Add qa baseline deployment.

Trying to make it work and react use modified env variables.

01_onsite/02_qa/baseline/deployment.yaml

@@ -0,0 +1,226 @@
+# Deployment description
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: baseline-deployment
+  namespace: qa-environment
+  labels:
+    app: baseline-qa
+spec:
+  strategy:
+    type: Recreate
+  replicas: 1
+  selector:
+    matchLabels:
+      app: baseline-qa
+  template:
+    metadata:
+      labels:
+        app: baseline-qa
+    spec:
+      containers:
+        - name: baseline-frontend
+          image: packages.semapp.lan:5000/baseline_frontend:qa1
+          workingDir: /opt/web
+          resources:
+            requests:
+              memory: "256Mi"
+              cpu: "100m"
+            limits:
+              memory: "512Mi"
+              cpu: "4"
+          ports:
+            - containerPort: 8000
+              name: baseline-http
+              protocol: TCP
+          volumeMounts:
+          - mountPath: /etc/nginx/conf.d
+            readOnly: true
+            name: baseline-qa-frontend-conf
+          - mountPath: /etc/web/src/appConf.json
+            subPath: appConf.json
+            name: basiline-env-frontend
+            readOnly: true
+          imagePullPolicy: Always
+
+        - name: baseline-backend
+          image: packages.semapp.lan:5000/baseline_backend:qa1
+          workingDir: /opt/www
+          resources:
+            requests:
+              memory: "256Mi"
+              cpu: "100m"
+            limits:
+              memory: "512Mi"
+              cpu: "4"
+          ports:
+            - containerPort: 5000
+              name: bl-bck-http
+              protocol: TCP
+          imagePullPolicy: Always
+          envFrom:
+            - configMapRef:
+                name: baseline-qa-backend-conf
+      volumes:
+        - name: basiline-env-frontend
+          configMap:
+            name: basiline-env-frontend
+        - name: baseline-qa-frontend-conf
+          configMap:
+            name: baseline-qa-frontend-conf
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: basiline-env-frontend
+  namespace: qa-environment
+  labels:
+    app: baseline-qa
+data:
+  appConf.json: |
+    {
+      "REACT_APP_KEYCLOAK_REALM": "baseline_test",
+      "REACT_APP_KEYCLOAK_CLIENT_ID": "baseline_qa",
+      "REACT_APP_TOKEN_MIN_VALIDITY": "600"
+    }
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: qa-environment
+  name: baseline-qa-backend-conf
+  labels:
+    app: baseline-qa
+data:
+  DB_CONNECTION: "pgsql"
+  DB_HOST: "dbpg11.semapp.lan"
+  DB_PORT: "5432"
+  DB_DATABASE: "baseline_k8s_db"
+  DB_USERNAME: "baseline_qa"
+  DB_PASSWORD: "baseline_qa"
+
+  APP_NAME: "Baseline"
+  APP_ENV: "development"
+  APP_KEY: "base64:14Vg4rilGKEk34XeqNR7ffg6GhFTzA7/z5T1aqy6JHw="
+  APP_DEBUG: "true"
+  APP_URL: "http://baseline-qa.k3s.semapp.lan/"
+
+  LOG_CHANNEL: "stack"
+  BROADCAST_DRIVER: "log"
+  CACHE_DRIVER: "file"
+  QUEUE_CONNECTION: "sync"
+  SESSION_DRIVER: "cookie"
+  SESSION_LIFETIME: "120"
+
+
+  SANCTUM_STATEFUL_DOMAINS: "baseline-qa.k3s.semapp.lan"
+  SESSION_DOMAIN: "baseline-qa.k3s.semapp.lan"
+
+  THROTTLE_MAX_ATTEMPTS: "80" 
+
+  KEYCLOAK_URL: "http://keycloak.semapp.lan"
+  KEYCLOAK_PORT: "80"
+  KEYCLOAK_REALM: "baseline_test"
+
+  REDIRECT_URL: "http://baseline-qa.k3s.semapp.lan/"
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  namespace: qa-environment
+  name: baseline-qa-frontend-conf
+data:
+  default.conf: | 
+    upstream backend {
+      server  baseline-backend-qa:5000;
+    }
+
+    server {
+      listen 8000;
+
+      access_log /var/log/nginx/access.log;
+      charset utf-8;
+      client_max_body_size 1G;
+
+      location / {
+        root /srv/web;
+        add_header X-Frame-Options "SAMEORIGIN";
+        index index.html index.htm;
+        try_files $uri $uri /index.html =404;
+      }
+
+      location ~ ^/api {
+        proxy_pass        http://backend;
+        proxy_redirect    off;
+
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+
+        proxy_read_timeout 300s;
+        proxy_send_timeout 300s;
+        send_timeout 300s;
+      }
+
+      error_page 404 =200 /index.html;
+
+      add_header 'Cache-Control' 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
+
+      expires off;
+      open_file_cache off;
+      sendfile off;
+    }
+
+---
+# EFC Service
+apiVersion: v1
+kind: Service
+metadata:
+  name: baseline-frontend-qa
+  namespace: qa-environment
+spec:
+  selector:
+    app: baseline-qa
+  ports:
+    - name: baseline-http
+      port: 8000
+      targetPort: baseline-http
+  type: NodePort
+
+---
+# EFC backend
+apiVersion: v1
+kind: Service
+metadata:
+  name: baseline-backend-qa
+  namespace: qa-environment
+spec:
+  selector:
+    app: baseline-qa
+  ports:
+    - name: bl-bck-http
+      port: 5000
+      targetPort: bl-bck-http
+  type: NodePort
+---
+
+# Ingress description
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: baseline-qa-ingress
+  namespace: qa-environment
+  annotations:
+    kubernetes.io/ingress.class: "traefik"
+spec:
+  rules:
+  - host: baseline-qa.k3s.semapp.lan
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: baseline-frontend-qa
+          servicePort: 8000

