-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add the GC_ORGANISATIONS_BUCKET_NAME
env variable to admin and api
#3383
Merged
+16
−3
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ingress nginx 132 2025-01-22 16:24:37.62983099 +0000 UTC deployed nginx-ingress-1.1.2 3.4.2
xray-daemon xray 130 2025-01-22 16:24:34.523566781 +0000 UTC deployed aws-xray-4.0.8 3.3.12
Comparing release=notify-documentation, chart=charts/notify-documentation
Comparing release=notify-api, chart=charts/notify-api
notification-canada-ca, notify-api, Deployment (apps) has changed:
# Source: notify-api/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: notify-api
labels:
app: notify-api
spec:
priorityClassName: high-priority
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
selector:
matchLabels:
app: notify-api
template:
metadata:
labels:
app: notify-api
spec:
serviceAccountName: notify-api
dnsPolicy: ClusterFirst
restartPolicy: Always
terminationGracePeriodSeconds: 60
securityContext:
{}
initContainers:
- name: init-postgres
image: alpine
command:
[
"sh",
"-c",
"until nslookup $POSTGRES_HOST; do echo waiting for postgres; sleep 2; done;",
]
env:
- name: POSTGRES_HOST
valueFrom:
secretKeyRef:
name: notify-api
key: POSTGRES_HOST
- name: migrate-db
image: "public.ecr.aws/cds-snc/notify-api:2e6f633"
volumeMounts:
- name: secrets-store-inline
mountPath: "/mnt/secrets-store"
readOnly: true
env:
# Includes common ENV Variables
- name: ADMIN_BASE_DOMAIN
value: "https://staging.notification.cdssandbox.xyz"
- name: ALLOW_DEBUG_ROUTE
value: "true"
- name: ALLOW_HTML_SERVICE_IDS
value: "4de8b784-03a8-4ba8-a440-3bfea1b04fe6,ea608120-148a-4eba-a64c-4d9a8010e7b0"
- name: API_HOST_NAME
value: "https://api.staging.notification.cdssandbox.xyz"
- name: ASSET_DOMAIN
value: "https://assets.staging.notification.cdssandbox.xyz"
- name: ASSET_UPLOAD_BUCKET_NAME
value: "notification-canada-ca-staging-asset-upload"
- name: AWS_PINPOINT_REGION
value: "us-west-2"
- name: AWS_REGION
value: "ca-central-1"
- name: AWS_SES_REGION
value: "us-east-1"
- name: AWS_SES_SMTP
value: "email-smtp.us-east-1.amazonaws.com"
- name: AWS_US_TOLL_FREE_NUMBER
value: "+18005555555"
- name: AWS_XRAY_CONTEXT_MISSING
value: "LOG_WARNING"
- name: AWS_XRAY_SDK_ENABLED
value: "true"
- name: AWS_XRAY_TRACING_ENABLED
value: "true"
- name: BASE_DOMAIN
value: "staging.notification.cdssandbox.xyz"
- name: BATCH_INSERTION_CHUNK_SIZE
value: "10"
- name: CRM_ORG_LIST_URL
value: "https://raw.githubusercontent.com/cds-snc/gc-organisations-qa/main/data/all.json"
- name: CSV_UPLOAD_BUCKET_NAME
value: "notification-canada-ca-staging-csv-upload"
- name: DOCUMENTATION_DOMAIN
value: "documentation.staging.notification.cdssandbox.xyz"
- name: DOCUMENT_DOWNLOAD_API_HOST
value: "http://notify-document-download.notification-canada-ca.svc.cluster.local:7000"
- name: FF_ANNUAL_LIMIT
value: "true"
- name: FF_CLOUDWATCH_METRICS_ENABLED
value: "false"
- name: FF_PT_SERVICE_SKIP_FRESHDESK
value: "true"
- name: FF_SALESFORCE_CONTACT
value: "false"
- name: FLASK_APP
value: "application.py"
- name: FRESH_DESK_API_URL
value: "https://cds-snc.freshdesk.com"
+ - name: GC_ORGANISATIONS_BUCKET_NAME
+ value: "notification-canada-ca-staging-gc-organisations"
- name: HC_EN_SERVICE_ID
value: "c2fe9fac-2f28-40ca-b152-08ee41cd6843"
- name: HC_FR_SERVICE_ID
value: "changeme"
- name: NEW_RELIC_APP_NAME
