{ "name": "deployment-portal-backend", "environment": "$ENVIRONMENT", "metadata": { "repo": "navi-infra/deployment-portal-backend", "language": "Java", "dataSensitivity": "Internal", "logCriticality": "AccessLogs", "disasterRecovery": "True" }, "cluster": "$CLUSTER", "environmentVariables": [ { "name": "AWS_REGION", "value": "$AWS_REGION" }, { "name": "ENVIRONMENT", "value": "$ENVIRONMENT" }, { "name": "DATASOURCE_URL", "value": "$DATASOURCE_URL" }, { "name": "DATASOURCE_PASSWORD", "value": "$DATASOURCE_PASSWORD" }, { "name": "DATASOURCE_USERNAME", "value": "$DATASOURCE_USERNAME" }, { "name": "OKTA_CLIENT_ID", "value": "$OKTA_CLIENT_ID" }, { "name": "OKTA_CLIENT_SECRET", "value": "$OKTA_CLIENT_SECRET" }, { "name": "JVM_OPTS", "value": "$JVM_OPTS" }, { "name": "OKTA_URL", "value": "$OKTA_URL" }, { "name": "ALLOWED_ORIGINS", "value": "$ALLOWED_ORIGINS" }, { "name": "VAULT_ADDRESS", "value": "$VAULT_ADDRESS" }, { "name": "VAULT_METATOKEN", "value": "$VAULT_METATOKEN" }, { "name": "DDL_AUTO", "value": "$DDL_AUTO" }, { "name": "KUBE_CONFIG", "value": "$KUBE_CONFIG" }, { "name": "VAULT_AUTH_METHOD", "value": "$VAULT_AUTH_METHOD" }, { "name": "VAULT_KUBE_PROVIDER", "value": "$VAULT_KUBE_PROVIDER" }, { "name": "VAULT_KUBE_ROLE", "value": "$VAULT_KUBE_ROLE" }, { "name": "VAULT_KUBE_TOKEN_CRON", "value": "$VAULT_KUBE_TOKEN_CRON" }, { "name": "PORTAL_VERTICAL", "value": "$PORTAL_VERTICAL" }, { "name": "SLACK_WEBHOOK_URL", "value": "$SLACK_WEBHOOK_URL" }, { "name": "DOCKER_REGISTRY_NAMESPACE", "value": "$DOCKER_REGISTRY_NAMESPACE" }, { "name": "JWT_SECRET_KEY", "value": "$JWT_SECRET_KEY" }, { "name": "TEAMS_LIST_VAULT", "value": "$TEAMS_LIST_VAULT" }, { "name": "ELASTIC_APM_SERVER_URLS", "value": "$ELASTIC_APM_SERVER_URLS" }, { "name": "ELASTIC_APM_ENVIRONMENT", "value": "$ELASTIC_APM_ENVIRONMENT" }, { "name": "AIRFLOW_URL", "value": "$AIRFLOW_URL" }, { "name": "AIRFLOW_AUTH_TOKEN", "value": "$AIRFLOW_AUTH_TOKEN" }, { "name": "SERVICE_DUMP_DAG_ID", "value": "$SERVICE_DUMP_DAG_ID" }, { "name": "SLACK_BOT_TOKEN", "value": "$SLACK_BOT_TOKEN" }, { "name": "JIT_DAG_ID", "value": "$JIT_DAG_ID" }, { "name": "JIT_COMMON_CHANNEL", "value": "$JIT_COMMON_CHANNEL" }, { "name": "JIT_POLICY_UPLOAD_CHANNEL", "value": "$JIT_POLICY_UPLOAD_CHANNEL" }, { "name": "GITHUB_CLOUD_OAUTH_TOKEN", "value": "$GITHUB_CLOUD_OAUTH_TOKEN" }, { "name": "GOCD_PIPELINES_CONFIG", "value": "$GOCD_PIPELINES_CONFIG" }, { "name": "JIT_CHANGE_REQUEST_COMMON_CHANNEL", "value": "$JIT_CHANGE_REQUEST_COMMON_CHANNEL" } ], "deployment": { "serviceAccount": true, "instance": { "count": 2, "cpu": $CPU, "memory": "$MEMORY" }, "namespace": "$NAMESPACE", "exposedPorts": [ { "name": "metrics", "port": 4001 } ], "loadBalancers": [ { "type": "$LB_TYPE", "groupName": "$LB_GROUP_NAME", "accessPolicies": [ $ACCESS_POLICIES ], "endpoint": "$SERVICE_ENDPOINT" } ], "allowEgress": [ "*.elastic-stack.svc.cluster.local", "*.slack.com" ], "allowEndpoint": [ { "host": "infra-dev-db-service-db.np.navi-tech.in", "port": "5432" }, { "host": "config.np.navi-tech.in", "port": "443" }, { "host": "navi.okta.com", "port": "443" }, { "host": "product-airflow.cmd.navi-tech.in", "port": "443" }, { "host": "slack.com", "port": "443" }, { "host": "hooks.slack.com", "port": "443" }, { "host": "api.github.com", "port": "443" }, { "host": "*pipelines.cmd.navi-tech.in", "port": "443" }, { "host": "*.s3.ap-south-1.amazonaws.com", "port": "443" }, { "host": "api.*.*.navi-*.in", "port": "443" }, { "host": "api.*.*.*.navi-tech.in", "port": "443" } ], "healthChecks": { "readinessCheck": { "type": "http", "port": "serviceport", "path": "/health", "successThreshold": 1, "initialDelaySeconds": 90, "periodSeconds": 30, "failureThreshold": 3, "httpHeaders": [] }, "livenessCheck": { "type": "http", "port": "metrics", "path": "/actuator/health", "successThreshold": 1, "initialDelaySeconds": 90, "periodSeconds": 30, "failureThreshold": 3, "httpHeaders": [] } }, "alerts": { "kafka": [], "custom": [], "database": [], "loadBalancer": [ { "type": "HighHTTP4xx", "duration": "3m", "severity": "critical", "threshold": 1 }, { "type": "HighHTTP5xx", "duration": "3m", "severity": "critical", "threshold": 1 } ], "prometheusRecordingRule": [] }, "mountSecrets": [ { "name": "oci-config", "path": "/home/non-root-user/.oci" }, { "name": "oci-config-key", "path": "/mnt" } ] }, "extraResources": { "environment": "$ENVIRONMENT", "workspace": "$WORKSPACE", "aws_access": { "roleName": "$ROLE_NAME", "policies": [ { "resource": "*", "actions": [ "sts:*" ] }, { "actions": [ "ecr:GetDownloadUrlForLayer", "ecr:GetAuthorizationToken", "ecr:BatchGetImage" ], "resource": "*" }, { "actions": [ "ecr:*" ], "resource": "arn:aws:ecr:*:*:repository/sandbox/*" }, { "actions": [ "s3:*" ], "resource": "arn:aws:s3:::java-heap-dumps*" }, { "actions": [ "s3:*" ], "resource": "arn:aws:s3:::java-heap-dumps*/*" } ] } }, "team": { "name": "Cloud-Platform" }, "labels": { "micrometer-prometheus": "enabled" }, "infraVertical": "lending" }