---
apiVersion: v1
kind: ServiceAccount
metadata:
  annotations:
    eks.amazonaws.com/role-arn: "{{PETSITE_SA_ROLE}}"
  name: pethistory-sa
  namespace: default
---
apiVersion: v1
kind: Service
metadata:
  name: pethistory-service
  namespace: default
spec:
  ports:
  - port: 8080
    nodePort: 30303
    targetPort: 8080
    protocol: TCP
  type: NodePort
  selector:
    app: pethistory
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: pethistory-deployment
  namespace: default
spec:
  selector:
    matchLabels:
      app: pethistory
  replicas: 1
  template:
    metadata:
      labels:
        app: pethistory
    spec:
      serviceAccountName: pethistory-sa
      containers:
      - image: "{{ECR_IMAGE_URL}}"
        imagePullPolicy: Always
        name: pethistory
        ports:
        - containerPort: 8080
          protocol: TCP
        env:
        - name: AWS_XRAY_DAEMON_ADDRESS
          value: xray-service.default:2000
        - name: AWS_REGION
          value: "{{AWS_REGION}}"
        - name: OTEL_OTLP_ENDPOINT
          value: "localhost:4317"
        - name: OTEL_RESOURCE
          value: ClusterName={{CLUSTER_NAME}}
        - name: OTEL_RESOURCE_ATTRIBUTES
          value: "service.namespace=AWSObservability,service.name=PetAdoptionsHistory"
        - name: S3_REGION
          value: "{{AWS_REGION}}"
        - name: OTEL_METRICS_EXPORTER
          value: "otlp"
        livenessProbe:
          httpGet:
            path: /health/status
            port: 8080
          initialDelaySeconds: 3
          periodSeconds: 3
      - name: aws-otel-collector
        image: amazon/aws-otel-collector:latest
        args: ["--config=/etc/otel-config/otel-config.yaml"]
        env:
        - name: AWS_REGION
          value: "{{AWS_REGION}}"
        imagePullPolicy: Always
        resources:
          limits:
            cpu: 256m
            memory: 512Mi
          requests:
            cpu: 32m
            memory: 24Mi
        volumeMounts:
        - name: otel-config
          mountPath: /etc/otel-config
      volumes:
      - name: otel-config
        configMap:
          name: otel-config
---
apiVersion: elbv2.k8s.aws/v1beta1
kind: TargetGroupBinding
metadata:
  name: pethistory-tgb
spec:
  serviceRef:
    name: pethistory-service
    port: 8080
  targetGroupARN: "{{TARGET_GROUP_ARN}}"
  targetType: ip
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: pethistory-otel-prometheus-role
rules:
  - apiGroups:
      - ""
    resources:
      - pods
    verbs:
      - get
      - list
      - watch
  - nonResourceURLs:
    - /metrics
    verbs:
    - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: pethistory-otel-prometheus-role-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: pethistory-otel-prometheus-role
subjects:
  - kind: ServiceAccount
    name: pethistory-sa
    namespace: default
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
  name: otel-awseksresourcedetector-role
rules:
  - apiGroups:
      - ""
    resources:
      - configmaps
    resourceNames:
      - aws-auth
      - cluster-info
    verbs:
      - get
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
  name: otel-awseksresourcedetector-role-binding
roleRef:
  apiGroup: rbac.authorization.k8s.io
  kind: ClusterRole
  name: otel-awseksresourcedetector-role
subjects:
  - kind: ServiceAccount
    name: pethistory-sa
    namespace: default