-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathservice_spec.yml
106 lines (92 loc) · 3.75 KB
/
service_spec.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
# Latest service_spec.yml file can be obtained from https://git.corp.adobe.com/adobe-platform/service-spec/blob/master/spec.yaml
service_name: screenshot-app
# Atlas Service Code
service_code: null
# Specify the owner of the service. Required for CCF compliance.
adobe_owner: CTAGIN
# Possible values are: Public, Internal, Confidential, Restricted.
data_classification: [Internal, Confidential]
#How to obtain correct cost center for your service: https://wiki.corp.adobe.com/display/ethos/OrCA+-+Cost+Center
adobe_cost_centers:
# Mandatory if Dev or Stage environment is present
# ADUS cost center is required in case of opex (Operational Expense)
opex:
# ADUS cost center (US-based)
adus: 103700
# Mandatory if Prod environment is present.
# Both ADUS and ADIR cost centers are required in case of cogs (Cost of Goods Sold)
cogs:
# ADUS cost center (US-based)
adus: 103700
# ADIR cost center (Ireland-based)
adir: 5400001
alerts:
# Used to send the notification mails to the given list of IDs.
# Accepts an array of email IDs.
# At least one email ID is mandatory. Required for CCF compliance.
emails: [[email protected]]
# Mandatory
# List of teams and their associated roles.
# There should be at least one item in this array.
# Only pre-defined roles can be used. The pre-defined roles are:
# 1. ethos_deployments_admin - Grants admin permissions on Moonbeam and Flight Director.
# 2. ethos_deployments_deployer - Grants deploy permissions on Moonbeam and Flight Director.
# At least one team should have 'ethos_deployments_admin' role.
# The person onboarding or re-onboarding the service should be part of atleast one team with 'ethos_deployments_admin' role.
# 'Mandatory' for new services getting onboarded.
# 'Optional' for existing services getting re-onboarded, for backward compatibility reasons.
team_access_control:
-
# Mandatory
# Name of one of Github teams attached with this repository.
name: admin-team
# Mandatory
# Array of roles. Allowed value are one or more of the pre-defined roles mentioned above.
roles: [ethos_deployments_admin]
-
name: deploy-team
# Default value for role is 'ethos_deployments_deployer'.
# roles: [ethos_deployments_deployer]
secret_providers:
# Mandatory.
# Name of the secret server provider.
# Currently thycotic or cst_vault is supported.
- name: cst_vault
images:
- id: wfhkcbot-img
containers:
- id: wfhkcbot
image_id: wfhkcbot-img
# Allowed values: DB, Cache, Worker, Router, AppServer, WebServer, DockerHost, LB, other (in case the none of listed values applies).
class: AppServer
# See https://git.corp.adobe.com/adobe-platform/service-spec/blob/60b4cca08bacb91657c20761939716b93f361a9a/spec.yaml#L141
arch_path: opsengg.botarmy.wfhkcbot
environments:
## TIER: STAGE
- name: Stage8
cluster_type: STAGE
cluster_rbac_ldap:
read:
- GRP-SLMCP
rollback_on_failure: true
containers:
- id: wfhkcbot
topology: inet
inet_port: 8080
health_check:
path: /ping
cpus: 1
mem: 512
instances: 1
# By default, Glider creates services that are only accessible via Adobe egress IPs.
# If you wish to change this behavior, see https://git.corp.adobe.com/adobe-platform/service-spec/blob/f7d7969177b9eddad9b7bc991f4fbbab506b5fd8/spec.yaml#L341-L352
access_level: public
dns:
prefix: wfhkcbot-{{ENV}}-{{REGION}}
regions:
- name: va7
containers:
- id: wfhkcbot
service_account_attributes:
cloud_type: AZURE
identity_id: "/subscriptions/6a29e05c-7b26-4a25-8eff-ff18ff1b91f4/resourceGroups/BotArmy/providers/Microsoft.ManagedIdentity/userAssignedIdentities/wfhkcbot"