Compare commits
29 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
8a93e81408
|
|||
|
e62812226c
|
|||
|
98404feb96
|
|||
|
f600df55f0
|
|||
|
479504e737
|
|||
|
bbb395c4e8
|
|||
|
331185b451
|
|||
|
40ede07ab0
|
|||
|
5165759558
|
|||
|
10f73b96ec
|
|||
|
5097e551e2
|
|||
|
820d2d8c51
|
|||
|
eb5c12ca91
|
|||
|
2d1c9f7418
|
|||
|
3c2e0cdcb8
|
|||
|
66c2c3b6a2
|
|||
|
b92f6688c7
|
|||
|
85d00a53f6
|
|||
|
529abe67b1
|
|||
|
2bef46ea1b
|
|||
|
19d1e60d2f
|
|||
|
2da770623f
|
|||
|
e90966970a
|
|||
|
a54a46b0a6
|
|||
|
a719e5f820
|
|||
|
3c4f656ec8
|
|||
|
e0e6bf2507
|
|||
|
84908c0a24
|
|||
|
762169f563
|
@ -1,2 +1,2 @@
|
||||
ARG VARIANT="3.4.2"
|
||||
ARG VARIANT="3.4.4"
|
||||
FROM ghcr.io/rails/devcontainer/images/ruby:${VARIANT}
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
"vscode": {
|
||||
"extensions": [
|
||||
"Shopify.ruby-lsp",
|
||||
"ms-azuretools.vscode-docker"
|
||||
"docker.docker"
|
||||
]
|
||||
}
|
||||
},
|
||||
|
||||
7
.dockerignore
Normal file
7
.dockerignore
Normal file
@ -0,0 +1,7 @@
|
||||
**/.git
|
||||
**/.gitignore
|
||||
/.devcontainer
|
||||
/.gitea
|
||||
/.github
|
||||
/.vscode
|
||||
/charts
|
||||
23
.gitea/workflows/lint.yaml
Normal file
23
.gitea/workflows/lint.yaml
Normal file
@ -0,0 +1,23 @@
|
||||
---
|
||||
name: Ruby Lint
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "**"
|
||||
pull_request:
|
||||
jobs:
|
||||
lint:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||
|
||||
- name: Ruby Setup
|
||||
uses: ruby/setup-ruby@dffc446db9ba5a0c4446edb5bca1c5c473a806c5 # v1.235.0
|
||||
with:
|
||||
ruby-version: '3.4'
|
||||
bundler-cache: true
|
||||
|
||||
- name: Standard Ruby
|
||||
run: bundle exec standardrb
|
||||
|
||||
@ -1,65 +1,16 @@
|
||||
---
|
||||
name: Gitea Actions Demo
|
||||
run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀
|
||||
|
||||
name: Release
|
||||
on:
|
||||
schedule:
|
||||
- cron: "0 10 * * *"
|
||||
- cron: "0 0 * * *"
|
||||
push:
|
||||
branches:
|
||||
- "**"
|
||||
- main
|
||||
tags:
|
||||
- "v*.*.*"
|
||||
pull_request:
|
||||
|
||||
jobs:
|
||||
lint:
|
||||
runs-on: ubuntu-latest
|
||||
permissions:
|
||||
checks: write
|
||||
contents: write
|
||||
steps:
|
||||
- name: Login to Docker
|
||||
uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
|
||||
with:
|
||||
username: ${{ vars.DOCKERHUB_USERNAME }}
|
||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||
|
||||
