| # bazel-cache.k0.hswaw.net, a Bazel Cache based on buchgr/bazel-remote. |
| # Once https://github.com/bazelbuild/bazel/pull/4889 gets merged, this will |
| # likely be replaced with just an Rados GW instance. |
| |
| local kube = import "../../kube/kube.libsonnet"; |
| |
| { |
| local app = self, |
| local cfg = app.cfg, |
| cfg:: { |
| namespace: "bazel-cache", |
| domain: "k0.hswaw.net", |
| storageClassName: "waw-hdd-yolo-1", |
| }, |
| |
| metadata(component):: { |
| namespace: cfg.namespace, |
| labels: { |
| "app.kubernetes.io/name": "bazel-cache", |
| "app.kubernetes.io/managed-by": "kubecfg", |
| "app.kubernetes.io/component": component, |
| }, |
| }, |
| |
| namespace: kube.Namespace(cfg.namespace), |
| |
| volumeClaim: kube.PersistentVolumeClaim("bazel-cache-storage") { |
| metadata+: app.metadata("bazel-cache-storage"), |
| spec+: { |
| storageClassName: cfg.storageClassName, |
| accessModes: [ "ReadWriteOnce" ], |
| resources: { |
| requests: { |
| storage: "40Gi", |
| }, |
| }, |
| }, |
| }, |
| |
| |
| deployment: kube.Deployment("bazel-remote") { |
| metadata+: app.metadata("bazel-cache"), |
| spec+: { |
| replicas: 1, |
| template+: { |
| spec+: { |
| volumes_: { |
| data: kube.PersistentVolumeClaimVolume(app.volumeClaim), |
| }, |
| containers_: { |
| auth: kube.Container("bazel-remote") { |
| image: "buchgr/bazel-remote-cache", |
| volumeMounts_: { |
| data: { mountPath: "/data" }, |
| }, |
| ports_: { |
| http: { |
| containerPort: 8080, |
| protocol: "TCP", |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| }, |
| |
| service: kube.Service("bazel-cache") { |
| metadata+: app.metadata("bazel-cache"), |
| target_pod:: app.deployment.spec.template, |
| spec+: { |
| type: "ClusterIP", |
| ports: [ |
| { name: "http", port: 8080, targetPort: 8080, protocol: "TCP" }, |
| ], |
| } |
| }, |
| |
| ingress: kube.Ingress("bazel-cache") { |
| metadata+: app.metadata("bazel-cache") { |
| annotations+: { |
| "kubernetes.io/tls-acme": "true", |
| "certmanager.k8s.io/cluster-issuer": "letsencrypt-prod", |
| "nginx.ingress.kubernetes.io/backend-protocol": "HTTP", |
| "nginx.ingress.kubernetes.io/proxy-body-size": "0", |
| }, |
| }, |
| spec+: { |
| tls: [ |
| { |
| hosts: ["bazel-cache.%s" % [cfg.domain]], |
| secretName: "bazel-cache-tls", |
| }, |
| ], |
| rules: [ |
| { |
| host: "bazel-cache.%s" % [cfg.domain], |
| http: { |
| paths: [ |
| { path: "/", backend: app.service.name_port }, |
| ] |
| }, |
| } |
| ], |
| }, |
| }, |
| } |