Skip to content

Commit

Permalink
Merge pull request #70 from ropable/master
Browse files Browse the repository at this point in the history 
Dockerfile base image, update Kustomize resources
  • Loading branch information
@ropable
ropable authored Dec 10, 2024
2 parents 1e4b513 + 407915d commit 68e6b81
Show file tree
Hide file tree
Showing 13 changed files with 452 additions and 454 deletions.
4 changes: 2 additions & 2 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1
# Prepare the base environment.
FROM python:3.12.6-alpine AS builder_base
FROM python:3.12.8-alpine AS builder_base
LABEL [email protected]
LABEL org.opencontainers.image.source=https://github.com/dbca-wa/healthcheck

Expand All @@ -20,7 +20,7 @@ RUN addgroup -g ${GID} appuser \
FROM builder_base AS python_libs_healthcheck
WORKDIR /app
COPY poetry.lock pyproject.toml ./
ARG POETRY_VERSION=1.8.3
ARG POETRY_VERSION=1.8.5
RUN pip install --no-cache-dir --root-user-action=ignore poetry==${POETRY_VERSION} \
&& poetry config virtualenvs.create false \
&& poetry install --no-interaction --no-ansi --only main
Expand Down
91 changes: 50 additions & 41 deletions kustomize/base/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,53 +2,62 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: healthcheck-deployment
labels:
app: healthcheck-deployment
spec:
selector:
matchLabels:
app: healthcheck-deployment
strategy:
type: RollingUpdate
template:
metadata:
labels:
app: healthcheck-deployment
spec:
containers:
- name: healthcheck
image: ghcr.io/dbca-wa/healthcheck
env:
- name: TZ
value: "Australia/Perth"
resources:
requests:
memory: "64Mi"
cpu: "5m"
limits:
memory: "2048Mi"
cpu: "500m"
livenessProbe:
httpGet:
path: /liveness
port: 8080
scheme: HTTP
periodSeconds: 15
successThreshold: 1
failureThreshold: 3
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /readiness
port: 8080
scheme: HTTP
periodSeconds: 15
successThreshold: 1
failureThreshold: 3
timeoutSeconds: 10
securityContext:
runAsNonRoot: true
privileged: false
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmpfs-ram
- name: healthcheck
image: ghcr.io/dbca-wa/healthcheck
imagePullPolicy: Always
env:
- name: TZ
value: "Australia/Perth"
resources:
requests:
memory: "64Mi"
cpu: "5m"
limits:
memory: "2048Mi"
cpu: "500m"
livenessProbe:
httpGet:
path: /liveness
port: 8080
scheme: HTTP
periodSeconds: 15
successThreshold: 1
failureThreshold: 3
timeoutSeconds: 10
readinessProbe:
httpGet:
path: /readiness
port: 8080
scheme: HTTP
periodSeconds: 15
successThreshold: 1
failureThreshold: 3
timeoutSeconds: 10
securityContext:
runAsNonRoot: true
privileged: false
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
readOnlyRootFilesystem: true
volumeMounts:
- mountPath: /tmp
name: tmpfs-ram
volumes:
- name: tmpfs-ram
emptyDir:
Expand Down
8 changes: 4 additions & 4 deletions kustomize/base/service.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ metadata:
spec:
type: ClusterIP
ports:
- name: wsgi
port: 8080
protocol: TCP
targetPort: 8080
- name: wsgi
port: 8080
protocol: TCP
targetPort: 8080
234 changes: 113 additions & 121 deletions kustomize/overlays/prod/deployment_patch.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,128 +2,120 @@ apiVersion: apps/v1
kind: Deployment
metadata:
name: healthcheck-deployment
labels:
app: healthcheck-prod
spec:
selector:
matchLabels:
app: healthcheck-prod
template:
metadata:
labels:
app: healthcheck-prod
spec:
containers:
- name: healthcheck
imagePullPolicy: IfNotPresent
env:
- name: BFRS_URL
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: BFRS_URL
- name: CSW_API
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: CSW_API
- name: KMI_URL
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: KMI_URL
- name: RT_URL
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: RT_URL
- name: USER_SSO
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: USER_SSO
- name: PASS_SSO
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: PASS_SSO
- name: TRACKING_POINTS_MAX_DELAY
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: TRACKING_POINTS_MAX_DELAY
- name: DBCA_GOING_BUSHFIRES_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DBCA_GOING_BUSHFIRES_LAYER
- name: DBCA_CONTROL_LINES_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DBCA_CONTROL_LINES_LAYER
- name: DFES_GOING_BUSHFIRES_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DFES_GOING_BUSHFIRES_LAYER
- name: ALL_CURRENT_HOTSPOTS_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: ALL_CURRENT_HOTSPOTS_LAYER
- name: LIGHTNING_24H_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: LIGHTNING_24H_LAYER
- name: LIGHTNING_24_48H_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: LIGHTNING_24_48H_LAYER
- name: LIGHTNING_48_72H_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: LIGHTNING_48_72H_LAYER
- name: FUEL_AGE_1_6Y_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: FUEL_AGE_1_6Y_LAYER
- name: FUEL_AGE_NONFOREST_1_6Y_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: FUEL_AGE_NONFOREST_1_6Y_LAYER
- name: COG_BASEMAP_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: COG_BASEMAP_LAYER
- name: STATE_BASEMAP_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: STATE_BASEMAP_LAYER
- name: DBCA_BURN_PROGRAM_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DBCA_BURN_PROGRAM_LAYER
- name: DAILY_ACTIVE_BURNS_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DAILY_ACTIVE_BURNS_LAYER
- name: DBCA_LANDS_WATERS_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DBCA_LANDS_WATERS_LAYER
- name: DBCA_LANDS_WATERS_INTEREST_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DBCA_LANDS_WATERS_INTEREST_LAYER
- name: healthcheck
imagePullPolicy: IfNotPresent
env:
- name: BFRS_URL
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: BFRS_URL
- name: CSW_API
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: CSW_API
- name: KMI_URL
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: KMI_URL
- name: RT_URL
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: RT_URL
- name: USER_SSO
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: USER_SSO
- name: PASS_SSO
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: PASS_SSO
- name: TRACKING_POINTS_MAX_DELAY
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: TRACKING_POINTS_MAX_DELAY
- name: DBCA_GOING_BUSHFIRES_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DBCA_GOING_BUSHFIRES_LAYER
- name: DBCA_CONTROL_LINES_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DBCA_CONTROL_LINES_LAYER
- name: DFES_GOING_BUSHFIRES_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DFES_GOING_BUSHFIRES_LAYER
- name: ALL_CURRENT_HOTSPOTS_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: ALL_CURRENT_HOTSPOTS_LAYER
- name: LIGHTNING_24H_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: LIGHTNING_24H_LAYER
- name: LIGHTNING_24_48H_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: LIGHTNING_24_48H_LAYER
- name: LIGHTNING_48_72H_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: LIGHTNING_48_72H_LAYER
- name: FUEL_AGE_1_6Y_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: FUEL_AGE_1_6Y_LAYER
- name: FUEL_AGE_NONFOREST_1_6Y_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: FUEL_AGE_NONFOREST_1_6Y_LAYER
- name: COG_BASEMAP_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: COG_BASEMAP_LAYER
- name: STATE_BASEMAP_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: STATE_BASEMAP_LAYER
- name: DBCA_BURN_PROGRAM_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DBCA_BURN_PROGRAM_LAYER
- name: DAILY_ACTIVE_BURNS_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DAILY_ACTIVE_BURNS_LAYER
- name: DBCA_LANDS_WATERS_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DBCA_LANDS_WATERS_LAYER
- name: DBCA_LANDS_WATERS_INTEREST_LAYER
valueFrom:
secretKeyRef:
name: healthcheck-env-prod
key: DBCA_LANDS_WATERS_INTEREST_LAYER
20 changes: 10 additions & 10 deletions kustomize/overlays/prod/ingress.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,13 +5,13 @@ metadata:
spec:
ingressClassName: nginx
rules:
- host: healthcheck.dbca.wa.gov.au
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: healthcheck-clusterip-prod
port:
number: 8080
- host: healthcheck.dbca.wa.gov.au
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: healthcheck-clusterip-prod
port:
number: 8080
Loading

0 comments on commit 68e6b81

Please sign in to comment.