- name: Ruby Setup
|
||||
uses: ruby/setup-ruby@dffc446db9ba5a0c4446edb5bca1c5c473a806c5 # v1.235.0
|
||||
with:
|
||||
ruby-version: '3.4'
|
||||
bundler-cache: true
|
||||
|
||||
- run: bundle install
|
||||
|
||||
- name: Standard Ruby
|
||||
run: bundle exec standardrb
|
||||
|
||||
|
||||
test:
|
||||
needs: lint
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||
|
||||
- name: Test
|
||||
uses: ruby/setup-ruby@dffc446db9ba5a0c4446edb5bca1c5c473a806c5 # v1.235.0
|
||||
with:
|
||||
ruby-version: '3.4'
|
||||
bundler-cache: true
|
||||
|
||||
- run: bundle exec rake
|
||||
|
||||
docker:
|
||||
needs: test
|
||||
runs-on: ubuntu-latest
|
||||
container:
|
||||
image: catthehacker/ubuntu:act-latest
|
||||
env:
|
||||
DOCKER_ORG: ryanc
|
||||
DOCKER_LATEST: latest
|
||||
@ -108,7 +59,8 @@ jobs:
|
||||
latest=auto
|
||||
bake-target: docker-metadata-action
|
||||
tags: |
|
||||
type=schedule
|
||||
type=schedule,pattern=nightly
|
||||
type=edge
|
||||
type=ref,event=branch
|
||||
type=ref,event=pr
|
||||
type=semver,pattern={{version}}
|
||||
@ -127,7 +79,8 @@ jobs:
|
||||
latest=auto
|
||||
suffix=-alpine,onlatest=true
|
||||
tags: |
|
||||
type=schedule
|
||||
type=schedule,pattern=nightly
|
||||
type=edge
|
||||
type=ref,event=branch
|
||||
type=ref,event=pr
|
||||
type=semver,pattern={{version}}
|
||||
22
.gitea/workflows/test.yaml
Normal file
22
.gitea/workflows/test.yaml
Normal file
@ -0,0 +1,22 @@
|
||||
---
|
||||
name: Ruby Test
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- "**"
|
||||
pull_request:
|
||||
jobs:
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: Checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||
|
||||
- name: Test
|
||||
uses: ruby/setup-ruby@dffc446db9ba5a0c4446edb5bca1c5c473a806c5 # v1.235.0
|
||||
with:
|
||||
ruby-version: '3.4'
|
||||
bundler-cache: true
|
||||
|
||||
- run: bundle exec rake
|
||||
|
||||
1
Gemfile
1
Gemfile
@ -9,6 +9,7 @@ gem "ksuid"
|
||||
gem "nanoid"
|
||||
gem "ulid"
|
||||
gem "uuid7"
|
||||
gem "cuid2"
|
||||
|
||||
gem "jwt"
|
||||
gem "httparty"
|
||||
|
||||
54
Gemfile.lock
54
Gemfile.lock
@ -3,25 +3,26 @@ GEM
|
||||
specs:
|
||||
anyflake (0.0.1)
|
||||
ast (2.4.3)
|
||||
base64 (0.2.0)
|
||||
bigdecimal (3.1.9)
|
||||
csv (3.3.4)
|
||||
diff-lcs (1.6.1)
|
||||
base64 (0.3.0)
|
||||
bigdecimal (3.2.2)
|
||||
csv (3.3.5)
|
||||
cuid2 (1.0.1)
|
||||
diff-lcs (1.6.2)
|
||||
httparty (0.23.1)
|
||||
csv
