admin/stonks-oracle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
18f857e1a3ecc83cec568c9b2acadcd9bdc51049
stonks-oracle/infra/k8s/aggregation-worker.yaml
T
Celes Renata 5be3ce2db9 feat: migrate CI/CD from GHCR to local Harbor registry 
- Makefile: GHCR -> registry.celestium.life/stonks-oracle
- GitHub Actions: login to Harbor, use HARBOR_PASSWORD secret
- infra/k8s/*.yaml: all image refs -> registry.celestium.life
- inttest pipeline: remove GHCR pull secret (local registry, no auth)
- Steering docs: update registry/git endpoints
2026-04-19 07:34:28 +00:00

57 lines
1.4 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: aggregation-worker
namespace: stonks-oracle
labels:
app: aggregation-worker
app.kubernetes.io/part-of: stonks-oracle
stonks-oracle/tier: processing
spec:
replicas: 1
selector:
matchLabels:
app: aggregation-worker
template:
metadata:
labels:
app: aggregation-worker
stonks-oracle/tier: processing
spec:
automountServiceAccountToken: false
securityContext:
runAsNonRoot: true
runAsUser: 1000
runAsGroup: 1000
fsGroup: 1000
seccompProfile:
type: RuntimeDefault
containers:
- name: aggregation-worker
image: registry.celestium.life/stonks-oracle/aggregation:latest
imagePullPolicy: Always
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
capabilities:
drop: ["ALL"]
envFrom:
- configMapRef:
name: stonks-config
- secretRef:
name: stonks-core-secrets
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 256Mi
volumeMounts:
- name: tmp
mountPath: /tmp
volumes:
- name: tmp
emptyDir:
sizeLimit: 10Mi
Reference in New Issue View Git Blame Copy Permalink