Created
March 1, 2023 16:11
-
-
Save maxstreifeneder/0b4f369e414639ce42953e7867f29ebe to your computer and use it in GitHub Desktop.
Resulting deployment file from helm template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
# Source: verificationapp/charts/srv/templates/network-policy.yaml | |
apiVersion: networking.k8s.io/v1 | |
kind: NetworkPolicy | |
metadata: | |
name: verification-srv | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: srv-0.1.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
spec: | |
ingress: | |
- from: | |
- podSelector: | |
matchLabels: | |
app: istio-ingressgateway | |
namespaceSelector: | |
matchLabels: | |
name: istio-system | |
podSelector: | |
matchLabels: | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
policyTypes: | |
- Ingress | |
--- | |
# Source: verificationapp/charts/srv/templates/pod-disruption-budget.yaml | |
apiVersion: policy/v1 | |
kind: PodDisruptionBudget | |
metadata: | |
name: verification-srv | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: srv-0.1.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
spec: | |
maxUnavailable: 10% | |
selector: | |
matchLabels: | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
--- | |
# Source: verificationapp/templates/connectivity-proxy-info.yaml | |
apiVersion: v1 | |
kind: ConfigMap | |
metadata: | |
name: verificationapp-connectivity-proxy-info | |
namespace: resilientapps1 | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: connectivity-proxy-info | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
data: | |
.metadata: >- | |
{"credentialProperties":[{"name":"subaccount_id","format":"text"},{"name":"subaccount_subdomain","format":"text"},{"name":"token_service_domain","format":"text"},{"name":"token_service_url","format":"text"},{"name":"token_service_url_pattern","format":"text"},{"name":"token_service_url_pattern_tenant_key","format":"text"},{"name":"clientid","format":"text"},{"name":"credential-type","format":"text"},{"name":"xsappname","format":"text"},{"name":"clientsecret","format":"text"},{"name":"connectivity_service","format":"json"},{"name":"onpremise_proxy_host","format":"text"},{"name":"onpremise_proxy_http_port","format":"text"},{"name":"onpremise_proxy_host","format":"text"},{"name":"url","format":"text"}],"metaDataProperties":[{"name":"instance_name","format":"text"},{"name":"instance_guid","format":"text"},{"name":"plan","format":"text"},{"name":"label","format":"text"},{"name":"type","format":"text"},{"name":"tags","format":"json"}]} | |
onpremise_proxy_host: connectivity-proxy.kyma-system.svc.cluster.local | |
onpremise_proxy_http_port: "20003" | |
onpremise_proxy_ldap_port: "20001" | |
onpremise_proxy_port: "20003" | |
onpremise_proxy_rfc_port: "20001" | |
onpremise_socks5_proxy_port: "20004" | |
--- | |
# Source: verificationapp/charts/srv/templates/service.yaml | |
apiVersion: v1 | |
kind: Service | |
metadata: | |
name: verification-srv | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: srv-0.1.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
spec: | |
ports: | |
- port: 8080 | |
targetPort: 8080 | |
protocol: TCP | |
selector: | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
--- | |
# Source: verificationapp/charts/srv/templates/deployment.yaml | |
apiVersion: apps/v1 | |
kind: Deployment | |
metadata: | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: srv-0.1.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
name: verification-srv | |
spec: | |
replicas: 3 | |
selector: | |
matchLabels: | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
template: | |
metadata: | |
labels: | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
spec: | |
imagePullSecrets: | |
- name: container-registry | |
automountServiceAccountToken: false | |
serviceAccountName: default | |
containers: | |
- image: ghcr.io/maxstreifeneder/verificationapp-srv:latest | |
name: srv | |
ports: | |
- name: http | |
containerPort: 8080 | |
protocol: TCP | |
envFrom: | |
env: | |
- name: APPLICATION_NAME | |
value: verification-srv | |
- name: APPLICATION_URI | |
value: verification-srv | |
- name: SERVICE_BINDING_ROOT | |
value: /bindings | |
- name: PORT | |
value: "8080" | |
- name: TMPDIR | |
value: /tmp | |
livenessProbe: | |
httpGet: | |
path: / | |
port: http | |
readinessProbe: | |
httpGet: | |
path: / | |
port: http | |
startupProbe: | |
httpGet: | |
path: / | |
port: http | |
failureThreshold: 15 | |
periodSeconds: 2 | |
volumeMounts: | |
