gitea-admin/ab-initio-manifests
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial render: k3s-dev environment

Browse Source
This commit is contained in:
gitea-admin
2026-03-07 15:00:05 +00:00
commit a787720f2a
306 changed files with 75879 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

316
rendered/manifests/k3s-dev/abinitio-platform/trw/apps_v1_deployment_trw.yaml Normal file
View File

@@ -0,0 +1,316 @@
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
abinitio/deployment: trw
app.kubernetes.io/instance: trw
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: trw
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: trw-2.4.3-a
name: trw
namespace: abinitio
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/instance: trw
app.kubernetes.io/name: trw
template:
metadata:
annotations:
ABCaCertificateConfigVar: AB_CONFIG_PROVIDER_CACERT_FILE
ABCertificateConfigVar: AB_CONFIG_PROVIDER_CLIENT_CERT_FILE
ABPrivateKeyConfigVar: AB_CONFIG_PROVIDER_CLIENT_KEY_FILE
labels:
abinitio/deployment: trw
app.kubernetes.io/instance: trw
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: trw
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: trw-2.4.3-a
name: trw
spec:
containers:
- env:
- name: AB_CONFIG_PROVIDER_URL
value: file://localhost/config
- name: AB_IPV4_ONLY
value: "true"
- name: AB_PASSWORD_KEY_FILE
value: /secrets/password_key_file/password
- name: CATALINA_TMPDIR
value: /tmp
- name: DEPLOY_NAME
value: trw
- name: JAVA_OPTS
value: -XX:InitialRAMPercentage=50.0 -XX:MaxRAMPercentage=75.0
- name: LOAD_PHYSOBJECTS
value: "true"
- name: NAMESPACE
value: abinitio
- name: POD_IP
valueFrom:
fieldRef:
fieldPath: status.podIP
- name: POD_LABEL
value: 'abinitio/product: trw, abinitio/deployment: trw'
- name: POD_NAME
valueFrom:
fieldRef:
fieldPath: metadata.name
- name: POD_SERVICE
value: trw
image: asia-southeast1-docker.pkg.dev/str-22391/cloudplatform-proxy/aidp/trw:4.4.1.1-1
imagePullPolicy: IfNotPresent
lifecycle:
preStop:
exec:
command:
- /bin/sh
- -c
- ${CATALINA_HOME}/bin/catalina.sh stop
livenessProbe:
failureThreshold: 3
httpGet:
path: /trw/api/abwebinternal/health/k8s/liveness
port: 8080
initialDelaySeconds: 5
periodSeconds: 30
name: trw-app
readinessProbe:
failureThreshold: 3
httpGet:
path: /trw/api/abwebinternal/health/k8s/readiness
port: 8080
initialDelaySeconds: 10
periodSeconds: 30
resources:
limits:
ephemeral-storage: 2Gi
memory: 4Gi
requests:
cpu: 100m
ephemeral-storage: 1Gi
memory: 4Gi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
startupProbe:
failureThreshold: 3
httpGet:
path: /trw/api/abwebinternal/health/k8s/startup
port: 8080
initialDelaySeconds: 15
periodSeconds: 30
volumeMounts:
- mountPath: /config/trw
name: app-external-config
- mountPath: /abinitio
name: abinitio-local
- mountPath: /tmp
name: tmp-volume
- mountPath: /secrets/aiadmin/password
name: aiadmin
subPath: password
- mountPath: /secrets/ocagent/password
name: ocagent
subPath: password
- mountPath: /secrets/bridge/password
name: bridge
subPath: password
- mountPath: /secrets/eme_join_user/password
name: eme-join-user
subPath: password
- mountPath: /secrets/qi_join_user/password
name: qi-join-user
subPath: password
- mountPath: /secrets/dcs_utility_user/password
name: dcs-utility-user
subPath: password
- mountPath: /secrets/mhub_utility_user/password
name: mhub-utility-user
subPath: password
- mountPath: /secrets/ag_db_importer/password
name: ag-db-importer
subPath: password
- mountPath: /secrets/admin/password
name: admin
subPath: password
- mountPath: /secrets/ag_ui_importer/password
name: ag-ui-importer
subPath: password
- mountPath: /secrets/cafe_join_user/password
name: cafe-join-user
subPath: password
- mountPath: /secrets/cc_join_user/password
name: cc-join-user
subPath: password
- mountPath: /secrets/dcs_join_user/password
name: dcs-join-user
subPath: password
- mountPath: /secrets/ei_join_user/password
name: ei-join-user
subPath: password
- mountPath: /secrets/mhub_join_user/password
name: mhub-join-user
subPath: password
- mountPath: /secrets/qiadmin_join_user/password
name: qiadmin-join-user
subPath: password
- mountPath: /secrets/sd_join_user/password
name: sd-join-user
subPath: password
- mountPath: /secrets/trw_join_user/password
name: trw-join-user
subPath: password
- mountPath: /secrets/mhub_db_importer/password
name: mhub-db-importer
subPath: password
- mountPath: /secrets/mhub_ui_importer/password
name: mhub-ui-importer
subPath: password
- mountPath: /secrets/ag_appserver/password
name: ag-appserver
subPath: password
- mountPath: /secrets/ag_report/password
name: ag-report
subPath: password
- mountPath: /secrets/cc_jdbc/password
name: cc-jdbc
subPath: password
- mountPath: /secrets/dcs_hmac_key/password
name: dcs-hmac-key
subPath: password
- mountPath: /secrets/abinitio/password
name: abinitio
subPath: password
- mountPath: /secrets/mhub_appserver/password
name: mhub-appserver
subPath: password
- mountPath: /secrets/mhub_report/password
name: mhub-report
subPath: password
- mountPath: /secrets/runtime_locator_join_user/password
name: runtime-locator-join-user
subPath: password
- mountPath: /secrets/password_key_file/password
name: password-key-file
subPath: password
hostname: trw
initContainers: null
securityContext:
fsGroup: 1000
fsGroupChangePolicy: OnRootMismatch
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
seccompProfile:
type: RuntimeDefault
serviceAccountName: abinitio-sa
terminationGracePeriodSeconds: 30
volumes:
- emptyDir: {}
name: abinitio-local
- configMap:
defaultMode: 511
name: trw-external-config
name: app-external-config
- emptyDir: {}
name: tmp-volume
- name: aiadmin
secret:
secretName: aiadmin
- name: ocagent
secret:
secretName: ocagent
- name: bridge
secret:
secretName: bridge
- name: eme-join-user
secret:
secretName: eme-join-user
- name: qi-join-user
secret:
secretName: qi-join-user
- name: dcs-utility-user
secret:
secretName: dcs-utility-user
- name: mhub-utility-user
secret:
secretName: mhub-utility-user
- name: ag-db-importer
secret:
secretName: ag-db-importer
- name: admin
secret:
secretName: admin
- name: ag-ui-importer
secret:
secretName: ag-ui-importer
- name: cafe-join-user
secret:
secretName: cafe-join-user
- name: cc-join-user
secret:
secretName: cc-join-user
- name: dcs-join-user
secret:
secretName: dcs-join-user
- name: ei-join-user
secret:
secretName: ei-join-user
- name: mhub-join-user
secret:
secretName: mhub-join-user
- name: qiadmin-join-user
secret:
secretName: qiadmin-join-user
- name: sd-join-user
secret:
secretName: sd-join-user
- name: trw-join-user
secret:
secretName: trw-join-user
- name: mhub-db-importer
secret:
secretName: mhub-db-importer
- name: mhub-ui-importer
secret:
secretName: mhub-ui-importer
- name: ag-appserver
secret:
secretName: ag-appserver
- name: ag-report
secret:
secretName: ag-report
- name: cc-jdbc
secret:
secretName: cc-jdbc
- name: dcs-hmac-key
secret:
secretName: dcs-hmac-key
- name: abinitio
secret:
secretName: abinitio
- name: mhub-appserver
secret:
secretName: mhub-appserver
- name: mhub-report
secret:
secretName: mhub-report
- name: runtime-locator-join-user
secret:
secretName: runtime-locator-join-user
- name: password-key-file
secret:
secretName: password-key-file

