diff --git a/flux/images/moderator/moderator-image.yaml b/flux/images/moderator/moderator-image.yaml deleted file mode 100644 index 5376fa1..0000000 --- a/flux/images/moderator/moderator-image.yaml +++ /dev/null @@ -1,12 +0,0 @@ ---- -apiVersion: image.toolkit.fluxcd.io/v1beta1 -kind: ImageRepository -metadata: - name: moderator - namespace: flux-system - -spec: - image: 783633885093.dkr.ecr.us-west-2.amazonaws.com/moderator - interval: 1m0s - secretRef: - name: ecr-credentials diff --git a/flux/images/moderator/moderator-prod-policy.yaml b/flux/images/moderator/moderator-prod-policy.yaml deleted file mode 100644 index 5b575d7..0000000 --- a/flux/images/moderator/moderator-prod-policy.yaml +++ /dev/null @@ -1,18 +0,0 @@ ---- -apiVersion: image.toolkit.fluxcd.io/v1beta1 -kind: ImagePolicy -metadata: - name: moderator-prod - namespace: flux-system - -spec: - filterTags: - extract: $tag - pattern: ^(?Pv[0-9]+.[0-9]+.[0-9]+)$ - - imageRepositoryRef: - name: moderator - - policy: - alphabetical: - order: asc diff --git a/k8s/namespaces/moderator-prod.yaml b/k8s/namespaces/moderator-prod.yaml deleted file mode 100644 index 1ab7a6e..0000000 --- a/k8s/namespaces/moderator-prod.yaml +++ /dev/null @@ -1,5 +0,0 @@ ---- -apiVersion: v1 -kind: Namespace -metadata: - name: moderator-prod diff --git a/k8s/releases/moderator/moderator.yaml b/k8s/releases/moderator/moderator.yaml deleted file mode 100644 index 68c1ca0..0000000 --- a/k8s/releases/moderator/moderator.yaml +++ /dev/null @@ -1,101 +0,0 @@ -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - labels: - app: moderator - name: moderator - namespace: moderator-prod -spec: - chart: - spec: - chart: mozmoderator - reconcileStrategy: ChartVersion - sourceRef: - kind: HelmRepository - name: mozilla-helm-charts - namespace: flux-system - version: 0.3.1 - interval: 1m0s - releaseName: moderator - values: - configMap: - data: - ALLOWED_HOSTS: moderator.prod.mozit.cloud,moderator.mozilla.org - ANON_ALWAYS: true - AWS_DEFAULT_REGION: us-west-2 - FROM_NOREPLY: Mozilla Moderator - OIDC_OP_AUTHORIZATION_ENDPOINT: https://auth.mozilla.auth0.com/authorize - OIDC_OP_DOMAIN: auth.mozilla.auth0.com - OIDC_OP_JWKS_ENDPOINT: https://auth.mozilla.auth0.com/.well-known/jwks.json - OIDC_OP_TOKEN_ENDPOINT: https://auth.mozilla.auth0.com/oauth/token - OIDC_OP_USER_ENDPOINT: https://auth.mozilla.auth0.com/userinfo - OIDC_RP_SIGN_ALGO: RS256 - SESSION_COOKIE_SECURE: true - SITE_URL: https://moderator.mozilla.org - deployment: - port: "8000" - replicaCount: "1" - externalSecrets: - enabled: true - name: moderator - secrets: - - remoteRef: - key: /prod/moderator/envvar - property: AWS_ACCESS_KEY_ID - secretKey: AWS_ACCESS_KEY_ID - - remoteRef: - key: /prod/moderator/envvar - property: AWS_SECRET_ACCESS_KEY - secretKey: AWS_SECRET_ACCESS_KEY - - remoteRef: - key: /prod/moderator/envvar - property: DATABASE_URL - secretKey: DATABASE_URL - - remoteRef: - key: /prod/moderator/envvar - property: OIDC_RP_CLIENT_ID - secretKey: OIDC_RP_CLIENT_ID - - remoteRef: - key: /prod/moderator/envvar - property: OIDC_RP_CLIENT_SECRET - secretKey: OIDC_RP_CLIENT_SECRET - - remoteRef: - key: /prod/moderator/envvar - property: SECRET_KEY - secretKey: SECRET_KEY - - remoteRef: - key: /prod/moderator/envvar - property: SENTRY_DSN - secretKey: SENTRY_DSN - store: secretsmanager-secretstore - image: - pullPolicy: Always - repository: 783633885093.dkr.ecr.us-west-2.amazonaws.com/moderator - tag: v2.1.3 # {"$imagepolicy": "flux-system:moderator-prod:tag"} - imagePullSecrets: - - name: dockerhub-credentials - ingress: - className: ingress-nginx-moderator-prod - hosts: - - host: moderator.prod.mozit.cloud - paths: - - path: / - pathType: ImplementationSpecific - serviceName: moderator - servicePort: 80 - - host: moderator.mozilla.org - paths: - - path: / - pathType: ImplementationSpecific - serviceName: moderator - servicePort: 80 - le: - name: prod - name: moderator - tls: - - hosts: - - moderator.mozilla.org - secretName: cert-moderator-mozilla-org - - hosts: - - moderator.prod.mozit.cloud - secretName: cert-moderator-prod-mozit-cloud diff --git a/k8s/workloads/moderator/moderator-ingress.yaml b/k8s/workloads/moderator/moderator-ingress.yaml deleted file mode 100644 index a4220f7..0000000 --- a/k8s/workloads/moderator/moderator-ingress.yaml +++ /dev/null @@ -1,70 +0,0 @@ ---- -apiVersion: helm.toolkit.fluxcd.io/v2beta1 -kind: HelmRelease -metadata: - labels: - app: moderator - name: ingress-nginx - namespace: moderator-prod -spec: - chart: - spec: - chart: ingress-nginx - reconcileStrategy: ChartVersion - sourceRef: - kind: HelmRepository - name: ingress-nginx - namespace: flux-system - version: 4.2.5 - interval: 1m0s - releaseName: moderator-ingress-nginx - values: - controller: - admissionWebhooks: - enable: false - autoscaling: - enabled: true - maxReplicas: 4 - minReplicas: 1 - targetCPUUtilizationPercentage: 80 - targetMemoryUtilizationPercentage: 80 - config: - compute-full-forwarded-for: "true" - enable-real-ip: "true" - proxy-real-ip-cidr: 172.16.0.0/16 - use-forwarded-headers: "true" - use-proxy-protocol: "false" - enableCustomResources: false - watchIngressWithoutClass: true - ingressClass: ingress-nginx-moderator-prod - ingressClassResource: - controllerValue: k8s.io/ingress-nginx-moderator-prod - default: false - enabled: true - name: ingress-nginx-moderator-prod - metrics: - enabled: true - service: - annotations: - prometheus.io/port: "10254" - prometheus.io/scrape: "true" - resources: - limits: - cpu: 200m - memory: 256Mi - requests: - cpu: 100m - memory: 128Mi - scope: - enabled: true - service: - annotations: - external-dns.alpha.kubernetes.io/hostname: moderator.prod.mozit.cloud,moderator.mozilla.org - service.beta.kubernetes.io/aws-load-balancer-additional-resource-tags: Environment=prod - service.beta.kubernetes.io/aws-load-balancer-connection-draining-enabled: "true" - service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true" - service.beta.kubernetes.io/aws-load-balancer-type: nlb - externalTrafficPolicy: Local - rbac: - create: true - scope: true