Skip to content
This repository has been archived by the owner on Jan 19, 2024. It is now read-only.

Commit

Permalink
fix: use CNPG (#301)
Browse files Browse the repository at this point in the history 
* fix: use CNPG

* fix

* fix

* fix

* fix

* fix s3 secret

---------

Co-authored-by: Adrien Chauve <[email protected]>
  • Loading branch information
@achauve
Julien Bouquillon and achauve authored Nov 22, 2023
1 parent c61793f commit ed05966
Show file tree
Hide file tree
Showing 5 changed files with 53 additions and 23 deletions.
15 changes: 15 additions & 0 deletions .kontinuous/config.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
projectName: mon-psy-sante
ciNamespace: ci-mon-psy-sante

dependencies:
fabrique:
extends:
- name: buildkit-service
dependencies:
contrib:
preDeploy:
importSecrets:
options:
secrets:
mon-psy-sante-dev-backups-access-key:
mon-psy-sante-prod-backups-access-key:
23 changes: 3 additions & 20 deletions .kontinuous/env/dev/values.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,31 +1,14 @@
app:
~needs: [build-app,seed]
~needs: [build-app, seed]

jobs:
runs:
db:
use: create-db
seed:
~needs: [build-app,db]
~needs: [build-app, pg]
checkout: false # no need to checkout the repo as we use the docker image
shell: sh
image: "{{ .Values.global.registry }}{{ if .Values.global.imageProject }}{{ print `/` .Values.global.imageProject }}{{ end }}/{{ .Values.global.imageRepository }}/app:{{ .Values.global.imageTag }}"
run: "yarn db:init"
envFrom:
- secretRef:
name: "pg-user"

db-keycloak:
use: create-db
with:
pgSecretName: "keycloak-db"
database: "keycloak_{{ .Values.global.branchSlug32 }}"
pgUser: "keycloak_{{ .Values.global.branchSlug32 }}"

keycloak:
~needs: [db-keycloak]
extraEnvFrom: |
- secretRef:
name: "keycloak-db"
- secretRef:
name: keycloak-secrets
name: pg-app
13 changes: 13 additions & 0 deletions .kontinuous/env/prod/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,13 @@ app:
value: "https://keycloak-{{ .Values.global.host }}/auth/realms/mon-psy-sante"
- name: KEYCLOAK_ID
value: mon-psy-app
envFrom:
- secretRef:
name: "{{ .Values.global.pgSecretName }}" # todo: change to pg-app after CNPG migration
- secretRef:
name: app-sealed-secret
- secretRef:
name: keycloak-secrets

keycloak:
ingress:
Expand All @@ -39,6 +46,12 @@ keycloak:
- hosts:
- "keycloak-{{ .Values.global.host }}"
secretName: keycloak-crt
# todo: remove block after CNPG migration
extraEnvFrom: |
- secretRef:
name: keycloak-db
- secretRef:
name: keycloak-secrets
jobs:
runs:
Expand Down
13 changes: 10 additions & 3 deletions .kontinuous/values.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,10 @@
app:
containerPort: 3000
~needs: [pg, keycloak]
probesPath: "/healthz"
envFrom:
- secretRef:
name: "{{ .Values.global.pgSecretName }}"
name: pg-app
- secretRef:
name: app-sealed-secret
- secretRef:
Expand All @@ -16,13 +17,20 @@ app:
- name: KEYCLOAK_ID
value: mon-psy-app

pg:
~chart: pg

pg-keycloak:
~chart: pg

keycloak:
~needs: [pg-keycloak]
postgresql:
enabled: false

extraEnvFrom: |
- secretRef:
name: keycloak-db
name: pg-keycloak-app
- secretRef:
name: keycloak-secrets
Expand Down Expand Up @@ -56,7 +64,6 @@ keycloak:
mountPath: "/realm/"
readOnly: true
extraInitContainers: |
- name: compile-realm
image: hairyhenderson/gomplate:v3.10.0-alpine
Expand Down
12 changes: 12 additions & 0 deletions src/db/config/config.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,9 +5,21 @@ module.exports = {
development: {
dialect: "postgres",
url: process.env.DATABASE_URL,
dialectOptions: {
ssl: {
require: false,
rejectUnauthorized: false,
},
},
},
production: {
dialect: "postgres",
url: process.env.DATABASE_URL,
dialectOptions: {
ssl: {
require: true,
rejectUnauthorized: false,
},
},
},
};

0 comments on commit ed05966

Please sign in to comment.