mirror of
https://gerrit.hackerspace.pl/hscloud
synced 2024-10-18 02:58:06 +00:00
hswaw/teleimg: migrate away from mirko.libsonnet
Change-Id: I173b48832ebb1cc187ff2020c78d4ec0748e3a98 Reviewed-on: https://gerrit.hackerspace.pl/c/hscloud/+/1794 Reviewed-by: q3k <q3k@hackerspace.pl>
This commit is contained in:
parent
56b2e04106
commit
db8d90216b
8 changed files with 70 additions and 53 deletions
|
@ -1,7 +1,6 @@
|
|||
local mirko = import "../../kube/mirko.libsonnet";
|
||||
local kube = import "../../kube/kube.libsonnet";
|
||||
|
||||
local teleimg = import "teleimg.libsonnet";
|
||||
local pretalx = import "pretalx.libsonnet";
|
||||
|
||||
{
|
||||
|
@ -10,12 +9,10 @@ local pretalx = import "pretalx.libsonnet";
|
|||
local cfg = self.cfg,
|
||||
|
||||
cfg+: {
|
||||
teleimg: teleimg.cfg,
|
||||
pretalx: pretalx.cfg,
|
||||
},
|
||||
|
||||
components: {
|
||||
teleimg: teleimg.teleimg(cfg.teleimg, env),
|
||||
pretalx: pretalx.component(cfg.pretalx, env) {
|
||||
cronjob: null,
|
||||
},
|
||||
|
@ -24,12 +21,6 @@ local pretalx = import "pretalx.libsonnet";
|
|||
|
||||
prod: self.hswaw("hswaw-prod") {
|
||||
cfg+: {
|
||||
teleimg+: {
|
||||
webFQDN: "teleimg.hswaw.net",
|
||||
secret+: {
|
||||
telegram_token: std.base64(std.split(importstr "secrets/plain/prod-telegram-token", "\n")[0]),
|
||||
},
|
||||
},
|
||||
pretalx+: {
|
||||
storageClassName: "waw-hdd-redundant-3",
|
||||
webFQDN: "cfp.cebula.camp",
|
||||
|
|
|
@ -1,43 +0,0 @@
|
|||
local mirko = import "../../kube/mirko.libsonnet";
|
||||
local kube = import "../../kube/kube.libsonnet";
|
||||
|
||||
{
|
||||
cfg:: {
|
||||
secret: {
|
||||
telegram_token: error "telegram_token must be set",
|
||||
},
|
||||
image: {
|
||||
teleimg: "registry.k0.hswaw.net/q3k/teleimg:1578259776-a07688fe74efe1e190d58092a9f50d4275a15e3d",
|
||||
},
|
||||
webFQDN: error "webFQDN must be set!",
|
||||
},
|
||||
|
||||
teleimg(cfg, env):: mirko.Component(env, "teleimg") {
|
||||
local teleimg = self,
|
||||
cfg+: {
|
||||
image: cfg.image.teleimg,
|
||||
container: teleimg.GoContainer("main", "/teleimg/teleimg") {
|
||||
env_: {
|
||||
TELEGRAM_TOKEN: kube.SecretKeyRef(teleimg.secret, "telegram_token"),
|
||||
},
|
||||
command+: [
|
||||
"-public_listen", "0.0.0.0:5000",
|
||||
"-telegram_token", "$(TELEGRAM_TOKEN)",
|
||||
],
|
||||
},
|
||||
ports+: {
|
||||
publicHTTP: {
|
||||
public: {
|
||||
port: 5000,
|
||||
dns: cfg.webFQDN,
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
secret: kube.Secret("teleimg") {
|
||||
metadata+: teleimg.metadata,
|
||||
data: cfg.secret,
|
||||
},
|
||||
},
|
||||
}
|
|
@ -4,7 +4,7 @@ load("@io_bazel_rules_go//go:def.bzl", "go_binary", "go_library")
|
|||
go_library(
|
||||
name = "teleimg_lib",
|
||||
srcs = ["main.go"],
|
||||
importpath = "code.hackerspace.pl/hscloud/personal/q3k/teleimg",
|
||||
importpath = "code.hackerspace.pl/hscloud/hswaw/teleimg",
|
||||
visibility = ["//visibility:private"],
|
||||
deps = [
|
||||
"//go/mirko",
|
68
hswaw/teleimg/prod.jsonnet
Normal file
68
hswaw/teleimg/prod.jsonnet
Normal file
|
@ -0,0 +1,68 @@
|
|||
local kube = import "../../kube/hscloud.libsonnet";
|
||||
local hspki = import "../../kube/hspki.libsonnet";
|
||||
|
||||
{
|
||||
local top = self,
|
||||
local cfg = self.cfg,
|
||||
|
||||
cfg:: {
|
||||
name: 'teleimg',
|
||||
namespace: 'teleimg',
|
||||
domain: 'teleimg.hswaw.net',
|
||||
image: 'registry.k0.hswaw.net/q3k/teleimg:1578259776-a07688fe74efe1e190d58092a9f50d4275a15e3d',
|
||||
},
|
||||
|
||||
// kubectl -n teleimg create secret generic teleimg --from-literal=telegram_token=xxxx
|
||||
// original: std.base64(std.split(importstr "secrets/plain/prod-telegram-token", "\n")[0])
|
||||
secretRefs:: {
|
||||
telegram_token: { secretKeyRef: { name: cfg.name, key: 'telegram_token' } },
|
||||
},
|
||||
|
||||
local ns = kube.Namespace(cfg.namespace),
|
||||
|
||||
deployment: ns.Contain(kube.Deployment(cfg.name)) {
|
||||
spec+: {
|
||||
replicas: 1,
|
||||
template+: {
|
||||
spec+: top.pki.PodSpec {
|
||||
containers_: {
|
||||
default: top.pki.GoContainer("default") {
|
||||
image: cfg.image,
|
||||
executable_: "/teleimg/teleimg",
|
||||
command+: [
|
||||
"-public_listen", "0.0.0.0:8080",
|
||||
"-telegram_token", "$(TELEGRAM_TOKEN)",
|
||||
],
|
||||
env_: {
|
||||
TELEGRAM_TOKEN: top.secretRefs.telegram_token,
|
||||
},
|
||||
resources: {
|
||||
requests: { cpu: "25m", memory: "64Mi" },
|
||||
limits: { cpu: "500m", memory: "128Mi" },
|
||||
},
|
||||
ports_: {
|
||||
http: { containerPort: 8080 },
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
|
||||
service: ns.Contain(kube.Service(cfg.name)) {
|
||||
target:: top.deployment,
|
||||
},
|
||||
|
||||
ingress: ns.Contain(kube.SimpleIngress(cfg.name)) {
|
||||
hosts:: [cfg.domain],
|
||||
target:: top.service,
|
||||
},
|
||||
|
||||
pki: ns.Contain(hspki) {
|
||||
cfg+: {
|
||||
name: cfg.name,
|
||||
namespace: cfg.namespace,
|
||||
}
|
||||
},
|
||||
}
|
1
hswaw/teleimg/secrets/.gitignore
vendored
Normal file
1
hswaw/teleimg/secrets/.gitignore
vendored
Normal file
|
@ -0,0 +1 @@
|
|||
plain
|
Loading…
Reference in a new issue