@bluedynamics/cdk8s-plone 0.1.10 → 0.1.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/.claude/claude.md +39 -0
  2. package/.claude/settings.local.json +31 -0
  3. package/.jsii +4 -4
  4. package/README.md +15 -2
  5. package/documentation/sources/how-to/deploy-classic-ui.md +322 -0
  6. package/documentation/sources/how-to/deploy-production-volto.md +319 -0
  7. package/documentation/sources/how-to/index.md +13 -0
  8. package/documentation/sources/reference/api/index.md +29 -0
  9. package/examples/classic-ui/.env.example +19 -0
  10. package/examples/classic-ui/README.md +343 -0
  11. package/examples/classic-ui/__snapshots__/main.test.ts.snap +1242 -0
  12. package/examples/classic-ui/cdk8s.yaml +6 -0
  13. package/examples/classic-ui/config/varnish.tpl.vcl +217 -0
  14. package/examples/classic-ui/ingress.ts +217 -0
  15. package/examples/classic-ui/jest.config.js +11 -0
  16. package/examples/classic-ui/main.test.ts +11 -0
  17. package/examples/classic-ui/main.ts +100 -0
  18. package/examples/classic-ui/package-lock.json +5719 -0
  19. package/examples/classic-ui/package.json +36 -0
  20. package/examples/classic-ui/postgres.bitnami.ts +49 -0
  21. package/examples/classic-ui/postgres.cloudnativepg.ts +63 -0
  22. package/examples/production-volto/.env.example +20 -0
  23. package/examples/production-volto/README.md +295 -0
  24. package/examples/production-volto/__snapshots__/main.test.ts.snap +1412 -0
  25. package/examples/production-volto/cdk8s.yaml +6 -0
  26. package/examples/production-volto/config/varnish.tpl.vcl +297 -0
  27. package/examples/production-volto/ingress.ts +229 -0
  28. package/examples/production-volto/jest.config.js +11 -0
  29. package/examples/production-volto/main.test.ts +11 -0
  30. package/examples/production-volto/main.ts +104 -0
  31. package/examples/production-volto/package-lock.json +5714 -0
  32. package/examples/production-volto/package.json +36 -0
  33. package/examples/production-volto/postgres.bitnami.ts +49 -0
  34. package/examples/production-volto/postgres.cloudnativepg.ts +63 -0
  35. package/lib/httpcache.js +1 -1
  36. package/lib/plone.js +1 -1
  37. package/package.json +3 -3
package/examples/production-volto/__snapshots__/main.test.ts.snap ADDED
@@ -0,0 +1,1412 @@
1
+ // Jest Snapshot v1, https://goo.gl/fbAQLP
2
+
3
+ exports[`Production Volto Example Synthesizes correctly 1`] = `
4
+ [
5
+ {
6
+ "apiVersion": "networking.k8s.io/v1",
7
+ "kind": "NetworkPolicy",
8
+ "metadata": {
9
+ "labels": {
10
+ "app.kubernetes.io/component": "primary",
11
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
12
+ "app.kubernetes.io/managed-by": "Helm",
13
+ "app.kubernetes.io/name": "postgresql",
14
+ "app.kubernetes.io/part-of": "plone",
15
+ "app.kubernetes.io/version": "18.1.0",
16
+ "helm.sh/chart": "postgresql-18.1.10",
17
+ },
18
+ "name": "test-chart-db-c80fdf3b-postgresql",
19
+ "namespace": "plone",
20
+ },
21
+ "spec": {
22
+ "egress": [
23
+ {},
24
+ ],
25
+ "ingress": [
26
+ {
27
+ "ports": [
28
+ {
29
+ "port": 5432,
30
+ },
31
+ ],
32
+ },
33
+ ],
34
+ "podSelector": {
35
+ "matchLabels": {
36
+ "app.kubernetes.io/component": "primary",
37
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
38
+ "app.kubernetes.io/name": "postgresql",
39
+ },
40
+ },
41
+ "policyTypes": [
42
+ "Ingress",
43
+ "Egress",
44
+ ],
45
+ },
46
+ },
47
+ {
48
+ "apiVersion": "policy/v1",
49
+ "kind": "PodDisruptionBudget",
50
+ "metadata": {
51
+ "labels": {
52
+ "app.kubernetes.io/component": "primary",
53
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
54
+ "app.kubernetes.io/managed-by": "Helm",
55
+ "app.kubernetes.io/name": "postgresql",
56
+ "app.kubernetes.io/part-of": "plone",
57
+ "app.kubernetes.io/version": "18.1.0",
58
+ "helm.sh/chart": "postgresql-18.1.10",
59
+ },
60
+ "name": "test-chart-db-c80fdf3b-postgresql",
61
+ "namespace": "plone",
62
+ },
63
+ "spec": {
64
+ "maxUnavailable": 1,
65
+ "selector": {
66
+ "matchLabels": {
67
+ "app.kubernetes.io/component": "primary",
68
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
69
+ "app.kubernetes.io/name": "postgresql",
70
+ },
71
+ },
72
+ },
73
+ },
74
+ {
75
+ "apiVersion": "v1",
76
+ "automountServiceAccountToken": false,
77
+ "kind": "ServiceAccount",
78
+ "metadata": {
79
+ "labels": {
80
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
81
+ "app.kubernetes.io/managed-by": "Helm",
82
+ "app.kubernetes.io/name": "postgresql",
83
+ "app.kubernetes.io/part-of": "plone",
84
+ "app.kubernetes.io/version": "18.1.0",
85
+ "helm.sh/chart": "postgresql-18.1.10",
86
+ },
87
+ "name": "test-chart-db-c80fdf3b-postgresql",
88
+ "namespace": "plone",
89
+ },
90
+ },
91
+ {
92
+ "apiVersion": "v1",
93
+ "data": {
94
+ "password": "YWRtaW5AcGxvbmU=",
95
+ "postgres-password": "MVpZcjN6Mmg3OA==",
96
+ },
97
+ "kind": "Secret",
98
+ "metadata": {
99
+ "labels": {
100
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
101
+ "app.kubernetes.io/managed-by": "Helm",
102
+ "app.kubernetes.io/name": "postgresql",
103
+ "app.kubernetes.io/part-of": "plone",
104
+ "app.kubernetes.io/version": "18.1.0",
105
+ "helm.sh/chart": "postgresql-18.1.10",
106
+ },
107
+ "name": "test-chart-db-c80fdf3b-postgresql",
108
+ "namespace": "plone",
109
+ },
110
+ "type": "Opaque",
111
+ },
112
+ {
113
+ "apiVersion": "v1",
114
+ "kind": "Service",
115
+ "metadata": {
116
+ "labels": {
117
+ "app.kubernetes.io/component": "primary",
118
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
119
+ "app.kubernetes.io/managed-by": "Helm",
120
+ "app.kubernetes.io/name": "postgresql",
121
+ "app.kubernetes.io/part-of": "plone",
122
+ "app.kubernetes.io/version": "18.1.0",
123
+ "helm.sh/chart": "postgresql-18.1.10",
124
+ },
125
+ "name": "test-chart-db-c80fdf3b-postgresql-hl",
126
+ "namespace": "plone",
127
+ },
128
+ "spec": {
129
+ "clusterIP": "None",
130
+ "ports": [
131
+ {
132
+ "name": "tcp-postgresql",
133
+ "port": 5432,
134
+ "targetPort": "tcp-postgresql",
135
+ },
136
+ ],
137
+ "publishNotReadyAddresses": true,
138
+ "selector": {
139
+ "app.kubernetes.io/component": "primary",
140
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
141
+ "app.kubernetes.io/name": "postgresql",
142
+ },
143
+ "type": "ClusterIP",
144
+ },
145
+ },
146
+ {
147
+ "apiVersion": "v1",
148
+ "kind": "Service",
149
+ "metadata": {
150
+ "labels": {
151
+ "app.kubernetes.io/component": "primary",
152
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
153
+ "app.kubernetes.io/managed-by": "Helm",
154
+ "app.kubernetes.io/name": "postgresql",
155
+ "app.kubernetes.io/part-of": "plone",
156
+ "app.kubernetes.io/version": "18.1.0",
157
+ "helm.sh/chart": "postgresql-18.1.10",
158
+ },
159
+ "name": "test-chart-db-c80fdf3b-postgresql",
160
+ "namespace": "plone",
161
+ },
162
+ "spec": {
163
+ "ports": [
164
+ {
165
+ "name": "tcp-postgresql",
166
+ "port": 5432,
167
+ "targetPort": "tcp-postgresql",
168
+ },
169
+ ],
170
+ "selector": {
171
+ "app.kubernetes.io/component": "primary",
172
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
173
+ "app.kubernetes.io/name": "postgresql",
174
+ },
175
+ "type": "ClusterIP",
176
+ },
177
+ },
178
+ {
179
+ "apiVersion": "apps/v1",
180
+ "kind": "StatefulSet",
181
+ "metadata": {
182
+ "labels": {
183
+ "app.kubernetes.io/component": "primary",
184
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
185
+ "app.kubernetes.io/managed-by": "Helm",
186
+ "app.kubernetes.io/name": "postgresql",
187
+ "app.kubernetes.io/part-of": "plone",
188
+ "app.kubernetes.io/version": "18.1.0",
189
+ "helm.sh/chart": "postgresql-18.1.10",
190
+ },
191
+ "name": "test-chart-db-c80fdf3b-postgresql",
192
+ "namespace": "plone",
193
+ },
194
+ "spec": {
195
+ "replicas": 1,
196
+ "selector": {
197
+ "matchLabels": {
198
+ "app.kubernetes.io/component": "primary",
199
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
200
+ "app.kubernetes.io/name": "postgresql",
201
+ },
202
+ },
203
+ "serviceName": "test-chart-db-c80fdf3b-postgresql-hl",
204
+ "template": {
205
+ "metadata": {
206
+ "labels": {
207
+ "app.kubernetes.io/component": "primary",
208
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
209
+ "app.kubernetes.io/managed-by": "Helm",
210
+ "app.kubernetes.io/name": "postgresql",
211
+ "app.kubernetes.io/part-of": "plone",
212
+ "app.kubernetes.io/version": "18.1.0",
213
+ "helm.sh/chart": "postgresql-18.1.10",
214
+ },
215
+ "name": "test-chart-db-c80fdf3b-postgresql",
216
+ },
217
+ "spec": {
218
+ "affinity": {
219
+ "podAntiAffinity": {
220
+ "preferredDuringSchedulingIgnoredDuringExecution": [
221
+ {
222
+ "podAffinityTerm": {
223
+ "labelSelector": {
224
+ "matchLabels": {
225
+ "app.kubernetes.io/component": "primary",
226
+ "app.kubernetes.io/instance": "test-chart-db-c80fdf3b",
227
+ "app.kubernetes.io/name": "postgresql",
228
+ },
229
+ },
230
+ "topologyKey": "kubernetes.io/hostname",
231
+ },
232
+ "weight": 1,
233
+ },
234
+ ],
235
+ },
236
+ },
237
+ "automountServiceAccountToken": false,
238
+ "containers": [
239
+ {
240
+ "env": [
241
+ {
242
+ "name": "BITNAMI_DEBUG",
243
+ "value": "false",
244
+ },
245
+ {
246
+ "name": "POSTGRESQL_PORT_NUMBER",
247
+ "value": "5432",
248
+ },
249
+ {
250
+ "name": "POSTGRESQL_VOLUME_DIR",
251
+ "value": "/bitnami/postgresql",
252
+ },
253
+ {
254
+ "name": "OPENSSL_FIPS",
255
+ "value": "yes",
256
+ },
257
+ {
258
+ "name": "PGDATA",
259
+ "value": "/bitnami/postgresql/data",
260
+ },
261
+ {
262
+ "name": "POSTGRES_USER",
263
+ "value": "plone",
264
+ },
265
+ {
266
+ "name": "POSTGRES_PASSWORD_FILE",
267
+ "value": "/opt/bitnami/postgresql/secrets/password",
268
+ },
269
+ {
270
+ "name": "POSTGRES_POSTGRES_PASSWORD_FILE",
271
+ "value": "/opt/bitnami/postgresql/secrets/postgres-password",
272
+ },
273
+ {
274
+ "name": "POSTGRES_DATABASE",
275
+ "value": "plone",
276
+ },
277
+ {
278
+ "name": "POSTGRESQL_ENABLE_LDAP",
279
+ "value": "no",
280
+ },
281
+ {