02_hetzner/00_infra/keycloak/deployment.yaml

@@ -0,0 +1,84 @@
+---
+  apiVersion: "apps/v1"
+  kind: "Deployment"
+  metadata: 
+    name: "keycloak"
+    namespace: "infra-environment"
+  spec: 
+    selector: 
+      matchLabels: 
+        app: "keycloak"
+    replicas: 1
+    template: 
+      metadata: 
+        labels: 
+          app: "keycloak"
+      spec: 
+        containers: 
+          - name: "keycloak-prod"
+            image: "jboss/keycloak"
+            resources:
+              requests:
+                memory: "512Mi"
+                cpu: "100m"
+              limits:
+                memory: "1Gi"
+                cpu: "4"
+            imagePullPolicy: "Always"
+            env: 
+              - name: "KEYCLOAK_USER"
+                value: "admin" 
+              - name: "KEYCLOAK_PASSWORD"
+                value: "admin"
+              - name: DB_VENDOR
+                value: postgres
+              - name: DB_ADDR
+                value: psql.semprod.local
+              - name: DB_DATABASE
+                value: keycloak_db
+              - name: DB_USER
+                value: keycloak
+              - name: DB_PASSWORD
+                value: e7ov7xx45qr1erk9
+            ports: 
+              - name: keycloak-http
+                containerPort: 8080
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: keycloak-srv
+  namespace: infra-environment
+spec:
+  selector:
+    app: keycloak
+  ports:
+    - name: keycloak-http
+      port: 8080
+      targetPort: keycloak-http
+  type: NodePort
+
+---
+apiVersion: networking.k8s.io/v1beta1
+kind: Ingress
+metadata:
+  name: keycloak-ingress
+  namespace: infra-environment
+  annotations:
+    kubernetes.io/ingress.class: "traefik"
+spec:
+  rules:
+  - host: keycloak.k8s.semprod.local
+    http:
+      paths:
+      - path: /
+        backend:
+          serviceName: keycloak-srv
+          servicePort: 8080
+  # - host: keycloak.semapp.lan
+    # http:
+      # paths:
+      # - path: /
+        # backend:
+          # serviceName: keycloack-srv
+          # servicePort: 8080