1b4f3a7bbe
Some checks failed
CD Pipeline / deploy (push) Failing after 59s
- 建立 Gitea Actions CD pipeline (.gitea/workflows/cd.yaml) - 部署模式: rsync Python 檔案至 188 → docker restart (volume mount) - Dockerfile/requirements 變動時自動重建 Docker image - 部署通知: Telegram (開始/成功/失敗) - 健康檢查: https://mo.wooo.work/health (最多 5 次重試) - 同步最新 CLAUDE.md / ADR-008 / memory (2026-04-19) Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
157 lines
4.2 KiB
YAML
157 lines
4.2 KiB
YAML
# =============================================================================
|
|
# WOOO TECH - Momo Pro System
|
|
# Main Application Deployment
|
|
# =============================================================================
|
|
---
|
|
apiVersion: v1
|
|
kind: PersistentVolumeClaim
|
|
metadata:
|
|
name: momo-data-pvc
|
|
namespace: momo
|
|
spec:
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
resources:
|
|
requests:
|
|
storage: 5Gi
|
|
storageClassName: local-path
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: momo-app
|
|
namespace: momo
|
|
labels:
|
|
app: momo-app
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: momo-app
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: momo-app
|
|
spec:
|
|
initContainers:
|
|
- name: copy-google-credentials
|
|
image: busybox:1.36
|
|
command: ['sh', '-c', 'cp /secrets/* /config/ && chmod 644 /config/*']
|
|
volumeMounts:
|
|
- name: google-drive-secrets
|
|
mountPath: /secrets
|
|
readOnly: true
|
|
- name: momo-config-volume
|
|
mountPath: /config
|
|
containers:
|
|
- name: momo-app
|
|
image: registry.wooo.work/wooo/momo-pro-system:latest
|
|
imagePullPolicy: Always
|
|
ports:
|
|
- containerPort: 80
|
|
envFrom:
|
|
- configMapRef:
|
|
name: momo-config
|
|
env:
|
|
- name: SECRET_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: momo-secrets
|
|
key: SECRET_KEY
|
|
- name: LOGIN_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: momo-secrets
|
|
key: LOGIN_PASSWORD
|
|
- name: DATABASE_URL
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: momo-secrets
|
|
key: DATABASE_URL
|
|
- name: POSTGRES_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: momo-secrets
|
|
key: POSTGRES_PASSWORD
|
|
- name: TELEGRAM_BOT_TOKEN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: momo-secrets
|
|
key: TELEGRAM_BOT_TOKEN
|
|
- name: LINE_CHANNEL_ACCESS_TOKEN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: momo-secrets
|
|
key: LINE_CHANNEL_ACCESS_TOKEN
|
|
- name: EMAIL_HOST_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: momo-secrets
|
|
key: EMAIL_HOST_PASSWORD
|
|
- name: GEMINI_API_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: momo-secrets
|
|
key: GEMINI_API_KEY
|
|
- name: YOUTUBE_API_KEY
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: momo-secrets
|
|
key: YOUTUBE_API_KEY
|
|
optional: true
|
|
volumeMounts:
|
|
- name: momo-data
|
|
mountPath: /app/data
|
|
- name: momo-logs
|
|
mountPath: /app/logs
|
|
- name: momo-config-volume
|
|
mountPath: /app/config
|
|
resources:
|
|
requests:
|
|
memory: "1Gi"
|
|
cpu: "200m"
|
|
limits:
|
|
memory: "8Gi"
|
|
cpu: "2000m"
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: 80
|
|
initialDelaySeconds: 60
|
|
periodSeconds: 30
|
|
timeoutSeconds: 10
|
|
failureThreshold: 3
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /health
|
|
port: 80
|
|
initialDelaySeconds: 30
|
|
periodSeconds: 10
|
|
timeoutSeconds: 5
|
|
volumes:
|
|
- name: momo-data
|
|
persistentVolumeClaim:
|
|
claimName: momo-data-pvc
|
|
- name: momo-logs
|
|
emptyDir: {}
|
|
- name: momo-config-volume
|
|
emptyDir: {}
|
|
- name: google-drive-secrets
|
|
secret:
|
|
secretName: google-drive-credentials
|
|
imagePullSecrets:
|
|
- name: registry-secret
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: momo-app
|
|
namespace: momo
|
|
spec:
|
|
selector:
|
|
app: momo-app
|
|
ports:
|
|
- port: 80
|
|
targetPort: 80
|
|
type: ClusterIP
|