diff --git a/apps/issues/base/backend-deployment.yaml b/apps/issues/base/backend-deployment.yaml index 82dd516..f1b1bf0 100644 --- a/apps/issues/base/backend-deployment.yaml +++ b/apps/issues/base/backend-deployment.yaml @@ -18,6 +18,14 @@ spec: app: backend service: backend spec: + volumes: + - name: production-configmap + configMap: + name: production-configmap + items: + - key: production.py + path: production.py + defaultMode: 420 containers: - name: backend image: cr.yandex/crp3ccidau046kdj8g9q/issues:production_17c438aa @@ -149,5 +157,9 @@ spec: requests: cpu: "1" memory: 1Gi + volumeMounts: + - name: production-configmap + mountPath: /src/config/settings/production.py + subPath: production.py imagePullSecrets: - name: regcred diff --git a/apps/issues/base/celery-deployment.yaml b/apps/issues/base/celery-deployment.yaml index 4c79ef7..b2b7bfb 100644 --- a/apps/issues/base/celery-deployment.yaml +++ b/apps/issues/base/celery-deployment.yaml @@ -18,6 +18,14 @@ spec: app: celery service: celery spec: + volumes: + - name: production-configmap + configMap: + name: production-configmap + items: + - key: production.py + path: production.py + defaultMode: 420 containers: - name: celery image: cr.yandex/crp3ccidau046kdj8g9q/issues:production_17c438aa @@ -149,5 +157,9 @@ spec: requests: cpu: "1" memory: 1Gi + volumeMounts: + - name: production-configmap + mountPath: /src/config/settings/production.py + subPath: production.py imagePullSecrets: - name: regcred diff --git a/apps/issues/base/production-configmap.yaml b/apps/issues/base/production-configmap.yaml new file mode 100644 index 0000000..c9ddd72 --- /dev/null +++ b/apps/issues/base/production-configmap.yaml @@ -0,0 +1,140 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: production-configmap + namespace: issues +data: + production.py: | + from datetime import timedelta + import os + from .base import * + + # DEBUG SETTINGS START + # ----------------------------------------------------------------------------- + DEBUG = True + # ----------------------------------------------------------------------------- + + TEST_MODE = False + + # SECRETS SETTINGS START + # ----------------------------------------------------------------------------- + SECRET_KEY = "FromToMuchLoveOfLiving" # Delete after Test + # ----------------------------------------------------------------------------- + + DJANGO_TOKEN="aGFnZW4wMTM6emVhbG90MDk2" + + # ALLOWED HOSTS START + # ----------------------------------------------------------------------------- + ALLOWED_HOSTS = ["*"] + # ----------------------------------------------------------------------------- + + # APPS SETTINGS START + # ----------------------------------------------------------------------------- + # INSTALLED_APPS += [ + # "django_extensions", + # ] + # ----------------------------------------------------------------------------- + + # DEBUG SETTINGS START + # ----------------------------------------------------------------------------- + DEBUG = False + # ----------------------------------------------------------------------------- + + REVIEW_HOST='http://backend-service.flows.svc.cluster.local:8000' + # ----------------------------------------------------------------------------- + # EXTERNAL SERVICES END + + WORKFLOWS_HOST = "http://workflows-api-service.workflow.svc.cluster.local:8000" + WORKFLOWS_URL = "http://workflows-api-service.workflow.svc.cluster.local:8000" + DOCUMENTATIONS_URL = "http://documentations-api.documentations.svc.cluster.local:8080" + RESOURCES_API_HOST = os.getenv("RESOURCES_API_HOST", default="http://resources-service.resources.svc.cluster:8000") + KAFKA_HOST = "wb-stage-kafka-bootstrap.kafka.svc.cluster.local:9093" + KAFKA_USERNAME = "sarex" + KAFKA_PASSWORD = "nK36sasvSfoItJnXQ4qxav2OUWIPX5ZC" + KAFKA_SSL_CAFILE = os.getenv("KAFKA_SSL_CAFILE", "/usr/local/share/ca-certificates/kafka.crt") + KAFKA_EAV_ASSETS_TOPIC = os.getenv("KAFKA_EAV_ASSETS_TOPIC", "sarex") + KAFKA_ISSUES_TOPIC = os.getenv("KAFKA_ISSUES_TOPIC", "sarex-issues") + + + USE_ASYNC_FUNCTIONS = True + USE_NOTIFICATIONS = True + + # JWT SETTINGS START + # --------------------------------------------------------------------------------------------------------------------- + SIMPLE_JWT_ISSUER = os.getenv("SIMPLE_JWT_ISSUER", default="default_issuer") + + SIMPLE_JWT = { + "ACCESS_TOKEN_LIFETIME": timedelta(minutes=5), + "REFRESH_TOKEN_LIFETIME": timedelta(days=1), + "ROTATE_REFRESH_TOKENS": False, + "UPDATE_LAST_LOGIN": False, + + "ALGORITHM": "RS512", + "SIGNING_KEY": os.getenv("JWT_PRIVATE_KEY", default="").replace("\\n", "\n"), + "VERIFYING_KEY": os.getenv("JWT_PUBLIC_KEY").replace("\\n", "\n"), + "AUDIENCE": None, + "ISSUER": SIMPLE_JWT_ISSUER, + + "AUTH_HEADER_TYPES": ("Bearer",), + "AUTH_HEADER_NAME": "HTTP_AUTHORIZATION", + "USER_ID_FIELD": "id", + "USER_ID_CLAIM": "user_id", + + "AUTH_TOKEN_CLASSES": ("rest_framework_simplejwt.tokens.AccessToken",), + "TOKEN_TYPE_CLAIM": "token_type", + + "JTI_CLAIM": "jti", + + "SLIDING_TOKEN_REFRESH_EXP_CLAIM": "refresh_exp", + "SLIDING_TOKEN_LIFETIME": timedelta(minutes=5), + "SLIDING_TOKEN_REFRESH_LIFETIME": timedelta(days=1), + } + # --------------------------------------------------------------------------------------------------------------------- + + CORS_ALLOWED_ORIGINS = [ + "https://lk.srx.wb.ru:30443", + ] + + CORS_TRUSTED_ORIGINS = [ + "https://lk.srx.wb.ru:30443", + ] + + CSRF_TRUSTED_ORIGINS = [ + "https://lk.srx.wb.ru:30443", + ] + + CORS_ALLOW_ALL_ORIGINS = True + ENABLE_MAILGUN=False + SMTP_PORT=465 + SMTP_HOST="mail.rwb.ru" + EMAIL_FROM="sarex@rwb.ru" + + CORS_ALLOW_METHODS = [ + "DELETE", + "GET", + "OPTIONS", + "PATCH", + "POST", + "PUT", + ] + + SAREX_API = "https://srx.wb.ru" + + AERO_PUBLIC_HOST = os.getenv("AERO_PUBLIC_HOST", default=SAREX_API) + + BASE_AERO_URL = "http://backend.django.svc.cluster.local:8000" + + ENVIRONMENT = "production" + + SESSION_COOKIE_NAME = "issues-sessionid" + CSRF_COOKIE_NAME = "issues-csrftoken" + STATIC_URL = "/static/" + STORAGES = { + 'default': { + 'BACKEND': "storages.backends.s3boto3.S3Boto3Storage", + }, + 'staticfiles': { + # Leave whatever setting you already have here, e.g.: + 'BACKEND': "storages.backends.s3boto3.S3Boto3Storage", + } + }