admin/stonks-oracle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: migrate CI/CD from GHCR to local Harbor registry

Browse Source 
- Makefile: GHCR -> registry.celestium.life/stonks-oracle
- GitHub Actions: login to Harbor, use HARBOR_PASSWORD secret
- infra/k8s/*.yaml: all image refs -> registry.celestium.life
- inttest pipeline: remove GHCR pull secret (local registry, no auth)
- Steering docs: update registry/git endpoints
This commit is contained in:
Celes Renata
2026-04-19 07:34:28 +00:00
parent 0f2cb41b29
commit 5be3ce2db9
16 changed files with 44 additions and 48 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.kiro/steering/kubernetes-conventions.md
+2 -3
View File
@@ -13,7 +13,7 @@ The namespace is NOT managed by Helm — it's created by `runmefirst.sh` with He
- Services defined in `values.yaml` under `services:` — the deployments template iterates over them
- Adding a new service: add entry to `values.yaml`, add network policy if it needs ingress, add ingress if it needs external access
- Dashboard uses nginx-unprivileged on port 8080 (not 80)
- Superset uses custom image `ghcr.io/celesrenata/stonks-oracle/superset:latest` with trino + psycopg2 drivers
- Superset uses custom image `registry.celestium.life/stonks-oracle/superset:latest` with trino + psycopg2 drivers
## TLS
- Internal services: use `ca-issuer` ClusterIssuer (local CA)
@@ -44,9 +44,8 @@ The namespace is NOT managed by Helm — it's created by `runmefirst.sh` with He
- Ollama: `ollama.ollama-service.svc.cluster.local:11434`
## Images
- All images from `ghcr.io/celesrenata/stonks-oracle/<service>:latest`
- All images from `registry.celestium.life/stonks-oracle/<service>:latest`
- Use `imagePullPolicy: Always`
- Use `imagePullSecrets` referencing `ghcr-credentials`
## Labels
- `app.kubernetes.io/part-of: stonks-oracle`