diff --git a/iac/tf-anthos-gke/terraform.tfvars b/iac/tf-anthos-gke/terraform.tfvars index 2697da9ee..439955d16 100644 --- a/iac/tf-anthos-gke/terraform.tfvars +++ b/iac/tf-anthos-gke/terraform.tfvars @@ -18,6 +18,6 @@ region = "us-central1" zone = "us-central1-b" cluster_name = "anthos-sample-cluster1" sync_repo = "https://github.com/GoogleCloudPlatform/bank-of-anthos" -sync_branch = "release/v1.2.2" +sync_branch = "release/v1.2.3" sync_rev = "" policy_dir = "/kubernetes-manifests" diff --git a/kubernetes-manifests/accounts-db.yaml b/kubernetes-manifests/accounts-db.yaml index e2b7b0ffd..7725d8363 100644 --- a/kubernetes-manifests/accounts-db.yaml +++ b/kubernetes-manifests/accounts-db.yaml @@ -1,16 +1,149 @@ apiVersion: v1 data: - ACCOUNTS_DB_URI: postgresql://admin:admin@127.0.0.1:5432/accounts-db + ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db POSTGRES_DB: accounts-db - POSTGRES_PASSWORD: admin - POSTGRES_USER: admin + POSTGRES_PASSWORD: accounts-pwd + POSTGRES_USER: accounts-admin kind: ConfigMap metadata: labels: app: accounts-db application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: db name: accounts-db-config - namespace: bank-of-anthos-staging +--- +apiVersion: v1 +kind: Service +metadata: + labels: + application: bank-of-splunk + environment: development + team: accounts + tier: db + name: accounts-db +spec: + ports: + - name: tcp + port: 5432 + protocol: TCP + targetPort: 5432 + selector: + app: accounts-db + application: bank-of-splunk + environment: development + team: accounts + tier: db + type: ClusterIP +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + application: bank-of-splunk + environment: development + team: accounts + tier: db + name: accounts-db +spec: + replicas: 1 + selector: + matchLabels: + app: accounts-db + application: bank-of-splunk + environment: development + team: accounts + tier: db + serviceName: accounts-db + template: + metadata: + labels: + app: accounts-db + application: bank-of-splunk + environment: development + team: accounts + tier: db + spec: + containers: + - envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + - configMapRef: + name: demo-data-config + image: ghcr.io/splunk/bank-of-splunk/accounts-db:v1.2.3@sha256:fea9e1a74f9e919158a3ed7049f3da2b9016ef96a5e62ad606559bc494be2ee1 + name: accounts-db + ports: + - containerPort: 5432 + resources: + limits: + cpu: 250m + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgresdb + subPath: postgres + serviceAccount: bank-of-anthos + serviceAccountName: default + volumes: + - emptyDir: {} + name: postgresdb +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque diff --git a/kubernetes-manifests/balance-reader.yaml b/kubernetes-manifests/balance-reader.yaml index b27bd3970..c94d102c6 100644 --- a/kubernetes-manifests/balance-reader.yaml +++ b/kubernetes-manifests/balance-reader.yaml @@ -13,33 +13,164 @@ # limitations under the License. apiVersion: v1 data: - POSTGRES_DB: ledger-db - POSTGRES_PASSWORD: admin + POSTGRES_DB: postgresdb + POSTGRES_PASSWORD: password POSTGRES_USER: admin - SPRING_DATASOURCE_PASSWORD: admin - SPRING_DATASOURCE_URL: jdbc:postgresql://127.0.0.1:5432/ledger-db + SPRING_DATASOURCE_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb SPRING_DATASOURCE_USERNAME: admin kind: ConfigMap metadata: labels: app: ledger-db application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: db name: ledger-db-config - namespace: bank-of-anthos-staging --- apiVersion: v1 kind: Service metadata: labels: application: bank-of-splunk - cluster: staging + environment: development + team: ledger + tier: db + name: ledger-db +spec: + ports: + - name: tcp + port: 5432 + targetPort: 5432 + selector: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + type: ClusterIP +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + application: bank-of-splunk + environment: development + team: ledger + tier: db + name: ledger-db +spec: + replicas: 1 + selector: + matchLabels: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + serviceName: ledger-db + template: + metadata: + labels: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + spec: + containers: + - envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: ledger-db-config + - configMapRef: + name: demo-data-config + image: ghcr.io/splunk/bank-of-splunk/ledger-db:v1.2.3@sha256:de1ae1694d03c6c368245ec88ca016476dffa1f73a5d6cd67ab949a96c93d668 + name: postgres + ports: + - containerPort: 5432 + resources: + limits: + cpu: 250m + memory: 1Gi + requests: + cpu: 100m + memory: 512Mi + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgresdb + subPath: postgres + serviceAccount: bank-of-anthos + serviceAccountName: default + volumes: + - emptyDir: {} + name: postgresdb +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + application: bank-of-splunk + environment: development team: ledger tier: backend name: balancereader - namespace: bank-of-anthos-staging spec: ports: - name: http @@ -48,7 +179,7 @@ spec: selector: app: balancereader application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend type: ClusterIP @@ -58,17 +189,16 @@ kind: Deployment metadata: labels: application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend name: balancereader - namespace: bank-of-anthos-staging spec: selector: matchLabels: app: balancereader application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend template: @@ -77,14 +207,14 @@ spec: labels: app: balancereader application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend spec: containers: - env: - name: VERSION - value: v1.2.2 + value: v1.2.3 - name: PORT value: "8080" - name: ENABLE_TRACING @@ -108,7 +238,7 @@ spec: name: environment-config - configMapRef: name: ledger-db-config - image: ghcr.io/splunk/bank-of-splunk/balancereader:v1.2.2@sha256:928b892a9bbe3db70e68542a7e8b72796a35870c07f4e87b287c29576ddbba30 + image: ghcr.io/splunk/bank-of-splunk/balancereader:v1.2.3@sha256:928b892a9bbe3db70e68542a7e8b72796a35870c07f4e87b287c29576ddbba30 livenessProbe: httpGet: path: /healthy @@ -152,25 +282,6 @@ spec: - mountPath: /tmp/.ssh name: publickey readOnly: true - - args: - - --port=5432 - env: - - name: CSQL_PROXY_INSTANCE_CONNECTION_NAME - valueFrom: - configMapKeyRef: - key: connectionName - name: cloud-sql-admin - image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.8.0-alpine@sha256:bd14f09aa889b490a361522293cc4aa539937b6d64bc740794843ac814e58f6f - name: cloud-sql-proxy - resources: - limits: - cpu: 250m - ephemeral-storage: 1Gi - memory: 100Mi - requests: - cpu: 250m - ephemeral-storage: 1Gi - memory: 100Mi securityContext: fsGroup: 1000 runAsGroup: 1000 @@ -187,3 +298,57 @@ spec: - key: jwtRS256.key.pub path: publickey secretName: jwt-key +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque diff --git a/kubernetes-manifests/contacts.yaml b/kubernetes-manifests/contacts.yaml index 2a65b9e2e..1d63f838c 100644 --- a/kubernetes-manifests/contacts.yaml +++ b/kubernetes-manifests/contacts.yaml @@ -13,31 +13,163 @@ # limitations under the License. apiVersion: v1 data: - ACCOUNTS_DB_URI: postgresql://admin:admin@127.0.0.1:5432/accounts-db + ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db POSTGRES_DB: accounts-db - POSTGRES_PASSWORD: admin - POSTGRES_USER: admin + POSTGRES_PASSWORD: accounts-pwd + POSTGRES_USER: accounts-admin kind: ConfigMap metadata: labels: app: accounts-db application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: db name: accounts-db-config - namespace: bank-of-anthos-staging --- apiVersion: v1 kind: Service metadata: labels: application: bank-of-splunk - cluster: staging + environment: development + team: accounts + tier: db + name: accounts-db +spec: + ports: + - name: tcp + port: 5432 + protocol: TCP + targetPort: 