# Copyright 2021 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: apps/v1 kind: Deployment metadata: name: frontend spec: selector: matchLabels: app: frontend template: metadata: labels: app: frontend spec: serviceAccountName: boa-ksa terminationGracePeriodSeconds: 5 containers: - name: front image: gcr.io/bank-of-anthos-ci/frontend:v0.5.11@sha256:db94f51b613214d8999bbd2318a4ccad54f44fea319da55f17d80186424df646 volumeMounts: - name: publickey mountPath: "/root/.ssh" readOnly: true env: - name: VERSION value: "v0.5.11" - name: PORT value: "8080" - name: ENABLE_TRACING value: "true" - name: SCHEME value: "http" # Valid levels are debug, info, warning, error, critical. If no valid level is set, gunicorn will default to info. - name: LOG_LEVEL value: "info" # Set to "true" to enable the CymbalBank logo + title # - name: CYMBAL_LOGO # value: "false" # Customize the bank name used in the header. Defaults to 'Bank of Anthos' - when CYMBAL_LOGO is true, uses 'CymbalBank' # - name: BANK_NAME # value: "" # Customize the cluster name if it cannot be retrieved from the metadata server #- name: CLUSTER_NAME # value: "my-cluster" - name: DEFAULT_USERNAME valueFrom: configMapKeyRef: name: demo-data-config key: DEMO_LOGIN_USERNAME - name: DEFAULT_PASSWORD valueFrom: configMapKeyRef: name: demo-data-config key: DEMO_LOGIN_PASSWORD - name: REGISTERED_OAUTH_CLIENT_ID valueFrom: configMapKeyRef: name: oauth-config key: DEMO_OAUTH_CLIENT_ID optional: true - name: ALLOWED_OAUTH_REDIRECT_URI valueFrom: configMapKeyRef: name: oauth-config key: DEMO_OAUTH_REDIRECT_URI optional: true envFrom: - configMapRef: name: environment-config - configMapRef: name: service-api-config # Customize the metadata server hostname to query for metadata #- name: METADATA_SERVER # value: "my-metadata-server" # Customize the pod zone if it cannot be retrieved from the metadata server #- name: POD_ZONE # value: "my-zone" # Customize the platform banner, options [alibaba, aws, azure, gcp, local, onprem] # - name: ENV_PLATFORM # value: "gcp" readinessProbe: httpGet: path: /ready port: 8080 initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 10 livenessProbe: httpGet: path: /ready port: 8080 initialDelaySeconds: 60 periodSeconds: 15 timeoutSeconds: 30 resources: requests: cpu: 100m memory: 64Mi limits: cpu: 500m memory: 256Mi volumes: - name: publickey secret: secretName: jwt-key items: - key: jwtRS256.key.pub path: publickey --- apiVersion: v1 kind: Service metadata: name: frontend spec: type: LoadBalancer selector: app: frontend ports: - name: http port: 80 targetPort: 8080