Created
November 13, 2019 15:54
-
-
Save Waterdrips/9deff54f92a2295993660508d984204d to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# Source: openfaas-cloud/templates/edge-auth.yaml | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: edge-auth | |
labels: | |
app.kubernetes.io/name: openfaas-cloud | |
app.kubernetes.io/managed-by: Tiller | |
app.kubernetes.io/instance: turbulent-turkey | |
helm.sh/chart: openfaas-cloud-0.11.9 | |
app.kubernetes.io/component: edge-auth | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
app: edge-auth | |
template: | |
metadata: | |
annotations: | |
prometheus.io.scrape: "false" | |
labels: | |
app: edge-auth | |
spec: | |
volumes: | |
- name: jwt-private-key | |
secret: | |
secretName: jwt-private-key | |
- name: jwt-public-key | |
secret: | |
secretName: jwt-public-key | |
- name: of-client-secret | |
secret: | |
secretName: of-client-secret | |
containers: | |
- name: edge-auth | |
image: openfaas/edge-auth:0.6.2 | |
imagePullPolicy: Always | |
livenessProbe: | |
httpGet: | |
path: /healthz | |
port: 8080 | |
initialDelaySeconds: 2 | |
periodSeconds: 10 | |
timeoutSeconds: 2 | |
env: | |
- name: port | |
value: "8080" | |
- name: oauth_client_secret_path | |
value: "/var/secrets/of-client-secret/of-client-secret" | |
- name: public_key_path | |
value: "/var/secrets/public/key.pub" | |
- name: private_key_path | |
value: "/var/secrets/private/key" | |
- name: client_secret | |
value: "3.490857e+06" | |
- name: client_id | |
value: "1234" | |
- name: oauth_provider_base_url | |
value: | |
- name: oauth_provider | |
value: "github" | |
- name: external_redirect_domain | |
value: "https://auth.system.example.com" | |
- name: cookie_root_domain | |
value: ".system.example.com" | |
- name: customers_url | |
value: "https://github.com/CUSTOMERS" | |
- name: write_debug | |
value: "false" | |
ports: | |
- containerPort: 8080 | |
protocol: TCP | |
volumeMounts: | |
- name: jwt-private-key | |
readOnly: true | |
mountPath: "/var/secrets/private/" | |
- name: jwt-public-key | |
readOnly: true | |
mountPath: "/var/secrets/public" | |
- name: of-client-secret | |
readOnly: true | |
mountPath: "/var/secrets/of-client-secret" | |
--- | |
# Source: openfaas-cloud/templates/of-builder.yaml | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: of-builder | |
labels: | |
app.kubernetes.io/name: openfaas-cloud | |
app.kubernetes.io/managed-by: Tiller | |
app.kubernetes.io/instance: turbulent-turkey | |
helm.sh/chart: openfaas-cloud-0.11.9 | |
app.kubernetes.io/component: of-builder | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
app: of-builder | |
template: | |
metadata: | |
annotations: | |
prometheus.io.scrape: "false" | |
labels: | |
app: of-builder | |
spec: | |
volumes: | |
- name: registry-secret | |
secret: | |
secretName: registry-secret | |
- name: payload-secret | |
secret: | |
secretName: payload-secret | |
containers: | |
- name: of-builder | |
image: openfaas/of-builder:0.7.2 | |
imagePullPolicy: Always | |
livenessProbe: | |
httpGet: | |
path: /healthz | |
port: 8080 | |
initialDelaySeconds: 2 | |
periodSeconds: 10 | |
timeoutSeconds: 2 | |
env: | |
- name: enable_lchown | |
value: "true" | |
- name: insecure | |
value: "false" | |
- name: buildkit_url | |
value: "tcp://127.0.0.1:1234" | |
- name: "disable_hmac" | |
value: "false" | |
ports: | |
- containerPort: 8080 | |
protocol: TCP | |
volumeMounts: | |
- name: registry-secret | |
readOnly: true | |
mountPath: "/home/app/.docker/" | |
- name: payload-secret | |
readOnly: true | |
mountPath: "/var/openfaas/secrets/" | |
- name: of-buildkit | |
args: ["--addr", "tcp://0.0.0.0:1234"] | |
image: moby/buildkit:v0.6.2 | |
imagePullPolicy: Always | |
ports: | |
- containerPort: 1234 | |
protocol: TCP | |
securityContext: | |
privileged: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Source: openfaas-cloud/templates/edge-auth.yaml | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: edge-auth | |
