boost/website-v2
2
0
Fork 0
mirror of https://github.com/boostorg/website-v2.git synced 2026-01-19 04:42:17 +00:00
Code Issues Projects Releases Wiki Activity

Deploy to new environments

Browse Source
This commit is contained in:
sdarwin
2023-05-11 10:20:55 -06:00
committed by Frank Wiles
parent e0f1d0f250
commit 74da37c593
12 changed files with 883 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

188
.github/workflows/actions-gcp.yaml vendored Normal file
View File

@@ -0,0 +1,188 @@
name: CI-GCP
on:
pull_request:
push:
branches:
- master
- develop
- cppal-dev
env:
DOCKER_BUILDKIT: "1"
DOCKER_IMAGE: "us-central1-docker.pkg.dev/boostorg-project1/website/website"
DOCKER_REGISTRY: "us-central1-docker.pkg.dev"
PROJECT_ID: boostorg-project1
GKE_CLUSTER: boostorg-cluster1
GKE_REGION: us-central1
GKE_ZONE: us-central1-c
DEPLOYMENT_NAME: boost
# more environment variables are set in the build step
jobs:
test:
runs-on: ubuntu-latest
services:
postgres:
image: postgres:12
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: postgres
ports: ["5432:5432"]
# options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
redis:
image: redis
ports:
- 6379:6379
steps:
- name: Git - Get Sources
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Set up Python 3.11
uses: actions/setup-python@v4
with:
python-version: 3.11
- uses: actions/cache@v3
with:
path: ~/.cache/pip
key: ${{ runner.os }}-pip-${{ hashFiles('**/base.txt') }}
restore-keys: |
${{ runner.os }}-pip-
${{ runner.os }}-
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install -r requirements.txt
sudo apt-get install -y ruby ruby-dev build-essential
sudo gem install asciidoctor
if: steps.cache.outputs.cache-hit != 'true'
- name: Test with pytest
env:
DATABASE_URL: "postgres://postgres:postgres@localhost:${{ job.services.postgres.ports[5432] }}/postgres"
SECRET_KEY: "for-testing-only"
REDIS_HOST: "localhost"
run: |
python -m pytest
- name: Lints with pre-commit
run: |
pre-commit run -a
build:
needs: [test]
name: Build and Publish Docker image
runs-on: ubuntu-latest
if: ( github.repository == 'cppalliance/temp-site' && github.event_name == 'push' && ( github.ref == 'refs/heads/master' || github.ref == 'refs/heads/develop' )) || ( github.repository == 'sdarwin/temp-site' && github.event_name == 'push' && github.ref == 'refs/heads/cppal-dev' )
steps:
- name: Set environment for branches
run: |
if [[ $GITHUB_REF == 'refs/heads/master' ]]; then
echo "K8S_NAMESPACE=production" >> "$GITHUB_ENV"
echo "HELM_RELEASE_NAME=boost-production" >> "$GITHUB_ENV"
elif [[ $GITHUB_REF == 'refs/heads/develop' ]]; then
echo "K8S_NAMESPACE=stage" >> "$GITHUB_ENV"
echo "HELM_RELEASE_NAME=boost-stage" >> "$GITHUB_ENV"
elif [[ $GITHUB_REF == 'refs/heads/cppal-dev' ]]; then
# cppal-dev is a test branch in another fork. Doesn't need to be created in the main repo.
echo "K8S_NAMESPACE=cppal-dev" >> "$GITHUB_ENV"
echo "HELM_RELEASE_NAME=boost-cppal-dev" >> "$GITHUB_ENV"
fi
- name: Git - Get Sources
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Fetch Git Tags
run: |
git fetch --depth=1 origin +refs/tags/*:refs/tags/* || true
- name: Set up Python 3.11
uses: actions/setup-python@v4
with:
python-version: 3.11
- name: Install Python dependencies
run: |
python -m pip install --upgrade pip
python -m pip install vinnie
#
# To avoid conflicting with the develop branch version tags,
# use SHORT_SHA instead.
#
# - name: Bump and Tag our version
# run: |
# git config --local user.email "action@github.com"
# git config --local user.name "GitHub Action"
# vinnie patch
# export VINNIE_VERSION=`vinnie version`
# git push --tags
- name: Set short git commit SHA
run: |
echo "SHORT_SHA=$(git rev-parse --short ${{ github.sha }})" >> $GITHUB_ENV
- name: Display SHORT_SHA tag
run: echo $SHORT_SHA
env:
SHORT_SHA: ${{ env.SHORT_SHA }}
- name: Login to Container Registry
uses: docker/login-action@v2
with:
registry: ${{ env.DOCKER_REGISTRY }}
username: ${{ secrets.GKE_DOCKER_REGISTRY_USERNAME }}
password: ${{ secrets.GKE_DOCKER_REGISTRY_PASSWORD }}
- name: Build Docker image
run: |
# TAG=`vinnie version`
TAG=${{ env.SHORT_SHA }}
docker build --file ./docker/Dockerfile \
--build-arg TAG=${TAG} \
--cache-from=${DOCKER_IMAGE}:latest \
--tag ${DOCKER_IMAGE} .
- name: Docker - Tag and Push
run: |
# TAG=`vinnie version`
TAG=${{ env.SHORT_SHA }}
docker tag ${DOCKER_IMAGE} ${DOCKER_IMAGE}:latest
docker tag ${DOCKER_IMAGE} ${DOCKER_IMAGE}:${TAG}
docker push ${DOCKER_IMAGE}:latest
docker push ${DOCKER_IMAGE}:${TAG}
- name: Deploy to cluster - google auth
id: 'auth'
uses: 'google-github-actions/auth@v1'
with:
credentials_json: '${{ secrets.GKE_SA_KEY }}'
- name: Deploy to cluster - get credentials
id: 'get-credentials'
uses: 'google-github-actions/get-gke-credentials@v1'
with:
cluster_name: ${{ env.GKE_CLUSTER }}
location: ${{ env.GKE_REGION }}
- name: Deploy to cluster - helm
run: |-
set -xe
TAG=${{ env.SHORT_SHA }}
cd kube/boost
helm upgrade --install --create-namespace -n ${{ env.K8S_NAMESPACE }} -f values-${{ env.K8S_NAMESPACE }}-gke.yaml --timeout=3600s --set=Image=${DOCKER_IMAGE} --set=ImageTag="${TAG}" ${{ env.HELM_RELEASE_NAME }} .
kubectl rollout status deployment/$DEPLOYMENT_NAME -n ${{ env.K8S_NAMESPACE }}
kubectl get services -o wide -n ${{ env.K8S_NAMESPACE }}

