Skip to content

Commit 3f20d85

Browse files
commjoencommjoen
authored
Merge pull request #65 from commjoen/fix-docker-volume
Fix docker volume
2 parents dc44cd1 + 009e680 commit 3f20d85

File tree

4 files changed

+19
-52
lines changed

4 files changed

+19
-52
lines changed

aws/build-an-deploy-aws.sh

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -111,4 +111,4 @@ wait
111111
DEFAULT_PASSWORD=thankyou
112112
#TODO: REWRITE ABOVE, REWRITE THE HARDCODED DEPLOYMENT VALS INTO VALUES AND OVERRIDE THEM HERE!
113113
echo "default password is ${DEFAULT_PASSWORD}"
114-
helm upgrade --install mj ../helm/wrongsecrets-ctf-party --set="imagePullPolicy=Always" --set="balancer.env.K8S_ENV=aws" --set"balancer.env.IRSA_ROLE=arn:aws:iam::${ACCOUNT_ID}:role/wrongsecrets-secret-manager" --set="balancer.env.REACT_APP_ACCESS_PASSWORD=${DEFAULT_PASSWORD}" --set="balancer.cookie.cookieParserSecret=thisisanewrandomvaluesowecanworkatit" --set="balancer.repository=jeroenwillemsen/wrongsecrets-balancer" --set="balancer.tag=0.93aws" --set="balancer.replicas=4" --set="wrongsecretsCleanup.repository=jeroenwillemsen/wrongsecrets-ctf-cleaner" --set="wrongsecretsCleanup.tag=0.2"
114+
helm upgrade --install mj ../helm/wrongsecrets-ctf-party --set="imagePullPolicy=Always" --set="balancer.env.K8S_ENV=aws" --set"balancer.env.IRSA_ROLE=arn:aws:iam::${ACCOUNT_ID}:role/wrongsecrets-secret-manager" --set="balancer.env.REACT_APP_ACCESS_PASSWORD=${DEFAULT_PASSWORD}" --set="balancer.cookie.cookieParserSecret=thisisanewrandomvaluesowecanworkatit" --set="balancer.repository=jeroenwillemsen/wrongsecrets-balancer" --set="balancer.tag=0.95aws" --set="balancer.replicas=4" --set="wrongsecretsCleanup.repository=jeroenwillemsen/wrongsecrets-ctf-cleaner" --set="wrongsecretsCleanup.tag=0.2"

helm/wrongsecrets-ctf-party/templates/wrongsecrets-balancer/deployment.yaml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,8 @@ spec:
5858
value: {{ .Values.balancer.env.IRSA_ROLE }} #REPLACE WITH THE ACTUAL AWS ROLE IF IN AWS MODE
5959
- name: WRONGSECRETS_TAG
6060
value: {{ .Values.wrongsecrets.tag}}
61+
- name: WRONGSECRETS_DESKTOP_TAG
62+
value: 1.5.7RC1
6163
- name: SECRETS_MANAGER_SECRET_ID_1
6264
value: {{ .Values.balancer.env.SECRETS_MANAGER_SECRET_ID_1 }}
6365
- name: SECRETS_MANAGER_SECRET_ID_2

helm/wrongsecrets-ctf-party/values.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ balancer:
3535
# -- Set this to a fixed random alpa-numeric string (recommended length 24 chars). If not set this get randomly generated with every helm upgrade, each rotation invalidates all active cookies / sessions requirering users to login again.
3636
cookieParserSecret: null
3737
repository: jeroenwillemsen/wrongsecrets-balancer
38-
tag: 0.93aws
38+
tag: 0.95aws
3939
# -- Number of replicas of the wrongsecrets-balancer deployment
4040
replicas: 1
4141
service:

wrongsecrets-balancer/src/kubernetes.js

Lines changed: 15 additions & 50 deletions
Original file line numberDiff line numberDiff line change
@@ -19,6 +19,7 @@ const awsAccountEnv = process.env.IRSA_ROLE;
1919
const secretsmanagerSecretName1 = process.env.SECRETS_MANAGER_SECRET_ID_1;
2020
const secretsmanagerSecretName2 = process.env.SECRETS_MANAGER_SECRET_ID_2;
2121
const wrongSecretsContainterTag = process.env.WRONGSECRETS_TAG;
22+
const wrongSecretsDekstopTag = process.env.WRONGSECRETS_DESKTOP_TAG;
2223
const heroku_wrongsecret_ctf_url = process.env.REACT_APP_HEROKU_WRONGSECRETS_URL;
2324