labels: | |
app.kubernetes.io/name: openfaas-cloud | |
app.kubernetes.io/managed-by: Tiller | |
app.kubernetes.io/instance: measly-lightningbug | |
helm.sh/chart: openfaas-cloud-0.11.9 | |
app.kubernetes.io/component: edge-auth | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
app: edge-auth | |
template: | |
metadata: | |
annotations: | |
prometheus.io.scrape: "false" | |
labels: | |
app: edge-auth | |
spec: | |
volumes: | |
- name: jwt-private-key | |
secret: | |
secretName: jwt-private-key | |
- name: jwt-public-key | |
secret: | |
secretName: jwt-public-key | |
- name: of-client-secret | |
secret: | |
secretName: of-client-secret | |
containers: | |
- name: edge-auth | |
image: openfaas/edge-auth:0.6.2 | |
imagePullPolicy: Always | |
livenessProbe: | |
httpGet: | |
path: /healthz | |
port: 8080 | |
initialDelaySeconds: 2 | |
periodSeconds: 10 | |
timeoutSeconds: 2 | |
env: | |
- name: port | |
value: "8080" | |
- name: oauth_client_secret_path | |
value: "/var/secrets/of-client-secret/of-client-secret" | |
- name: public_key_path | |
value: "/var/secrets/public/key.pub" | |
- name: private_key_path | |
value: "/var/secrets/private/key" | |
- name: client_secret | |
value: "3.490857e+06" | |
- name: client_id | |
value: "1234" | |
- name: oauth_provider_base_url | |
value: "some.gitlab.example.com" | |
- name: oauth_provider | |
value: "gitlab" | |
- name: external_redirect_domain | |
value: "https://auth.system.example.com" | |
- name: cookie_root_domain | |
value: ".system.example.com" | |
- name: customers_url | |
value: "https://github.com/CUSTOMERS" | |
- name: write_debug | |
value: "false" | |
ports: | |
- containerPort: 8080 | |
protocol: TCP | |
volumeMounts: | |
- name: jwt-private-key | |
readOnly: true | |
mountPath: "/var/secrets/private/" | |
- name: jwt-public-key | |
readOnly: true | |
mountPath: "/var/secrets/public" | |
- name: of-client-secret | |
readOnly: true | |
mountPath: "/var/secrets/of-client-secret" | |
--- | |
# Source: openfaas-cloud/templates/of-builder.yaml | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
name: of-builder | |
labels: | |
app.kubernetes.io/name: openfaas-cloud | |
app.kubernetes.io/managed-by: Tiller | |
app.kubernetes.io/instance: measly-lightningbug | |
helm.sh/chart: openfaas-cloud-0.11.9 | |
app.kubernetes.io/component: of-builder | |
spec: | |
replicas: 1 | |
selector: | |
matchLabels: | |
app: of-builder | |
template: | |
metadata: | |
annotations: | |
prometheus.io.scrape: "false" | |
labels: | |
app: of-builder | |
spec: | |
volumes: | |
- name: registry-secret | |
secret: | |
secretName: registry-secret | |
- name: payload-secret | |
secret: | |
secretName: payload-secret | |
- name: aws-ecr-credentials | |
secret: | |
defaultMode: 420 | |
secretName: aws-ecr-credentials | |
containers: | |
- name: of-builder | |
image: openfaas/of-builder:0.7.2 | |
imagePullPolicy: Always | |
livenessProbe: | |
httpGet: | |
path: /healthz | |
port: 8080 | |
initialDelaySeconds: 2 | |
periodSeconds: 10 | |
timeoutSeconds: 2 | |
env: | |
- name: enable_lchown | |
value: "true" | |
- name: insecure | |
value: "false" | |
- name: buildkit_url | |
value: "tcp://127.0.0.1:1234" | |
- name: "disable_hmac" | |
value: "false" | |
ports: | |
- containerPort: 8080 | |
protocol: TCP | |
volumeMounts: | |
- name: registry-secret | |
readOnly: true | |
mountPath: "/home/app/.docker/" | |
- name: payload-secret | |
readOnly: true | |
mountPath: "/var/openfaas/secrets/" | |
- name: aws-ecr-credentials | |
mountPath: /home/app/.aws/ | |
readOnly: true | |
- name: of-buildkit | |
args: ["--addr", "tcp://0.0.0.0:1234"] | |
image: moby/buildkit:v0.6.2 | |
imagePullPolicy: Always | |
ports: | |
- containerPort: 1234 | |
protocol: TCP | |
securityContext: | |
privileged: true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment