diff --git a/.drone.yml b/.drone.yml index 1837dad3..9bb13fc0 100644 --- a/.drone.yml +++ b/.drone.yml @@ -19,20 +19,31 @@ steps: build_args: APP_NAME=commune-page - name: deploy - image: digitalocean/doctl:latest + image: ghcr.io/renlabs-dev/devops-ci:latest environment: - DO_CTL_TOKEN: - from_secret: DO_CTL_TOKEN + VAULT_ADDR: + from_secret: VAULT_ADDR + VAULT_ROLE_ID: + from_secret: VAULT_ROLE_ID + VAULT_SECRET_ID: + from_secret: VAULT_SECRET_ID + APP_NAME: commune-page commands: - - apk add jq - - export PATH=$PATH:/app + # Download helm chart and authenticate to Kubernetes + - /apps/k8s_auth_w_approle.sh + - helm repo add renlabs https://charts.renlabs.dev/ + - helm repo update + # Set auxiliary environment variables - export COMMIT_SHORT_SHA=${DRONE_COMMIT_SHA:0:7} - - app_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "commune-page" || echo "dev-commune-page" ) - - app_id=$(doctl apps list -t $DO_CTL_TOKEN -o json | jq --arg name "$app_name" '.[] | select(.spec.name == $name) | .id' | tr -d '"') - - doctl apps spec get $app_id -t $DO_CTL_TOKEN > spec.yaml - - sed -i "s/\(tag:*\).*/\1 \"$COMMIT_SHORT_SHA\"/" spec.yaml - - doctl apps spec validate spec.yaml -t $DO_CTL_TOKEN --schema-only > /dev/null - - doctl apps update $app_id -t $DO_CTL_TOKEN --wait --spec spec.yaml + - env_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "prod" || echo "dev" ) + - release_name=$( [ "$env_name" = "prod" ] && echo "$APP_NAME" || echo "$env_name""-""$APP_NAME" ) + # Install application chart + - >- + helm upgrade --install "$release_name" -n commune-"$env_name"-web-apps + -f values.yaml -f apps/"$APP_NAME"/values.yaml + -f apps/"$APP_NAME"/values."$env_name".yaml + --set deployment.image.tag="$COMMIT_SHORT_SHA" + --wait renlabs/application trigger: branch: @@ -72,20 +83,31 @@ steps: build_args: APP_NAME=commune-validator - name: deploy - image: digitalocean/doctl:latest + image: ghcr.io/renlabs-dev/devops-ci:latest environment: - DO_CTL_TOKEN: - from_secret: DO_CTL_TOKEN + VAULT_ADDR: + from_secret: VAULT_ADDR + VAULT_ROLE_ID: + from_secret: VAULT_ROLE_ID + VAULT_SECRET_ID: + from_secret: VAULT_SECRET_ID + APP_NAME: commune-validator commands: - - apk add jq - - export PATH=$PATH:/app + # Download helm chart and authenticate to Kubernetes + - /apps/k8s_auth_w_approle.sh + - helm repo add renlabs https://charts.renlabs.dev/ + - helm repo update + # Set auxiliary environment variables - export COMMIT_SHORT_SHA=${DRONE_COMMIT_SHA:0:7} - - app_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "community-validator" || echo "dev-community-validator" ) - - app_id=$(doctl apps list -t $DO_CTL_TOKEN -o json | jq --arg name "$app_name" '.[] | select(.spec.name == $name) | .id' | tr -d '"') - - doctl apps spec get $app_id -t $DO_CTL_TOKEN > spec.yaml - - sed -i "s/\(tag:*\).*/\1 \"$COMMIT_SHORT_SHA\"/" spec.yaml - - doctl apps spec validate spec.yaml -t $DO_CTL_TOKEN --schema-only > /dev/null - - doctl apps update $app_id -t $DO_CTL_TOKEN --wait --spec spec.yaml + - env_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "prod" || echo "dev" ) + - release_name=$( [ "$env_name" = "prod" ] && echo "$APP_NAME" || echo "$env_name""-""$APP_NAME" ) + # Install application chart + - >- + helm upgrade --install "$release_name" -n commune-"$env_name"-web-apps + -f values.yaml -f apps/"$APP_NAME"/values.yaml + -f apps/"$APP_NAME"/values."