diff --git a/apps/ams-sync/base/helmrelease.yaml b/apps/ams-sync/base/helmrelease.yaml new file mode 100644 index 0000000..88a3395 --- /dev/null +++ b/apps/ams-sync/base/helmrelease.yaml @@ -0,0 +1,204 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: ams-sync + namespace: ams-sync + +spec: + interval: 10m + + chart: + spec: + chart: universal-chart + version: "0.1.7" + sourceRef: + kind: HelmRepository + name: yc-oci-charts + namespace: flux-system + interval: 10m + + install: + remediation: + retries: 3 + + upgrade: + remediation: + retries: 3 + + values: + global: + env: _default + + services: + backend: + enabled: true + + image: + name: + _default: cr.yandex/crp3ccidau046kdj8g9q/ams-sync:ugok + pullPolicy: + _default: IfNotPresent + + deployment: + enabled: true + + name: + _default: ams-sync + + replicaCount: + _default: 1 + stage: 1 + preprod: 3 + production: 3 + + port: + _default: 8000 + + probes: + liveness: + enabled: false + readiness: + enabled: false + + service: + enabled: true + + name: + _default: ams-sync + + type: + _default: ClusterIP + + port: + _default: 8000 + + targetPort: + _default: 8000 + + portName: + _default: http + + imagePullSecrets: + enabled: + _default: true + name: + _default: regcred + labels: + monitoring: prometheus + + envs: + - name: AMS_SYNC_TOPIC + value: + _default: "ams-sync" + + - name: ENVIRONMENT + value: + _default: "PRODUCTION" + + - name: HOST_ORGANIZATION_ID + value: + _default: "368536846176636704" + + - name: ALERT_ENABLED + value: + _default: "False" + + - name: USER_SERVER_HOST + value: + _default: "https://sarex.ugok.lan" + + - name: AUTH_HOST + value: + _default: "https://sarex.ugok.lan" + + - name: VERIFY_USERS + value: + _default: "True" + + - name: KAFKA_SECURITY_PROTOCOL + value: + _default: "SSL" + + - name: KAFKA_SASL_MECHANISM + value: + _default: "SCRAM-SHA-512" + secretEnvs: + - name: TELEGRAM_TOKEN + secretName: + _default: "telegram-secret" + secretKey: "telegram-token" + + - name: TELEGRAM_GROUP_ID + secretName: + _default: "telegram-secret" + secretKey: "telegram-group-id" + + - name: ZITADEL_HOST + secretName: + _default: "zitadel-token-secret" + secretKey: "zitadel-host" + + - name: ZITADEL_SERVICE_ACCESS_TOKEN + secretName: + _default: "zitadel-token-secret" + secretKey: "zitadel-access-token" + + - name: KAFKA_BOOTSTRAP_SERVERS + secretName: + _default: "ams-kafka-secret" + secretKey: "kafka-bootstrap-servers" + + - name: KAFKA_SASL_PLAIN_USERNAME + secretName: + _default: "ams-kafka-secret" + secretKey: "kafka-username" + + - name: KAFKA_SASL_PLAIN_PASSWORD + secretName: + _default: "ams-kafka-secret" + secretKey: "kafka-password" + + - name: KAFKA_SSL_CAFILE + secretName: + _default: "ams-kafka-secret" + secretKey: "kafka-ca-file" + + - name: AUTH_ADMIN_USERNAME + secretName: + _default: "auth-secret" + secretKey: "admin-username" + + - name: AUTH_ADMIN_PASSWORD + secretName: + _default: "auth-secret" + secretKey: "admin-password" + + - name: USER_DB_NAME + secretName: + _default: "user-db-secret" + secretKey: "user-db-name" + + - name: USER_DB_USER + secretName: + _default: "user-db-secret" + secretKey: "user-db-user" + + - name: USER_DB_PASSWORD + secretName: + _default: "user-db-secret" + secretKey: "user-db-password" + + - name: USER_DB_HOST + secretName: + _default: "user-db-secret" + secretKey: "user-db-host" + + - name: USER_DB_PORT + secretName: + _default: "user-db-secret" + secretKey: "user-db-port" + + commitSha: "" + gitlabUri: "" + gitlabJobUrl: "" + owner: "" \ No newline at end of file diff --git a/apps/ams-sync/base/kustomization.yaml b/apps/ams-sync/base/kustomization.yaml new file mode 100644 index 0000000..ee59191 --- /dev/null +++ b/apps/ams-sync/base/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: ams-sync +resources: + - helmrelease.yaml diff --git a/apps/ams-sync/brusnika-stage/backend.yaml b/apps/ams-sync/brusnika-stage/backend.yaml new file mode 100644 index 0000000..9971fee --- /dev/null +++ b/apps/ams-sync/brusnika-stage/backend.yaml @@ -0,0 +1,220 @@ +apiVersion: helm.toolkit.fluxcd.io/v2 +kind: HelmRelease +metadata: + name: ams-sync + namespace: ams-sync + +spec: + interval: 10m + + chart: + spec: + chart: universal-chart + version: "0.1.7" + sourceRef: + kind: HelmRepository + name: yc-oci-charts + namespace: flux-system + interval: 10m + + install: + remediation: + retries: 3 + + upgrade: + remediation: + retries: 3 + + values: + global: + env: _default + + services: + backend: + enabled: true + + image: + name: + _default: cr.yandex/crp3ccidau046kdj8g9q/ams-sync:ugok + pullPolicy: + _default: IfNotPresent + + deployment: + enabled: true + + name: + _default: ams-sync + + replicaCount: + _default: 1 + stage: 1 + preprod: 3 + production: 3 + + port: + _default: 8000 + + probes: + liveness: + enabled: false + readiness: + enabled: false + + service: + enabled: true + + name: + _default: ams-sync + + type: + _default: ClusterIP + + port: + _default: 8000 + + targetPort: + _default: 8000 + + portName: + _default: http + + imagePullSecrets: + enabled: + _default: true + name: + _default: regcred + volumes: + _default: + - name: kafka-cert + mountPath: + _default: /etc/ca-certificates/Yandex/ + subPath: + _default: YandexInternalRootCA.crt + readOnly: + _default: true + configMap: + name: + _default: kafka-cert + items: + - key: YandexInternalRootCA.crt + path: + _default: YandexInternalRootCA.crt + labels: + monitoring: prometheus + + envs: + - name: AMS_SYNC_TOPIC + value: + _default: "ams-sync" + + - name: ENVIRONMENT + value: + _default: "PRODUCTION" + + - name: HOST_ORGANIZATION_ID + value: + _default: "368536846176636704" + + - name: ALERT_ENABLED + value: + _default: "False" + + - name: USER_SERVER_HOST + value: + _default: "https://sarex.ugok.lan" + + - name: AUTH_HOST + value: + _default: "https://sarex.ugok.lan" + + - name: VERIFY_USERS + value: + _default: "True" + + - name: KAFKA_SECURITY_PROTOCOL + value: + _default: "SSL" + + - name: KAFKA_SASL_MECHANISM + value: + _default: "SCRAM-SHA-512" + secretEnvs: + - name: TELEGRAM_TOKEN + secretName: + _default: "telegram-secret" + secretKey: "telegram-token" + + - name: TELEGRAM_GROUP_ID + secretName: + _default: "telegram-secret" + secretKey: "telegram-group-id" + + - name: ZITADEL_HOST + secretName: + _default: "zitadel-token-secret" + secretKey: "zitadel-host" + + - name: ZITADEL_SERVICE_ACCESS_TOKEN + secretName: + _default: "zitadel-token-secret" + secretKey: "zitadel-access-token" + + - name: KAFKA_BOOTSTRAP_SERVERS + secretName: + _default: "ams-kafka-secret" + secretKey: "kafka-bootstrap-servers" + + - name: KAFKA_SASL_PLAIN_USERNAME + secretName: + _default: "ams-kafka-secret" + secretKey: "kafka-username" + + - name: KAFKA_SASL_PLAIN_PASSWORD + secretName: + _default: "ams-kafka-secret" + secretKey: "kafka-password" + + - name: KAFKA_SSL_CAFILE + secretName: + _default: "ams-kafka-secret" + secretKey: "kafka-ca-file" + + - name: AUTH_ADMIN_USERNAME + secretName: + _default: "auth-secret" + secretKey: "admin-username" + + - name: AUTH_ADMIN_PASSWORD + secretName: + _default: "auth-secret" + secretKey: "admin-password" + + - name: USER_DB_NAME + secretName: + _default: "user-db-secret" + secretKey: "user-db-name" + + - name: USER_DB_USER + secretName: + _default: "user-db-secret" + secretKey: "user-db-user" + + - name: USER_DB_PASSWORD + secretName: + _default: "user-db-secret" + secretKey: "user-db-password" + + - name: USER_DB_HOST + secretName: + _default: "user-db-secret" + secretKey: "user-db-host" + + - name: USER_DB_PORT + secretName: + _default: "user-db-secret" + secretKey: "user-db-port" + + commitSha: "" + gitlabUri: "" + gitlabJobUrl: "" + owner: "" \ No newline at end of file diff --git a/apps/ams-sync/brusnika-stage/kustomization.yaml b/apps/ams-sync/brusnika-stage/kustomization.yaml new file mode 100644 index 0000000..01e4448 --- /dev/null +++ b/apps/ams-sync/brusnika-stage/kustomization.yaml @@ -0,0 +1,6 @@ +--- +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: ams-sync +resources: + - backend.yaml \ No newline at end of file diff --git a/clusters/brusnika-stage/kustomization.yaml b/clusters/brusnika-stage/kustomization.yaml index c7d0db7..c05d1ef 100644 --- a/clusters/brusnika-stage/kustomization.yaml +++ b/clusters/brusnika-stage/kustomization.yaml @@ -31,4 +31,5 @@ resources: - ../../apps/measurements/brusnika-stage - ../../apps/notes/brusnika-stage - ../../apps/message-hub/brusnika-stage - - ../../apps/drawings/brusnika-stage \ No newline at end of file + - ../../apps/drawings/brusnika-stage + - ../../apps/ams-sync/brusnika-stage \ No newline at end of file