From c1f64e269446d639d711051f25acab357afaa4df Mon Sep 17 00:00:00 2001
From: Thor77 <thor77@thor77.org>
Date: Wed, 9 Oct 2019 09:00:28 +0200
Subject: [PATCH 1/4] Deploy pod and service into turniere-backend

---
 kubernetes/deployment.yml.erb | 2 +-
 kubernetes/service.yml        | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/kubernetes/deployment.yml.erb b/kubernetes/deployment.yml.erb
index 38e665b..f475c53 100644
--- a/kubernetes/deployment.yml.erb
+++ b/kubernetes/deployment.yml.erb
@@ -2,7 +2,7 @@ apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: backend-deployment
-  namespace: turniere
+  namespace: turniere-backend
   labels:
     app: turniere-backend
 spec:
diff --git a/kubernetes/service.yml b/kubernetes/service.yml
index a14665d..812b2e7 100644
--- a/kubernetes/service.yml
+++ b/kubernetes/service.yml
@@ -2,7 +2,7 @@ apiVersion: v1
 kind: Service
 metadata:
   name: backend-service
-  namespace: turniere
+  namespace: turniere-backend
 spec:
   selector:
     app: turniere-backend
@@ -15,7 +15,7 @@ apiVersion: extensions/v1beta1
 kind: Ingress
 metadata:
   name: backend-ingress
-  namespace: turniere
+  namespace: turniere-backend
   annotations:
     kubernetes.io/ingress.class: traefik
 spec:

From a07a0ccf9b1f01c269e91eb555e92e2beaaeafe2 Mon Sep 17 00:00:00 2001
From: Thor77 <thor77@thor77.org>
Date: Wed, 9 Oct 2019 09:02:29 +0200
Subject: [PATCH 2/4] Add role binding for gitlab namespace

---
 kubernetes/rolebinding.yml | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 kubernetes/rolebinding.yml

diff --git a/kubernetes/rolebinding.yml b/kubernetes/rolebinding.yml
new file mode 100644
index 0000000..40c9b72
--- /dev/null
+++ b/kubernetes/rolebinding.yml
@@ -0,0 +1,13 @@
+kind: RoleBinding
+apiVersion: rbac.authorization.k8s.io/v1
+metadata:
+  name: gitlab-deploy-rb
+  namespace: turniere-backend
+subjects:
+  - kind: ServiceAccount
+    name: gitlab-deploy
+    namespace: gitlab
+roleRef:
+  kind: ClusterRole
+  name: gitlab-deploy-role
+  apiGroup: rbac.authorization.k8s.io

From d5b5189f17a4ab390213cc63c574a538e518812a Mon Sep 17 00:00:00 2001
From: Thor77 <thor77@thor77.org>
Date: Wed, 9 Oct 2019 09:09:22 +0200
Subject: [PATCH 3/4] Lock kubernetes-deploy version to 0.29.0

---
 .gitlab-ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b47b270..537ccb0 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -34,5 +34,5 @@ kubernetes:
     - kubectl config set-cluster k8s --server="https://kubernetes.default.svc" --certificate-authority=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
     - kubectl config set-credentials sa --token="$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)"
     - kubectl config set-context local --cluster=k8s --user=sa --namespace=turniere
-    - gem install kubernetes-deploy
+    - gem install kubernetes-deploy --version '=0.29.0'
     - REVISION=$CI_COMMIT_SHA kubernetes-deploy --template-dir kubernetes turniere local

From 0b9441b1c14210d561b4be803c4c656bd3a054cb Mon Sep 17 00:00:00 2001
From: Thor77 <thor77@thor77.org>
Date: Wed, 9 Oct 2019 10:34:18 +0200
Subject: [PATCH 4/4] Switch from Ingress to IngressRoute

---
 kubernetes/service.yml | 49 ++++++++++++++++++++++++++++--------------
 1 file changed, 33 insertions(+), 16 deletions(-)

diff --git a/kubernetes/service.yml b/kubernetes/service.yml
index 812b2e7..1a45bed 100644
--- a/kubernetes/service.yml
+++ b/kubernetes/service.yml
@@ -7,23 +7,40 @@ spec:
   selector:
     app: turniere-backend
   ports:
-  - name: http
-    port: 3000
-    targetPort: 3000
+    - name: http
+      port: 3000
+      targetPort: 3000
 ---
-apiVersion: extensions/v1beta1
-kind: Ingress
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
 metadata:
-  name: backend-ingress
+  name: backend-ingress-http
   namespace: turniere-backend
-  annotations:
-    kubernetes.io/ingress.class: traefik
 spec:
-  rules:
-  - host: api01.turnie.re
-    http:
-      paths:
-      - path: /
-        backend:
-          serviceName: backend-service
-          servicePort: http
+  entryPoints:
+    - http
+  routes:
+    - match: Host(`api01.turnie.re`)
+      kind: Rule
+      services:
+        - name: backend-service
+          port: 3000
+      middlewares:
+        - name: redirect
+---
+apiVersion: traefik.containo.us/v1alpha1
+kind: IngressRoute
+metadata:
+  name: backend-ingress-https
+  namespace: turniere-backend
+spec:
+  entryPoints:
+    - https
+  routes:
+    - match: Host(`api01.turnie.re`)
+      kind: Rule
+      services:
+        - name: backend-service
+          port: 3000
+  tls:
+    certResolver: default