infctl-cli/k8s-manifests/ctl/deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: infctl-deployment
  namespace: infctl
  labels:
    app: nginx-sl
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nginx-sl
  template:
    metadata:
      labels:
        app: nginx-sl
    spec:

      imagePullSecrets:
      - name: registry-credentials


      initContainers:
      - name: init-data-s3
        image: amazon/aws-cli:latest
        imagePullPolicy: IfNotPresent
        # command: ["/bin/bash", "-c", "trap : TERM INT; sleep infinity & wait"]  
        # command: ["/bin/bash", "-c", "/scripts/init-data.sh && echo 'Script completed, sleeping for debugging' && sleep 3600"]
        command: ["/bin/bash", "/scripts/init-data.sh"]
      
        volumeMounts:
        - name: init-script
          mountPath: /scripts
        - name: infctl-public-data
          mountPath: /var/www/public
        - name: infctl-storage-data
          mountPath: /var/www/storage
        - name: infctl-database-data
          mountPath: /var/www/database

        env:
        - name: AWS_ACCESS_KEY_ID
          valueFrom:
            secretKeyRef:
              name: aws-credentials
              key: access-key
        - name: AWS_SECRET_ACCESS_KEY
          valueFrom:
            secretKeyRef:
              name: aws-credentials
              key: secret-key
        - name: AWS_DEFAULT_REGION
          value: "eu-west-2"
      - name: merge-data
        image: busybox
        imagePullPolicy: IfNotPresent
        # command: ["/bin/sh", "-c", "trap : TERM INT; sleep infinity & wait"]  
        command: ["/bin/sh", "/scripts/merge_data_inf.sh"]
      
        volumeMounts:
        - name: merge-script
          mountPath: /scripts
        - name: infctl-public-data
          mountPath: /var/www/public
        - name: infctl-storage-data
          mountPath: /var/www/storage
        - name: infctl-database-data
          mountPath: /var/www/database

        env:
        - name: AWS_ACCESS_KEY_ID
          valueFrom:
            secretKeyRef:
              name: aws-credentials
              key: access-key
        - name: AWS_SECRET_ACCESS_KEY
          valueFrom:
            secretKeyRef:
              name: aws-credentials
              key: secret-key
        - name: AWS_DEFAULT_REGION
          value: "eu-west-2"


      containers:

      
      - name: php-fpm
        image: $APP_CONTAINER
        command: ["/bin/sh", "-c"]
        args:
          - |
            cd /var/www
            php artisan config:clear
            npm install && npm run build
            php-fpm
        resources:
          requests:
            memory: "128Mi"
            cpu: "100m"
          limits:
            memory: "256Mi"
            cpu: "500m"        
        env:
          - name: APP_NAME
            value: "infctl"
          - name: APP_ENV
            value: production
          - name: APP_KEY
            valueFrom:
              secretKeyRef:
                name: app-key-secret
                key: app_key
          - name: APP_DEBUG
            value: "false"
          - name: APP_URL
            value: "https://ctl.headshed.dev/"
          - name: APP_LOCAL
            value: "en"
          - name: APP_FALLBACK_LOCALE
            value: "en"
          - name: APP_FAKER_LOCALE
            value: "en_US"
          - name: APP_MAINTENANCE_DRIVER
            value: "file"
          - name: PHP_CLI_SERVER_WORKERS
            value: "4"
          - name: BCRYPT_ROUNDS
            value: "12"
          - name: LOG_CHANNEL
            value: "stack"
          - name: LOG_STACK
            value: "single"
          - name: LOG_DEPRECATIONS_CHANNEL
            value: ""
          - name: LOG_LEVEL
            value: "debug"
          - name: DB_CONNECTION
            value: pgsql
          - name: DB_HOST
            valueFrom:
              secretKeyRef:
                name: pg-credentials
                key: host
          - name: DB_PORT
            value: "5432"
          - name: DB_DATABASE
            valueFrom:
              secretKeyRef:
                name: pg-credentials
                key: dbname
          - name: DB_USERNAME
            valueFrom:
              secretKeyRef:
                name: pg-credentials
                key: username
          - name: DB_PASSWORD
            valueFrom:
              secretKeyRef:
                name: pg-credentials
                key: password
          - name: SESSION_DRIVER
            value: "database"
          - name: SESSION_LIFETIME
            value: "120"
          - name: SESSION_ENCRYPT
            value: "false"
          - name: SESSION_PATH
            value: "/"
          - name: SESSION_DOMAIN
            value: ""
          - name: BROADCAST_CONNECTION
            value: "log"
          - name: FILESYSTEM_DISK
            value: "s3"
          - name: FILAMENT_FILESYSTEM_DISK
            value: "s3"
          - name: QUEUE_CONNECTION
            value: "redis"
          - name: CACHE_STORE
            value: "database"
          - name: MEMCACHED_HOST
            value: "127.0.0.1"
          - name: REDIS_CLIENT
            value: "phpredis"
          - name: REDIS_HOST
            value: "redis.redis.svc.cluster.local"
          - name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
                name: redis-auth
                key: password
          - name: REDIS_PORT
            value: "6379"
          - name: MAIL_MAILER
            value: "smtp"
          - name: MAIL_HOST
            value: "smtp.fastmail.com"
          - name: MAIL_PORT
            value: "465"
          - name: MAIL_USERNAME
            valueFrom:
              secretKeyRef:
                name: smtp-credentials
                key: user
          - name: MAIL_PASSWORD
            valueFrom:
              secretKeyRef:
                name: smtp-credentials
                key: password
          - name: MAIL_ENCRYPTION
            value: "ssl"
          - name: MAIL_FROM_ADDRESS
            value: "info@headshed.dev"
          - name: MAIL_FROM_NAME
            value: "Headshed"
          - name: AWS_ACCESS_KEY_ID
            valueFrom:
              secretKeyRef:
                name: aws-credentials
                key: access-key
          - name: AWS_SECRET_ACCESS_KEY
            valueFrom:
              secretKeyRef:
                name: aws-credentials
                key: secret-key
          - name: AWS_DEFAULT_REGION
            value: "eu-west-2"
          - name: AWS_BUCKET
            value: "headsheddev-sharelt-cust-data"
          - name: AWS_USE_PATH_STYLE_ENDPOINT
            value: "false"
          - name: VITE_APP_NAME
            value: "infctl"
        tty: true
        workingDir: /var/www
        volumeMounts:
        - name: infctl-public-data
          mountPath: /var/www/public
        - name: infctl-storage-data
          mountPath: /var/www/storage
        - name: infctl-database-data
          mountPath: /var/www/database
        - mountPath: /usr/local/etc/php/conf.d/local.ini
          name: php-config
          subPath: local.ini


      - name: nginx
        image: nginx:1.28  
        imagePullPolicy: IfNotPresent
        resources:
          requests:
            memory: "64Mi"
            cpu: "50m"
          limits:
            memory: "128Mi"
            cpu: "100m"
        ports:
        - containerPort: 80
        volumeMounts:
        - name: infctl-public-data
          mountPath: /var/www/public
        - name: infctl-storage-data
          mountPath: /var/www/storage
        - name: infctl-database-data
          mountPath: /var/www/database
        - name: nginx-config
          mountPath: /etc/nginx/conf.d


      volumes:
      - name: init-script
        configMap:
          name: init-data-script
      - name: merge-script
        configMap:
          name: merge-data-script
      - name: nginx-config
        configMap:
          name: nginx-config
      # - name: nginx-content
      #   configMap:
      #     name: nginx-content
      - name: infctl-public-data
        persistentVolumeClaim:
          claimName: infctl-public-data-pvc
      - name: infctl-storage-data
        persistentVolumeClaim:
          claimName: infctl-storage-data-pvc
      - name: infctl-database-data
        persistentVolumeClaim:
          claimName: infctl-database-data-pvc
      - name: php-config
        configMap:
          name: php-config
changed app to use json config for pipeline steps readme command line usage - to specify pipeline file name readme updated to include reasoning behind the project use native golang sqlite RunScriptCommand named in functionMap removed unused functions removed unused functions run script and pipeline example renamed functions to drop the word script and add pipeline verb 2025-07-09 13:19:43 +01:00			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: infctl-deployment`
			`namespace: infctl`
			`labels:`
			`app: nginx-sl`
			`spec:`
			`replicas: 1`
			`selector:`
			`matchLabels:`
			`app: nginx-sl`
			`template:`
			`metadata:`
			`labels:`
			`app: nginx-sl`
			`spec:`