value: "notification-api-staging"
- name: NEW_RELIC_CONFIG_FILE
value: "/app/newrelic.ini"
- name: NEW_RELIC_DISTRIBUTED_TRACING_ENABLED
value: "true"
- name: NEW_RELIC_MONITOR_MODE
value: "false"
- name: NOTIFICATION_QUEUE_PREFIX
value: "eks-notification-canada-ca"
- name: NOTIFY_ENVIRONMENT
value: "staging"
- name: REDIS_ENABLED
value: "1"
- name: SALESFORCE_DOMAIN
value: "test"
- name: SENTRY_URL
value: "https://[email protected]/1522933"
- name: SQL_ALCHEMY_POOL_SIZE
value: "256"
- name: ZENDESK_API_URL
value: "https://api.getbase.com"
- name: ZENDESK_SELL_API_URL
value: "https://cds-snc.zendesk.com"
# Includes secret ENV Variables
- name: ADMIN_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: notify-api
key: ADMIN_CLIENT_SECRET
- name: AWS_ROUTE53_ZONE
valueFrom:
secretKeyRef:
name: notify-api
key: AWS_ROUTE53_ZONE
- name: AWS_SES_ACCESS_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: AWS_SES_ACCESS_KEY
- name: AWS_SES_SECRET_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: AWS_SES_SECRET_KEY
- name: CRM_GITHUB_PERSONAL_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: notify-api
key: CRM_GITHUB_PERSONAL_ACCESS_TOKEN
- name: CYPRESS_AUTH_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: notify-api
key: CYPRESS_AUTH_CLIENT_SECRET
- name: CYPRESS_USER_PW_SECRET
valueFrom:
secretKeyRef:
name: notify-api
key: CYPRESS_USER_PW_SECRET
- name: DANGEROUS_SALT
valueFrom:
secretKeyRef:
name: notify-api
key: DANGEROUS_SALT
- name: DEBUG_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: DEBUG_KEY
- name: FRESH_DESK_API_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: FRESH_DESK_API_KEY
- name: FRESH_DESK_PRODUCT_ID
valueFrom:
secretKeyRef:
name: notify-api
key: FRESH_DESK_PRODUCT_ID
- name: NEW_RELIC_LICENSE_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: NEW_RELIC_LICENSE_KEY
- name: POSTGRES_HOST
valueFrom:
secretKeyRef:
name: notify-api
key: POSTGRES_HOST
- name: REDIS_PUBLISH_URL
valueFrom:
secretKeyRef:
name: notify-api
key: REDIS_PUBLISH_URL
- name: REDIS_URL
valueFrom:
secretKeyRef:
name: notify-api
key: REDIS_URL
- name: SALESFORCE_ENGAGEMENT_PRODUCT_ID
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_ENGAGEMENT_PRODUCT_ID
- name: SALESFORCE_ENGAGEMENT_RECORD_TYPE
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_ENGAGEMENT_RECORD_TYPE
- name: SALESFORCE_ENGAGEMENT_STANDARD_PRICEBOOK_ID
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_ENGAGEMENT_STANDARD_PRICEBOOK_ID
- name: SALESFORCE_GENERIC_ACCOUNT_ID
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_GENERIC_ACCOUNT_ID
- name: SALESFORCE_PASSWORD
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_PASSWORD
- name: SALESFORCE_SECURITY_TOKEN
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_SECURITY_TOKEN
- name: SALESFORCE_USERNAME
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_USERNAME
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: SECRET_KEY
- name: SENDGRID_API_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: SENDGRID_API_KEY
- name: SQLALCHEMY_DATABASE_READER_URI
valueFrom:
secretKeyRef:
name: notify-api
key: SQLALCHEMY_DATABASE_READER_URI
- name: SQLALCHEMY_DATABASE_URI
valueFrom:
secretKeyRef:
name: notify-api
key: SQLALCHEMY_DATABASE_URI
- name: SRE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: notify-api
key: SRE_CLIENT_SECRET