2
.github/workflows/actions.yml vendored
View File

@@ -71,7 +71,7 @@ jobs:
needs: [test]
name: Build and Publish Docker image
runs-on: ubuntu-latest
if: github.event_name == 'push' && github.ref == 'refs/heads/develop'
if: github.event_name == 'push' && github.ref == 'refs/heads/develop' && github.repository == 'cppalliance/temp-site'
steps:
- name: Git - Get Sources

10
config/settings.py
View File

@@ -103,12 +103,10 @@ INSTALLED_APPS += [
AUTH_USER_MODEL = "users.User"
CSRF_COOKIE_HTTPONLY = True
# See https://docs.djangoproject.com/en/4.2/ref/settings/#csrf-trusted-origins
CSRF_TRUSTED_ORIGINS = [
"http://0.0.0.0",
"http://localhost",
"https://boost.revsys.dev",
"https://www.boost.revsys.dev",
]
csrf_trusted_origins = env.list(
"CSRF_TRUSTED_ORIGINS", default="http://0.0.0.0, http://localhost"
)
CSRF_TRUSTED_ORIGINS = [el.strip() for el in csrf_trusted_origins]
MIDDLEWARE = [
"tracer.middleware.RequestID",

82
kube/boost/templates/celery.yaml Normal file
View File

@@ -0,0 +1,82 @@
{{- if .Values.celeryInstall }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: celery-worker
labels:
app: celery-worker
env: {{.Values.deploymentEnvironment}}
spec:
replicas: 1
selector:
matchLabels:
app: celery-worker
env: {{.Values.deploymentEnvironment}}
template:
metadata:
labels:
app: celery-worker
env: {{.Values.deploymentEnvironment}}
imageTag: {{.Values.ImageTag}}
spec:
imagePullSecrets:
- name: revsys-docker-registry
containers:
-
name: celery-worker
image: {{.Values.Image}}:{{.Values.ImageTag}}
command: ["celery", "-A", "config", "worker", "--concurrency=5", "--loglevel=debug"]
resources:
limits:
cpu: 250m
ephemeral-storage: 1Gi
memory: 1Gi
requests:
cpu: 250m
ephemeral-storage: 1Gi
memory: 1Gi
env:
{{ toYaml .Values.Env | indent 12 }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: celery-beat
labels:
app: celery-beat
env: {{.Values.deploymentEnvironment}}
spec:
replicas: 1
selector:
matchLabels:
app: celery-beat
env: {{.Values.deploymentEnvironment}}
template:
metadata:
labels:
app: celery-beat
env: {{.Values.deploymentEnvironment}}
imageTag: {{.Values.ImageTag}}
spec:
imagePullSecrets:
- name: revsys-docker-registry
containers:
-
name: celery-beat
image: {{.Values.Image}}:{{.Values.ImageTag}}
command: ["celery", "-A", "config", "beat", "--loglevel=debug"]
resources:
limits:
cpu: 250m
ephemeral-storage: 1Gi
memory: 512Mi
requests:
cpu: 250m
ephemeral-storage: 1Gi
memory: 512Mi
env:
{{ toYaml .Values.Env | indent 12 }}
{{ end }}

5
kube/boost/templates/configmap-nginx.yaml
View File

@@ -31,6 +31,11 @@ data:
proxy_redirect off;
location /lbcheck {
return 200 'OK';
add_header Content-Type text/plain;
}
location / {
proxy_pass http://unix:/run/gunicorn.sock;
}

4
kube/boost/templates/deployment.yaml
View File

@@ -43,6 +43,10 @@ spec:
-
name: nginx
image: nginx:{{ .Values.nginxImageTag }}
readinessProbe:
httpGet:
path: /lbcheck
port: 80
volumeMounts:
-
name: ngx

58
kube/boost/templates/ingress.yaml
View File

@@ -1,5 +1,7 @@
# vim: ft=sls nolist
{{- if eq .Values.ingressType "nginx" }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
@@ -40,3 +42,59 @@ spec:
name: boost
port:
number: 80
{{- else if eq .Values.ingressType "gce" }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: www-boost-{{.Values.deploymentEnvironment}}
namespace: {{ .Values.namespace }}
labels:
env: {{ .Values.deploymentEnvironment }}
app: boost
annotations:
# cert-manager.io/cluster-issuer: letsencrypt-staging
kubernetes.io/ingress.class: "gce"
networking.gke.io/managed-certificates: {{ .Values.managedCertName }}
networking.gke.io/v1beta1.FrontendConfig: frontend-{{ .Values.deploymentEnvironment }}
nginx.ingress.kubernetes.io/proxy-body-size:
{{ .Values.clientMaxBodySize|quote }}
kubernetes.io/ingress.global-static-ip-name: {{ .Values.ingressStaticIp }}
spec:
# managed cert. see above.
# tls:
# - hosts:
# - www.{{.Values.publicFqdn}}
# - {{ .Values.publicFqdn }}
# secretName: www.{{.Values.publicFqdn}}-tls-staging
rules:
- host: www.{{.Values.publicFqdn}}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: boost
port:
number: 80
- host: {{ .Values.publicFqdn }}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: boost
port:
number: 80
---
apiVersion: networking.gke.io/v1beta1
kind: FrontendConfig
metadata:
name: frontend-{{ .Values.deploymentEnvironment }}
spec:
redirectToHttps:
enabled: true
{{ end }}

