diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..0c0171b --- /dev/null +++ b/Dockerfile @@ -0,0 +1,11 @@ +FROM python:3.6.7-alpine +MAINTAINER Artem Kubrachenko +WORKDIR /app +COPY dbservice.py requirements.txt ./ +RUN mkdir app +COPY app/* ./app/ +RUN apk --no-cache add build-base +RUN apk --no-cache add postgresql-dev +RUN pip install -r requirements.txt +ENTRYPOINT ["python"] +CMD ["dbservice.py"] diff --git a/E2E-Test.yaml b/E2E-Test.yaml new file mode 100644 index 0000000..bb28282 --- /dev/null +++ b/E2E-Test.yaml @@ -0,0 +1,95 @@ +--- + +apiVersion: v1 +kind: Secret +metadata: + name: db-secret + namespace: testing +data: + username: ZGJhZG1pbg== + password: UGFzc3dvcmQ= + dbname: c3Jtc3lzdGVt +type: Opaque + +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + namespace: testing + labels: + app: pvc-postgres + name: postgres-pvc +spec: + #storageClassName: slow + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 2Gi + +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + namespace: testing + name: postgres + labels: + service: postgresdb +spec: + template: + metadata: + labels: + app: postgres + spec: + initContainers: + - name: volume-mount-hack + image: busybox + command: ["sh", "-c", "chown -R 999:999 /var/lib/postgresql/"] + volumeMounts: + - name: postgres-pv-claim + mountPath: /var/lib/postgresql/data + subPath: postgres + containers: + - image: postgres:9.6.2 + name: postgresql + env: + - name: POSTGRES_DB + valueFrom: + secretKeyRef: + name: db-secret + key: dbname + - name: POSTGRES_USER + valueFrom: + secretKeyRef: + name: db-secret + key: username + - name: POSTGRES_PASSWORD + valueFrom: + secretKeyRef: + name: db-secret + key: password + ports: + - containerPort: 5432 + volumeMounts: + - name: postgres-pv-claim + mountPath: /var/lib/postgresql/data + subPath: postgres + volumes: + - name: postgres-pv-claim + persistentVolumeClaim: + claimName: postgres-pvc + +--- +kind: Service +apiVersion: v1 +metadata: + namespace: testing + name: srmsystemdb +spec: + selector: + app: postgres + ports: + - protocol: TCP + port: 5432 + targetPort: 5432 +--- diff --git a/Jenkinsfile b/Jenkinsfile new file mode 100644 index 0000000..5c27bd1 --- /dev/null +++ b/Jenkinsfile @@ -0,0 +1,94 @@ +def label = "mypod-${UUID.randomUUID().toString()}" + + +podTemplate(label: label, annotations: [podAnnotation(key: "sidecar.istio.io/inject", value: "false")], containers: [ + containerTemplate(name: 'python-alpine', image: 'ghostgoose33/python-alp:v3', command: 'cat', ttyEnabled: true), + containerTemplate(name: 'docker', image: 'ghostgoose33/docker-in:v1', command: 'cat', ttyEnabled: true) +], +volumes: [ + hostPathVolume(mountPath: '/var/run/docker.sock', hostPath: '/var/run/docker.sock') +], serviceAccount: "jenkins") +{ + +def dockerRegistry = "100.71.71.71:5000" +def Creds = "git_cred" +def projName = "db-service" +def imageVersion = "latest" +def imageName = "100.71.71.71:5000/db-service:${imageVersion}" +def imageN = '100.71.71.71:5000/db-service:' + +properties([ + parameters([ + stringParam( + defaultValue: '', + description: 'TAG', + name: 'service') + ]) +]) + + +node(label) +{ + try{ + stage("Pre-Test"){ + dir('db'){ + git(branch: "test", url: 'https://github.com/Kv-045DevOps/SRM-DB.git', credentialsId: "${Creds}") + imageTagDB = (sh (script: "git rev-parse --short HEAD", returnStdout: true)) + tmp = "1" + pathTocodedb = pwd() + } + } + stage("Test image_regisrty_check"){ + container("python-alpine"){ + check_new = (sh (script: "python3 /images-registry-test.py db-service ${imageTagDB}", returnStdout:true).trim()) + echo "${check_new}" + } + } + + stage ("Unit Tests"){ + sh 'echo "Here will be unit tests"' + } + stage("Test code using PyLint and version build"){ + container('python-alpine'){ + pathTocode = pwd() + sh "python3 /pylint-test.py ${pathTocodedb}/app/routes.py" + } + } + stage("Build docker image"){ + container('docker'){ + pathdocker = pwd() + if ("${tmp}" == "${check_new}"){ + container("docker"){ + sh "docker images" + sh "cat /etc/docker/daemon.json" + + sh "docker build ${pathTocodedb} -t ${imageN}${imageTagDB}" + sh "docker build ${pathTocodedb}/init-container/ -t ${dockerRegistry}/init-container:${imageTagDB}" + sh "docker images" + + sh "docker push ${imageN}${imageTagDB}" + sh "docker push ${dockerRegistry}/init-container:${imageTagDB}" + sleep 20 + } + build(job: 'GitHub/GET-SERVICES/test1', parameters: [[$class: 'StringParameterValue', name:"imageTagDB_", value: "${imageTagDB}"], + [$class: 'StringParameterValue', name:"imageTagUI_", value: "${params.imageTagUI_}"], + [$class: 'StringParameterValue', name:"imageTagGET_", value: "${params.imageTagGET_}"], + [$class: 'StringParameterValue', name:"imageTagPOST_", value: "${params.imageTagPOST_}"], + [$class: 'StringParameterValue', name:"service", value: "db"]], wait: true) + } else { + echo "NO" + } + + } + } + } + catch(err){ + currentBuild.result = 'Failure' + } +} +} + + + + + diff --git a/Jenkinsfile_v1 b/Jenkinsfile_v1 new file mode 100644 index 0000000..7cb74d6 --- /dev/null +++ b/Jenkinsfile_v1 @@ -0,0 +1,96 @@ +def label = "mypod-${UUID.randomUUID().toString()}" + +podTemplate(label: label, containers: [ + containerTemplate(name: 'python-alpine', image: 'ghostgoose33/python-alp:v1', command: 'cat', ttyEnabled: true), + containerTemplate(name: 'docker', image: 'docker', command: 'cat', ttyEnabled: true), + containerTemplate(name: 'kubectl', image: 'lachlanevenson/k8s-kubectl:v1.8.8', command: 'cat', ttyEnabled: true) +], +volumes: [ + hostPathVolume(mountPath: '/var/run/docker.sock', hostPath: '/var/run/docker.sock') +], serviceAccount: "jenkins") +{ +def app +def imageTag +def dockerRegistry = "100.71.71.71:5000" +def Creds = "git_cred" +def projName = "db-service" +def imageVersion = "latest" +def imageName = "100.71.71.71:5000/db-service:${imageVersion}" +def imageN = '100.71.71.71:5000/db-service:' + + +node(label) +{ + try{ + stage("Git Checkout"){ + git( + branch: "test", + url: 'https://github.com/Kv-045DevOps/SRM-DB.git', + credentialsId: "${Creds}") + //sh "git rev-parse --short HEAD > .git/commit-id" + imageTag = sh (script: "git rev-parse --short HEAD", returnStdout: true) + } + stage("Info"){ + sh "echo $imageTag" + } + stage ("Unit Tests"){ + sh 'echo "Here will be unit tests"' + } + stage("Test code using PyLint and version build"){ + container('python-alpine'){ + pathTocode = pwd() + sh "python3 ${pathTocode}/sed_python.py template.yaml ${dockerRegistry}/db-service ${imageTag}" + sh "python3 ${pathTocode}/sed_python.py template.yaml ${dockerRegistry}/init-container ${imageTag}" + sh "python3 ${pathTocode}/pylint-test.py ${pathTocode}/app/routes.py" + sh 'cat template.yaml' + } + } + stage("Build docker images"){ + container('docker'){ + pathdocker = pwd() + sh "docker build ${pathdocker} -t ${imageN}${imageTag}" + sh "docker build ${pathdocker}/init-container/ -t ${dockerRegistry}/init-container:${imageTag}" + sh "docker images" + //withCredentials([usernamePassword(credentialsId: 'docker_registry_2', passwordVariable: 'dockerPassword', usernameVariable: 'dockerUser')]) { + + sh "docker push ${imageN}${imageTag}" + sh "docker push ${dockerRegistry}/init-container:${imageTag}" + //} + } + } + + stage("Deploy to Kubernetes"){ + withcredentials( + [usernamePassword(credentialsId: 'DbCred', usernameVariable: 'DB_USERNAME', passwordVariable: 'DB_PASSWORD')] + [stringCredentials(credentialsId: 'DbName', secretVariable: 'DB_NAME',)]) + container('kubectl'){ + sh "kubectl create secret generic db-secret --from-literal=username=$DB_USERNAME --from-literal=password=$DB_PASSWORD --from-literal=dbname=$DB_NAME -n production" + sh "kubectl apply -f template.yaml" + sh "kubectl get pods --namespace=production" + } + } + stage ("E2E Tests - Stage 1"){ + container('python-alpine'){ + sh 'echo "Here are e2e tests"' + sh "python3 sed_python_test.py template-test.yaml ${imageTag}" + sh 'cat template-test.yaml' + } + } + stage ("E2E Tests - Stage 2"){ + container('kubectl'){ + sh 'kubectl apply -f template-test.yaml' + sh 'kubectl get pods -n testing' + } + } + stage ("Unit Tests"){ + sh 'echo "Here will be e2e tests"' + } + } + catch(err){ + currentBuild.result = 'Failure' + } +} +} + + +sleep 30 diff --git a/app/config.py b/app/config.py deleted file mode 100644 index a7107a1..0000000 --- a/app/config.py +++ /dev/null @@ -1,6 +0,0 @@ -DATABASE_CONFIG = { - 'host': '127.0.0.1', - 'dbname': 'srmsystem', - 'user': 'dbadmin', - 'password': 'Password' -} \ No newline at end of file diff --git a/app/dbconnect.py b/app/dbconnect.py index 1d8c362..1b5614e 100644 --- a/app/dbconnect.py +++ b/app/dbconnect.py @@ -1,12 +1,13 @@ import psycopg2 -from app import config +import os def connect_db(dbname): - if dbname != config.DATABASE_CONFIG['dbname']: + if dbname != str(os.getenv("PGDATABASE")): raise ValueError("Couldn't not find DB with given name") - conn = psycopg2.connect(host=config.DATABASE_CONFIG['host'], - user=config.DATABASE_CONFIG['user'], - password=config.DATABASE_CONFIG['password'], - dbname=config.DATABASE_CONFIG['dbname']) + conn = psycopg2.connect(host=str(os.getenv("POSTGRES_HOST")), + port=str(os.getenv("POSTGRES_PORT")), + user=str(os.getenv("PGUSER")), + password=str(os.getenv("PGPASSWORD")), + dbname=str(os.getenv("PGDATABASE"))) return conn \ No newline at end of file diff --git a/dbservice.py b/dbservice.py index e524e69..5885962 100644 --- a/dbservice.py +++ b/dbservice.py @@ -1 +1,3 @@ -from app import app \ No newline at end of file +from app import app +if __name__ == "__main__": + app.run(host="0.0.0.0", port="5002") \ No newline at end of file diff --git a/images-registry-test.py b/images-registry-test.py new file mode 100644 index 0000000..ec3737e --- /dev/null +++ b/images-registry-test.py @@ -0,0 +1,28 @@ +import sys +import os +import requests +import json + +def main(): + check_image() + + +def check_image(): + tmp = requests.get("http://100.71.71.71:5000/v2/" + sys.argv[1] + "/tags/list") + req = tmp.json() + #print(req) + if (tmp.status_code == 404): + print("1") + return 1 + else: + if req["name"] == sys.argv[1] and sys.argv[2] in req["tags"]: + print("0") + return 0 + else: + #raise Exception("Image with tag " + sys.argv[1] + " does not exist in Docker Registry with IP: " + sys.argv[1]) + print("1") + return 1 + + +if __name__=='__main__': + main() diff --git a/init-container/Dockerfile b/init-container/Dockerfile new file mode 100644 index 0000000..9d3b320 --- /dev/null +++ b/init-container/Dockerfile @@ -0,0 +1,4 @@ +FROM postgres:9.6.2 +MAINTAINER Artem Kubrachenko +WORKDIR /tmp +COPY check_dump.sh dbdump ./ \ No newline at end of file diff --git a/init-container/check_dump.sh b/init-container/check_dump.sh new file mode 100755 index 0000000..2a7c223 --- /dev/null +++ b/init-container/check_dump.sh @@ -0,0 +1,9 @@ +until pg_isready; do echo waiting for database; sleep 2; done; +export SELECT=$(psql -t -c "select 1 from information_schema.tables where table_schema='public' and table_name='department'") +if [ $SELECT = 1 ] +then + exit 0 +else + psql -f dbdump + exit 0 +fi \ No newline at end of file diff --git a/init-container/dbdump b/init-container/dbdump new file mode 100644 index 0000000..da3794b --- /dev/null +++ b/init-container/dbdump @@ -0,0 +1,247 @@ +-- +-- PostgreSQL database dump +-- + +SET statement_timeout = 0; +SET client_encoding = 'UTF8'; +SET standard_conforming_strings = on; +SET check_function_bodies = false; +SET client_min_messages = warning; + +-- +-- Name: plpgsql; Type: EXTENSION; Schema: -; Owner: +-- + +CREATE EXTENSION IF NOT EXISTS plpgsql WITH SCHEMA pg_catalog; + + +-- +-- Name: EXTENSION plpgsql; Type: COMMENT; Schema: -; Owner: +-- + +COMMENT ON EXTENSION plpgsql IS 'PL/pgSQL procedural language'; + + +SET search_path = public, pg_catalog; + +SET default_tablespace = ''; + +SET default_with_oids = false; + +-- +-- Name: department; Type: TABLE; Schema: public; Owner: dbadmin; Tablespace: +-- + +CREATE TABLE department ( + id integer NOT NULL, + name character varying(45) NOT NULL +); + + +ALTER TABLE public.department OWNER TO dbadmin; + +-- +-- Name: department_id_seq; Type: SEQUENCE; Schema: public; Owner: dbadmin +-- + +CREATE SEQUENCE department_id_seq + START WITH 1 + INCREMENT BY 1 + NO MINVALUE + NO MAXVALUE + CACHE 1; + + +ALTER TABLE public.department_id_seq OWNER TO dbadmin; + +-- +-- Name: department_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: dbadmin +-- + +ALTER SEQUENCE department_id_seq OWNED BY department.id; + + +-- +-- Name: employee; Type: TABLE; Schema: public; Owner: dbadmin; Tablespace: +-- + +CREATE TABLE employee ( + id integer NOT NULL, + fname character varying(45) NOT NULL, + sname character varying(45) NOT NULL, + exp integer NOT NULL, + "position" character varying(45) NOT NULL, + salary double precision NOT NULL, + coef double precision NOT NULL, + team_id integer NOT NULL +); + + +ALTER TABLE public.employee OWNER TO dbadmin; + +-- +-- Name: employee_id_seq; Type: SEQUENCE; Schema: public; Owner: dbadmin +-- + +CREATE SEQUENCE employee_id_seq + START WITH 1 + INCREMENT BY 1 + NO MINVALUE + NO MAXVALUE + CACHE 1; + + +ALTER TABLE public.employee_id_seq OWNER TO dbadmin; + +-- +-- Name: employee_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: dbadmin +-- + +ALTER SEQUENCE employee_id_seq OWNED BY employee.id; + + +-- +-- Name: team; Type: TABLE; Schema: public; Owner: dbadmin; Tablespace: +-- + +CREATE TABLE team ( + id integer NOT NULL, + name character varying(45) NOT NULL, + id_manager integer, + id_department integer +); + + +ALTER TABLE public.team OWNER TO dbadmin; + +-- +-- Name: team_id_seq; Type: SEQUENCE; Schema: public; Owner: dbadmin +-- + +CREATE SEQUENCE team_id_seq + START WITH 1 + INCREMENT BY 1 + NO MINVALUE + NO MAXVALUE + CACHE 1; + + +ALTER TABLE public.team_id_seq OWNER TO dbadmin; + +-- +-- Name: team_id_seq; Type: SEQUENCE OWNED BY; Schema: public; Owner: dbadmin +-- + +ALTER SEQUENCE team_id_seq OWNED BY team.id; + + +-- +-- Name: id; Type: DEFAULT; Schema: public; Owner: dbadmin +-- + +ALTER TABLE ONLY department ALTER COLUMN id SET DEFAULT nextval('department_id_seq'::regclass); + + +-- +-- Name: id; Type: DEFAULT; Schema: public; Owner: dbadmin +-- + +ALTER TABLE ONLY employee ALTER COLUMN id SET DEFAULT nextval('employee_id_seq'::regclass); + + +-- +-- Name: id; Type: DEFAULT; Schema: public; Owner: dbadmin +-- + +ALTER TABLE ONLY team ALTER COLUMN id SET DEFAULT nextval('team_id_seq'::regclass); + + +-- +-- Data for Name: department; Type: TABLE DATA; Schema: public; Owner: dbadmin +-- + +COPY department (id, name) FROM stdin; +9 CE +10 IT +\. + + +-- +-- Name: department_id_seq; Type: SEQUENCE SET; Schema: public; Owner: dbadmin +-- + +SELECT pg_catalog.setval('department_id_seq', 10, true); + + +-- +-- Data for Name: employee; Type: TABLE DATA; Schema: public; Owner: dbadmin +-- + +COPY employee (id, fname, sname, exp, "position", salary, coef, team_id) FROM stdin; +3 Ivan Ivanov 5 Manager 1000 0.100000000000000006 1 +4 Artem Kubrachenko 10 DevOps 2000 0.200000000000000011 2 +\. + + +-- +-- Name: employee_id_seq; Type: SEQUENCE SET; Schema: public; Owner: dbadmin +-- + +SELECT pg_catalog.setval('employee_id_seq', 4, true); + + +-- +-- Data for Name: team; Type: TABLE DATA; Schema: public; Owner: dbadmin +-- + +COPY team (id, name, id_manager, id_department) FROM stdin; +5 HA 1 1 +6 Dev 1 1 +\. + + +-- +-- Name: team_id_seq; Type: SEQUENCE SET; Schema: public; Owner: dbadmin +-- + +SELECT pg_catalog.setval('team_id_seq', 6, true); + + +-- +-- Name: department_pkey; Type: CONSTRAINT; Schema: public; Owner: dbadmin; Tablespace: +-- + +ALTER TABLE ONLY department + ADD CONSTRAINT department_pkey PRIMARY KEY (id); + + +-- +-- Name: employee_pkey; Type: CONSTRAINT; Schema: public; Owner: dbadmin; Tablespace: +-- + +ALTER TABLE ONLY employee + ADD CONSTRAINT employee_pkey PRIMARY KEY (id); + + +-- +-- Name: team_pkey; Type: CONSTRAINT; Schema: public; Owner: dbadmin; Tablespace: +-- + +ALTER TABLE ONLY team + ADD CONSTRAINT team_pkey PRIMARY KEY (id); + + +-- +-- Name: public; Type: ACL; Schema: -; Owner: postgres +-- + +REVOKE ALL ON SCHEMA public FROM PUBLIC; +REVOKE ALL ON SCHEMA public FROM postgres; +GRANT ALL ON SCHEMA public TO postgres; +GRANT ALL ON SCHEMA public TO PUBLIC; + + +-- +-- PostgreSQL database dump complete +-- + diff --git a/pylint-test.py b/pylint-test.py new file mode 100644 index 0000000..3d1bf44 --- /dev/null +++ b/pylint-test.py @@ -0,0 +1,20 @@ +import os +import sys +from pylint.lint import Run + +def main(): + check_rate_code() + + +def check_rate_code(): + results = Run([sys.argv[1]], do_exit=False) + if (results.linter.stats['global_note'] <= 5): + raise Exception("Code rate smaller than standard") + return 1 + else: + print(results.linter.stats['global_note']) + return 0 + + +if __name__=='__main__': + main() diff --git a/requirements.txt b/requirements.txt new file mode 100644 index 0000000..6ff17ce --- /dev/null +++ b/requirements.txt @@ -0,0 +1,12 @@ +certifi==2018.10.15 +chardet==3.0.4 +Click==7.0 +Flask==1.0.2 +idna==2.7 +itsdangerous==1.1.0 +Jinja2==2.10 +MarkupSafe==1.1.0 +psycopg2==2.7.6.1 +requests==2.20.1 +urllib3==1.24.1 +Werkzeug==0.14.1 diff --git a/sed_python.py b/sed_python.py new file mode 100644 index 0000000..d832a67 --- /dev/null +++ b/sed_python.py @@ -0,0 +1,16 @@ +import os +import sys + +with open(sys.argv[1], 'r') as file: + str_tmp = "ghostgoose" + data = file.read() + tmp = sys.argv[2] + ":" + sys.argv[3] + if sys.argv[2] == "100.71.71.71:5000/db-service": + data = data.replace("100.71.71.71:5000/db-service:latest", tmp) + elif sys.argv[2] == "100.71.71.71:5000/init-container": + data = data.replace("100.71.71.71:5000/init-container:latest", tmp) + print(data) + + +with open(sys.argv[1], 'w') as file: + file.write( data ) diff --git a/sed_python_test.py b/sed_python_test.py new file mode 100644 index 0000000..33bb332 --- /dev/null +++ b/sed_python_test.py @@ -0,0 +1,19 @@ +import os +import sys + +with