herel/math-tables
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity
Files
3c07c89f2429d1af2b472d33c651ca2464f7ed9d
math-tables/deploy/overlays/production/security-patch.yaml
T
herel 75548dab2b feat: migrate to S3 storage with automatic download and timestamped filenames 
- Replace local file storage with S3-compatible object storage

- Add automatic PDF download after generation

- Include timestamps in filenames to ensure uniqueness

- Remove unused static volume from Kubernetes deployment

- Update ConfigMap to remove unused variables and add S3 configuration

- Configure S3 credentials via Kubernetes secrets for both dev and prod environments

- Add boto3 dependency for S3 integration
2025-09-03 22:41:16 +02:00

31 lines
807 B
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: math-exercises-app
spec:
template:
spec:
# Additional security context for production
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 2000
seccompProfile:
type: RuntimeDefault
containers:
- name: math-exercises
# Additional security settings for production
securityContext:
allowPrivilegeEscalation: false
readOnlyRootFilesystem: true
runAsNonRoot: true
runAsUser: 1000
capabilities:
drop:
- ALL
add:
- NET_BIND_SERVICE
# Environment variables from S3 credentials secret
envFrom:
- secretRef:
name: s3-credentials
Reference in New Issue View Git Blame Copy Permalink