cameleer/cameleer-server
1
0
Fork 0
Code Issues 41 Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ff3a046f5a6ee90e5c688e8e489a52e13cc2ca1d
cameleer-server/deploy/base/server.yaml
hsiegeln ff3a046f5a
All checks were successful
CI / build (push) Successful in 1m8s
Details
CI / cleanup-branch (push) Has been skipped
Details
CI / docker (push) Successful in 41s
Details
CI / deploy (push) Successful in 37s
Details
CI / deploy-feature (push) Has been skipped
Details
refactor: remove OIDC config from K8s manifests 
OIDC configuration should be managed by the server itself (database-backed),
not injected via K8s secrets. Remove all CAMELEER_OIDC_* env vars from
deployment manifests and the cameleer-oidc secret from CI. The server
defaults to OIDC disabled via application.yml.

This also fixes the Kustomize strategic merge conflict where the feature
overlay tried to set value on an env var that had valueFrom in the base.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 13:12:41 +01:00

102 lines
2.9 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: cameleer3-server
spec:
replicas: 1
selector:
matchLabels:
app: cameleer3-server
template:
metadata:
labels:
app: cameleer3-server
spec:
imagePullSecrets:
- name: gitea-registry
containers:
- name: server
image: gitea.siegeln.net/cameleer/cameleer3-server:latest
ports:
- containerPort: 8081
env:
- name: SPRING_DATASOURCE_URL
value: "jdbc:postgresql://postgres.cameleer.svc.cluster.local:5432/cameleer3?currentSchema=$(CAMELEER_DB_SCHEMA)"
- name: CAMELEER_DB_SCHEMA
value: "public"
- name: SPRING_DATASOURCE_USERNAME
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_USER
- name: SPRING_DATASOURCE_PASSWORD
valueFrom:
secretKeyRef:
name: postgres-credentials
key: POSTGRES_PASSWORD
- name: OPENSEARCH_URL
value: "http://opensearch.cameleer.svc.cluster.local:9200"
- name: CAMELEER_OPENSEARCH_INDEX_PREFIX
value: "executions-"
- name: CAMELEER_AUTH_TOKEN
valueFrom:
secretKeyRef:
name: cameleer-auth
key: CAMELEER_AUTH_TOKEN
- name: CAMELEER_UI_USER
valueFrom:
secretKeyRef:
name: cameleer-auth
key: CAMELEER_UI_USER
optional: true
- name: CAMELEER_UI_PASSWORD
valueFrom:
secretKeyRef:
name: cameleer-auth
key: CAMELEER_UI_PASSWORD
optional: true
- name: CAMELEER_UI_ORIGIN
value: "http://localhost:5173"
- name: CAMELEER_JWT_SECRET
valueFrom:
secretKeyRef:
name: cameleer-auth
key: CAMELEER_JWT_SECRET
optional: true
resources:
requests:
memory: "256Mi"
cpu: "100m"
limits:
memory: "512Mi"
cpu: "500m"
livenessProbe:
httpGet:
path: /api/v1/health
port: 8081
initialDelaySeconds: 30
periodSeconds: 10
timeoutSeconds: 3
failureThreshold: 3
readinessProbe:
httpGet:
path: /api/v1/health
port: 8081
initialDelaySeconds: 10
periodSeconds: 5
timeoutSeconds: 3
failureThreshold: 3
---
apiVersion: v1
kind: Service
metadata:
name: cameleer3-server
spec:
type: ClusterIP
selector:
app: cameleer3-server
ports:
- port: 8081
targetPort: 8081
Reference in New Issue View Git Blame Copy Permalink