48 lines
1.5 KiB
YAML
48 lines
1.5 KiB
YAML
# AWOOOI 正式環境 Kustomization
|
||
# 負責人: CIO
|
||
# 版本: v1.0
|
||
# 日期: 2026-03-20
|
||
#
|
||
# ⚠️ 鐵律: 禁止在此檔案寫 newTag,Tag 由 CI 動態注入
|
||
|
||
apiVersion: kustomize.config.k8s.io/v1beta1
|
||
kind: Kustomization
|
||
|
||
namespace: awoooi-prod
|
||
|
||
# 通用標籤
|
||
# 注意: commonLabels 會加到 Deployment selector,不能移除否則會 immutable error
|
||
# NetworkPolicy 的 egress[].to[].podSelector 不受 commonLabels 影響
|
||
commonLabels:
|
||
environment: prod
|
||
system: awoooi
|
||
|
||
# 02-network-policy.yaml 不納入 - commonLabels 會破壞 DNS egress rule
|
||
# 由 CD 單獨 apply: kubectl apply -f k8s/awoooi-prod/02-network-policy.yaml
|
||
# 03-secrets.yaml 不納入,由 CI/CD 單獨處理
|
||
resources:
|
||
- 01-namespace-quota.yaml
|
||
- 04-configmap.yaml
|
||
- 05-deployment-web.yaml
|
||
- 06-deployment-api.yaml
|
||
- 07-rbac.yaml
|
||
- 08-deployment-worker.yaml
|
||
- 09-pdb.yaml
|
||
- 10-deployment-auto-repair-canary.yaml
|
||
- 13-cronjob-k3s-report.yaml
|
||
- 14-cronjob-weekly-report.yaml
|
||
- 15-cronjob-km-vectorize.yaml
|
||
- 12-cronjob-drift-scanner.yaml
|
||
|
||
# 映像配置 (Tag 由 CI 動態注入)
|
||
# Harbor 金庫: 110 主機 (192.168.0.110:5000)
|
||
# ⚠️ 重要: name 必須與 deployment YAML 中的 image 完全匹配 (含 tag)
|
||
# newName + newTag 由 CI 透過 kustomize edit set image 注入
|
||
images:
|
||
- name: 192.168.0.110:5000/library/api:IMAGE_TAG_PLACEHOLDER
|
||
newName: 192.168.0.110:5000/awoooi/api
|
||
newTag: b7045a412c8be3d67490fb64790b12c0380fa23c
|
||
- name: 192.168.0.110:5000/library/web:IMAGE_TAG_PLACEHOLDER
|
||
newName: 192.168.0.110:5000/awoooi/web
|
||
newTag: b7045a412c8be3d67490fb64790b12c0380fa23c
|