282
+ "name": "POSTGRESQL_ENABLE_TLS",
283
+ "value": "no",
284
+ },
285
+ {
286
+ "name": "POSTGRESQL_LOG_HOSTNAME",
287
+ "value": "false",
288
+ },
289
+ {
290
+ "name": "POSTGRESQL_LOG_CONNECTIONS",
291
+ "value": "false",
292
+ },
293
+ {
294
+ "name": "POSTGRESQL_LOG_DISCONNECTIONS",
295
+ "value": "false",
296
+ },
297
+ {
298
+ "name": "POSTGRESQL_PGAUDIT_LOG_CATALOG",
299
+ "value": "off",
300
+ },
301
+ {
302
+ "name": "POSTGRESQL_CLIENT_MIN_MESSAGES",
303
+ "value": "error",
304
+ },
305
+ {
306
+ "name": "POSTGRESQL_SHARED_PRELOAD_LIBRARIES",
307
+ "value": "pgaudit",
308
+ },
309
+ ],
310
+ "image": "registry-1.docker.io/bitnami/postgresql:latest",
311
+ "imagePullPolicy": "IfNotPresent",
312
+ "livenessProbe": {
313
+ "exec": {
314
+ "command": [
315
+ "/bin/sh",
316
+ "-c",
317
+ "exec pg_isready -U "plone" -d "dbname=plone" -h 127.0.0.1 -p 5432",
318
+ ],
319
+ },
320
+ "failureThreshold": 6,
321
+ "initialDelaySeconds": 30,
322
+ "periodSeconds": 10,
323
+ "successThreshold": 1,
324
+ "timeoutSeconds": 5,
325
+ },
326
+ "name": "postgresql",
327
+ "ports": [
328
+ {
329
+ "containerPort": 5432,
330
+ "name": "tcp-postgresql",
331
+ },
332
+ ],
333
+ "readinessProbe": {
334
+ "exec": {
335
+ "command": [
336
+ "/bin/sh",
337
+ "-c",
338
+ "-e",
339
+ "exec pg_isready -U "plone" -d "dbname=plone" -h 127.0.0.1 -p 5432
340
+ [ -f /opt/bitnami/postgresql/tmp/.initialized ] || [ -f /bitnami/postgresql/.initialized ]
341
+ ",
342
+ ],
343
+ },
344
+ "failureThreshold": 6,
345
+ "initialDelaySeconds": 5,
346
+ "periodSeconds": 10,
347
+ "successThreshold": 1,
348
+ "timeoutSeconds": 5,
349
+ },
350
+ "resources": {
351
+ "limits": {
352
+ "cpu": "150m",
353
+ "ephemeral-storage": "2Gi",
354
+ "memory": "192Mi",
355
+ },
356
+ "requests": {
357
+ "cpu": "100m",
358
+ "ephemeral-storage": "50Mi",
359
+ "memory": "128Mi",
360
+ },
361
+ },
362
+ "securityContext": {
363
+ "allowPrivilegeEscalation": false,
364
+ "capabilities": {
365
+ "drop": [
366
+ "ALL",
367
+ ],
368
+ },
369
+ "privileged": false,
370
+ "readOnlyRootFilesystem": true,
371
+ "runAsGroup": 1001,
372
+ "runAsNonRoot": true,
373
+ "runAsUser": 1001,
374
+ "seLinuxOptions": {},
375
+ "seccompProfile": {
376
+ "type": "RuntimeDefault",
377
+ },
378
+ },
379
+ "volumeMounts": [
380
+ {
381
+ "mountPath": "/tmp",
382
+ "name": "empty-dir",
383
+ "subPath": "tmp-dir",
384
+ },
385
+ {
386
+ "mountPath": "/opt/bitnami/postgresql/conf",
387
+ "name": "empty-dir",
388
+ "subPath": "app-conf-dir",
389
+ },
390
+ {
391
+ "mountPath": "/opt/bitnami/postgresql/tmp",
392
+ "name": "empty-dir",
393
+ "subPath": "app-tmp-dir",
394
+ },
395
+ {
396
+ "mountPath": "/opt/bitnami/postgresql/secrets/",
397
+ "name": "postgresql-password",
398
+ },
399
+ {
400
+ "mountPath": "/dev/shm",
401
+ "name": "dshm",
402
+ },
403
+ {
404
+ "mountPath": "/bitnami/postgresql",
405
+ "name": "data",
406
+ },
407
+ ],
408
+ },
409
+ ],
410
+ "hostIPC": false,
411
+ "hostNetwork": false,
412
+ "securityContext": {
413
+ "fsGroup": 1001,
414
+ "fsGroupChangePolicy": "Always",
415
+ "supplementalGroups": [],
416
+ "sysctls": [],
417
+ },
418
+ "serviceAccountName": "test-chart-db-c80fdf3b-postgresql",
419
+ "volumes": [
420
+ {
421
+ "emptyDir": {},
422
+ "name": "empty-dir",
423
+ },
424
+ {
425
+ "name": "postgresql-password",
426
+ "secret": {
427
+ "secretName": "test-chart-db-c80fdf3b-postgresql",
428
+ },
429
+ },
430
+ {
431
+ "emptyDir": {
432
+ "medium": "Memory",
433
+ },
434
+ "name": "dshm",
435
+ },
436
+ ],
437
+ },
438
+ },
439
+ "updateStrategy": {
440
+ "rollingUpdate": {},
441
+ "type": "RollingUpdate",
442
+ },
443
+ "volumeClaimTemplates": [
444
+ {
445
+ "apiVersion": "v1",
446
+ "kind": "PersistentVolumeClaim",
447
+ "metadata": {
448
+ "name": "data",
449
+ },
450
+ "spec": {
451
+ "accessModes": [
452
+ "ReadWriteOnce",
453
+ ],
454
+ "resources": {
455
+ "requests": {
456
+ "storage": "8Gi",
457
+ },
458
+ },
459
+ },
460
+ },
461
+ ],
462
+ },
463
+ },
464
+ {
465
+ "apiVersion": "apps/v1",
466
+ "kind": "Deployment",
467
+ "metadata": {
468
+ "labels": {
469
+ "app.kubernetes.io/component": "backend",
470
+ "app.kubernetes.io/name": "plone-backend-deployment",
471
+ },
472
+ "name": "test-chart-plone-backend-deployment-c8a3055e",
473
+ },
474
+ "spec": {
475
+ "replicas": 2,
476
+ "selector": {
477
+ "matchLabels": {
478
+ "app": "test-chart-plone-backend-c8848738",
479
+ },
480
+ },
481
+ "template": {
482
+ "metadata": {
483
+ "labels": {
484
+ "app": "test-chart-plone-backend-c8848738",
485
+ "app.kubernetes.io/component": "backend",
486
+ "app.kubernetes.io/managed-by": "cdk8s-plone",
487
+ "app.kubernetes.io/name": "plone-backend",
488
+ "app.kubernetes.io/part-of": "plone",
489
+ "app.kubernetes.io/version": "test.version",
490
+ },
491
+ },
492
+ "spec": {
493
+ "containers": [
494
+ {
495
+ "env": [
496
+ {
497
+ "name": "SECRET_POSTGRESQL_USERNAME",
498
+ "value": "plone",
499
+ },
500
+ {
501
+ "name": "SECRET_POSTGRESQL_PASSWORD",
502
+ "valueFrom": {
503
+ "secretKeyRef": {
504
+ "key": "password",
505
+ "name": "test-chart-db-c80fdf3b-postgresql",
506
+ },
507
+ },
508
+ },
509
+ {
510
+ "name": "INSTANCE_db_storage",
511
+ "value": "relstorage",
512
+ },
513
+ {
514
+ "name": "INSTANCE_db_blob_mode",
515
+ "value": "cache",
516
+ },
517
+ {
518
+ "name": "INSTANCE_db_cache_size",
519
+ "value": "5000",
520
+ },
521
+ {
522
+ "name": "INSTANCE_db_cache_size_bytes",
523
+ "value": "1500MB",
524
+ },
525
+ {
526
+ "name": "INSTANCE_db_relstorage",
527
+ "value": "postgresql",
528
+ },
529
+ {
530
+ "name": "INSTANCE_db_relstorage_postgresql_dsn",
531
+ "value": "host='test-chart-db-c80fdf3b-postgresql' dbname='plone' user='$(SECRET_POSTGRESQL_USERNAME)' password='$(SECRET_POSTGRESQL_PASSWORD)'",
532
+ },
533
+ {
534
+ "name": "INSTANCE_db_relstorage_cache_local_mb",
535
+ "value": "800",
536
+ },
537
+ ],
538
+ "envFrom": [],
539
+ "image": "plone/plone-backend:6.1.3",
540
+ "imagePullPolicy": "IfNotPresent",
541
+ "name": "backend-container",
542
+ "readinessProbe": {
543
+ "failureThreshold": 3,
544
+ "httpGet": {
545
+ "path": "/",
546
+ "port": 8080,
547
+ },
548
+ "initialDelaySeconds": 10,
549
+ "periodSeconds": 10,
550
+ "successThreshold": 1,
551
+ "timeoutSeconds": 15,
552
+ },
553
+ "resources": {
554
+ "limits": {
555
+ "cpu": "500m",
556
+ "memory": "512Mi",
557
+ },
558
+ "requests": {
559
+ "cpu": "200m",
560
+ "memory": "256Mi",
561
+ },
562
+ },
563
+ },
564
+ ],
565
+ "imagePullSecrets": [],
566
+ },
567
+ },
568
+ },
569
+ },
570
+ {
571
+ "apiVersion": "policy/v1",
572
+ "kind": "PodDisruptionBudget",
573
+ "metadata": {
574
+ "labels": {
575
+ "app.kubernetes.io/managed-by": "cdk8s-plone",
576
+ "app.kubernetes.io/part-of": "plone",
577
+ },
578
+ "name": "test-chart-plone-backend-pdb-c8a5ffa9",
579
+ },
580
+ "spec": {
581
+ "minAvailable": 1,
582
+ "selector": {
583
+ "matchLabels": {
584
+ "app": "test-chart-plone-backend-c8848738",
585
+ },
586
+ },
587
+ },
588
+ },
589
+ {
590
+ "apiVersion": "v1",
591
+ "kind": "Service",
592
+ "metadata": {
593
+ "labels": {
594
+ "app.kubernetes.io/component": "service",
595
+ "app.kubernetes.io/managed-by": "cdk8s-plone",
596
+ "app.kubernetes.io/name": "plone-backend-service",
597
+ "app.kubernetes.io/part-of": "plone",
598
+ },
599
+ "name": "test-chart-plone-backend-service-c81ad65d",
600
+ },
601
+ "spec": {
602
+ "ports": [
603
+ {
604
+ "name": "backend-http",
605
+ "port": 8080,
606
+ "targetPort": 8080,
607
+ },
608
+ ],
609
+ "selector": {
610
+ "app": "test-chart-plone-backend-c8848738",
611
+ },
612
+ },
613
+ },
614
+ {
615
+ "apiVersion": "apps/v1",
616
+ "kind": "Deployment",
617
+ "metadata": {
618
+ "labels": {
619
+ "app.kubernetes.io/component": "frontend",
620
+ "app.kubernetes.io/name": "plone-frontend-deployment",
621
+ },
622
+ "name": "test-chart-plone-frontend-deployment-c83abfa4",
623
+ },
624
+ "spec": {
625
+ "replicas": 2,
626
+ "selector": {
627
+ "matchLabels": {
628
+ "app": "test-chart-plone-frontend-c8e96701",
629
+ },
630
+ },
631
+ "template": {
632
+ "metadata": {
633
+ "labels": {
634
+ "app": "test-chart-plone-frontend-c8e96701",
635
+ "app.kubernetes.io/component": "frontend",
636
+ "app.kubernetes.io/managed-by": "cdk8s-plone",
637
+ "app.kubernetes.io/name": "plone-frontend",
638
+ "app.kubernetes.io/part-of": "plone",
639
+ "app.kubernetes.io/version": "test.version",
640
+ },
641
+ },
642
+ "spec": {
643
+ "containers": [
644
+ {
645
+ "env": [
646
+ {
647
+ "name": "RAZZLE_INTERNAL_API_PATH",
648
+ "value": "http://test-chart-plone-backend-service-c81ad65d:8080/Plone",
649
+ },
650
+ ],
651
+ "envFrom": [],
652
+ "image": "plone/plone-frontend:latest",
653
+ "imagePullPolicy": "IfNotPresent",
654
+ "name": "frontend-container",
655
+ "resources": {
656
+ "limits": {
657
+ "cpu": "500m",
658
+ "memory": "1Gi",
659
+ },
660
+ "requests": {
661
+ "cpu": "200m",
662
+ "memory": "256Mi",
663
+ },
664
+ },
665
+ },
666
+ ],
667
+ "imagePullSecrets": [],
668
+ },
669
+ },
670
+ },
671
+ },
672
+ {
673
+ "apiVersion": "policy/v1",
674
+ "kind": "PodDisruptionBudget",
675
+ "metadata": {
676
+ "labels": {
677
+ "app.kubernetes.io/managed-by": "cdk8s-plone",
678
+ "app.kubernetes.io/part-of": "plone",
679
+ },
680
+ "name": "test-chart-plone-frontend-pdb-c8069ea0",
681
+ },
682
+ "spec": {
683
+ "minAvailable": 1,
684
+ "selector": {
685
+ "matchLabels": {
686
+ "app": "test-chart-plone-frontend-c8e96701",
687
+ },
688
+ },
689
+ },
690
+ },
691
+ {
692
+ "apiVersion": "v1",
693
+ "kind": "Service",
694
+ "metadata": {
695
+ "labels": {
696
+ "app.kubernetes.io/component": "service",
697
+ "app.kubernetes.io/managed-by": "cdk8s-plone",
698
+ "app.kubernetes.io/name": "plone-frontend-service",
699
+ "app.kubernetes.io/part-of": "plone",
700
+ },
701
+ "name": "test-chart-plone-frontend-service-c874cc1a",
702
+ },
703
+ "spec": {
704
+ "ports": [
705
+ {
706
+ "name": "frontend-http",
707
+ "port": 3000,
708
+ "targetPort": 3000,
709
+ },
710
+ ],
711
+ "selector": {
712
+ "app": "test-chart-plone-frontend-c8e96701",
713
+ },
714
+ },
715
+ },
716
+ {
717
+ "apiVersion": "policy/v1",
718
+ "kind": "PodDisruptionBudget",
719
+ "metadata": {
720
+ "labels": {
721
+ "app.kubernetes.io/instance": "test-chart-httpcache-c89dd29d",
722
+ "app.kubernetes.io/managed-by": "Helm",
723
+ "app.kubernetes.io/name": "kube-httpcache",
724
+ "app.kubernetes.io/version": "v0.9.1",
725
+ "helm.sh/chart": "kube-httpcache-0.9.1",
726
+ },
727
+ "name": "test-chart-httpcache-c89dd29d-kube-httpcache",
728
+ },
729
+ "spec": {
730
+ "maxUnavailable": 1,
731
+ "selector": {
732
+ "matchLabels": {
733
+ "app.kubernetes.io/instance": "test-chart-httpcache-c89dd29d",
734
+ "app.kubernetes.io/name": "kube-httpcache",
735
+ },
736
+ },
737
+ },
738
+ },
739
+ {
740
+ "apiVersion": "v1",
741
+ "kind": "ServiceAccount",
742
+ "metadata": {
743
+ "labels": {
744
+ "app.kubernetes.io/instance": "test-chart-httpcache-c89dd29d",
745
+ "app.kubernetes.io/managed-by": "Helm",
746
+ "app.kubernetes.io/name": "kube-httpcache",
747
+ "app.kubernetes.io/version": "v0.9.1",
748
+ "helm.sh/chart": "kube-httpcache-0.9.1",
749
+ },
750
+ "name": "test-chart-httpcache-c89dd29d-kube-httpcache",
751
+ },
752
+ },
753
+ {
754
+ "apiVersion": "v1",
755
+ "data": {
756
+ "secret": "T0JuOUVNTGhreHlUNEFPa2s1azZ6a2pEd2NlOWxyeHo=",
757
+ },
758
+ "kind": "Secret",
759
+ "metadata": {
760
+ "labels": {
761
+ "app.kubernetes.io/instance": "test-chart-httpcache-c89dd29d",
762
+ "app.kubernetes.io/managed-by": "Helm",
763
+ "app.kubernetes.io/name": "kube-httpcache",
764
+ "app.kubernetes.io/version": "v0.9.1",
765
+ "helm.sh/chart": "kube-httpcache-0.9.1",
766
+ },
767
+ "name": "test-chart-httpcache-c89dd29d-kube-httpcache",
768
+ },
769
+ "type": "Opaque",
770
+ },
771
+ {
772
+ "apiVersion": "v1",
773
+ "data": {
774
+ "default.vcl.tmpl": "vcl 4.0;
775
+
776
+ import std;
777
+ import directors;
778
+
779
+ probe ploneBackendProbe {
780
+ .url = "/ok";
781
+ .timeout = 5s;
782
+ .interval = 15s;
783
+ .window = 10;
784
+ .threshold = 8;
785
+ # .initial = 3;
786
+ }
787
+ backend ploneBackend {
788
+ .host = "{{ .Env.BACKEND_SERVICE_NAME }}";
789
+ .port = "{{ .Env.BACKEND_SERVICE_PORT }}";
790
+ .probe = ploneBackendProbe;
791
+ .connect_timeout = 0.5s;
792
+ .first_byte_timeout = 120s;
793
+ .between_bytes_timeout = 60s;
794
+ }
795
+
796
+ probe ploneFrontendProbe {
797
+ .url = "/ok";
798
+ .timeout = 5s;
799
+ .interval = 15s;
800
+ .window = 10;
801
+ .threshold = 8;
802
+ # .initial = 3;
803
+ }
804
+ backend ploneFrontend {
805
+ .host = "{{ .Env.FRONTEND_SERVICE_NAME }}";
806
+ .port = "{{ .Env.FRONTEND_SERVICE_PORT }}";
807
+ .probe = ploneFrontendProbe;
808
+ .connect_timeout = 0.5s;
809
+ .first_byte_timeout = 120s;
810
+ .between_bytes_timeout = 60s;
811
+ }
812
+
813
+ /* Only allow PURGE from kubernetes network */
814
+ acl purge {
815
+ "10.0.0.0/8";
816
+ }
817
+
818
+ sub detect_debug{
819
+ # Requests with X-Varnish-Debug will display additional
820
+ # information about requests
821
+ unset req.http.x-vcl-debug;
822
+ # Should be changed after switch to live
823
+ #if (req.http.x-varnish-debug) {
824
+ # set req.http.x-vcl-debug = false;
825
+ #}
826
+ set req.http.x-vcl-debug = true;
827
+ }
828
+
829
+ sub detect_auth{
830
+ unset req.http.x-auth;
831
+ if (
832
+ (req.http.Cookie && (
833
+ req.http.Cookie ~ "__ac(_(name|password|persistent))?=" || req.http.Cookie ~ "_ZopeId" || req.http.Cookie ~ "auth_token")) ||
834
+ (req.http.Authenticate) ||
835
+ (req.http.Authorization)
836
+ ) {
837
+ set req.http.x-auth = true;
838
+ }
839
+ }
840
+
841
+ sub detect_requesttype{
842
+ unset req.http.x-varnish-reqtype;
843
+ set req.http.x-varnish-reqtype = "Default";
844
+ if (req.http.x-auth){
845
+ set req.http.x-varnish-reqtype = "auth";
846
+ } elseif (req.url ~ "\\/@@(images|download|)\\/?(.*)?$"){
847
+ set req.http.x-varnish-reqtype = "blob";
848
+ } elseif (req.url ~ "\\/\\+\\+api\\+\\+/?(.*)?$") {
849
+ set req.http.x-varnish-reqtype = "api";
850
+ } else {
851
+ set req.http.x-varnish-reqtype = "express";
852
+ }
853
+ }
854
+
855
+ sub process_redirects{
856
+ if (req.http.x-redirect-to) {
857
+ return (synth(301, req.http.x-redirect-to));
858
+ }
859
+ }
860
+
861
+ sub vcl_init {
862
+ new lbPloneBackend = directors.round_robin();
863
+ lbPloneBackend.add_backend(ploneBackend);
864
+
865
+ new lbPloneFrontend = directors.round_robin();
866
+ lbPloneFrontend.add_backend(ploneFrontend);
867
+ }
868
+
869
+ sub vcl_recv {
870
+ # Annotate request with x-vcl-debug
871
+ call detect_debug;
872
+
873
+ # Annotate request with x-auth indicating if request is authenticated or not
874
+ call detect_auth;
875
+
876
+ # Annotate request with x-varnish-reqtype with a classification for the request
877
+ call detect_requesttype;
878
+
879
+ # Process redirects
880