55
kube/boost/templates/redis.yaml Normal file
View File

@@ -0,0 +1,55 @@
{{- if .Values.redisInstall }}
apiVersion: apps/v1 # API version
kind: Deployment
metadata:
name: redis # Unique name for the deployment
labels:
app: redis # Labels to be applied to this deployment
spec:
selector:
matchLabels: # This deployment applies to the Pods matching these labels
app: redis
role: master
tier: backend
replicas: 1 # Run a single pod in the deployment
template: # Template for the pods that will be created by this deployment
metadata:
labels: # Labels to be applied to the Pods in this deployment
app: redis
role: master
tier: backend
spec: # Spec for the container which will be run inside the Pod.
containers:
- name: master
image: redis
resources:
limits:
cpu: 250m
ephemeral-storage: 1Gi
memory: 512Mi
requests:
cpu: 250m
ephemeral-storage: 1Gi
memory: 512Mi
ports:
- containerPort: 6379
---
apiVersion: v1
kind: Service # Type of Kubernetes resource
metadata:
name: redis # Name of the Kubernetes resource
labels: # Labels that will be applied to this resource
app: redis
role: master
tier: backend
spec:
ports:
- port: 6379 # Map incoming connections on port 6379 to the target port 6379 of the Pod
targetPort: 6379
selector: # Map any Pod with the specified labels to this service
app: redis
role: master
tier: backend
{{ end }}

160
kube/boost/values-cppal-dev-gke.yaml Normal file
View File

@@ -0,0 +1,160 @@
Image: us-central1-docker.pkg.dev/boostorg-project1/website/website
ImageTag: ac20d69
djangoDebug: true
nginxImageTag: "1.21-alpine"
deploymentEnvironment: &env dev
clientMaxBodySize: 250m
replicaCount: "2"
## NOTE ##
# set publcFqdn to the target domain. `www` will be prepended to the domain
# where necessary
initCommands:
# migrate moved to a Job
# - name: migrate
# command: ./manage.py migrate --noinput
- name: collectstatic
command: ./manage.py collectstatic --noinput
publicFqdn: &fqdn cppal-dev.boost.cpp.al
Env:
- name: DJANGO_SETTINGS_MODULE
value: "config.settings"
- name: PGHOST
valueFrom:
secretKeyRef:
name: pg
key: dbhost
- name: PGPORT
valueFrom:
secretKeyRef:
name: pg
key: dbport
- name: PGDATABASE
valueFrom:
secretKeyRef:
name: pg
key: dbname
- name: PGUSER
valueFrom:
secretKeyRef:
name: pg
key: dbuser
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: pg
key: dbpass
- name: DJANGO_FQDN
value: *fqdn
- name: ALLOWED_HOSTS
value: "cppal-dev.boost.cpp.al, www.cppal-dev.boost.cpp.al"
- name: CSRF_TRUSTED_ORIGINS
value: "http://0.0.0.0, http://localhost, https://cppal-dev.boost.cpp.al, https://www.cppal-dev.boost.cpp.al"
# silence django deprecation warnings
- name: PYTHONWARNINGS
value: ignore
- name: X_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
apiVersion: v1
- name: X_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
apiVersion: v1
- name: X_KUBE_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
apiVersion: v1
- name: X_DEPLOYMENT_ENV
value: *env
- name: X_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
apiVersion: v1
- name: DJANGO_DEBUG
value: "false"
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: django-secret-key
key: key
- name: ENVIRONMENT_NAME
value: "Development Environment"
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: media-bucket
key: access_key
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: media-bucket
key: secret_key
- name: MEDIA_BUCKET_NAME
value: boost.org-cppal-dev-v2.media
# Staticly generated content bucket (Antora docs, etc)
- name: STATIC_CONTENT_AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: static-content
key: access_key
- name: STATIC_CONTENT_AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: static-content
key: secret_key
- name: STATIC_CONTENT_BUCKET_NAME
valueFrom:
secretKeyRef:
name: static-content
key: bucket_name
# Static content cache timeout
- name: STATIC_CACHE_TIMEOUT
value: "60"
- name: CELERY_BROKER
value: redis://redis:6379/0
- name: CELERY_BACKEND
value: redis://redis:6379/0
# Volumes
Volumes:
- name: run
emptyDir: {}
- name: staticfiles
emptyDir: {}
- name: ngx
configMap:
name: nginx-config--boost
- name: htpw
configMap:
name: htpasswd
VolumeMounts:
- name: staticfiles
mountPath: /code/static_deploy
- name: run
mountPath: /run
NginxVolumeMounts:
- name: staticfiles
mountPath: /code/static_deploy
- name: run
mountPath: /run
ingressType: gce
managedCertName: managed-cert-cppal-dev
ingressStaticIp: cppal-dev-ingress1
redisInstall: true
celeryInstall: true

