valitydev/helmsdeep
14
0
Fork 0
mirror of https://github.com/valitydev/helmsdeep.git synced 2024-11-06 08:55:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
cee683d4df
helmsdeep/config/magista/values.yaml.gotmpl
vilorij 07132eea39
Improove (#193) 
* add epic branch with java services

* Introduce analytics (#166)

* Introduce questionary (#175)

* Introduce questionary

* actualize questionary

* actualize questionary

* Introduce claim-management (#173)

* Introduce questionary-aggr-proxy (#176)

* management.endpoint.prometheus.enabled=true

* Change Claim database name for PG compatability

* move CH pasword from template

* Introduce magista (#169)

* Introduce magista-kafka

* Introduce magista-kafka

* Introduce magista-kafka

* Introduce mst

* move kafka comment to the end of file

* actualize magista

* actualize magista

* actualize mgista

* management.endpoint.prometheus.enabled=true

Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
Co-authored-by: vilorij <vilorij@ya.ru>

* fix url in anapi for correct rendering in logs

* Add LE certs issuer to ingress

* erl default templating
disable ServiceMonitor

* new db init

* riak fix ConfigMap

* shortener config templating

* Dashboard fix realm, 404 error and add ingress

* disable SM in hooker

* add objectselector in vault

* Shumway add schema

* add ingress tls variable into defaults.values

* Fistful templatimg erl defaults
typo fix in MG address

* add default realms

* Consuela for MG
add namespace for payouts

* helmfile deps bump

* add fistful-magista

* add payouter

* add columbus

* add columbus

* disable SM

* analitics fix
clickhouse node for analytics

* claimmgmt add

* fix iddqd appconfig mounts

* deanonimus add

* add antifraud

* kafka scale and infinity retention

* KK realms readability
fix password for manager
add roles mapping

* disable consuella for the issues in consul

* typo fix in checkout

* DB for antifraud

* add schema setting for questionary

* shortener fix with KK public key

* HG ingress for iddqd

* Dominant ingress for iddqd

* messages add
disable vault password control because of foreign keys in DB

* papi add

* idkfa add

* dark-api add

* fix hooker DB name
add DB for fraudbusters

* add new services in helmfile and bump deps

* delete useless keycloak values

Co-authored-by: karleowne <a.karlov@rbkmoney.com>
Co-authored-by: Dmitry Skokov <d.skokov@rbkmoney.com>
2021-07-08 04:10:39 +03:00

130 lines
3.2 KiB
YAML
Raw Blame History

# -*- mode: yaml -*-
replicaCount: 1
image:
repository: docker.io/rbkmoney/magista
tag: 84f2ad8875317497db97ee6902bb624e47906164
pullPolicy: IfNotPresent
runopts:
command: ["/opt/magista/entrypoint.sh"]
configMap:
data:
entrypoint.sh: |
{{- readFile "entrypoint.sh" | nindent 6 }}
loggers.xml: |
{{- readFile "loggers.xml" | nindent 6 }}
logback.xml: |
{{- readFile "../logs/logback.xml" | nindent 6 }}
volumes:
- name: config-volume
configMap:
name: {{ .Release.Name }}
defaultMode: 0755
volumeMounts:
- name: config-volume
mountPath: /opt/magista/entrypoint.sh
subPath: entrypoint.sh
readOnly: true
- name: config-volume
mountPath: /opt/magista/logback.xml
subPath: logback.xml
readOnly: true
- name: config-volume
mountPath: /opt/magista/loggers.xml
subPath: loggers.xml
readOnly: true
service:
ports:
- name: api
port: 8022
- name: management
port: 8023
livenessProbe:
httpGet:
path: /actuator/health
port: management
readinessProbe:
httpGet:
path: /actuator/health
port: management
podAnnotations:
vault.hashicorp.com/role: "db-app"
vault.hashicorp.com/agent-inject: "true"
vault.hashicorp.com/agent-inject-secret-application.properties: "database/creds/db-app-magista"
vault.hashicorp.com/agent-inject-template-application.properties: |
{{`{{- with secret "database/creds/db-app-magista" -}}
spring.datasource.url=jdbc:postgresql://postgres-postgresql:5432/magista?sslmode=disable
spring.datasource.username={{ .Data.username }}
spring.datasource.password={{ .Data.password }}
flyway.url=jdbc:postgresql://postgres-postgresql:5432/magista?sslmode=disable
flyway.user={{ .Data.username }}
flyway.password={{ .Data.password }}
{{- end }}`}}
metrics:
serviceMonitor:
enabled: false
namespace: {{ .Release.Namespace }}
additionalLabels:
release: prometheus
endpoints:
- port: "management"
path: /actuator/prometheus
scheme: http
ciliumPolicies:
- filters:
- port: 5432
type: TCP
name: postgres
namespace: {{ .Release.Namespace }}
- filters:
- port: 9092
rules:
kafka:
- role: consume
topics:
- mg-events-invoice
type: TCP
name: kafka
namespace: {{ .Release.Namespace }}
- filters:
- port: 8200
type: TCP
name: vault
namespace: {{ .Release.Namespace }}
- filters:
- port: 8022
type: TCP
name: columbus
namespace: {{ .Release.Namespace }}
- filters:
- port: 8022
type: TCP
name: hellgate
namespace: {{ .Release.Namespace }}
- filters:
- port: 8022
type: TCP
name: payouter
namespace: {{ .Release.Namespace }}
# add it to vault tamlate if kafka mTLS auth enable
#{{- /*
# --kafka.ssl.enabled={{ kafka.ssl.enable }}
# --kafka.ssl.key-store-location=/opt/{{ service_name }}/kafka-keystore.p12
# --kafka.ssl.key-store-password="{{ service.keystore.pass }}"
# --kafka.ssl.key-password="{{ service.keystore.pass }}"
# --kafka.ssl.trust-store-location=/opt/{{ service_name }}/kafka-truststore.p12
# --kafka.ssl.trust-store-password="{{ kafka.truststore.java.pass }}"
# */ -}}
Reference in New Issue View Git Blame Copy Permalink