vikingowl/marktvogt.de
1
0
Fork 0
Code Issues Pull Requests 3 Actions Packages Projects Releases Wiki Activity
14 Commits 5 Branches 0 Tags
f83d73c06d7faadee2d20ef6982872ab1d539b26
Commit Graph

4 Commits

Author SHA1 Message Date
vikingowl f83d73c06d fix(deploy): set maxSurge=0 to fit within ResourceQuota during rollout 
With 900m/1000m CPU limits used, rolling updates fail because the
new pod cannot be created alongside the old one. Setting maxSurge=0
and maxUnavailable=1 kills the old pod first, avoiding quota exhaustion
at the cost of brief downtime during deploys.
 2026-02-22 12:00:23 +01:00
vikingowl bf1ba11de2 fix(deploy): add seccompProfile RuntimeDefault to satisfy PodSecurity restricted policy 2026-02-22 10:03:33 +01:00
vikingowl 2f9f4c4b49 fix(ci): correct registry to somegit.dev 2026-02-22 09:50:49 +01:00
vikingowl 2718321201 feat(deploy): add container build and Helm chart for k8s deployment 
- Switch adapter-auto to adapter-node (SSR) for container deployment
- Add multi-stage Dockerfile: Bun build, Node.js 22 runtime, UID 65534
- Add Helm chart (deploy/helm/) with Deployment, Service, HTTPRoute, HPA, PDB, ServiceAccount
- Use HTTPRoute (Gateway API) targeting nginx-gateway, TLS via cert-manager
- Enforce readOnlyRootFilesystem with emptyDir for /tmp
- Set ORIGIN env var for adapter-node CSRF protection
- Add Woodpecker CI: typecheck, docker push (SHA tag), helm upgrade --atomic
 2026-02-22 09:32:13 +01:00