2425
const { get } = require('./config');
@@ -1086,26 +1087,20 @@ const createDesktopDeploymentForTeam = async ({ team, passcodeHash }) => {
10861087
},
10871088
spec: {
10881089
serviceAccountName: 'webtop-sa',
1089-
//automountServiceAccountToken: false,
1090-
// securityContext: {
1091-
// runAsUser: 911,
1092-
// runAsGroup: 911,
1093-
// fsGroup: 911,
1094-
// },
10951090
containers: [
10961091
{
10971092
name: 'virtualdesktop',
10981093
//TODO REPLACE HARDCODED BELOW WITH PROPPER GETS: image: `${get('wrongsecrets.image')}:${get('wrongsecrets.tag')}`,
1099-
image: 'jeroenwillemsen/wrongsecrets-desktop:latest',
1094+
image: `jeroenwillemsen/wrongsecrets-desktop-k8s:${wrongSecretsDekstopTag}`,
11001095
imagePullPolicy: get('virtualdesktop.imagePullPolicy'),
11011096
resources: {
11021097
requests: {
1103-
memory: '2G',
1098+
memory: '2.5G',
11041099
cpu: '800m',
11051100
'ephemeral-storage': '4Gi',
11061101
},
11071102
limits: {
1108-
memory: '3G',
1103+
memory: '3.5G',
11091104
cpu: '2000m',
11101105
'ephemeral-storage': '8Gi',
11111106
},
@@ -1123,26 +1118,10 @@ const createDesktopDeploymentForTeam = async ({ team, passcodeHash }) => {
11231118
},
11241119
],
11251120
volumeMounts: [
1126-
// {
1127-
// mountPath: '/config',
1128-
// name: 'ephemeral',
1129-
// },
1130-
// {
1131-
// mountPath: '/defaults',
1132-
// name: 'ephemeral-2',
1133-
// },
1134-
// {
1135-
// mountPath: '/etc',
1136-
// name: 'ephemeral-3',
1137-
// },
1138-
// {
1139-
// mountPath: '/app',
1140-
// name: 'ephemeral-4',
1141-
// },
1142-
// {
1143-
// mountPath: '/run',
1144-
// name: 'ephemeral-5',
1145-
// },
1121+
{
1122+
mountPath: '/config',
1123+
name: 'config-fs',
1124+
},
11461125
],
11471126
readinessProbe: {
11481127
httpGet: {
@@ -1164,27 +1143,13 @@ const createDesktopDeploymentForTeam = async ({ team, passcodeHash }) => {
11641143
},
11651144
],
11661145
volumes: [
1167-
// {
1168-
// name: 'ephemeral',
1169-
// emptyDir: {},
1170-
// sizeLimit: '4Gi',
1171-
// },
1172-
// {
1173-
// name: 'ephemeral-2',
1174-
// emptyDir: {},
1175-
// },
1176-
// {
1177-
// name: 'ephemeral-3',
1178-
// emptyDir: {},
1179-
// },
1180-
// {
1181-
// name: 'ephemeral-4',
1182-
// emptyDir: {},
1183-
// },
1184-
// {
1185-
// name: 'ephemeral-5',
1186-
// emptyDir: {},
1187-
// },
1146+
{
1147+
emptyDir: {
1148+
medium: 'Memory',
1149+
sizeLimit: '128Mi',
1150+
},
1151+
name: 'config-fs',
1152+
},
11881153
],
11891154
tolerations: get('virtualdesktop.tolerations'),
11901155
affinity: get('virtualdesktop.affinity'),

0 commit comments

Comments
 (0)