|
||||
mini_mime (>= 1.0.0)
|
||||
multi_xml (>= 0.5.2)
|
||||
json (2.11.3)
|
||||
jwt (2.10.1)
|
||||
json (2.12.2)
|
||||
jwt (3.1.1)
|
||||
base64
|
||||
ksuid (1.0.0)
|
||||
language_server-protocol (3.17.0.4)
|
||||
language_server-protocol (3.17.0.5)
|
||||
lint_roller (1.1.0)
|
||||
logger (1.7.0)
|
||||
mini_mime (1.1.5)
|
||||
minitest (5.25.5)
|
||||
multi_json (1.15.0)
|
||||
multi_xml (0.7.1)
|
||||
multi_xml (0.7.2)
|
||||
bigdecimal (~> 3.1)
|
||||
mustermann (3.0.3)
|
||||
ruby2_keywords (~> 0.0.1)
|
||||
@ -35,35 +36,35 @@ GEM
|
||||
puma (6.6.0)
|
||||
nio4r (~> 2.0)
|
||||
racc (1.8.1)
|
||||
rack (3.1.13)
|
||||
rack (3.1.16)
|
||||
rack-protection (4.1.1)
|
||||
base64 (>= 0.1.0)
|
||||
logger (>= 1.6.0)
|
||||
rack (>= 3.0.0, < 4)
|
||||
rack-session (2.1.0)
|
||||
rack-session (2.1.1)
|
||||
base64 (>= 0.1.0)
|
||||
rack (>= 3.0.0)
|
||||
rack-test (2.2.0)
|
||||
rack (>= 1.3)
|
||||
rainbow (3.1.1)
|
||||
rake (13.2.1)
|
||||
rbs (3.9.2)
|
||||
rake (13.3.0)
|
||||
rbs (3.9.4)
|
||||
logger
|
||||
regexp_parser (2.10.0)
|
||||
rspec (3.13.0)
|
||||
rspec (3.13.1)
|
||||
rspec-core (~> 3.13.0)
|
||||
rspec-expectations (~> 3.13.0)
|
||||
rspec-mocks (~> 3.13.0)
|
||||
rspec-core (3.13.3)
|
||||
rspec-core (3.13.5)
|
||||
rspec-support (~> 3.13.0)
|
||||
rspec-expectations (3.13.3)
|
||||
rspec-expectations (3.13.5)
|
||||
diff-lcs (>= 1.2.0, < 2.0)
|
||||
rspec-support (~> 3.13.0)
|
||||
rspec-mocks (3.13.2)
|
||||
rspec-mocks (3.13.5)
|
||||
diff-lcs (>= 1.2.0, < 2.0)
|
||||
rspec-support (~> 3.13.0)
|
||||
rspec-support (3.13.2)
|
||||
rubocop (1.75.4)
|
||||
rspec-support (3.13.4)
|
||||
rubocop (1.75.8)
|
||||
json (~> 2.3)
|
||||
language_server-protocol (~> 3.17.0.2)
|
||||
lint_roller (~> 1.1.0)
|
||||
@ -74,17 +75,17 @@ GEM
|
||||
rubocop-ast (>= 1.44.0, < 2.0)
|
||||
ruby-progressbar (~> 1.7)
|
||||
unicode-display_width (>= 2.4.0, < 4.0)
|
||||
rubocop-ast (1.44.1)
|
||||
rubocop-ast (1.45.1)
|
||||
parser (>= 3.3.7.2)
|
||||
prism (~> 1.4)
|
||||
rubocop-performance (1.25.0)
|
||||
lint_roller (~> 1.1)
|
||||
rubocop (>= 1.75.0, < 2.0)
|
||||
rubocop-ast (>= 1.38.0, < 2.0)
|
||||
ruby-lsp (0.23.15)
|
||||
ruby-lsp (0.24.2)
|
||||
language_server-protocol (~> 3.17.0)
|
||||
prism (>= 1.2, < 2.0)
|
||||
rbs (>= 3, < 4)
|
||||
rbs (>= 3, < 5)
|
||||
sorbet-runtime (>= 0.5.10782)
|
||||
ruby-progressbar (1.13.0)
|
||||
ruby2_keywords (0.0.5)
|
||||
