deploy-manifests/k8s-rancher/1.authx-service/0.authx-service/4.4.authx-service-bff.yaml - institute/deploy-authx-service - Gitiles

 # 4.4.authx-service-bff.yaml

 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
   namespace: authx-service
   name: authx-service-bff-env
 data:
   SERVER_PORT: "8080"
   SSL_ENABLED: "false"
   #SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
   #SSL_KEYSTORE_PASSWORD: ""
   #SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
   #SSL_TRUSTSTORE_PASSWORD: ""

   SERVER_MAXHTTPHEADERSIZE: "10240"

   SERVER_TOMCAT_ACCEPT_COUNT: "5000"
   SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
   SERVER_TOMCAT_MAX_THREADS: "800"
   SERVER_TOMCAT_MIN_SPARE_THREADS: "100"

   LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_AUTHX_SERVICE_BFF: INFO


   SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
   SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
   SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"


   UNIAUTH_BASIC_AUTH_USERNAME: saadmin
   UNIAUTH_BASIC_AUTH_PASSWORD: saadminfoobar


   CASSERVER_SA_API_SERVER_URL: http://cas-server-sa-api-svc.cas-server.svc.cluster.local:8080
   CASSERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
   #CASSERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
   #CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
   #CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
   #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
   #CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""

   USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
   USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
   #USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
   #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
   #USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
   #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
   #USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""

   USER_AUTHZ_SERVICE_SERVER_URL: http://user-authorization-sa-svc.user-authorization-service.svc.cluster.local:8080
   USER_AUTHZ_SERVICE_CLIENT_AUTH_ENABLED: "false"
   #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
   #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
   #USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
   #USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
   #USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""

   UNIAUTH_SERVER_SA_API_SERVER_URL: http://uniauth-prod-backend.uniauth.svc.cluster.local:9090
   UNIAUTH_SERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
   #UNIAUTH_SERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
   #UNIAUTH_SERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
   #UNIAUTH_SERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
   #UNIAUTH_SERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
   #UNIAUTH_SERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""


   TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/file/minio
   TPAS_CLIENT_AUTH_ENABLED: "false"
   #TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
   #TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
   #TPAS_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
   #TPAS_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
   #TPAS_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""

 ---
 apiVersion: v1
 kind: Service
 metadata:
   namespace: authx-service
   name: authx-service-bff-svc
   labels:
     app: authx-service-bff
     needMonitor: 'true'
 spec:
   ports:
     - port: 8080
       targetPort: http
       protocol: TCP
       name: http
     - port: 6060
       targetPort: http-metrics
       protocol: TCP
       name: http-metrics
   selector:
     app: authx-service-bff

 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   namespace: authx-service
   name: authx-service-bff
 spec:
   selector:
     matchLabels:
       app: authx-service-bff
   replicas: 1
   template:
     metadata:
       labels:
         app: authx-service-bff
     spec:
       containers:
       - name: authx-service-bff
         image: harbor.supwisdom.com/authx-service/authx-service-bff:1.2.4-RELEASE
         imagePullPolicy: Always
         ports:
         - containerPort: 8080
           name: http
         - containerPort: 6060
           name: http-metrics
         envFrom:
         - configMapRef:
             name: jvm-env
         - secretRef:
             name: redis-env-secret
         - configMapRef:
             name: authx-service-bff-env
         resources:
           requests:
             memory: "1024Mi"
           limits:
             memory: "1024Mi"
         readinessProbe:
           httpGet:
             path: /actuator/health
             port: 8080
           initialDelaySeconds: 20
           periodSeconds: 5
           timeoutSeconds: 5
           successThreshold: 1
           failureThreshold: 10
       imagePullSecrets:
         - name: harbor-registry
	# 4.4.authx-service-bff.yaml

	---
	apiVersion: v1
	kind: ConfigMap
	metadata:
	namespace: authx-service
	name: authx-service-bff-env
	data:
	SERVER_PORT: "8080"
	SSL_ENABLED: "false"
	#SSL_KEYSTORE_FILE: file:/certs/server/server.keystore
	#SSL_KEYSTORE_PASSWORD: ""
	#SSL_TRUSTSTORE_FILE: file:/certs/server/server.truststore
	#SSL_TRUSTSTORE_PASSWORD: ""

	SERVER_MAXHTTPHEADERSIZE: "10240"

	SERVER_TOMCAT_ACCEPT_COUNT: "5000"
	SERVER_TOMCAT_MAX_CONNECTIONS: "10000"
	SERVER_TOMCAT_MAX_THREADS: "800"
	SERVER_TOMCAT_MIN_SPARE_THREADS: "100"

	LOGGING_LEVEL_COM_SUPWISDOM_INSTITUTE_AUTHX_SERVICE_BFF: INFO


	SPRING_REDIS_JEDIS_POOL_MAXACTIVE: "800"
	SPRING_REDIS_JEDIS_POOL_MAXIDLE: "100"
	SPRING_REDIS_JEDIS_POOL_MINIDLE: "100"


	UNIAUTH_BASIC_AUTH_USERNAME: saadmin
	UNIAUTH_BASIC_AUTH_PASSWORD: saadminfoobar


	CASSERVER_SA_API_SERVER_URL: http://cas-server-sa-api-svc.cas-server.svc.cluster.local:8080
	CASSERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
	#CASSERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
	#CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
	#CASSERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
	#CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
	#CASSERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""

	USER_DATA_SERVICE_SERVER_URL: http://user-data-service-goa-svc.user-data-service.svc.cluster.local:8080
	USER_DATA_SERVICE_CLIENT_AUTH_ENABLED: "false"
	#USER_DATA_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
	#USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
	#USER_DATA_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
	#USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
	#USER_DATA_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""

	USER_AUTHZ_SERVICE_SERVER_URL: http://user-authorization-sa-svc.user-authorization-service.svc.cluster.local:8080
	USER_AUTHZ_SERVICE_CLIENT_AUTH_ENABLED: "false"
	#USER_AUTHZ_SERVICE_CLIENT_AUTH_KEY_PASSWORD: ""
	#USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
	#USER_AUTHZ_SERVICE_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
	#USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
	#USER_AUTHZ_SERVICE_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""

	UNIAUTH_SERVER_SA_API_SERVER_URL: http://uniauth-prod-backend.uniauth.svc.cluster.local:9090
	UNIAUTH_SERVER_SA_API_CLIENT_AUTH_ENABLED: "false"
	#UNIAUTH_SERVER_SA_API_CLIENT_AUTH_KEY_PASSWORD: ""
	#UNIAUTH_SERVER_SA_API_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/common/common.keystore
	#UNIAUTH_SERVER_SA_API_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
	#UNIAUTH_SERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/common/common.truststore
	#UNIAUTH_SERVER_SA_API_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""


	TPAS_FILE_API_URL: http://agent-service-svc.thirdparty-agent-service.svc.cluster.local:8080/api/v1/tpas/file/minio
	TPAS_CLIENT_AUTH_ENABLED: "false"
	#TPAS_CLIENT_AUTH_KEY_PASSWORD: ""
	#TPAS_CLIENT_AUTH_KEYSTORE_FILE: file:/certs/client/client.keystore
	#TPAS_CLIENT_AUTH_KEYSTORE_PASSWORD: ""
	#TPAS_CLIENT_AUTH_TRUSTSTORE_FILE: file:/certs/client/client.truststore
	#TPAS_CLIENT_AUTH_TRUSTSTORE_PASSWORD: ""

	---
	apiVersion: v1
	kind: Service
	metadata:
	namespace: authx-service
	name: authx-service-bff-svc
	labels:
	app: authx-service-bff
	needMonitor: 'true'
	spec:
	ports:
	- port: 8080
	targetPort: http
	protocol: TCP
	name: http
	- port: 6060
	targetPort: http-metrics
	protocol: TCP
	name: http-metrics
	selector:
	app: authx-service-bff

	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	namespace: authx-service
	name: authx-service-bff
	spec:
	selector:
	matchLabels:
	app: authx-service-bff
	replicas: 1
	template:
	metadata:
	labels:
	app: authx-service-bff
	spec:
	containers:
	- name: authx-service-bff
	image: harbor.supwisdom.com/authx-service/authx-service-bff:1.2.4-RELEASE
	imagePullPolicy: Always
	ports:
	- containerPort: 8080
	name: http
	- containerPort: 6060
	name: http-metrics
	envFrom:
	- configMapRef:
	name: jvm-env
	- secretRef:
	name: redis-env-secret
	- configMapRef:
	name: authx-service-bff-env
	resources:
	requests:
	memory: "1024Mi"
	limits:
	memory: "1024Mi"
	readinessProbe:
	httpGet:
	path: /actuator/health
	port: 8080
	initialDelaySeconds: 20
	periodSeconds: 5
	timeoutSeconds: 5
	successThreshold: 1
	failureThreshold: 10
	imagePullSecrets:
	- name: harbor-registry