[Skip-CI] Add secrets and configmaps, add section comments

src/main/resources/taiga/taiga-deployment.yml

@@ -14,7 +14,8 @@ spec:
       labels:
         app: taiga
     spec:
-      initContainers: # ToDo: add commands to create admin user
+    #################### Init ########################
+      initContainers:
       - name: taiga-manage
         image: taigaio/taiga-back:latest
         imagePullPolicy: IfNotPresent
@@ -38,9 +39,9 @@ spec:
         - secretRef:
           name: taiga-rabbitmq-secret
         env:
-        - name: POSTGRES_USER # ToDo: does taiga need a specific postgres version? Maybe test this
+        - name: POSTGRES_USER # ToDo: Does taiga need a specific postgres version? Maybe test this
-          valueFrom:
+          valueFrom: # ToDo: How do i reach a container from another container?
-            secretKeyRef:
+            secretKeyRef: # ToDo: maybe generate container URLs at c4k level?
               name: postgres-secret
               key: postgres-user
         - name: POSTGRES_PASSWORD
@@ -59,7 +60,9 @@ spec:
           value: 5432
         - name: CELERY_ENABLED
           value: false
-      containers: # ToDo: Research hostname, network and dependsOn keywords of docker compose and find functional translation for kubernetes
+      #################### Containers ########################
+      containers: # ToDo: Research dependsOn keyword of docker compose and find functional translation for kubernetes
+      ### taiga-back
       - name: taiga-back
         image: taigaio/taiga-back:latest 
         imagePullPolicy: IfNotPresent
@@ -99,6 +102,7 @@ spec:
           value: "postgresql-service"
         - name: POSTGRES_PORT
           value: 5432
+      ### taiga-async
       - name: taiga-async
         image: taigaio/taiga-back:latest 
         imagePullPolicy: IfNotPresent
@@ -139,7 +143,8 @@ spec:
             value: "postgresql-service"
           - name: POSTGRES_PORT
             value: 5432
-      - name: taiga-async-rabbitmq  # ToDo: Rabbitmq uses a hostname KW in docker-compose. Whats the equivalent expression in kubernetes?
+      ### taiga-async-rabbitmq
+      - name: taiga-async-rabbitmq
         image: rabbitmq:3.8-management-alpine
         imagePullPolicy: IfNotPresent
         ports:
@@ -156,6 +161,7 @@ spec:
           value: ERLANG_COOKIE_VALUE
         - name: RABBITMQ_DEFAULT_VHOST
           value: RABBITMQ_VHOST
+      ### taiga-front
       - name: taiga-front
         image: taigaio/taiga-front:latest
         imagePullPolicy: IfNotPresent
@@ -168,19 +174,21 @@ spec:
           value: WEBSOCKETS_SCHEME://TAIGA_DOMAIN
         - name: TAIGA_SUBPATH
           value: SUBPATH
+      ### taiga-events
       - name: taiga-events
         image: taigaio/taiga-events:latest
         imagePullPolicy: IfNotPresent
         ports:
         - containerPort: 80
-        env:
+        envFrom: # ToDo: check if all vars are needed
-        - name: RABBITMQ_USER
+        - configMapRef:
-          value: RABBITMQ_USER_VALUE
+          name: taiga-back-configmap
-        - name: RABBITMQ_PASS
+        - secretRef:
-          value: RABBITMQ_PASS_VALUE
+          name: taiga-back-secret
-        - name: TAIGA_SECRET_KEY
+        - secretRef:
-          value: SECRET_KEY_VALUE
+          name: taiga-rabbitmq-secret
-      - name: taiga-events-rabbitmq  # ToDo: Rabbitmq uses a hostname KW in docker-compose. Whats the equivalent expression in kubernetes?
+      ### taiga-events-rabbitmq
+      - name: taiga-events-rabbitmq
         image: rabbitmq:3.8-management-alpine
         imagePullPolicy: IfNotPresent
         ports:
@@ -189,25 +197,26 @@ spec:
         - name: taiga-events-rabbitmq-data
           mountPath: /var/lib/rabbitmq
           readOnly: false
+        envFrom:
+        - secretRef: # ToDo secret key ref
+          name: taiga-rabbitmq-secret
         env:
         - name: RABBITMQ_ERLANG_COOKIE
           value: ERLANG_COOKIE_VALUE
-        - name: RABBITMQ_DEFAULT_USER
-          value: RABBITMQ_USER
-        - name: RABBITMQ_DEFAULT_PASS
-          value: RABBITMQ_PASS
         - name: RABBITMQ_DEFAULT_VHOST
           value: RABBITMQ_VHOST
+      ### taiga-protected
       - name: taiga-protected
         image: taigaio/taiga-protected:latest
         imagePullPolicy: IfNotPresent
         ports:
         - containerPort: 80
+        envFrom: # ToDo secret key ref - secret_key
+        - secretRef:
+          name: taiga-back-secret
         env:
         - name: MAX_AGE
           value: ATTACHMENTS_MAX_AGE
-        - name: SECRET_KEY
-          value: SECRET_KEY_VALUE
 #     - name: taiga-gateway # ToDo: How to replace the gateway in this setup?
       
