├── charts └── docfunc │ ├── .gitignore │ ├── templates │ ├── docfunc-queue-service.yaml │ ├── docfunc-scheduler-service.yaml │ ├── mysql-pv-claim.yaml │ ├── redis-service.yaml │ ├── docfunc-app-service.yaml │ ├── mysql-service.yaml │ ├── encrypted-secrets.yaml │ ├── redis-deployment.yaml │ ├── docfunc-configmap.yaml │ ├── mysql-deployment.yaml │ ├── mysql-migration-job.yaml │ ├── mysql-backup-cronjob.yaml │ ├── docfunc-queue-deployment.yaml │ ├── docfunc-scheduler-deployment.yaml │ └── docfunc-app-deployment.yaml │ ├── values.yaml │ ├── .helmignore │ ├── README.md │ └── Chart.yaml ├── README.md └── .github └── workflows └── release.yaml /charts/docfunc/.gitignore: -------------------------------------------------------------------------------- 1 | templates/secrets.yaml 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # DocFunc Helm Chart Repository 2 | 3 | This project is publishing a DocFunc Helm chart to GitHub Pages. 4 | -------------------------------------------------------------------------------- /charts/docfunc/templates/docfunc-queue-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | namespace: docfunc 5 | name: docfunc-queue 6 | spec: 7 | clusterIP: None 8 | selector: 9 | app: docfunc-queue 10 | -------------------------------------------------------------------------------- /charts/docfunc/templates/docfunc-scheduler-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | namespace: docfunc 5 | name: docfunc-scheduler 6 | spec: 7 | clusterIP: None 8 | selector: 9 | app: docfunc-scheduler 10 | -------------------------------------------------------------------------------- /charts/docfunc/templates/mysql-pv-claim.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: PersistentVolumeClaim 3 | metadata: 4 | namespace: docfunc 5 | name: mysql-pv-claim 6 | spec: 7 | accessModes: 8 | - ReadWriteOnce 9 | resources: 10 | requests: 11 | storage: 5Gi 12 | -------------------------------------------------------------------------------- /charts/docfunc/templates/redis-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | namespace: docfunc 5 | name: redis-service 6 | spec: 7 | selector: 8 | app: redis 9 | type: ClusterIP 10 | ports: 11 | - port: 6379 12 | targetPort: 6379 13 | protocol: TCP 14 | -------------------------------------------------------------------------------- /charts/docfunc/templates/docfunc-app-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | namespace: docfunc 5 | name: docfunc-app 6 | spec: 7 | type: NodePort 8 | ports: 9 | - port: 9000 10 | targetPort: 9000 11 | nodePort: 30080 12 | selector: 13 | app: docfunc-app 14 | -------------------------------------------------------------------------------- /charts/docfunc/templates/mysql-service.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Service 3 | metadata: 4 | namespace: docfunc 5 | name: mysql-service 6 | spec: 7 | selector: 8 | app: mysql 9 | type: NodePort 10 | ports: 11 | - port: 3306 12 | protocol: TCP 13 | targetPort: 3306 14 | nodePort: 30306 15 | -------------------------------------------------------------------------------- /charts/docfunc/values.yaml: -------------------------------------------------------------------------------- 1 | docfuncVersion: 0.1.36 2 | 3 | aws_bucket: blobs.docfunc.com 4 | aws_url: https://blobs.docfunc.com 5 | 6 | encryptedSecrets: 7 | algolia_app_id: null 8 | algolia_secret: null 9 | app_key: null 10 | aws_access_key_id: null 11 | aws_secret_access_key: null 12 | captcha_secret_key: null 13 | captcha_site_key: null 14 | mail_password: null 15 | mysql_password: null 16 | mysql_root_password: null 17 | redis_password: null 18 | -------------------------------------------------------------------------------- /charts/docfunc/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *.orig 18 | *~ 19 | # Various IDEs 20 | .project 21 | .idea/ 22 | *.tmproj 23 | .vscode/ 24 | -------------------------------------------------------------------------------- /charts/docfunc/templates/encrypted-secrets.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | apiVersion: bitnami.com/v1alpha1 3 | kind: SealedSecret 4 | metadata: 5 | creationTimestamp: null 6 | name: secrets 7 | namespace: docfunc 8 | spec: 9 | encryptedData: 10 | {{- range $key, $value := .Values.encryptedSecrets }} 11 | {{ $key }}: {{ $value | quote }} 12 | {{- end }} 13 | template: 14 | metadata: 15 | creationTimestamp: null 16 | name: secrets 17 | namespace: docfunc 18 | type: Opaque 19 | -------------------------------------------------------------------------------- /.github/workflows/release.yaml: -------------------------------------------------------------------------------- 1 | name: Release Charts 2 | 3 | on: 4 | push: 5 | branches: 6 | - main 7 | 8 | jobs: 9 | release: 10 | permissions: 11 | contents: write 12 | runs-on: ubuntu-latest 13 | steps: 14 | - name: Checkout 15 | uses: actions/checkout@v3 16 | with: 17 | fetch-depth: 0 18 | 19 | - name: Configure Git 20 | run: | 21 | git config user.name "$GITHUB_ACTOR" 22 | git config user.email "$GITHUB_ACTOR@users.noreply.github.com" 23 | 24 | - name: Run chart-releaser 25 | uses: helm/chart-releaser-action@v1.6.0 26 | env: 27 | CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}" 28 | -------------------------------------------------------------------------------- /charts/docfunc/README.md: -------------------------------------------------------------------------------- 1 | # DocFunc Helm Chart 2 | 3 | This is a Helm chart for deploying my blog - DocFunc. 4 | 5 | The blog source code is [here](https://github.com/YilanBoy/blog). 6 | 7 | ## Sealed Secrets 8 | 9 | Because I use Argo CD to deploy my blog, I use [Sealed Secrets](https://github.com/bitnami-labs/sealed-secrets) to encrypt the secrets. 10 | 11 | To encrypt & decrypt the secrets, you need to install the Sealed Secrets controller first. 12 | 13 | ```bash 14 | helm repo add sealed-secrets https://bitnami-labs.github.io/sealed-secrets 15 | helm install sealed-secrets -n kube-system --set-string fullnameOverride=sealed-secrets-controller sealed-secrets/sealed-secrets 16 | ``` 17 | 18 | Then you can use `kubeseal` to encrypt the secrets. 19 | 20 | > [!NOTE] 21 | > 22 | > You need to install `kubeseal` first. 