nginx
nginx/secrets/jwt.json
Make nginx kubernetes-ready. We had to update to use a ubuntu-based image to build nginx into, because (and I kid you not) alpine linux straight-up ignores your resolv.conf file, meaning any attempt to use it with kubernetes DNS is doomed to fail. Who thought this was a good idea? So we're using a bloated image instead. Oh well. We also are running a wrapper script instead of nginx directly, so we can inject the JWT_SECRET environment variable based on a kubernetes secret file. We define the secret file (using a placeholder secret, obvs) so that future-Paddy can remember what the hell it looks like, when he inevitably loses the file and needs to sin up a new cluster. Or whatever. Finally, we updated the token expiration error message to be in an errors array, as God (and our API conventions) intended.
1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 1.2 +++ b/secrets/jwt.json Tue Jun 30 00:27:03 2015 -0400 1.3 @@ -0,0 +1,11 @@ 1.4 +{ 1.5 + "apiVersion": "v1", 1.6 + "kind": "Secret", 1.7 + "metadata" : { 1.8 + "name": "jwt", 1.9 + "namespace": "default" 1.10 + }, 1.11 + "data": { 1.12 + "secret": "INSERT BASE64 ENCODED SECRET HERE" 1.13 + } 1.14 +}