_DDL
value: "false"
- name: SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_WISVCHCONNECT_ISSUER_URI
value: https://connect.ch.tudelft.nl
- name: SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_WISVCHCONNECT_CLIENTURI
value: https://ch.tudelft.nl/events
- name: SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_WISVCHCONNECT_CLIENT_ID
value: events-cloud
- name: SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_WISVCHCONNECT_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: events
key: connect-client-secret
- name: SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_WISVCHCONNECT_SCOPE
value: openid, profile, email, auth
- name: SPRING_FLYWAY_ENABLED
value: "true"
- name: SPRING_FLYWAY_SCHEMAS
value: event
- name: SPRING_FLYWAY_TABLE
value: schema_version
- name: TZ
value: Europe/Amsterdam
- name: WISVCH_CONNECT_ADMIN_GROUPS
value: chbeheer,dienst2,epa,vc
- name: WISVCH_CONNECT_BETA_USERS
value: joepj,juliand,danys
- name: WISVCH_CONNECT_CLAIM_NAME
value: google_groups
- name: WISVCH_EVENTS_IMAGE_PATH
value: https://ch.tudelft.nl/events/api/v1/documents/
- name: MOLLIE_CLIENTURI
value: https://ch.tudelft.nl/events
- name: MOLLIE_APIKEY
valueFrom:
secretKeyRef:
name: events
key: mollie-key
- name: LINKS_GTC
value: "https://ch.tudelft.nl/wp-content/uploads/Deelnemersvoorwaarden_versie_12_06_2023.pdf"
- name: LINKS_PASSES
value: "http://passes.default.svc.cluster.local./passes"
resources:
limits:
memory: 512Mi
requests:
cpu: 50m
memory: 150Mi
- name: cloud-sql-proxy
image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.0.0
args:
- "--structured-logs"
- "--private-ip"
- "--port=5432"
- "-i" # Enables automatic authentication through the serviceaccount
- "wisvch:europe-west4:geurt"
securityContext:
runAsNonRoot: true
resources:
limits:
memory: 200Mi
requests:
cpu: 20m
memory: 100Mi
25 changes: 25 additions & 0 deletions apps/events/httproute.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,25 @@
apiVersion: gateway.networking.k8s.io/v1beta1
kind: HTTPRoute
metadata:
name: events-wisvch-redirect
namespace: default
spec:
parentRefs:
- kind: Gateway
namespace: gateway-infra
name: gateway
hostnames:
- events.wisv.ch
rules:
- matches:
- path:
type: PathPrefix
value: /
- filters:
- type: RequestRedirect
requestRedirect:
hostname: ch.tudelft.nl
path:
type: ReplacePrefixMatch
replacePrefixMatch: /events
statusCode: 302
4 changes: 3 additions & 1 deletion apps/events/kustomization.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,5 +2,7 @@ apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- image.yaml
- release.yaml
- service.yaml
- deploy.yaml
- httproute.yaml
- serviceaccount.yaml
82 changes: 0 additions & 82 deletions apps/events/release.yaml
View file

This file was deleted.

