diff --git a/.github/workflows/deploy-alerts.yaml b/.github/workflows/deploy-alerts.yaml index be5b928a1..f41dfe982 100644 --- a/.github/workflows/deploy-alerts.yaml +++ b/.github/workflows/deploy-alerts.yaml @@ -43,13 +43,13 @@ jobs: - name: Deploy to dev uses: nais/deploy/actions/deploy@v1 env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} + APIKEY: ${{ secrets.NAIS_ORG_DEPLOY_APIKEY }} CLUSTER: dev-gcp RESOURCE: apps/frackend/nais/alerts-frackend-dev-gcp.yaml - name: Deploy to prod uses: nais/deploy/actions/deploy@v1 env: - APIKEY: ${{ secrets.NAIS_DEPLOY_APIKEY }} + APIKEY: ${{ secrets.NAIS_ORG_DEPLOY_APIKEY }} CLUSTER: prod-gcp RESOURCE: apps/frackend/nais/alerts-frackend-prod-gcp.yaml \ No newline at end of file diff --git a/apps/backend/nais/alerts-backend-dev-fss.yaml b/apps/backend/nais/alerts-backend-dev-fss.yaml deleted file mode 100644 index a7bc026ee..000000000 --- a/apps/backend/nais/alerts-backend-dev-fss.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: "monitoring.coreos.com/v1" -kind: "PrometheusRule" -metadata: - name: team-catalog-backend-alerts - namespace: nom - labels: - team: nom -spec: - groups: - - name: team-catalog-backend_down - rules: - - alert: team-catalog-backend pod nede - expr: kube_deployment_status_replicas_unavailable{deployment="team-catalog-backend"} > 0 - for: 3m - annotations: - action: "`kubectl describe pod {{ $labels.pod }}` for events, og `kubectl logs {{ $labels.pod }} -c {{ $labels.app }}` for logger" - summary: "{{ $labels.app }} er nede" - labels: - namespace: nom - severity: critical - - name: team-catalog-backend_high_failrate - rules: - - alert: team-catalog-backend høy feilrate i logger - expr: (100 * sum by (app, namespace) (rate(log_messages_errors{app="team-catalog-backend",namespace="nom"}[3m])) / sum by (app, namespace) (rate(log_messages_total{app="team-catalog-backend",namespace="nom"}[3m]))) > 10 - for: 3m - annotations: - action: "Sjekk loggene til app {{ $labels.app }}, for å se hvorfor det er så mye feil" - labels: - namespace: nom - severity: warning \ No newline at end of file diff --git a/apps/backend/nais/alerts-backend-prod-fss.yaml b/apps/backend/nais/alerts-backend-prod-fss.yaml deleted file mode 100644 index cee485bc1..000000000 --- a/apps/backend/nais/alerts-backend-prod-fss.yaml +++ /dev/null @@ -1,30 +0,0 @@ -apiVersion: "monitoring.coreos.com/v1" -kind: "PrometheusRule" -metadata: - name: team-catalog-backend-alerts - namespace: nom - labels: - team: nom -spec: - groups: - - name: team-catalog-backend_down - rules: - - alert: team-catalog-backend applikasjon nede - expr: up{app="team-catalog-backend", job="kubernetes-pods"} == 0 - for: 3m - annotations: - action: "`kubectl describe pod {{ $labels.pod }}` for events, og `kubectl logs {{ $labels.pod }} -c {{ $labels.app }}` for logger" - summary: "{{ $labels.app }} er nede" - labels: - namespace: nom - severity: critical - - name: team-catalog-backend_high_failrate - rules: - - alert: team-catalog-backend høy feilrate i logger - expr: (100 * sum by (app, namespace) (rate(log_messages_errors{app="team-catalog-backend",namespace="nom"}[3m])) / sum by (app, namespace) (rate(log_messages_total{app="team-catalog-backend",namespace="nom"}[3m]))) > 10 - for: 3m - annotations: - action: "Sjekk loggene til app {{ $labels.app }}, for å se hvorfor det er så mye feil" - labels: - namespace: nom - severity: warning \ No newline at end of file diff --git a/apps/backend/nais/backend-dev-fss-vars.yaml b/apps/backend/nais/backend-dev-fss-vars.yaml deleted file mode 100644 index 2c45ae4d4..000000000 --- a/apps/backend/nais/backend-dev-fss-vars.yaml +++ /dev/null @@ -1,68 +0,0 @@ -name: team-catalog-backend -ingresses: - - https://teamkatalog-api.nais.preprod.local - - https://teamkatalog-api.dev.adeo.no - - https://teamkatalog-api.dev-fss-pub.nais.io - - https://teamkatalog-api.dev.intern.nav.no -replies: - - https://teamkatalog.nais.preprod.local/oauth2/callback - - https://teamkatalog.dev.adeo.no/oauth2/callback - - https://teamkatalog.ekstern.dev.nav.no/oauth2/callback - - https://teamkatalog-api.nais.preprod.local/oauth2/callback - - https://teamkatalog-api.dev.adeo.no/oauth2/callback - - http://localhost:8080/oauth2/callback - - http://localhost:3000/oauth2/callback -accessPolicy: - inbound: - rules: - - application: team-catalog-frackend - namespace: org - cluster: dev-gcp - - application: nom-ui2 - namespace: org - cluster: dev-gcp - - application: org-token-tool - namespace: org - cluster: dev-gcp - - application: behandlingskatalog-backend - namespace: teamdatajegerne - cluster: dev-gcp - outbound: - rules: - - application: nom-api - namespace: nom - cluster: dev-gcp - -vaultSrvPath: /serviceuser/data/dev/srvteamcat -kafka-pool: nav-dev - -# confluence -readGroup: ceab8bf0-0771-4478-bc39-186629b8cc2b -# teamcatadmin -adminGroup: eedc0f72-585e-4814-94f4-25b43d9c8d1b - -env: - - name: TEAM_CATALOG_ENVLEVEL - value: primary - - name: ENVIRONMENT_CLASS - value: preprod - - name: DEFAULT_PRODUCTAREA_UUID - value: "c5557f01-35c1-43fa-a0b4-2c35c50a9905" - - name: SPRING_DATASOURCE_URL - value: "jdbc:postgresql://b27dbvl009.preprod.local:5432/team-catalog" - - name: TEAM_CATALOG_SECURITY_REDIRECT_URIS - value: "https://teamkatalog.dev.adeo.no,http://localhost:3000,https://teamkatalog.nais.preprod.local,https://teamkatalog-api.dev.adeo.no" - - name: CLIENT_TEAM_NORA_URL - value: "https://nora.nais.adeo.no/api/v1" - - name: CLIENT_PROCESS_CAT_BASE_URL - value: "https://behandlingskatalog-backend.intern.dev.nav.no" - - name: CLIENT_NOM_GRAPHQL_URL - value: "https://nom-api.intern.dev.nav.no/graphql" - - name: AZURE_CLIENT_GROUPS - value: "ceab8bf0-0771-4478-bc39-186629b8cc2b" - - name: AZURE_CLIENT_GROUPS_ADMIN - value: "eedc0f72-585e-4814-94f4-25b43d9c8d1b" - - name: AZURE_APP_MAIL_USER - value: "teamkatalog@nav.no" - - name: DEV_EMAIL_ALLOW_LIST - value: "andreas.skomedal@nav.no" diff --git a/apps/backend/nais/backend-fss.yaml b/apps/backend/nais/backend-fss.yaml deleted file mode 100644 index 0ed7dcd32..000000000 --- a/apps/backend/nais/backend-fss.yaml +++ /dev/null @@ -1,83 +0,0 @@ -apiVersion: "nais.io/v1alpha1" -kind: "Application" -metadata: - name: {{name}} - namespace: nom - labels: - team: nom -spec: - image: {{image}} - port: 8080 - azure: - application: - enabled: true - allowAllUsers: true - claims: - extra: - - NAVident - groups: - - id: {{adminGroup}} - replyURLs: - {{#each replies as |url|}} - - {{url}} - {{/each}} - accessPolicy: - inbound: - rules: - {{#each accessPolicy.inbound.rules}} - - application: {{this.application}} - namespace: {{this.namespace}} - cluster: {{this.cluster}} - {{/each}} - outbound: - rules: - {{#each accessPolicy.outbound.rules}} - - application: {{this.application}} - namespace: {{this.namespace}} - cluster: {{this.cluster}} - {{/each}} - ingresses: - {{#each ingresses as |url|}} - - {{url}} - {{/each}} - replicas: - min: 2 - max: 2 - cpuThresholdPercentage: 50 - resources: - limits: - cpu: 1000m - memory: 2048Mi - requests: - memory: 1024Mi - liveness: - path: internal/isAlive - initialDelay: 10 - periodSeconds: 5 - failureThreshold: 30 - readiness: - path: internal/isReady - initialDelay: 10 - periodSeconds: 5 - failureThreshold: 30 - kafka: - pool: {{kafka-pool}} - vault: - enabled: true - paths: - - mountPath: /var/run/secrets/nais.io/srv - kvPath: {{vaultSrvPath}} - prometheus: - enabled: true - path: /internal/prometheus - webproxy: true - envFrom: - - secret: teamcat-enckey - - secret: teamcat-mail-pwd - - secret: teamcat-slack-token - - secret: teamcat-nais-console-token - env: - {{#each env}} - - name: {{this.name}} - value: {{this.value}} - {{/each}} diff --git a/apps/backend/nais/backend-prod-fss-vars.yaml b/apps/backend/nais/backend-prod-fss-vars.yaml deleted file mode 100644 index ddad49769..000000000 --- a/apps/backend/nais/backend-prod-fss-vars.yaml +++ /dev/null @@ -1,63 +0,0 @@ -name: team-catalog-backend -ingresses: - - https://teamkatalog-api.nais.adeo.no - - https://teamkatalog-api.prod-fss-pub.nais.io - - https://teamkatalog-api.intern.nav.no -replies: - - https://teamkatalog.nais.adeo.no/oauth2/callback - - https://teamkatalog.nav.no/oauth2/callback - - https://teamkatalog.intern.nav.no/oauth2/callback - -accessPolicy: - inbound: - rules: - - application: team-catalog-frackend - namespace: org - cluster: prod-gcp - - application: nom-ui2 - namespace: org - cluster: prod-gcp - - application: org-token-tool - namespace: org - cluster: prod-gcp - - application: behandlingskatalog-backend - namespace: teamdatajegerne - cluster: prod-gcp - outbound: - rules: - - application: nom-api - namespace: nom - cluster: prod-gcp - -vaultSrvPath: /serviceuser/data/prod/srvteamcat - -kafka-pool: nav-prod - -# confluence -readGroup: 2ee0ef50-718c-43d3-8c05-c839f2dc2490 -# nom -adminGroup: eb3dd903-42c9-4337-b8df-618a45da47cd - -env: - - name: TEAM_CATALOG_ENVLEVEL - value: primary - - name: ENVIRONMENT_CLASS - value: prod - - name: DEFAULT_PRODUCTAREA_UUID - value: "eeb5dc96-3a6f-4d21-9248-2cb7acedd57b" - - name: SPRING_DATASOURCE_URL - value: "jdbc:postgresql://A01DBVL009.adeo.no:5432/team-catalog" - - name: TEAM_CATALOG_SECURITY_REDIRECT_URIS - value: "https://teamkatalog.nais.adeo.no,https://teamkatalog.nav.no,https://teamkatalog.intern.nav.no" - - name: CLIENT_TEAM_NORA_URL - value: "https://nora.nais.adeo.no/api/v1" - - name: CLIENT_PROCESS_CAT_BASE_URL - value: "https://behandlingskatalog-backend.intern.nav.no" - - name: CLIENT_NOM_GRAPHQL_URL - value: "https://nom-api.intern.nav.no/graphql" - - name: AZURE_CLIENT_GROUPS - value: "2ee0ef50-718c-43d3-8c05-c839f2dc2490" - - name: AZURE_CLIENT_GROUPS_ADMIN - value: "eb3dd903-42c9-4337-b8df-618a45da47cd" - - name: AZURE_APP_MAIL_USER - value: "teamkatalog@nav.no" diff --git a/apps/frackend/nais/alerts-frackend-dev-gcp.yaml b/apps/frackend/nais/alerts-frackend-dev-gcp.yaml index 7f4133a41..65637304c 100644 --- a/apps/frackend/nais/alerts-frackend-dev-gcp.yaml +++ b/apps/frackend/nais/alerts-frackend-dev-gcp.yaml @@ -2,9 +2,9 @@ apiVersion: "monitoring.coreos.com/v1" kind: "PrometheusRule" metadata: name: team-catalog-frackend-alerts - namespace: nom + namespace: org labels: - team: nom + team: org spec: groups: - name: team-catalog-frackend_down @@ -16,7 +16,7 @@ spec: action: "`kubectl describe pod {{ $labels.pod }}` for events, og `kubectl logs {{ $labels.pod }} -c {{ $labels.app }}` for logger" summary: "{{ $labels.app }} er nede" labels: - namespace: nom + namespace: org severity: critical - name: team-catalog-frackend_high_failrate rules: @@ -26,5 +26,5 @@ spec: annotations: action: "Sjekk loggene til app {{ $labels.app }}, for å se hvorfor det er så mye feil" labels: - namespace: nom + namespace: org severity: warning \ No newline at end of file diff --git a/apps/frackend/nais/alerts-frackend-prod-gcp.yaml b/apps/frackend/nais/alerts-frackend-prod-gcp.yaml index b4e7f2777..585694693 100644 --- a/apps/frackend/nais/alerts-frackend-prod-gcp.yaml +++ b/apps/frackend/nais/alerts-frackend-prod-gcp.yaml @@ -2,9 +2,9 @@ apiVersion: "monitoring.coreos.com/v1" kind: "PrometheusRule" metadata: name: team-catalog-frackend-alerts - namespace: nom + namespace: org labels: - team: nom + team: org spec: groups: - name: team-catalog-frackend_down @@ -16,7 +16,7 @@ spec: action: "`kubectl describe pod {{ $labels.pod }}` for events, og `kubectl logs {{ $labels.pod }} -c {{ $labels.app }}` for logger" summary: "{{ $labels.app }} er nede" labels: - namespace: nom + namespace: org severity: critical - name: team-catalog-frackend_high_failrate rules: @@ -26,5 +26,5 @@ spec: annotations: action: "Sjekk loggene til app {{ $labels.app }}, for å se hvorfor det er så mye feil" labels: - namespace: nom + namespace: org severity: warning \ No newline at end of file