shakacode
diff --git a/‎.controlplane/templates/gvc.yml‎
Lines changed: 1 addition & 1 deletion b/‎.controlplane/templates/gvc.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎.controlplane/templates/postgres-stateful.yml‎
Lines changed: 170 additions & 0 deletions b/‎.controlplane/templates/postgres-stateful.yml‎
Lines changed: 170 additions & 0 deletions
@@ -9,7 +9,7 @@ spec:
  # Password does not matter because host postgres.APP_GVC.cpln.local can only be accessed
  # locally within CPLN GVC, and postgres running on a CPLN workload is something only for a
  # test app that lacks persistence.
- value: 'postgres://postgres:password123@postgres.APP_GVC.cpln.local:5432/APP_GVC'
+ value: 'postgres://the_user:the_password@postgres-stateful.APP_GVC.cpln.local:5432/APP_GVC'
  - name: RAILS_ENV
  value: production
  - name: NODE_ENV
 
@@ -0,0 +1,170 @@
+kind: volumeset
+name: postgres-stateful-vs
+description: postgres-stateful-vs
+spec:
+ autoscaling:
+ maxCapacity: 1000
+ minFreePercentage: 1
+ scalingFactor: 1.1
+ fileSystemType: ext4
+ initialCapacity: 10
+ performanceClass: general-purpose-ssd
+ snapshots:
+ createFinalSnapshot: true
+ retentionDuration: 7d
+
+---
+kind: secret
+name: postgres-stateful-credentials
+description: ''
+type: dictionary
+data:
+ password: the_user #Replace this with a real password
+ username: the_password #Replace this with a real username
+
+---
+kind: secret
+name: postgres-stateful-entrypoint-script
+type: opaque
+data:
+ encoding: base64
+ payload: >-
+ IyEvdXNyL2Jpbi9lbnYgYmFzaAoKc291cmNlIC91c3IvbG9jYWwvYmluL2RvY2tlci1lbnRyeXBvaW50LnNoCgppbnN0YWxsX2RlcHMoKSB7CiAgYXB0LWdldCB1cGRhdGUgLXkgPiAvZGV2L251bGwKICBhcHQtZ2V0IGluc3RhbGwgY3VybCAteSA+IC9kZXYvbnVsbAogIGFwdC1nZXQgaW5zdGFsbCB1bnppcCAteSA+IC9kZXYvbnVsbAogIGN1cmwgImh0dHBzOi8vYXdzY2xpLmFtYXpvbmF3cy5jb20vYXdzY2xpLWV4ZS1saW51eC14ODZfNjQuemlwIiAtbyAiYXdzY2xpdjIuemlwIiA+IC9kZXYvbnVsbAogIHVuemlwIGF3c2NsaXYyLnppcCA+IC9kZXYvbnVsbAogIC4vYXdzL2luc3RhbGwgPiAvZGV2L251bGwKfQoKZGJfaGFzX2JlZW5fcmVzdG9yZWQoKSB7CiAgaWYgWyAhIC1mICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiIF07IHRoZW4KICAgIHJldHVybiAxCiAgZmkKCiAgaWYgISBncmVwIC1xICJcLT4gJDEkIiAiJFBHREFUQS9DUExOX1JFU1RPUkVEIjsgdGhlbgogICAgcmV0dXJuIDEKICBlbHNlCiAgICByZXR1cm4gMAogIGZpCn0KCnJlc3RvcmVfZGIoKSB7Cgl3aGlsZSBbICEgLVMgL3Zhci9ydW4vcG9zdGdyZXNxbC8ucy5QR1NRTC41NDMyIF0KCWRvCiAgICBlY2hvICJXYWl0aW5nIDVzIGZvciBkYiBzb2NrZXQgdG8gYmUgYXZhaWxhYmxlIgogICAgc2xlZXAgNXMKICBkb25lCgoKCWlmICEgZGJfaGFzX2JlZW5fcmVzdG9yZWQgIiQxIjsgdGhlbgoJICBlY2hvICJJdCBhcHBlYXJzIGRiICckMScgaGFzIG5vdCB5ZXQgYmVlbiByZXN0b3JlZCBmcm9tIFMzLiBBdHRlbXB0aW5nIHRvIHJlc3RvcmUgJDEgZnJvbSAkMiIKCSAgaW5zdGFsbF9kZXBzCgkgIGRvY2tlcl9zZXR1cF9kYiAjRW5zdXJlcyAkUE9TVEdSRVNfREIgZXhpc3RzIChkZWZpbmVkIGluIHRoZSBlbnRyeXBvaW50IHNjcmlwdCBmcm9tIHRoZSBwb3N0Z3JlcyBkb2NrZXIgaW1hZ2UpCgkgIGF3cyBzMyBjcCAiJDIiIC0gfCBwZ19yZXN0b3JlIC0tY2xlYW4gLS1uby1hY2wgLS1uby1vd25lciAtZCAiJDEiIC1VICIkUE9TVEdSRVNfVVNFUiIKCSAgZWNobyAiJChkYXRlKTogJDIgLT4gJDEiIHwgY2F0ID4+ICIkUEdEQVRBL0NQTE5fUkVTVE9SRUQiCgllbHNlCgkgIGVjaG8gIkRiICckMScgYWxyZWFkeSBleGlzdHMuIFJlYWR5ISIKICBmaQp9CgpfbWFpbiAiJEAiICYKYmFja2dyb3VuZFByb2Nlc3M9JCEKCmlmIFsgLW4gIiRQT1NUR1JFU19BUkNISVZFX1VSSSIgXTsgdGhlbgogIHJlc3RvcmVfZGIgIiRQT1NUR1JFU19EQiIgIiRQT1NUR1JFU19BUkNISVZFX1VSSSIKZWxzZQogIGVjaG8gIkRlY2xpbmluZyB0byByZXN0b3JlIHRoZSBkYiBiZWNhdXNlIG5vIGFyY2hpdmUgdXJpIHdhcyBwcm92aWRlZCIKZmkKCndhaXQgJGJhY2tncm91bmRQcm9jZXNzCgoK
+
+#Here is the ASCII-encoded version of the script in the secret above
+#!/usr/bin/env bash
+#
+#source /usr/local/bin/docker-entrypoint.sh
+#
+#install_deps() {
+# apt-get update -y > /dev/null
+# apt-get install curl -y > /dev/null
+# apt-get install unzip -y > /dev/null
+# curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" > /dev/null
+# unzip awscliv2.zip > /dev/null
+# ./aws/install > /dev/null
+#}
+#
+#db_has_been_restored() {
+# if [ ! -f "$PGDATA/CPLN_RESTORED" ]; then
+# return 1
+# fi
+#
+# if ! grep -q "\-> $1$" "$PGDATA/CPLN_RESTORED"; then
+# return 1
+# else
+# return 0
+# fi
+#}
+#
+#restore_db() {
+# while [ ! -S /var/run/postgresql/.s.PGSQL.5432 ]
+# do
+# echo "Waiting 5s for db socket to be available"
+# sleep 5s
+# done
+#
+#
+# if ! db_has_been_restored "$1"; then
+# echo "It appears db '$1' has not yet been restored from S3. Attempting to restore $1 from $2"
+# install_deps
+# docker_setup_db #Ensures $POSTGRES_DB exists (defined in the entrypoint script from the postgres docker image)
+# aws s3 cp "$2" - | pg_restore --clean --no-acl --no-owner -d "$1" -U "$POSTGRES_USER"
+# echo "$(date): $2 -> $1" | cat >> "$PGDATA/CPLN_RESTORED"
+# else
+# echo "Db '$1' already exists. Ready!"
+# fi
+#}
+#
+#_main "$@" &
+#backgroundProcess=$!
+#
+#if [ -n "$POSTGRES_ARCHIVE_URI" ]; then
+# restore_db "$POSTGRES_DB" "$POSTGRES_ARCHIVE_URI"
+#else
+# echo "Declining to restore the db because no archive uri was provided"
+#fi
+#
+#wait $backgroundProcess
+
+---
+kind: identity
+name: postgres-stateful-identity
+description: postgres-stateful-identity
+
+---
+kind: policy
+name: postgres-stateful-access
+description: postgres-stateful-access
+bindings:
+ - permissions:
+ - reveal
+ - use
+ - view
+ principalLinks:
+ - //gvc/react-webpack-rails-tutorial/identity/postgres-stateful-identity #Replace YOUR_GVC_HERE with the name of your gvc
+targetKind: secret
+targetLinks:
+ - //secret/postgres-stateful-credentials
+ - //secret/postgres-stateful-entrypoint-script
+
+---
+kind: workload
+name: postgres-stateful
+description: postgres-stateful
+spec:
+ type: stateful
+ containers:
+ - cpu: 1000m
+ memory: 512Mi
+ env:
+ # - name: POSTGRES_ARCHIVE_URI #Use this var to control the automatic restore behavior. If you leave it out, the db will start empty.
+ # value: s3://YOUR_BUCKET/PATH_TO_ARCHIVE_FILE
+ - name: PGDATA #The location postgres stores the db. This can be anything other than /var/lib/postgresql/data, but it must be inside the mount point for the volume set
+ value: "/var/lib/postgresql/data/pg_data"
+ - name: POSTGRES_DB #The name of the initial db
+ value: test
+ - name: POSTGRES_PASSWORD #The password for the default user
+ value: cpln://secret/postgres-stateful-credentials.password
+ - name: POSTGRES_USER #The name of the default user
+ value: cpln://secret/postgres-stateful-credentials.username
+ name: stateful
+ image: postgres:15
+ command: /bin/bash
+ args:
+ - "-c"
+ - "cat /usr/local/bin/cpln-entrypoint.sh >> ./cpln-entrypoint.sh && chmod u+x ./cpln-entrypoint.sh && ./cpln-entrypoint.sh postgres"
+ #command: "cpln-entrypoint.sh"
+ #args:
+ # - "postgres"
+ ports:
+ - number: 5432
+ protocol: tcp
+ volumes:
+ - uri: cpln://volumeset/postgres-stateful-vs
+ path: "/var/lib/postgresql/data"
+ - uri: cpln://secret/postgres-stateful-entrypoint-script
+ path: "/usr/local/bin/cpln-entrypoint.sh"
+ inheritEnv: false
+ livenessProbe:
+ tcpSocket:
+ port: 5432
+ failureThreshold: 1
+ readinessProbe:
+ tcpSocket:
+ port: 5432
+ failureThreshold: 1
+ identityLink: //identity/postgres-stateful-identity
+ defaultOptions:
+ capacityAI: false
+ autoscaling:
+ metric: cpu
+ target: 95
+ maxScale: 1
+ firewallConfig:
+ external:
+ inboundAllowCIDR: []
+ outboundAllowCIDR:
+ - 0.0.0.0/0
+ internal:
+ inboundAllowType: same-gvc