apiVersion: apps/v1
kind: Deployment
metadata:
  name: distribution-service
  labels:
    app: distribution-service
    tier: backend
spec:
  replicas: 2
  selector:
    matchLabels:
      app: distribution-service
  template:
    metadata:
      labels:
        app: distribution-service
        tier: backend
    spec:
      imagePullSecrets:
      - name: dockerhub-creds
      containers:
      - name: distribution-service
        image: bakery/distribution-service:latest
        imagePullPolicy: Always
        ports:
        - containerPort: 8000
          name: http
        env:
        - name: DATABASE_URL
          valueFrom:
            secretKeyRef:
              name: database-secret
              key: url
        - name: REDIS_URL
          valueFrom:
            secretKeyRef:
              name: redis-secret
              key: url
        - name: RABBITMQ_URL
          valueFrom:
            secretKeyRef:
              name: rabbitmq-secret
              key: url
        - name: JWT_SECRET_KEY
          valueFrom:
            secretKeyRef:
              name: auth-secret
              key: jwt-secret
        - name: ENVIRONMENT
          value: "production"
        - name: LOG_LEVEL
          value: "INFO"
        - name: DB_POOL_SIZE
          value: "10"
        - name: DB_MAX_OVERFLOW
          value: "20"
        - name: REDIS_MAX_CONNECTIONS
          value: "50"
        - name: HTTP_TIMEOUT
          value: "30"
        - name: HTTP_RETRIES
          value: "3"
        # OpenTelemetry Configuration
        - name: OTEL_COLLECTOR_ENDPOINT
          value: "http://signoz-otel-collector.bakery-ia.svc.cluster.local:4318"
        - name: OTEL_EXPORTER_OTLP_ENDPOINT
          valueFrom:
            configMapKeyRef:
              name: bakery-config
              key: OTEL_EXPORTER_OTLP_ENDPOINT
        - name: OTEL_SERVICE_NAME
          value: "distribution-service"
        - name: ENABLE_TRACING
          value: "true"
        # Logging Configuration
        - name: OTEL_LOGS_EXPORTER
          value: "otlp"
        - name: OTEL_PYTHON_LOGGING_AUTO_INSTRUMENTATION_ENABLED
          value: "true"
        # Metrics Configuration
        - name: ENABLE_OTEL_METRICS
          value: "true"
        - name: ENABLE_SYSTEM_METRICS
          value: "true"
        livenessProbe:
          httpGet:
            path: /health
            port: 8000
          initialDelaySeconds: 30
          periodSeconds: 10
          timeoutSeconds: 5
        readinessProbe:
          httpGet:
            path: /health
            port: 8000
          initialDelaySeconds: 5
          periodSeconds: 5
          timeoutSeconds: 3
        resources:
          requests:
            memory: "256Mi"
            cpu: "250m"
          limits:
            memory: "512Mi"
            cpu: "500m"
        securityContext:
          runAsNonRoot: true
          runAsUser: 1000
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: false
          capabilities:
            drop:
            - ALL
      securityContext:
        runAsNonRoot: true
        runAsUser: 1000
        fsGroup: 2000
---
apiVersion: v1
kind: Service
metadata:
  name: distribution-service
  labels:
    app: distribution-service
    tier: backend
spec:
  selector:
    app.kubernetes.io/name: distribution-service
  ports:
    - protocol: TCP
      port: 8000
      targetPort: 8000
      name: http
  type: ClusterIP