Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add-hyku-staging-env-r2-atla-dl #217

Merged
merged 5 commits into from
Apr 18, 2024
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
155 changes: 88 additions & 67 deletions ops/staging-deploy.tmpl.yaml
Original file line number Diff line number Diff line change
@@ -1,16 +1,26 @@
replicaCount: 2

# These values are currently in atla_digital_library
# Do we still like these values set?
# resources:
# requests:
# memory: '1Gi'
# cpu: '250m'
# limits:
# memory: '2Gi'
# cpu: '1000m'

livenessProbe:
enabled: false
readinessProbe:
enabled: false

brandingVolume:
storageClass: aws-efs
storageClass: efs-sc
derivativesVolume:
storageClass: aws-efs
storageClass: efs-sc
uploadsVolume:
storageClass: aws-efs
storageClass: efs-sc
size: 200Gi

imagePullSecrets:
@@ -36,22 +46,16 @@ extraVolumeMounts: &volMounts
ingress:
enabled: true
hosts:
- host: atla-hyku.notch8.cloud
- host: ir-staging.atla.com
paths:
- path: /
- host: "*.atla-hyku.notch8.cloud"
- host: "*.ir-staging.atla.com"
paths:
- path: /
annotations: {
kubernetes.io/ingress.class: "nginx",
nginx.ingress.kubernetes.io/proxy-body-size: "0",
cert-manager.io/cluster-issuer: letsencrypt-production-dns
nginx.ingress.kubernetes.io/proxy-body-size: "0"
}
tls:
- hosts:
- atla-hyku.notch8.cloud
- "*.atla-hyku.notch8.cloud"
secretName: atla-hyku-staging-tls-2

extraEnvVars: &envVars
- name: CONFDIR
@@ -63,33 +67,35 @@ extraEnvVars: &envVars
- name: DB_ADAPTER
value: postgresql
- name: DB_HOST
value: pg-postgresql.staging-postgres.svc.cluster.local
value: hyrax20181216.cn4nhxyoxlnu.us-west-2.rds.amazonaws.com
- name: DB_NAME
value: atla-hyku-staging
- name: DB_USER
value: postgres
value: hydra_user
- name: DISABLE_SPRING
value: '1'
- name: FCREPO_BASE_PATH
value: /atlahykustaging
value: /hykustage
- name: FCREPO_HOST
value: fcrepo.staging-fcrepo.svc.cluster.local
value: fcrepo.fcrepo.svc.cluster.local
- name: FCREPO_PORT
value: "8080"
- name: FCREPO_REST_PATH
value: rest
- name: GOOGLE_ANALYTICS_ID
value: $GOOGLE_ANALYTICS_ID
- name: GOOGLE_OAUTH_APP_NAME
value: atla-hyku-staging
- name: GOOGLE_OAUTH_APP_VERSION
value: '1.0'
- name: GOOGLE_OAUTH_PRIVATE_KEY_SECRET
value: $GOOGLE_OAUTH_PRIVATE_KEY_SECRET
- name: GOOGLE_OAUTH_PRIVATE_KEY_PATH
value: prod-cred.p12
- name: GOOGLE_OAUTH_PRIVATE_KEY_VALUE
value: $GOOGLE_OAUTH_PRIVATE_KEY_VALUE
- name: GOOGLE_OAUTH_CLIENT_EMAIL
value: hyku-demo@hyku-demo.iam.gserviceaccount.com
# - name: GOOGLE_ANALYTICS_ID
# value: $GOOGLE_ANALYTICS_ID
# - name: GOOGLE_OAUTH_APP_NAME
# value: atla-hyku-staging
# - name: GOOGLE_OAUTH_APP_VERSION
# value: '1.0'
# - name: GOOGLE_OAUTH_PRIVATE_KEY_SECRET
# value: $GOOGLE_OAUTH_PRIVATE_KEY_SECRET
# - name: GOOGLE_OAUTH_PRIVATE_KEY_PATH
# value: prod-cred.p12
# - name: GOOGLE_OAUTH_PRIVATE_KEY_VALUE
# value: $GOOGLE_OAUTH_PRIVATE_KEY_VALUE
# - name: GOOGLE_OAUTH_CLIENT_EMAIL
# value: hyku-demo@hyku-demo.iam.gserviceaccount.com
- name: INITIAL_ADMIN_EMAIL
value: admin@example.com
- name: INITIAL_ADMIN_PASSWORD
@@ -101,7 +107,7 @@ extraEnvVars: &envVars
- name: PASSENGER_APP_ENV
value: production
- name: RAILS_CACHE_STORE_URL
value: redis://:$REDIS_PASSWORD@atla-hyku-staging-redis-master:6379/staging
value: redis://:$REDIS_PASSWORD@atla-hyku-staging-redis-master:6379/hykustage
- name: RAILS_ENV
value: production
- name: RAILS_LOG_TO_STDOUT
@@ -113,7 +119,7 @@ extraEnvVars: &envVars
- name: REDIS_HOST
value: atla-hyku-staging-redis-master
- name: REDIS_URL
value: redis://:$REDIS_PASSWORD@atla-hyku-staging-redis-master:6379/staging
value: redis://:$REDIS_PASSWORD@atla-hyku-staging-redis-master
- name: HYRAX_ACTIVE_JOB_QUEUE
value: sidekiq
- name: HYRAX_ANALYTICS
@@ -127,37 +133,37 @@ extraEnvVars: &envVars
- name: HYRAX_FITS_PATH
value: /app/fits/fits.sh
- name: HYKU_ADMIN_HOST
value: atla-hyku.notch8.cloud
value: ir-staging.atla.com
- name: HYKU_ADMIN_ONLY_TENANT_CREATION
value: "false"
- name: HYKU_ALLOW_SIGNUP
value: "false"
- name: HYKU_DEFAULT_HOST
value: "%{tenant}.atla-hyku.notch8.cloud"
value: "%{tenant}.ir-staging.atla.com"
- name: HYKU_MULTITENANT
value: "true"
- name: HYKU_ROOT_HOST
value: atla-hyku.notch8.cloud
value: ir-staging.atla.com
- name: HYKU_USER_DEFAULT_PASSWORD
value: password
- name: NEGATIVE_CAPTCHA_SECRET
value: $NEGATIVE_CAPTCHA_SECRET
- name: SMTP_ADDRESS
value: "maildev-smtp.maildev.svc.cluster.local"
value: email-smtp.us-east-1.amazonaws.com
- name: SMTP_DOMAIN
value: "maildev-smtp.maildev.svc.cluster.local"
value: "ir-staging.atla.com"
- name: SMTP_ENABLED
value: "true"
value: 'true'
- name: SMTP_PASSWORD
value: $SMTP_PASSWORD
- name: SMTP_PORT
value: "1025"
value: '587'
- name: SMTP_STARTTLS
value: 'true'
- name: SMTP_TYPE
value: "plain"
value: login
- name: SMTP_USER_NAME
value: "admin"
- name: SMTP_STARTTLS
value: "false"
- name: SMTP_PASSWORD
value: $SMTP_PASSWORD
value: $SMTP_USER_NAME
- name: SOLR_ADMIN_USER
value: admin
- name: SOLR_ADMIN_PASSWORD
@@ -167,34 +173,33 @@ extraEnvVars: &envVars
- name: SOLR_CONFIGSET_NAME
value: atla-hyku-staging
- name: SOLR_HOST
value: solr.staging-solr
value: solr.solr.svc.cluster.local
- name: SOLR_PORT
value: "8983"
- name: SOLR_URL
value: http://admin:$SOLR_ADMIN_PASSWORD@solr.staging-solr:8983/solr/
value: http://admin:$SOLR_ADMIN_PASSWORD@solr.solr.svc.cluster.local:8983/solr/
- name: SENTRY_DSN
value: $SENTRY_DSN
- name: SENTRY_ENVIRONMENT
value: $SENTRY_ENVIRONMENT
- name: TEST_USER_EMAIL
value: user@example.com
- name: TEST_USER_PASSWORD
value: testing123

securityContext: &secValues
readOnlyRootFilesystem: false
runAsNonRoot: false
runAsUser: 0
podSecurityContext: &podSecValues
runAsNonRoot: false
runAsUser: 0
runAsGroup: 101
fsGroup: 101
fsGroupChangePolicy: 'OnRootMismatch'

worker:
replicaCount: 1
extraVolumeMounts: *volMounts
extraEnvVars: *envVars
podSecurityContext:
runAsUser: 1001
runAsGroup: 101
fsGroup: 101
fsGroupChangePolicy: "OnRootMismatch"
podSecurityContext:
runAsUser: 1001
runAsGroup: 101
fsGroup: 101
fsGroupChangePolicy: "OnRootMismatch"
podSecurityContext: *podSecValues
securityContext: *secValues

embargoRelease:
enabled: false
@@ -203,29 +208,45 @@ leaseRelease:

fcrepo:
enabled: false
# These values are currently in atla_digital_library
# Do we still like these values set?
# resources:
# limits:
# memory: '4Gi'
# cpu: '2'
# requests:
# memory: '2Gi'
# cpu: '1'

postgresql:
enabled: false

redis:
persistence:
enabled: true
storageClass: ebs
cluster:
enabled: false
password: $REDIS_PASSWORD

solr:
enabled: false

externalFcrepoHost: fcrepo.staging-fcrepo.svc.cluster.local
externalFcrepoHost: fcrepo.fcrepo.svc.cluster.local

externalPostgresql:
host: pg-postgresql.staging-postgres.svc.cluster.local
username: postgres
host: hyrax20181216.cn4nhxyoxlnu.us-west-2.rds.amazonaws.com
username: hydra_user
password: $POSTGRES_PASSWORD
database: atla-hyku-staging

externalSolrHost: solr.staging-solr.svc.cluster.local
externalSolrHost: solr.solr.svc.cluster.local
externalSolrUser: admin
externalSolrCollection: "atla-hyku-staging"
externalSolrPassword: $SOLR_ADMIN_PASSWORD

global:
hyraxName: atla-hyku-staging-hyrax
# global:
# hyraxName: atla-hyku-staging-hyrax

nginx:
enabled: false