- name: tmp | |
mountPath: /tmp | |
- name: "connectivity-secret" | |
mountPath: /bindings/connectivity | |
readOnly: true | |
- mountPath: /bindings/auth/ | |
name: "auth" | |
readOnly: true | |
- mountPath: /bindings/destination/ | |
name: "destination" | |
readOnly: true | |
- mountPath: /bindings/hana/ | |
name: "hana" | |
readOnly: true | |
- mountPath: /bindings/messaging/ | |
name: "messaging" | |
readOnly: true | |
resources: | |
limits: | |
ephemeral-storage: 1G | |
memory: 500M | |
requests: | |
cpu: 500m | |
ephemeral-storage: 1G | |
memory: 500M | |
securityContext: | |
allowPrivilegeEscalation: false | |
capabilities: | |
drop: | |
- ALL | |
privileged: false | |
readOnlyRootFilesystem: false | |
restartPolicy: Always | |
securityContext: | |
runAsNonRoot: true | |
topologySpreadConstraints: | |
- labelSelector: | |
matchLabels: | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
maxSkew: 1 | |
topologyKey: kubernetes.io/hostname | |
whenUnsatisfiable: DoNotSchedule | |
volumes: | |
- emptyDir: {} | |
name: tmp | |
- name: auth | |
secret: | |
secretName: verification-srv-auth | |
- name: destination | |
secret: | |
secretName: verification-srv-destination | |
- name: hana | |
secret: | |
secretName: verification-srv-hana | |
- name: messaging | |
secret: | |
secretName: verification-srv-messaging | |
- | |
name: connectivity-secret | |
projected: | |
sources: | |
- secret: | |
name: verificationapp-connectivity-binding | |
optional: false | |
- secret: | |
items: | |
- key: token_service_url | |
path: url | |
name: verificationapp-connectivity-binding | |
optional: false | |
- configMap: | |
name: verificationapp-connectivity-proxy-info | |
optional: false | |
--- | |
# Source: verificationapp/charts/srv/templates/api-rule.yaml | |
apiVersion: gateway.kyma-project.io/v1alpha1 | |
kind: APIRule | |
metadata: | |
name: verification-srv | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: srv-0.1.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
spec: | |
gateway: kyma-gateway.kyma-system.svc.cluster.local | |
rules: | |
- accessStrategies: | |
- handler: allow | |
methods: | |
- GET | |
- POST | |
- PUT | |
- PATCH | |
- DELETE | |
- HEAD | |
path: /.* | |
service: | |
host: verification-srv-resilientapps1 | |
name: verification-srv | |
port: 8080 | |
--- | |
# Source: verificationapp/charts/srv/templates/service-binding.yaml | |
apiVersion: services.cloud.sap.com/v1 | |
kind: ServiceBinding | |
metadata: | |
name: verification-srv-auth | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: srv-0.1.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
spec: | |
serviceInstanceName: verification-xsuaa | |
--- | |
# Source: verificationapp/charts/srv/templates/service-binding.yaml | |
apiVersion: services.cloud.sap.com/v1 | |
kind: ServiceBinding | |
metadata: | |
name: verification-srv-destination | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: srv-0.1.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
spec: | |
serviceInstanceName: verification-dest | |
--- | |
# Source: verificationapp/charts/srv/templates/service-binding.yaml | |
apiVersion: services.cloud.sap.com/v1 | |
kind: ServiceBinding | |
metadata: | |
name: verification-srv-hana | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: srv-0.1.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
spec: | |
serviceInstanceName: verification-hdi-container | |
--- | |
# Source: verificationapp/charts/srv/templates/service-binding.yaml | |
apiVersion: services.cloud.sap.com/v1 | |
kind: ServiceBinding | |
metadata: | |
name: verification-srv-messaging | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: srv-0.1.0 | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/name: srv | |
app.kubernetes.io/instance: release-name | |
spec: | |
serviceInstanceName: verification-em | |
--- | |
# Source: verificationapp/templates/connectivity-binding.yaml | |
apiVersion: services.cloud.sap.com/v1 | |
kind: ServiceBinding | |
metadata: | |
namespace: resilientapps1 | |
name: release-name-connectivity-binding | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: connectivity | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceInstanceName: release-name-connectivity | |
--- | |
# Source: verificationapp/templates/hana-deployer-job.yaml | |
--- | |
apiVersion: services.cloud.sap.com/v1 | |
kind: ServiceBinding | |
metadata: | |
namespace: resilientapps1 | |
