Deployment

apiVersion: apps/v1
kind: Deployment
metadata:
  name: myservice
  labels:
    app: myservice
    version: v1.0.0
spec:
  replicas: 3
  selector:
    matchLabels:
      app: myservice
  template:
    metadata:
      labels:
        app: myservice
        version: v1.0.0
    spec:
      containers:
      - name: myservice
        image: registry.example.com/myservice:v1.0.0
        imagePullPolicy: Always
        ports:
        - name: http
          containerPort: 8000
          protocol: TCP
        - name: grpc
          containerPort: 9000
          protocol: TCP
        env:
        - name: KRATOS_SERVER_HTTP_ADDR
          value: ":8000"
        - name: KRATOS_SERVER_GRPC_ADDR
          value: ":9000"
        - name: KRATOS_DATA_DATABASE_SOURCE
          valueFrom:
            secretKeyRef:
              name: myservice-secrets
              key: database-url
        resources:
          requests:
            memory: "128Mi"
            cpu: "100m"
          limits:
            memory: "512Mi"
            cpu: "500m"
        livenessProbe:
          httpGet:
            path: /health
            port: http
          initialDelaySeconds: 30
          periodSeconds: 10
        readinessProbe:
          httpGet:
            path: /health
            port: http
          initialDelaySeconds: 5
          periodSeconds: 5
      imagePullSecrets:
      - name: registry-credentials

apiVersion: v1
kind: Service
metadata:
  name: myservice
  labels:
    app: myservice
spec:
  type: ClusterIP
  ports:
  - name: http
    port: 8000
    targetPort: http
    protocol: TCP
  - name: grpc
    port: 9000
    targetPort: grpc
    protocol: TCP
  selector:
    app: myservice

apiVersion: v1
kind: ConfigMap
metadata:
  name: myservice-config
data:
  config.yaml: |
    server:
      http:
        network: tcp
        addr: 0.0.0.0:8000
        timeout: 1s
      grpc:
        network: tcp
        addr: 0.0.0.0:9000
        timeout: 1s
    data:
      redis:
        addr: redis:6379
        read_timeout: 0.2s
        write_timeout: 0.2s

apiVersion: v1
kind: Secret
metadata:
  name: myservice-secrets
type: Opaque
stringData:
  database-url: "user:password@tcp(mysql:3306)/mydb?parseTime=True"
  redis-password: "redis-secret-password"

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: myservice-ingress
  annotations:
    kubernetes.io/ingress.class: nginx
    cert-manager.io/cluster-issuer: letsencrypt-prod
spec:
  tls:
  - hosts:
    - api.example.com
    secretName: myservice-tls
  rules:
  - host: api.example.com
    http:
      paths:
      - path: /
        pathType: Prefix
        backend:
          service:
            name: myservice
            port:
              number: 8000

apiVersion: v2
name: myservice
description: A Helm chart for myservice
type: application
version: 1.0.0
appVersion: "1.0.0"

replicaCount: 3

image:
  repository: registry.example.com/myservice
  pullPolicy: Always
  tag: "v1.0.0"

service:
  type: ClusterIP
  httpPort: 8000
  grpcPort: 9000

ingress:
  enabled: true
  className: nginx
  hosts:
    - host: api.example.com
      paths:
        - path: /
          pathType: Prefix
  tls:
    - secretName: myservice-tls
      hosts:
        - api.example.com

resources:
  limits:
    cpu: 500m
    memory: 512Mi
  requests:
    cpu: 100m
    memory: 128Mi

autoscaling:
  enabled: true
  minReplicas: 3
  maxReplicas: 10
  targetCPUUtilizationPercentage: 80

apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: myservice-hpa
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: myservice
  minReplicas: 3
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 80
  - type: Resource
    resource:
      name: memory
      target:
        type: Utilization
        averageUtilization: 80

func NewHTTPServer(c *conf.Server) *http.Server {
	srv := http.NewServer(
		http.Address(c.HTTP.Addr),
	)

	// Liveness probe
	srv.HandleFunc("/health/live", func(ctx http.Context) error {
		return ctx.String(200, "OK")
	})

	// Readiness probe
	srv.HandleFunc("/health/ready", func(ctx http.Context) error {
		// Check dependencies (database, redis, etc.)
		if err := checkDependencies(); err != nil {
			return ctx.String(503, "Not Ready")
		}
		return ctx.String(200, "Ready")
	})

	return srv
}

apiVersion: monitoring.coreos.com/v1
kind: ServiceMonitor
metadata:
  name: myservice
spec:
  selector:
    matchLabels:
      app: myservice
  endpoints:
  - port: http
    path: /metrics
    interval: 30s

name: Deploy

on:
  push:
    branches: [ main ]

jobs:
  build:
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v3
    
    - name: Set up Go
      uses: actions/setup-go@v4
      with:
        go-version: 1.21
    
    - name: Test
      run: go test -v ./...
    
    - name: Build
      run: go build -v ./cmd/server
    
    - name: Build Docker image
      run: docker build -t myservice:${{ github.sha }} .
    
    - name: Push to registry
      run: |
        echo ${{ secrets.REGISTRY_PASSWORD }} | docker login -u ${{ secrets.REGISTRY_USERNAME }} --password-stdin
        docker tag myservice:${{ github.sha }} registry.example.com/myservice:${{ github.sha }}
        docker push registry.example.com/myservice:${{ github.sha }}
    
    - name: Deploy to Kubernetes
      uses: azure/k8s-deploy@v4
      with:
        manifests: |
          k8s/deployment.yaml
          k8s/service.yaml
        images: registry.example.com/myservice:${{ github.sha }}
        kubectl-version: 'latest'