23 | 24 | ```bash 25 | kubeseal -f mysecret.yaml -w mysealedsecret.yaml 26 | ``` 27 | -------------------------------------------------------------------------------- /charts/docfunc/templates/redis-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | namespace: docfunc 5 | name: redis-deployment 6 | labels: 7 | app: redis 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: redis 13 | template: 14 | metadata: 15 | labels: 16 | app: redis 17 | spec: 18 | containers: 19 | - name: redis-container 20 | image: redis:latest 21 | resources: 22 | limits: 23 | cpu: "0.5" 24 | memory: "500Mi" 25 | env: 26 | - name: REDIS_PASSWORD 27 | valueFrom: 28 | secretKeyRef: 29 | name: secrets 30 | key: redis_password 31 | command: 32 | - redis-server 33 | args: 34 | - --requirepass 35 | - $(REDIS_PASSWORD) 36 | ports: 37 | - containerPort: 6379 38 | -------------------------------------------------------------------------------- /charts/docfunc/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: docfunc 3 | description: The DocFunc Helm chart for Kubernetes 4 | icon: https://blobs.docfunc.com/icon.png 5 | 6 | # A chart can be either an 'application' or a 'library' chart. 7 | # 8 | # Application charts are a collection of templates that can be packaged into versioned archives 9 | # to be deployed. 10 | # 11 | # Library charts provide useful utilities or functions for the chart developer. They're included as 12 | # a dependency of application charts to inject those utilities and functions into the rendering 13 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 14 | type: application 15 | 16 | # This is the chart version. This version number should be incremented each time you make changes 17 | # to the chart and its templates, including the app version. 18 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 19 | version: 0.1.36 20 | 21 | # This is the version number of the application being deployed. This version number should be 22 | # incremented each time you make changes to the application. Versions are not expected to 23 | # follow Semantic Versioning. They should reflect the version the application is using. 24 | # It is recommended to use it with quotes. 25 | appVersion: "0.1.36" 26 | -------------------------------------------------------------------------------- /charts/docfunc/templates/docfunc-configmap.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ConfigMap 3 | metadata: 4 | namespace: docfunc 5 | name: docfunc-config 6 | data: 7 | APP_NAME: "DocFunc" 8 | APP_ENV: "production" 9 | APP_DEBUG: "false" 10 | APP_URL: "https://docfunc.com" 11 | LOG_CHANNEL: "stderr" 12 | LOG_LEVEL: "debug" 13 | # laravel octane 14 | OCTANE_SERVER: "swoole" 15 | OCTANE_HTTPS: "true" 16 | # file system 17 | FILESYSTEM_DISK: "s3" 18 | # database 19 | DB_CONNECTION: "mysql" 20 | DB_HOST: "mysql-service" 21 | DB_PORT: "3306" 22 | DB_DATABASE: "blog" 23 | DB_USERNAME: "blog_admin" 24 | # broadcast 25 | BROADCAST_DRIVER: "log" 26 | # cache 27 | CACHE_DRIVER: "redis" 28 | # queue 29 | QUEUE_CONNECTION: "redis" 30 | # session 31 | SESSION_DRIVER: "redis" 32 | SESSION_LIFETIME: "120" 33 | # redis 34 | REDIS_HOST: "redis-service" 35 | REDIS_PORT: "6379" 36 | # mail 37 | MAIL_MAILER: "smtp" 38 | MAIL_HOST: "smtp.sendgrid.net" 39 | MAIL_PORT: "587" 40 | MAIL_USERNAME: "apikey" 41 | MAIL_FROM_ADDRESS: "no-reply@mail.docfunc.com" 42 | MAIL_FROM_NAME: "DocFunc" 43 | # aws 44 | AWS_DEFAULT_REGION: "ap-northeast-1" 45 | AWS_BUCKET: "{{ .Values.aws_bucket }}" 46 | AWS_URL: "{{ .Values.aws_url }}" 47 | AWS_USE_PATH_STYLE_ENDPOINT: "false" 48 | # laravel scout 49 | SCOUT_PREFIX: "posts" 50 | -------------------------------------------------------------------------------- /charts/docfunc/templates/mysql-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | namespace: docfunc 5 | name: mysql-deployment 6 | labels: 7 | app: mysql 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: mysql 13 | template: 14 | metadata: 15 | labels: 16 | app: mysql 17 | spec: 18 | containers: 19 | - name: mysql-container 20 | image: mysql:8.0 21 | resources: 22 | limits: 23 | cpu: "0.5" 24 | memory: "1Gi" 25 | env: 26 | - name: MYSQL_ROOT_PASSWORD 27 | valueFrom: 28 | secretKeyRef: 29 | name: secrets 30 | key: mysql_root_password 31 | - name: MYSQL_DATABASE 32 | value: blog 33 | - name: MYSQL_USER 34 | value: blog_admin 35 | - name: MYSQL_PASSWORD 36 | valueFrom: 37 | secretKeyRef: 38 | name: secrets 39 | key: mysql_password 40 | ports: 41 | - containerPort: 3306 42 | volumeMounts: 43 | - name: mysql-storage 44 | mountPath: /var/lib/mysql 45 | volumes: 46 | - name: mysql-storage 47 | persistentVolumeClaim: 48 | claimName: mysql-pv-claim 49 | -------------------------------------------------------------------------------- /charts/docfunc/templates/mysql-migration-job.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: Job 3 | metadata: 4 | name: mysql-migration-job 5 | namespace: docfunc 6 | annotations: 7 | "helm.sh/hook": post-install 8 | "helm.sh/hook-delete-policy": hook-succeeded 9 | spec: 10 | template: 11 | spec: 12 | containers: 13 | - name: mysql-backup-cronjob 14 | image: nella0128/aws-mysql-client:{{ .Values.docfuncVersion }} 15 | imagePullPolicy: "Always" 16 | command: 17 | - "/bin/bash" 18 | - "-c" 19 | - | 20 | sleep 30s # wait for mysql to be ready 21 | OBJECT_KEY=$(aws s3 ls s3://$S3_BUCKET_NAME --recursive | sort | tail -n 1 | awk '{print $4}') 22 | aws s3 cp s3://$S3_BUCKET_NAME/$OBJECT_KEY /tmp/migration.sql 23 | cat /tmp/migration.sql | mysql -h $DATABASE_HOST -P $DATABASE_PORT -u $DATABASE_USER --password=$DATABASE_PASSWORD $DATABASE_NAME 24 | env: 25 | - name: DATABASE_HOST 26 | value: mysql-service 27 | - name: DATABASE_PORT 28 | value: "3306" 29 | - name: DATABASE_USER 30 | value: blog_admin 31 | - name: DATABASE_PASSWORD 32 | valueFrom: 33 | secretKeyRef: 34 | key: mysql_password 35 | name: secrets 36 | - name: DATABASE_NAME 37 | value: blog 38 | - name: BACKUP_FILE_NAME 39 | value: blog.sql 40 | - name: S3_BUCKET_NAME 41 | value: docfunc-backups 42 | - name: AWS_ACCESS_KEY_ID 43 | valueFrom: 44 | secretKeyRef: 45 | key: aws_access_key_id 46 | name: secrets 47 | - name: AWS_SECRET_ACCESS_KEY 48 | valueFrom: 49 | secretKeyRef: 50 | key: aws_secret_access_key 51 | name: secrets 52 | - name: AWS_DEFAULT_REGION 53 | value: ap-northeast-1 54 | restartPolicy: Never 55 | -------------------------------------------------------------------------------- /charts/docfunc/templates/mysql-backup-cronjob.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: batch/v1 2 | kind: CronJob 3 | metadata: 4 | namespace: docfunc 5 | name: mysql-backup-cronjob 6 | spec: 7 | schedule: "0 * * * *" 8 | jobTemplate: 9 | spec: 10 | template: 11 | spec: 12 | containers: 13 | - name: mysql-backup-cronjob 14 | image: nella0128/aws-mysql-client:{{ .Values.docfuncVersion }} 15 | imagePullPolicy: "Always" 16 | command: 17 | - "/bin/bash" 18 | - "-c" 19 | - | 20 | mysqldump --no-tablespaces -h $DATABASE_HOST -P $DATABASE_PORT -u $DATABASE_USER --password=$DATABASE_PASSWORD $DATABASE_NAME > $BACKUP_FILE_NAME 