add k8s directory

shabrul2451 · shabrul2451 · commit 91e65d6814d0 · 2022-01-27T13:41:54.000+06:00
diff --git a/k8s/configmap.yml b/k8s/configmap.yml
@@ -0,0 +1,24 @@
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: klovercloud-security-envar-config
+  namespace: klovercloud
+data:
+  RUN_MODE: "PRODUCTION"
+  MONGO_SERVER: "kcprod-mongodb-0.kcprod-mongodb-svc.klovercloud.svc.cluster.local"
+  MONGO_PORT: "27017"
+  DATABASE_NAME: "klovercloud-security"
+  SERVER_PORT: "8080"
+  DEVELOPER_ALIAS: "klovercloud"
+  REGULAR_TOKEN_LIFETIME: "300000"
+  CTL_TOKEN_LIFETIME: "311040000000"
+  PRIVATE_KEY: "-----BEGIN RSA PRIVATE KEY-----\nMIIJKgIBAAKCAgEA1t9z/Ev9r8LwVVuwd34S0+5i8ngfwVivpZM4TJgyiHW85g5k\nPoxzXPu3XE6OBvclYsAK1Ue0k6ANO04UG/cgSm7PagQyb0Jjw+II4EnshzHeXsLn\n3ETtTZC3LmT3C8MztJhhux+kldvdKJAl9PH7Ltf0CqQ9KYxqa3HZUaBZk99IE9OV\nekPM2xYl+UPolf/E+4UXE4YKSUl6JcZf2nRZYVJGIZSEK9hIwhFotDHELryZSF0S\n8kJqHFlN3AYa8noMZCGO/hM5+SS4MFwCSlMxhcpLdprxVCDotqQnGM0qqX2+y7Mt\nFU9ZCEa8BiD+zeBRhzMZCZb1yyraxGQYm26Tagl+eR2NQQPmnhlvKpZn0QjaPznY\nVmf/gSXr9XufJ5q4fcSScGX+y9Es6g1i6jf3559gSgQy3TvaY12Yq0ROf/CJjChJ\nzoyPIW3isitC+78vSRmmPB5//6AQjq6Tlqw5/CUDZYqjAvEojvwR3hjlunOSWqvI\nXPFeHXoHs2WNYUrWxtUBy9ABPw+1QOBxwQ7C7MG0XaA/gvV0+hf5SDfwndQ8tob+\n/eiMMJPGQ7Ex/fA6Sro3EQOoR0KrJeaPRdI223gJq0CZ9pZMTPA11dK1KZwoYeBj\nMbgEDNkNIaww49rzr4VJS+g5nBCyQIoulR5mJRyV9C+AU/FNy1OYlOJE7QkCAwEA\nAQKCAgEAiKNB818zbDBPekg7GFFwkZpXC489ykqmL2lF9NcX01TjkXv3XRsdRTTA\nbg96G43QFVK/0M6vUu0FXQASo5Hr08lRVj5jAAM8w9SaBl6b7YDVwna40IZ4TMnI\n4tTLkIxJ9f6srzy5AZ71rRS1PmUecLRc+ONmDWTAS6DzLAgGzpS/FfSHal9xBqS3\n8yGu5qvlzHfeq8iiA+aYqSrTy2wPZmbWOAZkYilAY0CEz4mSEpJV+wFMygdXyL01\nWMP9INJhzM7WSlVZmUgzZHUt86uho0133W08J15h/bq3LftRtMREru46rgFuQWgR\nqugSgEK0NYBV3JZFqTOQODDawQR48lvG8cq72pkstaNj9IGcMOkQcQ0E71ooiHyw\nLGM6lI79YrHgyyFija6EwGAZPUspDgCCfJ0adDCO0IdaG5yf4DiFRmKgUZfb1V7o\nmQmfC0xhZTmIXYKTiIpE9ej1dp4IVIZvwsPwvRAlWZNTJ2xMZ44Io7GQmTpvfalR\nq870dkcZxWWY+zuoiKgkCuFTBA8s/+qPJztlYq9Jk2G4T045fFBTZ0u+FoP0HZRq\n3P319vTHM4bwMKv1Zt58PTxJfYLze3lxqFkTYPZcJlNQcorLs6O5bL9VDcJIDvxr\nwR4CE22yuBIUBz9WA6wpuCd575yiuH0aHWD/BW+pncfnZWQIEbECggEBAPAF5v9r\n+rRnUWPFmiUHLuGn1fQ119pGSKHHwFrL+I0igBocga+Eq/tFPjQI2z1HtPWBqEAv\nW1WWBG482wajm2q3IY1l1AJMqd9Z/t1p+1hJL2Jv6m6tSrFTZ0/7sX1vG5hSvl8b\nsEPuXhej5BepBphW85WC7Dstj9VFzgBCUdf3PvohwNZDediTVxKcZrlvDjwJPVxO\nshyzOgPJE3JKQaKWpR9FhE0bC9yXAdTuTyGks5udWl6p3cTkZqpWlbb8niloFtaO\nxapS7zL8QAIu9DcGZ14xOrZxJXX0b7Q4yAaC9Zi9iH9kbxQI0UtCSh4AsUr/Puoo\nhtxbbmo69HFQX60CggEBAOUs+wBYigQXxUE3Yg4q3M8SEAug7oq5/zcNPtGs7x8q\ntyhStCDKvEwzJe5vp3JPep3TqpIfJ3vkhk8jk5tzz7b5LYpU2cq4IWGkjuaTK8kl\n8EVVeASfrydHrzk5fVYQRMOhFgMU3VtJTc1b5/XyoLZ6iJtaQ/rUqbkuGaePTIj+\nNGJ+MhngJLTtDfuSuEkrs3nvcn05cPjrNbxWFqUG4NFJ7cH9fHgvSiV2iqdAphkd\nFe+qTrbLi3rewsUurr1tax7SODA0fq9J+TpwyoroHyZC1VWB+uR4c5F+kdsN0Ih7\n63kMiECbtcXqQdyepEPJXraWZ3WvIuka/qEO3lIlfk0CggEBAIZ0R/o9GquEVOt2\n/epQI8r0ob2zi78SMA2wP+ic6hblhK0b2unfgBe5qiar72RcjtoYT4/k91zyNHks\nTeViMOWOwJTcve6r01zypPqTK+FA3fJejwyAtp6vAeikLcD+RI8HiuzsLclf9gV4\nIYW/gZpE2x6dwIdF9pSaDdPHUuGP9w9XaRadpdvUbapXQpQNygOHiX/z9YJuQ8lr\nEiGrxyi1CrqBzqMCy5o+XSBSfrFx+crqUn1E2p448+nnpuZijJbVYDXAtKm825HM\nDG8srlFEnRL+sM0ShNGWpBxo0mQTaFCvm48BS9gFOHjYIXy9FpPUeAHjweger7OC\nYvw28eECggEBAM9RD4dSkRf+wOysQ0H5uGKCPo2meeR5Ocz9aHSZcn/JToNlvZlk\njU6JfqjhzKJ2D8AyuL0S/c7v/igdUOxxqdgmNfJLq/Hc/CWuja88N4HxlhfCp53X\nLsXj7TlhLmbqtKocUSNcfpqUB5PcrkwpvwUUd/vBfnmsZBUnBQI1edD71Tu8WWpb\nABnD0MBiC9/1bpjB6doqWm5zqNrFLhr/y+TIchLpUu4OKY8WW3vN2fQiAbQbZrWq\nEHWIir2B64VlNGBfX4EMHAZKbvFVE4TxUyxzjTWbLfH8nN9jlmKJbrnpEC0jDycT\nNS7jKc2AnazMv6eBC/rEAlrJlsrv/mJllIkCggEAMCj6bYz7mQoCABfFFSuljLOM\nGjkqU2dYkvo+kd3yFwwqAg5vpYQsa/Wm/Tman3WCJ5Nv2zcQPKkOHF11tDdMzD1k\nw0JoOSEAu0TmRQXo6HSh8NFqZgGEwELDkI15Qk8VEFhsjKpViL2wGZsMHbdygWy/\nTM+4XOviSy2q1H31ACULNQBMPbK09NtgPVrF71TLUzBC8FA29yT2w4LdyxvTY0Bw\nFTmz3TuRXaT8eZXvJtlmXBlcd5O8vY4YAu8obW6CKRHNtHgQEUqjdKn7G4C6QtsU\nL0om7TA3KDLirHySAedn0i2XlvYSRGa+Xoy9PkOubSR/W8MvnUh+5aSLA4fnzQ==\n-----END RSA PRIVATE KEY-----\n"
+  PUBLIC_KEY: "-----BEGIN RSA PUBLIC KEY-----\nMIICCgKCAgEA1t9z/Ev9r8LwVVuwd34S0+5i8ngfwVivpZM4TJgyiHW85g5kPoxz\nXPu3XE6OBvclYsAK1Ue0k6ANO04UG/cgSm7PagQyb0Jjw+II4EnshzHeXsLn3ETt\nTZC3LmT3C8MztJhhux+kldvdKJAl9PH7Ltf0CqQ9KYxqa3HZUaBZk99IE9OVekPM\n2xYl+UPolf/E+4UXE4YKSUl6JcZf2nRZYVJGIZSEK9hIwhFotDHELryZSF0S8kJq\nHFlN3AYa8noMZCGO/hM5+SS4MFwCSlMxhcpLdprxVCDotqQnGM0qqX2+y7MtFU9Z\nCEa8BiD+zeBRhzMZCZb1yyraxGQYm26Tagl+eR2NQQPmnhlvKpZn0QjaPznYVmf/\ngSXr9XufJ5q4fcSScGX+y9Es6g1i6jf3559gSgQy3TvaY12Yq0ROf/CJjChJzoyP\nIW3isitC+78vSRmmPB5//6AQjq6Tlqw5/CUDZYqjAvEojvwR3hjlunOSWqvIXPFe\nHXoHs2WNYUrWxtUBy9ABPw+1QOBxwQ7C7MG0XaA/gvV0+hf5SDfwndQ8tob+/eiM\nMJPGQ7Ex/fA6Sro3EQOoR0KrJeaPRdI223gJq0CZ9pZMTPA11dK1KZwoYeBjMbgE\nDNkNIaww49rzr4VJS+g5nBCyQIoulR5mJRyV9C+AU/FNy1OYlOJE7QkCAwEAAQ==\n-----END RSA PUBLIC KEY-----\n"
