-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdev-fss.yml
197 lines (188 loc) · 6.13 KB
/
dev-fss.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
apiVersion: "nais.io/v1alpha1"
kind: "Application"
metadata:
name: k9-los-api
namespace: k9saksbehandling
labels:
team: k9saksbehandling
spec:
image: {{ image }}
port: 8020
liveness:
path: health
initialDelay: 20
timeout: 1
periodSeconds: 5
failureThreshold: 10
readiness:
path: isready
initialDelay: 20
timeout: 1
resources:
limits:
memory: "4096Mi"
requests:
cpu: "500m"
memory: "1560Mi"
replicas:
min: 1
max: 1
cpuThresholdPercentage: 90
prometheus:
enabled: true
path: /metrics
observability:
autoInstrumentation:
enabled: true
runtime: java
destinations:
- id: "grafana-lgtm"
- id: "elastic-apm"
vault:
enabled: true
paths:
- mountPath: /var/run/secrets/nais.io/serviceuser
kvPath: /serviceuser/data/dev/srvk9los
- mountPath: /var/run/secrets/nais.io/vault
kvPath: /kv/preprod/fss/k9-los-api/k9saksbehandling
webproxy: true
kafka:
pool: nav-dev
streams: true
azure:
application:
allowAllUsers: true
enabled: true
tenant: trygdeetaten.no
claims:
# Kun de gruppene brukeren er medlem av vil bli lagt til i claims på tokenet.
groups:
# 0000-GA-k9-beslutter
- id: f171716a-aaab-4e76-8869-047abaebb8f5
# 0000-GA-Egne_ansatte
- id: dbe4ad45-320b-4e9a-aaa1-73cca4ee124d
# 0000-GA-Strengt_Fortrolig_Adresse
- id: 5ef775f2-61f8-4283-bf3d-8d03f428aa14
# 0000-GA-Fortrolig_Adresse
- id: ea930b6b-9397-44d9-b9e6-f4cf527a632a
# 0000-GA-k9-overstyrer
- id: 5c7003ff-b3ba-407c-9b58-7fea9bf7cb2e
# 0000-GA-k9-saksbehandler
- id: 93e8903d-5c3f-4cbe-929e-0afeb22dec73
# 0000-GA-k9-veileder
- id: 5bc5cae2-3ef9-4897-9828-766757299de8
# 0000-GA-k9-drift
- id: 0bc9661c-975c-4adb-86d1-a97172490662
# 0000-GA-k9-oppgavestyrer
- id: dfcd9962-1b94-4b6f-bdac-09dcca355be7
extra:
- "NAVident"
accessPolicy:
inbound:
rules:
- application: k9-los-web
namespace: k9saksbehandling
cluster: dev-gcp
- application: k9-swagger
namespace: k9saksbehandling
cluster: dev-gcp
permissions:
scopes:
- "swagger"
- application: k9-sak
namespace: k9saksbehandling
ingresses:
- https://k9-los-api.dev-fss-pub.nais.io
env:
- name: OPPGAVE_BASE_URI
value: https://oppgave.dev.intern.nav.no
- name: DB_URL
value: jdbc:postgresql://b27dbvl028.preprod.local:5432/k9-los
- name: DB_VAULT_MOUNTPATH
value: postgresql/preprod-fss/
- name: PDL_URL
value: https://pdl-api.intern.dev.nav.no/graphql
# Nav applikasjoner
- name: APP_K9SAK_URL
value: https://k9-sak.nais.preprod.local/k9/sak/api
- name: APP_K9SAK_FRONTEND_URL
value: https://k9.dev.intern.nav.no/k9/web
- name: APP_K9PUNSJ_FRONTEND_URL
value: https://k9-punsj-frontend.intern.dev.nav.no
# Kafka
- name: BOOTSTRAP_SERVERS
value: b27apvl00045.preprod.local:8443,b27apvl00046.preprod.local:8443,b27apvl00047.preprod.local:8443
- name: KAFKA_AKSJONSPUNKTHENDELSE_TOPIC
value: k9saksbehandling.k9sak-aksjonspunkthendelse
- name: KAFKA_KLAGE_TIL_LOS_TOPIC
value: k9saksbehandling.oppgavemeldinger-klage-til-los
- name: KAFKA_PUNSJAKSJONSPUNKTHENDELSE_TOPIC
value: k9saksbehandling.punsj-aksjonspunkthendelse-v1
- name: KAFKA_AKSJONSPUNKTHENDELSE_TILBAKE_TOPIC
value: k9saksbehandling.tilbakekreving-hendelse-los
- name: KAFKA_SAKOGBEHANDLING_TOPIC
value: personoversikt.modia-soknadsstatus-hendelse
- name: KAFKA_AAPEN_STATISTIKK_SAK_TOPIC
value: k9saksbehandling.aapen-k9statistikk-sak-v2
- name: KAFKA_AAPEN_STATISTIKK_BEHANDLING_TOPIC
value: k9saksbehandling.aapen-k9statistikk-behandling-v2
- name: KAFKA_K9SAK_TOPIC
value: k9saksbehandling.privat-k9-produksjonsstyring-sak-v1
- name: KAFKA_K9PUNSJ_TOPIC
value: k9saksbehandling.privat-k9-produksjonsstyring-punsj-v1
# opentelemetry
- name: "OTEL_RESOURCE_ATTRIBUTES"
value: "service.name=k9-los-api,service.namespace=k9saksbehandling,deployment.environment=q,nais.backend=elastic-apm;grafana-lgtm"
# ABAC
- name: ABAC_PDP_ENDPOINT_URL
value: http://abac-k9.k9saksbehandling.svc.nais.local/application/authorize
# Audit logging
- name: AUDITLOGGER_ENABLED
value: "true"
- name: AUDITLOGGER_VENDOR
value: "k9"
- name: AUDITLOGGER_PRODUCT
value: "k9-los-api"
# Gruppenavn for roller fra Active Directory
# 0000-GA-k9-beslutter
- name: BRUKER_GRUPPE_ID_BESLUTTER
value: f171716a-aaab-4e76-8869-047abaebb8f5
# 0000-GA-Egne_ansatte
- name: BRUKER_GRUPPE_ID_EGENANSATT
value: dbe4ad45-320b-4e9a-aaa1-73cca4ee124d
# 0000-GA-Strengt_Fortrolig_Adresse
- name: BRUKER_GRUPPE_ID_KODE6
value: 5ef775f2-61f8-4283-bf3d-8d03f428aa14
# 0000-GA-Fortrolig_Adresse
- name: BRUKER_GRUPPE_ID_KODE7
value: ea930b6b-9397-44d9-b9e6-f4cf527a632a
# 0000-GA-k9-overstyrer
- name: BRUKER_GRUPPE_ID_OVERSTYRER
value: 5c7003ff-b3ba-407c-9b58-7fea9bf7cb2e
# 0000-GA-k9-saksbehandler
- name: BRUKER_GRUPPE_ID_SAKSBEHANDLER
value: 93e8903d-5c3f-4cbe-929e-0afeb22dec73
# 0000-GA-k9-veileder
- name: BRUKER_GRUPPE_ID_VEILEDER
value: 5bc5cae2-3ef9-4897-9828-766757299de8
# 0000-GA-k9-drift
- name: BRUKER_GRUPPE_ID_DRIFT
value: 0bc9661c-975c-4adb-86d1-a97172490662
# 0000-GA-k9-oppgavestyrer
- name: BRUKER_GRUPPE_ID_OPPGAVESTYRER
value: dfcd9962-1b94-4b6f-bdac-09dcca355be7
# feature toggles
- name: NY_OPPGAVESTYRING
value: "true"
- name: NY_OPPGAVESTYRING_DVH_SENDING
value: "false"
- name: NY_OPPGAVESTYRING_REST_API
value: "true"
- name: K9SAK_CONSUMER_AIVEN
value: "true"
- name: PUNSJ_CONSUMER_AIVEN
value: "true"
- name: TILBAKE_CONSUMER_AIVEN
value: "true"
- name: NOKKELTALL_ENHETER
value: "2970 NAV IKT DRIFT"