From 8d2a5e62effbc43346bd6830f8314eb10953603b Mon Sep 17 00:00:00 2001 From: emelinda Date: Fri, 17 Apr 2026 16:40:38 +0300 Subject: [PATCH] Simplify PM app backend and Celery deployments: remove unused environment variables, streamline secret references, and set default values for configuration. --- apps/pm/base/backend-deployment.yaml | 209 ++++++++++----------------- apps/pm/base/celery-deployment.yaml | 115 +++++++-------- 2 files changed, 134 insertions(+), 190 deletions(-) diff --git a/apps/pm/base/backend-deployment.yaml b/apps/pm/base/backend-deployment.yaml index 2353aa3..5a70afc 100644 --- a/apps/pm/base/backend-deployment.yaml +++ b/apps/pm/base/backend-deployment.yaml @@ -35,24 +35,6 @@ spec: containerPort: 8000 protocol: TCP env: - - name: K8S_POD_UID - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.uid - - name: K8S_POD_NAME - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.name - - name: K8S_NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: OTEL_RESOURCE_ATTRIBUTES - value: >- - k8s.pod.uid=$(K8S_POD_UID),k8s.pod.name=$(K8S_POD_NAME),k8s.namespace.name=$(K8S_NAMESPACE) - name: USERS_INTERNAL_HOST value: http://backend-service.sarex.svc.cluster.local:8000 - name: CELERY_REDIS_HOST @@ -65,10 +47,8 @@ spec: value: /api/v0 - name: EAV_API_PREFIX_V1 value: /api/v1 - - name: TRACING_ENDPOINT - value: signoz-otel-collector-external.signoz.svc.cluster.local:4317 - name: TRACING_INSECURE - value: "True" + value: "False" - name: SERVER_ENABLE_SYNC_RESOURCES value: "True" - name: SERVER_DELETED_TASK_MAX_AGE_DAYS @@ -100,7 +80,7 @@ spec: valueFrom: secretKeyRef: name: postgresql-secrets - key: host + key: hostname - name: DB_PORT valueFrom: secretKeyRef: @@ -109,160 +89,127 @@ spec: - name: S3_HOST valueFrom: secretKeyRef: - name: ya-s3-secret-pm - key: host + name: s3-secrets + key: endpoint - name: S3_LOGIN valueFrom: secretKeyRef: - name: ya-s3-secret-pm + name: s3-secrets key: login - name: S3_PASSWORD valueFrom: secretKeyRef: - name: ya-s3-secret-pm + name: s3-secrets key: password - name: S3_BUCKET valueFrom: secretKeyRef: - name: ya-s3-secret-pm + name: s3-secrets key: bucket - - name: CACHE_HOST - valueFrom: - secretKeyRef: - name: cache-secret-pm - key: host - - name: CACHE_PORT - valueFrom: - secretKeyRef: - name: cache-secret-pm - key: port - - name: CACHE_PASSWORD - valueFrom: - secretKeyRef: - name: cache-secret-pm - key: password + +# - name: CACHE_HOST +# valueFrom: +# secretKeyRef: +# name: cache-secret-pm +# key: host +# - name: CACHE_PORT +# valueFrom: +# secretKeyRef: +# name: cache-secret-pm +# key: port +# - name: CACHE_PASSWORD +# valueFrom: +# secretKeyRef: +# name: cache-secret-pm +# key: password - name: CACHE_SSL - valueFrom: - secretKeyRef: - name: cache-secret-pm - key: ssl + value: "False" - name: CACHE_SSL_CA_CERTS - valueFrom: - secretKeyRef: - name: cache-secret-pm - key: ssl_ca_certs + value: "" - name: CACHE_ENABLE - valueFrom: - secretKeyRef: - name: cache-secret-pm - key: enable + value: "False" - name: CLICKHOUSE_ENABLE value: 'False' - name: KAFKA_ENABLE - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: enable - - name: KAFKA_BOOTSTRAP_SERVERS - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: bootstrap_servers - - name: KAFKA_SECURITY_PROTOCOL - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: security_protocol - - name: KAFKA_SASL_MECHANISM - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: sasl_mechanism - - name: KAFKA_SASL_PLAIN_USERNAME - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: sasl_username - - name: KAFKA_SASL_PLAIN_PASSWORD - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: sasl_password - - name: KAFKA_SSL_CAFILE - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: ssl_cafile - - name: KAFKA_TOPICS - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: topics + value: 'False' +# - name: KAFKA_BOOTSTRAP_SERVERS +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: bootstrap_servers +# - name: KAFKA_SECURITY_PROTOCOL +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: security_protocol +# - name: KAFKA_SASL_MECHANISM +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: sasl_mechanism +# - name: KAFKA_SASL_PLAIN_USERNAME +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: sasl_username +# - name: KAFKA_SASL_PLAIN_PASSWORD +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: sasl_password +# - name: KAFKA_SSL_CAFILE +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: ssl_cafile +# - name: KAFKA_TOPICS +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: topics + - name: CELERY_RABBITMQ_HOST valueFrom: secretKeyRef: - name: rabbit-secret-pm - key: host + name: rabbitmq-secrets + key: hostname - name: CELERY_RABBITMQ_PORT valueFrom: secretKeyRef: - name: rabbit-secret-pm + name: rabbitmq-secrets key: port - name: CELERY_RABBITMQ_USER valueFrom: secretKeyRef: - name: rabbit-secret-pm - key: user + name: rabbitmq-secrets + key: username - name: CELERY_RABBITMQ_PASSWORD valueFrom: secretKeyRef: - name: rabbit-secret-pm + name: rabbitmq-secrets key: password - name: CELERY_RABBITMQ_VHOST valueFrom: secretKeyRef: name: rabbit-secret-pm key: vhost + - name: AUTH_PUBLIC_TOKEN_URL - valueFrom: - secretKeyRef: - name: server-secret-pm - key: auth_public_token_url + value: "https://lk.sarex.io/api/token/public/" - name: SERVER_HOST - valueFrom: - secretKeyRef: - name: server-secret-pm - key: server_host + value: "https://lk.sarex.io" - name: SERVER_API_HOST - valueFrom: - secretKeyRef: - name: server-secret-pm - key: server_api_host + value: "https://api.sarex.io" - name: SERVER_DEBUG - valueFrom: - secretKeyRef: - name: server-secret-pm - key: server_debug + value: "False" - name: SERVER_ALLOWED_HOSTS - valueFrom: - secretKeyRef: - name: server-secret-pm - key: server_allowed_hosts + value: '["*"]' - name: SERVER_USE_OTEL - valueFrom: - secretKeyRef: - name: server-secret-pm - key: server_use_otel + value: "False" - name: SERVER_VERIFY_SSL - valueFrom: - secretKeyRef: - name: server-secret-pm - key: server_verify_ssl + value: "False" - name: SERVER_LOG_LEVEL - valueFrom: - secretKeyRef: - name: server-secret-pm - key: server_log_level + value: "INFO" resources: requests: cpu: "1" diff --git a/apps/pm/base/celery-deployment.yaml b/apps/pm/base/celery-deployment.yaml index b0b1630..cbb69e6 100644 --- a/apps/pm/base/celery-deployment.yaml +++ b/apps/pm/base/celery-deployment.yaml @@ -95,87 +95,84 @@ spec: - name: S3_HOST valueFrom: secretKeyRef: - name: ya-s3-secret-pm - key: host + name: s3-secrets + key: endpoint - name: S3_LOGIN valueFrom: secretKeyRef: - name: ya-s3-secret-pm + name: s3-secrets key: login - name: S3_PASSWORD valueFrom: secretKeyRef: - name: ya-s3-secret-pm + name: s3-secrets key: password - name: S3_BUCKET valueFrom: secretKeyRef: - name: ya-s3-secret-pm + name: s3-secrets key: bucket - - name: CACHE_HOST - valueFrom: - secretKeyRef: - name: cache-secret-pm - key: host - - name: CACHE_PORT - valueFrom: - secretKeyRef: - name: cache-secret-pm - key: port - - name: CACHE_PASSWORD - valueFrom: - secretKeyRef: - name: cache-secret-pm - key: password +# - name: CACHE_HOST +# valueFrom: +# secretKeyRef: +# name: cache-secret-pm +# key: host +# - name: CACHE_PORT +# valueFrom: +# secretKeyRef: +# name: cache-secret-pm +# key: port +# - name: CACHE_PASSWORD +# valueFrom: +# secretKeyRef: +# name: cache-secret-pm +# key: password - name: CACHE_SSL value: "False" - name: CACHE_SSL_CA_CERTS value: "" - name: CACHE_ENABLE - valueFrom: - secretKeyRef: - name: cache-secret-pm - key: enable + value: "False" - name: CLICKHOUSE_ENABLE value: 'False' - name: KAFKA_ENABLE value: 'False' - - name: KAFKA_BOOTSTRAP_SERVERS - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: bootstrap_servers - - name: KAFKA_SECURITY_PROTOCOL - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: security_protocol - - name: KAFKA_SASL_MECHANISM - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: sasl_mechanism - - name: KAFKA_SASL_PLAIN_USERNAME - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: sasl_username - - name: KAFKA_SASL_PLAIN_PASSWORD - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: sasl_password - - name: KAFKA_SSL_CAFILE - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: ssl_cafile - - name: KAFKA_TOPICS - valueFrom: - secretKeyRef: - name: ya-kafka-secret-pm - key: topics +# - name: KAFKA_BOOTSTRAP_SERVERS +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: bootstrap_servers +# - name: KAFKA_SECURITY_PROTOCOL +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: security_protocol +# - name: KAFKA_SASL_MECHANISM +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: sasl_mechanism +# - name: KAFKA_SASL_PLAIN_USERNAME +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: sasl_username +# - name: KAFKA_SASL_PLAIN_PASSWORD +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: sasl_password +# - name: KAFKA_SSL_CAFILE +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: ssl_cafile +# - name: KAFKA_TOPICS +# valueFrom: +# secretKeyRef: +# name: ya-kafka-secret-pm +# key: topics - name: CELERY_RABBITMQ_HOST valueFrom: