CloudNebulaProject/barycenter
1
0
Fork 0
mirror of https://github.com/CloudNebulaProject/barycenter.git synced 2026-04-10 21:20:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
81 commits 2 branches 23 tags 1.4 MiB
Commit graph

6 commits

Author SHA1 Message Date
Till Wegmueller
7bc8f513ac
Add Kubernetes deployment support for authorization policy service 
Expose authz API port (8082) in Dockerfile and create /app/policies
directory. Extend Helm chart with configurable authz section: inline
KDL policy ConfigMap, existing ConfigMap reference, policies volume
mount, Service port, and a NetworkPolicy restricting the authz port
to same-namespace traffic while leaving the OIDC port unrestricted.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-08 18:55:54 +01:00
Till Wegmueller
1fc229f582
fix(docker): Add missing client-wasm directory and update Rust version 
- Add COPY client-wasm to Dockerfile to include workspace member
- Update Rust base image from 1.91 to 1.92
- Fixes CI build failure: "failed to load manifest for workspace member client-wasm"

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
 2026-01-06 18:44:46 +01:00
Till Wegmueller
629cfc1c92
fix: include migration directory in Docker build 
Add COPY instruction for migration directory to Dockerfile to fix
build failure. The migration crate is a path dependency required
by the main barycenter package.

Fixes Docker build error:
  error: failed to get `migration` as a dependency of package `barycenter`

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-12-02 21:46:47 +01:00
Till Wegmueller
94767f5554
fix: use platform-specific build caches to avoid race conditions 2025-11-29 16:41:06 +01:00
Till Wegmueller
362b57d4c3
chore: update Dockerfile to Rust 1.91 for edition 2024 support 2025-11-29 16:21:24 +01:00
Till Wegmueller
c8b27bf196
feat: add deployment configurations for multiple platforms 
Add comprehensive deployment support for:
- Docker: Multi-stage Dockerfile with security hardening
- Docker Compose: Production-ready compose file with volume persistence
- Kubernetes: Complete Helm chart with configurable values, ingress, PVC
- Linux: systemd service unit with extensive security hardening
- FreeBSD: rc.d init script with proper daemon management
- illumos/Solaris: SMF manifest with service contract management

Each platform includes:
- Installation scripts/manifests
- Configuration examples
- Management instructions
- Security best practices
- Troubleshooting guides

The Helm chart provides:
- Configurable resources and autoscaling
- Security contexts and pod security
- Health checks (liveness/readiness probes)
- Ingress with TLS support
- Persistent volume claims
- Service account management

All deployments follow security best practices:
- Non-root user execution
- Minimal privileges
- Read-only root filesystems where applicable
- Resource limits
- Network policies

Added DEPLOYMENT.md with comprehensive deployment guide covering
all platforms, configuration options, and production checklist.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
 2025-11-29 15:30:46 +01:00