16 changes: 16 additions & 0 deletions apps/events/service.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
apiVersion: v1
kind: Service
metadata:
name: events
labels:
app: events
namespace: default
spec:
type: ClusterIP
ports:
- name: http
protocol: TCP
port: 80
targetPort: http
selector:
app: events
20 changes: 10 additions & 10 deletions secrets/events.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,9 @@ metadata:
name: events
namespace: default
stringData:
connect-client-secret: ENC[AES256_GCM,data:yqsd/ihj0Usa6CR0DOLBKcMmkcSZzl4wjjnDXtf1trVi5vnqMOyswBXM/td3buB085CExGXt93acWPJBAyzHDzrQ/XT6f+xfj9J+A//02F3HVkh5790=,iv:EfjR1JxIiBuM6iFx8+KeHNkDVO95d7sS30R9WsMMKhg=,tag:7O6hJZdEXYfOCPmoz5HSTA==,type:str]
mollie-key: ENC[AES256_GCM,data:TB7p8T/NONcQVxmEWpA3tWldh7nobrzYgdJI+OWbOLgETSU=,iv:zmE8yFsMkWSvLN9rgHVPxqOCG52C3RUOTK2gu/OZ8pI=,tag:L/qzNyCuly6kksLtNArBDQ==,type:str]
connect-client-id: ENC[AES256_GCM,data:VJgoUOBAhlLd5GvSMg9ekqNvRwgIFPV1QYUbxxaatuGdcGQl,iv:4lZ4YU+Qhe7BmRswiPjppjw21HesWKfPIY6vRv8MYnQ=,tag:kZ1xIVCUGkJD5RDHa6VSXw==,type:str]
mollie-key: ENC[AES256_GCM,data:9Gh8WJDOAnd5snrmy4PWuUvZ0Aj7icDa2imgKOvMeUulRKs=,iv:65nCJjjkqr+ETn6n+PKoAjadDs7xgRfwVmS8b4/GVJs=,tag:PvffCZSguBs9a6ecqZDN2A==,type:str]
connect-client-secret: ENC[AES256_GCM,data:5HZkXke8SrjyshRqUoUOQ79j08q0gCl6ZTowcLtosjuIV7asTTBUblgDDzQZTG0PwohGC1gL+qCAMPxAbyAnU1kyoVCdkfy9TCy52PoHEN8bfWQGvWI=,iv:1/uHslLNEh0Y2i/1y0fgMYpxtN+/70Gsj0FqU4RqyVg=,tag:72X8Tb2pj8NVg9ZkoRq9uA==,type:str]
connect-client-id: ENC[AES256_GCM,data:jdBGd+SgTbVI5AIMZFsbdUZVBjsI5WGgIm4jnAlTekVMrtJG,iv:qpFXNlAe5+MW9DmxGQq2Jj2iY7FR+Jso4jwRgMnO3WM=,tag:vmJFrZfAD45klD6JJXUkyg==,type:str]
sops:
kms: []
gcp_kms: []
Expand All @@ -16,14 +16,14 @@ sops:
- recipient: age1ug2fepnvaqsfpn7t5gjjh2l0j8074jwh9h50pnjcjxn08v8pp3xq7ymxn2
enc: |
-----BEGIN AGE ENCRYPTED FILE-----
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBXTUt5OFVhTWppS2R3QmhI
MFQ0aituc1BjVy9ZdUQ2U2JrOWFySURCOFh3CmFjUkRldmc0RkpKbEZiWFVhL1li
YmhsdktmRmphUGU1d1pLVDYzcCtZTDgKLS0tIGg0dnQ0a3p1V0xqdkFEUUxERFFq
bGxlTlFGSWk3V3JwMXVOZmt5V3RES28KJpSI9Fn4pM7rrP/llGoGEFinZTVYeWqP
6lhZGfRZddJYllB8nI7cDxjxM8Ch3cUrbSpWUdS7zqOVguXx3yw49A==
YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBqTHlURFRuTEV1VmNNMEJm
ZHlMSjBFaFVJbUFaS3VBRFlHNnF2bU42c1RNCmxBYVVZVUJLUXEvY0dwZmlTMyt0
d0VFWGYwSWxCVlFJbHhjUlVkcHFaRTgKLS0tIHc2MTBWQlRQTEhnUmpFRjU2Y0Zv
OVEyS2ZPWnpjbjBZUTVJbXMrRHFBWVEKeYBk6tdzeM1zn59z6weunuYkzQkr4TzO
XWcjQGAL6IXrEjqscSeYe15Zblc1WOYlITFXkbZmSIGQjAxVi3mv1A==
-----END AGE ENCRYPTED FILE-----
lastmodified: "2022-12-20T17:05:16Z"
mac: ENC[AES256_GCM,data:EmyRm3b7Bu9IAQ2dPI5mCj7bmBIysupb/xSp8ZInwQSmAo8rElY1RTIWAS84gSKRgYyyFxaQIPB+Ucf9obCyHfFHbyxzpZOGqsYv6RwWpOEGK+XUP2A51kocRGM3Nojx5/grFs42lRX7xHYcLW9tCG5wsikOtwVWVHKjxlaj1nU=,iv:90pCKLvBNW3sqfdnT22kjH1QCMMlQ/8RRMDHY/4iegk=,tag:eh2N/uSSjuaGB1lsP14u2A==,type:str]
lastmodified: "2023-11-02T18:21:12Z"
mac: ENC[AES256_GCM,data:pM5J/HndzEvalSNSujR5PEzCsQ8rxNiT57SO10NT5QP84sVeSaqA6vsLzvwq4mV4vHEwLFPRgomTEYqqZBj2v+v8fueGYOCp0MHUg8CQtA/G4DoOXJSRObcftOWZVAi/4X1++052efuOT4i39edL61t8/gkgkmCG/yRyehQcgHo=,iv:f71qNqN39JK1T9bbZSHmToLZXqI/2X5AAjC5LFauBVQ=,tag:xaG2PbKQIhhUypnYKS871g==,type:str]
pgp: []
encrypted_regex: ^(data|stringData)$
version: 3.7.3

0 comments on commit 837da29

Please sign in to comment.