       volumes:
@@ -223,182 +232,3 @@ spec:
         - name: taiga-events-rabbitmq-data
           persistentVolumeClaim:
             claimName: taiga-events-rabbitmq-data
-
-
-x-environment:
-  &default-back-environment
-  # These environment variables will be used by taiga-back and taiga-async.
-  # Database settings
-  POSTGRES_DB: "taiga"
-  POSTGRES_USER: "${POSTGRES_USER}"
-  POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
-  POSTGRES_HOST: "taiga-db"
-  # Taiga settings
-  TAIGA_SECRET_KEY: "${SECRET_KEY}"
-  TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
-  TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}"
-  TAIGA_SUBPATH: "${SUBPATH}"
-  # Email settings.
-  EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend"
-  DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}"
-  EMAIL_USE_TLS: "${EMAIL_USE_TLS}"
-  EMAIL_USE_SSL: "${EMAIL_USE_SSL}"
-  EMAIL_HOST: "${EMAIL_HOST}"
-  EMAIL_PORT: "${EMAIL_PORT}"
-  EMAIL_HOST_USER: "${EMAIL_HOST_USER}"
-  EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}"
-  # Rabbitmq settings
-  RABBITMQ_USER: "${RABBITMQ_USER}"
-  RABBITMQ_PASS: "${RABBITMQ_PASS}"
-  # Telemetry settings
-  ENABLE_TELEMETRY: "${ENABLE_TELEMETRY}"
-  # ...your customizations go here
-
-x-volumes:
-  &default-back-volumes
-  # These volumens will be used by taiga-back and taiga-async.
-  - taiga-static-data:/taiga-back/static
-  - taiga-media-data:/taiga-back/media
-  # - ./config.py:/taiga-back/settings/config.py
-
-services:
-  taiga-db:
-    image: postgres:12.3
-    environment:
-      POSTGRES_DB: "taiga"
-      POSTGRES_USER: "${POSTGRES_USER}"
-      POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
-    healthcheck:
-      test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
-      interval: 2s
-      timeout: 15s
-      retries: 5
-      start_period: 3s
-    volumes:
-      - taiga-db-data:/var/lib/postgresql/data
-    networks:
-      - taiga
-
-  taiga-back:
-    image: taigaio/taiga-back:latest
-    environment: *default-back-environment
-    volumes: *default-back-volumes
-    networks:
-      - taiga
-    depends_on:
-      taiga-db:
-        condition: service_healthy
-      taiga-events-rabbitmq:
-        condition: service_healthy
-      taiga-async-rabbitmq:
-        condition: service_healthy
-
-  taiga-async:
-    image: taigaio/taiga-back:latest
-    entrypoint: ["/taiga-back/docker/async_entrypoint.sh"]
-    environment: *default-back-environment
-    volumes: *default-back-volumes
-    networks:
-      - taiga
-    depends_on:
-      taiga-db:
-        condition: service_healthy
-      taiga-events-rabbitmq:
-        condition: service_healthy
-      taiga-async-rabbitmq:
-        condition: service_healthy
-
-  taiga-async-rabbitmq:
-    image: rabbitmq:3.8-management-alpine
-    environment:
-      RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
-      RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
-      RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
-      RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
-    hostname: "taiga-async-rabbitmq"
-    healthcheck:
-      test: rabbitmq-diagnostics -q ping
-      interval: 2s
-      timeout: 15s
-      retries: 5
-      start_period: 3s
-    volumes:
-      - taiga-async-rabbitmq-data:/var/lib/rabbitmq
-    networks:
-      - taiga
-
-  taiga-front:
-    image: taigaio/taiga-front:latest
-    environment:
-      TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}"
-      TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}"
-      TAIGA_SUBPATH: "${SUBPATH}"
-      # ...your customizations go here
-    networks:
-      - taiga
-    # volumes:
-    #   - ./conf.json:/usr/share/nginx/html/conf.json
-
-  taiga-events:
-    image: taigaio/taiga-events:latest
-    environment:
-      RABBITMQ_USER: "${RABBITMQ_USER}"
-      RABBITMQ_PASS: "${RABBITMQ_PASS}"
-      TAIGA_SECRET_KEY: "${SECRET_KEY}"
-    networks:
-      - taiga
-    depends_on:
-      taiga-events-rabbitmq:
-        condition: service_healthy
-
-  taiga-events-rabbitmq:
-    image: rabbitmq:3.8-management-alpine
-    environment:
-      RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
-      RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
-      RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
-      RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
-    hostname: "taiga-events-rabbitmq"
-    healthcheck:
-      test: rabbitmq-diagnostics -q ping
-      interval: 2s
-      timeout: 15s
-      retries: 5
-      start_period: 3s
-    volumes:
-      - taiga-events-rabbitmq-data:/var/lib/rabbitmq
-    networks:
-      - taiga
-
-  taiga-protected:
-    image: taigaio/taiga-protected:latest
-    environment:
-      MAX_AGE: "${ATTACHMENTS_MAX_AGE}"
-      SECRET_KEY: "${SECRET_KEY}"
-    networks:
-      - taiga
-
-  taiga-gateway:
-    image: nginx:1.19-alpine
-    ports:
-      - "9000:80"
-    volumes:
-      - ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf
-      - taiga-static-data:/taiga/static
-      - taiga-media-data:/taiga/media
-    networks:
-      - taiga
-    depends_on:
-      - taiga-front
-      - taiga-back
-      - taiga-events
-
-volumes:
-  taiga-static-data:
-  taiga-media-data:
-  taiga-db-data:
-  taiga-async-rabbitmq-data:
-  taiga-events-rabbitmq-data:
-
-networks:
-  taiga: