cameleer/cameleer-server
1
0
Fork 0
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c502a42f176899ddaa1cdd4fb1df1b5c50241d04
cameleer-server/deploy/base/ui.yaml
hsiegeln c502a42f17
Some checks failed
CI / cleanup-branch (push) Has been skipped
Details
CI / build (push) Successful in 1m6s
Details
CI / docker (push) Successful in 59s
Details
CI / deploy-feature (push) Has been skipped
Details
CI / deploy (push) Failing after 2m59s
Details
refactor: architecture cleanup — OIDC dedup, PKCE, K8s hardening 
- Extract OidcProviderHelper for shared discovery + JWK source construction
- Add SystemRole.normalizeScope() to centralize role normalization
- Merge duplicate claim extraction in OidcTokenExchanger
- Add PKCE (S256) to OIDC authorization flow (frontend + backend)
- Add SecurityContext (runAsNonRoot) to all K8s deployments
- Fix postgres probe to use $POSTGRES_USER instead of hardcoded username
- Remove default credentials from Dockerfile
- Extract sanitize_branch() to shared .gitea/sanitize-branch.sh
- Fix sidebar to use /exchanges/ paths directly, remove legacy redirects
- Centralize basePath computation in router.tsx via config module

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-06 21:57:29 +02:00

75 lines
1.6 KiB
YAML
Raw Blame History

apiVersion: v1
kind: ConfigMap
metadata:
name: cameleer3-ui-config
data:
config.js: |
window.__CAMELEER_CONFIG__ = {
apiBaseUrl: 'http://localhost:8081/api/v1',
};
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: cameleer3-ui
spec:
replicas: 1
selector:
matchLabels:
app: cameleer3-ui
template:
metadata:
labels:
app: cameleer3-ui
spec:
imagePullSecrets:
- name: gitea-registry
securityContext:
runAsNonRoot: true
runAsUser: 101
containers:
- name: ui
image: gitea.siegeln.net/cameleer/cameleer3-server-ui:latest
ports:
- containerPort: 80
env:
- name: CAMELEER_API_URL
value: "http://cameleer3-server:8081"
volumeMounts:
- name: config
mountPath: /usr/share/nginx/html/config.js
subPath: config.js
resources:
requests:
memory: "32Mi"
cpu: "10m"
limits:
memory: "64Mi"
cpu: "100m"
livenessProbe:
httpGet:
path: /healthz
port: 80
periodSeconds: 10
readinessProbe:
httpGet:
path: /healthz
port: 80
periodSeconds: 5
volumes:
- name: config
configMap:
name: cameleer3-ui-config
---
apiVersion: v1
kind: Service
metadata:
name: cameleer3-ui
spec:
type: ClusterIP
selector:
app: cameleer3-ui
ports:
- port: 80
targetPort: 80
Reference in New Issue View Git Blame Copy Permalink