+ call process_redirects;
881
+
882
+ # Routing: set the current Varnish backend to the matching Plone backend
883
+ # Attention:
884
+ # Confusing wording, we have two possible Varnish backends: the Plone frontend and the Plone backend *sigh*
885
+ if ((req.url ~ "^/\\+\\+api\\+\\+") || (req.http.x-varnish-reqtype ~ "blob")) {
886
+ set req.http.x-vcl-plone = "Backend";
887
+ set req.backend_hint = lbPloneBackend.backend();
888
+ # here we need a rewrite to add the virtualhost part of the URL for the Plone Backend
889
+ set req.http.x-vcl-proto = "http";
890
+ if (req.http.X-Forwarded-Proto) {
891
+ set req.http.x-vcl-proto = req.http.X-Forwarded-Proto;
892
+ }
893
+ set req.url = "/VirtualHostBase/" + req.http.x-vcl-proto + "/" + req.http.host + "/Plone/VirtualHostRoot" + req.url;
894
+ } else {
895
+ set req.http.x-vcl-plone = "Frontend";
896
+ set req.backend_hint = lbPloneFrontend.backend();
897
+ }
898
+
899
+ # short cut authenticated requests to pass
900
+ if (req.http.x-auth) {
901
+ return(pass);
902
+ }
903
+
904
+ # Sanitize cookies so they do not needlessly destroy cacheability for anonymous pages
905
+ if (req.http.Cookie) {
906
+ set req.http.Cookie = ";" + req.http.Cookie;
907
+ set req.http.Cookie = regsuball(req.http.Cookie, "; +", ";");
908
+ set req.http.Cookie = regsuball(req.http.Cookie, ";(sticky|I18N_LANGUAGE|statusmessages|__ac|_ZopeId|__cp|beaker\\.session|authomatic|serverid|__rf|auth_token)=", "; \\1=");
909
+ set req.http.Cookie = regsuball(req.http.Cookie, ";[^ ][^;]*", "");
910
+ set req.http.Cookie = regsuball(req.http.Cookie, "^[; ]+|[; ]+$", "");
911
+
912
+ if (req.http.Cookie == "") {
913
+ unset req.http.Cookie;
914
+ }
915
+ }
916
+
917
+ # Handle the different request types
918
+ if (req.method == "PURGE") {
919
+ if (!client.ip ~ purge) {
920
+ return (synth(405, "Not allowed."));
921
+ } else {
922
+ ban("req.url == " + req.url);
923
+ return (synth(200, "Purged."));
924
+ }
925
+
926
+ } elseif (req.method == "BAN") {
927
+ # Same ACL check as above:
928
+ if (!client.ip ~ purge) {
929
+ return (synth(405, "Not allowed."));
930
+ }
931
+ ban("req.http.host == " + req.http.host + "&& req.url == " + req.url);
932
+ # Throw a synthetic page so the
933
+ # request won't go to the backend.
934
+ return (synth(200, "Ban added"));
935
+
936
+ } elseif (req.method != "GET" &&
937
+ req.method != "HEAD" &&
938
+ req.method != "PUT" &&
939
+ req.method != "POST" &&
940
+ req.method != "PATCH" &&
941
+ req.method != "TRACE" &&
942
+ req.method != "OPTIONS" &&
943
+ req.method != "DELETE") {
944
+ /* Non-RFC2616 or CONNECT which is weird. */
945
+ return (pipe);
946
+ } elseif (req.method != "GET" &&
947
+ req.method != "HEAD" &&
948
+ req.method != "OPTIONS") {
949
+ /* POST, PUT, PATCH will pass, always */
950
+ return(pass);
951
+ }
952
+
953
+ return(hash);
954
+ }
955
+
956
+ sub vcl_pipe {
957
+ /* This is not necessary if you do not do any request rewriting. */
958
+ set req.http.connection = "close";
959
+ }
960
+
961
+ sub vcl_purge {
962
+ return (synth(200, "PURGE: " + req.url + " - " + req.hash));
963
+ }
964
+
965
+ sub vcl_synth {
966
+ if (resp.status == 301) {
967
+ set resp.http.location = resp.reason;
968
+ set resp.reason = "Moved";
969
+ return (deliver);
970
+ }
971
+ }
972
+
973
+ sub vcl_hit {
974
+ if (obj.ttl >= 0s) {
975
+ // A pure unadulterated hit, deliver it
976
+ return (deliver);
977
+ } elsif (obj.ttl + obj.grace > 0s) {
978
+ // Object is in grace, deliver it
979
+ // Automatically triggers a background fetch
980
+ return (deliver);
981
+ } else {
982
+ return (restart);
983
+ }
984
+ }
985
+
986
+
987
+ sub vcl_backend_response {
988
+ # Annotate request with info about the backend used
989
+ set beresp.http.x-varnish-plone-part = bereq.http.x-vcl-plone;
990
+ # set beresp.http.x-varnish-plone-proto = bereq.http.x-vcl-proto;
991
+ # set beresp.http.x-varnish-plone-host = bereq.http.x-vcl-host;
992
+ # Don't allow static files to set cookies.
993
+ # (?i) denotes case insensitive in PCRE (perl compatible regular expressions).
994
+ # make sure you edit both and keep them equal.
995
+ if (bereq.url ~ "(?i)\\.(pdf|asc|dat|txt|doc|xls|ppt|tgz|png|gif|jpeg|jpg|ico|swf|css|js)(\\?.*)?$") {
996
+ unset beresp.http.set-cookie;
997
+ }
998
+ if (beresp.http.Set-Cookie) {
999
+ set beresp.http.x-varnish-action = "FETCH (pass - response sets cookie)";
1000
+ set beresp.uncacheable = true;
1001
+ set beresp.ttl = 120s;
1002
+ return(deliver);
1003
+ }
1004
+ if (beresp.http.Cache-Control ~ "(private|no-cache|no-store)") {
1005
+ set beresp.http.x-varnish-action = "FETCH (pass - cache control disallows)";
1006
+ set beresp.uncacheable = true;
1007
+ set beresp.ttl = 120s;
1008
+ return(deliver);
1009
+ }
1010
+
1011
+ # if (beresp.http.Authorization && !beresp.http.Cache-Control ~ "public") {
1012
+ # Do NOT cache if there is an "Authorization" header
1013
+ # beresp never has an Authorization header in beresp, right?
