feat: deploy config btpxpress-server pour cluster k1

2026-04-22 15:07:14 +00:00
commit 7eddaad126
3 changed files with 150 additions and 0 deletions
--- a/values.yaml
+++ b/values.yaml
@@ -0,0 +1,111 @@
+# Deploy values pour btpxpress-server sur cluster k1 (prod)
+# Override du chart lions-app 1.0.1
+
+lions-app:
+
+  image:
+    registry: registry.lions.dev
+    repository: lionsdev
+    name: btpxpress-server
+    tag: "1.0.0-20251108-134650"   # AUTO-UPDATED by lionsctl pipeline
+    pullPolicy: IfNotPresent
+    pullSecrets:
+      - lionsregistry-secret
+
+  replicaCount: 2
+
+  resources:
+    requests:
+      cpu: 200m
+      memory: 512Mi
+    limits:
+      cpu: "1"
+      memory: 1Gi
+
+  # Env non-sensibles
+  configMap:
+    enabled: true
+    envFrom: true
+    data:
+      QUARKUS_PROFILE: prod
+      APP_ENV: production
+      JAVA_OPTS: "-Xms256m -Xmx512m"
+      QUARKUS_HTTP_PORT: "8080"
+      APP_BASE_URL: https://api.lions.dev
+
+  # Secrets depuis K8s Secrets existants (migration Vault à venir)
+  extraEnvFrom:
+    - secretRef:
+        name: lions-shared-db-secret
+
+  externalSecret:
+    enabled: false   # TODO: migrate to Vault ExternalSecret
+
+  ingress:
+    enabled: true
+    className: nginx
+    clusterIssuer: letsencrypt-prod
+    host: api.lions.dev
+    pathPrefix:
+      enabled: true
+      strip: /btpxpress
+    tls:
+      enabled: true
+    rateLimit:
+      enabled: true
+      rpm: 3000
+      connections: 200
+    annotations:
+      nginx.ingress.kubernetes.io/proxy-body-size: "50m"
+      nginx.ingress.kubernetes.io/proxy-read-timeout: "300"
+      nginx.ingress.kubernetes.io/proxy-send-timeout: "300"
+      nginx.ingress.kubernetes.io/proxy-buffer-size: "16k"
+
+  networkPolicy:
+    enabled: false   # TODO: re-enable après validation egress rules
+
+  probes:
+    liveness:
+      enabled: true
+      httpGet:
+        path: /health/live
+        port: 8080
+      initialDelaySeconds: 60
+      periodSeconds: 30
+      timeoutSeconds: 5
+      failureThreshold: 3
+    readiness:
+      enabled: true
+      httpGet:
+        path: /health/ready
+        port: 8080
+      initialDelaySeconds: 30
+      periodSeconds: 10
+      timeoutSeconds: 5
+      failureThreshold: 3
+
+  volumes:
+    tmp:
+      enabled: true
+      sizeLimit: 200Mi
+    logs:
+      enabled: true
+      sizeLimit: 500Mi
+      mountPath: /app/logs
+    extra:
+      - name: app-storage
+        emptyDir:
+          sizeLimit: 2Gi
+
+  volumeMounts:
+    - name: app-storage
+      mountPath: /app/storage
+
+  tolerations:
+    - key: node-role.kubernetes.io/control-plane
+      operator: Exists
+      effect: NoSchedule
+
+  podAnnotations:
+    lionsctl.lions.dev/cluster: k1
+    lionsctl.lions.dev/environment: production