-
Notifications
You must be signed in to change notification settings - Fork 1
/
naiserator-prod.yaml
132 lines (132 loc) · 3.7 KB
/
naiserator-prod.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
apiVersion: "nais.io/v1alpha1"
kind: "Application"
metadata:
name: smregistrering-backend
namespace: teamsykmelding
labels:
team: teamsykmelding
spec:
gcp:
sqlInstances:
- name: smregistrering-instance
type: POSTGRES_14
diskSize: 100
databases:
- name: smregistrering
envVarPrefix: NAIS_DATABASE
users:
- name: macgyver
diskAutoresize: true
highAvailability: false
diskType: SSD
tier: db-custom-1-3840
insights:
enabled: true
flags:
- name: cloudsql.logical_decoding
value: "on"
pointInTimeRecovery: true
image: {{ image }}
replicas:
min: 2
max: 4
cpuThresholdPercentage: 90
port: 8080
liveness:
path: /internal/is_alive
initialDelay: 10
timeout: 5
periodSeconds: 5
failureThreshold: 30
readiness:
path: /internal/is_ready
initialDelay: 30
periodSeconds: 5
timeout: 5
prometheus:
enabled: true
path: /internal/prometheus
observability:
autoInstrumentation:
enabled: true
runtime: java
logging:
destinations:
- id: loki
- id: elastic
resources:
limits:
memory: 3Gi
requests:
cpu: 100m
memory: 800Mi
azure:
application:
allowAllUsers: true
enabled: true
tenant: nav.no
accessPolicy:
inbound:
rules:
- application: syk-dig
namespace: teamsykmelding
cluster: prod-gcp
- application: syk-dig-backend
namespace: teamsykmelding
cluster: prod-gcp
outbound:
rules:
- application: syfosmregister
namespace: teamsykmelding
cluster: prod-gcp
- application: syfosmpapirregler
namespace: teamsykmelding
cluster: prod-gcp
- application: smtss
- application: istilgangskontroll
namespace: teamsykefravr
cluster: prod-gcp
- application: syfohelsenettproxy
external:
- host: pdl-api.prod-fss-pub.nais.io
- host: saf.prod-fss-pub.nais.io
- host: oppgave.prod-fss-pub.nais.io
- host: graph.microsoft.com
- host: dokarkiv.prod-fss-pub.nais.io
secureLogs:
enabled: true
kafka:
pool: nav-prod
env:
- name: DOK_ARKIV_URL
value: https://dokarkiv.prod-fss-pub.nais.io/rest/journalpostapi/v1/journalpost
- name: DOK_ARKIV_SCOPE
value: api://prod-fss.teamdokumenthandtering.dokarkiv/.default
- name: PDL_GRAPHQL_PATH
value: https://pdl-api.prod-fss-pub.nais.io/graphql
- name: PDL_SCOPE
value: api://prod-fss.pdl.pdl-api/.default
- name: HELSENETT_ENDPOINT_URL
value: http://syfohelsenettproxy
- name: HELSENETT_SCOPE
value: api://prod-gcp.teamsykmelding.syfohelsenettproxy/.default
- name: SAF_URL
value: https://saf.prod-fss-pub.nais.io
- name: SAF_SCOPE
value: api://prod-fss.teamdokumenthandtering.saf/.default
- name: OPPGAVE_URL
value: https://oppgave.prod-fss-pub.nais.io/api/v1/oppgaver
- name: OPPGAVE_SCOPE
value: api://prod-fss.oppgavehandtering.oppgave/.default
- name: ISTILGANGSKONTROLL_SCOPE
value: api://prod-gcp.teamsykefravr.istilgangskontroll/.default
- name: MS_GRAPH_API_URL
value: https://graph.microsoft.com/v1.0
- name: MS_GRAPH_API_SCOPE
value: https://graph.microsoft.com/.default
- name: SYFOSMPAPIRREGLER_SCOPE
value: api://prod-gcp.teamsykmelding.syfosmpapirregler/.default
- name: SYFOSMREGISTER_SCOPE
value: api://prod-gcp.teamsykmelding.syfosmregister/.default
- name: SMTSS_API_SCOPE
value: api://prod-gcp.teamsykmelding.smtss/.default