tpt-rails 1.0.0

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/requirements.yaml.tt

@@ -0,0 +1,8 @@
+dependencies:
+  - name: mysql
+    version: 1.3.0
+    repository: '@stable'
+  - name: copy-secrets
+    version: ~1.1.0
+    repository: https://chartmuseum.tptpm.info
+    condition: copy-secrets.enabled

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/templates/NOTES.txt.tt

@@ -0,0 +1,8 @@
+<%= Tpt::Rails.app_name %> can be accessed via port {{ .Values.environment.APP_PORT }} on the
+following DNS name from within your cluster:
+{{ template "<%= Tpt::Rails.app_name %>.fullname" . }}.{{ .Release.Namespace }}.svc.cluster.local
+
+For local development:
+ # Execute the following commands to route the connection:
+ export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "<%= Tpt::Rails.app_name %>.fullname" . }}" -o jsonpath="{.items[0].metadata.name}")
+ kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME {{ .Values.environment.APP_PORT }}:{{ .Values.environment.APP_PORT }}

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/templates/_env.yaml

@@ -0,0 +1,15 @@
+{{ define "env" }}
+{{- range $key, $val := .Values.environment }}
+- name: {{ $key }}
+  {{- if hasPrefix "valueFrom:" $val }}
+  {{- tpl $val $ | nindent 2 }}
+  {{- else }}
+  value: {{ tpl $val $ | quote }}
+  {{- end }}
+{{- end}}
+# This is in this file because we can't have conditionals in `values.yaml`.
+{{- if .Values.redis.enabled }}
+- name: REDIS_URL
+  value: "redis://{{ .Release.Name }}-redis-master:{{ .Values.redis.redisPort }}"
+{{- end }}
+{{ end }}

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/templates/_helpers.tpl.tt

@@ -0,0 +1,63 @@
+{{/* vim: set filetype=mustache: */}}
+
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "<%= Tpt::Rails.app_name %>.name" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "<%= Tpt::Rails.app_name %>.fullname" -}}
+{{- if .Values.fullnameOverride -}}
+{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- $name := default .Chart.Name .Values.nameOverride -}}
+{{- if contains $name .Release.Name -}}
+{{- printf .Release.Name | trunc 63 | trimSuffix "-" -}}
+{{- else -}}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
+{{- end -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Get domain name of ode
+*/}}
+{{- define "<%= Tpt::Rails.app_name %>.domain" -}}
+{{- printf "%s.%s" .Release.Namespace .Values.app.ingress_dns_name -}}
+{{- end -}}
+
+{{/*
+Get service.
+*/}}
+{{- define "<%= Tpt::Rails.app_name %>.service" -}}
+{{- $trimPath := .service.path | trimPrefix "/" -}}
+{{- if eq .service.useIngress true -}}
+{{- printf "%s://%s-%s:%v/%s" .service.protocol .service.hostName .domain .service.port $trimPath -}}
+{{- else -}}
+{{- printf "%s://%s:%v/%s" .service.protocol .service.hostName .service.port $trimPath -}}
+{{- end -}}
+{{- end -}}
+
+{{/*
+Get services.
+*/}}
+{{- define "<%= Tpt::Rails.app_name %>.services" -}}
+{{- $domain := (include "<%= Tpt::Rails.app_name %>.domain" .) -}}
+{{- range $key, $serviceDefinition := .Values.app.services }}
+{{- if ne (hasKey $.Values.environment $serviceDefinition.envVarName) true }}
+{{- $service := dict "domain" $domain "service" $serviceDefinition | include "<%= Tpt::Rails.app_name %>.service" }}
+- name: {{ $serviceDefinition.envVarName }}
+  value: {{ printf "%s" $service | trimSuffix "/" | quote }}
+{{- end }}
+{{- end }}
+{{- end -}}

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/templates/autoscaler.yaml.tt

@@ -0,0 +1,21 @@
+apiVersion: autoscaling/v1
+kind: HorizontalPodAutoscaler
+metadata:
+  name: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}
+  labels:
+    app: {{ template "<%= Tpt::Rails.app_name %>.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    tpt/project: "{{ .Chart.Name }}"
+    tpt/owner: {{ .Values.annotations.owner }}
+    tpt/creator: {{ .Values.annotations.creator | default "UNKNOWN" | quote }}
+    tpt/release: "{{ .Release.Name }}"
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}
+  minReplicas: {{ .Values.autoscaler.minimumPods }}
+  maxReplicas: {{ .Values.autoscaler.maximumPods }}
+  targetCPUUtilizationPercentage: {{ .Values.autoscaler.targetCPUUtilizationPercentage }}

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/templates/deployment.yaml.tt

@@ -0,0 +1,96 @@
+# Kube information about the deployment
+# For documentation on these properties, see:
+#   https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#creating-a-deployment
+
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}
+  labels:
+    app: {{ template "<%= Tpt::Rails.app_name %>.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    tpt/project: "{{ .Chart.Name }}"
+    tpt/owner: {{ .Values.annotations.owner }}
+    tpt/creator: {{ .Values.annotations.creator | default "UNKNOWN" | quote }}
+    tpt/release: "{{ .Release.Name }}"
+spec:
+  strategy:
+    type: RollingUpdate
+    rollingUpdate:
+      {{ toYaml .Values.rollingUpdate | indent 6 | trim }}
+  selector:
+    matchLabels:
+      app: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}
+  replicas: {{ .Values.replicas }}
+  # Max number of replicat sets to retain.
+  # Sets exceeding this limit will get deleted
+  revisionHistoryLimit: {{ .Values.revisionHistoryLimit }}
+  template:
+    metadata:
+      labels:
+        app: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}
+        release: "{{ .Release.Name }}"
+        track: stable
+        language: ruby
+        tpt/project: "{{ .Chart.Name }}"
+        tpt/creator: {{ .Values.annotations.creator | default "UNKNOWN" | quote }}
+      annotations:
+        buildID: "{{ .Values.buildID }}"
+        sidecar.istio.io/inject: "true"
+    spec:
+      # Specifies where our Kube secrets are coming from
+      imagePullSecrets:
+      - name: {{ .Values.imagePullSecrets.name }}
+      containers:
+      - name: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}
+        # This references our images on Docker hub
+        {{- if .Values.revision }}
+        # If a different container version has been specified, use it
+        image: "teacherspayteachers/{{ .Values.image.name }}:{{ .Values.revision }}"
+        {{- else }}
+        image: "teacherspayteachers/{{ .Values.image.name }}:{{ .Values.image.tag }}"
+        {{- end }}
+        imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+        # Specifies provisioning requests & limits (memory and CPU)
+        resources:
+          limits:
+            memory: {{ .Values.resources.limits.memory }}
+            cpu: {{ .Values.resources.limits.cpu }}
+          requests:
+            memory: {{ .Values.resources.requests.memory }}
+            cpu: {{ .Values.resources.requests.cpu }}
+        env:
+          {{- include "env" . | indent 10 }}
+          {{- include "<%= Tpt::Rails.app_name %>.services" . | nindent 10 }}
+          {{- if .Values.secrets }}
+          {{ toYaml .Values.secrets | trim | nindent 10 }}
+          {{- end }}
+        ports:
+          # Where our application is listening
+          - containerPort: {{ .Values.environment.APP_PORT }}
+        # Specifies an endpoint. Kube won't mark the container as ready until
+        # this endpoint returns a success code
+        readinessProbe:
+          httpGet:
+            path: /internal/health-check
+            port: {{ .Values.environment.APP_PORT }}
+            scheme: HTTP
+          initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
+          timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
+          periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
+          failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
+          successThreshold: {{ .Values.readinessProbe.successThreshold }}
+        # Specifies an endpoint. Kube will take the container out of circulation
+        # if it fails the health check for too long
+        livenessProbe:
+          httpGet:
+            path: /internal/health-check
+            port: {{ .Values.environment.APP_PORT }}
+            scheme: HTTP
+          initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
+          timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
+          periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
+          failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
+          successThreshold: {{ .Values.livenessProbe.successThreshold }}

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/templates/hooks/db-migrate.yaml.tt

@@ -0,0 +1,59 @@
+{{- if .Values.migrateCommand -}}
+apiVersion: batch/v1
+kind: Job # runs once and then stops
+metadata:
+  name: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}-db-migrate
+  labels:
+    app: {{ template "<%= Tpt::Rails.app_name %>.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    tpt/project: "{{ .Chart.Name }}"
+    tpt/owner: {{ .Values.annotations.owner }}
+    tpt/creator: {{ .Values.annotations.creator | default "UNKNOWN" | quote }}
+    tpt/release: "{{ .Release.Name }}"
+  annotations:
+    # post-install: after initial creation of stack, pre-upgrade: before deploying new code
+    "helm.sh/hook": "post-install,pre-upgrade"
+    "helm.sh/hook-delete-policy": "before-hook-creation"
+    "helm.sh/hook-weight": "0"
+spec:
+  template:
+    metadata:
+      labels:
+        app: {{ template "<%= Tpt::Rails.app_name %>.name" . }}
+        release: {{ .Release.Name }}
+      annotations:
+        buildID: "{{ .Values.buildID }}"
+        sidecar.istio.io/inject: "false"
+    spec:
+      restartPolicy: Never
+      imagePullSecrets:
+      - name: {{ .Values.imagePullSecrets.name }}
+      containers:
+      - name: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}
+        # This references our images on Docker hub
+        {{- if .Values.revision }}
+        # If a different container version has been specified, use it
+        image: "teacherspayteachers/{{ .Values.image.name }}:{{ .Values.revision }}"
+        {{- else }}
+        image: "teacherspayteachers/{{ .Values.image.name }}:{{ .Values.image.tag }}"
+        {{- end }}
+        imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
+        command: ["/bin/sh"]
+        # This is what causes a different command to be run for this job
+        args: ["-c", "{{ .Values.migrateCommand }}"]
+        # Specifies provisioning requests & limits (memory and CPU)
+        resources:
+          limits:
+            memory: {{ .Values.resources.limits.memory }}
+            cpu: {{ .Values.resources.limits.cpu }}
+          requests:
+            memory: {{ .Values.resources.requests.memory }}
+            cpu: {{ .Values.resources.requests.cpu }}
+        env:
+          {{- include "env" . | indent 10 }}
+          {{- if .Values.secrets }}
+          {{ toYaml .Values.secrets | trim | nindent 10 }}
+          {{- end }}
+{{- end -}}

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/templates/service.yaml.tt

@@ -0,0 +1,52 @@
+# Information about the service
+# For documentation on these properties, see:
+#   https://kubernetes.io/docs/concepts/services-networking/service/#defining-a-service
+
+apiVersion: v1
+kind: Service
+metadata:
+  # References the "<%= Tpt::Rails.app_name %>.fullname" property defined in _helpers.tpl
+  name: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}
+  labels:
+    app: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}
+    # References system properties from Helm
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    tpt/project: "{{ .Chart.Name }}"
+    tpt/owner: {{ .Values.annotations.owner }}
+    tpt/creator: {{ .Values.annotations.creator | default "UNKNOWN" | quote }}
+    tpt/release: "{{ .Release.Name }}"
+  annotations:
+    getambassador.io/config: |
+      apiVersion: ambassador/v1
+      kind: Mapping
+      name: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}_{{ .Release.Namespace }}_mapping
+      prefix: /
+      host: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}.ode.tptpm.info
+      service: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}.{{ .Release.Namespace }}:{{ .Values.service.port }}
+      # retry_policy:
+      #   retry_on: "5xx"
+      #   num_retries: 5
+      #   per_try_timeout: "3s"
+      labels:
+        ambassador:
+          - request_label:
+            - frontend
+{{- if eq .Values.service.type "LoadBalancer" }}
+    service.beta.kubernetes.io/aws-load-balancer-backend-protocol: "http"
+    service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true"
+    service.beta.kubernetes.io/aws-load-balancer-internal: "0.0.0.0/0"
+{{- end }}
+spec:
+  # References the service.type property from values.yaml
+  type: {{ .Values.service.type }}
+  ports:
+  - name: http
+    # The incoming port
+    port: {{ .Values.service.port }}
+    protocol: TCP
+    # Port to map to. This is where the application is listening
+    targetPort: {{ .Values.environment.APP_PORT }}
+  selector:
+    app: {{ template "<%= Tpt::Rails.app_name %>.fullname" . }}

