Mercurial > code > home > repos > sco-bot
diff k8s/ingress.yaml @ 15:6ed25bcaaf1f
add prefect and rebuild flow to k8s
| author | drewp@bigasterisk.com |
|---|---|
| date | Fri, 19 Jul 2024 00:30:47 -0700 |
| parents | 53ae53f7d1b3 |
| children |
line wrap: on
line diff
--- a/k8s/ingress.yaml Thu Jul 11 22:11:41 2024 -0700 +++ b/k8s/ingress.yaml Fri Jul 19 00:30:47 2024 -0700 @@ -16,7 +16,36 @@ paths: - pathType: Prefix path: /sco/ - backend: { service: { name: sco-bot, port: { number: 80 } } } + backend: { service: { name: sco-bot, port: { name: web } } } tls: - hosts: [bigasterisk.com] secretName: bigasterisk.com-tls +--- +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: sco-bot-prefect + annotations: + cert-manager.io/cluster-issuer: letsencrypt-prod + ingress.pomerium.io/allow_public_unauthenticated_access: "false" + ingress.pomerium.io/pass_identity_headers: "true" + ingress.pomerium.io/preserve_host_header: "true" + ingress.pomerium.io/allow_websockets: "true" + ingress.pomerium.io/policy: | + allow: + or: + - { email: { is: "drewpca@gmail.com" }} + - { email: { is: "besustainable@gmail.com" }} +spec: + ingressClassName: pomerium + rules: + - host: "sco-bot-prefect.bigasterisk.com" + http: + paths: + - pathType: Prefix + # url sub path is broken of course, see https://github.com/PrefectHQ/prefect/issues/12096 + path: / + backend: { service: { name: sco-bot, port: { name: prefect } } } + tls: + - hosts: [sco-bot-prefect.bigasterisk.com] + secretName: sco-bot-prefect.bigasterisk.com-tls