Upload platform/golden-paths/microservice/template.yaml with huggingface_hub

platform/golden-paths/microservice/template.yaml

@@ -0,0 +1,123 @@
+# Golden Path - Microservice Template
+# Replace: SERVICE_NAME, SERVICE_NAMESPACE, REGISTRY, IMAGE, TAG
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: SERVICE_NAME
+  namespace: SERVICE_NAMESPACE
+  labels:
+    app: SERVICE_NAME
+    version: v1
+    golden-path: "true"
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: SERVICE_NAME
+  strategy:
+    rollingUpdate:
+      maxSurge: 1
+      maxUnavailable: 0
+  template:
+    metadata:
+      labels:
+        app: SERVICE_NAME
+        version: v1
+      annotations:
+        sidecar.istio.io/inject: "true"
+        prometheus.io/scrape: "true"
+        prometheus.io/port: "8080"
+    spec:
+      serviceAccountName: SERVICE_NAME
+      securityContext:
+        runAsNonRoot: true
+        runAsUser: 1000
+        fsGroup: 1000
+        seccompProfile:
+          type: RuntimeDefault
+      containers:
+        - name: SERVICE_NAME
+          image: REGISTRY/IMAGE:TAG
+          ports:
+            - containerPort: 8080
+          envFrom:
+            - configMapRef:
+                name: SERVICE_NAME-config
+            - secretRef:
+                name: SERVICE_NAME-secrets
+          resources:
+            requests:
+              cpu: 100m
+              memory: 128Mi
+            limits:
+              cpu: 500m
+              memory: 256Mi
+          securityContext:
+            allowPrivilegeEscalation: false
+            readOnlyRootFilesystem: true
+            capabilities:
+              drop: ["ALL"]
+          livenessProbe:
+            httpGet:
+              path: /healthz
+              port: 8080
+            initialDelaySeconds: 10
+            periodSeconds: 15
+          readinessProbe:
+            httpGet:
+              path: /readyz
+              port: 8080
+            initialDelaySeconds: 5
+            periodSeconds: 10
+          volumeMounts:
+            - name: tmp
+              mountPath: /tmp
+      volumes:
+        - name: tmp
+          emptyDir: {}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: SERVICE_NAME
+spec:
+  selector:
+    app: SERVICE_NAME
+  ports:
+    - port: 8080
+      targetPort: 8080
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: SERVICE_NAME
+  automountServiceAccountToken: false
+---
+apiVersion: policy/v1
+kind: PodDisruptionBudget
+metadata:
+  name: SERVICE_NAME-pdb
+spec:
+  minAvailable: 2
+  selector:
+    matchLabels:
+      app: SERVICE_NAME
+---
+apiVersion: autoscaling/v2
+kind: HorizontalPodAutoscaler
+metadata:
+  name: SERVICE_NAME-hpa
+spec:
+  scaleTargetRef:
+    apiVersion: apps/v1
+    kind: Deployment
+    name: SERVICE_NAME
+  minReplicas: 3
+  maxReplicas: 20
+  metrics:
+    - type: Resource
+      resource:
+        name: cpu
+        target:
+          type: Utilization
+          averageUtilization: 70