diane-fileserver/infra/k8s/deployments/servicename-depl.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: servicename-depl
  namespace: default
  labels:
    app: servicename
spec:
  replicas: 1
  selector:
    matchLabels:
      app: servicename
  template:
    metadata:
      labels:
        app: servicename
    spec:
      volumes:
        - name: google-cloud-keys
          secret:
            secretName: google-application-credentials

        - name: proxy-to-another-gcp-project # name of the volumes that contain the proxy to another gcp project
          secret:
            secretName: proxy-to-another-gcp-project-secret
      containers:
        - name: servicename
          #Cloud Configuration
          image: europe-west1-docker.pkg.dev/your-artifact-repository/servicename:latest
          imagePullPolicy: Always
          # Liveness Probe Configuration
          livenessProbe:
            failureThreshold: 3
            httpGet:
              path: /api/v1/servicename/
              port: 3000
              scheme: HTTP
            initialDelaySeconds: 60
            periodSeconds: 60
            successThreshold: 1
            timeoutSeconds: 10
          # Readiness Probe Configuration
          readinessProbe:
            failureThreshold: 3
            httpGet:
              path: /api/v1/servicename/
              port: 3000
              scheme: HTTP
            initialDelaySeconds: 60
            periodSeconds: 60
            successThreshold: 1
            timeoutSeconds: 10

          volumeMounts:
            - name: google-cloud-keys
              mountPath: /var/secrets/google
          ports:
            - containerPort: 3000
          env:
            #SERVICE CONFIGURATION
            - name: HOST
              value: '0.0.0.0'
            - name: SERVICE_NAME
              value: 'your_service_name'
            - name: PORT
              value: '3000'
            - name: HASH
              value: '10'

            #JWT CONFIGURATION
            - name: JWT_KEY
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: JWT_KEY
            - name: SECRET
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: SECRET

            #MONGO CONFIGURATION
            - name: MONGO_URI
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MONGO_URI # We use the test one also in mongouri. this happen cause when launch skaffold in local it has node_env production
            - name: MONGO_URI_TEST
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MONGO_URI_TEST

            #GOOGLE CLOUD CONFIGURATION
            - name: GOOGLE_APPLICATION_CREDENTIALS
              value: '/var/secrets/google/google-application-credentials.json'
            - name: GOOGLE_PROJECT_ID
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: GOOGLE_PROJECT_ID
            - name: GOOGLE_CLOUD_PROJECT
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: GOOGLE_CLOUD_PROJECT
            - name: GOOGLE_STORAGE_BUCKET_NAME
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: GOOGLE_STORAGE_BUCKET_NAME
            - name: GOOGLE_CLIENT_ID
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: GOOGLE_CLIENT_ID
            - name: GOOGLE_CLIENT_SECRET
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: GOOGLE_CLIENT_SECRET
            - name: GOOGLE_MAPS_API_KEY
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: GOOGLE_MAPS_API_KEY

            #SPARKPOST CONFIGURATION
            - name: SPARKPOST_API_KEY
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: SPARKPOST_API_KEY
            - name: SPARKPOST_SENDER_DOMAIN
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: SPARKPOST_SENDER_DOMAIN

            #MESSAGEBIRD CONFIGURATION
            - name: MESSAGEBIRD_ACCESS_KEY
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MESSAGEBIRD_ACCESS_KEY
            - name: MESSAGEBIRD_WHATSAPP_CHANNEL_ID
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MESSAGEBIRD_WHATSAPP_CHANNEL_ID
            - name: MESSAGEBIRD_TEMPLATE_NAMESPACE_ID
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MESSAGEBIRD_TEMPLATE_NAMESPACE_ID
            - name: MESSAGEBIRD_TEMPLATE_NAME_TEST
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MESSAGEBIRD_TEMPLATE_NAME_TEST

            #MYSQL CONFIGURATION
            - name: MYSQL_HOST_STAGE
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MYSQL_HOST_STAGE
            - name: MYSQL_USER_STAGE
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MYSQL_USER_STAGE
            - name: MYSQL_PASSWORD_STAGE
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MYSQL_PASSWORD_STAGE
            - name: MYSQL_DB_STAGE
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MYSQL_DB_STAGE
            - name: MYSQL_SOCKET_STAGE
              value: '/cloudsql/your-socket-name'

            - name: MYSQL_HOST_PROD
              value: '127.0.0.1' #we use localhost because we mounted a cloud proxy sql
            - name: MYSQL_USER_PROD
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MYSQL_USER_PROD
            - name: MYSQL_PASSWORD_PROD
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MYSQL_PASSWORD_PROD
            - name: MYSQL_DB_PROD
              valueFrom:
                secretKeyRef:
                  name: shared-secrets
                  key: MYSQL_DB_PROD
            - name: MYSQL_SOCKET_PROD
              value: '/cloudsql/your-socket-name'

        - name: cloud-sql-proxy
          # It is recommended to use the latest version of the Cloud SQL proxy
          # Make sure to update on a regular schedule!
          image: gcr.io/cloud-sql-connectors/cloud-sql-proxy:2.1.0
          args:
            # If connecting from a VPC-native GKE cluster, you can use the
            # following flag to have the proxy connect over private IP
            # - "--private-ip"

            # Enable structured logging with LogEntry format:
            - '--structured-logs'

            # Defaults: MySQL: 3306, Postgres: 5432, SQLServer: 1433
            # Replace DB_PORT with the port the proxy should listen on
            - '--port=3306'
            - 'cloud-sql-instances=instance-name'

            # [START cloud_sql_proxy_k8s_volume_mount]
            # This flag specifies where the service account key can be found
            - '--credentials-file=/var/secrets/google/proxy-to-another-gcp-project.json'
          securityContext:
            # The default Cloud SQL proxy image runs as the
            # "nonroot" user and group (uid: 65532) by default.
            runAsNonRoot: true
          volumeMounts:
            - name: proxy-to-another-gcp-project
              mountPath: /var/secrets/google
              readOnly: true
          # [END cloud_sql_proxy_k8s_volume_mount]
          # Resource configuration depends on an application's requirements. You
          # should adjust the following values based on what your application
          # needs. For details, see https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/
          resources:
            requests:
              # The proxy's memory use scales linearly with the number of active
              # connections. Fewer open connections will use less memory. Adjust
              # this value based on your application's requirements.
              memory: '2Gi'
              # The proxy's CPU use scales linearly with the amount of IO between
              # the database and the application. Adjust this value based on your
              # application's requirements.
              cpu: '1'
---
apiVersion: v1
kind: Service
metadata:
  name: servicename-srv
spec:
  #  type: ClusterIP
  type: NodePort
  selector:
    app: servicename
  ports:
    - name: servicename
      protocol: TCP
      port: 3000
      targetPort: 3000