Celes Renata
64 lines
1.8 KiB
YAML
64 lines
1.8 KiB
YAML
##
|
|
## Stonks Oracle — Scoped Secrets
|
|
##
|
|
## Secrets are split by concern so that only the services that need
|
|
## broker or market-data credentials actually receive them.
|
|
## Replace placeholder values before deploying.
|
|
##
|
|
## Requirements: 8.2 (broker credential isolation)
|
|
##
|
|
|
|
# ── Core infrastructure secrets (DB, object store, cache) ──────────────
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: stonks-core-secrets
|
|
namespace: stonks-oracle
|
|
labels:
|
|
app.kubernetes.io/part-of: stonks-oracle
|
|
type: Opaque
|
|
stringData:
|
|
POSTGRES_PASSWORD: "REPLACE_ME"
|
|
MINIO_ACCESS_KEY: "REPLACE_ME"
|
|
MINIO_SECRET_KEY: "REPLACE_ME"
|
|
REDIS_PASSWORD: ""
|
|
---
|
|
# ── Broker secrets — only for broker-adapter and risk-engine ───────────
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: stonks-broker-secrets
|
|
namespace: stonks-oracle
|
|
labels:
|
|
app.kubernetes.io/part-of: stonks-oracle
|
|
type: Opaque
|
|
stringData:
|
|
BROKER_API_KEY: "REPLACE_ME"
|
|
BROKER_API_SECRET: "REPLACE_ME"
|
|
BROKER_BASE_URL: "https://paper-api.alpaca.markets"
|
|
---
|
|
# ── Market data secrets — only for ingestion and adapters ──────────────
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: stonks-market-secrets
|
|
namespace: stonks-oracle
|
|
labels:
|
|
app.kubernetes.io/part-of: stonks-oracle
|
|
type: Opaque
|
|
stringData:
|
|
MARKET_DATA_API_KEY: "REPLACE_ME"
|
|
---
|
|
# ── Dashboard secrets — only for Superset ──────────────────────────────
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: stonks-dashboard-secrets
|
|
namespace: stonks-oracle
|
|
labels:
|
|
app.kubernetes.io/part-of: stonks-oracle
|
|
type: Opaque
|
|
stringData:
|
|
SUPERSET_SECRET_KEY: "REPLACE_ME"
|
|
SUPERSET_ADMIN_PASSWORD: "REPLACE_ME"
|