updated k8s for base kustomization

k8s/backend-deployment.yaml

@@ -2,7 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: backend-app-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   replicas: 1
   selector:
@@ -58,11 +58,12 @@ apiVersion: v1
 kind: Service
 metadata:
   name: backend-app-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   type: ClusterIP
   selector:
     app: backend-datasiswa
   ports:
     - port: 5000
-      targetPort: 5000      
+      targetPort: 5000    
+      

k8s/config-map.yaml

@@ -2,7 +2,8 @@ apiVersion: v1
 kind: ConfigMap
 metadata:
   name: backend-config-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 data:
   DB_HOST: "mysql-app-syifa"
-  DB_NAME: "datasiswa"
+  DB_NAME: "datasiswa"
+  

k8s/frontend-deployment.yaml

@@ -2,7 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: frontend-app-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   replicas: 1
   selector:
@@ -56,7 +56,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: frontend-app-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   type: NodePort
   selector:
@@ -64,5 +64,6 @@ spec:
   ports:
     - port: 3000
       targetPort: 3000
-      nodePort: 30068
+      nodePort: 30067
-      protocol: TCP    
+      protocol: TCP
+      

k8s/kustomization.yaml

@@ -1,6 +1,8 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
+namespace: intern-workspace
+
 resources:
   - backend-deployment.yaml
   - frontend-deployment.yaml

k8s/mysql-deployment.yaml

@@ -2,7 +2,7 @@ apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: mysql-pvc-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   accessModes:
     - ReadWriteOnce
@@ -15,7 +15,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: mysql-app-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   replicas: 1
   selector:
@@ -64,11 +64,12 @@ apiVersion: v1
 kind: Service
 metadata:
   name: mysql-app-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   type: ClusterIP
   selector:
     app: mysql-datasiswa
   ports:
     - port: 3306
-      targetPort: 3306
+      targetPort: 3306
+      

k8s/network-policy.yaml

@@ -2,7 +2,7 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
   name: allow-frontend-to-backend
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   podSelector:
     matchLabels:
@@ -22,7 +22,7 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
   name: allow-backend-to-mysql
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   podSelector:
     matchLabels:
@@ -51,7 +51,7 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
   name: allow-backend-egress
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   podSelector:
     matchLabels:
@@ -78,7 +78,7 @@ apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
   name: allow-frontend-egress
-  #namespace: intern-workspace
+  namespace: intern-workspace
 spec:
   podSelector:
     matchLabels:
@@ -99,4 +99,6 @@ spec:
         - namespaceSelector: {}
       ports:
         - protocol: UDP
-          port: 53   
+          port: 53
+
+          

k8s/rbac.yaml

@@ -5,13 +5,13 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: frontend-sa-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   name: frontend-role-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 rules:
   # Frontend boleh baca Service (buat resolve endpoint backend)
   - apiGroups: [""]
@@ -22,11 +22,11 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   name: frontend-rolebinding-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 subjects:
   - kind: ServiceAccount
     name: frontend-sa-syifa
-    #namespace: intern-workspace
+    namespace: intern-workspace
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
@@ -40,13 +40,13 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: backend-sa-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   name: backend-role-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 rules:
   # Backend boleh baca ConfigMap dan Secret (buat env)
   - apiGroups: [""]
@@ -61,11 +61,11 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   name: backend-rolebinding-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 subjects:
   - kind: ServiceAccount
     name: backend-sa-syifa
-    #namespace: intern-workspace
+    namespace: intern-workspace
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
@@ -79,13 +79,13 @@ apiVersion: v1
 kind: ServiceAccount
 metadata:
   name: mysql-sa-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: Role
 metadata:
   name: mysql-role-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 rules:
   - apiGroups: [""]
     resources: ["configmaps", "secrets"]
@@ -95,12 +95,13 @@ apiVersion: rbac.authorization.k8s.io/v1
 kind: RoleBinding
 metadata:
   name: mysql-rolebinding-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 subjects:
   - kind: ServiceAccount
     name: mysql-sa-syifa
-    #namespace: intern-workspace
+    namespace: intern-workspace
 roleRef:
   apiGroup: rbac.authorization.k8s.io
   kind: Role
-  name: mysql-role-syifa
+  name: mysql-role-syifa
+  

k8s/secret.yaml

@@ -2,8 +2,9 @@ apiVersion: v1
 kind: Secret
 metadata:
   name: backend-secret-syifa
-  #namespace: intern-workspace
+  namespace: intern-workspace
 type: Opaque
 data:
   DB_USER: cm9vdA==          # hasil base64 dari "root"
-  DB_PASSWORD: ""             # kosong, tetap valid
+  DB_PASSWORD: ""             # kosong, tetap valid
+  

overlays/dev/kustomization.yaml

@@ -1,14 +1,18 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
-namePrefix: dev-
+# Referensi ke base
-
-labels:
-  - pairs:
-      environment: dev
-
 resources:
   - ../../k8s
 