@ -101,11 +102,11 @@ GEM
|
||||
rack-protection (= 4.1.1)
|
||||
sinatra (= 4.1.1)
|
||||
tilt (~> 2.0)
|
||||
sorbet-runtime (0.5.12043)
|
||||
standard (1.49.0)
|
||||
sorbet-runtime (0.5.12204)
|
||||
standard (1.50.0)
|
||||
language_server-protocol (~> 3.17.0.2)
|
||||
lint_roller (~> 1.0)
|
||||
rubocop (~> 1.75.2)
|
||||
rubocop (~> 1.75.5)
|
||||
standard-custom (~> 1.0.0)
|
||||
standard-performance (~> 1.8)
|
||||
standard-custom (1.0.2)
|
||||
@ -121,7 +122,7 @@ GEM
|
||||
unicode-emoji (4.0.4)
|
||||
uuid7 (0.2.0)
|
||||
zeitwerk (~> 2.4)
|
||||
zeitwerk (2.7.2)
|
||||
zeitwerk (2.7.3)
|
||||
|
||||
PLATFORMS
|
||||
ruby
|
||||
@ -129,6 +130,7 @@ PLATFORMS
|
||||
|
||||
DEPENDENCIES
|
||||
anyflake
|
||||
cuid2
|
||||
httparty
|
||||
jwt
|
||||
ksuid
|
||||
@ -146,4 +148,4 @@ DEPENDENCIES
|
||||
uuid7
|
||||
|
||||
BUNDLED WITH
|
||||
2.6.8
|
||||
2.6.9
|
||||
|
||||
22
app.rb
22
app.rb
@ -21,11 +21,9 @@ $LOAD_PATH.unshift File.dirname(__FILE__) + "/lib"
|
||||
|
||||
require "config"
|
||||
|
||||
VERSION = "0.2.1"
|
||||
VERSION = "0.2.3"
|
||||
|
||||
CHUNK_SIZE = 1024**2
|
||||
SESSION_SECRET_HEX_LENGTH = 64
|
||||
JWT_SECRET_HEX_LENGTH = 64
|
||||
DEFAULT_FLAKEY = 50
|
||||
|
||||
NAME = "kubernaut".freeze
|
||||
@ -380,19 +378,21 @@ get "/pid", provides: "json" do
|
||||
jsonify({ppid: ppid, pid: Process.pid}, pretty:)
|
||||
end
|
||||
|
||||
get "/token" do
|
||||
get "/token", provides: "json" do
|
||||
pretty = params.key? :pretty
|
||||
|
||||
exp = Time.now.to_i + SECONDS_PER_MINUTE * 2
|
||||
payload = {name: "anonymous", exp: exp, jti: Random.uuid}
|
||||
expires_at = Time.at(exp).to_datetime
|
||||
token = JWT.encode payload, JWT_SECRET, "HS256"
|
||||
token = JWT.encode payload, config.jwt_secret.unwrap, "HS256"
|
||||
x = {token: token, expires_at: expires_at}
|
||||
|
||||
jsonify x
|
||||
jsonify x, pretty:
|
||||
end
|
||||
|
||||
get "/token/validate" do
|
||||
token = req_headers["authorization"].split[1]
|
||||
payload = JWT.decode token, JWT_SECRET, true, algorithm: "HS256"
|
||||
payload = JWT.decode token, config.jwt_secret.unwrap, true, algorithm: "HS256"
|
||||
|
||||
jsonify payload
|
||||
end
|
||||
@ -444,7 +444,13 @@ end
|
||||
|
||||
get "/_cat/env" do
|
||||
stream do |out|
|
||||
ENV.sort.each do |k, v|
|
||||
e = if params.key? :rack
|
||||
env
|
||||
else
|
||||
ENV
|
||||
end
|
||||
|
||||
e.sort.each do |k, v|
|
||||
out << "#{k}=#{v}\n"