$env_name".yaml + --set deployment.image.tag="$COMMIT_SHORT_SHA" + --wait renlabs/application trigger: branch: @@ -125,20 +147,31 @@ steps: build_args: APP_NAME=commune-worker - name: deploy - image: digitalocean/doctl:latest + image: ghcr.io/renlabs-dev/devops-ci:latest environment: - DO_CTL_TOKEN: - from_secret: DO_CTL_TOKEN + VAULT_ADDR: + from_secret: VAULT_ADDR + VAULT_ROLE_ID: + from_secret: VAULT_ROLE_ID + VAULT_SECRET_ID: + from_secret: VAULT_SECRET_ID + APP_NAME: commune-worker commands: - - apk add jq - - export PATH=$PATH:/app + # Download helm chart and authenticate to Kubernetes + - /apps/k8s_auth_w_approle.sh + - helm repo add renlabs https://charts.renlabs.dev/ + - helm repo update + # Set auxiliary environment variables - export COMMIT_SHORT_SHA=${DRONE_COMMIT_SHA:0:7} - - app_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "commune-worker" || echo "dev-commune-worker" ) - - app_id=$(doctl apps list -t $DO_CTL_TOKEN -o json | jq --arg name "$app_name" '.[] | select(.spec.name == $name) | .id' | tr -d '"') - - doctl apps spec get $app_id -t $DO_CTL_TOKEN > spec.yaml - - sed -i "s/\(tag:*\).*/\1 \"$COMMIT_SHORT_SHA\"/" spec.yaml - - doctl apps spec validate spec.yaml -t $DO_CTL_TOKEN --schema-only > /dev/null - - doctl apps update $app_id -t $DO_CTL_TOKEN --wait --spec spec.yaml + - env_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "prod" || echo "dev" ) + - release_name=$( [ "$env_name" = "prod" ] && echo "$APP_NAME" || echo "$env_name""-""$APP_NAME" ) + # Install application chart + - >- + helm upgrade --install "$release_name" -n commune-"$env_name"-web-apps + -f values.yaml -f apps/"$APP_NAME"/values.yaml + -f apps/"$APP_NAME"/values."$env_name".yaml + --set deployment.image.tag="$COMMIT_SHORT_SHA" + --wait renlabs/application trigger: branch: @@ -178,20 +211,31 @@ steps: build_args: APP_NAME=commune-governance - name: deploy - image: digitalocean/doctl:latest + image: ghcr.io/renlabs-dev/devops-ci:latest environment: - DO_CTL_TOKEN: - from_secret: DO_CTL_TOKEN + VAULT_ADDR: + from_secret: VAULT_ADDR + VAULT_ROLE_ID: + from_secret: VAULT_ROLE_ID + VAULT_SECRET_ID: + from_secret: VAULT_SECRET_ID + APP_NAME: commune-governance commands: - - apk add jq - - export PATH=$PATH:/app + # Download helm chart and authenticate to Kubernetes + - /apps/k8s_auth_w_approle.sh + - helm repo add renlabs https://charts.renlabs.dev/ + - helm repo update + # Set auxiliary environment variables - export COMMIT_SHORT_SHA=${DRONE_COMMIT_SHA:0:7} - - app_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "commune-governance" || echo "dev-commune-governance" ) - - app_id=$(doctl apps list -t $DO_CTL_TOKEN -o json | jq --arg name "$app_name" '.[] | select(.spec.name == $name) | .id' | tr -d '"') - - doctl apps spec get $app_id -t $DO_CTL_TOKEN > spec.yaml - - sed -i "s/\(tag:*\).*/\1 \"$COMMIT_SHORT_SHA\"/" spec.yaml - - doctl apps spec validate spec.yaml -t $DO_CTL_TOKEN --schema-only > /dev/null - - doctl apps update $app_id -t $DO_CTL_TOKEN --wait --spec spec.yaml + - env_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "prod" || echo "dev" ) + - release_name=$( [ "$env_name" = "prod" ] && echo "$APP_NAME" || echo "$env_name""-""$APP_NAME" ) + # Install application chart + - >- + helm upgrade --install "$release_name" -n commune-"$env_name"-web-apps + -f values.yaml -f apps/"$APP_NAME"/values.yaml + -f apps/"$APP_NAME"/values."$env_name".yaml + --set deployment.image.tag="$COMMIT_SHORT_SHA" + --wait renlabs/application trigger: branch: @@ -231,20 +275,31 @@ steps: build_args: APP_NAME=commune-wallet - name: deploy - image: digitalocean/doctl:latest + image: ghcr.io/renlabs-dev/devops-ci:latest environment: - DO_CTL_TOKEN: - from_secret: DO_CTL_TOKEN + VAULT_ADDR: + from_secret: VAULT_ADDR + VAULT_ROLE_ID: + from_secret: VAULT_ROLE_ID + VAULT_SECRET_ID: + from_secret: VAULT_SECRET_ID + APP_NAME: commune-wallet commands: - - apk add jq - - export PATH=$PATH:/app + # Download helm chart and authenticate to Kubernetes + - /apps/k8s_auth_w_approle.sh + - helm repo add renlabs https://charts.renlabs.dev/ + - helm repo update + # Set auxiliary environment variables - export COMMIT_SHORT_SHA=${DRONE_COMMIT_SHA:0:7} - - app_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "commune-wallet" || echo "dev-commune-wallet" ) - - app_id=$(doctl apps list -t $DO_CTL_TOKEN -o json | jq --arg name "$app_name" '.[] | select(.spec.name == $name) | .id' | tr -d '"') - - doctl apps spec get $app_id -t $DO_CTL_TOKEN > spec.yaml - - sed -i "s/\(tag:*\).*/\1 \"$COMMIT_SHORT_SHA\"/" spec.yaml - - doctl apps spec validate spec.yaml -t $DO_CTL_TOKEN --schema-only > /dev/null - - doctl apps update $app_id -t $DO_CTL_TOKEN --wait --spec spec.yaml + - env_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "prod" || echo "dev" ) + - release_name=$( [ "$env_name" = "prod" ] && echo "$APP_NAME" || echo "$env_name""-""$APP_NAME" ) + # Install application chart + - >- + helm upgrade --install "$release_name" -n commune-"$env_name"-web-apps + -f values.yaml -f apps/"$APP_NAME"/values.yaml + -f apps/"$APP_NAME"/values."$env_name".yaml + --set deployment.image.tag="$COMMIT_SHORT_SHA" + --wait renlabs/application trigger: branch: @@ -284,20 +339,31 @@ steps: build_args: APP_NAME=commune-cache - name: deploy - image: digitalocean/doctl:latest + image: ghcr.io/renlabs-dev/devops-ci:latest environment: - DO_CTL_TOKEN: - from_secret: DO_CTL_TOKEN + VAULT_ADDR: + from_secret: VAULT_ADDR + VAULT_ROLE_ID: + from_secret: VAULT_ROLE_ID + VAULT_SECRET_ID: + from_secret: VAULT_SECRET_ID + APP_NAME: commune-cache commands: - - apk add jq - - export PATH=$PATH:/app + # Download helm chart and authenticate to Kubernetes + - /apps/k8s_auth_w_approle.sh + - helm repo add renlabs https://charts.renlabs.dev/ + - helm repo update + # Set auxiliary environment variables - export COMMIT_SHORT_SHA=${DRONE_COMMIT_SHA:0:7} - - app_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "commune-cache" || echo "dev-commune-cache" ) - - app_id=$(doctl apps list -t $DO_CTL_TOKEN -o json | jq --arg name "$app_name" '.[] | select(.spec.name == $name) | .id' | tr -d '"') - - doctl apps spec get $app_id -t $DO_CTL_TOKEN > spec.yaml - - sed -i "s/\(tag:*\).*/\1 \"$COMMIT_SHORT_SHA\"/" spec.yaml - - doctl apps spec validate spec.yaml -t $DO_CTL_TOKEN --schema-only > /dev/null - - doctl apps update $app_id -t $DO_CTL_TOKEN --wait --spec spec.yaml + - env_name=$( [ "$DRONE_BRANCH" = "main" ] && echo "prod" || echo "dev" ) + - release_name=$( [ "$env_name" = "prod" ] && echo "$APP_NAME" || echo "$env_name""-""$APP_NAME" ) + # Install application chart + - >- + helm upgrade --install "$release_name" -n commune-"$env_name"-web-apps + -f values.yaml -f apps/"$APP_NAME"/values.yaml + -f apps/"$APP_NAME"/values."$env_name".yaml + --set deployment.image.tag="$COMMIT_SHORT_SHA" + --wait renlabs/application trigger: branch: diff --git a/apps/commune-cache/values.dev.yaml b/apps/commune-cache/values.dev.yaml new file mode 100644 index 00000000..f0246327 --- /dev/null +++ b/apps/commune-cache/values.dev.yaml @@ -0,0 +1,10 @@ +environmentName: dev + +wssApiEndpoint: wss://testnet.api.communeai.net + +ingress: + hosts: + - host: dev.cache.communeai.org + paths: + - path: / + pathType: Prefix diff --git a/apps/commune-cache/values.prod.yaml b/apps/commune-cache/values.prod.yaml new file mode 100644 index 00000000..8f017a7b --- /dev/null +++ b/apps/commune-cache/values.prod.yaml @@ -0,0 +1,10 @@ +environmentName: prod + +wssApiEndpoint: wss://api.communeai.net + +ingress: + hosts: + - host: cache.communeai.org + paths: + - path: / + pathType: Prefix \ No newline at end of file diff --git a/apps/commune-cache/values.yaml b/apps/commune-cache/values.yaml new file mode 100644 index 00000000..7584231b --- /dev/null +++ b/apps/commune-cache/values.yaml @@ -0,0 +1,20 @@ +cacheUrl: "" + +deployment: + image: + repository: ghcr.io/renlabs-dev/commune-cache + + command: ["pnpm"] + args: ["tsx", "./src/index.ts"] + + startupProbe: + httpGet: + path: /api/stake-out + + readinessProbe: + httpGet: + path: /api/stake-out + + livenessProbe: + httpGet: + path: /api/stake-out diff --git a/apps/commune-governance/values.dev.yaml b/apps/commune-governance/values.dev.yaml new file mode 100644 index 00000000..f95f01be --- /dev/null +++ b/apps/commune-governance/values.dev.yaml @@ -0,0 +1,11 @@ +environmentName: dev + +wssApiEndpoint: wss://testnet.api.communeai.net +cacheUrl: https://dev.cache.communeai.org + +ingress: + hosts: + - host: dev.governance.communeai.org + paths: + - path: / + pathType: Prefix diff --git a/apps/commune-governance/values.prod.yaml b/apps/commune-governance/values.prod.yaml new file mode 100644 index 00000000..7babbdec --- /dev/null +++ b/apps/commune-governance/values.prod.yaml @@ -0,0 +1,11 @@ +environmentName: prod + +wssApiEndpoint: wss://api.communeai.net +cacheUrl: https://cache.communeai.org + +ingress: + hosts: + - host: governance.communeai.org + paths: + - path: / + pathType: Prefix diff --git a/apps/commune-governance/values.yaml b/apps/commune-governance/values.yaml new file mode 100644 index 00000000..6fa75aa3 --- /dev/null +++ b/apps/commune-governance/values.yaml @@ -0,0 +1,15 @@ +deployment: + image: + repository: ghcr.io/renlabs-dev/commune-governance + + env: + JWT_SECRET: + valueFrom: + secretKeyRef: + name: '{{ .Values.environmentName }}-web-apps-secret' + key: jwt_secret + POSTGRES_URL: + valueFrom: + secretKeyRef: + name: '{{ .Values.environmentName }}-web-apps-secret' + key: community_validator_db_url \ No newline at end of file diff --git a/apps/commune-page/values.dev.yaml b/apps/commune-page/values.dev.yaml new file mode 100644 index 00000000..cdb70c54 --- /dev/null +++ b/apps/commune-page/values.dev.yaml @@ -0,0 +1,11 @@ +environmentName: dev + +wssApiEndpoint: wss://testnet.api.communeai.net +cacheUrl: https://dev.cache.communeai.org + +ingress: + hosts: + - host: dev.communeai.org + paths: + - path: / + pathType: Prefix diff --git a/apps/commune-page/values.prod.yaml b/apps/commune-page/values.prod.yaml new file mode 100644 index 00000000..c2068ee6 --- /dev/null +++ b/apps/commune-page/values.prod.yaml @@ -0,0 +1,11 @@ +environmentName: prod + +wssApiEndpoint: wss://api.communeai.net +cacheUrl: https://cache.communeai.org + +ingress: + hosts: + - host: communeai.org + paths: + - path: / + pathType: Prefix diff --git a/apps/commune-page/values.yaml b/apps/commune-page/values.yaml new file mode 100644 index 00000000..5d7bf72d --- /dev/null +++ b/apps/commune-page/values.yaml @@ -0,0 +1,3 @@ +deployment: + image: + repository: ghcr.io/renlabs-dev/commune-page diff --git a/apps/commune-validator/values.dev.yaml b/apps/commune-validator/values.dev.yaml new file mode 100644 index 00000000..2af4e24c --- /dev/null +++ b/apps/commune-validator/values.dev.yaml @@ -0,0 +1,11 @@ +environmentName: dev + +wssApiEndpoint: wss://testnet.api.communeai.net +cacheUrl: https://dev.cache.communeai.org + +ingress: + hosts: + - host: dev.validator.communeai.org + paths: + - path: / + pathType: Prefix diff --git a/apps/commune-validator/values.prod.yaml b/apps/commune-validator/values.prod.yaml new file mode 100644 index 00000000..4d604c92 --- /dev/null +++ b/apps/commune-validator/values.prod.yaml @@ -0,0 +1,11 @@ +environmentName: prod + +wssApiEndpoint: wss://api.communeai.net +cacheUrl: https://cache.communeai.org + +ingress: + hosts: + - host: validator.communeai.org + paths: + - path: / + pathType: Prefix diff --git a/apps/commune-validator/values.yaml b/apps/commune-validator/values.yaml new file mode 100644 index 00000000..c3325f43 --- /dev/null +++ b/apps/commune-validator/values.yaml @@ -0,0 +1,15 @@ +deployment: + image: + repository: ghcr.io/renlabs-dev/community-validator + + env: + JWT_SECRET: + valueFrom: + secretKeyRef: + name: '{{ .Values.environmentName }}-web-apps-secret' + key: jwt_secret + POSTGRES_URL: + valueFrom: + secretKeyRef: + name: '{{ .Values.environmentName }}-web-apps-secret' + key: community_validator_db_url \ No newline at end of file diff --git a/apps/commune-wallet/values.dev.yaml b/apps/commune-wallet/values.dev.yaml new file mode 100644 index 00000000..916edc3d --- /dev/null +++ b/apps/commune-wallet/values.dev.yaml @@ -0,0 +1,11 @@ +environmentName: dev + +wssApiEndpoint: wss://testnet.api.communeai.net +cacheUrl: https://dev.cache.communeai.org + +ingress: + hosts: + - host: dev.wallet.communeai.org + paths: + - path: / + pathType: Prefix diff --git a/apps/commune-wallet/values.prod.yaml b/apps/commune-wallet/values.prod.yaml new file mode 100644 index 00000000..8977d364 --- /dev/null +++ b/apps/commune-wallet/values.prod.yaml @@ -0,0 +1,11 @@ +environmentName: prod + +wssApiEndpoint: wss://api.communeai.net +cacheUrl: https://cache.communeai.org + +ingress: + hosts: + - host: wallet.communeai.org + paths: + - path: / + pathType: Prefix diff --git a/apps/commune-wallet/values.yaml b/apps/commune-wallet/values.yaml new file mode 100644 index 00000000..926dc524 --- /dev/null +++ b/apps/commune-wallet/values.yaml @@ -0,0 +1,3 @@ +deployment: + image: + repository: ghcr.io/renlabs-dev/commune-wallet diff --git a/apps/commune-worker/values.dev.yaml b/apps/commune-worker/values.dev.yaml new file mode 100644 index 00000000..3d45460a --- /dev/null +++ b/apps/commune-worker/values.dev.yaml @@ -0,0 +1,3 @@ +environmentName: dev + +wssApiEndpoint: wss://testnet.api.communeai.net \ No newline at end of file diff --git a/apps/commune-worker/values.prod.yaml b/apps/commune-worker/values.prod.yaml new file mode 100644 index 00000000..dc947db9 --- /dev/null +++ b/apps/commune-worker/values.prod.yaml @@ -0,0 +1,3 @@ +environmentName: prod + +wssApiEndpoint: wss://api.communeai.net \ No newline at end of file diff --git a/apps/commune-worker/values.yaml b/apps/commune-worker/values.yaml new file mode 100644 index 00000000..3ca3b747 --- /dev/null +++ b/apps/commune-worker/values.yaml @@ -0,0 +1,124 @@ +cacheUrl: "" + +ingress: + enabled: false + +service: + enabled: false + +configMap: + enabled: true + files: + module-fetcher: + PORT: "8001" + NEXT_PUBLIC_PORT: "8001" + subnet-fetcher: + PORT: "8002" + NEXT_PUBLIC_PORT: "8002" + weight-aggregator: + PORT: "8003" + NEXT_PUBLIC_PORT: "8003" + +deployment: + containerName: dao + image: + repository: ghcr.io/renlabs-dev/commune-worker + + command: ["pnpm"] + args: ["tsx", "./src/index.ts", "dao"] + + ports: [] + + startupProbe: + enabled: false + readinessProbe: + enabled: false + livenessProbe: + enabled: false + + resources: + limits: + memory: 256Mi + cpu: 1 + requests: + memory: 200Mi + cpu: 0.4 + + env: + COMMUNITY_VALIDATOR_MNEMONIC: + valueFrom: + secretKeyRef: + name: '{{ .Values.environmentName }}-web-apps-secret' + key: community_validator_mnemonic + POSTGRES_URL: + valueFrom: + secretKeyRef: + name: '{{ .Values.environmentName }}-web-apps-secret' + key: community_validator_db_url + DAO_NOTIFIER_DISCORD_WEBHOOK_URL: + valueFrom: + secretKeyRef: + name: '{{ .Values.environmentName }}-web-apps-secret' + key: dao_notifier_discord_webhook_url + + additionalContainers: + - name: module-fetcher + image: + repository: + fromMain: true + tag: + fromMain: true + envFrom: + - configMapRef: + name: '{{ .Release.Name }}-module-fetcher' + useMainEnv: true + command: ["pnpm"] + args: ["tsx", "./src/index.ts", "module-fetcher"] + resources: + limits: + memory: 500Mi + cpu: 0.5 + requests: + memory: 280Mi + cpu: 0.25 + + - name: subnet-fetcher + image: + repository: + fromMain: true + tag: + fromMain: true + envFrom: + - configMapRef: + name: '{{ .Release.Name }}-subnet-fetcher' + useMainEnv: true + command: ["pnpm"] + args: ["tsx", "./src/index.ts", "subnet-fetcher"] + resources: + limits: + memory: 256Mi + cpu: 0.3 + requests: + memory: 180Mi + cpu: 0.02 + + - name: weight-aggregator + image: + repository: + fromMain: true + tag: + fromMain: true + envFrom: + - configMapRef: + name: '{{ .Release.Name }}-weight-aggregator' + useMainEnv: true + command: ["pnpm"] + args: ["tsx", "./src/index.ts", "weight-aggregator"] + resources: + limits: + memory: 350Mi + cpu: 0.3 + requests: + memory: 200Mi + cpu: 0.05 + diff --git a/values.yaml b/values.yaml new file mode 100644 index 00000000..1f43116e --- /dev/null +++ b/values.yaml @@ -0,0 +1,103 @@ +deployment: + reloadOnChange: true + + env: + NEXT_PUBLIC_WS_PROVIDER_URL: + valueFrom: + configMapKeyRef: + name: '{{ template "application.name" . }}-config' + key: next_public_ws_url + NEXT_PUBLIC_CACHE_PROVIDER_URL: + valueFrom: + configMapKeyRef: + name: '{{ template "application.name" . }}-config' + key: next_public_cache_provider_url + PINATA_JWT: + valueFrom: + secretKeyRef: + name: '{{ .Values.environmentName }}-web-apps-secret' + key: pinata_jwt + + startupProbe: + enabled: true + failureThreshold: 30 + periodSeconds: 10 + httpGet: + path: / + port: 8000 + + readinessProbe: + enabled: true + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + initialDelaySeconds: 10 + httpGet: + path: / + port: 8000 + + livenessProbe: + enabled: true + failureThreshold: 3 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 1 + initialDelaySeconds: 10 + httpGet: + path: / + port: 8000 + + # resources: + # limits: + # memory: 256Mi + # cpu: 0.5 + # requests: + # memory: 128Mi + # cpu: 0.1 + + containerSecurityContext: + readOnlyRootFilesystem: false + runAsNonRoot: false + + + # command: [] + + # args: [] + + ports: + - containerPort: 8000 + name: http + protocol: TCP + +service: + ports: + - port: 8000 + name: http + protocol: TCP + targetPort: 8000 + +ingress: + enabled: true + ingressClassName: nginx + +configMap: + enabled: true + files: + config: + next_public_ws_url: "{{ .Values.wssApiEndpoint }}" + next_public_cache_provider_url: "{{ .Values.cacheUrl }}" + +staticSecret: + enabled: true + secrets: + - name: web-apps + type: kv-v2 + mount: commune_infra + path: '{{ .Values.environmentName }}_web_apps' + destination: + name: '{{ .Values.environmentName }}-web-apps-secret' + create: true + overwrite: true + refreshAfter: 30s + vaultAuthRef: 'commune-{{ .Values.environmentName }}-web-apps-commune-{{ .Values.environmentName }}-web-apps-default'