Created
November 13, 2019 15:54
-
-
Save Waterdrips/9deff54f92a2295993660508d984204d to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| # Source: openfaas-cloud/templates/edge-auth.yaml | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: edge-auth | |
| labels: | |
| app.kubernetes.io/name: openfaas-cloud | |
| app.kubernetes.io/managed-by: Tiller | |
| app.kubernetes.io/instance: turbulent-turkey | |
| helm.sh/chart: openfaas-cloud-0.11.9 | |
| app.kubernetes.io/component: edge-auth | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: edge-auth | |
| template: | |
| metadata: | |
| annotations: | |
| prometheus.io.scrape: "false" | |
| labels: | |
| app: edge-auth | |
| spec: | |
| volumes: | |
| - name: jwt-private-key | |
| secret: | |
| secretName: jwt-private-key | |
| - name: jwt-public-key | |
| secret: | |
| secretName: jwt-public-key | |
| - name: of-client-secret | |
| secret: | |
| secretName: of-client-secret | |
| containers: | |
| - name: edge-auth | |
| image: openfaas/edge-auth:0.6.2 | |
| imagePullPolicy: Always | |
| livenessProbe: | |
| httpGet: | |
| path: /healthz | |
| port: 8080 | |
| initialDelaySeconds: 2 | |
| periodSeconds: 10 | |
| timeoutSeconds: 2 | |
| env: | |
| - name: port | |
| value: "8080" | |
| - name: oauth_client_secret_path | |
| value: "/var/secrets/of-client-secret/of-client-secret" | |
| - name: public_key_path | |
| value: "/var/secrets/public/key.pub" | |
| - name: private_key_path | |
| value: "/var/secrets/private/key" | |
| - name: client_secret | |
| value: "3.490857e+06" | |
| - name: client_id | |
| value: "1234" | |
| - name: oauth_provider_base_url | |
| value: | |
| - name: oauth_provider | |
| value: "github" | |
| - name: external_redirect_domain | |
| value: "https://auth.system.example.com" | |
| - name: cookie_root_domain | |
| value: ".system.example.com" | |
| - name: customers_url | |
| value: "https://github.com/CUSTOMERS" | |
| - name: write_debug | |
| value: "false" | |
| ports: | |
| - containerPort: 8080 | |
| protocol: TCP | |
| volumeMounts: | |
| - name: jwt-private-key | |
| readOnly: true | |
| mountPath: "/var/secrets/private/" | |
| - name: jwt-public-key | |
| readOnly: true | |
| mountPath: "/var/secrets/public" | |
| - name: of-client-secret | |
| readOnly: true | |
| mountPath: "/var/secrets/of-client-secret" | |
| --- | |
| # Source: openfaas-cloud/templates/of-builder.yaml | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: of-builder | |
| labels: | |
| app.kubernetes.io/name: openfaas-cloud | |
| app.kubernetes.io/managed-by: Tiller | |
| app.kubernetes.io/instance: turbulent-turkey | |
| helm.sh/chart: openfaas-cloud-0.11.9 | |
| app.kubernetes.io/component: of-builder | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: of-builder | |
| template: | |
| metadata: | |
| annotations: | |
| prometheus.io.scrape: "false" | |
| labels: | |
| app: of-builder | |
| spec: | |
| volumes: | |
| - name: registry-secret | |
| secret: | |
| secretName: registry-secret | |
| - name: payload-secret | |
| secret: | |
| secretName: payload-secret | |
| containers: | |
| - name: of-builder | |
| image: openfaas/of-builder:0.7.2 | |
| imagePullPolicy: Always | |
| livenessProbe: | |
| httpGet: | |
| path: /healthz | |
| port: 8080 | |
| initialDelaySeconds: 2 | |
| periodSeconds: 10 | |
| timeoutSeconds: 2 | |
| env: | |
| - name: enable_lchown | |
| value: "true" | |
| - name: insecure | |
| value: "false" | |
| - name: buildkit_url | |
| value: "tcp://127.0.0.1:1234" | |
| - name: "disable_hmac" | |
| value: "false" | |
| ports: | |
| - containerPort: 8080 | |
| protocol: TCP | |
| volumeMounts: | |
| - name: registry-secret | |
| readOnly: true | |
| mountPath: "/home/app/.docker/" | |
| - name: payload-secret | |
| readOnly: true | |
| mountPath: "/var/openfaas/secrets/" | |
| - name: of-buildkit | |
| args: ["--addr", "tcp://0.0.0.0:1234"] | |
| image: moby/buildkit:v0.6.2 | |
| imagePullPolicy: Always | |
| ports: | |
| - containerPort: 1234 | |
| protocol: TCP | |
| securityContext: | |
| privileged: true |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Source: openfaas-cloud/templates/edge-auth.yaml | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: edge-auth | |
