1---
2apiVersion: v1
3kind: Namespace
4metadata:
5 name: ${ZED_KUBE_NAMESPACE}
6---
7kind: Service
8apiVersion: v1
9metadata:
10 namespace: ${ZED_KUBE_NAMESPACE}
11 name: collab
12 annotations:
13 service.beta.kubernetes.io/do-loadbalancer-tls-ports: "443"
14 service.beta.kubernetes.io/do-loadbalancer-certificate-id: "40879815-9a6b-4bbb-8207-8f2c7c0218f9"
15spec:
16 type: LoadBalancer
17 selector:
18 app: collab
19 ports:
20 - name: web
21 protocol: TCP
22 port: 443
23 targetPort: 8080
24---
25apiVersion: apps/v1
26kind: Deployment
27metadata:
28 namespace: ${ZED_KUBE_NAMESPACE}
29 name: collab
30
31spec:
32 replicas: 1
33 selector:
34 matchLabels:
35 app: collab
36 template:
37 metadata:
38 labels:
39 app: collab
40 annotations:
41 ad.datadoghq.com/collab.check_names: |
42 ["openmetrics"]
43 ad.datadoghq.com/collab.init_configs: |
44 [{}]
45 ad.datadoghq.com/collab.instances: |
46 [
47 {
48 "openmetrics_endpoint": "http://%%host%%:%%port%%/metrics",
49 "namespace": "collab_${ZED_KUBE_NAMESPACE}",
50 "metrics": [".*"]
51 }
52 ]
53 spec:
54 containers:
55 - name: collab
56 image: "${ZED_IMAGE_ID}"
57 ports:
58 - containerPort: 8080
59 protocol: TCP
60 env:
61 - name: HTTP_PORT
62 value: "8080"
63 - name: DATABASE_URL
64 valueFrom:
65 secretKeyRef:
66 name: database
67 key: url
68 - name: SESSION_SECRET
69 valueFrom:
70 secretKeyRef:
71 name: session
72 key: secret
73 - name: GITHUB_APP_ID
74 valueFrom:
75 secretKeyRef:
76 name: github
77 key: appId
78 - name: GITHUB_CLIENT_ID
79 valueFrom:
80 secretKeyRef:
81 name: github
82 key: clientId
83 - name: GITHUB_CLIENT_SECRET
84 valueFrom:
85 secretKeyRef:
86 name: github
87 key: clientSecret
88 - name: GITHUB_PRIVATE_KEY
89 valueFrom:
90 secretKeyRef:
91 name: github
92 key: privateKey
93 - name: API_TOKEN
94 valueFrom:
95 secretKeyRef:
96 name: api
97 key: token
98 - name: INVITE_LINK_PREFIX
99 value: ${INVITE_LINK_PREFIX}
100 - name: RUST_LOG
101 value: ${RUST_LOG}
102 - name: LOG_JSON
103 value: "true"
104 - name: HONEYCOMB_DATASET
105 value: "collab"
106 - name: HONEYCOMB_API_KEY
107 valueFrom:
108 secretKeyRef:
109 name: honeycomb
110 key: apiKey
111 securityContext:
112 capabilities:
113 # FIXME - Switch to the more restrictive `PERFMON` capability.
114 # This capability isn't yet available in a stable version of Debian.
115 add: ["SYS_ADMIN"]