app-config.yml¶

This is the current template that is used to place app-config.yml into each app directory by k9 create project. Some values will be pre-filed, but users are free to edit any value in app-config.yml. This file is used by k9 when deploying your application.

appName: {{appName}}
webSite: False
rootDomain: {{rootDomain}}

jenkins:
  folderName: {{appName}}

  secrets:
    - name: pypiCredentials #optional

deployments:
  - clusterName: np
    environments:
      - env: dvl
        customers: ["uc", "uva", "vt"] # optional
        appSecret: {{env}}-{{appName}}-app-secret
        springActiveProfile: dev
        updateTag: latest
      - env: sat
        appSecret: {{env}}-{{appName}}-app-secret
        springActiveProfile: sat
        updateTag: test
  - clusterName: prd
    environments:
      - env: prd
        customers: ["uva"]
        appSecret: {{env}}-{{appName}}-app-secret
        springActiveProfile: prd
        updateTag: prod

webDeployment:
  repository: git@gitlab.com:my-repo/my-app/ui.git
  deployTokenSecret: {{appName}}-web-deploy-token-secret

serviceDeployment:
  repository: git@gitlab.com:my-repo/my-app/service.git
  deployTokenSecret: {{appName}}-service-deploy-token-secret

General¶

All values are to be given as strings unless otherwise stated.

appName : The name of your app. Takes any string.

webSite : Optional boolean. Whether the application being deployed is a purely UI website for the entity specified in the rootDomain. Typically this will be False. When specified as True, the website will be prefixed with “www” and will have no customers.

rootDomain : The root of all URLs k9 will be requesting certificates for. Ex:

simoncomputing.com

jenkins¶

This section is used by k9 to configure your applications on jenkins. You must have a jenkins instance running before running k9 deploy ui or k9 deploy service in order to have k9 configure your multibranch pipelines.

folderName : The folder that will contain your service and UI multibranch pipeline jobs.

secrets : Optional. A list of names of AWS secrets. These secrets will be created in Jenkins as usernamePassword credentials using the same name. These secrets must be created in AWS manually before trying to create the pipeline. Secrets not present in AWS will not be created in Jenkins. Secrets must be in the following format in AWS Secret Manager.

{
    'username': 'usernameValue',
    'password': 'passwordValue'
}

deployments¶

Used to specify every deployment instance that k9 should create. Each cluster has a clusterName and a list of environments.

clusterName : Must match a clusterName used in a cluster-config.yml.

env : The environment to deploy to. Used in everything specific to the deployment instance, including URLs, namespaces, and deployment names.

springActiveProfile : The poll-deploy spring.activeProfile for this deployment. Recommended to use the env name, such as ‘dev’, ‘sat’, or ‘prd’.

updateTag : Optional. The poll-deploy updateTag for images. If not provided, it will default to the env name. Typically use a value such as ‘latest’ or ‘test’.

useBlueGreen : Optional. Boolean value to override the cluster default behavior defined in defaults.yml.

appSecret : Optional. The name of an AWS secret. k9 deploy service will turn that secret into a kubernetes secret in that deployment’s namespace. Defaults to env-appName-secret.

customers : Optional. Used when an application has many customers that require separation. For each customer listed in an environment k9 will create a separate deployment. This means separate backend deployments and separate frontend URLs.

rdsInstance : Optional. The name of the RDS instance to use for creating the application databases. Primarily used when the cluster has multiple associated RDS instances to remove ambiguity as to which to use. If not defined, the first RDS instance that has the default tag set as True will be used.

webDeployment¶

Git information about the web application. Used by k9 to set up Jenkins job automatically.

repository: the url to the application git repo

deployTokenSecret: the name of an AWS secret that contains credentials to allow access to the repository. If the secret doesn’t exist in AWS, a credential will still be created in Jenkins so that the multibranch pipeline job can be created and linked to the credential. This credential can be updated manually or by updating the AWS secret and re-running k9 deploy ui. The access token must be stored in the following structure. username is required and must match the username in GitLab, and the token must be stored under password.

{
    'username': 'optional_username_here',
    'password': 'ACCESS_TOKEN_HERE'
}

serviceDeployment¶

Git information about the backend service application. Used by k9 to set up Jenkins job automatically.

repository: the url to the application git repo

deployTokenSecret: the name of an AWS secret that contains credentials to allow access to the repository. If the secret doesn’t exist in AWS, a credential will still be created in Jenkins so that the multibranch pipeline job can be created and linked to the credential. This credential can be updated manually or by updating the AWS secret and re-running k9 deploy service. The access token must be stored in the following structure. username is required and must match the username in GitLab, and the token must be stored under password.

{
    'username': 'optional_username_here',
    'password': 'ACCESS_TOKEN_HERE'
}

Examples¶

Simple example

appName: testApp
rootDomain: atomictests.com

jenkins:
  folderName: testApp

  secrets:
    - name: pypiCredentials

deployments:
  - clusterName: np
    environments:
      - env: dvl
        springActiveProfile: dev
        updateTag: latest
  - clusterName: prd
    environments:
      - env: prd
        springActiveProfile: prd
        updateTag: prod

webDeployment:
  repository: https://gitlab.com/technology-innovations-lab/boiler-plate-app/ui-2022
  deployTokenSecret: testApp-ui-git

serviceDeployment:
  repository: https://gitlab.com/technology-innovations-lab/boiler-plate-app/service-2022
  deployTokenSecret: testApp-service-git

Service Only

appName: testApp
rootDomain: atomictests.com

jenkins:
  folderName: testApp

  secrets:
    - name: pypiCredentials

deployments:
  - clusterName: np
    environments:
      - env: dvl
        customers: ['uva', 'gmu']
        springActiveProfile: dev
        updateTag: latest
      - env: test
        customers: ['uva', 'gmu']
        springActiveProfile: test
        updateTag: latest
  - clusterName: prd
    environments:
      - env: prd
        customers: ['uva', 'gmu']
        springActiveProfile: prd
        updateTag: prod

serviceDeployment:
  repository: https://gitlab.com/technology-innovations-lab/boiler-plate-app/service-2022
  deployTokenSecret: testApp-service-git

Advanced sample

appName: testApp
rootDomain: atomictests.com

jenkins:
  folderName: testApp

  secrets:
    - name: pypiCredentials
    - name: anotherCredential

deployments:
  - clusterName: np
    environments:
      - env: dvl
        customers: ["uc", "uva", "vt"]
        springActiveProfile: dev
        updateTag: latest
      - env: test
        customers: ["uc", "uva", "vt"]
        springActiveProfile: test
        updateTag: test
  - clusterName: prd
    environments:
      - env: prd
        customers: ["uc", "uva"]
        springActiveProfile: prd
        updateTag: prod
      - env: sat
        customers: ["uc", "uva"]
        springActiveProfile: sat
        updateTag: sat

webDeployment:
  repository: https://gitlab.com/technology-innovations-lab/boiler-plate-app/ui-2022
  deployTokenSecret: testApp-ui-git

serviceDeployment:
  repository: https://gitlab.com/technology-innovations-lab/boiler-plate-app/service-2022
  deployTokenSecret: testApp-service-git

K9

Navigation

Related Topics