199 lines
5.9 KiB
HCL
199 lines
5.9 KiB
HCL
locals {
|
|
prest-labels = merge(local.common-labels, {
|
|
"app.kubernetes.io/component" = "postgrest"
|
|
})
|
|
prest-dns_name = "api.${local.dns_name}"
|
|
prest-service = {
|
|
"name" = "postgrest-${var.instance}"
|
|
"port" = {
|
|
"number" = 80
|
|
}
|
|
}
|
|
swagger-service = {
|
|
"name" = "swagger-${var.instance}"
|
|
"port" = {
|
|
"number" = 80
|
|
}
|
|
}
|
|
}
|
|
|
|
resource "kubectl_manifest" "postgrest_config" {
|
|
count = var.extentions.postgrest.enable ? 1:0
|
|
yaml_body = <<-EOF
|
|
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: "${var.component}-${var.instance}-postgrest"
|
|
namespace: "${var.namespace}"
|
|
labels: ${jsonencode(local.prest-labels)}
|
|
data:
|
|
PGDATABASE: "${var.instance}"
|
|
PGHOST: "${var.instance}-${var.component}-rw.${var.namespace}.svc"
|
|
PGPORT: "5432"
|
|
PGRST_DB_SCHEMA: public
|
|
PGRST_DB_ANON_ROLE: anonymous
|
|
PGRST_OPENAPI_SERVER_PROXY_URI: "https://${local.prest-dns_name}"
|
|
PGRST_ADMIN_SERVER_PORT: "9000"
|
|
API_URL: "https://${local.prest-dns_name}"
|
|
BASE_URL: "/ui"
|
|
EOF
|
|
}
|
|
|
|
|
|
resource "kubectl_manifest" "postgrest_deploy" {
|
|
count = var.extentions.postgrest.enable ? 1:0
|
|
yaml_body = join("", concat([<<EOF
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: "${var.component}-${var.instance}-postgrest"
|
|
namespace: "${var.namespace}"
|
|
labels: ${jsonencode(local.prest-labels)}
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels: ${jsonencode(local.prest-labels)}
|
|
template:
|
|
metadata:
|
|
labels: ${jsonencode(local.prest-labels)}
|
|
spec:
|
|
securityContext:
|
|
fsGroup: 1000
|
|
runAsGroup: 1000
|
|
runAsUser: 1000
|
|
restartPolicy: Always
|
|
containers:
|
|
- name: postgrest
|
|
securityContext:
|
|
fsGroup: 1000
|
|
runAsGroup: 1000
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
env:
|
|
- name: PGUSER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: username
|
|
name: "${var.instance}-${var.component}-app"
|
|
- name: PGPASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
key: password
|
|
name: "${var.instance}-${var.component}-app"
|
|
envFrom:
|
|
- configMapRef:
|
|
name: "${var.component}-${var.instance}-postgrest"
|
|
image: "${var.extentions.postgrest.image.registry}/${var.extentions.postgrest.image.repository}:${var.extentions.postgrest.image.tag}"
|
|
imagePullPolicy: "${var.extentions.postgrest.image.pullPolicy}"
|
|
ports:
|
|
- containerPort: 3000
|
|
name: http
|
|
protocol: TCP
|
|
- containerPort: 9000
|
|
name: admin
|
|
protocol: TCP
|
|
livenessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
path: /live
|
|
port: admin
|
|
scheme: HTTP
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
timeoutSeconds: 1
|
|
readinessProbe:
|
|
failureThreshold: 3
|
|
httpGet:
|
|
path: /ready
|
|
port: admin
|
|
scheme: HTTP
|
|
periodSeconds: 10
|
|
successThreshold: 1
|
|
timeoutSeconds: 1
|
|
EOF
|
|
], var.extentions.postgrest.swagger.enable?[<<EOF
|
|
- name: swagger
|
|
securityContext:
|
|
fsGroup: 1000
|
|
runAsGroup: 1000
|
|
runAsNonRoot: true
|
|
runAsUser: 1000
|
|
image: "${var.extentions.postgrest.swagger.registry}/${var.extentions.postgrest.swagger.repository}:${var.extentions.postgrest.swagger.tag}"
|
|
imagePullPolicy: "${var.extentions.postgrest.swagger.pullPolicy}"
|
|
ports:
|
|
- containerPort: 8080
|
|
name: swagger
|
|
protocol: TCP
|
|
envFrom:
|
|
- configMapRef:
|
|
name: "${var.component}-${var.instance}-postgrest"
|
|
EOF
|
|
]:[""]))
|
|
}
|
|
|
|
module "postgrest-service" {
|
|
count = var.extentions.postgrest.enable ? 1 : 0
|
|
source = "/dist/modules/service"
|
|
component = "postgrest"
|
|
instance = var.instance
|
|
namespace = var.namespace
|
|
labels = local.prest-labels
|
|
target = "http"
|
|
port = local.prest-service.port.number
|
|
providers = {
|
|
kubectl = kubectl
|
|
}
|
|
}
|
|
|
|
module "postgrest-ingress" {
|
|
count = var.extentions.postgrest.enable ? 1 : 0
|
|
source = "/dist/modules/ingress"
|
|
component = "postgrest"
|
|
instance = var.instance
|
|
namespace = var.namespace
|
|
issuer = var.issuer
|
|
ingress_class = var.ingress_class
|
|
labels = local.prest-labels
|
|
dns_names = [local.prest-dns_name]
|
|
create-redirect = true
|
|
middlewares = []
|
|
service = local.prest-service
|
|
providers = {
|
|
kubectl = kubectl
|
|
}
|
|
}
|
|
|
|
module "swagger-service" {
|
|
count = var.extentions.postgrest.enable && var.extentions.postgrest.swagger.enable ? 1 : 0
|
|
source = "/dist/modules/service"
|
|
component = "swagger"
|
|
instance = var.instance
|
|
namespace = var.namespace
|
|
labels = local.prest-labels
|
|
target = "swagger"
|
|
port = local.swagger-service.port.number
|
|
providers = {
|
|
kubectl = kubectl
|
|
}
|
|
}
|
|
|
|
module "swagger-ingress" {
|
|
count = var.extentions.postgrest.enable && var.extentions.postgrest.swagger.enable ? 1 : 0
|
|
source = "/dist/modules/ingress"
|
|
component = "swagger"
|
|
instance = var.instance
|
|
namespace = var.namespace
|
|
issuer = var.issuer
|
|
ingress_class = var.ingress_class
|
|
labels = local.prest-labels
|
|
dns_names = [local.prest-dns_name]
|
|
middlewares = []
|
|
create-cert = false
|
|
sub-path = "ui"
|
|
secret-component = "postgrest"
|
|
service = local.swagger-service
|
|
providers = {
|
|
kubectl = kubectl
|
|
}
|
|
}
|