apiVersion: v1
kind: Service
metadata:
  name: identity-svc
  namespace: egommerce
  annotations:
    haproxy.org/check: "true"
    # haproxy.org/backend-config-snippet: |
    #   http-response set-header X-Custom-Header-Service "rojter"
  labels:
    app: identity-svc
spec:
  type: NodePort
  selector:
    app: identity-svc
  ports:
  - name: identity-svc
    port: 443
    nodePort: 31810
  # - name: identity-svc-metrics
  #   port: 9090
  #   nodePort: 31811
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: identity-svc
  namespace: egommerce
spec:
  replicas: 1
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1           # Number of extra pods that can be created during update
      maxUnavailable: 1     # Max number of pods that can be unavailable during update
  selector:
    matchLabels:
      app: identity-svc
  template:
    metadata:
      labels:
        app: identity-svc
    spec:
      # initContainers:
      # - name: identity-svc-init
      #   image: busybox:1.28
      #   command: [
      #     'sh',
      #     '-c',
      #     '/bin/migrate'
      #   ]
      containers:
      - name: identity-svc
        image: localhost:32000/egommerce/identity-svc:dev
        imagePullPolicy: Always
        env:
          - name: APP_NAME
            value: identity-svc
          - name: APP_DOMAIN
            value: identity-svc.egommerce.io
          - name: APP_PATH_PREFIX
            value: /identity
          - name: API_DATABASE_URL
            value: postgres://egommerce:12345678@db-postgres:5432/egommerce?sslmode=disable
        readinessProbe:
          httpGet:
            scheme: HTTPS
            port: identity-svc
            path: /health
          initialDelaySeconds: 5
          periodSeconds: 5
          failureThreshold: 1
        livenessProbe:
          httpGet:
            scheme: HTTPS
            port: identity-svc
            path: /health
          initialDelaySeconds: 5
          periodSeconds: 5
          failureThreshold: 1
        volumeMounts:
          - name: identity-cert
            mountPath: /certs/identity-svc.crt
            readOnly: true
          - name: identity-key
            mountPath: /certs/identity-svc.key
            readOnly: true
          - name: identity-migrations
            mountPath: /migrations
            readOnly: true
        resources:
          limits:
            cpu: 100m
            memory: 512M
          requests:
            cpu: 50m
            memory: 256M
        ports:
        - name: identity-svc
          containerPort: 443
      # - name: identity-svc-metrics
      #   image: prom/prometheus-exporter:latest
      #   ports:
      #     - containerPort: 9090
      #   args:
      #     - --web.listen-address=:9090
        #     - --web.telemetry-path=/metrics
      - name: identity-scheduler # Scheduler Container
        image: localhost:32000/egommerce/identity-svc:dev
        imagePullPolicy: Always
        command: [
          "/usr/local/bin/scheduler"
        ]
        resources:
          limits:
            cpu: 100m
            memory: 512Mi
          requests:
            cpu: 50m
            memory: 256Mi
      imagePullSecrets:
      - name: regcred
      volumes:
      - name: identity-cert
        hostPath:
          path: /egommerce/stack/deploy/certs/identity-svc/identity-svc.crt
          type: File
      - name: identity-key
        hostPath:
          path: /egommerce/stack/deploy/certs/identity-svc/identity-svc.key
          type: File
      - name: identity-migrations
        hostPath:
          path: /egommerce/stack/deploy/db_migrations/identity-svc
          type: Directory