admin/ircs-prod-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9e326c375ab133061d69946f64d0ed9c345a6679
ircs-prod-config/ircs-prod/core/manifests/frontend-bff.yaml
T
Prodiglagla 9e326c375a chore: restore independent prod gitops config
2026-06-15 18:10:47 +08:00

235 lines
6.6 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: ircs-portal-bff
namespace: ircs-prod
labels:
app: ircs-portal-bff
app.kubernetes.io/part-of: ircs
environment: prod
annotations:
ircs.prodigalgal.com/no-public-route: "true"
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: ircs-portal-bff
template:
metadata:
labels:
app: ircs-portal-bff
app.kubernetes.io/part-of: ircs
environment: prod
annotations:
ircs.prodigalgal.com/no-public-route: "true"
ircs.prodigalgal.com/config-version: "bff-prod-targets-20260614-1"
spec:
imagePullSecrets:
- name: registry-secret
containers:
- name: app
image: registry.mnnu.eu.org/ircs/ircs-portal-bff:sha-de9957f9ced5
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8080
envFrom:
- configMapRef:
name: ircs-prod-app-config
env:
- name: SPRING_APPLICATION_NAME
value: ircs-portal-bff
- name: SPRING_DATASOURCE_URL
valueFrom:
configMapKeyRef:
name: ircs-prod-app-config
key: DB_URL
- name: SPRING_DATASOURCE_USERNAME
value: postgres
- name: SPRING_DATASOURCE_PASSWORD
valueFrom:
secretKeyRef:
name: ircs-prod-secrets
key: DB_PASSWORD
- name: APP_IDENTITY_JWT_SECRET
valueFrom:
secretKeyRef:
name: ircs-prod-secrets
key: APP_IDENTITY_JWT_SECRET
optional: true
- name: APP_BFF_AUDIT_ENABLED
value: "true"
- name: IRCS_OUTBOUND_CIRCUIT_PORTAL_BFF_PROXY_ENABLED
value: "true"
- name: IRCS_OUTBOUND_CIRCUIT_PORTAL_BFF_PROXY_FAILURE_THRESHOLD
value: "5"
- name: IRCS_OUTBOUND_CIRCUIT_PORTAL_BFF_PROXY_OPEN_DURATION_MS
value: "30000"
- name: IRCS_OUTBOUND_CIRCUIT_PORTAL_BFF_PROXY_HALF_OPEN_MAX_CALLS
value: "1"
startupProbe:
httpGet:
path: /actuator/health/liveness
port: http
failureThreshold: 30
periodSeconds: 5
readinessProbe:
httpGet:
path: /actuator/health/readiness
port: http
periodSeconds: 10
livenessProbe:
httpGet:
path: /actuator/health/liveness
port: http
periodSeconds: 30
resources:
requests:
cpu: 20m
memory: 128Mi
limits:
cpu: 250m
memory: 384Mi
---
apiVersion: v1
kind: Service
metadata:
name: ircs-portal-bff
namespace: ircs-prod
labels:
app: ircs-portal-bff
app.kubernetes.io/part-of: ircs
environment: prod
spec:
type: ClusterIP
selector:
app: ircs-portal-bff
ports:
- name: http
port: 8080
targetPort: http
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: ircs-admin-bff
namespace: ircs-prod
labels:
app: ircs-admin-bff
app.kubernetes.io/part-of: ircs
environment: prod
annotations:
ircs.prodigalgal.com/no-public-route: "true"
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: ircs-admin-bff
template:
metadata:
labels:
app: ircs-admin-bff
app.kubernetes.io/part-of: ircs
environment: prod
annotations:
ircs.prodigalgal.com/no-public-route: "true"
ircs.prodigalgal.com/config-version: "bff-prod-targets-20260614-1"
spec:
imagePullSecrets:
- name: registry-secret
containers:
- name: app
image: registry.mnnu.eu.org/ircs/ircs-admin-bff:sha-de9957f9ced5
imagePullPolicy: IfNotPresent
ports:
- name: http
containerPort: 8080
envFrom:
- configMapRef:
name: ircs-prod-app-config
env:
- name: SPRING_APPLICATION_NAME
value: ircs-admin-bff
- name: SPRING_DATASOURCE_URL
valueFrom:
configMapKeyRef:
name: ircs-prod-app-config
key: DB_URL
- name: SPRING_DATASOURCE_USERNAME
value: postgres
- name: SPRING_DATASOURCE_PASSWORD
valueFrom:
secretKeyRef:
name: ircs-prod-secrets
key: DB_PASSWORD
- name: APP_IDENTITY_JWT_SECRET
valueFrom:
secretKeyRef:
name: ircs-prod-secrets
key: APP_IDENTITY_JWT_SECRET
optional: true
- name: APP_BFF_AUDIT_ENABLED
value: "true"
- name: APP_BFF_SERVICE_ID
value: admin-bff
- name: APP_BFF_OPS_SERVICE_TOKEN
valueFrom:
secretKeyRef:
name: ircs-prod-secrets
key: INTERNAL_CREDENTIAL_TOKEN
- name: APP_BFF_OPS_SERVICE_SCOPES
value: ops:read ops:run
- name: IRCS_OUTBOUND_CIRCUIT_ADMIN_BFF_PROXY_ENABLED
value: "true"
- name: IRCS_OUTBOUND_CIRCUIT_ADMIN_BFF_PROXY_FAILURE_THRESHOLD
value: "5"
- name: IRCS_OUTBOUND_CIRCUIT_ADMIN_BFF_PROXY_OPEN_DURATION_MS
value: "30000"
- name: IRCS_OUTBOUND_CIRCUIT_ADMIN_BFF_PROXY_HALF_OPEN_MAX_CALLS
value: "1"
startupProbe:
httpGet:
path: /actuator/health/liveness
port: http
failureThreshold: 30
periodSeconds: 5
readinessProbe:
httpGet:
path: /actuator/health/readiness
port: http
periodSeconds: 10
livenessProbe:
httpGet:
path: /actuator/health/liveness
port: http
periodSeconds: 30
resources:
requests:
cpu: 20m
memory: 128Mi
limits:
cpu: 250m
memory: 384Mi
---
apiVersion: v1
kind: Service
metadata:
name: ircs-admin-bff
namespace: ircs-prod
labels:
app: ircs-admin-bff
app.kubernetes.io/part-of: ircs
environment: prod
spec:
type: ClusterIP
selector:
app: ircs-admin-bff
ports:
- name: http
port: 8080
targetPort: http
Reference in New Issue View Git Blame Copy Permalink