mirror of
https://github.com/stackblitz-labs/bolt.diy
synced 2025-06-26 18:26:38 +00:00
66 lines
2.2 KiB
YAML
66 lines
2.2 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: buildify
|
|
labels:
|
|
app: buildify
|
|
annotations:
|
|
# Image versioning notes:
|
|
# The CI/CD pipeline will create a PR to update this deployment with specific image tags
|
|
# For tagged releases: 891377135844.dkr.ecr.us-east-1.amazonaws.com/buildify:v1.0.0
|
|
# For main branch: 891377135844.dkr.ecr.us-east-1.amazonaws.com/buildify:<short-sha>
|
|
# For dev branch: 891377135844.dkr.ecr.us-east-1.amazonaws.com/buildify:dev
|
|
spec:
|
|
replicas: 3
|
|
selector:
|
|
matchLabels:
|
|
app: buildify
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: buildify
|
|
spec:
|
|
serviceAccountName: ecr-service-account # Service account with access to read ECR images
|
|
containers:
|
|
-
|
|
name: buildify
|
|
image: 891377135844.dkr.ecr.us-east-1.amazonaws.com/buildify:sha-45cec6c # Using dev tag as the default for development
|
|
imagePullPolicy: Always
|
|
ports:
|
|
-
|
|
containerPort: 5173
|
|
name: http
|
|
resources:
|
|
requests:
|
|
cpu: "750m"
|
|
memory: "768Mi"
|
|
limits:
|
|
cpu: "1500m"
|
|
memory: "1.5Gi"
|
|
envFrom:
|
|
# Non-sensitive configuration (public settings)
|
|
- configMapRef:
|
|
name: buildify-config
|
|
|
|
# Authentication secrets from AWS Secrets Manager via ExternalSecret
|
|
# Contains: SESSION_SECRET, GITHUB_CLIENT_ID, GITHUB_CLIENT_SECRET
|
|
# These are infrastructure-level secrets managed by DevOps
|
|
- secretRef:
|
|
name: buildify-auth-secrets
|
|
|
|
# User-configurable API keys for LLM providers
|
|
# These are set through the application UI and can vary per user
|
|
# Contains: OPENAI_API_KEY, ANTHROPIC_API_KEY, BAYER_MGA_API_KEY, etc.
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: 5173
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: 5173
|
|
initialDelaySeconds: 5
|
|
periodSeconds: 5
|