Skip to content

Deploy releases/k8s-manifests 1b74200 #164

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
themightychris merged 4 commits into from
May 18, 2026
Merged

Deploy releases/k8s-manifests 1b74200 #164

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
fadcf31
docs(claude): add repo-local agent instructions
themightychris May 18, 2026
bbb9942
Add codeforphilly-ng (the rewrite)
themightychris May 18, 2026
044c2b0
Merge pull request #163 from CodeForPhilly/add-codeforphilly-ng
themightychris May 18, 2026
1b74200
☀ projected k8s-manifests-github from 044c2b0
themightychris May 18, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions _/Namespace/codeforphilly-rewrite-sandbox.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
apiVersion: v1
kind: Namespace
metadata:
name: codeforphilly-rewrite-sandbox
18 changes: 18 additions & 0 deletions codeforphilly-rewrite-sandbox/ConfigMap/codeforphilly-env.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
apiVersion: v1
data:
CFP_DATA_BRANCH: fixture
CFP_DATA_REPO_PATH: /app/data
CFP_PRIVATE_STORAGE_PATH: /app/private-storage
CFP_WEB_DIST_PATH: /app/apps/web/dist
GIT_AUTHOR_EMAIL: api@codeforphilly.org
GIT_AUTHOR_NAME: CodeForPhilly API
GIT_SSH_COMMAND: >-
ssh -i /etc/cfp-data-deploy-key/id_ed25519 -o IdentitiesOnly=yes -o
StrictHostKeyChecking=accept-new -o UserKnownHostsFile=/dev/null
NODE_ENV: production
PORT: '3001'
STORAGE_BACKEND: filesystem
kind: ConfigMap
metadata:
name: codeforphilly-env
namespace: codeforphilly-rewrite-sandbox
83 changes: 83 additions & 0 deletions codeforphilly-rewrite-sandbox/Deployment/codeforphilly.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,83 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: codeforphilly
namespace: codeforphilly-rewrite-sandbox
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: codeforphilly
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/name: codeforphilly
spec:
containers:
- env:
- name: HOST
value: 0.0.0.0
envFrom:
- configMapRef:
name: codeforphilly-env
- secretRef:
name: codeforphilly-secrets
image: ghcr.io/codeforphilly/codeforphilly-ng:sandbox
imagePullPolicy: Always
livenessProbe:
httpGet:
path: /api/health
port: http
initialDelaySeconds: 60
periodSeconds: 30
timeoutSeconds: 5
name: codeforphilly
ports:
- containerPort: 3001
name: http
readinessProbe:
failureThreshold: 30
httpGet:
path: /api/health/ready
port: http
initialDelaySeconds: 10
periodSeconds: 5
resources:
limits:
cpu: 1000m
memory: 768Mi
requests:
cpu: 100m
memory: 384Mi
securityContext:
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
runAsGroup: 1000
runAsNonRoot: true
runAsUser: 1000
volumeMounts:
- mountPath: /app/data
name: data
- mountPath: /app/private-storage
name: private
- mountPath: /etc/cfp-data-deploy-key
name: deploy-key
readOnly: true
securityContext:
fsGroup: 1000
serviceAccountName: codeforphilly
volumes:
- name: data
persistentVolumeClaim:
claimName: codeforphilly-data
- name: private
persistentVolumeClaim:
claimName: codeforphilly-private
- name: deploy-key
secret:
defaultMode: 256
secretName: codeforphilly-data-deploy-key
2 changes: 1 addition & 1 deletion codeforphilly-rewrite-sandbox/Gateway/codeforphilly.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ spec:
- allowedRoutes:
namespaces:
from: Same
hostname: codeforphilly-rewrite.codeforphilly.sandbox.k8s.phl.io
hostname: next-v2.codeforphilly.org
name: https
port: 443
protocol: HTTPS
Expand Down
6 changes: 5 additions & 1 deletion codeforphilly-rewrite-sandbox/HTTPRoute/codeforphilly.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,14 @@ metadata:
namespace: codeforphilly-rewrite-sandbox
spec:
hostnames:
- codeforphilly-rewrite.codeforphilly.sandbox.k8s.phl.io
- next-v2.codeforphilly.org
parentRefs:
- name: codeforphilly
rules:
- backendRefs:
- name: codeforphilly
port: 80
matches:
- path:
type: PathPrefix
value: /
12 changes: 12 additions & 0 deletions codeforphilly-rewrite-sandbox/PersistentVolumeClaim/codeforphilly-data.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: codeforphilly-data
namespace: codeforphilly-rewrite-sandbox
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
storageClassName: linode-block-storage-retain
12 changes: 12 additions & 0 deletions codeforphilly-rewrite-sandbox/PersistentVolumeClaim/codeforphilly-private.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: codeforphilly-private
namespace: codeforphilly-rewrite-sandbox
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 1Gi
storageClassName: linode-block-storage-retain
13 changes: 13 additions & 0 deletions codeforphilly-rewrite-sandbox/SealedSecret/codeforphilly-data-deploy-key.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: codeforphilly-data-deploy-key
namespace: codeforphilly-rewrite-sandbox
spec:
encryptedData:
id_ed25519: >-
AgAfJZfYzNyySAAyeqVVS297WB/+sXIz9rU8OXzryC0Vp2AgS+al9ZzOqgB/GrNDub10Tdt2d/IuSLE8FKUXz0OiIv19WwJfsINZUJjbRX04C6TXnyRa5wRcOv/hP9Va/Hz2SxpfDtWxey2O6IBCH2b0+5pajC8YsXxw8VHvZY+bJJMuNv6piphgxIo67kcrGsx3pN7naUUObutRkm3aThsmZ5TWxd7fHuiVWi7+E3ek7JLqAmOXdA8JFv14CLtEKDgx524wLavJ1vzEBAxdhd5PBWgp0CY2FKmlSbxzYmp/wFUEc2hBvWQJWO1SjfIt/CgdjSanVR7/wQARCvQ7EBV3DYVi8TkoGthtz3yD9O58Et6q6V88m/lhB+hCjrevSnwk3EqbygZh8nkWM8UDhXzShvurowakWb1YWTKBvGn7HMiaC3coBcakPf1dgJkzr3BAijZL/2cvWOiSZQx9VX///vYmxyr72jSabIW2nArnz1K9q88mL0RjNPB/0vdjTt4MLKC+2UwQ4jtfB7NLp6UPELZe68MH6Xr3YiufEoZJ3wFpSK1X4deIz4pRJwCkX4BrCyDg2S+TgEZnI8O9HkwOkd8PxlkpB7WUTeR8wrR3RouBHilXh3iUGt949rjC6t8ww9qsvfTzrtSMCX87rdD4B9ewxgetIzMLzJWJTyllQNz8srVFCu5FFjaYZTgUbPxKWQ+RePchnWGPxgTjduwSODjPdKimfLZwIacT+XfcBe+0jMW2IarXNC9lLPrpT+iV/9UO7CufyWaduHAkWVHJUJmgf5a8ljcAEuaj+nfkLqCU2jLIAtnUDGHQIk7sKiuJn/e1xkK8PRL2m2OAZU7jUmgWlB/KwMNhoqipkP9+O7AIFHYaxfK+ATyoGAmHjF9ko94sJclaXwz/uPsKyFNUSUH1cxsPfco0LmEPatJHccDXO/yQmXjJaFEOekYQufHp8ThudYv5i1COpHEa8y0A21jL28Pt8vDEHNxJVFNOS+Og85ESvda/CmYefXUlRdLaESITQOukEdS4H/aHkFaympO4GAcZl0Qjzn+EWznbH9GmQipaL0PRUUhEmiiciuDgiNGveFfuNx05096adW8YAxVjNlwookDshzjxW+6OYIBboy1+FWFE+YQlugQusRmm1svXtBlL/Rrh4eM3hyBiuSobtPJ9s9wYyHlIT3D06bLkJdRWCfg7ZwDrqEdTWRmkhJldhNEfop5GAxoyhNX5X3IvxbTiWS1QLY+QP57a2ZtdnBgOsnrVko7kSaWPY1U=
template:
metadata:
name: codeforphilly-data-deploy-key
namespace: codeforphilly-rewrite-sandbox
19 changes: 19 additions & 0 deletions codeforphilly-rewrite-sandbox/SealedSecret/codeforphilly-secrets.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: codeforphilly-secrets
namespace: codeforphilly-rewrite-sandbox
spec:
encryptedData:
CFP_DATA_REMOTE: >-
AgAj4UY/M3uFDp4jJLykFSzihy+C2uSQXHQuuyaOAd7ew14gpw6Vogu5oYMgM1y1yBv1sbJObbnh7ddexYqRfgFKJrgiwc60MoVzwbwt5JHQh1aJJIZ4xizvitbyT1h7GkLzLZbvLdJxAFH876wXn9zw0UAco62qsxkIQgoRGBN/Gq7SQDT6+HHv1Uc3LeDiqdnne49LIP/M32DSu8IQ0CffyA+pdAdTwCaRoMBh63rdhoLM4Ildvlt6jSWHP0dJFmYRP9gtKCKgLUycz7fXhU0xxYaAOc7T2Z0rVf6DkkZDaqwgKEFk52300kuz1xW3BufrZ2jCfcXs4AAwwUuWj17MNICq0dei7MDRurmGpgJJDdfaCvTD4+wggm/VUBvXWQIuhE9/PtIumx/brVCJQ05YmeyFSrL4D+COSmhlXS3vmngpy3lHB+2qEbwM8ZHnwB/Ff1XP4HVSPUdXejWU4vdFY6VQ/4hjCLDAgjQLGRTGBmaFX1aJqygjK1JzRnGts0aCniPTL/qF1s5OcHJeIAvkN0WleceEi5u7CnvEdAcSAfkYu0QiwnoXNeIhFzPekEJyP6c6KY9oaw+kEirWgvCwis5QUiGOIO4kFcGXfDVzCRu1GM4T7WV969n8nJSGcSQQSmVa4uPCAlZld8etvbR4xa8dSXaeZ6Nb6L3FIVqc05Zy0U9cnKnfSGKWvHEANtBA7ItPq9GUlE6DCTb9guwlUGWHpG7tk1iuTnUD5b0P5r7zALF7rAufCKHEPpNWn7Mfg/k=
CFP_JWT_SIGNING_KEY: >-
AgClhcixIR+sgvwpmHiqkB3MOL9CTCgjRT7d7AcWkYe7tjXCdvj42x5RiTbHRJh7h8koWwvm/M9txEhCnkV8iT8O6vLAq1ZPBvSk+L+uh6dZDW92u8L0/WIpVxLF9CjLmD7YbLpt2LA7ntne3pbZM6XgH6Xs9yYVEdLhEZ4/vOgzwJF1o3rj6puVsx5pWdUFgl1AXsjUdwUEK7fYSyQIXOLeLY3TVquTRATC/BEXaJHTSqHJjGaDemr1+ZqdbysFCADtOOhjOUxbItfGsm0sIUFEFkPOf+rGrTt0Mqp8CAoJEgkwEITHjA8qXKsJN/zZmDDh5xutCw36k5KtABUMPcn+QT6EjK+N9EutM08Ul+DZL+KfHg5z9/B/3lL68xU/J7H2TbB93icSDgbvV/NEjiyZ7JnaZqt+fPDpl0Gs/QMAdjNxtqYCYp9gFj5MsM0s5qkx4mnrgSHyOACb2H96wqVI7LvIZqhjnpNqY5V8Qvhb7rjLedEsmLDfPSRJYrg7s/cpmdxaCyuBf/zqUSSCvjKo7L66lZ0t3lG+dtVy3fgRoabeOGB6hOY5Jj1GAK8avC4PZ0vLuYTTPIweOJOIakSL37Rxit4UgvuuoiB6oEqnsDD/9YBeZAJNjf3XNDDud7dScWhI1zRJ9N7qbHeAcSkWOO/CK+cFWXVB31ErBCrDIuiwiMnna5VurC96+xASRxGdeDh83I3f3uTM5OQCH0efUAHhw5ld3IAu/2wpfQK3ac2XziYn7L2QIyHOsULkAf0oRoJjodOX3V2Kmp3khY8w
GITHUB_OAUTH_CLIENT_ID: >-
AgBZj/mQl8EKMl6Cey9OWK090/IecVx6YlonWqh7v63QOVwyFzj6ksObLC2Fw0H9OHaFtL3qGF1qGn35MyYI3uhGB1miLLYivGVA7jNHN8Wy4es/tDnZRHcsP4LI7NQMTsf1dz4tknLinpmZqPuMwwqcUCRrSasagmYLHREXZNvGm1ONSSniuoqmnQobj2v7/YNHhn7qK/kVqflOGb0n9Ai4bHvrgGuxXTHCvl/3N8Mb4p3/aWAJuxpFgc6n21MS7Hjn5mcMb/RwJ7TOn7F/BJnQ4Ii2nzZ5d6U0F37lnMBdN6/Bowp+MNynTttJ+SBUZkjidJ+9s/KXLUXJ8IQp+NR9Ycbbc0+osnHIAhZzBF7+4du0f0S7Te310vll6b4xd0oRoXSQ9FZcqlS5ysOCdgH98q9OWw5TJWF8KfwNq+j62YifICSz5u5FfUnbzTgxe7RctIkhW0elgHTJx07WJx2I53PrxbbrICnCqDSMQbWU5wcqyCXxmFXOBSMZG0Gycjg2rAWaPgot7Q7F752I8oOewB28uACYjHlULR/2BKrCf90+RZOFI4AhUctvTTMn4qR89QrDE5EIdJi5x/x7pcMiM6doWrL1MJdnQ/VEUa+AsJEDVWA0G1a4y/OIRI7rKyYZdpUSabmzQTBxk0CBMa07dX3N5IaX0+YDt2NosW+xtsjQugifYPze/AnKIFjdB5cHVQzdVWHIls4WKR9bOahstrScrQ==
GITHUB_OAUTH_CLIENT_SECRET: >-
AgA5TBdNd4A6g04YyvGd+ZkpdTrQFeODGLY3MSA+M8STT6ejTBtlVmj0m4ooggPtOYXaUAYAytlANT51yRE7GGbAX5/SiHO04N4MJ2Qpw4Izb1j5OvqZSNRD/78D8Q2KUg+cp/AyqwGctG0v2UYg/qBw536+4q53EMSQzcS2HZADqw5sZNyuqBwA+vUfXFHXqU+ZZw+Dqa5E+2tdCLu6lZdsmM0oWM/iAbKfszT9aNRYJ8I2W6NPyUHLFmoRcDtxYKs1Wqk29Dhfuk7ZsanFrkN0C48a2F1167qhBJMf0dIZ7ZeenFpSoPv5XODOnB89G+ziA7pQVcccegZpA4/rhgoPV8jfFecuY8U+FqDQaAOxwVEXvFZ1kwbsYHO0Ggo1rPivJcCh1oYWufCWFvwLCzIQpZ+KV1wAzjrkcnNeM8kFSwnp3ptbI9ZzgxEbn5zcDC+mRP6O07urKta+4qW+TGepaUuDWN/Ocsz1UP6vEQMtr6fChAxkJFjfJo8O1270VlDLBa0vwF3rmtsUpsfR+OMk/kU7rjrTuJWLcXDiKWoZKprPivWqCcGGLh/7MVsDOYGo9Pc4f4fhrlv14cxIZLc9PhPhgY9MEkZhnqg3RCikRuB9otL6EkPrXx5+qiTl5JsP1Xau9mM77hE2eMY2lyWeokRvCWS7jkBR4q0gL5iuonHMck5ccsiFwBGHP7VFUQeo92p1FZdbX1g5gph7b942uRyuthZTKdfwD/qSBseg4r/06nLlK+Jh
template:
metadata:
name: codeforphilly-secrets
namespace: codeforphilly-rewrite-sandbox
14 changes: 14 additions & 0 deletions codeforphilly-rewrite-sandbox/Service/codeforphilly.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
apiVersion: v1
kind: Service
metadata:
name: codeforphilly
namespace: codeforphilly-rewrite-sandbox
spec:
ports:
- name: http
port: 80
protocol: TCP
targetPort: 3001
selector:
app.kubernetes.io/name: codeforphilly
type: ClusterIP
5 changes: 5 additions & 0 deletions codeforphilly-rewrite-sandbox/ServiceAccount/codeforphilly.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
apiVersion: v1
kind: ServiceAccount
metadata:
name: codeforphilly
namespace: codeforphilly-rewrite-sandbox
Loading