open(sys.argv[1], 'r') as file: + str_tmp = "ghostgoose" + arr_f = ["100.71.71.71:5000/get-service", "100.71.71.71:5000/post-service", "100.71.71.71:5000/ui-service", "100.71.71.71:5000/db-service", "100.71.71.71:5000/init-container"] + arr = ["100.71.71.71:5000/get-service:v2", "100.71.71.71:5000/post-service:2.1", "100.71.71.71:5000/ui-service:latest", "100.71.71.71:5000/db-service:latest", "100.71.71.71:5000/init-container:latest"] + data = file.read() + print(len(arr_f)) + for i in range(len(arr_f)): + tmp = arr_f[i] + ":" + sys.argv[2] + data = data.replace(arr[i], tmp) + + + + +with open(sys.argv[1], 'w') as file: + file.write( data ) + print(data) diff --git a/template-test.yaml b/template-test.yaml new file mode 100644 index 0000000..70de851 --- /dev/null +++ b/template-test.yaml @@ -0,0 +1,70 @@ +--- +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + namespace: production + name: db-service +spec: + template: + metadata: + labels: + app: db-service + spec: + initContainers: + - image: 100.71.71.71:5000/init-container:latest + name: init-container-postgres + env: + - name: PGDATABASE + valueFrom: + secretKeyRef: + name: db-secret + key: dbname + - name: PGUSER + valueFrom: + secretKeyRef: + name: db-secret + key: username + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: db-secret + key: password + command: ['sh', '-c', '/bin/bash /tmp/check_dump.sh'] + containers: + - image: 100.71.71.71:5000/db-service:latest + name: db-service + ports: + - containerPort: 5002 + env: + - name: POSTGRES_HOST + value: srmsystemdb + - name: POSTGRES_PORT + value: "5432" + - name: PGDATABASE + valueFrom: + secretKeyRef: + name: db-secret + key: dbname + - name: PGUSER + valueFrom: + secretKeyRef: + name: db-secret + key: username + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: db-secret + key: password +--- +kind: Service +apiVersion: v1 +metadata: + namespace: production + name: db-service +spec: + selector: + app: db-service + ports: + - protocol: TCP + port: 5002 + targetPort: 5002 diff --git a/template.yaml b/template.yaml new file mode 100644 index 0000000..5a15442 --- /dev/null +++ b/template.yaml @@ -0,0 +1,84 @@ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + namespace: production + name: db-service +spec: + selector: + matchLabels: + app: db-service + template: + metadata: + labels: + app: db-service + spec: + initContainers: + - image: 100.71.71.71:5000/init-container:${params.imageTagDB_} + name: init-container-postgres + env: + - name: PGHOST + valueFrom: + secretKeyRef: + name: db-secret + key: dbhost + - name: PGDATABASE + valueFrom: + secretKeyRef: + name: db-secret + key: dbname + - name: PGUSER + valueFrom: + secretKeyRef: + name: db-secret + key: username + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: db-secret + key: password + - name: PGPORT + value: "5432" + command: ['sh', '-c', '/bin/bash /tmp/check_dump.sh'] + containers: + - image: 100.71.71.71:5000/db-service:${params.imageTagDB_} + name: db-service + ports: + - containerPort: 5002 + env: + - name: POSTGRES_HOST + valueFrom: + secretKeyRef: + name: db-secret + key: dbhost + - name: POSTGRES_PORT + value: "5432" + - name: PGDATABASE + valueFrom: + secretKeyRef: + name: db-secret + key: dbname + - name: PGUSER + valueFrom: + secretKeyRef: + name: db-secret + key: username + - name: PGPASSWORD + valueFrom: + secretKeyRef: + name: db-secret + key: password +--- +kind: Service +apiVersion: v1 +metadata: + namespace: production + name: db-service +spec: + selector: + app: db-service + ports: + - protocol: TCP + port: 5002 + targetPort: 5002 +---