deployment-portal-be/deployment_manifest.json

{
  "name": "deployment-portal-backend",
  "environment": "$ENVIRONMENT",
  "metadata": {
    "repo": "navi-infra/deployment-portal-backend",
    "language": "Java",
    "dataSensitivity": "Internal",
    "logCriticality": "AccessLogs",
    "disasterRecovery": "True"
  },
  "cluster": "$CLUSTER",
  "environmentVariables": [
    {
      "name": "ENVIRONMENT",
      "value": "$ENVIRONMENT"
    },
    {
      "name": "DATASOURCE_URL",
      "value": "$DATASOURCE_URL"
    },
    {
      "name": "DATASOURCE_PASSWORD",
      "value": "$DATASOURCE_PASSWORD"
    },
    {
      "name": "DATASOURCE_USERNAME",
      "value": "$DATASOURCE_USERNAME"
    },
    {
      "name": "OKTA_CLIENT_ID",
      "value": "$OKTA_CLIENT_ID"
    },
    {
      "name": "OKTA_CLIENT_SECRET",
      "value": "$OKTA_CLIENT_SECRET"
    },
    {
      "name": "JVM_OPTS",
      "value": "$JVM_OPTS"
    },
    {
      "name": "OKTA_URL",
      "value": "$OKTA_URL"
    },
    {
      "name": "ALLOWED_ORIGINS",
      "value": "$ALLOWED_ORIGINS"
    },
    {
      "name": "VAULT_ADDRESS",
      "value": "$VAULT_ADDRESS"
    },
    {
      "name": "VAULT_METATOKEN",
      "value": "$VAULT_METATOKEN"
    },
    {
      "name": "DDL_AUTO",
      "value": "$DDL_AUTO"
    },
    {
      "name": "KUBE_CONFIG",
      "value": "$KUBE_CONFIG"
    },
    {
      "name": "VAULT_AUTH_METHOD",
      "value": "$VAULT_AUTH_METHOD"
    },
    {
      "name": "VAULT_KUBE_PROVIDER",
      "value": "$VAULT_KUBE_PROVIDER"
    },
    {
      "name": "VAULT_KUBE_ROLE",
      "value": "$VAULT_KUBE_ROLE"
    },
    {
      "name": "VAULT_KUBE_TOKEN_CRON",
      "value": "$VAULT_KUBE_TOKEN_CRON"
    },
    {
      "name": "PORTAL_VERTICAL",
      "value": "$PORTAL_VERTICAL"
    },
    {
      "name": "SLACK_WEBHOOK_URL",
      "value": "$SLACK_WEBHOOK_URL"
    },
    {
      "name": "DOCKER_REGISTRY_NAMESPACE",
      "value": "$DOCKER_REGISTRY_NAMESPACE"
    },
    {
      "name": "JWT_SECRET_KEY",
      "value": "$JWT_SECRET_KEY"
    },
    {
      "name": "TEAMS_LIST_VAULT",
      "value": "$TEAMS_LIST_VAULT"
    },
    {
      "name": "ELASTIC_APM_SERVER_URLS",
      "value": "$ELASTIC_APM_SERVER_URLS"
    },
    {
      "name": "ELASTIC_APM_ENVIRONMENT",
      "value": "$ELASTIC_APM_ENVIRONMENT"
    },
    {
      "name": "AIRFLOW_URL",
      "value": "$AIRFLOW_URL"
    },
    {
      "name": "AIRFLOW_AUTH_TOKEN",
      "value": "$AIRFLOW_AUTH_TOKEN"
    },
    {
      "name": "SERVICE_DUMP_DAG_ID",
      "value": "$SERVICE_DUMP_DAG_ID"
    },
    {
      "name": "SLACK_BOT_TOKEN",
      "value": "$SLACK_BOT_TOKEN"
    },
    {
      "name": "JIT_DAG_ID",
      "value": "$JIT_DAG_ID"
    },
    {
      "name": "JIT_COMMON_CHANNEL",
      "value": "$JIT_COMMON_CHANNEL"
    },
    {
      "name": "GITHUB_CLOUD_OAUTH_TOKEN",
      "value": "$GITHUB_CLOUD_OAUTH_TOKEN"
    }
  ],
  "deployment": {
    "serviceAccount": true,
    "instance": {
      "count": 2,
      "cpu": $CPU,
      "memory": "$MEMORY"
    },
    "namespace": "$NAMESPACE",
    "exposedPorts": [
      {
        "name": "metrics",
        "port": 4001
      }
    ],
    "loadBalancers": [
      {
        "type": "$LB_TYPE",
        "groupName": "$LB_GROUP_NAME",
        "accessPolicies": [
          $ACCESS_POLICIES
        ],
        "endpoint": "$SERVICE_ENDPOINT"
      }
    ],
    "allowEgress": [
      "*.elastic-stack.svc.cluster.local",
      "*.slack.com"
    ],
    "healthChecks": {
      "readinessCheck": {
        "type": "http",
        "port": "serviceport",
        "path": "/health",
        "successThreshold": 1,
        "initialDelaySeconds": 90,
        "periodSeconds": 30,
        "failureThreshold": 3,
        "httpHeaders": []
      },
      "livenessCheck": {
        "type": "http",
        "port": "metrics",
        "path": "/actuator/health",
        "successThreshold": 1,
        "initialDelaySeconds": 90,
        "periodSeconds": 30,
        "failureThreshold": 3,
        "httpHeaders": []
      }
    },
    "alerts": {
      "kafka": [],
      "custom": [],
      "database": [],
      "loadBalancer": [
        {
          "type": "elb4xx",
          "duration": "3m",
          "severity": "critical",
          "threshold": 1
        },
        {
          "type": "elb5xx",
          "duration": "3m",
          "severity": "critical",
          "threshold": 1
        }
      ],
      "prometheusRecordingRule": []
    }
  },
  "extraResources": {
    "environment": "$ENVIRONMENT",
    "workspace": "$WORKSPACE",
    "aws_access": {
      "roleName": "$ROLE_NAME",
      "policies": [
        {
          "resource": "*",
          "actions": [
            "sts:*"
          ]
        },
        {
          "actions": [
            "ecr:GetDownloadUrlForLayer",
            "ecr:GetAuthorizationToken",
            "ecr:BatchGetImage"
          ],
          "resource": "*"
        },
        {
          "actions": [
            "ecr:*"
          ],
          "resource": "arn:aws:ecr:*:*:repository/sandbox/*"
        },
        {
          "actions": [
            "s3:*"
          ],
          "resource": "arn:aws:s3:::java-heap-dumps*"
        },
        {
          "actions": [
            "s3:*"
          ],
          "resource": "arn:aws:s3:::java-heap-dumps*/*"
        }
      ]
    }
  },
  "team": {
    "name": "Cloud-Platform"
  },
  "labels": {
    "micrometer-prometheus": "enabled"
  },
  "infraVertical": "lending"
}