- name: ZENDESK_API_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: ZENDESK_API_KEY
- name: ZENDESK_SELL_API_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: ZENDESK_SELL_API_KEY
- name: STATSD_HOST
valueFrom:
fieldRef:
fieldPath: spec.nodeName
command:
[
"sh",
"-c",
"flask db upgrade || echo 'ERROR: database migration failed'",
]
containers:
- name: notify-api
securityContext:
{}
image: "public.ecr.aws/cds-snc/notify-api:2e6f633"
imagePullPolicy: Always
env:
# Includes common ENV Variables
- name: ADMIN_BASE_DOMAIN
value: "https://staging.notification.cdssandbox.xyz"
- name: ALLOW_DEBUG_ROUTE
value: "true"
- name: ALLOW_HTML_SERVICE_IDS
value: "4de8b784-03a8-4ba8-a440-3bfea1b04fe6,ea608120-148a-4eba-a64c-4d9a8010e7b0"
- name: API_HOST_NAME
value: "https://api.staging.notification.cdssandbox.xyz"
- name: ASSET_DOMAIN
value: "https://assets.staging.notification.cdssandbox.xyz"
- name: ASSET_UPLOAD_BUCKET_NAME
value: "notification-canada-ca-staging-asset-upload"
- name: AWS_PINPOINT_REGION
value: "us-west-2"
- name: AWS_REGION
value: "ca-central-1"
- name: AWS_SES_REGION
value: "us-east-1"
- name: AWS_SES_SMTP
value: "email-smtp.us-east-1.amazonaws.com"
- name: AWS_US_TOLL_FREE_NUMBER
value: "+18005555555"
- name: AWS_XRAY_CONTEXT_MISSING
value: "LOG_WARNING"
- name: AWS_XRAY_SDK_ENABLED
value: "true"
- name: AWS_XRAY_TRACING_ENABLED
value: "true"
- name: BASE_DOMAIN
value: "staging.notification.cdssandbox.xyz"
- name: BATCH_INSERTION_CHUNK_SIZE
value: "10"
- name: CRM_ORG_LIST_URL
value: "https://raw.githubusercontent.com/cds-snc/gc-organisations-qa/main/data/all.json"
- name: CSV_UPLOAD_BUCKET_NAME
value: "notification-canada-ca-staging-csv-upload"
- name: DOCUMENTATION_DOMAIN
value: "documentation.staging.notification.cdssandbox.xyz"
- name: DOCUMENT_DOWNLOAD_API_HOST
value: "http://notify-document-download.notification-canada-ca.svc.cluster.local:7000"
- name: FF_ANNUAL_LIMIT
value: "true"
- name: FF_CLOUDWATCH_METRICS_ENABLED
value: "false"
- name: FF_PT_SERVICE_SKIP_FRESHDESK
value: "true"
- name: FF_SALESFORCE_CONTACT
value: "false"
- name: FLASK_APP
value: "application.py"
- name: FRESH_DESK_API_URL
value: "https://cds-snc.freshdesk.com"
+ - name: GC_ORGANISATIONS_BUCKET_NAME
+ value: "notification-canada-ca-staging-gc-organisations"
- name: HC_EN_SERVICE_ID
value: "c2fe9fac-2f28-40ca-b152-08ee41cd6843"
- name: HC_FR_SERVICE_ID
value: "changeme"
- name: NEW_RELIC_APP_NAME
value: "notification-api-staging"
- name: NEW_RELIC_CONFIG_FILE
value: "/app/newrelic.ini"
- name: NEW_RELIC_DISTRIBUTED_TRACING_ENABLED
value: "true"
- name: NEW_RELIC_MONITOR_MODE
value: "false"
- name: NOTIFICATION_QUEUE_PREFIX
value: "eks-notification-canada-ca"
- name: NOTIFY_ENVIRONMENT
value: "staging"
- name: REDIS_ENABLED
value: "1"
- name: SALESFORCE_DOMAIN
value: "test"
- name: SENTRY_URL
value: "https://[email protected]/1522933"
- name: SQL_ALCHEMY_POOL_SIZE
value: "256"
- name: ZENDESK_API_URL
value: "https://api.getbase.com"
- name: ZENDESK_SELL_API_URL
value: "https://cds-snc.zendesk.com"
# Includes secret ENV Variables
- name: ADMIN_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: notify-api
key: ADMIN_CLIENT_SECRET
- name: AWS_ROUTE53_ZONE
valueFrom:
secretKeyRef:
name: notify-api
key: AWS_ROUTE53_ZONE
- name: AWS_SES_ACCESS_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: AWS_SES_ACCESS_KEY
