643504d89b
- Add *.sqlite* patterns to .gitignore - Expand .dockerignore to exclude chart/, docs/, .github/, etc. - Add HEALTHCHECK instruction to Dockerfile - Fix Helm chart: preserve JWT secret across upgrades (lookup), add securityContext, conditional PVC creation, resource defaults - Remove hardcoded demo credentials from MCP.md - Complete .env.example with all configurable environment variables https://claude.ai/code/session_01SoQKcF5Rz9Y8Nzo4PzkxY8
68 lines
2.0 KiB
YAML
68 lines
2.0 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "trek.fullname" . }}
|
|
labels:
|
|
app: {{ include "trek.name" . }}
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: {{ include "trek.name" . }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: {{ include "trek.name" . }}
|
|
spec:
|
|
{{- if .Values.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- range .Values.imagePullSecrets }}
|
|
- name: {{ .name }}
|
|
{{- end }}
|
|
{{- end }}
|
|
securityContext:
|
|
fsGroup: 1000
|
|
containers:
|
|
- name: trek
|
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
{{- with .Values.resources }}
|
|
resources:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
ports:
|
|
- containerPort: 3000
|
|
envFrom:
|
|
- configMapRef:
|
|
name: {{ include "trek.fullname" . }}-config
|
|
env:
|
|
- name: JWT_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ default (printf "%s-secret" (include "trek.fullname" .)) .Values.existingSecret }}
|
|
key: {{ .Values.existingSecretKey | default "JWT_SECRET" }}
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /app/data
|
|
- name: uploads
|
|
mountPath: /app/uploads
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /api/health
|
|
port: 3000
|
|
initialDelaySeconds: 15
|
|
periodSeconds: 30
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /api/health
|
|
port: 3000
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 10
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: {{ include "trek.fullname" . }}-data
|
|
- name: uploads
|
|
persistentVolumeClaim:
|
|
claimName: {{ include "trek.fullname" . }}-uploads
|