From 860ee7772be26c9052a293f91546376907dd9747 Mon Sep 17 00:00:00 2001 From: Danny Grove Date: Sun, 31 Mar 2024 02:08:56 -0700 Subject: [PATCH] k/invoiceshelf: initial commit --- kustomizations/invoiceshelf/deployment.yaml | 39 ++++++ kustomizations/invoiceshelf/env.enc.yaml | 117 ++++++++++++++++++ kustomizations/invoiceshelf/ingress.yaml | 23 ++++ .../invoiceshelf/kustomization.yaml | 21 ++++ .../invoiceshelf/secret-generator.yaml | 6 + kustomizations/invoiceshelf/service.yaml | 15 +++ 6 files changed, 221 insertions(+) create mode 100644 kustomizations/invoiceshelf/deployment.yaml create mode 100644 kustomizations/invoiceshelf/env.enc.yaml create mode 100644 kustomizations/invoiceshelf/ingress.yaml create mode 100644 kustomizations/invoiceshelf/kustomization.yaml create mode 100644 kustomizations/invoiceshelf/secret-generator.yaml create mode 100644 kustomizations/invoiceshelf/service.yaml diff --git a/kustomizations/invoiceshelf/deployment.yaml b/kustomizations/invoiceshelf/deployment.yaml new file mode 100644 index 0000000..0dda1e2 --- /dev/null +++ b/kustomizations/invoiceshelf/deployment.yaml @@ -0,0 +1,39 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + name: invoiceshelf + labels: + app.kubernetes.io/name: invoiceshelf + app.kubernetes.io/component: server +spec: + selector: + matchLabels: + app.kubernetes.io/name: invoiceshelf + app.kubernetes.io/component: server + template: + metadata: + labels: + app.kubernetes.io/name: invoiceshelf + app.kubernetes.io/component: server + spec: + containers: + - name: invoiceshelf + image: invoiceshelf/invoiceshelf + envFrom: + - secretRef: + name: env + - configMapRef: + name: env + ports: + - name: http + containerPort: 80 + # Create the flag the install check needs to bypass + lifecycle: + postStart: + exec: + command: + - /bin/sh + - -c + - "touch /var/www/html/InvoiceShelf/storage/app/database_created" + securityContext: + allowPrivilegeEscalation: false diff --git a/kustomizations/invoiceshelf/env.enc.yaml b/kustomizations/invoiceshelf/env.enc.yaml new file mode 100644 index 0000000..37ba581 --- /dev/null +++ b/kustomizations/invoiceshelf/env.enc.yaml @@ -0,0 +1,117 @@ +apiVersion: v1 +kind: Secret +metadata: + name: env +stringData: + DB_PASSWORD: ENC[AES256_GCM,data:nHeFXLOI6bMb1hslXLu9xqbMNppGeGzI,iv:rakHQI3iFNgD9gtUX0HdeFG5afP9ln0a+wenqm692T0=,tag:en9KmjYlZ6xzeC0fs9wKzA==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: [] + lastmodified: "2024-03-31T08:56:24Z" + mac: