-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathradixconfig.yaml
128 lines (128 loc) · 3.12 KB
/
radixconfig.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
apiVersion: radix.equinor.com/v1
kind: RadixApplication
metadata:
name: radix-networkpolicy-canary
spec:
build:
useBuildKit: true
environments:
- name: egressrulestopublicdns
build:
from: main
egress:
allowRadix: false
rules:
- destinations:
- "1.0.0.1/32" #cloudflare
- "1.1.1.1/32" #cloudflare
- "8.8.8.8/32" #google
- "8.8.4.4/32" #google
ports:
- port: 53
protocol: TCP
- port: 53
protocol: UDP
- name: oauthdenyall
build:
from: main
egress:
allowRadix: false
- name: allowradix
build:
from: main
egress:
allowRadix: true
jobs:
- name: myjob
readOnlyFileSystem: true
src: ./jobsrc
schedulerPort: 9000
timeLimitSeconds: 1
runtime:
architecture: arm64
resources:
requests:
cpu: "10m"
memory: "10M"
limits:
cpu: "10m"
memory: "400M"
components:
- name: redis
src: ./redis
secrets:
- REDIS_PASSWORD
ports:
- name: redis
port: 6379
runtime:
architecture: arm64
resources:
limits:
cpu: 20m
memory: 20M
requests:
cpu: 20m
memory: 20M
horizontalScaling:
maxReplicas: 1
minReplicas: 0
triggers:
- name: cron
cron:
timezone: Europe/Oslo
start: 0 7 * * 1-5 # 07:00 Monday - Friday
end: 0 18 * * 1-5 # 17:00 Monday - Friday
desiredReplicas: 1
environmentConfig:
- environment: oauthdenyall
replicas: 1
- environment: egressrulestopublicdns
enabled: false
- environment: allowradix
enabled: false
- name: web
readOnlyFileSystem: true
src: "."
secrets:
- NETWORKPOLICY_CANARY_PASSWORD
monitoring: true
ports:
- name: http
port: 5000
publicPort: http
variables:
JOB_SCHEDULER_PORT: "9000"
LISTENING_PORT: "5000"
LOG_LEVEL: "info"
PRETTY_LOG: "false"
runtime:
architecture: arm64
resources:
requests:
cpu: "10m"
memory: "20M"
limits:
cpu: "10m"
memory: "40M"
horizontalScaling:
maxReplicas: 1
minReplicas: 0
triggers:
- name: cron
cron:
timezone: Europe/Oslo
start: 0 7 * * 1-5 # 07:00 Monday - Friday
end: 0 18 * * 1-5 # 17:00 Monday - Friday
desiredReplicas: 1
environmentConfig:
- environment: oauthdenyall
authentication:
oauth2:
clientId: 46e3125d-4465-4217-9a71-20b3dc91d9f4
scope: openid profile email offline_access
setXAuthRequestHeaders: true
setAuthorizationHeader: true
sessionStoreType: redis
redisStore:
connectionUrl: redis://redis:6379