infrastructure/kustomization/bases/nocodelytics-dashboard.yaml

apiVersion: cert-manager.io/v1
kind: Certificate
metadata:
  name: nocodelytics-dashboard
spec:
  secretName: nocodelytics-dashboard-net-tls
  issuerRef:
    name: letsencrypt-prod
    kind: Issuer
  commonName: default.nocodelytics.com
  dnsNames:
    - default.nocodelytics.com
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: nocodelytics-dashboard
spec:
  replicas: 1
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  selector:
    matchLabels:
      ms: nocodelytics-dashboard
  template:
    metadata:
      labels:
        ms: nocodelytics-dashboard
    spec:
      imagePullSecrets:
        - name: regcred
      containers:
        - name: nocodelytics-dashboard
          imagePullPolicy: Always
          image: container-registry.nocodelytics.com/nocodelytics/dashboard:latest
          readinessProbe:
            tcpSocket:
              port: 8080
            initialDelaySeconds: 5
            periodSeconds: 10
          livenessProbe:
            tcpSocket:
              port: 8080
            initialDelaySeconds: 10
            failureThreshold: 5
            periodSeconds: 10
            terminationGracePeriodSeconds: 60
          env:
            - name: PORT
              value: "8080"
            - name: K8S_NODE_NAME
              valueFrom:
                fieldRef:
                  fieldPath: spec.nodeName
            - name: K8S_NAMESPACE
              valueFrom:
                fieldRef:
                  fieldPath: metadata.namespace
            - name: ENCRYPTION_KEY
              valueFrom:
                secretKeyRef:
                  name: secrets
                  key: ENCRYPTION_KEY
          resources:
            requests:
              memory: "256Mi"
              cpu: "50m"
              ephemeral-storage: "1Mi"
            limits:
              memory: "512Mi"
              cpu: "200m"
              ephemeral-storage: "1Mi"
      nodeSelector:
        kubernetes.io/arch: arm64
      tolerations:
        - key: "arch"
          operator: "Equal"
          value: "arm64"
          effect: "NoSchedule"
---
apiVersion: v1
kind: Service
metadata:
  name: nocodelytics-dashboard
spec:
  type: NodePort
  selector:
    ms: nocodelytics-dashboard
  ports:
    - port: 8080
      targetPort: 8080
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nocodelytics-dashboard-nginx-ingress
  annotations:
    kubernetes.io/ingress.class: "traefik"
    cert-manager.io/issuer: letsencrypt-prod
    traefik.ingress.kubernetes.io/redirect-entry-point: https
    cert-manager.io/acme-challenge-type: http01
spec:
  rules:
    - host: default.nocodelytics.com
      http:
        paths:
          - path: /
            pathType: Prefix
            backend:
              service:
                name: nocodelytics-dashboard
  tls:
    - hosts:
        - default.nocodelytics.com
      secretName: nocodelytics-dashboard-net-tls