ENC[AES256_GCM,data:ZzOHxHPOpazpvXHeMJfSyrRQoH9pK33eNYpZKvMXii3rQKWVw8dc4C0HyzbXo5ahJzF9RdBopiXW9tchjejfE1JJoC/a7SXYNCS+wn5wj4CQwu7u3ungbVROcluoBe7NiVzDhWz9URjZgkNWwyDWWQN9SXZW5xVqSYhAS7xPJTY=,iv:emHnnakeNRN1yWM7QvhF/7JH4K6GXpzWL78o9HNxPtE=,tag:9PUAOuO05M1RoQADq3f8gQ==,type:str] + pgp: + - created_at: "2024-01-11T20:56:10Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA82rPM2mSf/aARAAvQd7qO44LNyywY03qCXI18cx6nj9mo36ehJyq6wuYhWa + n95jXEsmRbGt2l8cAJrH9sZB3uE5DCfeZMzEiZ9heaAyxzC34BxSGP+4PBdRqp6B + jv7Ej6F9lV70bQYvDDry5ihWRmADEVrnDrs2+pXsMQiui9dZSGB676d2PIdliV6y + StqbyudjWZS6fLv2xy25yxJBfzb27rLh1d2yo/9AEm873bFVn7bXQxwOoud8s8KU + MLsQxE05zDQrzm+RpDU0mYk3X4ByyL0/J0dyipjHErOLhOCk2MZ4xTVW8U+Jefuu + htLAzftc9NGwWHdSVXqfwSWUq/UklzurPdDcA1riEqE4XmE74cdgP0vqHYeGPykh + M67Xcr1WLDk7i/n4EISqnp5qwItfJIxWlEpKNANEMveYggHXUz3wTk7qHwjpIDwG + 7mMfKlL221M1elk1lY60bx//tr2ZqIlN9IXCjOUZOlxlqvYcmie09YbR6tRZAbag + KZcq4s5y5HlVQ10ZUe7eY8qjXMlLVm7N+TJRnfgJrr2+7GTy/wCcx5nwsVBeYm8h + GrHT3PS0CVRA19ynlEqF1jXfqlRMjX0szPIUGb6/7HLiw514otq3KuZmHYAq2TZ2 + HMKncOptoUyfpG252v6NJYQC7yF76tdd5YuykeD40ZOBUULtvUEOZyZVdsaAU9zS + UQHygqf8d16qbh2rWK69Kqmc8DbZHCH/f1IDwekPOsNltQhdgn3lOP7gNSEwI7yV + /qk+5kVHg+Yk0l1K34v5aiWEGrI1SKd1m+nvVW7VcEtufw== + =SjUY + -----END PGP MESSAGE----- + fp: 6B61ECD76088748C70590D55E90A401336C8AAA9 + - created_at: "2024-01-11T20:56:10Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMAw95Vf08z8oUAQ/+OHoip407wu+pF9bWolOK+dViuRhA/X9JUVyQfJer9HM2 + thZUChYerdnUBn674pVUkjS5szch19pdZLeK5/YqUXyWoW1qHUgYgzHHq6JvxXXf + PIC7Q+jCfsmDBGcSJefK9rA5u7S+7rULBZvbMbL7gpCG8cG0aXJBoNLzZ/vva16V + x/3Mn6taKjZX0ACeoQ4ma4HS6kB3Nz280S8PKIQeMuUQQfXNWMAlR2ebleovvmvh + pJtN0T5dMLEImexLFSgfPoU1OQmfrnQR/mWP0W3LtGn2o8EE5LordJSgMuwd5eqv + v+XOHoj5E5O88SO2mIwWY0Oh+6P5pf6PJDL8XLLq+0nm2HZrK1Ip8WvYar9xi/12 + HClde7vk1ESWw9Kdiop6rSj7C7M3dD+95ufG6F3c1XJQkp3H+AlK7aTK3/rx6Dml + FekNVioLC0LjiMZ1ZeVBOtIYoXXyrYE8nQF9E6kkW/o6dajMDo9F0Ck5LWLiES/E + 34bHkP3p+lwOOj0l8PONG/MaP5j2S8v7LjfuMBxcuoo1RhplLJQLUYGvkywmqDK2 + 2t5vqIkpGAxBN6WNgZt0OwcBlPC3PP3JHQ+kIn9Sk3MAR5plCAhkywTHFwoDBe1e + FnlmDyVjgOdtzZl3aNjz7uOiDtpecwPmsxah8ox7H5wOOagAabDhweFXh0IxKKXS + UQH4zAt2MLHWqAAGjFPFiYxb/ugU1R5Qjv6NKw8bWGFOrbexMiA2bCGOGmstxd7G + SU0tn54SBi+wOEDmJGnaZS89ZzGEoRm6LRJ5EJz+a03tTg== + =KOLu + -----END PGP MESSAGE----- + fp: 88823A75ECAA786B0FF38B148E401478A3FBEF72 + - created_at: "2024-01-11T20:56:10Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA0/D4ws+/KPtARAArZ/F2Sh0LIACUnzLO45O0GsesOm4QS/vVEcZ0BDms/fi + Xe4mmJbYTvRIgWfoXpbt79UreBamMFCSpXBPJnx/d2F0s1RHxKvbq7LwNL/qpH3/ + pUJuAbToVTqLyS329YfJVtGtfYRsL0nIyt28wNjz4XudoTfoaaegk+1SSpedT7gW + Wq4ipL3m226yXyTv6DTu61o389TV3H2OR18hawjF6lDfDSCYtNexRCxV3aSqkDU5 + Ik9n9OkWrIgJ0ZM4DJ7U/Ltx9ju89oWCmjBfw6IPSkQGSBMNbTolVHdrFbtsygK4 + FnHRJn75Q7RkrobkrusqypFqu+D9QK2tijOhahFxfdU/S/zWuzfPiKv4m+iwRo5Q + UeJ43uea8DtnfLCIHISh80mqXwhEpulEb73l7y80EdtHuRURlqer4KPmVtV2Q620 + OyLHugmLaqJUXzC6sPyrWBO2tPMqD7JRA34fx5gOVRvyd6KdTc/Pn64/nbqWFcIM + 94VIOdJUGoyDtxLVPu7nttlVddqn0obUmSuSvs1ouTntMkScRS6hNTptxS3BbQZ+ + FDG/mLgArkrEk/2m/+OuxH4teRqDVcwgbKzkZWgZ0RH6k4v2BJSKnTT1S5TOjJg5 + H/RcnMtQeZq0G67fz8uwo3Hqm6FAGBuaWkhtDknNtLEXHaOGE8IIM9L2CeLftq7S + UQGxv6DQZ7PpMjo4LRCyCHNj9ddykRneojKG5cjQxMhTMH2PmamfpB+c2dUSvqin + Ius8vdBiHGuvEwcdJQ3m7cYhkLZWuRgIqGpIrGJX5dvTIw== + =Hi+j + -----END PGP MESSAGE----- + fp: 3D7C8D39E8C4DF771583D3F0A8A091FD346001CA + - created_at: "2024-01-11T20:56:10Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA5Wf+FyJ+zFJAQ//fyZa4Tzetgnur+02xwrfyxuU3Pvh2+NqSwFQCpo+reWo + bO59a5McV5rWnzL59r9XK/SGwBN87JiDFaTvpc2VJnGAxkz6vw5fuXQI7opybVp/ + exqsqtR6lFLaznAi53oeIgBXIg2svOLr5tD6y9eh6eB4rGrbVf8T2N7TlrSal1RT + qoRjtLLZtNXWPMyIGUTjTr4HIUoYvScwQkBhG54R78PXtkW3QfmYJVqXlzTsbKrM + uAdC+Fd7k2ko39s64PPG6QsFFBg81UAz8SvQPfe6b8sv5IaVDBBk8IJ1tORX5/26 + BbXOQLjyqdxHR9/KDeS/wj1e9rpRH3BgHybft0T9vBZyyBZY1dPAisRKXThs/Khb + QZUrEd9tNQqGhJrBEKGQuoY39G6mVOywvi4Amubg4L4VbETOD1CM8MMQFlhWmXDP + k6UYMY4vUt9O9/R8SljZBejO6Y2+smCzC4lDq5W3sBu5P+JnnHCnM0wgRoS1aCpR + tsBIKE1f+rlG+kb6eTGcCCR64H+TK9hT49MtbkFeKUO7rlZkbxqKgYdN/Q1HzCEW + YCYsxzJQo4mqTRQ4PYRvo+9Oo9gGtWY48H09qTGR737qayxA3VpdHepABBHC9nm5 + BogU/3lTH9PzjESZkEckE1sx7QHUs39FiovXDgvsMRt6+wo6Y5L+dKoXU4MszAzS + UQE0UZL7h7N+QvTbujVrarB6A6vVlwjV0gbQJDRXmPw2awJjBvsjGNfLQ0mruwqb + RLB5G2SvQHiILN/ByD3NxhonQ90mPSjmVBfbdsOp6H4woQ== + =J+qg + -----END PGP MESSAGE----- + fp: F4BF5C81EC78A5DD341C91EEDC4B7D1F52E0BA4D + - created_at: "2024-01-11T20:56:10Z" + enc: |- + -----BEGIN PGP MESSAGE----- + + wcFMA8KRInHl7Vz+AQ//USOIJ5cPWOQgcqjauvvccC22wxU7Rp/Bx86ajZFpL6M3 + ns8g3TC4ga8OO2XYjLTHNXPAzPvEE5lskpO+bkDbqRPkkkGeauqupQTtDIMg25kF + ouBPcvCirWvBJ3uiHHKw1hvTMXAIwcdvIyvxP4zK7sWU8OScDw9nNS8uhOLH9wds + J+Y0qWPuxAJrJF8cgLORxjk5BFh5IdOrmijm72+qEHER6qgYgXoVVbGtIixUTcfv + H9TqxHPkeqgMH2QVGEGKGRueoUVWc0FXtVLNRKlZ5VYX+nZUBDdhVjiiG6DBkWtu + BayAhjRFh/oGs4Q+WyozKy/mv1hJvxsRjpyK78wYw0yQVuwfd/X73y2EkQQNquCk + SyzU+C+5+faJpf9HPq2nv1zrUJid1zSv01IE70OsRFAgKXI9thQlx3VIbLTU6RkZ + Bw6BsWoQmanUR3DUzWvL+lhzYLKhVQ9Gf9rPOK0B1XTvntTGgq1zOYQn/FmlhJjc + SJoXgNU+i9F52CGIJ0fTZaw+8+aJ6oL9SLETl4T9Gj/XCpuDUGJAMP++V7YLWsEf + 5tqwHDngm5UJNmqy5vzVbQAIVyLCK868S4xNFRUFwQMCZCHQeW4MhVM5XFE0d0ab + A5MSm8X7HmYgvg+WvXzawyEX3OyAnw1RZ+n+b6w2NN8YLP1kRLjirDS3PbsLybTS + UQHc1/GvEhu+7CSv118mKOyJwOQ6u1KAblmg2yzyhxN6ZvuwNJ9zvSnovSALJHWQ + HSwUH1xcOoL1xQTwJ/+Ha/n1q9i2MqD4uLSP29yYGgdq1A== + =cXXw + -----END PGP MESSAGE----- + fp: C92FE5A3FBD58DD3EC5AA26BB10116B8193F2DBD + encrypted_regex: ^(data|stringData)$ + version: 3.8.1 diff --git a/kustomizations/invoiceshelf/ingress.yaml b/kustomizations/invoiceshelf/ingress.yaml new file mode 100644 index 0000000..a5aa55d --- /dev/null +++ b/kustomizations/invoiceshelf/ingress.yaml @@ -0,0 +1,23 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: invoiceshelf + annotations: + cert-manager.io/cluster-issuer: letsencrypt +spec: + ingressClassName: nginx + rules: + - host: invoice.distrust.co + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: invoiceshelf + port: + name: http + tls: + - hosts: + - invoice.distrust.co + secretName: invoiceshelf-tls diff --git a/kustomizations/invoiceshelf/kustomization.yaml b/kustomizations/invoiceshelf/kustomization.yaml new file mode 100644 index 0000000..192cbbc --- /dev/null +++ b/kustomizations/invoiceshelf/kustomization.yaml @@ -0,0 +1,21 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +commonLabels: + app.kubernetes.io/part-of: invoiceshelf +resources: + - deployment.yaml + - service.yaml + - ingress.yaml +configMapGenerator: + - name: env + literals: + - DB_CONNECTION=mysql + - DB_HOST=distrust-mysql-do-user-11788707-0.c.db.ondigitalocean.com + - DB_USERNAME=crater + - DB_DATABASE=crater + - DB_PORT=25060 +generators: + - secret-generator.yaml +images: + - name: invoiceshelf/invoiceshelf + newTag: 1.1.0@sha256:50787e404725ad4f47462eaf38832d97c627a5d139d51a84f31a9bd90caffb3f diff --git a/kustomizations/invoiceshelf/secret-generator.yaml b/kustomizations/invoiceshelf/secret-generator.yaml new file mode 100644 index 0000000..4dad3a1 --- /dev/null +++ b/kustomizations/invoiceshelf/secret-generator.yaml @@ -0,0 +1,6 @@ +apiVersion: viaduct.ai/v1 +kind: ksops +metadata: + name: invoiceshelf +files: +- ./env.enc.yaml diff --git a/kustomizations/invoiceshelf/service.yaml b/kustomizations/invoiceshelf/service.yaml new file mode 100644 index 0000000..ee80d25 --- /dev/null +++ b/kustomizations/invoiceshelf/service.yaml @@ -0,0 +1,15 @@ +apiVersion: v1 +kind: Service +metadata: + name: invoiceshelf + labels: + app.kubernetes.io/name: invoiceshelf + app.kubernetes.io/part-of: invoiceshelf +spec: + selector: + app.kubernetes.io/name: invoiceshelf + app.kubernetes.io/component: server + ports: + - name: http + port: 80 + targetPort: 80