1014
+ if (beresp.http.Authorization) {
1015
+ set beresp.http.x-varnish-action = "FETCH (pass - authorized and no public cache control)";
1016
+ set beresp.uncacheable = true;
1017
+ set beresp.ttl = 120s;
1018
+ return(deliver);
1019
+ }
1020
+
1021
+ # Use this rule IF no cache-control (SSR content)
1022
+ if ((bereq.http.x-varnish-reqtype ~ "express") && (!beresp.http.Cache-Control)) {
1023
+ set beresp.http.x-varnish-action = "INSERT (30s caching / 60s grace)";
1024
+ set beresp.uncacheable = false;
1025
+ set beresp.ttl = 30s;
1026
+ set beresp.grace = 60s;
1027
+ return(deliver);
1028
+ }
1029
+
1030
+ if (!beresp.http.Cache-Control) {
1031
+ set beresp.http.x-varnish-action = "FETCH (override - backend not setting cache control)";
1032
+ set beresp.uncacheable = true;
1033
+ set beresp.ttl = 120s;
1034
+ return (deliver);
1035
+ }
1036
+
1037
+ if (beresp.http.X-Anonymous && !beresp.http.Cache-Control) {
1038
+ set beresp.http.x-varnish-action = "FETCH (override - anonymous backend not setting cache control)";
1039
+ set beresp.ttl = 600s;
1040
+ return (deliver);
1041
+ }
1042
+
1043
+ set beresp.http.x-varnish-action = "FETCH (insert)";
1044
+ return (deliver);
1045
+ }
1046
+
1047
+ sub vcl_deliver {
1048
+
1049
+ if (req.http.x-vcl-debug) {
1050
+ set resp.http.x-varnish-ttl = obj.ttl;
1051
+ set resp.http.x-varnish-grace = obj.grace;
1052
+ set resp.http.x-hits = obj.hits;
1053
+ set resp.http.x-varnish-reqtype = req.http.x-varnish-reqtype;
1054
+ if (req.http.x-auth) {
1055
+ set resp.http.x-auth = "Logged-in";
1056
+ } else {
1057
+ set resp.http.x-auth = "Anon";
1058
+ }
1059
+ if (obj.hits > 0) {
1060
+ set resp.http.x-cache = "HIT";
1061
+ } else {
1062
+ set resp.http.x-cache = "MISS";
1063
+ }
1064
+ } else {
1065
+ unset resp.http.x-varnish-action;
1066
+ unset resp.http.x-cache-operation;
1067
+ unset resp.http.x-cache-rule;
1068
+ unset resp.http.x-powered-by;
1069
+ }
1070
+ }
1071
+ ",
1072
+ },
1073
+ "kind": "ConfigMap",
1074
+ "metadata": {
1075
+ "name": "test-chart-httpcache-c89dd29d-kube-httpcache",
1076
+ },
1077
+ },
1078
+ {
1079
+ "apiVersion": "v1",
1080
+ "kind": "Service",
1081
+ "metadata": {
1082
+ "labels": {
1083
+ "app.kubernetes.io/instance": "test-chart-httpcache-c89dd29d",
1084
+ "app.kubernetes.io/managed-by": "Helm",
1085
+ "app.kubernetes.io/name": "kube-httpcache",
1086
+ "app.kubernetes.io/version": "v0.9.1",
1087
+ "helm.sh/chart": "kube-httpcache-0.9.1",
1088
+ },
1089
+ "name": "test-chart-httpcache-c89dd29d-kube-httpcache",
1090
+ },
1091
+ "spec": {
1092
+ "ports": [
1093
+ {
1094
+ "name": "http",
1095
+ "port": 80,
1096
+ "protocol": "TCP",
1097
+ "targetPort": 8080,
1098
+ },
1099
+ {
1100
+ "name": "signaller",
1101
+ "port": 8090,
1102
+ "targetPort": 8090,
1103
+ },
1104
+ {
1105
+ "name": "metrics",
1106
+ "port": 9131,
1107
+ "targetPort": 9131,
1108
+ },
1109
+ ],
1110
+ "selector": {
1111
+ "app.kubernetes.io/instance": "test-chart-httpcache-c89dd29d",
1112
+ "app.kubernetes.io/name": "kube-httpcache",
1113
+ },
1114
+ "type": "ClusterIP",
1115
+ },
1116
+ },
1117
+ {
1118
+ "apiVersion": "apps/v1",
1119
+ "kind": "StatefulSet",
1120
+ "metadata": {
1121
+ "labels": {
1122
+ "app.kubernetes.io/instance": "test-chart-httpcache-c89dd29d",
1123
+ "app.kubernetes.io/managed-by": "Helm",
1124
+ "app.kubernetes.io/name": "kube-httpcache",
1125
+ "app.kubernetes.io/version": "v0.9.1",
1126
+ "helm.sh/chart": "kube-httpcache-0.9.1",
1127
+ },
1128
+ "name": "test-chart-httpcache-c89dd29d-kube-httpcache",
1129
+ },
1130
+ "spec": {
1131
+ "replicas": 2,
1132
+ "selector": {
1133
+ "matchLabels": {
1134
+ "app.kubernetes.io/instance": "test-chart-httpcache-c89dd29d",
1135
+ "app.kubernetes.io/name": "kube-httpcache",
1136
+ },
1137
+ },
1138
+ "serviceName": "test-chart-httpcache-c89dd29d-kube-httpcache",
1139
+ "template": {
1140
+ "metadata": {
1141
+ "labels": {
1142
+ "app.kubernetes.io/instance": "test-chart-httpcache-c89dd29d",
1143
+ "app.kubernetes.io/name": "kube-httpcache",
1144
+ },
1145
+ },
1146
+ "spec": {
1147
+ "containers": [
1148
+ {
1149
+ "args": [
1150
+ "-admin-addr=0.0.0.0",
1151
+ "-admin-port=6083",
1152
+ "-signaller-enable",
1153
+ "-signaller-port=8090",
1154
+ "-frontend-port=8080",
1155
+ "-frontend-watch=false",
1156
+ "-frontend-namespace=$(NAMESPACE)",
1157
+ "-frontend-service=test-chart-httpcache-c89dd29d-kube-httpcache",
1158
+ "-backend-watch=false",
1159
+ "-backend-namespace=$(NAMESPACE)",
1160
+ "-backend-service=backend-service",
1161
+ "-varnish-secret-file=/etc/varnish/k8s-secret/secret",
1162
+ "-varnish-vcl-template=/etc/varnish/tmpl/default.vcl.tmpl",
1163
+ "-varnish-storage=malloc,128M",
1164
+ "-varnish-vcl-template-poll",
1165
+ ],
1166
+ "env": [
1167
+ {
1168
+ "name": "NAMESPACE",
1169
+ "valueFrom": {
1170
+ "fieldRef": {
1171
+ "fieldPath": "metadata.namespace",
1172
+ },
1173
+ },
1174
+ },
1175
+ {
1176
+ "name": "BACKEND_SERVICE_NAME",
1177
+ "value": "test-chart-plone-backend-service-c81ad65d",
1178
+ },
1179
+ {
1180
+ "name": "BACKEND_SERVICE_PORT",
1181
+ "value": "8080",
1182
+ },
1183
+ {
1184
+ "name": "BACKEND_SITE_ID",
1185
