# admin: # image: registry.dev.k8s.transcity/sds/ui-admin:latest # ports: # - "13001:3000" # depends_on: # api: # condition: service_healthy # environment: # SERVER_PORT: 3000 # SDS_API_URL: "http://api:3000" # KEYCLOAK_URL: "https://keycloak.alpha.k8s.transcity" # KEYCLOAK_AGENTS_REALM: sds-agents # KEYCLOAK_THIRD_PARTY_REALM: sds-third-parties # KEYCLOAK_CUSTOMERS_REALM: sds-customers # KEYCLOAK_RETAILERS_REALM: sds-retailers # NODE_EXTRA_CA_CERTS: /etc/ssl/certs/ca-certificates.crt # healthcheck: # test: ["CMD", "wget", "--spider", "http://127.0.0.1:3000/health"] # interval: 5s # timeout: 2s # retries: 10 # # volumes: # - '/etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt' --- apiVersion: apps/v1 kind: Deployment metadata: name: sds-ui-admin spec: replicas: 1 selector: matchLabels: app.kubernetes.io/instance: sds-ui-admin app.kubernetes.io/name: sds-ui-admin template: metadata: labels: app.kubernetes.io/instance: sds-ui-admin app.kubernetes.io/name: sds-ui-admin spec: containers: - name: api image: registry.dev.k8s.transcity/sds/ui-admin:latest imagePullPolicy: Always env: - name: SERVER_PORT value: "3000" - name: SDS_API_URL value: "http://sds-api:3000" - name: KEYCLOAK_URL value: "https://keycloak.alpha.k8s.transcity" - name: KEYCLOAK_AGENTS_REALM value: sds-agents - name: KEYCLOAK_AGENTS_CLIENT_ID value: sds-ui-admin - name: KEYCLOAK_THIRD_PARTY_REALM value: sds-third-parties - name: KEYCLOAK_THIRD_PARTY_CLIENT_ID valueFrom: secretKeyRef: name: sds-third-parties-api-client-credentials key: clientId - name: KEYCLOAK_THIRD_PARTY_CLIENT_SECRET valueFrom: secretKeyRef: name: sds-third-parties-api-client-credentials key: clientSecret - name: KEYCLOAK_CUSTOMERS_REALM value: sds-customers - name: KEYCLOAK_CUSTOMERS_CLIENT_ID valueFrom: secretKeyRef: name: sds-customers-api-client-credentials key: clientId - name: KEYCLOAK_CUSTOMERS_CLIENT_SECRET valueFrom: secretKeyRef: name: sds-customers-api-client-credentials key: clientSecret - name: KEYCLOAK_RETAILERS_REALM value: sds-retailers - name: KEYCLOAK_RETAILERS_CLIENT_ID valueFrom: secretKeyRef: name: sds-retailers-api-client-credentials key: clientId - name: KEYCLOAK_RETAILERS_CLIENT_SECRET valueFrom: secretKeyRef: name: sds-retailers-api-client-credentials key: clientSecret - name: NODE_EXTRA_CA_CERTS value: /etc/ssl/certs/ca-certificates.crt ports: - name: http containerPort: 3000 readinessProbe: exec: command: [ "wget", "-O", "/dev/null", "-q", "http://127.0.0.1:3000/health" ] failureThreshold: 3 initialDelaySeconds: 10 periodSeconds: 5 successThreshold: 1 timeoutSeconds: 2 volumeMounts: - name: root-ca-bundle mountPath: /etc/ssl/certs/ca-certificates.crt subPath: ca.crt readOnly: true volumes: - name: root-ca-bundle secret: secretName: root-ca-bundle --- apiVersion: v1 kind: Service metadata: name: sds-ui-admin spec: ports: - name: http port: 3000 targetPort: http selector: app.kubernetes.io/instance: sds-ui-admin app.kubernetes.io/name: sds-ui-admin type: ClusterIP --- apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: sds-ui-admin annotations: cert-manager.io/cluster-issuer: admin cert-manager.io/common-name: admin.sds.alpha.k8s.transcity cert-manager.io/private-key-algorithm: ECDSA forecastle.stakater.com/appName: SDS forecastle.stakater.com/expose: 'true' forecastle.stakater.com/group: Reports forecastle.stakater.com/instance: admin spec: ingressClassName: admin rules: - host: admin.sds.alpha.k8s.transcity http: paths: - backend: service: name: sds-ui-admin port: name: http path: / pathType: Prefix tls: - hosts: - admin.sds.alpha.k8s.transcity secretName: sds-ui-tls