+  MAIL_SERVER_HOST_EMAIL:
+  MAIL_SERVER_HOST_EMAIL_SECRET:
+  SMTP_HOST: "smtp.gmail.com"
+  SMTP_PORT: "587"
+  RESOURCES: "user,pipeline,process,company,repository,application"
+  PERMISSIONS: "CREATE,READ,UPDATE,DELETE"
+  API_SERVER_URL: "http://ci-api-server/api/v1"
+
diff --git a/k8s/deployment.yaml b/k8s/deployment.yaml
@@ -0,0 +1,54 @@
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: klovercloud-security
+  namespace: klovercloud
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: klovercloud-security
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      maxSurge: 2
+      maxUnavailable: 0
+  minReadySeconds: 25
+  template:
+    metadata:
+      labels:
+        app: klovercloud-security
+    spec:
+      terminationGracePeriodSeconds: 60
+      containers:
+        - name: app
+          imagePullPolicy: Always
+          image: klovercloud/service:security-v0.1.0
+          resources:
+            requests:
+              cpu: 66m
+              memory: 256Mi
+            limits:
+              cpu: 200m
+              memory: 256Mi
+          envFrom:
+            - secretRef:
+                name: klovercloud-mongo-secret
+            - configMapRef:
+                name: klovercloud-security-envar-config
+          ports:
+            - containerPort: 8080
+          readinessProbe:
+            httpGet:
+              path: /health
+              port: 8080
+            initialDelaySeconds: 30
+            periodSeconds: 10
+          livenessProbe:
+            httpGet:
+              path: /health
+              port: 8080
+            initialDelaySeconds: 30
+            periodSeconds: 10
+      imagePullSecrets:
+        - name: regcred-dh
diff --git a/k8s/mongo-secret.yml b/k8s/mongo-secret.yml
@@ -0,0 +1,9 @@
+apiVersion: v1
+kind: Secret
+metadata:
+  name: klovercloud-mongo-secret
+  namespace: klovercloud
+type: Opaque
+stringData:
+  MONGO_USERNAME: root
+  MONGO_PASSWORD: admin123
diff --git a/k8s/service.yaml b/k8s/service.yaml
@@ -0,0 +1,15 @@
+apiVersion: v1
+kind: Service
+metadata:
+  name: klovercloud-security
+  namespace: klovercloud
+  labels:
+    app: klovercloud-security
+spec:
+  ports:
+    - name: http-rest
+      port: 80
+      protocol: TCP
+      targetPort: 8080
+  selector:
+    app: klovercloud-security
