homelab/k8s/apps/k8s-secrets/deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: secret-reader
  labels:
    app: secret-reader
spec:
  replicas: 1
  selector:
    matchLabels:
      app: secret-reader
  template:
    metadata:
      labels:
        app: secret-reader
    spec:
      serviceAccountName: secret-reader
      nodeSelector:
        kubernetes.io/os: linux
      containers:
      - name: secret-reader
        image: ultradesu/k8s-secrets:latest
        imagePullPolicy: IfNotPresent
        args:
          - "--secrets"
          - "openai-creds"
          - "--port"
          - "3000"
        ports:
        - containerPort: 3000
          name: http
        env:
        - name: RUST_LOG
          value: "info"
        resources:
          requests:
            memory: "64Mi"
            cpu: "50m"
          limits:
            memory: "128Mi"
            cpu: "100m"
        livenessProbe:
          httpGet:
            path: /health
            port: http
          initialDelaySeconds: 10
          periodSeconds: 10
        readinessProbe:
          httpGet:
            path: /health
            port: http
          initialDelaySeconds: 5
          periodSeconds: 5
        securityContext:
          runAsNonRoot: true
          runAsUser: 1000
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          capabilities:
            drop:
            - ALL
Added k8s-secrets 2025-09-03 13:48:29 +03:00			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: secret-reader`
			`labels:`
			`app: secret-reader`
			`spec:`
			`replicas: 1`
			`selector:`
			`matchLabels:`
			`app: secret-reader`
			`template:`
			`metadata:`
			`labels:`
			`app: secret-reader`
			`spec:`
			`serviceAccountName: secret-reader`
			`nodeSelector:`
			`kubernetes.io/os: linux`
			`containers:`
			`- name: secret-reader`
Added k8s-secrets 2025-09-03 13:51:53 +03:00			`image: ultradesu/k8s-secrets:latest`
Added k8s-secrets 2025-09-03 13:48:29 +03:00			`imagePullPolicy: IfNotPresent`
			`args:`
			`- "--secrets"`
			`- "openai-creds"`
			`- "--port"`
			`- "3000"`
			`ports:`
			`- containerPort: 3000`
			`name: http`
			`env:`
			`- name: RUST_LOG`
			`value: "info"`
			`resources:`
			`requests:`
			`memory: "64Mi"`
			`cpu: "50m"`
			`limits:`
			`memory: "128Mi"`
			`cpu: "100m"`
			`livenessProbe:`
			`httpGet:`
			`path: /health`
			`port: http`
			`initialDelaySeconds: 10`
			`periodSeconds: 10`
			`readinessProbe:`
			`httpGet:`
			`path: /health`
			`port: http`
			`initialDelaySeconds: 5`
			`periodSeconds: 5`
			`securityContext:`
			`runAsNonRoot: true`
			`runAsUser: 1000`
			`allowPrivilegeEscalation: false`
			`readOnlyRootFilesystem: true`
			`capabilities:`
			`drop:`
			`- ALL`