5432 + selector: + app: accounts-db + application: bank-of-splunk + environment: development + team: accounts + tier: db + type: ClusterIP +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + application: bank-of-splunk + environment: development + team: accounts + tier: db + name: accounts-db +spec: + replicas: 1 + selector: + matchLabels: + app: accounts-db + application: bank-of-splunk + environment: development + team: accounts + tier: db + serviceName: accounts-db + template: + metadata: + labels: + app: accounts-db + application: bank-of-splunk + environment: development + team: accounts + tier: db + spec: + containers: + - envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + - configMapRef: + name: demo-data-config + image: ghcr.io/splunk/bank-of-splunk/accounts-db:v1.2.3@sha256:fea9e1a74f9e919158a3ed7049f3da2b9016ef96a5e62ad606559bc494be2ee1 + name: accounts-db + ports: + - containerPort: 5432 + resources: + limits: + cpu: 250m + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgresdb + subPath: postgres + serviceAccount: bank-of-anthos + serviceAccountName: default + volumes: + - emptyDir: {} + name: postgresdb +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + application: bank-of-splunk + environment: development team: accounts tier: backend name: contacts - namespace: bank-of-anthos-staging spec: ports: - name: http @@ -46,7 +178,7 @@ spec: selector: app: contacts application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: backend type: ClusterIP @@ -56,17 +188,16 @@ kind: Deployment metadata: labels: application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: backend name: contacts - namespace: bank-of-anthos-staging spec: selector: matchLabels: app: contacts application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: backend template: @@ -75,14 +206,14 @@ spec: labels: app: contacts application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: backend spec: containers: - env: - name: VERSION - value: v1.2.2 + value: v1.2.3 - name: PORT value: "8080" - name: ENABLE_TRACING @@ -102,7 +233,7 @@ spec: name: environment-config - configMapRef: name: accounts-db-config - image: ghcr.io/splunk/bank-of-splunk/contacts:v1.2.2@sha256:bfe6d8970e967130c972779b47bef1999afc3d698cc80c56cade5a52dcc0aa64 + image: ghcr.io/splunk/bank-of-splunk/contacts:v1.2.3@sha256:bfe6d8970e967130c972779b47bef1999afc3d698cc80c56cade5a52dcc0aa64 name: contacts readinessProbe: httpGet: @@ -133,25 +264,6 @@ spec: - mountPath: /tmp/.ssh name: publickey readOnly: true - - args: - - --port=5432 - env: - - name: CSQL_PROXY_INSTANCE_CONNECTION_NAME - valueFrom: - configMapKeyRef: - key: connectionName - name: cloud-sql-admin - image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.8.0-alpine@sha256:bd14f09aa889b490a361522293cc4aa539937b6d64bc740794843ac814e58f6f - name: cloud-sql-proxy - resources: - limits: - cpu: 250m - ephemeral-storage: 1Gi - memory: 100Mi - requests: - cpu: 250m - ephemeral-storage: 1Gi - memory: 100Mi securityContext: fsGroup: 1000 runAsGroup: 1000 @@ -168,3 +280,57 @@ spec: - key: jwtRS256.key.pub path: publickey secretName: jwt-key +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque diff --git a/kubernetes-manifests/frontend.yaml b/kubernetes-manifests/frontend.yaml index 10cc6fd77..98aaf4de2 100644 --- a/kubernetes-manifests/frontend.yaml +++ b/kubernetes-manifests/frontend.yaml @@ -16,11 +16,10 @@ kind: Service metadata: labels: application: bank-of-splunk - cluster: staging + environment: development team: frontend tier: web name: frontend - namespace: bank-of-anthos-staging spec: ports: - name: http @@ -29,7 +28,7 @@ spec: selector: app: frontend application: bank-of-splunk - cluster: staging + environment: development team: frontend tier: web type: LoadBalancer @@ -39,17 +38,16 @@ kind: Deployment metadata: labels: application: bank-of-splunk - cluster: staging + environment: development team: frontend tier: web name: frontend - namespace: bank-of-anthos-staging spec: selector: matchLabels: app: frontend application: bank-of-splunk - cluster: staging + environment: development team: frontend tier: web template: @@ -58,14 +56,14 @@ spec: labels: app: frontend application: bank-of-splunk - cluster: staging + environment: development team: frontend tier: web spec: containers: - env: - name: VERSION - value: v1.2.2 + value: v1.2.3 - name: PORT value: "8080" - name: ENABLE_TRACING @@ -143,7 +141,7 @@ spec: name: environment-config - configMapRef: name: service-api-config - image: ghcr.io/splunk/bank-of-splunk/frontend:v1.2.2@sha256:b3cd2828e76ba3197e51d198cfceb09c61f387ffdb9ebace33a5410898cc2bbe + image: ghcr.io/splunk/bank-of-splunk/frontend:v1.2.3@sha256:b3cd2828e76ba3197e51d198cfceb09c61f387ffdb9ebace33a5410898cc2bbe livenessProbe: httpGet: path: /ready @@ -195,3 +193,57 @@ spec: - key: jwtRS256.key.pub path: publickey secretName: jwt-key +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque diff --git a/kubernetes-manifests/ledger-db.yaml b/kubernetes-manifests/ledger-db.yaml index 955ee9cdc..dfd9fda0c 100644 --- a/kubernetes-manifests/ledger-db.yaml +++ b/kubernetes-manifests/ledger-db.yaml @@ -1,18 +1,150 @@ apiVersion: v1 data: - POSTGRES_DB: ledger-db - POSTGRES_PASSWORD: admin + POSTGRES_DB: postgresdb + POSTGRES_PASSWORD: password POSTGRES_USER: admin - SPRING_DATASOURCE_PASSWORD: admin - SPRING_DATASOURCE_URL: jdbc:postgresql://127.0.0.1:5432/ledger-db + SPRING_DATASOURCE_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb SPRING_DATASOURCE_USERNAME: admin kind: ConfigMap metadata: labels: app: ledger-db application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: db name: ledger-db-config - namespace: bank-of-anthos-staging +--- +apiVersion: v1 +kind: Service +metadata: + labels: + application: bank-of-splunk + environment: development + team: ledger + tier: db + name: ledger-db +spec: + ports: + - name: tcp + port: 5432 + targetPort: 5432 + selector: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + type: ClusterIP +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + application: bank-of-splunk + environment: development + team: ledger + tier: db + name: ledger-db +spec: + replicas: 1 + selector: + matchLabels: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + serviceName: ledger-db + template: + metadata: + labels: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + spec: + containers: + - envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: ledger-db-config + - configMapRef: + name: demo-data-config + image: ghcr.io/splunk/bank-of-splunk/ledger-db:v1.2.3@sha256:de1ae1694d03c6c368245ec88ca016476dffa1f73a5d6cd67ab949a96c93d668 + name: postgres + ports: + - containerPort: 5432 + resources: + limits: + cpu: 250m + memory: 1Gi + requests: + cpu: 100m + memory: 512Mi + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgresdb + subPath: postgres + serviceAccount: bank-of-anthos + serviceAccountName: default + volumes: + - emptyDir: {} + name: postgresdb +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque diff --git a/kubernetes-manifests/ledger-writer.yaml b/kubernetes-manifests/ledger-writer.yaml index 1566f076f..b21769af3 100644 --- a/kubernetes-manifests/ledger-writer.yaml +++ b/kubernetes-manifests/ledger-writer.yaml @@ -13,33 +13,164 @@ # limitations under the License. apiVersion: v1 data: - POSTGRES_DB: ledger-db - POSTGRES_PASSWORD: admin + POSTGRES_DB: postgresdb + POSTGRES_PASSWORD: password POSTGRES_USER: admin - SPRING_DATASOURCE_PASSWORD: admin - SPRING_DATASOURCE_URL: jdbc:postgresql://127.0.0.1:5432/ledger-db + SPRING_DATASOURCE_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb SPRING_DATASOURCE_USERNAME: admin kind: ConfigMap metadata: labels: app: ledger-db application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: db name: ledger-db-config - namespace: bank-of-anthos-staging --- apiVersion: v1 kind: Service metadata: labels: application: bank-of-splunk - cluster: staging + environment: development + team: ledger + tier: db + name: ledger-db +spec: + ports: + - name: tcp + port: 5432 + targetPort: 5432 + selector: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + type: ClusterIP +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + application: bank-of-splunk + environment: development + team: ledger + tier: db + name: ledger-db +spec: + replicas: 1 + selector: + matchLabels: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + serviceName: ledger-db + template: + metadata: + labels: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + spec: + containers: + - envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: ledger-db-config + - configMapRef: + name: demo-data-config + image: ghcr.io/splunk/bank-of-splunk/ledger-db:v1.2.3@sha256:de1ae1694d03c6c368245ec88ca016476dffa1f73a5d6cd67ab949a96c93d668 + name: postgres + ports: + - containerPort: 5432 + resources: + limits: + cpu: 250m + memory: 1Gi + requests: + cpu: 100m + memory: 512Mi + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgresdb + subPath: postgres + serviceAccount: bank-of-anthos + serviceAccountName: default + volumes: + - emptyDir: {} + name: postgresdb +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + application: bank-of-splunk + environment: development team: ledger tier: backend name: ledgerwriter - namespace: bank-of-anthos-staging spec: ports: - name: http @@ -48,7 +179,7 @@ spec: selector: app: ledgerwriter application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend type: ClusterIP @@ -58,17 +189,16 @@ kind: Deployment metadata: labels: application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend name: ledgerwriter - namespace: bank-of-anthos-staging spec: selector: matchLabels: app: ledgerwriter application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend template: @@ -77,14 +207,14 @@ spec: labels: app: ledgerwriter application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend spec: containers: - env: - name: VERSION - value: v1.2.2 + value: v1.2.3 - name: PORT value: "8080" - name: ENABLE_TRACING @@ -106,7 +236,7 @@ spec: name: service-api-config - configMapRef: name: ledger-db-config - image: ghcr.io/splunk/bank-of-splunk/ledgerwriter:v1.2.2@sha256:a257d61f349d13e26d1f2e556d5ff83792d388f97f7402854ce426eceac18e4c + image: ghcr.io/splunk/bank-of-splunk/ledgerwriter:v1.2.3@sha256:a257d61f349d13e26d1f2e556d5ff83792d388f97f7402854ce426eceac18e4c name: ledgerwriter readinessProbe: httpGet: @@ -143,25 +273,6 @@ spec: - mountPath: /tmp/.ssh name: publickey readOnly: true - - args: - - --port=5432 - env: - - name: CSQL_PROXY_INSTANCE_CONNECTION_NAME - valueFrom: - configMapKeyRef: - key: connectionName - name: cloud-sql-admin - image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.8.0-alpine@sha256:bd14f09aa889b490a361522293cc4aa539937b6d64bc740794843ac814e58f6f - name: cloud-sql-proxy - resources: - limits: - cpu: 250m - ephemeral-storage: 1Gi - memory: 100Mi - requests: - cpu: 250m - ephemeral-storage: 1Gi - memory: 100Mi securityContext: fsGroup: 1000 runAsGroup: 1000 @@ -178,3 +289,57 @@ spec: - key: jwtRS256.key.pub path: publickey secretName: jwt-key +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque diff --git a/kubernetes-manifests/loadgenerator.yaml b/kubernetes-manifests/loadgenerator.yaml index a04a3195d..00a5a995f 100644 --- a/kubernetes-manifests/loadgenerator.yaml +++ b/kubernetes-manifests/loadgenerator.yaml @@ -11,4 +11,61 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + environment: development + team: loadgenerator + tier: test + name: loadgenerator +spec: + replicas: 1 + selector: + matchLabels: + app: loadgenerator + environment: development + team: loadgenerator + tier: test + template: + metadata: + annotations: + sidecar.istio.io/rewriteAppHTTPProbers: "true" + labels: + app: loadgenerator + environment: development + team: loadgenerator + tier: test + spec: + containers: + - env: + - name: FRONTEND_ADDR + value: frontend:8083 + - name: USERS + value: "5" + - name: LOG_LEVEL + value: error + image: ghcr.io/splunk/bank-of-splunk/loadgenerator:v1.2.3@sha256:d184a7ddd273161327695ed8e69dbefdd3a50eece3123203bc0bf0ef17db6fe4 + name: loadgenerator + resources: + limits: + cpu: 250m + memory: 1Gi + requests: + cpu: 100m + memory: 512Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - all + privileged: false + readOnlyRootFilesystem: true + restartPolicy: Always + securityContext: + fsGroup: 1000 + runAsGroup: 1000 + runAsNonRoot: true + runAsUser: 1000 + serviceAccountName: default + terminationGracePeriodSeconds: 5 diff --git a/kubernetes-manifests/transaction-history.yaml b/kubernetes-manifests/transaction-history.yaml index f3c6323ff..4d230e511 100644 --- a/kubernetes-manifests/transaction-history.yaml +++ b/kubernetes-manifests/transaction-history.yaml @@ -13,33 +13,164 @@ # limitations under the License. apiVersion: v1 data: - POSTGRES_DB: ledger-db - POSTGRES_PASSWORD: admin + POSTGRES_DB: postgresdb + POSTGRES_PASSWORD: password POSTGRES_USER: admin - SPRING_DATASOURCE_PASSWORD: admin - SPRING_DATASOURCE_URL: jdbc:postgresql://127.0.0.1:5432/ledger-db + SPRING_DATASOURCE_PASSWORD: password + SPRING_DATASOURCE_URL: jdbc:postgresql://ledger-db:5432/postgresdb SPRING_DATASOURCE_USERNAME: admin kind: ConfigMap metadata: labels: app: ledger-db application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: db name: ledger-db-config - namespace: bank-of-anthos-staging --- apiVersion: v1 kind: Service metadata: labels: application: bank-of-splunk - cluster: staging + environment: development + team: ledger + tier: db + name: ledger-db +spec: + ports: + - name: tcp + port: 5432 + targetPort: 5432 + selector: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + type: ClusterIP +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + application: bank-of-splunk + environment: development + team: ledger + tier: db + name: ledger-db +spec: + replicas: 1 + selector: + matchLabels: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + serviceName: ledger-db + template: + metadata: + labels: + app: ledger-db + application: bank-of-splunk + environment: development + team: ledger + tier: db + spec: + containers: + - envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: ledger-db-config + - configMapRef: + name: demo-data-config + image: ghcr.io/splunk/bank-of-splunk/ledger-db:v1.2.3@sha256:de1ae1694d03c6c368245ec88ca016476dffa1f73a5d6cd67ab949a96c93d668 + name: postgres + ports: + - containerPort: 5432 + resources: + limits: + cpu: 250m + memory: 1Gi + requests: + cpu: 100m + memory: 512Mi + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgresdb + subPath: postgres + serviceAccount: bank-of-anthos + serviceAccountName: default + volumes: + - emptyDir: {} + name: postgresdb +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + application: bank-of-splunk + environment: development team: ledger tier: backend name: transactionhistory - namespace: bank-of-anthos-staging spec: ports: - name: http @@ -48,7 +179,7 @@ spec: selector: app: transactionhistory application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend type: ClusterIP @@ -58,17 +189,16 @@ kind: Deployment metadata: labels: application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend name: transactionhistory - namespace: bank-of-anthos-staging spec: selector: matchLabels: app: transactionhistory application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend template: @@ -77,14 +207,14 @@ spec: labels: app: transactionhistory application: bank-of-splunk - cluster: staging + environment: development team: ledger tier: backend spec: containers: - env: - name: VERSION - value: v1.2.2 + value: v1.2.3 - name: PORT value: "8080" - name: ENABLE_TRACING @@ -112,7 +242,7 @@ spec: name: environment-config - configMapRef: name: ledger-db-config - image: ghcr.io/splunk/bank-of-splunk/transactionhistory:v1.2.2@sha256:d0fbbb9fe6f3589c0372301ad159975af5cb309891f135444cca49092e66aaa6 + image: ghcr.io/splunk/bank-of-splunk/transactionhistory:v1.2.3@sha256:d0fbbb9fe6f3589c0372301ad159975af5cb309891f135444cca49092e66aaa6 livenessProbe: httpGet: path: /healthy @@ -156,25 +286,6 @@ spec: - mountPath: /tmp/.ssh name: publickey readOnly: true - - args: - - --port=5432 - env: - - name: CSQL_PROXY_INSTANCE_CONNECTION_NAME - valueFrom: - configMapKeyRef: - key: connectionName - name: cloud-sql-admin - image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.8.0-alpine@sha256:bd14f09aa889b490a361522293cc4aa539937b6d64bc740794843ac814e58f6f - name: cloud-sql-proxy - resources: - limits: - cpu: 250m - ephemeral-storage: 1Gi - memory: 100Mi - requests: - cpu: 250m - ephemeral-storage: 1Gi - memory: 100Mi securityContext: fsGroup: 1000 runAsGroup: 1000 @@ -191,3 +302,57 @@ spec: - key: jwtRS256.key.pub path: publickey secretName: jwt-key +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque diff --git a/kubernetes-manifests/userservice.yaml b/kubernetes-manifests/userservice.yaml index 34e86843a..39cc6ff81 100644 --- a/kubernetes-manifests/userservice.yaml +++ b/kubernetes-manifests/userservice.yaml @@ -13,31 +13,163 @@ # limitations under the License. apiVersion: v1 data: - ACCOUNTS_DB_URI: postgresql://admin:admin@127.0.0.1:5432/accounts-db + ACCOUNTS_DB_URI: postgresql://accounts-admin:accounts-pwd@accounts-db:5432/accounts-db POSTGRES_DB: accounts-db - POSTGRES_PASSWORD: admin - POSTGRES_USER: admin + POSTGRES_PASSWORD: accounts-pwd + POSTGRES_USER: accounts-admin kind: ConfigMap metadata: labels: app: accounts-db application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: db name: accounts-db-config - namespace: bank-of-anthos-staging --- apiVersion: v1 kind: Service metadata: labels: application: bank-of-splunk - cluster: staging + environment: development + team: accounts + tier: db + name: accounts-db +spec: + ports: + - name: tcp + port: 5432 + protocol: TCP + targetPort: 5432 + selector: + app: accounts-db + application: bank-of-splunk + environment: development + team: accounts + tier: db + type: ClusterIP +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + labels: + application: bank-of-splunk + environment: development + team: accounts + tier: db + name: accounts-db +spec: + replicas: 1 + selector: + matchLabels: + app: accounts-db + application: bank-of-splunk + environment: development + team: accounts + tier: db + serviceName: accounts-db + template: + metadata: + labels: + app: accounts-db + application: bank-of-splunk + environment: development + team: accounts + tier: db + spec: + containers: + - envFrom: + - configMapRef: + name: environment-config + - configMapRef: + name: accounts-db-config + - configMapRef: + name: demo-data-config + image: ghcr.io/splunk/bank-of-splunk/accounts-db:v1.2.3@sha256:fea9e1a74f9e919158a3ed7049f3da2b9016ef96a5e62ad606559bc494be2ee1 + name: accounts-db + ports: + - containerPort: 5432 + resources: + limits: + cpu: 250m + memory: 512Mi + requests: + cpu: 100m + memory: 128Mi + volumeMounts: + - mountPath: /var/lib/postgresql/data + name: postgresdb + subPath: postgres + serviceAccount: bank-of-anthos + serviceAccountName: default + volumes: + - emptyDir: {} + name: postgresdb +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque +--- +apiVersion: v1 +kind: Service +metadata: + labels: + application: bank-of-splunk + environment: development team: accounts tier: backend name: userservice - namespace: bank-of-anthos-staging