# Copyright 2021 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: iap-test annotations: kubernetes.io/ingress.global-static-ip-name: iap-test networking.gke.io/managed-certificates: iap-test kubernetes.io/ingress.class: "gce" spec: rules: - http: paths: - path: / pathType: Prefix backend: service: name: whereami port: number: 80 --- apiVersion: networking.gke.io/v1 kind: ManagedCertificate metadata: name: iap-test spec: domains: - $DOMAIN --- apiVersion: cloud.google.com/v1 kind: BackendConfig metadata: name: iap-test spec: iap: enabled: true oauthclientCredentials: secretName: iap-test --- apiVersion: v1 kind: Service metadata: name: whereami annotations: cloud.google.com/neg: '{"ingress": true}' beta.cloud.google.com/backend-config: '{"default": "iap-test"}' spec: type: ClusterIP selector: app: whereami ports: - port: 80 protocol: TCP targetPort: 8080 --- apiVersion: apps/v1 kind: Deployment metadata: name: whereami spec: replicas: 3 selector: matchLabels: app: whereami template: metadata: labels: app: whereami spec: containers: - name: whereami image: us-docker.pkg.dev/google-samples/containers/gke/whereami:v1.2.20 ports: - name: http containerPort: 8080 env: - name: ECHO_HEADERS value: 'True' readinessProbe: httpGet: path: /healthz port: 8080 scheme: HTTP initialDelaySeconds: 5 timeoutSeconds: 1