# services/bstein-dev-home/chat-ai-gateway-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: name: chat-ai-gateway namespace: bstein-dev-home spec: replicas: 0 revisionHistoryLimit: 2 selector: matchLabels: app: chat-ai-gateway template: metadata: labels: app: chat-ai-gateway annotations: vault.hashicorp.com/agent-inject: "true" vault.hashicorp.com/role: "bstein-dev-home" vault.hashicorp.com/agent-inject-secret-portal-env.sh: "kv/data/atlas/portal/atlas-portal-db" vault.hashicorp.com/agent-inject-template-portal-env.sh: | {{ with secret "kv/data/atlas/portal/atlas-portal-db" }} export PORTAL_DATABASE_URL="{{ .Data.data.PORTAL_DATABASE_URL }}" {{ end }} {{ with secret "kv/data/atlas/portal/bstein-dev-home-keycloak-admin" }} export KEYCLOAK_ADMIN_CLIENT_SECRET="{{ .Data.data.client_secret }}" {{ end }} {{ with secret "kv/data/atlas/shared/chat-ai-keys-runtime" }} export CHAT_KEY_MATRIX="{{ .Data.data.matrix }}" export CHAT_KEY_HOMEPAGE="{{ .Data.data.homepage }}" {{ end }} {{ with secret "kv/data/atlas/shared/portal-e2e-client" }} export PORTAL_E2E_CLIENT_ID="{{ .Data.data.client_id }}" export PORTAL_E2E_CLIENT_SECRET="{{ .Data.data.client_secret }}" {{ end }} spec: serviceAccountName: bstein-dev-home nodeSelector: kubernetes.io/arch: arm64 node-role.kubernetes.io/worker: "true" containers: - name: gateway image: python:3.11-slim command: ["/bin/sh","-c"] args: - . /vault/secrets/portal-env.sh && exec python /app/gateway.py env: - name: UPSTREAM_URL value: http://bstein-dev-home-backend/api/chat ports: - name: http containerPort: 8080 readinessProbe: httpGet: path: /healthz port: http initialDelaySeconds: 2 periodSeconds: 5 livenessProbe: httpGet: path: /healthz port: http initialDelaySeconds: 10 periodSeconds: 10 resources: requests: cpu: 20m memory: 64Mi limits: cpu: 200m memory: 256Mi volumeMounts: - name: code mountPath: /app/gateway.py subPath: gateway.py volumes: - name: code configMap: name: chat-ai-gateway