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/values.prod.yaml.tt

@@ -0,0 +1,52 @@
+name: <%= Tpt::Rails.app_name %>
+deploy_env: production
+
+image:
+  name: <%= Tpt::Rails.app_name %>
+  repository: <%= Tpt::Rails.app_name %>
+  tag: latest
+  pullPolicy: Always
+
+environment:
+  ENVIRONMENT: production
+  APP_ENV: production
+  RAILS_ENV: production
+
+postgresql:
+  enabled: false
+
+copy-secrets:
+  enabled: false
+
+redis:
+  enabled: false
+
+secrets:
+  - name: RAILS_MASTER_KEY
+    valueFrom:
+      secretKeyRef:
+        name: <%= Tpt::Rails.app_name %>-secrets
+        key: rails-master-key
+  - name: DATABASE_URL
+    valueFrom:
+      secretKeyRef:
+        name: <%= Tpt::Rails.app_name %>-secrets
+        # To set up a staging/prod DB:
+        # - Create the DB in the TpT terraform repo
+        # - Use the root DB account to create an application DB user
+        # - Create a kube secret (e.g. prod-resource-catalog-db-url) with the DATABASE_URL
+        #   (including the application user credentials)
+        # - Update the key below to reference your secret
+        key: 'FIXME'
+
+autoscaler:
+  minimumPods: 3
+  maximumPods: 6
+  targetCPUUtilizationPercentage: 70
+
+rollingUpdate:
+  maxSurge: 25%
+
+# Create ELB
+# service:
+#   type: LoadBalancer

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/values.staging.yaml.tt

@@ -0,0 +1,52 @@
+name: <%= Tpt::Rails.app_name %>
+deploy_env: staging
+
+image:
+  name: <%= Tpt::Rails.app_name %>
+  repository: <%= Tpt::Rails.app_name %>
+  tag: latest
+  pullPolicy: Always
+
+environment:
+  ENVIRONMENT: staging
+  APP_ENV: production
+  RAILS_ENV: production
+
+postgresql:
+  enabled: false
+
+copy-secrets:
+  enabled: false
+
+redis:
+  enabled: false
+
+secrets:
+  - name: RAILS_MASTER_KEY
+    valueFrom:
+      secretKeyRef:
+        name: <%= Tpt::Rails.app_name %>-secrets
+        key: rails-master-key
+  - name: DATABASE_URL
+    valueFrom:
+      secretKeyRef:
+        name: <%= Tpt::Rails.app_name %>-secrets
+        # To set up a staging/prod DB:
+        # - Create the DB in the TpT terraform repo
+        # - Use the root DB account to create an application DB user
+        # - Create a kube secret (e.g. prod-resource-catalog-db-url) with the DATABASE_URL
+        #   (including the application user credentials)
+        # - Update the key below to reference your secret
+        key: 'FIXME'
+
+autoscaler:
+  minimumPods: 2
+  maximumPods: 3
+  targetCPUUtilizationPercentage: 70
+
+rollingUpdate:
+  maxSurge: 25%
+
+# Create ELB
+# service:
+#   type: LoadBalancer

data/lib/generators/tpt_rails/kubernetes/templates/kubernetes/helm/values.yaml.tt

@@ -0,0 +1,171 @@
+# Values to be used elsewhere in the Helm configuration
+
+# Values in this file are the defaults. Override these values in other environments via
+# `values.<some environment>.yaml` files.
+name: <%= Tpt::Rails.app_name %>
+# ODEs use "integration" as the deploy_env
+deploy_env: integration
+
+# There are added to Kubernetes in various ways as labels/etc
+annotations:
+  owner: <%= config.fetch(:team_name) %>
+
+# Docker image configuration for the pod
+image:
+  name: <%= Tpt::Rails.app_name %>
+  repository: <%= Tpt::Rails.app_name %>
+  tag: latest # most recently pushed
+  pullPolicy: Always # always pull, don't use a cached version
+
+# Used by a Helm hook that runs migration
+migrateCommand: 'bin/rails db:prepare'
+
+# Container count
+replicas: 1
+
+revisionHistoryLimit: 5
+
+# CI changes this before deploying
+buildID: 1
+
+imagePullSecrets:
+  name: "tptreadonly-docker"
+
+# Deployment params
+rollingUpdate:
+  maxUnavailable: 25% # X% of pods are allowed to be offline at once as we deploy
+  maxSurge: 0 # Setting this above 0 will allow having extra pods online during deploy
+
+mysql:
+  enabled: true
+  podAnnotations:
+    # istio is a service mesh. the istio sidecar interferes with how other pods connect to the MySQL
+    # pod.
+    sidecar.istio.io/inject: "false"
+  # mysqlRootPassword is only used in this file and is only for ODEs
+  mysqlRootPassword: "123456"
+  persistence:
+    enabled: false
+
+redis:
+  enabled: false
+  # usePassword: false
+  # cluster:
+  #   enabled: false
+  # persistence:
+  #   enabled: true
+  #   size: 10Gi
+
+## Configure the service
+## ref: http://kubernetes.io/docs/user-guide/services/
+service:
+  ## Specify a service type
+  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services---service-types
+  type: ClusterIP
+  port: 80
+
+## Configure resource requests and limits
+## ref: http://kubernetes.io/docs/user-guide/compute-resources/
+##
+resources:
+  # requests is guaranteed. kubernetes will only put your pod on a node where it can guarantee these
+  # amounts.
+  requests:
+    memory: 256Mi
+    cpu: 200m
+  # limits is when your pod gets killed for using too many resources
+  limits:
+    memory: 512Mi
+    cpu: 1
+
+app:
+  # this configures your service to be available at <%= Tpt::Rails.app_name %>.<ingress_dns_name>
+  ingress_dns_name: "ode.tptpm.info"
+
+#
+# Environment variables for the <%= Tpt::Rails.app_name %> service
+#
+# These values are used in templates/_env.yaml, with some of them (e.g. `valueFrom`, or any `{{…}}`
+# templates) getting converted into other values.
+# See also templates/_env.yaml for additional environment variables.
+environment:
+  APP_PORT: '3000'
+  APP_NAME: <%= Tpt::Rails.app_name %>
+  APP_ENV: integration
+  DD_TRACE_DEBUG: '1'
+  # DATABASE_URL is only used in ODEs
+  DATABASE_URL: 'mysql2://root:{{ .Values.mysql.mysqlRootPassword }}@{{ template "<%= Tpt::Rails.app_name %>.fullname" . }}-mysql:3306/<%= Tpt::Rails.app_name %>_production'
+  RAILS_ENV: 'production'
+  RAILS_LOG_TO_STDOUT: '1'
+  RAILS_SERVE_STATIC_FILES: '1'
+  CLUSTER_SELECTOR: 'app={{ template "<%= Tpt::Rails.app_name %>.fullname" . }}'
+  APP_ENV_NAME: |-
+    valueFrom:
+      fieldRef:
+        fieldPath: metadata.namespace
+  KUBE_POD: |-
+    valueFrom:
+      fieldRef:
+        fieldPath: metadata.name
+  KUBE_NODE: |-
+    valueFrom:
+      fieldRef:
+        fieldPath: spec.nodeName
+  KUBE_POD_IP: |-
+    valueFrom:
+      fieldRef:
+        fieldPath: status.podIP
+  DATADOG_TRACE_HOST: |-
+    valueFrom:
+      fieldRef:
+        fieldPath: status.hostIP
+  DATADOG_TRACE_PORT: "8126"
+  DATADOG_TRACE_URL: "datadog://$(DATADOG_TRACE_HOST):$(DATADOG_TRACE_PORT)"
+  DOGSTATSD_HOST: |-
+    valueFrom:
+      fieldRef:
+        fieldPath: status.hostIP
+  DOGSTATSD_PORT: "8125"
+  DOGSTATSD_URL: "statsd://$(DOGSTATSD_HOST):$(DOGSTATSD_PORT)"
+
+copy-secrets:
+  enabled: true
+  secrets:
+    - <%= config.fetch(:secrets_name) %>
+
+secrets:
+  - name: RAILS_MASTER_KEY
+    valueFrom:
+      secretKeyRef:
+        name: <%= config.fetch(:secrets_name) %>
+        key: rails-master-key
+
+# liveness: Whether the pod is up.
+# After `initialDelaySeconds` if this is failing Kube will crash+restart the pod.
+livenessProbe:
+  initialDelaySeconds: 120
+  timeoutSeconds: 2
+  periodSeconds: 15
+  failureThreshold: 3
+  successThreshold: 1
+
+# readiness: Whether the pod is ready to receive traffic.
+# If this fails Kube will take the pod out of rotation until the pod becomes ready again.
+readinessProbe:
+  initialDelaySeconds: 5
+  timeoutSeconds: 2
+  periodSeconds: 15 # time between failures
+  failureThreshold: 3 # fails required before probe counts as failed
+  successThreshold: 1 # successes required to mark the probe as ready again
+
+# tests:
+#   apiFunctional:
+#     postman:
+#       collection: 5817358-93d711ed-3181-480d-bba5-ab68b0a29eae
+#       environment: 5817358-dccd7905-050c-4d93-a9bf-743eae208f46
+#       folder: Working
+
+autoscaler:
+  minimumPods: 1
+  maximumPods: 1
+  targetCPUUtilizationPercentage: 70 # no effect if minimumPods == maximumPods