claude/k8s-apps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
568 Commits 48 Branches 0 Tags
Commit Graph

568 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Promotion Bot
c2c73f248f promote: report-generator 87cce4c to prod
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 9s
Details
2026-02-20 18:04:35 +01:00
claude
e20f8bfce1 Merge pull request 'promote: report-generator 87cce4c to staging' (#200) from promote/report-generator-87cce4c-staging into main 2026-02-20 18:00:13 +01:00
Promotion Bot
bdbab150c8 promote: report-generator 87cce4c to staging
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 13s
Details
2026-02-20 17:59:54 +01:00
claude
3b5bf8e851 Merge pull request 'refactor: remove MinIO from all environments' (#199) from refactor/remove-minio into main 2026-02-20 17:59:51 +01:00
Claude
c25bc6c9ce refactor: remove MinIO from all environments
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 2s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 10s
Details 
- Remove MINIO_* env vars from dev/staging/prod values
- Remove minio-access-key and minio-secret-key from secrets
- Remove port 9000 from NetworkPolicy egress rules
- PDF stored in PostgreSQL BYTEA, MinIO no longer needed

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-20 17:57:32 +01:00
claude
a2febd8957 Merge pull request 'deploy: report-generator 87cce4c to dev' (#198) from deploy/report-generator-87cce4c into main 2026-02-20 17:56:08 +01:00
CI Bot
72eb2edcb2 deploy: report-generator 87cce4c to dev
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 11s
Details
2026-02-20 16:55:51 +00:00
claude
f3289324f9 Merge pull request 'promote: report-generator ea10e3b to prod' (#197) from promote/report-generator-ea10e3b-prod into main 2026-02-20 16:20:38 +01:00
Promotion Bot
551711e8a9 promote: report-generator ea10e3b to prod
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 9s
Details
2026-02-20 16:20:21 +01:00
claude
7e0c6049c8 Merge pull request 'promote: report-generator ea10e3b to staging' (#196) from promote/report-generator-ea10e3b-staging into main 2026-02-20 16:20:14 +01:00
Promotion Bot
80ba1b9b6f promote: report-generator ea10e3b to staging
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 12s
Details
2026-02-20 16:19:57 +01:00
claude
aa6a488ccc Merge pull request 'deploy: report-generator ea10e3b to dev' (#195) from deploy/report-generator-ea10e3b into main 2026-02-20 16:18:09 +01:00
CI Bot
04a382aaec deploy: report-generator ea10e3b to dev
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 2s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 11s
Details
2026-02-20 15:17:52 +00:00
claude
5395638f20 Merge pull request 'promote: report-generator e88d8e8 to prod' (#194) from promote/report-generator-e88d8e8-prod into main 2026-02-20 15:39:12 +01:00
Promotion Bot
367bf3ef4e promote: report-generator e88d8e8 to prod
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 2s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 10s
Details
2026-02-20 15:38:55 +01:00
claude
9e801f2170 Merge pull request 'promote: report-generator e88d8e8 to staging' (#193) from promote/report-generator-e88d8e8-staging into main 2026-02-20 15:34:31 +01:00
Promotion Bot
c12ffd5957 promote: report-generator e88d8e8 to staging
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 2s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 9s
Details
2026-02-20 15:34:14 +01:00
claude
2f35449741 Merge pull request 'deploy: report-generator e88d8e8 to dev' (#192) from deploy/report-generator-e88d8e8 into main 2026-02-20 15:23:57 +01:00
CI Bot
903df36578 deploy: report-generator e88d8e8 to dev
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 2s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 9s
Details
2026-02-20 14:23:40 +00:00
claude
c17d79d1e9 Merge pull request 'promote: report-generator aa09a1c to prod' (#191) from promote/report-generator-aa09a1c-prod into main 2026-02-20 11:18:52 +01:00
Promotion Bot
726f5543e9 promote: report-generator aa09a1c to prod
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 9s
Details
2026-02-20 11:18:35 +01:00
claude
965354ca3b Merge pull request 'fix: increase resource quotas for VM migration' (#190) from fix/resource-quotas into main 2026-02-20 11:05:25 +01:00
Claude
2881b388c4 chore: increase resource quotas for VM migration
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 2s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 9s
Details 
PG/MinIO removed from K8s, report-generator needs more CPU for
in-Go aggregation. Prod quota supports HPA up to 5 replicas.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-20 11:04:01 +01:00
claude
f83afaf5e4 Merge pull request 'promote: report-generator aa09a1c to staging' (#189) from promote/report-generator-aa09a1c-staging into main 2026-02-20 11:00:26 +01:00
Promotion Bot
a5e26bf2aa promote: report-generator aa09a1c to staging
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 2s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 11s
Details
2026-02-20 11:00:09 +01:00
claude
1dc41e5fdc Merge pull request 'feat: migrate PG/MinIO to external VM 202' (#188) from feat/vm-migration into main 2026-02-20 10:54:42 +01:00
Claude
67b69c31d5 feat: move PG/MinIO to external VM, update all manifests
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 2s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 9s
Details 
- Delete postgresql.yaml and minio.yaml (6 files) — stateful pods removed
- NetworkPolicy: replace podSelector with ipBlock 185.47.204.228/32
- Secrets: update credentials for VM PostgreSQL and MinIO
- Values: point DB_HOST/MINIO_ENDPOINT to VM, increase resources for CPU-intensive workload
- Seed jobs: v3 targeting VM databases (reports_dev/staging/prod)
- Prod: HPA 1-5 replicas, CPU req 1/lim 4, mem req 1Gi/lim 4Gi

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-20 10:44:00 +01:00
claude
87b0eb2364 Merge pull request 'deploy: report-generator aa09a1c to dev' (#187) from deploy/report-generator-aa09a1c into main 2026-02-20 10:27:57 +01:00
CI Bot
a8fa672582 deploy: report-generator aa09a1c to dev
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 10s
Details
2026-02-20 09:27:40 +00:00
claude
fe5e668e90 Merge pull request 'promote: report-generator 4f202c9 to prod' (#186) from promote/report-generator-4f202c9-prod into main 2026-02-20 08:26:38 +01:00
Promotion Bot
8e1b626620 promote: report-generator 4f202c9 to prod
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 9s
Details
2026-02-20 08:26:21 +01:00
claude
8e3559a431 Merge pull request 'promote: report-generator 4f202c9 to staging' (#185) from promote/report-generator-4f202c9-staging into main 2026-02-20 08:24:22 +01:00
Promotion Bot
2c4de5a4aa promote: report-generator 4f202c9 to staging
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 10s
Details
2026-02-20 08:24:05 +01:00
claude
6d299c07a0 Merge pull request 'deploy: report-generator 4f202c9 to dev' (#184) from deploy/report-generator-4f202c9 into main 2026-02-20 08:19:07 +01:00
CI Bot
3bc3707ab7 deploy: report-generator 4f202c9 to dev
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 2s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 10s
Details
2026-02-20 07:18:50 +00:00
claude
a2c340899a Merge pull request 'fix: rewrite seed job to avoid PL/pgSQL $$ blocks' (#183) from fix/seed-job-v2 into main 2026-02-20 00:05:05 +01:00
Claude
56d395864b fix: rewrite seed job to avoid PL/pgSQL $$ blocks
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 9s
Details 
The $$ dollar-quoting in PL/pgSQL DO blocks gets expanded by bash
when passed via Kubernetes args to bash -c. Rewrites seed to use
individual psql -c calls and shell loop for batch inserts.

Also adds CREATE TABLE IF NOT EXISTS and idempotency check.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-20 00:04:06 +01:00
claude
9dbcdbf4f4 Merge pull request 'fix: correct NetworkPolicy labels for report-generator' (#182) from fix/networkpolicy-labels into main 2026-02-19 23:48:42 +01:00
Claude
317f371542 fix: correct NetworkPolicy labels for report-generator pods
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 8s
Details 
web-app chart uses Release.Name as app.kubernetes.io/name, so labels are
report-generator-dev/staging/prod, not just report-generator.
 2026-02-19 23:48:13 +01:00
claude
8e7ebc4dc5 Merge pull request 'deploy: report-generator f4f9666 to dev' (#181) from deploy/report-generator-f4f9666 into main 2026-02-19 23:43:19 +01:00
CI Bot
66e5346ade deploy: report-generator f4f9666 to dev
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 8s
Details
2026-02-19 22:43:01 +00:00
claude
dab0404c50 Merge pull request 'feat: add report-generator app (Go + PostgreSQL + MinIO)' (#180) from feat/report-generator into main 2026-02-19 23:41:54 +01:00
Claude
247beaca76 feat: add report-generator app (Go + PostgreSQL + MinIO) for load testing
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 9s
Details 
- 6 ArgoCD apps (API + infra for dev/staging/prod)
- PostgreSQL StatefulSet + MinIO Deployment per namespace
- NetworkPolicies for app-to-db and app-to-minio
- Seed Job (5M orders, 100K customers, 10K products)
- HPA enabled in prod (2-5 replicas, 70% CPU target)
- Helm values with path-based ingress /reports on existing hosts
 2026-02-19 23:40:34 +01:00
claude
04dd2b8464 Merge pull request 'fix(keycloak): proper passwords + fix config-cli import' (#179) from fix/keycloak-override-hostname into main 2026-02-19 17:54:31 +01:00
Claude
04be7fa15f fix(keycloak): proper passwords in realm config + remove forced TOTP
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 3s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 10s
Details 
Root cause of recurring login failures:
- Password 'changeme' didn't meet realm password policy (12+ chars, digits, special)
- keycloak-config-cli failed HTTP 400 on every pod restart
- Failed state meant config-cli retried full import every restart
- requiredActions re-added CONFIGURE_TOTP on every restart

Fixes:
- Set proper passwords meeting password policy requirements
- Set temporary: false (no forced password change)
- Clear requiredActions on user level (realm defaultAction handles new users)
- Config-cli should now succeed and save state, preventing re-import loops

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 17:48:26 +01:00
claude
57e7d5227f Merge pull request 'fix: override KC_HOSTNAME to clear Bitnami default' (#178) from fix/keycloak-override-hostname into main 2026-02-19 17:18:50 +01:00
Claude
8230257299 fix: override KC_HOSTNAME="" to clear Bitnami chart default
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 8s
Details 
Bitnami Keycloak chart auto-sets KC_HOSTNAME from ingress.hostname.
Override with empty string via extraEnvVars so Keycloak derives URLs
from request headers (X-Forwarded-* via ingress, Host via NodePort).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 17:17:06 +01:00
claude
0d3616e964 Merge pull request 'fix: remove KC_HOSTNAME for NodePort OAuth' (#177) from fix/keycloak-remove-hostname into main 2026-02-19 17:10:54 +01:00
Claude
4fd6dfb3b9 fix: remove KC_HOSTNAME to fix NodePort OAuth flow
All checks were successful
AI Review / AI Code Review (pull_request) Successful in 1s
Details
PR Checks / Validate & Security Scan (pull_request) Successful in 8s
Details 
With KC_HOSTNAME set, Keycloak always redirects to the configured
hostname in login form actions, breaking OAuth when accessed via
NodePort (127.0.0.1:30880). Without KC_HOSTNAME, Keycloak derives
URLs from request headers:
- Ingress: X-Forwarded-Host/Proto → https://keycloak.georgepet...
- NodePort: Host header → http://127.0.0.1:30880
KC_PROXY_HEADERS=xforwarded is kept to trust ingress-nginx headers.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-19 17:09:11 +01:00
claude
ed1b2d6004 Merge pull request 'fix: KC_HOSTNAME_STRICT=false for NodePort access' (#176) from fix/keycloak-hostname-strict into main 2026-02-19 17:03:43 +01:00