# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: v1 kind: Service metadata: labels: application: bank-of-anthos environment: development team: frontend tier: web name: frontend spec: ports: - name: http port: 80 targetPort: 8080 selector: app: frontend application: bank-of-anthos environment: development team: frontend tier: web type: LoadBalancer --- apiVersion: apps/v1 kind: Deployment metadata: labels: application: bank-of-anthos environment: development team: frontend tier: web name: frontend spec: selector: matchLabels: app: frontend application: bank-of-anthos environment: development team: frontend tier: web template: metadata: annotations: proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }' labels: app: frontend application: bank-of-anthos environment: development team: frontend tier: web spec: containers: - env: - name: VERSION value: v0.6.1 - name: PORT value: "8080" - name: ENABLE_TRACING value: "true" - name: SCHEME value: http - name: LOG_LEVEL value: info - name: DEFAULT_USERNAME valueFrom: configMapKeyRef: key: DEMO_LOGIN_USERNAME name: demo-data-config - name: DEFAULT_PASSWORD valueFrom: configMapKeyRef: key: DEMO_LOGIN_PASSWORD name: demo-data-config - name: REGISTERED_OAUTH_CLIENT_ID valueFrom: configMapKeyRef: key: DEMO_OAUTH_CLIENT_ID name: oauth-config optional: true - name: ALLOWED_OAUTH_REDIRECT_URI valueFrom: configMapKeyRef: key: DEMO_OAUTH_REDIRECT_URI name: oauth-config optional: true envFrom: - configMapRef: name: environment-config - configMapRef: name: service-api-config image: us-central1-docker.pkg.dev/bank-of-anthos-ci/bank-of-anthos/frontend:v0.6.1@sha256:07cb2c7f9a08cf820a81d59670a59b53d183717ce998a035625f0441b24e7544 livenessProbe: httpGet: path: /ready port: 8080 initialDelaySeconds: 60 periodSeconds: 15 timeoutSeconds: 30 name: front readinessProbe: httpGet: path: /ready port: 8080 initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 10 resources: limits: cpu: 250m memory: 128Mi requests: cpu: 100m memory: 64Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - all privileged: false readOnlyRootFilesystem: true volumeMounts: - mountPath: /tmp name: tmp - mountPath: /tmp/.ssh name: publickey readOnly: true securityContext: fsGroup: 1000 runAsGroup: 1000 runAsNonRoot: true runAsUser: 1000 serviceAccountName: bank-of-anthos terminationGracePeriodSeconds: 5 volumes: - emptyDir: {} name: tmp - name: publickey secret: items: - key: jwtRS256.key.pub path: publickey secretName: jwt-key