			`imagePullSecrets:`
			`- name: registry-credentials`


			`initContainers:`
			`- name: init-data-s3`
			`image: amazon/aws-cli:latest`
			`imagePullPolicy: IfNotPresent`
			`# command: ["/bin/bash", "-c", "trap : TERM INT; sleep infinity & wait"]`
			`# command: ["/bin/bash", "-c", "/scripts/init-data.sh && echo 'Script completed, sleeping for debugging' && sleep 3600"]`
			`command: ["/bin/bash", "/scripts/init-data.sh"]`

			`volumeMounts:`
			`- name: init-script`
			`mountPath: /scripts`
			`- name: infctl-public-data`
			`mountPath: /var/www/public`
			`- name: infctl-storage-data`
			`mountPath: /var/www/storage`
			`- name: infctl-database-data`
			`mountPath: /var/www/database`

			`env:`
			`- name: AWS_ACCESS_KEY_ID`
			`valueFrom:`
			`secretKeyRef:`
			`name: aws-credentials`
			`key: access-key`
			`- name: AWS_SECRET_ACCESS_KEY`
			`valueFrom:`
			`secretKeyRef:`
			`name: aws-credentials`
			`key: secret-key`
			`- name: AWS_DEFAULT_REGION`
			`value: "eu-west-2"`
			`- name: merge-data`
			`image: busybox`
			`imagePullPolicy: IfNotPresent`
			`# command: ["/bin/sh", "-c", "trap : TERM INT; sleep infinity & wait"]`
			`command: ["/bin/sh", "/scripts/merge_data_inf.sh"]`

			`volumeMounts:`
			`- name: merge-script`
			`mountPath: /scripts`
			`- name: infctl-public-data`
			`mountPath: /var/www/public`
			`- name: infctl-storage-data`
			`mountPath: /var/www/storage`
			`- name: infctl-database-data`
			`mountPath: /var/www/database`

			`env:`
			`- name: AWS_ACCESS_KEY_ID`
			`valueFrom:`
			`secretKeyRef:`
			`name: aws-credentials`
			`key: access-key`
			`- name: AWS_SECRET_ACCESS_KEY`
			`valueFrom:`
			`secretKeyRef:`
			`name: aws-credentials`
			`key: secret-key`
			`- name: AWS_DEFAULT_REGION`
			`value: "eu-west-2"`




