e01f7808a0
- db.rs: fix fresh-PVC startup crash by using SqliteConnectOptions with create_if_missing(true) and foreign_keys(true); drops after_connect - Dockerfile: switch to Node 22 + pnpm (corepack), run pnpm check before build, copy backend/demo/ for TT_TEST_MODE support, non-root app user, add HEALTHCHECK, remove baked-in JWT_SECRET - .dockerignore: exclude node_modules, build artifacts, data/, logs - deploy/: new Helm chart replacing k8s/ — Deployment, Service, HTTPRoute (Gateway API), PVC (hcloud-volumes), CronJob backup, ServiceAccount, VPA; JWT_SECRET sourced from pre-provisioned K8s Secret - k8s/: removed (superseded by deploy/) - ci.yml: replaces test.yml — Node 20->22, same test steps, adds no-push Docker build; triggers on non-main pushes and PRs - release.yml: new tag-driven workflow (v*.*.*) — runs tests, pushes image to registry.itsh.dev/s0wlz/tutortool, deploys via helm upgrade https://claude.ai/code/session_01N1kWaQJkz1fC7mUippdQR5
54 lines
928 B
YAML
54 lines
928 B
YAML
replicaCount: 1
|
|
|
|
image:
|
|
repository: registry.itsh.dev/s0wlz/tutortool
|
|
pullPolicy: IfNotPresent
|
|
tag: latest
|
|
|
|
serviceAccount:
|
|
create: true
|
|
name: ""
|
|
|
|
service:
|
|
port: 80
|
|
targetPort: 3000
|
|
|
|
containerPort: 3000
|
|
|
|
resources:
|
|
requests:
|
|
cpu: 50m
|
|
memory: 64Mi
|
|
limits:
|
|
cpu: 500m
|
|
memory: 256Mi
|
|
|
|
pvc:
|
|
storageClassName: hcloud-volumes
|
|
storage: 1Gi
|
|
|
|
httpRoute:
|
|
hostnames:
|
|
- tutor.puchstein.dev
|
|
sectionName: https-tutor-puchstein-dev
|
|
|
|
# JWT_SECRET provisioned as a pre-existing K8s Secret named here.
|
|
# Do not set jwtSecretValue in committed values — provision via kubectl manually.
|
|
jwtSecretName: tutortool-jwt
|
|
|
|
env:
|
|
DATABASE_URL: sqlite:/data/attendance.db
|
|
STATIC_DIR: /app/frontend/build
|
|
|
|
vpa:
|
|
enabled: false
|
|
updateMode: "Off"
|
|
containerPolicies:
|
|
- containerName: app
|
|
minAllowed:
|
|
cpu: 10m
|
|
memory: 32Mi
|
|
maxAllowed:
|
|
cpu: 1000m
|
|
memory: 512Mi
|