+ "value": "Plone",
1186
+ },
1187
+ {
1188
+ "name": "FRONTEND_SERVICE_NAME",
1189
+ "value": "test-chart-plone-frontend-service-c874cc1a",
1190
+ },
1191
+ {
1192
+ "name": "FRONTEND_SERVICE_PORT",
1193
+ "value": "3000",
1194
+ },
1195
+ ],
1196
+ "image": "quay.io/mittwald/kube-httpcache:stable",
1197
+ "imagePullPolicy": "IfNotPresent",
1198
+ "name": "kube-httpcache",
1199
+ "resources": {
1200
+ "limits": {
1201
+ "cpu": "500m",
1202
+ "memory": "500Mi",
1203
+ },
1204
+ "requests": {
1205
+ "cpu": "100m",
1206
+ "memory": "100Mi",
1207
+ },
1208
+ },
1209
+ "securityContext": {},
1210
+ "volumeMounts": [
1211
+ {
1212
+ "mountPath": "/etc/varnish/tmpl",
1213
+ "name": "template",
1214
+ },
1215
+ {
1216
+ "mountPath": "/etc/varnish/k8s-secret",
1217
+ "name": "secret",
1218
+ },
1219
+ {
1220
+ "mountPath": "/var/lib/varnish",
1221
+ "name": "var",
1222
+ },
1223
+ ],
1224
+ },
1225
+ {
1226
+ "args": [
1227
+ "-no-exit",
1228
+ ],
1229
+ "command": [
1230
+ "/exporter/prometheus_varnish_exporter",
1231
+ ],
1232
+ "env": [
1233
+ {
1234
+ "name": "VSM_NOPID",
1235
+ "value": "1",
1236
+ },
1237
+ ],
1238
+ "image": "quay.io/mittwald/kube-httpcache:stable",
1239
+ "imagePullPolicy": "IfNotPresent",
1240
+ "name": "exporter",
1241
+ "ports": [
1242
+ {
1243
+ "containerPort": 9131,
1244
+ "name": "metrics",
1245
+ },
1246
+ ],
1247
+ "resources": {
1248
+ "limits": {
1249
+ "cpu": "100m",
1250
+ "memory": "100Mi",
1251
+ },
1252
+ "requests": {
1253
+ "cpu": "10m",
1254
+ "memory": "50Mi",
1255
+ },
1256
+ },
1257
+ "securityContext": {},
1258
+ "volumeMounts": [
1259
+ {
1260
+ "mountPath": "/var/lib/varnish",
1261
+ "name": "var",
1262
+ },
1263
+ ],
1264
+ },
1265
+ ],
1266
+ "nodeSelector": {
1267
+ "kubernetes.io/arch": "amd64",
1268
+ },
1269
+ "securityContext": {},
1270
+ "serviceAccountName": "test-chart-httpcache-c89dd29d-kube-httpcache",
1271
+ "volumes": [
1272
+ {
1273
+ "configMap": {
1274
+ "name": "test-chart-httpcache-c89dd29d-kube-httpcache",
1275
+ },
1276
+ "name": "template",
1277
+ },
1278
+ {
1279
+ "name": "secret",
1280
+ "secret": {
1281
+ "secretName": "test-chart-httpcache-c89dd29d-kube-httpcache",
1282
+ },
1283
+ },
1284
+ {
1285
+ "emptyDir": {},
1286
+ "name": "var",
1287
+ },
1288
+ ],
1289
+ },
1290
+ },
1291
+ },
1292
+ },
1293
+ {
1294
+ "apiVersion": "networking.k8s.io/v1",
1295
+ "kind": "Ingress",
1296
+ "metadata": {
1297
+ "annotations": {
1298
+ "cert-manager.io/cluster-issuer": "letsencrypt-prod",
1299
+ "kubernetes.io/ingress.class": "traefik",
1300
+ },
1301
+ "name": "test-chart-ingress-main-cached-c8b108e1",
1302
+ },
1303
+ "spec": {
1304
+ "ingressClassName": "traefik",
1305
+ "rules": [
1306
+ {
1307
+ "host": "mxplone-cached.example.com",
1308
+ "http": {
1309
+ "paths": [
1310
+ {
1311
+ "backend": {
1312
+ "service": {
1313
+ "name": "test-chart-httpcache-c89dd29d-kube-httpcache",
1314
+ "port": {
1315
+ "number": 80,
1316
+ },
1317
+ },
1318
+ },
1319
+ "path": "/",
1320
+ "pathType": "Prefix",
1321
+ },
1322
+ ],
1323
+ },
1324
+ },
1325
+ ],
1326
+ },
1327
+ },
1328
+ {
1329
+ "apiVersion": "networking.k8s.io/v1",
1330
+ "kind": "Ingress",
1331
+ "metadata": {
1332
+ "annotations": {
1333
+ "cert-manager.io/cluster-issuer": "letsencrypt-prod",
1334
+ "kubernetes.io/ingress.class": "traefik",
1335
+ },
1336
+ "name": "test-chart-ingress-main-uncached-c85166a3",
1337
+ },
1338
+ "spec": {
1339
+ "ingressClassName": "traefik",
1340
+ "rules": [
1341
+ {
1342
+ "host": "mxplone-cached.example.com",
1343
+ "http": {
1344
+ "paths": [
1345
+ {
1346
+ "backend": {
1347
+ "service": {
1348
+ "name": "test-chart-plone-frontend-service-c874cc1a",
1349
+ "port": {
1350
+ "number": 3000,
1351
+ },
1352
+ },
1353
+ },
1354
+ "path": "/",
1355
+ "pathType": "Prefix",
1356
+ },
1357
+ ],
1358
+ },
1359
+ },
1360
+ ],
1361
+ },
1362
+ },
1363
+ {
1364
+ "apiVersion": "traefik.io/v1alpha1",
1365
+ "kind": "Middleware",
1366
+ "metadata": {
1367
+ "name": "test-chart-ingress-main-maintenance-addprefix-c8dc1efe",
1368
+ },
1369
+ "spec": {
1370
+ "addPrefix": {
1371
+ "prefix": "/VirtualHostBase/https/mxplone-maintenance.example.com/VirtualHostRoot/",
1372
+ },
1373
+ },
1374
+ },
1375
+ {
1376
+ "apiVersion": "networking.k8s.io/v1",
1377
+ "kind": "Ingress",
1378
+ "metadata": {
1379
+ "annotations": {
1380
+ "cert-manager.io/cluster-issuer": "letsencrypt-prod",
1381
+ "kubernetes.io/ingress.class": "traefik",
1382
+ "traefik.ingress.kubernetes.io/router.middlewares": "plone-test-chart-ingress-main-maintenance-addprefix-c8dc1efe@kubernetescrd",
1383
+ },
1384
+ "name": "test-chart-ingress-main-maintenance-c874242e",
1385
+ },
1386
+ "spec": {
1387
+ "ingressClassName": "traefik",
1388
+ "rules": [
1389
+ {
1390
+ "host": "mxplone-maintenance.example.com",
1391
+ "http": {
1392
+ "paths": [
1393
+ {
1394
+ "backend": {
1395
+ "service": {
1396
+ "name": "test-chart-plone-backend-service-c81ad65d",
1397
+ "port": {
1398
+ "number": 8080,
1399
+ },
1400
+ },
1401
+ },
1402
+ "path": "/",
1403
+ "pathType": "Prefix",
1404
+ },
1405
+ ],
1406
+ },
1407
+ },
1408
+ ],
1409
+ },
1410
+ },
1411
+ ]
1412
+ `;