bakery-ia/infrastructure/services/databases/demo-session-db.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: demo-session-db
  namespace: bakery-ia
  labels:
    app: demo-session-db
    component: database
    app.kubernetes.io/name: demo-session-db
    app.kubernetes.io/part-of: bakery-forecasting-platform
spec:
  replicas: 1
  strategy:
    type: Recreate
  selector:
    matchLabels:
      app: demo-session-db
  template:
    metadata:
      labels:
        app: demo-session-db
        component: database
    spec:
      securityContext:
        fsGroup: 70
      initContainers:
      - name: fix-tls-permissions
        image: busybox:1.36
        securityContext:
          runAsUser: 0
        command: ['sh', '-c']
        args:
        - |
          cp /tls-source/* /tls/
          chmod 600 /tls/server-key.pem
          chmod 644 /tls/server-cert.pem /tls/ca-cert.pem
          chown 70:70 /tls/*
          ls -la /tls/
        volumeMounts:
        - name: tls-certs-source
          mountPath: /tls-source
          readOnly: true
        - name: tls-certs-writable
          mountPath: /tls
      containers:
      - name: postgres
        image: postgres:17-alpine
        ports:
        - containerPort: 5432
          name: postgres
        envFrom:
        - configMapRef:
            name: bakery-config
        env:
        - name: POSTGRES_USER
          valueFrom:
            secretKeyRef:
              name: database-secrets
              key: DEMO_SESSION_DB_USER
        - name: POSTGRES_PASSWORD
          valueFrom:
            secretKeyRef:
              name: database-secrets
              key: DEMO_SESSION_DB_PASSWORD
        - name: POSTGRES_DB
          value: demo_session_db
        - name: PGDATA
          value: /var/lib/postgresql/data/pgdata
        volumeMounts:
        - name: demo-session-db-data
          mountPath: /var/lib/postgresql/data
        - name: tls-certs-writable
          mountPath: /tls
          readOnly: true
        resources:
          requests:
            memory: "256Mi"
            cpu: "100m"
          limits:
            memory: "512Mi"
            cpu: "200m"
        livenessProbe:
          exec:
            command:
            - sh
            - -c
            - exec pg_isready -U "$POSTGRES_USER" -d "$POSTGRES_DB"
          initialDelaySeconds: 30
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 6
        readinessProbe:
          exec:
            command:
            - sh
            - -c
            - exec pg_isready -U "$POSTGRES_USER" -d "$POSTGRES_DB"
          initialDelaySeconds: 5
          periodSeconds: 10
          timeoutSeconds: 5
          failureThreshold: 6
      volumes:
      - name: demo-session-db-data
        persistentVolumeClaim:
          claimName: demo-session-db-pvc
      - name: tls-certs-source
        secret:
          secretName: postgres-tls
          items:
          - key: server-cert.pem
            path: server-cert.pem
          - key: server-key.pem
            path: server-key.pem
          - key: ca-cert.pem
            path: ca-cert.pem
      - name: tls-certs-writable
        emptyDir: {}


---
apiVersion: v1
kind: Service
metadata:
  name: demo-session-db-service
  namespace: bakery-ia
  labels:
    app: demo-session-db
    component: database
    app.kubernetes.io/name: demo-session-db-service
    app.kubernetes.io/part-of: bakery-forecasting-platform
spec:
  type: ClusterIP
  selector:
    app: demo-session-db
  ports:
  - name: postgres
    port: 5432
    targetPort: 5432

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: demo-session-db-pvc
  namespace: bakery-ia
  labels:
    app: demo-session-db
    component: database
    app.kubernetes.io/name: demo-session-db-pvc
    app.kubernetes.io/part-of: bakery-forecasting-platform
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 1Gi
  storageClassName: standard
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`name: demo-session-db`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`namespace: bakery-ia`
			`labels:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`app: demo-session-db`
			`component: database`
			`app.kubernetes.io/name: demo-session-db`
			`app.kubernetes.io/part-of: bakery-forecasting-platform`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`spec:`
			`replicas: 1`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`strategy:`
			`type: Recreate`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`selector:`
			`matchLabels:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`app: demo-session-db`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`template:`
			`metadata:`
			`labels:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`app: demo-session-db`
			`component: database`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`spec:`
Improve teh securty of teh DB 2025-10-19 19:22:37 +02:00			`securityContext:`
			`fsGroup: 70`
			`initContainers:`
			`- name: fix-tls-permissions`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`image: busybox:1.36`
Improve teh securty of teh DB 2025-10-19 19:22:37 +02:00			`securityContext:`
			`runAsUser: 0`
			`command: ['sh', '-c']`
			`args:`
			`- \|`
			`cp /tls-source/* /tls/`
			`chmod 600 /tls/server-key.pem`
			`chmod 644 /tls/server-cert.pem /tls/ca-cert.pem`
			`chown 70:70 /tls/*`
			`ls -la /tls/`
			`volumeMounts:`
			`- name: tls-certs-source`
			`mountPath: /tls-source`
			`readOnly: true`
			`- name: tls-certs-writable`
			`mountPath: /tls`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`containers:`
			`- name: postgres`
Update requirements and insfra versions 2025-10-17 23:09:40 +02:00			`image: postgres:17-alpine`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`ports:`
			`- containerPort: 5432`
			`name: postgres`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`envFrom:`
			`- configMapRef:`
			`name: bakery-config`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`env:`
			`- name: POSTGRES_USER`
			`valueFrom:`
			`secretKeyRef:`
			`name: database-secrets`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`key: DEMO_SESSION_DB_USER`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`- name: POSTGRES_PASSWORD`
			`valueFrom:`
			`secretKeyRef:`
			`name: database-secrets`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`key: DEMO_SESSION_DB_PASSWORD`
			`- name: POSTGRES_DB`
			`value: demo_session_db`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`- name: PGDATA`
			`value: /var/lib/postgresql/data/pgdata`
			`volumeMounts:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`- name: demo-session-db-data`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`mountPath: /var/lib/postgresql/data`
Improve teh securty of teh DB 2025-10-19 19:22:37 +02:00			`- name: tls-certs-writable`
			`mountPath: /tls`
			`readOnly: true`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`resources:`
			`requests:`
			`memory: "256Mi"`
			`cpu: "100m"`
			`limits:`
			`memory: "512Mi"`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`cpu: "200m"`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`livenessProbe:`
			`exec:`
			`command:`
Fix DB issues 2025-09-30 13:32:51 +02:00			`- sh`
			`- -c`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`- exec pg_isready -U "$POSTGRES_USER" -d "$POSTGRES_DB"`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`initialDelaySeconds: 30`
			`periodSeconds: 10`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`timeoutSeconds: 5`
			`failureThreshold: 6`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`readinessProbe:`
			`exec:`
			`command:`
Fix DB issues 2025-09-30 13:32:51 +02:00			`- sh`
			`- -c`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`- exec pg_isready -U "$POSTGRES_USER" -d "$POSTGRES_DB"`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`initialDelaySeconds: 5`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`periodSeconds: 10`
			`timeoutSeconds: 5`
			`failureThreshold: 6`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`volumes:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`- name: demo-session-db-data`
Improve teh securty of teh DB 2025-10-19 19:22:37 +02:00			`persistentVolumeClaim:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`claimName: demo-session-db-pvc`
Improve teh securty of teh DB 2025-10-19 19:22:37 +02:00			`- name: tls-certs-source`
			`secret:`
			`secretName: postgres-tls`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`items:`
			`- key: server-cert.pem`
			`path: server-cert.pem`
			`- key: server-key.pem`
			`path: server-key.pem`
			`- key: ca-cert.pem`
			`path: ca-cert.pem`
Improve teh securty of teh DB 2025-10-19 19:22:37 +02:00			`- name: tls-certs-writable`
			`emptyDir: {}`
Add new infra architecture 2026-01-19 11:55:17 +01:00
Add base kubernetes support 2025-09-27 11:18:13 +02:00
			`---`
			`apiVersion: v1`
			`kind: Service`
			`metadata:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`name: demo-session-db-service`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`namespace: bakery-ia`
			`labels:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`app: demo-session-db`
			`component: database`
			`app.kubernetes.io/name: demo-session-db-service`
			`app.kubernetes.io/part-of: bakery-forecasting-platform`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`spec:`
			`type: ClusterIP`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`selector:`
			`app: demo-session-db`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`ports:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`- name: postgres`
			`port: 5432`
Add base kubernetes support 2025-09-27 11:18:13 +02:00			`targetPort: 5432`
Improve teh securty of teh DB 2025-10-19 19:22:37 +02:00
			`---`
			`apiVersion: v1`
			`kind: PersistentVolumeClaim`
			`metadata:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`name: demo-session-db-pvc`
Improve teh securty of teh DB 2025-10-19 19:22:37 +02:00			`namespace: bakery-ia`
			`labels:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`app: demo-session-db`
			`component: database`
			`app.kubernetes.io/name: demo-session-db-pvc`
			`app.kubernetes.io/part-of: bakery-forecasting-platform`
Improve teh securty of teh DB 2025-10-19 19:22:37 +02:00			`spec:`
			`accessModes:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`- ReadWriteOnce`
Improve teh securty of teh DB 2025-10-19 19:22:37 +02:00			`resources:`
			`requests:`
Add new infra architecture 2026-01-19 11:55:17 +01:00			`storage: 1Gi`
			`storageClassName: standard`