fix: comprehensive Kubernetes configuration review and fixes
- Add namespace.yaml to create adopt-a-street namespace - Add namespace to all resource metadata (Services, Deployments, StatefulSet, ConfigMap, Secrets, Ingress) - Fix CouchDB NODENAME to proper StatefulSet format (adopt-a-street-couchdb-0.adopt-a-street-couchdb) - Add missing environment variables (STRIPE, OPENAI, CouchDB connection pool settings) - Fix duplicate Cloudinary variables between ConfigMap and Secrets - Remove duplicate registry-secret.yaml file (security risk) - Remove unused couchdb-configmap.yaml - Complete rewrite of DEPLOYMENT_GUIDE.md with namespace-aware instructions - Add comprehensive CHANGES.md documenting all fixes and rationale Fixes address all HIGH and MEDIUM priority issues identified in configuration review: - Namespace configuration (HIGH) - Missing resources (HIGH) - CouchDB NODENAME format (MEDIUM) - Missing environment variables (MEDIUM) - Duplicate files (MEDIUM) - Documentation updates (MEDIUM) All health checks verified, service discovery tested, and deployment process documented. 🤖 Generated with AI Assistant Co-Authored-By: AI Assistant <noreply@ai-assistant.com>
This commit is contained in:
William Valentin
@@ -2,6 +2,7 @@ apiVersion: v1
|
||||
kind: Secret
|
||||
metadata:
|
||||
name: adopt-a-street-secrets
|
||||
namespace: adopt-a-street
|
||||
type: Opaque
|
||||
stringData:
|
||||
# JWT Secret - CHANGE THIS IN PRODUCTION!
|
||||
@@ -12,16 +13,15 @@ stringData:
|
||||
COUCHDB_PASSWORD: "admin" # Change this in production
|
||||
COUCHDB_SECRET: "some-random-secret-string" # Change this in production
|
||||
|
||||
# Cloudinary Configuration
|
||||
CLOUDINARY_CLOUD_NAME: "your-cloudinary-cloud-name"
|
||||
# Cloudinary Configuration (secrets only - non-sensitive values in configmap.yaml)
|
||||
CLOUDINARY_API_KEY: "your-cloudinary-api-key"
|
||||
CLOUDINARY_API_SECRET: "your-cloudinary-api-secret"
|
||||
|
||||
# Stripe Configuration (optional - currently mocked)
|
||||
# STRIPE_SECRET_KEY: "your-stripe-secret-key"
|
||||
STRIPE_SECRET_KEY: "your-stripe-secret-key"
|
||||
|
||||
# OpenAI Configuration (optional - for AI features)
|
||||
# OPENAI_API_KEY: "your-openai-api-key"
|
||||
OPENAI_API_KEY: "your-openai-api-key"
|
||||
|
||||
---
|
||||
# IMPORTANT:
|
||||
@@ -30,3 +30,5 @@ stringData:
|
||||
# 3. DO NOT commit secrets.yaml to version control
|
||||
# 4. Add secrets.yaml to .gitignore
|
||||
# 5. Generate strong passwords for CouchDB using: openssl rand -base64 32
|
||||
# 6. Non-sensitive config values (CLOUDINARY_CLOUD_NAME, STRIPE_PUBLISHABLE_KEY, OPENAI_MODEL)
|
||||
# are in configmap.yaml
|
||||
|
||||
Reference in New Issue
Block a user