apiVersion: apps/v1 kind: Deployment metadata: name: ircs-identity-service namespace: ircs-prod labels: app: ircs-identity-service app.kubernetes.io/part-of: ircs environment: prod spec: replicas: 1 strategy: type: Recreate selector: matchLabels: app: ircs-identity-service template: metadata: labels: app: ircs-identity-service app.kubernetes.io/part-of: ircs environment: prod annotations: ircs.prodigalgal.com/no-public-route: "true" spec: imagePullSecrets: - name: registry-secret containers: - name: app image: registry.mnnu.eu.org/ircs/ircs-identity-service:sha-83b2b897d29b imagePullPolicy: IfNotPresent ports: - name: http containerPort: 8080 envFrom: - configMapRef: name: ircs-prod-app-config env: - name: SPRING_APPLICATION_NAME value: ircs-identity-service - name: SPRING_DATASOURCE_URL valueFrom: configMapKeyRef: name: ircs-prod-app-config key: DB_URL - name: SPRING_DATASOURCE_USERNAME value: postgres - name: SPRING_DATASOURCE_PASSWORD valueFrom: secretKeyRef: name: ircs-prod-secrets key: DB_PASSWORD - name: SECURITY_ADMIN_PASSWORD valueFrom: secretKeyRef: name: ircs-prod-secrets key: ADMIN_PASSWORD - name: SPRING_DATASOURCE_HIKARI_MAXIMUM_POOL_SIZE value: "2" - name: SPRING_DATASOURCE_HIKARI_MINIMUM_IDLE value: "0" - name: SPRING_DATASOURCE_HIKARI_IDLE_TIMEOUT value: "30000" - name: SPRING_RABBITMQ_HOST valueFrom: configMapKeyRef: name: ircs-prod-app-config key: RABBITMQ_HOST - name: SPRING_RABBITMQ_USERNAME value: admin - name: SPRING_RABBITMQ_PASSWORD valueFrom: secretKeyRef: name: ircs-prod-secrets key: RABBITMQ_PASSWORD - name: APP_MAIL_ENABLED valueFrom: configMapKeyRef: name: ircs-prod-app-config key: APP_MAIL_ENABLED - name: APP_IDENTITY_EMAIL_VERIFY_ENABLED value: "false" - name: APP_IDENTITY_CONFIG_LISTENER_ENABLED value: "true" - name: APP_IDENTITY_STORAGE_SERVICE_ID value: identity-service - name: APP_IDENTITY_STORAGE_SERVICE_TOKEN valueFrom: secretKeyRef: name: ircs-prod-secrets key: INTERNAL_CREDENTIAL_TOKEN - name: APP_IDENTITY_STORAGE_SERVICE_SCOPES value: storage:avatar - name: IRCS_OUTBOUND_CIRCUIT_IDENTITY_AVATAR_STORAGE_ENABLED value: "true" - name: IRCS_OUTBOUND_CIRCUIT_IDENTITY_AVATAR_STORAGE_FAILURE_THRESHOLD value: "5" - name: IRCS_OUTBOUND_CIRCUIT_IDENTITY_AVATAR_STORAGE_OPEN_DURATION_MS value: "30000" - name: IRCS_OUTBOUND_CIRCUIT_IDENTITY_AVATAR_STORAGE_HALF_OPEN_MAX_CALLS value: "1" startupProbe: httpGet: path: /actuator/health/liveness port: http failureThreshold: 30 periodSeconds: 5 readinessProbe: httpGet: path: /actuator/health/readiness port: http periodSeconds: 10 livenessProbe: httpGet: path: /actuator/health/liveness port: http periodSeconds: 30 resources: requests: cpu: 25m memory: 128Mi limits: cpu: 250m memory: 512Mi --- apiVersion: v1 kind: Service metadata: name: ircs-identity-service namespace: ircs-prod labels: app: ircs-identity-service app.kubernetes.io/part-of: ircs environment: prod spec: type: ClusterIP selector: app: ircs-identity-service ports: - name: http port: 8080 targetPort: http