|
||||
end
|
||||
end
|
||||
|
||||
@ -15,10 +15,10 @@ type: application
|
||||
# This is the chart version. This version number should be incremented each time you make changes
|
||||
# to the chart and its templates, including the app version.
|
||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||
version: 0.2.1
|
||||
version: 0.2.3
|
||||
|
||||
# This is the version number of the application being deployed. This version number should be
|
||||
# incremented each time you make changes to the application. Versions are not expected to
|
||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||
# It is recommended to use it with quotes.
|
||||
appVersion: "0.2.1"
|
||||
appVersion: "0.2.3"
|
||||
|
||||
@ -7,7 +7,7 @@ target "docker-metadata-action-alpine" {}
|
||||
|
||||
target "_common" {
|
||||
args = {
|
||||
RUBY_VERSION = "3.4.3"
|
||||
RUBY_VERSION = "3.4.4"
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -1,34 +1,38 @@
|
||||
ARG RUBY_VERSION="3.4.3"
|
||||
FROM docker.io/library/ruby:${RUBY_VERSION}-alpine AS base
|
||||
|
||||
WORKDIR /kubernaut
|
||||
|
||||
RUN <<EOT
|
||||
apk update -q
|
||||
apk add bash jemalloc
|
||||
rm -rf /var/cache/apk
|
||||
gem update --system --no-document
|
||||
gem install -N bundler
|
||||
EOT
|
||||
ARG RUBY_VERSION="3.4.4"
|
||||
ARG BASE_REGISTRY="docker.io"
|
||||
FROM ${BASE_REGISTRY}/ruby:${RUBY_VERSION}-alpine AS base
|
||||
|
||||
ENV RACK_ENV="production" \
|
||||
BUNDLE_DEPLOYMENT=true \
|
||||
BUNDLE_PATH="/usr/local/bundle" \
|
||||
BUNDLE_WITHOUT="development test"
|
||||
BUNDLE_WITHOUT="development test" \
|
||||
RUBY_YJIT_ENABLE=true
|
||||
|
||||
WORKDIR /kubernaut
|
||||
|
||||
RUN \
|
||||
--mount=type=cache,id=var-cache-apk,target=/var/cache/apk,sharing=locked \
|
||||
apk update -q; \
|
||||
apk add bash jemalloc
|
||||
|
||||
RUN \
|
||||
--mount=type=cache,id=usr-local-bundle-cache,target=${BUNDLE_PATH},sharing=locked \
|
||||
gem update --system --no-document; \
|
||||
gem install -N bundler
|
||||
|
||||
FROM base AS build
|
||||
|
||||
RUN <<EOT
|
||||
apk add musl-dev gcc make
|
||||
rm -rf /var/cache/apk
|
||||
EOT
|
||||
RUN \
|
||||
--mount=type=cache,id=var-cache-apk,target=/var/cache/apk,sharing=locked \
|
||||
apk update -q; \
|
||||
apk add musl-dev gcc make; \
|
||||
apk add bash jemalloc
|
||||
|
||||
COPY Gemfile Gemfile.lock ./
|
||||
|
||||
RUN <<EOT
|
||||
RUN \
|
||||
--mount=type=cache,id=usr-local-bundle-ruby-cache,target=${BUNDLE_PATH}/ruby/3.4.0/cache,sharing=locked \
|
||||
bundle install
|
||||
rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git
|
||||
EOT
|
||||
|
||||
COPY . .
|
||||
|
||||
@ -36,10 +40,9 @@ FROM base
|
||||
|
||||
ENV PORT=4567
|
||||
|
||||
RUN <<EOT
|
||||
addgroup --system --gid 666 kubernaut
|
||||
RUN \
|
||||
addgroup --system --gid 666 kubernaut; \
|
||||
adduser --system --uid 666 --ingroup kubernaut --shell /bin/bash --disabled-password kubernaut
|
||||
EOT
|
||||
|
||||
COPY --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
|
||||
COPY --from=build /kubernaut /kubernaut
|
||||
|
||||
@ -1,35 +1,46 @@
|
||||
ARG RUBY_VERSION="3.4.3"
|
||||
FROM docker.io/library/ruby:${RUBY_VERSION}-slim-bookworm AS base
|
||||
|
||||
WORKDIR /kubernaut
|
||||
|
||||
RUN <<EOT
|
||||
apt-get update -qq
|
||||
apt-get install --yes --no-install-recommends libjemalloc2
|
||||
rm -rf /var/lib/apt/lists /var/cache/apt/archives
|
||||
gem update --system --no-document
|
||||
gem install -N bundler
|
||||
EOT
|
||||
ARG RUBY_VERSION="3.4.4"
|
||||
ARG BASE_REGISTRY="docker.io"
|
||||
ARG DEBIAN_VERSION="bookworm"
|
||||
FROM ${BASE_REGISTRY}/ruby:${RUBY_VERSION}-slim-${DEBIAN_VERSION} AS base
|
||||
|
||||
ENV RACK_ENV="production" \
|
||||
BUNDLE_DEPLOYMENT=true \
|
||||
BUNDLE_PATH="/usr/local/bundle" \
|
||||
BUNDLE_WITHOUT="development test"
|
||||
BUNDLE_WITHOUT="development test" \
|
||||
RUBY_YJIT_ENABLE=true
|
||||
|
||||
WORKDIR /kubernaut
|
||||
|
||||
RUN rm -f /etc/apt/apt.conf.d/docker-clean
|
||||
|
||||
RUN \
|
||||
--mount=type=cache,id=var-cache-apt,target=/var/cache/apt,sharing=locked \
|
||||
--mount=type=cache,id=var-lib-apt,target=/var/lib/apt,sharing=locked \
|
||||
apt-get update -qq; \
|
||||
apt-get install --yes --no-install-recommends \
|
||||
libjemalloc2
|
||||
|
||||
RUN \
|
||||
--mount=type=cache,id=usr-local-bundle-cache,target=${BUNDLE_PATH},sharing=locked \
|
||||
gem update --system --no-document; \
|
||||
gem install -N bundler
|
||||
|
||||
ENV DEBIAN_FRONTEND="noninteractive"
|
||||
|
||||
FROM base AS build
|
||||
|
||||
RUN <<EOT
|
||||
apt-get update -qq
|
||||
apt-get install --yes --no-install-recommends gcc make libc-dev
|
||||
rm -rf /var/lib/apt/lists /var/cache/apt/archives
|
||||
EOT
|
||||
RUN \
|
||||
--mount=type=cache,id=var-cache-apt,target=/var/cache/apt,sharing=locked \
|
||||
--mount=type=cache,id=var-lib-apt,target=/var/lib/apt,sharing=locked \
|
||||
apt-get update -qq; \
|
||||
apt-get install --yes --no-install-recommends \
|
||||
build-essential
|
||||
|
||||
COPY Gemfile Gemfile.lock ./
|
||||
|
||||
RUN <<EOT
|
||||
RUN \
|
||||
--mount=type=cache,id=usr-local-bundle-ruby-cache,target=${BUNDLE_PATH}/ruby/3.4.0/cache,sharing=locked \
|
||||
bundle install
|
||||
rm -rf ~/.bundle/ "${BUNDLE_PATH}"/ruby/*/cache "${BUNDLE_PATH}"/ruby/*/bundler/gems/*/.git
|
||||
EOT
|
||||
|
||||
COPY . .
|
||||
|
||||
@ -37,10 +48,9 @@ FROM base
|
||||
|
||||
ENV PORT=4567
|
||||
|
||||
RUN <<EOT
|
||||
groupadd --system --gid 666 kubernaut
|
||||
RUN \
|
||||
groupadd --system --gid 666 kubernaut; \
|
||||
useradd --system --uid 666 --gid kubernaut --create-home --shell /bin/bash kubernaut
|
||||
EOT
|
||||
|
||||
COPY --from=build "${BUNDLE_PATH}" "${BUNDLE_PATH}"
|
||||
COPY --from=build /kubernaut /kubernaut
|
||||
|
||||
@ -16,18 +16,24 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: kubernaut
|
||||
image: git.kill0.net/ryanc/kubernaut:0.2.1
|
||||
imagePullPolicy: Always
|
||||
image: git.kill0.net/ryanc/kubernaut:0.2.3
|
||||
imagePullPolicy: IfNotPresent
|
||||
ports:
|
||||
- name: sinatra-web
|
||||
containerPort: 4567
|
||||
env:
|
||||
- name: SESSION_SECRET
|
||||
- name: KUBERNAUT_SESSION_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: kubernaut-session-secret
|
||||
name: kubernaut
|
||||
key: session_secret
|
||||
optional: true
|
||||
- name: KUBERNAUT_JWT_SECRET
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: kubernaut
|
||||
key: jwt_secret
|
||||
optional: true
|
||||
envFrom:
|
||||
- configMapRef:
|
||||
name: kubernaut-configmap
|
||||
|
||||
@ -3,7 +3,6 @@ apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: kubernaut
|
||||
resources:
|
||||
- secret.yaml
|
||||
- configmap.yaml
|
||||
- deployment.yaml
|
||||
- hpa.yaml
|
||||
|
||||
@ -1,15 +0,0 @@
|
||||
---
|
||||
apiVersion: bitnami.com/v1alpha1
|
||||
kind: SealedSecret
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: kubernaut-session-secret
|
||||
namespace: kubernaut
|
||||
spec:
|
||||
encryptedData:
|
||||
session_secret: AgCY08t0AU418znEZt5d252J+lH+fwYki2g6jdJpfdRfVQjnA+b52P0KWrs/x5pB0PKab6Z3JY/Tz0SQCaoIsCR4IzUO3a095aulRqb6Qr1Lz8udBVta4JJMZLmo26tuUfVHlpD1d6J8rkBSm8vzckFLkOA1Wfl/9rS3K4qwiDogA5pI0ULghFkeEx1yKdRwPq0k8PuvOvLUJ6oNq3e5n+B/BrVWdQ+7XQxUq/AMANJrDbe+RD33f99LArHYA7bFMbY8YRazXSTAkeunpTlxTjuGZKYvJKupo29LHz2OVbZVX/hI0nZkdVpcgqvbxF6Vw9CuCeAmtKYl7A3qsAWqDLUdP3hRLsk2P9RDNhEzYWh4ml8APzziWzihdJbGEjwLy7HsHgKslM0XbBnRQDlxp/JtvcWdjQp33A+QOON32zOKHi+qJjDYyGebS1+xkPbnyb1MPSJVAtFpj7dlLbFekLFDZEbXuJYUl1wKdFOIjJHmNK/MTEV2kOhtiVj/aeKgSXwor9hR7Uxzs5ZSawp9uWw+hpr58EX6I+RtfO4yjFC6FjnagiU6SlI1Q2F7/nv82g1UWTYMpNN5bduS1YFWmsnXvK+W7YQHpSForr5ndtCSHmclbXb5Fc33sywC5u6Bi2Gu5/MW6d73BOog5BC3QtOuEQ044Q+cuU3RIlKADBqKLzZmHlmukyyGuZfXJnGjlWGKp3J1KecucTo6XC9QHpUkjXEKdlE63mOI1VuOGyBIHl60v4bnWiBg+aDZVHipz4JLKsVB0HOgBBK7+tOX6tr1GDG/F7Nz/i9ebzUV6i8Ec1jHf+2ZcTtBkNXBIkHc84+4Qd33/gOuP+lizLfIhfQ3DFWbwyfYumpVbeapyYhB0CE=
|
||||
template:
|
||||
metadata:
|
||||
creationTimestamp: null
|
||||
name: kubernaut-session-secret
|
||||
namespace: kubernaut
|
||||
@ -6,4 +6,3 @@ metadata:
|
||||
resources:
|
||||
- namespace.yaml
|
||||
- ./app
|
||||
- ./memcached
|
||||
|
||||
@ -1,21 +0,0 @@
|
||||
---
|
||||
kind: Deployment
|
||||
apiVersion: apps/v1
|
||||
metadata:
|
||||
name: kubernaut-memcached
|
||||
|
||||
spec:
|
||||
selector:
|
||||
matchLabels:
|
||||
app: kubernaut-memcached
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app: kubernaut-memcached
|
||||
spec:
|
||||
containers:
|
||||
- name: kubernaut-memcached
|
||||
image: memcached:latest
|
||||
ports:
|
||||
- name: memcached
|
||||
containerPort: 11211
|
||||
@ -1,7 +0,0 @@
|
||||
---
|
||||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||||
kind: Kustomization
|
||||
namespace: kubernaut
|
||||
resources:
|
||||
- deployment.yaml
|
||||
- services.yaml
|
||||
@ -1,13 +0,0 @@
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: kubernaut-memcached
|
||||
|
||||
spec:
|
||||
ports:
|
||||
- name: memcached
|
||||
port: 11211
|
||||
targetPort: memcached
|
||||
selector:
|
||||
app: kubernaut-memcached
|
||||
@ -1,5 +1,8 @@
|
||||
require "sensitive"
|
||||
|
||||
SESSION_SECRET_HEX_LENGTH = 64
|
||||
JWT_SECRET_HEX_LENGTH = 64
|
||||
|
||||
class Config
|
||||
attr_accessor :cat
|
||||
|
||||
@ -9,7 +12,7 @@ class Config
|
||||
@prefix = prefix
|
||||
@cat = cat
|
||||
|
||||
session_secret ||= ENV.fetch "SESSION_SECRET" do
|
||||
session_secret ||= fetch_env "SESSION_SECRET" do
|
||||
SecureRandom.hex SESSION_SECRET_HEX_LENGTH
|
||||
end
|
||||
|
||||
|
||||
Reference in New Issue
Block a user