160
kube/boost/values-production-gke.yaml Normal file
View File

@@ -0,0 +1,160 @@
Image: us-central1-docker.pkg.dev/boostorg-project1/website/website
ImageTag: ac20d69
djangoDebug: false
nginxImageTag: "1.21-alpine"
deploymentEnvironment: &env production
clientMaxBodySize: 250m
replicaCount: "2"
## NOTE ##
# set publcFqdn to the target domain. `www` will be prepended to the domain
# where necessary
initCommands:
# migrate moved to a Job
# - name: migrate
# command: ./manage.py migrate --noinput
- name: collectstatic
command: ./manage.py collectstatic --noinput
publicFqdn: &fqdn boost.cpp.al
Env:
- name: DJANGO_SETTINGS_MODULE
value: "config.settings"
- name: PGHOST
valueFrom:
secretKeyRef:
name: pg
key: dbhost
- name: PGPORT
valueFrom:
secretKeyRef:
name: pg
key: dbport
- name: PGDATABASE
valueFrom:
secretKeyRef:
name: pg
key: dbname
- name: PGUSER
valueFrom:
secretKeyRef:
name: pg
key: dbuser
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: pg
key: dbpass
- name: DJANGO_FQDN
value: *fqdn
- name: ALLOWED_HOSTS
value: "boost.cpp.al, www.boost.cpp.al"
- name: CSRF_TRUSTED_ORIGINS
value: "http://0.0.0.0, http://localhost, https://boost.cpp.al, https://www.boost.cpp.al"
# silence django deprecation warnings
- name: PYTHONWARNINGS
value: ignore
- name: X_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
apiVersion: v1
- name: X_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
apiVersion: v1
- name: X_KUBE_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
apiVersion: v1
- name: X_DEPLOYMENT_ENV
value: *env
- name: X_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
apiVersion: v1
- name: DJANGO_DEBUG
value: "false"
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: django-secret-key
key: key
- name: ENVIRONMENT_NAME
value: "Production Environment"
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: media-bucket
key: access_key
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: media-bucket
key: secret_key
- name: MEDIA_BUCKET_NAME
value: boost.org.media
# Staticly generated content bucket (Antora docs, etc)
- name: STATIC_CONTENT_AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: static-content
key: access_key
- name: STATIC_CONTENT_AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: static-content
key: secret_key
- name: STATIC_CONTENT_BUCKET_NAME
valueFrom:
secretKeyRef:
name: static-content
key: bucket_name
# Static content cache timeout
- name: STATIC_CACHE_TIMEOUT
value: "60"
- name: CELERY_BROKER
value: redis://redis:6379/0
- name: CELERY_BACKEND
value: redis://redis:6379/0
# Volumes
Volumes:
- name: run
emptyDir: {}
- name: staticfiles
emptyDir: {}
- name: ngx
configMap:
name: nginx-config--boost
- name: htpw
configMap:
name: htpasswd
VolumeMounts:
- name: staticfiles
mountPath: /code/static_deploy
- name: run
mountPath: /run
NginxVolumeMounts:
- name: staticfiles
mountPath: /code/static_deploy
- name: run
mountPath: /run
ingressType: gce
managedCertName: managed-cert-boost-production
ingressStaticIp: boost-production-ingress1
redisInstall: true
celeryInstall: true

160
kube/boost/values-stage-gke.yaml Normal file
View File

@@ -0,0 +1,160 @@
Image: us-central1-docker.pkg.dev/boostorg-project1/website/website
ImageTag: ac20d69
djangoDebug: true
nginxImageTag: "1.21-alpine"
deploymentEnvironment: &env stage
clientMaxBodySize: 250m
replicaCount: "2"
## NOTE ##
# set publcFqdn to the target domain. `www` will be prepended to the domain
# where necessary
initCommands:
# migrate moved to a Job
# - name: migrate
# command: ./manage.py migrate --noinput
- name: collectstatic
command: ./manage.py collectstatic --noinput
publicFqdn: &fqdn stage.boost.cpp.al
Env:
- name: DJANGO_SETTINGS_MODULE
value: "config.settings"
- name: PGHOST
valueFrom:
secretKeyRef:
name: pg
key: dbhost
- name: PGPORT
valueFrom:
secretKeyRef:
name: pg
key: dbport
- name: PGDATABASE
valueFrom:
secretKeyRef:
name: pg
key: dbname
- name: PGUSER
valueFrom:
secretKeyRef:
name: pg
key: dbuser
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: pg
key: dbpass
- name: DJANGO_FQDN
value: *fqdn
- name: ALLOWED_HOSTS
value: "stage.boost.cpp.al, www.stage.boost.cpp.al"
- name: CSRF_TRUSTED_ORIGINS
value: "http://0.0.0.0, http://localhost, https://stage.boost.cpp.al, https://www.stage.boost.cpp.al"
# silence django deprecation warnings
- name: PYTHONWARNINGS
value: ignore
- name: X_NODE_NAME
valueFrom:
fieldRef:
fieldPath: spec.nodeName
apiVersion: v1
- name: X_POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
apiVersion: v1
- name: X_KUBE_NAMESPACE
valueFrom:
fieldRef:
fieldPath: metadata.namespace
apiVersion: v1
- name: X_DEPLOYMENT_ENV
value: *env
- name: X_POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
apiVersion: v1
- name: DJANGO_DEBUG
value: "false"
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: django-secret-key
key: key
- name: ENVIRONMENT_NAME
value: "Development Environment"
- name: AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: media-bucket
key: access_key
- name: AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: media-bucket
key: secret_key
- name: MEDIA_BUCKET_NAME
value: stage.boost.org.media
# Staticly generated content bucket (Antora docs, etc)
- name: STATIC_CONTENT_AWS_ACCESS_KEY_ID
valueFrom:
secretKeyRef:
name: static-content
key: access_key
- name: STATIC_CONTENT_AWS_SECRET_ACCESS_KEY
valueFrom:
secretKeyRef:
name: static-content
key: secret_key
- name: STATIC_CONTENT_BUCKET_NAME
valueFrom:
secretKeyRef:
name: static-content
key: bucket_name
# Static content cache timeout
- name: STATIC_CACHE_TIMEOUT
value: "60"
- name: CELERY_BROKER
value: redis://redis:6379/0
- name: CELERY_BACKEND
value: redis://redis:6379/0
# Volumes
Volumes:
- name: run
emptyDir: {}
- name: staticfiles
emptyDir: {}
- name: ngx
configMap:
name: nginx-config--boost
- name: htpw
configMap:
name: htpasswd
VolumeMounts:
- name: staticfiles
mountPath: /code/static_deploy
- name: run
mountPath: /run
NginxVolumeMounts:
- name: staticfiles
mountPath: /code/static_deploy
- name: run
mountPath: /run
ingressType: gce
managedCertName: managed-cert-boost-stage
ingressStaticIp: boost-stage-ingress1
redisInstall: true
celeryInstall: true

6
kube/boost/values.yaml
View File

@@ -55,6 +55,8 @@ Env:
value: *fqdn
- name: ALLOWED_HOSTS
value: "boost.revsys.dev, www.boost.revsys.dev"
- name: CSRF_TRUSTED_ORIGINS
value: "http://0.0.0.0, http://localhost, https://boost.revsys.dev, https://www.boost.revsys.dev"
# silence django deprecation warnings
- name: PYTHONWARNINGS
@@ -144,3 +146,7 @@ NginxVolumeMounts:
mountPath: /code/static_deploy
- name: run
mountPath: /run
ingressType: nginx
redisInstall: false
celeryInstall: false