apiVersion: apps/v1 kind: Deployment metadata: name: servicename-depl namespace: default labels: app: servicename spec: replicas: 1 selector: matchLabels: app: servicename template: metadata: labels: app: servicename spec: volumes: - name: google-cloud-keys secret: secretName: google-application-credentials - name: proxy-to-another-gcp-project # name of the volumes that contain the proxy to another gcp project secret: secretName: proxy-to-another-gcp-project-secret containers: - name: servicename #Local Configuration image: org_name/project_name/servicename:latest volumeMounts: - name: google-cloud-keys mountPath: /var/secrets/google env: #SERVICE CONFIGURATION - name: HOST value: '0.0.0.0' - name: SERVICE_NAME value: 'your-service-name' - name: PORT value: '3000' - name: HASH value: '10' #JWT CONFIGURATION - name: JWT_KEY valueFrom: secretKeyRef: name: shared-secrets key: JWT_KEY - name: SECRET valueFrom: secretKeyRef: name: shared-secrets key: SECRET #MONGO CONFIGURATION - name: MONGO_URI valueFrom: secretKeyRef: name: shared-secrets key: MONGO_URI_TEST # We use the test one also in mongouri. this happen cause when launch skaffold in local it has node_env production - name: MONGO_URI_TEST valueFrom: secretKeyRef: name: shared-secrets key: MONGO_URI_TEST #GOOGLE CLOUD CONFIGURATION - name: GOOGLE_APPLICATION_CREDENTIALS value: '/var/secrets/google/google-application-credentials.json' - name: GOOGLE_PROJECT_ID valueFrom: secretKeyRef: name: shared-secrets key: GOOGLE_PROJECT_ID - name: GOOGLE_CLOUD_PROJECT valueFrom: secretKeyRef: name: shared-secrets key: GOOGLE_CLOUD_PROJECT - name: GOOGLE_STORAGE_BUCKET_NAME valueFrom: secretKeyRef: name: shared-secrets key: GOOGLE_STORAGE_BUCKET_NAME - name: GOOGLE_CLIENT_ID valueFrom: secretKeyRef: name: shared-secrets key: GOOGLE_CLIENT_ID - name: GOOGLE_CLIENT_SECRET valueFrom: secretKeyRef: name: shared-secrets key: GOOGLE_CLIENT_SECRET - name: GOOGLE_MAPS_API_KEY valueFrom: secretKeyRef: name: shared-secrets key: GOOGLE_MAPS_API_KEY #SPARKPOST CONFIGURATION - name: SPARKPOST_API_KEY valueFrom: secretKeyRef: name: shared-secrets key: SPARKPOST_API_KEY - name: SPARKPOST_SENDER_DOMAIN valueFrom: secretKeyRef: name: shared-secrets key: SPARKPOST_SENDER_DOMAIN #MESSAGEBIRD CONFIGURATION - name: MESSAGEBIRD_ACCESS_KEY valueFrom: secretKeyRef: name: shared-secrets key: MESSAGEBIRD_ACCESS_KEY - name: MESSAGEBIRD_WHATSAPP_CHANNEL_ID valueFrom: secretKeyRef: name: shared-secrets key: MESSAGEBIRD_WHATSAPP_CHANNEL_ID - name: MESSAGEBIRD_TEMPLATE_NAMESPACE_ID valueFrom: secretKeyRef: name: shared-secrets key: MESSAGEBIRD_TEMPLATE_NAMESPACE_ID - name: MESSAGEBIRD_TEMPLATE_NAME_TEST valueFrom: secretKeyRef: name: shared-secrets key: MESSAGEBIRD_TEMPLATE_NAME_TEST #MYSQL CONFIGURATION - name: MYSQL_HOST_STAGE valueFrom: secretKeyRef: name: shared-secrets key: MYSQL_HOST_STAGE - name: MYSQL_USER_STAGE valueFrom: secretKeyRef: name: shared-secrets key: MYSQL_USER_STAGE - name: MYSQL_PASSWORD_STAGE valueFrom: secretKeyRef: name: shared-secrets key: MYSQL_PASSWORD_STAGE - name: MYSQL_DB_STAGE valueFrom: secretKeyRef: name: shared-secrets key: MYSQL_DB_STAGE - name: MYSQL_SOCKET_STAGE value: '/cloudsql/your-socket-name' - name: MYSQL_HOST_PROD value: '127.0.0.1' #we use localhost because we mounted a cloud proxy sql - name: MYSQL_USER_PROD valueFrom: secretKeyRef: name: shared-secrets key: MYSQL_USER_PROD - name: MYSQL_PASSWORD_PROD valueFrom: secretKeyRef: name: shared-secrets key: MYSQL_PASSWORD_PROD - name: MYSQL_DB_PROD valueFrom: secretKeyRef: name: shared-secrets key: MYSQL_DB_PROD - name: MYSQL_SOCKET_PROD value: '/cloudsql/your-cloudsql-socket' - name: cloud-sql-proxy # It is recommended to use the latest version of the Cloud SQL proxy # Make sure to update on a regular schedule! image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.1.0 args: # If connecting from a VPC-native GKE cluster, you can use the # following flag to have the proxy connect over private IP # - "--private-ip" # Enable structured logging with LogEntry format: - "--structured-logs" # Defaults: MySQL: 3306, Postgres: 5432, SQLServer: 1433 # Replace DB_PORT with the port the proxy should listen on - "--port=3306" - "cloud-sql-instances=instance-name" # [START cloud_sql_proxy_k8s_volume_mount] # This flag specifies where the service account key can be found - '--credentials-file=/var/secrets/google/proxy-to-another-gcp-project.json' securityContext: # The default Cloud SQL proxy image runs as the # "nonroot" user and group (uid: 65532) by default. runAsNonRoot: true volumeMounts: - name: proxy-to-another-gcp-project mountPath: /var/secrets/google readOnly: true # [END cloud_sql_proxy_k8s_volume_mount] # Resource configuration depends on an application's requirements. You # should adjust the following values based on what your application # needs. For details, see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/ resources: requests: # The proxy's memory use scales linearly with the number of active # connections. Fewer open connections will use less memory. Adjust # this value based on your application's requirements. memory: '2Gi' # The proxy's CPU use scales linearly with the amount of IO between # the database and the application. Adjust this value based on your # application's requirements. cpu: '1' --- apiVersion: v1 kind: Service metadata: name: servicename-srv spec: type: ClusterIP selector: app: servicename ports: - name: servicename protocol: TCP port: 3000 targetPort: 3000