locals { prest-labels = merge(local.common-labels, { "app.kubernetes.io/component" = "postgrest" }) prest-dns-name = "api.${local.dns-name}" prest-service = { "name" = "${var.instance}-postgrest" "port" = { "number" = 80 } } swagger-service = { "name" = "${var.instance}-swagger" "port" = { "number" = 80 } } } resource "kubectl_manifest" "postgrest_config" { yaml_body = <<-EOF apiVersion: v1 kind: ConfigMap metadata: name: "${var.component}-${var.instance}-postgrest" namespace: "${var.namespace}" labels: ${jsonencode(local.prest-labels)} data: PGDATABASE: "${var.instance}" PGHOST: "${var.instance}-${var.component}-pg-rw.${var.namespace}.svc" PGPORT: 5432 PGRST_OPENAPI_SERVER_PROXY_URI: "https://${local.prest-dns-name}" API_URL: "https://${local.prest-dns-name}" EOF } resource "kubectl_manifest" "postgrest_deploy" { count = var.extentions.postgrest.enable ? 1:0 yaml_body = join("", concat([<<-EOF apiVersion: apps/v1 kind: Deployment metadata: name: "${var.component}-${var.instance}-postgrest" namespace: "${var.namespace}" labels: ${jsonencode(local.prest-labels)} spec: replicas: 1 selector: matchLabels: ${jsonencode(local.prest-labels)} template: metadata: labels: ${jsonencode(local.prest-labels)} spec: securityContext: fsGroup: 1000 runAsGroup: 1000 runAsUser: 1000 restartPolicy: Always containers: - name: postgrest securityContext: fsGroup: 1000 runAsGroup: 1000 runAsNonRoot: true runAsUser: 1000 env: - name: PGUSER valueFrom: secretKeyRef: key: username name: "${var.instance}-${var.component}-pg-app" - name: PGPASSWORD valueFrom: secretKeyRef: key: password name: "${var.instance}-${var.component}-pg-app" envFrom: - configMapRef: name: "${var.component}-${var.instance}-postgrest" image: "${var.extentions.postgrest.image.registry}/${var.extentions.postgrest.image.repository}:${var.extentions.postgrest.image.tag}" imagePullPolicy: "${var.extentions.postgrest.image.pullPolicy}" ports: - containerPort: 3000 name: http protocol: TCP livenessProbe: failureThreshold: 3 httpGet: path: / port: http scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 readinessProbe: failureThreshold: 3 httpGet: path: / port: http scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 EOF ], var.extentions.postgrest.swagger.enable?[<<-EOF - name: swagger securityContext: fsGroup: 1000 runAsGroup: 1000 runAsNonRoot: true runAsUser: 1000 image: "${var.extentions.postgrest.swagger.registry}/${var.extentions.postgrest.swagger.repository}:${var.extentions.postgrest.swagger.tag}" imagePullPolicy: "${var.extentions.postgrest.swagger.pullPolicy}" ports: - containerPort: 8080 name: swagger protocol: TCP envFrom: - configMapRef: name: "${var.component}-${var.instance}-postgrest" livenessProbe: failureThreshold: 3 httpGet: path: / port: swagger scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 readinessProbe: failureThreshold: 3 httpGet: path: / port: swagger scheme: HTTP periodSeconds: 10 successThreshold: 1 timeoutSeconds: 1 EOF ]:[""])) } module "postgrest-service" { count = var.extentions.postgrest.enable ? 1 : 0 source = "/dist/modules/service" component = "postgrest" instance = var.instance namespace = var.namespace labels = local.prest-labels target = "http" port = local.prest-service.port.number providers = { kubectl = kubectl } } module "postgrest-ingress" { count = var.extentions.postgrest.enable ? 1 : 0 source = "/dist/modules/ingress" component = "postgrest" instance = var.instance namespace = var.namespace issuer = var.issuer ingress-class = var.ingress-class labels = local.prest-labels dns-names = [local.prest-dns-name] create-redirect = true middlewares = [] service = local.prest-service providers = { kubectl = kubectl } } module "swagger-service" { count = var.extentions.postgrest.enable && var.extentions.postgrest.swagger.enable ? 1 : 0 source = "/dist/modules/service" component = "swagger" instance = var.instance namespace = var.namespace labels = local.prest-labels target = "swagger" port = local.swagger-service.port.number providers = { kubectl = kubectl } } module "swagger-ingress" { count = var.extentions.postgrest.enable && var.extentions.postgrest.swagger.enable ? 1 : 0 source = "/dist/modules/ingress" component = "swagger" instance = var.instance namespace = var.namespace issuer = var.issuer ingress-class = var.ingress-class labels = local.prest-labels dns-names = [local.prest-dns-name] middlewares = [] create-cert = false sub-path = "ui" secret-component = "postgrest" service = local.swagger-service providers = { kubectl = kubectl } }