			`containers:`


			`- name: php-fpm`
			`image: $APP_CONTAINER`
			`command: ["/bin/sh", "-c"]`
			`args:`
			`- \|`
			`cd /var/www`
			`php artisan config:clear`
			`npm install && npm run build`
			`php-fpm`
			`resources:`
			`requests:`
			`memory: "128Mi"`
			`cpu: "100m"`
			`limits:`
			`memory: "256Mi"`
			`cpu: "500m"`
			`env:`
			`- name: APP_NAME`
			`value: "infctl"`
			`- name: APP_ENV`
			`value: production`
			`- name: APP_KEY`
			`valueFrom:`
			`secretKeyRef:`
			`name: app-key-secret`
			`key: app_key`
			`- name: APP_DEBUG`
			`value: "false"`
			`- name: APP_URL`
			`value: "https://ctl.headshed.dev/"`
			`- name: APP_LOCAL`
			`value: "en"`
			`- name: APP_FALLBACK_LOCALE`
			`value: "en"`
			`- name: APP_FAKER_LOCALE`
			`value: "en_US"`
			`- name: APP_MAINTENANCE_DRIVER`
			`value: "file"`
			`- name: PHP_CLI_SERVER_WORKERS`
			`value: "4"`
			`- name: BCRYPT_ROUNDS`
			`value: "12"`
			`- name: LOG_CHANNEL`
			`value: "stack"`
			`- name: LOG_STACK`
			`value: "single"`
			`- name: LOG_DEPRECATIONS_CHANNEL`
			`value: ""`
			`- name: LOG_LEVEL`
			`value: "debug"`
			`- name: DB_CONNECTION`
			`value: pgsql`
			`- name: DB_HOST`
			`valueFrom:`
			`secretKeyRef:`
			`name: pg-credentials`
			`key: host`
			`- name: DB_PORT`
			`value: "5432"`
			`- name: DB_DATABASE`
			`valueFrom:`
			`secretKeyRef:`
			`name: pg-credentials`
			`key: dbname`
			`- name: DB_USERNAME`
			`valueFrom:`
			`secretKeyRef:`
			`name: pg-credentials`
			`key: username`
			`- name: DB_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: pg-credentials`
			`key: password`
			`- name: SESSION_DRIVER`
			`value: "database"`
			`- name: SESSION_LIFETIME`
			`value: "120"`
			`- name: SESSION_ENCRYPT`
			`value: "false"`
			`- name: SESSION_PATH`
			`value: "/"`
			`- name: SESSION_DOMAIN`
			`value: ""`
			`- name: BROADCAST_CONNECTION`
			`value: "log"`
			`- name: FILESYSTEM_DISK`
			`value: "s3"`
			`- name: FILAMENT_FILESYSTEM_DISK`
			`value: "s3"`
			`- name: QUEUE_CONNECTION`
			`value: "redis"`
			`- name: CACHE_STORE`
			`value: "database"`
			`- name: MEMCACHED_HOST`
			`value: "127.0.0.1"`
			`- name: REDIS_CLIENT`
			`value: "phpredis"`
			`- name: REDIS_HOST`
			`value: "redis.redis.svc.cluster.local"`
			`- name: REDIS_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: redis-auth`
			`key: password`
			`- name: REDIS_PORT`
			`value: "6379"`
			`- name: MAIL_MAILER`
			`value: "smtp"`
			`- name: MAIL_HOST`
			`value: "smtp.fastmail.com"`
			`- name: MAIL_PORT`
			`value: "465"`
			`- name: MAIL_USERNAME`
			`valueFrom:`
			`secretKeyRef:`
			`name: smtp-credentials`
			`key: user`
			`- name: MAIL_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: smtp-credentials`
			`key: password`
			`- name: MAIL_ENCRYPTION`
			`value: "ssl"`
			`- name: MAIL_FROM_ADDRESS`
			`value: "info@headshed.dev"`
			`- name: MAIL_FROM_NAME`
			`value: "Headshed"`
			`- name: AWS_ACCESS_KEY_ID`
			`valueFrom:`
			`secretKeyRef:`
			`name: aws-credentials`
			`key: access-key`
			`- name: AWS_SECRET_ACCESS_KEY`
			`valueFrom:`
			`secretKeyRef:`
			`name: aws-credentials`
			`key: secret-key`
			`- name: AWS_DEFAULT_REGION`
			`value: "eu-west-2"`
			`- name: AWS_BUCKET`
			`value: "headsheddev-sharelt-cust-data"`
			`- name: AWS_USE_PATH_STYLE_ENDPOINT`
			`value: "false"`
			`- name: VITE_APP_NAME`
			`value: "infctl"`
			`tty: true`
			`workingDir: /var/www`
			`volumeMounts:`
			`- name: infctl-public-data`
			`mountPath: /var/www/public`
			`- name: infctl-storage-data`
			`mountPath: /var/www/storage`
			`- name: infctl-database-data`
			`mountPath: /var/www/database`
			`- mountPath: /usr/local/etc/php/conf.d/local.ini`
			`name: php-config`
			`subPath: local.ini`


			`- name: nginx`
			`image: nginx:1.28`
			`imagePullPolicy: IfNotPresent`
			`resources:`
			`requests:`
			`memory: "64Mi"`
			`cpu: "50m"`
			`limits:`
			`memory: "128Mi"`
			`cpu: "100m"`
			`ports:`
			`- containerPort: 80`
			`volumeMounts:`
			`- name: infctl-public-data`
			`mountPath: /var/www/public`
			`- name: infctl-storage-data`
			`mountPath: /var/www/storage`
			`- name: infctl-database-data`
			`mountPath: /var/www/database`
			`- name: nginx-config`
			`mountPath: /etc/nginx/conf.d`


			`volumes:`
			`- name: init-script`
			`configMap:`
			`name: init-data-script`
			`- name: merge-script`
			`configMap:`
			`name: merge-data-script`
			`- name: nginx-config`
			`configMap:`
			`name: nginx-config`
			`# - name: nginx-content`
			`# configMap:`
			`# name: nginx-content`
			`- name: infctl-public-data`
			`persistentVolumeClaim:`
			`claimName: infctl-public-data-pvc`
			`- name: infctl-storage-data`
			`persistentVolumeClaim:`
			`claimName: infctl-storage-data-pvc`
			`- name: infctl-database-data`
			`persistentVolumeClaim:`
			`claimName: infctl-database-data-pvc`
			`- name: php-config`
			`configMap:`
			`name: php-config`