name: release-name-hana-deployer-hana | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: hana-deployer | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceInstanceName: verification-hdi-container | |
--- | |
# Source: verificationapp/templates/html5-apps-deployer-job.yaml | |
--- | |
apiVersion: services.cloud.sap.com/v1 | |
kind: ServiceBinding | |
metadata: | |
namespace: resilientapps1 | |
name: release-name-html5-apps-deployer-destination | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: html5-apps-deployer | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceInstanceName: verification-dest | |
--- | |
# Source: verificationapp/templates/html5-apps-deployer-job.yaml | |
apiVersion: services.cloud.sap.com/v1 | |
kind: ServiceBinding | |
metadata: | |
namespace: resilientapps1 | |
name: release-name-html5-apps-deployer-html5-apps-repo | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: html5-apps-deployer | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceInstanceName: verification-html5-repo-host | |
--- | |
# Source: verificationapp/templates/html5-apps-deployer-job.yaml | |
apiVersion: services.cloud.sap.com/v1 | |
kind: ServiceBinding | |
metadata: | |
namespace: resilientapps1 | |
name: release-name-html5-apps-deployer-xsuaa | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: html5-apps-deployer | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceInstanceName: verification-xsuaa | |
--- | |
# Source: verificationapp/templates/connectivity.yaml | |
apiVersion: services.cloud.sap.com/v1alpha1 | |
kind: ServiceInstance | |
metadata: | |
name: release-name-connectivity | |
namespace: resilientapps1 | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: connectivity | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceOfferingName: connectivity | |
servicePlanName: connectivity_proxy | |
externalName: resilientapps1-release-name-connectivity | |
parameters: | |
{} | |
--- | |
# Source: verificationapp/templates/destination.yaml | |
apiVersion: services.cloud.sap.com/v1alpha1 | |
kind: ServiceInstance | |
metadata: | |
name: verification-dest | |
namespace: resilientapps1 | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: destination | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceOfferingName: destination | |
servicePlanName: lite | |
externalName: resilientapps1-verification-dest | |
parameters: | |
HTML5Runtime_enabled: true | |
version: 1.0.0 | |
--- | |
# Source: verificationapp/templates/event-mesh.yaml | |
apiVersion: services.cloud.sap.com/v1alpha1 | |
kind: ServiceInstance | |
metadata: | |
name: verification-em | |
namespace: resilientapps1 | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: event-mesh | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceOfferingName: enterprise-messaging | |
servicePlanName: default | |
externalName: resilientapps1-verification-em | |
parameters: | |
emname: bpem | |
namespace: tfe/bp/em | |
options: | |
management: true | |
messaging: true | |
messagingrest: true | |
resources: | |
units: "10" | |
rules: | |
queueRules: | |
publishFilter: | |
- ${namespace}/* | |
subscribeFilter: | |
- ${namespace}/* | |
topicRules: | |
publishFilter: | |
- ${namespace}/* | |
subscribeFilter: | |
- ${namespace}/* | |
version: 1.1.0 | |
--- | |
# Source: verificationapp/templates/hdi-container.yaml | |
apiVersion: services.cloud.sap.com/v1alpha1 | |
kind: ServiceInstance | |
metadata: | |
name: verification-hdi-container | |
namespace: resilientapps1 | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: hdi-container | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceOfferingName: hana | |
servicePlanName: hdi-shared | |
externalName: resilientapps1-verification-hdi-container | |
parameters: | |
{} | |
--- | |
# Source: verificationapp/templates/html5-apps-repo-host.yaml | |
apiVersion: services.cloud.sap.com/v1alpha1 | |
kind: ServiceInstance | |
metadata: | |
name: verification-html5-repo-host | |
namespace: resilientapps1 | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: html5-apps-repo-host | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceOfferingName: html5-apps-repo | |
servicePlanName: app-host | |
externalName: resilientapps1-verification-html5-repo-host | |
parameters: | |
{} | |
--- | |
# Source: verificationapp/templates/xsuaa.yaml | |
apiVersion: services.cloud.sap.com/v1alpha1 | |
kind: ServiceInstance | |
metadata: | |
name: verification-xsuaa | |
namespace: resilientapps1 | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: xsuaa | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
