ministryofjustice/Claim-for-Crown-Court-Defence

View on GitHub
.k8s/live/dev-lgfs/deployment.yaml

Summary

Maintainability
Test Coverage
apiVersion: apps/v1
kind: Deployment
metadata:
  name: claim-for-crown-court-defence
  namespace: cccd-dev-lgfs
spec:
  replicas: 2
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxUnavailable: 0
      maxSurge: 100%
  selector:
    matchLabels:
      app: cccd
  template:
    metadata:
      labels:
        app: cccd
    spec:
      serviceAccountName: cccd-dev-lgfs-service
      containers:
        - name: cccd-app
          imagePullPolicy: Always
          image: 754256621582.dkr.ecr.eu-west-2.amazonaws.com/laa-get-paid/cccd:set-me
          ports:
            - containerPort: 3000
          readinessProbe:
            httpGet:
              path: /ping.json
              port: 3000
              httpHeaders:
                - name: X-Forwarded-Proto
                  value: https
                - name: X-Forwarded-Ssl
                  value: "on"
            initialDelaySeconds: 15
            periodSeconds: 10
          livenessProbe:
            httpGet:
              path: /ping.json
              port: 3000
              httpHeaders:
                - name: X-Forwarded-Proto
                  value: https
                - name: X-Forwarded-Ssl
                  value: "on"
            initialDelaySeconds: 30
            periodSeconds: 10
          securityContext:
            capabilities:
              drop:
              - ALL
            runAsNonRoot: true
            allowPrivilegeEscalation: false
            seccompProfile:
              type: RuntimeDefault
          lifecycle:
            preStop:
              exec:
                command: ["/bin/sleep","30"]

          # configMapRef: non-secret env vars defined in `app-config.yml`
          # secretRef: secret env vars defined by app secrets
          # WHERE env var name matches key name
          #
          envFrom:
            - configMapRef:
                name: cccd-app-config
            - secretRef:
                name: cccd-secrets

          # secret env vars defined by infrastructure/terraform
          # WHERE env var name does not match key name
          env:
            - name: DATABASE_URL
              valueFrom:
                secretKeyRef:
                  name: cccd-rds
                  key: url
            - name: SETTINGS__AWS__S3__BUCKET
              valueFrom:
                secretKeyRef:
                  name: cccd-s3-bucket
                  key: bucket_name
            - name: SETTINGS__AWS__SNS__SUBMITTED_TOPIC_ARN
              valueFrom:
                secretKeyRef:
                  name: cccd-messaging
                  key: topic_arn
            - name: AWS_RESPONSE_QUEUE_NAME
              valueFrom:
                secretKeyRef:
                  name: cccd-messaging
                  key: sqs_cccd_name
            - name: REDIS_URL
              valueFrom:
                secretKeyRef:
                  name: cccd-elasticache-redis
                  key: url