spec: ports: - name: http @@ -46,7 +178,7 @@ spec: selector: app: userservice application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: backend type: ClusterIP @@ -56,17 +188,16 @@ kind: Deployment metadata: labels: application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: backend name: userservice - namespace: bank-of-anthos-staging spec: selector: matchLabels: app: userservice application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: backend template: @@ -75,14 +206,14 @@ spec: labels: app: userservice application: bank-of-splunk - cluster: staging + environment: development team: accounts tier: backend spec: containers: - env: - name: VERSION - value: v1.2.2 + value: v1.2.3 - name: PORT value: "8080" - name: ENABLE_TRACING @@ -106,7 +237,7 @@ spec: name: environment-config - configMapRef: name: accounts-db-config - image: ghcr.io/splunk/bank-of-splunk/userservice:v1.2.2@sha256:f39d0b4e1cf6b4843e521020d58fa89d4ef7f55743b5035c258db6354c53ee70 + image: ghcr.io/splunk/bank-of-splunk/userservice:v1.2.3@sha256:f39d0b4e1cf6b4843e521020d58fa89d4ef7f55743b5035c258db6354c53ee70 name: userservice ports: - containerPort: 8080 @@ -140,25 +271,6 @@ spec: - mountPath: /tmp/.ssh name: keys readOnly: true - - args: - - --port=5432 - env: - - name: CSQL_PROXY_INSTANCE_CONNECTION_NAME - valueFrom: - configMapKeyRef: - key: connectionName - name: cloud-sql-admin - image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.8.0-alpine@sha256:bd14f09aa889b490a361522293cc4aa539937b6d64bc740794843ac814e58f6f - name: cloud-sql-proxy - resources: - limits: - cpu: 250m - ephemeral-storage: 1Gi - memory: 100Mi - requests: - cpu: 250m - ephemeral-storage: 1Gi - memory: 100Mi securityContext: fsGroup: 1000 runAsGroup: 1000 @@ -177,3 +289,57 @@ spec: - key: jwtRS256.key.pub path: publickey secretName: jwt-key +--- +apiVersion: v1 +kind: Namespace +metadata: + labels: + istio-injection: enabled + name: bank-of-anthos-development +--- +apiVersion: v1 +kind: ServiceAccount +metadata: + name: bank-of-anthos + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + DEMO_LOGIN_PASSWORD: bankofanthos + DEMO_LOGIN_USERNAME: testuser + USE_DEMO_DATA: "True" +kind: ConfigMap +metadata: + name: demo-data-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + LOCAL_ROUTING_NUM: "883745000" + PUB_KEY_PATH: /tmp/.ssh/publickey +kind: ConfigMap +metadata: + name: environment-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + BALANCES_API_ADDR: balancereader:8080 + CONTACTS_API_ADDR: contacts:8080 + HISTORY_API_ADDR: transactionhistory:8080 + TRANSACTIONS_API_ADDR: ledgerwriter:8080 + USERSERVICE_API_ADDR: userservice:8080 +kind: ConfigMap +metadata: + name: service-api-config + namespace: bank-of-anthos-development +--- +apiVersion: v1 +data: + jwtRS256.key: LS0tLS1CRUdJTiBQUklWQVRFIEtFWS0tLS0tCk1JSUJWUUlCQURBTkJna3Foa2lHOXcwQkFRRUZBQVNDQVQ4d2dnRTdBZ0VBQWtFQXZVY2FzVjhxbzVHdmlFRTQKNExtQVJVWkxON0tUZDJtSzh5RExieHlWdWxwVDluaXE4UU9ETkxvQ09IdVJWT3E3RUpWYVRTSGYxSk9MOTRkcAp2NU45Y1FJREFRQUJBa0F5Y0JnMDI5OUk1ekdYWlluNm1IUU9BY1ZaZWtUQnRXWkprNXVpYUVPZC9LNjNzSk9CCklveFF6OWxkZGJIWUxaeVhHV2hHd0tMeUIyOE5BOXJLYVJGaEFpRUE0ZXJua2pYVDNlRHhscm5HUzNLTWJXSDgKdlVVYWhxa29mK0Z3eEkzU3gvTUNJUURXZXpmT3RYZnIzOXY0MkRMaEVEcVZZZEJUWWpJZ2ZUelR1MGR1c0hjQwpDd0lnSUpOb3ROS0NMRnBGTzhDcDhUTWhRSnlDZnlBNXhQVWJXK1U4QjN1VHl6VUNJUUN3WkFIUHBIcU5xRHQyCmVnZk9CTlRKU2ZwVXVTdFVnT3JuanR2K2NtNU5aUUloQUp4ckprNU1od0h2VzZMcVNCemVqZzZwUkt3SnFiVXcKYWlobDVKbUZLR1dxCi0tLS0tRU5EIFBSSVZBVEUgS0VZLS0tLS0K + jwtRS256.key.pub: LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUZ3d0RRWUpLb1pJaHZjTkFRRUJCUUFEU3dBd1NBSkJBTDFIR3JGZktxT1JyNGhCT09DNWdFVkdTemV5azNkcAppdk1neTI4Y2xicGFVL1o0cXZFRGd6UzZBamg3a1ZUcXV4Q1ZXazBoMzlTVGkvZUhhYitUZlhFQ0F3RUFBUT09Ci0tLS0tRU5EIFBVQkxJQyBLRVktLS0tLQo= +kind: Secret +metadata: + name: jwt-key + namespace: bank-of-anthos-development +type: Opaque