21 | aws s3 cp $BACKUP_FILE_NAME s3://$S3_BUCKET_NAME/$(date +'%Y%m%d%H')_$BACKUP_FILE_NAME 22 | env: 23 | - name: DATABASE_HOST 24 | value: mysql-service 25 | - name: DATABASE_PORT 26 | value: "3306" 27 | - name: DATABASE_USER 28 | value: blog_admin 29 | - name: DATABASE_PASSWORD 30 | valueFrom: 31 | secretKeyRef: 32 | key: mysql_password 33 | name: secrets 34 | - name: DATABASE_NAME 35 | value: blog 36 | - name: BACKUP_FILE_NAME 37 | value: blog.sql 38 | - name: S3_BUCKET_NAME 39 | value: docfunc-backups 40 | - name: AWS_ACCESS_KEY_ID 41 | valueFrom: 42 | secretKeyRef: 43 | key: aws_access_key_id 44 | name: secrets 45 | - name: AWS_SECRET_ACCESS_KEY 46 | valueFrom: 47 | secretKeyRef: 48 | key: aws_secret_access_key 49 | name: secrets 50 | - name: AWS_DEFAULT_REGION 51 | value: ap-northeast-1 52 | restartPolicy: OnFailure 53 | -------------------------------------------------------------------------------- /charts/docfunc/templates/docfunc-queue-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | namespace: docfunc 5 | name: docfunc-queue 6 | labels: 7 | app: docfunc-queue 8 | spec: 9 | revisionHistoryLimit: 1 10 | replicas: 1 11 | selector: 12 | matchLabels: 13 | app: docfunc-queue 14 | template: 15 | metadata: 16 | labels: 17 | app: docfunc-queue 18 | annotations: 19 | reloader.stakater.com/auto: "true" 20 | spec: 21 | containers: 22 | - name: docfunc-queue 23 | image: nella0128/docfunc-queue:{{ .Values.docfuncVersion }} 24 | imagePullPolicy: "Always" 25 | resources: 26 | limits: 27 | cpu: "0.5" 28 | memory: "250Mi" 29 | envFrom: 30 | - configMapRef: 31 | name: docfunc-config 32 | env: 33 | - name: APP_KEY 34 | valueFrom: 35 | secretKeyRef: 36 | key: app_key 37 | name: secrets 38 | - name: DB_PASSWORD 39 | valueFrom: 40 | secretKeyRef: 41 | key: mysql_password 42 | name: secrets 43 | - name: REDIS_PASSWORD 44 | valueFrom: 45 | secretKeyRef: 46 | key: redis_password 47 | name: secrets 48 | - name: MAIL_PASSWORD 49 | valueFrom: 50 | secretKeyRef: 51 | key: mail_password 52 | name: secrets 53 | - name: AWS_ACCESS_KEY_ID 54 | valueFrom: 55 | secretKeyRef: 56 | key: aws_access_key_id 57 | name: secrets 58 | - name: AWS_SECRET_ACCESS_KEY 59 | valueFrom: 60 | secretKeyRef: 61 | key: aws_secret_access_key 62 | name: secrets 63 | - name: CAPTCHA_SITE_KEY 64 | valueFrom: 65 | secretKeyRef: 66 | key: captcha_site_key 67 | name: secrets 68 | - name: CAPTCHA_SECRET_KEY 69 | valueFrom: 70 | secretKeyRef: 71 | key: captcha_secret_key 72 | name: secrets 73 | - name: ALGOLIA_APP_ID 74 | valueFrom: 75 | secretKeyRef: 76 | key: algolia_app_id 77 | name: secrets 78 | - name: ALGOLIA_SECRET 79 | valueFrom: 80 | secretKeyRef: 81 | key: algolia_secret 82 | name: secrets 83 | -------------------------------------------------------------------------------- /charts/docfunc/templates/docfunc-scheduler-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | namespace: docfunc 5 | name: docfunc-scheduler 6 | labels: 7 | app: docfunc-scheduler 8 | annotations: 9 | reloader.stakater.com/auto: "true" 10 | spec: 11 | revisionHistoryLimit: 1 12 | replicas: 1 13 | selector: 14 | matchLabels: 15 | app: docfunc-scheduler 16 | template: 17 | metadata: 18 | labels: 19 | app: docfunc-scheduler 20 | spec: 21 | containers: 22 | - name: docfunc-scheduler 23 | image: nella0128/docfunc-scheduler:{{ .Values.docfuncVersion }} 24 | imagePullPolicy: "Always" 25 | resources: 26 | limits: 27 | cpu: "0.5" 28 | memory: "250Mi" 29 | envFrom: 30 | - configMapRef: 31 | name: docfunc-config 32 | env: 33 | - name: APP_KEY 34 | valueFrom: 35 | secretKeyRef: 36 | key: app_key 37 | name: secrets 38 | - name: DB_PASSWORD 39 | valueFrom: 40 | secretKeyRef: 41 | key: mysql_password 42 | name: secrets 43 | - name: REDIS_PASSWORD 44 | valueFrom: 45 | secretKeyRef: 46 | key: redis_password 47 | name: secrets 48 | - name: MAIL_PASSWORD 49 | valueFrom: 50 | secretKeyRef: 51 | key: mail_password 52 | name: secrets 53 | - name: AWS_ACCESS_KEY_ID 54 | valueFrom: 55 | secretKeyRef: 56 | key: aws_access_key_id 57 | name: secrets 58 | - name: AWS_SECRET_ACCESS_KEY 59 | valueFrom: 60 | secretKeyRef: 61 | key: aws_secret_access_key 62 | name: secrets 63 | - name: CAPTCHA_SITE_KEY 64 | valueFrom: 65 | secretKeyRef: 66 | key: captcha_site_key 67 | name: secrets 68 | - name: CAPTCHA_SECRET_KEY 69 | valueFrom: 70 | secretKeyRef: 71 | key: captcha_secret_key 72 | name: secrets 73 | - name: ALGOLIA_APP_ID 74 | valueFrom: 75 | secretKeyRef: 76 | key: algolia_app_id 77 | name: secrets 78 | - name: ALGOLIA_SECRET 79 | valueFrom: 80 | secretKeyRef: 81 | key: algolia_secret 82 | name: secrets 83 | -------------------------------------------------------------------------------- /charts/docfunc/templates/docfunc-app-deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | namespace: docfunc 5 | name: docfunc-app 6 | labels: 7 | app: docfunc-app 8 | annotations: 9 | reloader.stakater.com/auto: "true" 10 | spec: 11 | revisionHistoryLimit: 1 12 | replicas: 1 13 | strategy: 14 | rollingUpdate: 15 | maxSurge: 1 16 | maxUnavailable: 0 17 | selector: 18 | matchLabels: 19 | app: docfunc-app 20 | template: 21 | metadata: 22 | labels: 23 | app: docfunc-app 24 | spec: 25 | containers: 26 | - name: docfunc-app 27 | image: nella0128/docfunc-app:{{ .Values.docfuncVersion }} 28 | imagePullPolicy: "Always" 29 | resources: 30 | limits: 31 | cpu: "1" 32 | memory: "500Mi" 33 | envFrom: 34 | - configMapRef: 35 | name: docfunc-config 36 | env: 37 | - name: APP_KEY 38 | valueFrom: 39 | secretKeyRef: 40 | key: app_key 41 | name: secrets 42 | - name: DB_PASSWORD 43 | valueFrom: 44 | secretKeyRef: 45 | key: mysql_password 46 | name: secrets 47 | - name: REDIS_PASSWORD 48 | valueFrom: 49 | secretKeyRef: 50 | key: redis_password 51 | name: secrets 52 | - name: MAIL_PASSWORD 53 | valueFrom: 54 | secretKeyRef: 55 | key: mail_password 56 | name: secrets 57 | - name: AWS_ACCESS_KEY_ID 58 | valueFrom: 59 | secretKeyRef: 60 | key: aws_access_key_id 61 | name: secrets 62 | - name: AWS_SECRET_ACCESS_KEY 63 | valueFrom: 64 | secretKeyRef: 65 | key: aws_secret_access_key 66 | name: secrets 67 | - name: CAPTCHA_SITE_KEY 68 | valueFrom: 69 | secretKeyRef: 70 | key: captcha_site_key 71 | name: secrets 72 | - name: CAPTCHA_SECRET_KEY 73 | valueFrom: 74 | secretKeyRef: 75 | key: captcha_secret_key 76 | name: secrets 77 | - name: ALGOLIA_APP_ID 78 | valueFrom: 79 | secretKeyRef: 80 | key: algolia_app_id 81 | name: secrets 82 | - name: ALGOLIA_SECRET 83 | valueFrom: 84 | secretKeyRef: 85 | key: algolia_secret 86 | name: secrets 87 | ports: 88 | - containerPort: 9000 89 | --------------------------------------------------------------------------------