spec: | |
serviceOfferingName: xsuaa | |
servicePlanName: application | |
externalName: resilientapps1-verification-xsuaa | |
parameters: | |
attributes: [] | |
role-collections: | |
- description: Business Partner Admin | |
name: BPAdmin | |
role-template-references: | |
- $XSAPPNAME.BPAdmin | |
role-templates: | |
- attribute-references: [] | |
description: BP Admin | |
name: BPAdmin | |
scope-references: | |
- $XSAPPNAME.BPAdmin | |
- description: UAA | |
name: Token_Exchange | |
scope-references: | |
- uaa.user | |
scopes: | |
- description: BPAdmin | |
name: $XSAPPNAME.BPAdmin | |
- description: UAA | |
name: uaa.user | |
tenant-mode: dedicated | |
xsappname: verificationapp | |
--- | |
# Source: verificationapp/templates/hana-deployer-job.yaml | |
# | |
# HANA single-tenant DB deployment | |
# | |
apiVersion: batch/v1 | |
kind: Job | |
metadata: | |
name: release-name-hana-deployer | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: hana-deployer | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
annotations: | |
"helm.sh/hook": "post-install,pre-upgrade" | |
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded | |
namespace: resilientapps1 | |
spec: | |
backoffLimit: 4 | |
template: | |
metadata: | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: hana-deployer | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
sidecar.istio.io/inject: "false" | |
spec: | |
restartPolicy: Never | |
imagePullSecrets: | |
- name: "container-registry" | |
volumes: | |
- name: hana-secret | |
secret: | |
secretName: "release-name-hana-deployer-hana" | |
containers: | |
- name: hana-deployer | |
image: ghcr.io/maxstreifeneder/verificationapp-hana-deployer:latest | |
imagePullPolicy: Always | |
env: | |
- name: SERVICE_BINDING_ROOT | |
value: /bindings | |
- name: EXIT | |
value: 'true' | |
volumeMounts: | |
- name: hana-secret | |
mountPath: /bindings/hana | |
readOnly: true | |
resources: | |
limits: | |
cpu: 2000m | |
memory: 1G | |
requests: | |
cpu: 1000m | |
memory: 1G | |
--- | |
# Source: verificationapp/templates/html5-apps-deployer-job.yaml | |
apiVersion: batch/v1 | |
kind: Job | |
metadata: | |
name: release-name-html5-apps-deployer | |
namespace: resilientapps1 | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: html5-apps-deployer | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
annotations: | |
"helm.sh/hook": "post-install,post-upgrade" | |
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded | |
spec: | |
backoffLimit: 4 | |
template: | |
metadata: | |
labels: | |
helm.sh/revision: "1" | |
helm.sh/chart: verificationapp-2.0.1 | |
app.kubernetes.io/name: html5-apps-deployer | |
app.kubernetes.io/managed-by: Helm | |
app.kubernetes.io/instance: release-name | |
app.kubernetes.io/version: 2.0.1 | |
sidecar.istio.io/inject: "false" | |
spec: | |
imagePullSecrets: | |
- name: "container-registry" | |
restartPolicy: Never | |
volumes: | |
- name: destination-secret | |
secret: | |
secretName: "release-name-html5-apps-deployer-destination" | |
- name: html5-apps-repo-secret | |
secret: | |
secretName: "release-name-html5-apps-deployer-html5-apps-repo" | |
- name: xsuaa-secret | |
secret: | |
secretName: "release-name-html5-apps-deployer-xsuaa" | |
containers: | |
- name: html5-deployer | |
image: ghcr.io/maxstreifeneder/verification-html5-deployer:latest | |
imagePullPolicy: Always | |
volumeMounts: | |
- name: destination-secret | |
mountPath: /bindings/destination | |
readOnly: true | |
- name: html5-apps-repo-secret | |
mountPath: /bindings/html5_apps_repo | |
readOnly: true | |
- name: xsuaa-secret | |
mountPath: /bindings/xsuaa | |
readOnly: true | |
resources: | |
limits: | |
cpu: 2000m | |
memory: 1G | |
requests: | |
cpu: 1000m | |
memory: 1G | |
env: | |
- name: SERVICE_BINDING_ROOT | |
value: /bindings | |
- name: EXIT_PROCESS_AFTER_UPLOAD | |
value: "true" | |
- name: PORT | |
value: "5000" | |
# TODO: cloud service should be configurable in the HTML5 apps | |
- name: SAP_CLOUD_SERVICE | |
value: tfe.bp | |
# TODO: destination name should be configurable in the HTML5 apps | |
- name: BACKEND_DESTINATIONS | |
value: > | |
[{"Authentication":"NoAuthentication","HTML5.forwardAuthToken":"true","Name":"BPVerification-srv-api","ProxyType":"Internet","Type":"HTTP","URL":"https://verification-srv-resilientapps1.blabla.kyma.ondemand.com","sap.cloud.service":"tfe.bp"}] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment