.. _app-config: app-config.yml ========================== This is the current template that is used to place app-config.yml into each app directory by ``k9 create project``. Some values will be pre-filed, but users are free to edit any value in app-config.yml. This file is used by k9 when deploying your application. :: appName: {{appName}} webSite: False rootDomain: {{rootDomain}} jenkins: folderName: {{appName}} secrets: - name: pypiCredentials #optional deployments: - clusterName: np environments: - env: dvl customers: ["uc", "uva", "vt"] # optional appSecret: {{env}}-{{appName}}-app-secret springActiveProfile: dev updateTag: latest - env: sat appSecret: {{env}}-{{appName}}-app-secret springActiveProfile: sat updateTag: test - clusterName: prd environments: - env: prd customers: ["uva"] appSecret: {{env}}-{{appName}}-app-secret springActiveProfile: prd updateTag: prod webDeployment: repository: git@gitlab.com:my-repo/my-app/ui.git deployTokenSecret: {{appName}}-web-deploy-token-secret serviceDeployment: repository: git@gitlab.com:my-repo/my-app/service.git deployTokenSecret: {{appName}}-service-deploy-token-secret General ------- All values are to be given as strings unless otherwise stated. ``appName`` : The name of your app. Takes any string. ``webSite`` : Optional boolean. Whether the application being deployed is a purely UI website for the entity specified in the rootDomain. Typically this will be False. When specified as True, the website will be prefixed with "www" and will have no customers. ``rootDomain`` : The root of all URLs k9 will be requesting certificates for. Ex: - ``simoncomputing.com`` jenkins ------- This section is used by k9 to configure your applications on jenkins. You must have a jenkins instance running before running ``k9 deploy ui`` or ``k9 deploy service`` in order to have k9 configure your multibranch pipelines. ``folderName`` : The folder that will contain your service and UI multibranch pipeline jobs. ``secrets`` : Optional. A list of names of AWS secrets. These secrets will be created in Jenkins as ``usernamePassword`` credentials using the same name. These secrets must be created in AWS manually before trying to create the pipeline. Secrets not present in AWS will not be created in Jenkins. Secrets must be in the following format in AWS Secret Manager. :: { 'username': 'usernameValue', 'password': 'passwordValue' } deployments ----------- Used to specify every deployment instance that k9 should create. Each cluster has a ``clusterName`` and a list of ``environments``. ``clusterName`` : Must match a clusterName used in a cluster-config.yml. ``env`` : The environment to deploy to. Used in everything specific to the deployment instance, including URLs, namespaces, and deployment names. ``springActiveProfile`` : The poll-deploy spring.activeProfile for this deployment. Recommended to use the env name, such as 'dev', 'sat', or 'prd'. ``updateTag`` : Optional. The poll-deploy updateTag for images. If not provided, it will default to the env name. Typically use a value such as 'latest' or 'test'. ``useBlueGreen`` : Optional. Boolean value to override the cluster default behavior defined in defaults.yml. ``appSecret`` : Optional. The name of an AWS secret. ``k9 deploy service`` will turn that secret into a kubernetes secret in that deployment's namespace. Defaults to env-appName-secret. ``customers`` : Optional. Used when an application has many customers that require separation. For each customer listed in an environment k9 will create a separate deployment. This means separate backend deployments and separate frontend URLs. ``rdsInstance`` : Optional. The name of the RDS instance to use for creating the application databases. Primarily used when the cluster has multiple associated RDS instances to remove ambiguity as to which to use. If not defined, the first RDS instance that has the ``default`` tag set as True will be used. webDeployment -------------- Git information about the web application. Used by k9 to set up Jenkins job automatically. ``repository``: the url to the application git repo ``deployTokenSecret``: the name of an AWS secret that contains credentials to allow access to the repository. If the secret doesn't exist in AWS, a credential will still be created in Jenkins so that the multibranch pipeline job can be created and linked to the credential. This credential can be updated manually or by updating the AWS secret and re-running ``k9 deploy ui``. The access token must be stored in the following structure. ``username`` is required and must match the username in GitLab, and the token must be stored under ``password``. :: { 'username': 'optional_username_here', 'password': 'ACCESS_TOKEN_HERE' } serviceDeployment ------------------ Git information about the backend service application. Used by k9 to set up Jenkins job automatically. ``repository``: the url to the application git repo ``deployTokenSecret``: the name of an AWS secret that contains credentials to allow access to the repository. If the secret doesn't exist in AWS, a credential will still be created in Jenkins so that the multibranch pipeline job can be created and linked to the credential. This credential can be updated manually or by updating the AWS secret and re-running ``k9 deploy service``. The access token must be stored in the following structure. ``username`` is required and must match the username in GitLab, and the token must be stored under ``password``. :: { 'username': 'optional_username_here', 'password': 'ACCESS_TOKEN_HERE' } Examples -------- Simple example :: appName: testApp rootDomain: atomictests.com jenkins: folderName: testApp secrets: - name: pypiCredentials deployments: - clusterName: np environments: - env: dvl springActiveProfile: dev updateTag: latest - clusterName: prd environments: - env: prd springActiveProfile: prd updateTag: prod webDeployment: repository: https://gitlab.com/technology-innovations-lab/boiler-plate-app/ui-2022 deployTokenSecret: testApp-ui-git serviceDeployment: repository: https://gitlab.com/technology-innovations-lab/boiler-plate-app/service-2022 deployTokenSecret: testApp-service-git Service Only :: appName: testApp rootDomain: atomictests.com jenkins: folderName: testApp secrets: - name: pypiCredentials deployments: - clusterName: np environments: - env: dvl customers: ['uva', 'gmu'] springActiveProfile: dev updateTag: latest - env: test customers: ['uva', 'gmu'] springActiveProfile: test updateTag: latest - clusterName: prd environments: - env: prd customers: ['uva', 'gmu'] springActiveProfile: prd updateTag: prod serviceDeployment: repository: https://gitlab.com/technology-innovations-lab/boiler-plate-app/service-2022 deployTokenSecret: testApp-service-git Advanced sample :: appName: testApp rootDomain: atomictests.com jenkins: folderName: testApp secrets: - name: pypiCredentials - name: anotherCredential deployments: - clusterName: np environments: - env: dvl customers: ["uc", "uva", "vt"] springActiveProfile: dev updateTag: latest - env: test customers: ["uc", "uva", "vt"] springActiveProfile: test updateTag: test - clusterName: prd environments: - env: prd customers: ["uc", "uva"] springActiveProfile: prd updateTag: prod - env: sat customers: ["uc", "uva"] springActiveProfile: sat updateTag: sat webDeployment: repository: https://gitlab.com/technology-innovations-lab/boiler-plate-app/ui-2022 deployTokenSecret: testApp-ui-git serviceDeployment: repository: https://gitlab.com/technology-innovations-lab/boiler-plate-app/service-2022 deployTokenSecret: testApp-service-git