function (slug) {
local namespace = slug + "-rego-dev",
local app = "symposion-app-" + slug,
local namespace = "rego-dev",
local domain = slug + ".dev.lca2019.org",
local tls_certname = slug + "-dev-lca2019-org",
local tls_secret = tls_certname + "-tls",
"apiVersion": "v1",
"items": [
"deployment.json":
{
"kind": "Namespace",
"metadata": {
"name": namespace,
"namespace": "",
},
"spec": {
"finalizers": [
"kubernetes"
]
}
"apiVersion": "certmanager.k8s.io/v1alpha1",
"kind": "Certificate",
"name": tls_certname,
"namespace": namespace
"acme": {
"config": [
"domains": [
domain
],
"http01": {
"ingress": "",
"ingressClass": "nginx"
"kind": "Service",
"labels": {
"app": "symposion-app"
"name": app,
"ports": [
"port": 8000,
"protocol": "TCP",
"targetPort": 8000
"commonName": domain,
"issuerRef": {
"kind": "ClusterIssuer",
"name": "letsencrypt-prod"
"secretName": tls_secret
"apiVersion": "extensions/v1beta1",
"kind": "Ingress",
"name": "symposion-app-ingress",
"backend": {
"serviceName": "symposion-app",
"servicePort": 80
"rules": [
"host": domain,
"http": {
"paths": [
"servicePort": 8000
"path": "/"
"tls": [
"hosts": [
"name": "symposion-app",
"selector": {
"sessionAffinity": "None",
"type": "ClusterIP"
"kind": "Deployment",
"replicas": 1,
"revisionHistoryLimit": 1,
"matchLabels": {
"strategy": {
"rollingUpdate": {
"maxSurge": 1,
"maxUnavailable": 1
"type": "RollingUpdate"
"template": {
"containers": [
"env": [
"name": "SYMPOSION_APP_DEBUG",
"value": "1"
"name": "DJANGO_SECRET_KEY",
"value": "paGhahQuain5ohYoh0moorai"
"name": "DATABASE_URL",
"value": "sqlite:////tmp/symposion.sqlite"
"name": "GCS_BUCKET",
"value": "CEA51A5-A613-4AEF-A9FB-D0A57D77C13B"
"name": "GOOGLE_APPLICATION_CREDENTIALS",
"value": "/dev/null"
"name": "STRIPE_PUBLIC_KEY",
"value": "5CEA51A5-A613-4AEF-A9FB-D0A57D77C13B"
"name": "STRIPE_SECRET_KEY",
"image": "asia.gcr.io/linuxconfsydney/symposion_app_2019_dev:" + slug,
"imagePullPolicy": "Always",
"livenessProbe": {
"failureThreshold": 3,
"httpGet": {
"path": "/admin/login/",
"scheme": "HTTP"
"initialDelaySeconds": 120,
"periodSeconds": 10,
"successThreshold": 1,
"timeoutSeconds": 2
"containerPort": 8000,
"protocol": "TCP"
"resources": {},
"terminationMessagePath": "/dev/termination-log",
"terminationMessagePolicy": "File"
"dnsPolicy": "ClusterFirst",
"restartPolicy": "Always",
"schedulerName": "default-scheduler",
"securityContext": {},
"terminationGracePeriodSeconds": 30
"terminationGracePeriodSeconds": 30,
"volumes": [
"kind": "List"
"ingress-patch.json": [
"op": "add",
"path": "/spec/rules/-",
"value": {
"hostPath": {
"path": "/etc/ssl/certs",
"type": ""
"serviceName": app,
"name": "ssl-certs"
"path": "/spec/tls/0/hosts/-",
"value": domain