- name: AWS_SES_SECRET_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: AWS_SES_SECRET_KEY
- name: CRM_GITHUB_PERSONAL_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: notify-api
key: CRM_GITHUB_PERSONAL_ACCESS_TOKEN
- name: CYPRESS_AUTH_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: notify-api
key: CYPRESS_AUTH_CLIENT_SECRET
- name: CYPRESS_USER_PW_SECRET
valueFrom:
secretKeyRef:
name: notify-api
key: CYPRESS_USER_PW_SECRET
- name: DANGEROUS_SALT
valueFrom:
secretKeyRef:
name: notify-api
key: DANGEROUS_SALT
- name: DEBUG_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: DEBUG_KEY
- name: FRESH_DESK_API_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: FRESH_DESK_API_KEY
- name: FRESH_DESK_PRODUCT_ID
valueFrom:
secretKeyRef:
name: notify-api
key: FRESH_DESK_PRODUCT_ID
- name: NEW_RELIC_LICENSE_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: NEW_RELIC_LICENSE_KEY
- name: POSTGRES_HOST
valueFrom:
secretKeyRef:
name: notify-api
key: POSTGRES_HOST
- name: REDIS_PUBLISH_URL
valueFrom:
secretKeyRef:
name: notify-api
key: REDIS_PUBLISH_URL
- name: REDIS_URL
valueFrom:
secretKeyRef:
name: notify-api
key: REDIS_URL
- name: SALESFORCE_ENGAGEMENT_PRODUCT_ID
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_ENGAGEMENT_PRODUCT_ID
- name: SALESFORCE_ENGAGEMENT_RECORD_TYPE
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_ENGAGEMENT_RECORD_TYPE
- name: SALESFORCE_ENGAGEMENT_STANDARD_PRICEBOOK_ID
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_ENGAGEMENT_STANDARD_PRICEBOOK_ID
- name: SALESFORCE_GENERIC_ACCOUNT_ID
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_GENERIC_ACCOUNT_ID
- name: SALESFORCE_PASSWORD
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_PASSWORD
- name: SALESFORCE_SECURITY_TOKEN
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_SECURITY_TOKEN
- name: SALESFORCE_USERNAME
valueFrom:
secretKeyRef:
name: notify-api
key: SALESFORCE_USERNAME
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: SECRET_KEY
- name: SENDGRID_API_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: SENDGRID_API_KEY
- name: SQLALCHEMY_DATABASE_READER_URI
valueFrom:
secretKeyRef:
name: notify-api
key: SQLALCHEMY_DATABASE_READER_URI
- name: SQLALCHEMY_DATABASE_URI
valueFrom:
secretKeyRef:
name: notify-api
key: SQLALCHEMY_DATABASE_URI
- name: SRE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: notify-api
key: SRE_CLIENT_SECRET
- name: ZENDESK_API_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: ZENDESK_API_KEY
- name: ZENDESK_SELL_API_KEY
valueFrom:
secretKeyRef:
name: notify-api
key: ZENDESK_SELL_API_KEY
- name: STATSD_HOST
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: secrets-store-inline
mountPath: "/mnt/secrets-store"
readOnly: true
ports:
- name: http
containerPort: 6011
protocol: TCP
readinessProbe:
httpGet:
path: /_status?simple=true
port: 6011
initialDelaySeconds: 45
periodSeconds: 3
timeoutSeconds: 1
successThreshold: 3
failureThreshold: 10
livenessProbe:
httpGet:
path: "/_status?simple=true"
port: 6011
initialDelaySeconds: 45
periodSeconds: 3
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
resources:
limits:
cpu: 1200m
memory: 900Mi
requests:
cpu: 250m
memory: 700Mi
volumes:
- name: secrets-store-inline
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: notify-api
nodeSelector:
eks.amazonaws.com/capacityType: ON_DEMAND
Comparing release=notify-admin, chart=charts/notify-admin
notification-canada-ca, notify-admin, Deployment (apps) has changed:
# Source: notify-admin/templates/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: notify-admin
labels:
app: notify-admin
spec:
priorityClassName: high-priority
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
selector:
matchLabels:
app: notify-admin
template:
metadata:
labels:
app: notify-admin
spec:
serviceAccountName: notify-admin
dnsPolicy: ClusterFirst
restartPolicy: Always
terminationGracePeriodSeconds: 60
securityContext:
{}
initContainers:
- name: init-postgres
image: alpine
command:
[
"sh",
"-c",
"until nc -z -w 2 $API_HOST_NAME 443; do echo waiting for api; sleep 2; done"
]
env:
- name: API_HOST_NAME
value: api.staging.notification.cdssandbox.xyz
containers:
- name: notify-admin
securityContext:
{}
image: "public.ecr.aws/cds-snc/notify-admin:f9cdc39"
imagePullPolicy: Always
env:
# Includes common ENV Variables
- name: ADMIN_BASE_URL
value: "staging.notification.cdssandbox.xyz"
- name: ALLOW_DEBUG_ROUTE
value: "true"
- name: ALLOW_HTML_SERVICE_IDS
value: "4de8b784-03a8-4ba8-a440-3bfea1b04fe6,ea608120-148a-4eba-a64c-4d9a8010e7b0"
- name: API_HOST_NAME
value: "https://api.staging.notification.cdssandbox.xyz"
- name: ASSET_UPLOAD_BUCKET_NAME
value: "notification-canada-ca-staging-asset-upload"
- name: AWS_REGION
value: "ca-central-1"
- name: AWS_XRAY_CONTEXT_MISSING
value: "LOG_WARNING"
- name: AWS_XRAY_SDK_ENABLED
value: "true"
- name: AWS_XRAY_TRACING_ENABLED
value: "true"
- name: BASE_DOMAIN
value: "staging.notification.cdssandbox.xyz"
- name: BULK_SEND_AWS_BUCKET
value: "notification-canada-ca-staging-bulk-send"
- name: BULK_SEND_TEST_SERVICE_ID
value: "ea608120-148a-4eba-a64c-4d9a8010e7b0"
- name: CONTACT_EMAIL
value: "[email protected]"
- name: CRM_ORG_LIST_URL
value: "https://raw.githubusercontent.com/cds-snc/gc-organisations/main/data/all.json"
- name: CSV_UPLOAD_BUCKET_NAME
value: "notification-canada-ca-staging-csv-upload"
- name: DOCUMENTATION_DOMAIN
value: "https://documentation.staging.notification.cdssandbox.xyz"
- name: FF_ANNUAL_LIMIT
value: "true"
- name: FF_RTL
value: "true"
- name: FF_SALESFORCE_CONTACT
value: "false"
- name: FLASK_APP
value: "application.py"
- name: GC_ARTICLES_API
value: "articles.alpha.canada.ca/notification-gc-notify"
+ - name: GC_ORGANISATIONS_BUCKET_NAME
+ value: "notification-canada-ca-staging-gc-organisations"
- name: HC_EN_SERVICE_ID
value: "c2fe9fac-2f28-40ca-b152-08ee41cd6843"
- name: HC_FR_SERVICE_ID
value: "changeme"
- name: IP_GEOLOCATE_SERVICE
value: "http://ipv4.notification-canada-ca.svc.cluster.local:8080"
- name: NEW_RELIC_APP_NAME
value: "notification-admin-staging"
- name: NEW_RELIC_CONFIG_FILE
value: "/app/newrelic.ini"
- name: NEW_RELIC_DISTRIBUTED_TRACING_ENABLED
value: "true"
- name: NEW_RELIC_MONITOR_MODE
value: "true"
- name: NOTIFY_ENVIRONMENT
value: "staging"
- name: REDIS_ENABLED
value: "true"
- name: SENTRY_URL
value: "https://[email protected]/1522933"
- name: SHOW_STYLE_GUIDE
value: "true"
# Includes secret ENV Variables
- name: ADMIN_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: notify-admin
key: ADMIN_CLIENT_SECRET
- name: CRM_GITHUB_PERSONAL_ACCESS_TOKEN
valueFrom:
secretKeyRef:
name: notify-admin
key: CRM_GITHUB_PERSONAL_ACCESS_TOKEN
- name: DANGEROUS_SALT
valueFrom:
secretKeyRef:
name: notify-admin
key: DANGEROUS_SALT
- name: DEBUG_KEY
valueFrom:
secretKeyRef:
name: notify-admin
key: DEBUG_KEY
- name: GC_ARTICLES_API_AUTH_PASSWORD
valueFrom:
secretKeyRef:
name: notify-admin
key: GC_ARTICLES_API_AUTH_PASSWORD
- name: GC_ARTICLES_API_AUTH_USERNAME
valueFrom:
secretKeyRef:
name: notify-admin
key: GC_ARTICLES_API_AUTH_USERNAME
- name: MIXPANEL_PROJECT_TOKEN
valueFrom:
secretKeyRef:
name: notify-admin
key: MIXPANEL_PROJECT_TOKEN
- name: NEW_RELIC_LICENSE_KEY
valueFrom:
secretKeyRef:
name: notify-admin
key: NEW_RELIC_LICENSE_KEY
- name: REDIS_PUBLISH_URL
valueFrom:
secretKeyRef:
name: notify-admin
key: REDIS_PUBLISH_URL
- name: REDIS_URL
valueFrom:
secretKeyRef:
name: notify-admin
key: REDIS_URL
- name: SECRET_KEY
valueFrom:
secretKeyRef:
name: notify-admin
key: SECRET_KEY
- name: SQLALCHEMY_DATABASE_URI
valueFrom:
secretKeyRef:
name: notify-admin
key: SQLALCHEMY_DATABASE_URI
- name: WAF_SECRET
valueFrom:
secretKeyRef:
name: notify-admin
key: WAF_SECRET
- name: STATSD_HOST
valueFrom:
fieldRef:
fieldPath: spec.nodeName
volumeMounts:
- name: secrets-store-inline
mountPath: "/mnt/secrets-store"
readOnly: true
ports:
- name: http
containerPort: 6012
protocol: TCP
readinessProbe:
httpGet:
path: /_status?simple=true
port: 6012
initialDelaySeconds: 10
periodSeconds: 3
timeoutSeconds: 1
successThreshold: 3
failureThreshold: 10
livenessProbe:
httpGet:
path: "/_status?simple=true"
port: 6012
initialDelaySeconds: 30
periodSeconds: 3
timeoutSeconds: 1
successThreshold: 1
failureThreshold: 3
resources:
limits:
cpu: 1200m
memory: 900Mi
requests:
cpu: 250m
memory: 700Mi
volumes:
- name: secrets-store-inline
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: notify-admin
nodeSelector:
eks.amazonaws.com/capacityType: ON_DEMAND
Comparing release=notify-document-download, chart=charts/notify-document-download
Comparing release=notify-celery, chart=charts/notify-celery
Comparing release=k8s-event-logger, chart=/tmp/helmfile2648521322/amazon-cloudwatch/staging/k8s-event-logger/k8s-event-logger/1.1.8/k8s-event-logger
Comparing release=karpenter-crd, chart=/tmp/helmfile2648521322/karpenter/staging/karpenter-crd/karpenter-crd/0.36.1/karpenter-crd
Comparing release=karpenter, chart=/tmp/helmfile2648521322/karpenter/staging/karpenter/karpenter/0.36.1/karpenter
Comparing release=karpenter-nodepool, chart=charts/karpenter-nodepool
Comparing release=priority-classes, chart=deliveryhero/priority-class
Comparing release=secrets-store-csi-driver, chart=secrets-store-csi-driver/secrets-store-csi-driver
Comparing release=aws-secrets-provider, chart=aws-secrets-manager/secrets-store-csi-driver-provider-aws
Comparing release=kube-state-metrics, chart=prometheus-community/kube-state-metrics
Comparing release=blazer, chart=stakater/application
Comparing release=ingress, chart=charts/nginx-ingress
Comparing release=xray-daemon, chart=okgolove/aws-xray |
ben851
approved these changes
Jan 22, 2025
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What happens when your PR merges?
This PR adds the
GC_ORGANISATIONS_BUCKET_NAME
to admin and api deployments. This will let us get the gc-organisations data from S3 instead of github.What are you changing?
Provide some background on the changes
If you are releasing a new version of Notify, what components are you updating
Checklist if releasing new version
Checklist if making changes to Kubernetes
After merging this PR