54
rendered/manifests/k3s-dev/abinitio-platform/trw/v1_configmap_trw-external-config.yaml Normal file
View File

@@ -0,0 +1,54 @@
apiVersion: v1
data:
trw.yaml: |
externalConfig:
trw:
appserverType: tomcat
authentication:
type: ag
authorization:
type: ag
authorizationGateway:
password: file=/secrets/trw_join_user/password
productIdentifier: TRW
productName: TRW
url: http://authgateway:8080/authgateway
username: trw_join_user
bridgeConnection:
encryptionType: aes128-gcm
name: container-bridge
rpcSecret: file=/secrets/bridge/password
securityConfig: container-bridge-security
url: http://eme-0.eme-headless:7070
cluster:
autoConfig:
hosts: trw-jgroup
port: 7800
protocol: tcp
channelName: ch01
enabled: true
emeTR:
useAgCredentials: true
interop:
dataCatalogServices:
url: http://datacatalog:8080/datacatalog
logging:
directoryPath: /abinitio/webapp/logs
maxBackups: 3
packageForSupport:
encrypted: EncryptForNonAdmins
urlFromBrowser: https://aidp.k3s.sg.ic.cloudguild.gcp.abinitio.com/trw
websockets:
forceDisable: false
kind: ConfigMap
metadata:
labels:
abinitio/deployment: trw
app.kubernetes.io/instance: trw
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: trw
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: trw-2.4.3-a
name: trw-external-config
namespace: abinitio

25
rendered/manifests/k3s-dev/abinitio-platform/trw/v1_service_trw-jgroup.yaml Normal file
View File

@@ -0,0 +1,25 @@
apiVersion: v1
kind: Service
metadata:
labels:
abinitio/deployment: trw
app.kubernetes.io/instance: trw
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: trw
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: trw-2.4.3-a
name: trw-jgroup
namespace: abinitio
spec:
clusterIP: None
ports:
- name: jgroup-channel
port: 7800
protocol: TCP
targetPort: 7800
publishNotReadyAddresses: true
selector:
app.kubernetes.io/instance: trw
app.kubernetes.io/name: trw
type: ClusterIP

27
rendered/manifests/k3s-dev/abinitio-platform/trw/v1_service_trw.yaml Normal file
View File

@@ -0,0 +1,27 @@
apiVersion: v1
kind: Service
metadata:
labels:
abinitio/deployment: trw
app.kubernetes.io/instance: trw
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: trw
app.kubernetes.io/part-of: AbInitio
app.kubernetes.io/version: 4.4.1
helm.sh/chart: trw-2.4.3-a
name: trw
namespace: abinitio
spec:
ports:
- name: http
port: 8080
protocol: TCP
targetPort: 8080
selector:
app.kubernetes.io/instance: trw
app.kubernetes.io/name: trw
sessionAffinity: ClientIP
sessionAffinityConfig:
clientIP:
timeoutSeconds: 86400
type: ClusterIP