sova/sova-deploy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: initial import for test contour

Browse Source
This commit is contained in:
sova-bootstrap
2026-05-27 19:36:33 +03:00
commit 11596ee01b
36 changed files with 2816 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/backend/templates/all.yaml
+232
View File
@@ -0,0 +1,232 @@
{{- if .Values.jwt.enabled }}
apiVersion: v1
kind: Secret
metadata:
name: backend-jwt
namespace: {{ .Values.namespace }}
type: Opaque
data:
private.pem: {{ .Files.Get "jwt/private.pem" | b64enc }}
public.pem: {{ .Files.Get "jwt/public.pem" | b64enc }}
---
{{- end }}
apiVersion: v1
kind: Secret
metadata:
name: backend-env
namespace: {{ .Values.namespace }}
annotations:
helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-weight: "-10"
helm.sh/hook-delete-policy: before-hook-creation
type: Opaque
stringData:
{{- range $key, $val := .Values.secrets }}
{{ $key }}: {{ $val | quote }}
{{- end }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: backend-nginx-config
namespace: {{ .Values.namespace }}
data:
default.conf: |
server {
listen 8080;
server_name _;
root /app/public;
index index.php;
client_max_body_size 108M;
location / {
try_files $uri /index.php$is_args$args;
}
location ~* \.(?:jpg|jpeg|gif|png|ico|css|js|svg|woff2)$ {
expires 1y;
add_header Cache-Control "public, immutable";
access_log off;
try_files $uri =404;
}
location ~ ^/index\.php(/|$) {
fastcgi_pass 127.0.0.1:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_param HTTP_PROXY "";
internal;
}
location ~ \.php$ {
return 404;
}
}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: backend
namespace: {{ .Values.namespace }}
labels:
app: backend
env: test
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: backend
template:
metadata:
labels:
app: backend
env: test
spec:
containers:
- name: php-fpm
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- containerPort: 9000
name: fpm
envFrom:
- secretRef:
name: backend-env
env:
- name: JWT_SECRET_KEY
value: /app/config/jwt/private.pem
- name: JWT_PUBLIC_KEY
value: /app/config/jwt/public.pem
{{- range $key, $val := .Values.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
volumeMounts:
- name: app-public
mountPath: /app/public
- name: jwt-keys
mountPath: /app/config/jwt
readOnly: true
resources:
{{- toYaml .Values.resources.php | nindent 12 }}
- name: nginx
image: {{ .Values.nginx.image }}
ports:
- containerPort: 8080
name: http
volumeMounts:
- name: app-public
mountPath: /app/public
readOnly: true
- name: nginx-config
mountPath: /etc/nginx/conf.d/default.conf
subPath: default.conf
resources:
{{- toYaml .Values.resources.nginx | nindent 12 }}
initContainers:
- name: copy-public
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
command: ["sh", "-c", "cp -a /app/public/. /public/"]
volumeMounts:
- name: app-public
mountPath: /public
volumes:
- name: app-public
emptyDir: {}
- name: nginx-config
configMap:
name: backend-nginx-config
- name: jwt-keys
secret:
secretName: backend-jwt
---
apiVersion: v1
kind: Service
metadata:
name: backend
namespace: {{ .Values.namespace }}
spec:
selector:
app: backend
ports:
- name: http
port: 80
targetPort: 8080
---
{{- if .Values.ingress.enabled }}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: backend
namespace: {{ .Values.namespace }}
spec:
ingressClassName: {{ .Values.ingress.className }}
rules:
- host: {{ .Values.ingress.host }}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: backend
port:
number: 80
{{- end }}
---
{{- if .Values.migrate.enabled }}
apiVersion: batch/v1
kind: Job
metadata:
name: backend-migrate
namespace: {{ .Values.namespace }}
annotations:
helm.sh/hook: pre-install,pre-upgrade
helm.sh/hook-weight: "0"
helm.sh/hook-delete-policy: before-hook-creation
spec:
template:
spec:
restartPolicy: Never
containers:
- name: migrate
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
command: ["php", "bin/console", "doctrine:migrations:migrate", "--no-interaction"]
envFrom:
- secretRef:
name: backend-env
env:
{{- range $key, $val := .Values.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}
---
{{- if .Values.cronjobs.clearScheduleCache.enabled }}
apiVersion: batch/v1
kind: CronJob
metadata:
name: backend-clear-schedule-cache
namespace: {{ .Values.namespace }}
spec:
schedule: {{ .Values.cronjobs.clearScheduleCache.schedule | quote }}
concurrencyPolicy: Forbid
successfulJobsHistoryLimit: 3
failedJobsHistoryLimit: 3
jobTemplate:
spec:
activeDeadlineSeconds: 3600
template:
spec:
restartPolicy: OnFailure
containers:
- name: console
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
command: {{ .Values.cronjobs.clearScheduleCache.command | toJson }}
envFrom:
- secretRef:
name: backend-env
env:
{{- range $key, $val := .Values.env }}
- name: {{ $key }}
value: {{ $val | quote }}
{{- end }}
{{- end }}