ZhenYi/gitdataai
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
42f0a3b91b
gitdataai/docker/operator/example/code-system.yaml
ZhenYi 42f0a3b91b commit: no msg
2026-04-14 19:02:01 +08:00

281 lines
6.7 KiB
YAML
Raw Blame History

# Example: deploying the full code system into `code-system` namespace.
#
# Prerequisites:
# 1. Install CRDs: kubectl apply -f ../crd/
# 2. Install Operator: kubectl apply -f ../operator/deployment.yaml
#
# Then apply this file:
# kubectl apply -f example/code-system.yaml
apiVersion: v1
kind: Secret
metadata:
name: app-secrets
namespace: code-system
type: Opaque
stringData:
APP_DATABASE_URL: "postgres://user:password@postgres:5432/codedb?sslmode=disable"
APP_REDIS_URLS: "redis://redis:6379"
APP_SMTP_HOST: "smtp.example.com"
APP_SMTP_PORT: "587"
APP_SMTP_USERNAME: "noreply@example.com"
APP_SMTP_PASSWORD: "change-me"
APP_SMTP_FROM: "noreply@example.com"
APP_AI_BASIC_URL: "https://api.openai.com/v1"
APP_AI_API_KEY: "sk-change-me"
APP_SSH_SERVER_PRIVATE_KEY: |
-----BEGIN OPENSSH PRIVATE KEY-----
... paste your SSH private key here ...
-----END OPENSSH PRIVATE KEY-----
APP_SSH_SERVER_PUBLIC_KEY: "ssh-ed25519 AAAAC3... your-pub-key"
---
# ---- App (main web service, 3 replicas) ----
apiVersion: code.dev/v1
kind: App
metadata:
name: app
namespace: code-system
spec:
image: myapp/app:latest
replicas: 3
imagePullPolicy: IfNotPresent
env:
- name: APP_DATABASE_URL
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_DATABASE_URL
- name: APP_REDIS_URLS
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_REDIS_URLS
- name: APP_SMTP_HOST
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_SMTP_HOST
- name: APP_SMTP_USERNAME
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_SMTP_USERNAME
- name: APP_SMTP_PASSWORD
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_SMTP_PASSWORD
- name: APP_SMTP_FROM
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_SMTP_FROM
- name: APP_AI_BASIC_URL
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_AI_BASIC_URL
- name: APP_AI_API_KEY
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_AI_API_KEY
- name: APP_DOMAIN_URL
value: "https://example.com"
- name: APP_LOG_LEVEL
value: "info"
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 500m
memory: 512Mi
livenessProbe:
port: 8080
path: /health
initialDelaySeconds: 10
readinessProbe:
port: 8080
path: /health
initialDelaySeconds: 5
---
# ---- GitServer (git HTTP + SSH, single instance) ----
apiVersion: code.dev/v1
kind: GitServer
metadata:
name: gitserver
namespace: code-system
spec:
image: myapp/gitserver:latest
imagePullPolicy: IfNotPresent
env:
- name: APP_DATABASE_URL
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_DATABASE_URL
- name: APP_REDIS_URLS
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_REDIS_URLS
- name: APP_SSH_SERVER_PRIVATE_KEY
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_SSH_SERVER_PRIVATE_KEY
- name: APP_SSH_SERVER_PUBLIC_KEY
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_SSH_SERVER_PUBLIC_KEY
- name: APP_SSH_DOMAIN
value: "git.example.com"
- name: APP_REPOS_ROOT
value: "/data/repos"
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
cpu: 1000m
memory: 1Gi
sshServiceType: NodePort # Use LoadBalancer in production
sshPort: 22
httpPort: 8022
storageSize: 50Gi
---
# ---- EmailWorker (single instance) ----
apiVersion: code.dev/v1
kind: EmailWorker
metadata:
name: email-worker
namespace: code-system
spec:
image: myapp/email-worker:latest
imagePullPolicy: IfNotPresent
env:
- name: APP_DATABASE_URL
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_DATABASE_URL
- name: APP_REDIS_URLS
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_REDIS_URLS
- name: APP_SMTP_HOST
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_SMTP_HOST
- name: APP_SMTP_USERNAME
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_SMTP_USERNAME
- name: APP_SMTP_PASSWORD
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_SMTP_PASSWORD
- name: APP_SMTP_FROM
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_SMTP_FROM
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
memory: 256Mi
---
# ---- GitHook (single instance) ----
apiVersion: code.dev/v1
kind: GitHook
metadata:
name: git-hook
namespace: code-system
spec:
image: myapp/git-hook:latest
imagePullPolicy: IfNotPresent
env:
- name: APP_DATABASE_URL
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_DATABASE_URL
- name: APP_REDIS_URLS
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_REDIS_URLS
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
memory: 256Mi
---
# ---- Migrate (auto-triggered on apply) ----
apiVersion: code.dev/v1
kind: Migrate
metadata:
name: migrate
namespace: code-system
spec:
image: myapp/migrate:latest
command: up
backoffLimit: 3
env:
- name: APP_DATABASE_URL
valueFrom:
secretRef:
name: app-secrets
secretName: app-secrets
secretKey: APP_DATABASE_URL
---
# ---- Ingress (example for App) ----
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: app-ingress
namespace: code-system
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "100m"
spec:
rules:
- host: example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: app
port:
number: 80
Reference in New Issue View Git Blame Copy Permalink