--- apiVersion: apps/v1 kind: Deployment metadata: name: engine namespace: processing labels: app: engine service: engine spec: replicas: 1 selector: matchLabels: app: engine template: metadata: labels: app: engine service: engine annotations: traffic.sidecar.istio.io/excludeOutboundPorts: "8200" vault.hashicorp.com/agent-init-first: "true" vault.hashicorp.com/agent-inject: "true" vault.hashicorp.com/agent-pre-populate-only: "true" vault.hashicorp.com/auth-path: auth/kubernetes vault.hashicorp.com/role: processing vault.hashicorp.com/agent-inject-secret-processing-postgresql: secrets/data/postgresql/apps/processing vault.hashicorp.com/agent-inject-template-processing-postgresql: |- {{- with secret "secrets/data/postgresql/apps/processing" -}} POSTGRES_ADDRESS=postgresql.processing.svc.cluster.local POSTGRES_PORT=5432 POSTGRES_USER={{ index .Data.data "username" }} POSTGRES_PASSWORD={{ index .Data.data "password" }} POSTGRES_DB=workflow_db {{- end -}} vault.hashicorp.com/agent-inject-secret-processing-rabbitmq: secrets/data/rabbitmq/apps/processing vault.hashicorp.com/agent-inject-template-processing-rabbitmq: |- {{- with secret "secrets/data/rabbitmq/apps/processing" -}} RABBITMQ_HOST=rabbitmq.rabbitmq.svc.cluster.local RABBITMQ_PORT=5672 RABBITMQ_USER={{ index .Data.data "username" }} RABBITMQ_PASS={{ index .Data.data "password" }} {{- end -}} vault.hashicorp.com/agent-inject-secret-processing-smtp: secrets/data/vault/common/smtp_auth vault.hashicorp.com/agent-inject-template-processing-smtp: |- {{- with secret "secrets/data/vault/common/smtp_auth" -}} {{ index .Data.data "env_json" }} {{- end -}} spec: serviceAccountName: processing-vault containers: - name: engine image: cr.yandex/crp3ccidau046kdj8g9q/workflows-endigne_prod:075fc0 imagePullPolicy: IfNotPresent command: ["/bin/bash", "-ec"] args: - | set -a [ -f /vault/secrets/processing-postgresql ] && . /vault/secrets/processing-postgresql [ -f /vault/secrets/processing-rabbitmq ] && . /vault/secrets/processing-rabbitmq set +a exec /engine ports: - name: http containerPort: 8000 protocol: TCP env: - name: POSTGRES_POOL_SIZE value: "20" - name: ENVIRONMENT value: prod - name: WORKFLOWS_SENTRY_DSN value: https://866b532efdbb4764a7551b76231232fc@o279218.ingest.sentry.io/543123 - name: WORKFLOWS_SENTRY_DEBUG value: "0" - name: API_ADDRESS value: 0.0.0.0:8000 - name: DJANGO_HOST value: http://backend.django.svc.cluster.local:8000 - name: S3_SERVICE_ACCOUNT value: /etc/sarex/yc-s3/yc-s3-service-account.json - name: BIM_API_V2_DB value: /etc/sarex/bim-api-v2-db-prod.json - name: PDM_API_DB value: /etc/pdm/pdm-api-db-prod.json - name: WORKSPACE_API_DB value: /etc/ws/ws-api-db-prod.json - name: ISSUE_API_DB value: /etc/issues/issue-api-db-prod.json - name: MAILGUN value: /etc/mailgun-secret/env.json - name: SMTP value: /vault/secrets/processing-smtp - name: INTERNAL_PDM_URL value: http://documentations-api.documentations.svc.cluster.local:8080 - name: INTERNAL_FILESTREAM_URL value: http://documentations-filestream.documentations.svc.cluster.local:8080 - name: EXTERNAL_PDM_URL value: http://documentations-api.documentations.svc.cluster.local:8080 - name: EXTERNAL_FILESTREAM_URL value: http://documentations-filestream-service.documentations.svc.cluster.local:8080 - name: RESOURCES_API_INTERNAL_HOST value: http://resources-service.resources.svc.cluster.local:8000 - name: POD_NAME valueFrom: fieldRef: apiVersion: v1 fieldPath: metadata.name - name: ENABLE_SQL_QUERY value: "0" - name: ENABLE_S3_STORAGE value: "1" - name: ENABLE_S3V2_STORAGE value: "1" - name: ENABLE_PDM_STORAGE value: "1" - name: ENABLE_SMTP value: "1" - name: ENABLE_URL_STORAGE value: "1" - name: ENABLE_SRX_TMP value: "1" - name: ENABLE_BIM_API_V2_DB value: "1" - name: ENABLE_WORKSPACE_API_DB value: "1" - name: ENABLE_ISSUE_API_DB value: "1" - name: ENABLE_RESOURCES_API value: "1" - name: ENABLE_PDM_API_DB value: "1" - name: ENABLE_COMPARISONS_API_DB value: "1" - name: ENABLE_MAIL_GUN value: "1" - name: ENABLE_AMQP_EXECUTOR value: "0" - name: ENABLE_KUBERNETES_EXECUTOR value: "1" - name: MAX_WORKFLOWS_LIMIT value: "5" - name: CPU_COUNT value: "1" - name: MEMORY_GI value: "1" - name: CPU_COUNT_LOW_RESOURCES value: "1" - name: MEMORY_GI_LOW_RESOURCES value: "1" - name: CPU_COUNT_HIGH_MEM value: "1" - name: MEMORY_GI_HIGH_MEM value: "1" - name: ENABLE_TOLERATION value: "1" - name: COUNT_RUNNING_WORKERS value: "1" - name: COUNT_CANCELING_WORKERS value: "1" - name: COUNT_HANDLE_JOB_WORKERS value: "1" - name: BIM_API_DEBUG value: "0" - name: BIM_API_V2_DEBUG value: "0" - name: PDM_API_DEBUG value: "0" - name: COMPARISONS_API_DEBUG value: "0" - name: WORKSPACE_API_DEBUG value: "0" - name: JOBS_NAMESPACE value: processing - name: ISSUE_API_DEBUG value: "0" - name: TOLERATION_KEY value: dedicated - name: TOLERATION_VALUE value: processing - name: TOLERATION_KEY_HIGH_MEM value: dedicated - name: TOLERATION_VALUE_HIGH_MEM value: processing - name: TOLERATION_KEY_PERSISTENT value: dedicated - name: TOLERATION_VALUE_PERSISTENT value: processing - name: RABBITMQ_CREATE_EXCHANGE value: autodesk.inputMessage - name: RABBITMQ_CANCEL_EXCHANGE value: autodesk.cancelMessage - name: RABBITMQ_CREATE_ROUTING_KEY value: converting - name: RABBITMQ_CANCEL_TOPIC value: cancel - name: RABBITMQ_COMPLETENESS_EXCHANGE value: autodesk.outputMessage - name: RABBITMQ_COMPLETENESS_TOPIC value: output_navis - name: CONTROL_PLANE_PERIOD value: 10s - name: DEFAULT_TOLERATION_KEY value: dedicated - name: DEFAULT_TOLERATION_VALUE value: processing - name: DEFAULT_NODE_SELECTOR_KEY value: dedicated - name: DEFAULT_NODE_SELECTOR_VALUE value: processing resources: requests: cpu: "100m" memory: 256Mi imagePullSecrets: - name: regcred