+# Namespace & prefix untuk semua resource
+namespace: intern-workspace
+namePrefix: dev-
+
+# Label tambahan untuk menandai environment
+commonLabels:
+  environment: dev
+
+# Gabungkan patch deployment kamu
 patchesStrategicMerge:
-  - patch-deployment.yaml
+  - patch-deployment.yaml

overlays/dev/patch-deployment.yaml

@@ -1,42 +1,29 @@
 # ==========================
-# PATCH DEPLOYMENT BACKEND
+# BACKEND PATCH
 # ==========================
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: backend-app-syifa
 spec:
+  replicas: 1
   template:
     spec:
       containers:
         - name: backend
-          image: docker.io/syifamaulidya/backend-app:23
+          image: docker.io/syifamaulidya/backend-app:13 # <-- Jenkins nanti ganti otomatis ke vX
-          env:
-            - name: DB_HOST
-              value: "dev-mysql-app-syifa"
-            - name: DB_NAME
-              value: "datasiswa"
-          envFrom:
-            - configMapRef:
-                name: dev-backend-config-syifa
-            - secretRef:
-                name: dev-backend-secret-syifa
-
 ---
-
 # ==========================
-# PATCH DEPLOYMENT FRONTEND
+# FRONTEND PATCH
 # ==========================
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: frontend-app-syifa
 spec:
+  replicas: 1
   template:
     spec:
       containers:
         - name: frontend
-          image: docker.io/syifamaulidya/frontend-app:23
+          image: docker.io/syifamaulidya/frontend-app:13 # <-- Jenkins juga ganti otomatis
-          env:
-            - name: REACT_APP_API_URL
-              value: "http://dev-backend-app-syifa:5000/api/auth/login"

overlays/production/kustomization.yaml

@@ -0,0 +1,13 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../k8s
+
+namespace: intern-workspace
+namePrefix: prod-
+commonLabels:
+  environment: production
+
+patchesStrategicMerge:
+  - patch-deployment.yaml

overlays/production/patch-deployment.yaml

@@ -0,0 +1,29 @@
+# ==========================
+# BACKEND PATCH
+# ==========================
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: backend-app-syifa
+spec:
+  replicas: 3
+  template:
+    spec:
+      containers:
+        - name: backend
+          image: docker.io/syifamaulidya/backend-app:11 # <-- Jenkins nanti ganti otomatis ke vX
+---
+# ==========================
+# FRONTEND PATCH
+# ==========================
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: frontend-app-syifa
+spec:
+  replicas: 3
+  template:
+    spec:
+      containers:
+        - name: frontend
+          image: docker.io/syifamaulidya/frontend-app:11 # <-- Jenkins juga ganti otomatis

overlays/staging/kustomization.yaml

@@ -0,0 +1,13 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+
+resources:
+  - ../../k8s
+
+namespace: intern-workspace
+namePrefix: staging-
+commonLabels:
+  environment: staging
+
+patchesStrategicMerge:
+  - patch-deployment.yaml

overlays/staging/patch-deployment.yaml

@@ -0,0 +1,29 @@
+# ==========================
+# BACKEND PATCH
+# ==========================
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: backend-app-syifa
+spec:
+  replicas: 2
+  template:
+    spec:
+      containers:
+        - name: backend
+          image: docker.io/syifamaulidya/backend-app:10 # <-- Jenkins nanti ganti otomatis ke vX
+---
+# ==========================
+# FRONTEND PATCH
+# ==========================
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: frontend-app-syifa
+spec:
+  replicas: 2
+  template:
+    spec:
+      containers:
+        - name: frontend
+          image: docker.io/syifamaulidya/frontend-app:10 # <-- Jenkins juga ganti otomatis