# Deploy values pour unionflow-client-quarkus-primefaces-freya sur cluster k1 (prod) # Override du chart lions-app 1.0.1 lions-app: image: registry: registry.lions.dev repository: lionsdev name: unionflow-client-quarkus-primefaces-freya tag: "1.0.5-20260418-081337" # AUTO-UPDATED by lionsctl pipeline pullPolicy: IfNotPresent pullSecrets: - lionsregistry-secret replicaCount: 1 resources: requests: cpu: 200m memory: 512Mi limits: cpu: "1" memory: 1Gi # Env non-sensibles configMap: enabled: true envFrom: true data: QUARKUS_PROFILE: prod APP_ENV: production JAVA_OPTS: "-Xms256m -Xmx512m" QUARKUS_HTTP_PORT: "8080" APP_BASE_URL: https://unionflow.lions.dev # Secrets depuis K8s Secrets existants (migration Vault à venir) extraEnvFrom: - secretRef: name: unionflow-client-oidc-secret externalSecret: enabled: false # TODO: migrate to Vault ExternalSecret ingress: enabled: true className: nginx clusterIssuer: letsencrypt-prod host: unionflow.lions.dev pathPrefix: enabled: false tls: enabled: true rateLimit: enabled: true rpm: 3000 connections: 200 annotations: nginx.ingress.kubernetes.io/proxy-body-size: "50m" nginx.ingress.kubernetes.io/proxy-read-timeout: "300" nginx.ingress.kubernetes.io/proxy-send-timeout: "300" nginx.ingress.kubernetes.io/proxy-buffer-size: "16k" networkPolicy: enabled: false # TODO: re-enable après validation egress rules probes: liveness: enabled: true httpGet: path: /health/live port: 8080 initialDelaySeconds: 60 periodSeconds: 30 timeoutSeconds: 5 failureThreshold: 3 readiness: enabled: true httpGet: path: /health/ready port: 8080 initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 5 failureThreshold: 3 volumes: tmp: enabled: true sizeLimit: 200Mi logs: enabled: true sizeLimit: 500Mi mountPath: /app/logs extra: - name: app-storage emptyDir: sizeLimit: 2Gi volumeMounts: - name: app-storage mountPath: /app/storage tolerations: - key: node-role.kubernetes.io/control-plane operator: Exists effect: NoSchedule podAnnotations: lionsctl.lions.dev/cluster: k1 lionsctl.lions.dev/environment: production