| labels: | |
| app.kubernetes.io/name: openfaas-cloud | |
| app.kubernetes.io/managed-by: Tiller | |
| app.kubernetes.io/instance: measly-lightningbug | |
| helm.sh/chart: openfaas-cloud-0.11.9 | |
| app.kubernetes.io/component: edge-auth | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: edge-auth | |
| template: | |
| metadata: | |
| annotations: | |
| prometheus.io.scrape: "false" | |
| labels: | |
| app: edge-auth | |
| spec: | |
| volumes: | |
| - name: jwt-private-key | |
| secret: | |
| secretName: jwt-private-key | |
| - name: jwt-public-key | |
| secret: | |
| secretName: jwt-public-key | |
| - name: of-client-secret | |
| secret: | |
| secretName: of-client-secret | |
| containers: | |
| - name: edge-auth | |
| image: openfaas/edge-auth:0.6.2 | |
| imagePullPolicy: Always | |
| livenessProbe: | |
| httpGet: | |
| path: /healthz | |
| port: 8080 | |
| initialDelaySeconds: 2 | |
| periodSeconds: 10 | |
| timeoutSeconds: 2 | |
| env: | |
| - name: port | |
| value: "8080" | |
| - name: oauth_client_secret_path | |
| value: "/var/secrets/of-client-secret/of-client-secret" | |
| - name: public_key_path | |
| value: "/var/secrets/public/key.pub" | |
| - name: private_key_path | |
| value: "/var/secrets/private/key" | |
| - name: client_secret | |
| value: "3.490857e+06" | |
| - name: client_id | |
| value: "1234" | |
| - name: oauth_provider_base_url | |
| value: "some.gitlab.example.com" | |
| - name: oauth_provider | |
| value: "gitlab" | |
| - name: external_redirect_domain | |
| value: "https://auth.system.example.com" | |
| - name: cookie_root_domain | |
| value: ".system.example.com" | |
| - name: customers_url | |
| value: "https://github.com/CUSTOMERS" | |
| - name: write_debug | |
| value: "false" | |
| ports: | |
| - containerPort: 8080 | |
| protocol: TCP | |
| volumeMounts: | |
| - name: jwt-private-key | |
| readOnly: true | |
| mountPath: "/var/secrets/private/" | |
| - name: jwt-public-key | |
| readOnly: true | |
| mountPath: "/var/secrets/public" | |
| - name: of-client-secret | |
| readOnly: true | |
| mountPath: "/var/secrets/of-client-secret" | |
| --- | |
| # Source: openfaas-cloud/templates/of-builder.yaml | |
| apiVersion: apps/v1 | |
| kind: Deployment | |
| metadata: | |
| name: of-builder | |
| labels: | |
| app.kubernetes.io/name: openfaas-cloud | |
| app.kubernetes.io/managed-by: Tiller | |
| app.kubernetes.io/instance: measly-lightningbug | |
| helm.sh/chart: openfaas-cloud-0.11.9 | |
| app.kubernetes.io/component: of-builder | |
| spec: | |
| replicas: 1 | |
| selector: | |
| matchLabels: | |
| app: of-builder | |
| template: | |
| metadata: | |
| annotations: | |
| prometheus.io.scrape: "false" | |
| labels: | |
| app: of-builder | |
| spec: | |
| volumes: | |
| - name: registry-secret | |
| secret: | |
| secretName: registry-secret | |
| - name: payload-secret | |
| secret: | |
| secretName: payload-secret | |
| - name: aws-ecr-credentials | |
| secret: | |
| defaultMode: 420 | |
| secretName: aws-ecr-credentials | |
| containers: | |
| - name: of-builder | |
| image: openfaas/of-builder:0.7.2 | |
| imagePullPolicy: Always | |
| livenessProbe: | |
| httpGet: | |
| path: /healthz | |
| port: 8080 | |
| initialDelaySeconds: 2 | |
| periodSeconds: 10 | |
| timeoutSeconds: 2 | |
| env: | |
| - name: enable_lchown | |
| value: "true" | |
| - name: insecure | |
| value: "false" | |
| - name: buildkit_url | |
| value: "tcp://127.0.0.1:1234" | |
| - name: "disable_hmac" | |
| value: "false" | |
| ports: | |
| - containerPort: 8080 | |
| protocol: TCP | |
| volumeMounts: | |
| - name: registry-secret | |
| readOnly: true | |
| mountPath: "/home/app/.docker/" | |
| - name: payload-secret | |
| readOnly: true | |
| mountPath: "/var/openfaas/secrets/" | |
| - name: aws-ecr-credentials | |
| mountPath: /home/app/.aws/ | |
| readOnly: true | |
| - name: of-buildkit | |
| args: ["--addr", "tcp://0.0.0.0:1234"] | |
| image: moby/buildkit:v0.6.2 | |
| imagePullPolicy: Always | |
| ports: | |
| - containerPort: 1234 | |
| protocol: TCP | |
| securityContext: | |
| privileged: true |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment