# =============================================================================
# MLflow Tracking Server Deployment
# =============================================================================

apiVersion: apps/v1
kind: Deployment
metadata:
  name: mlflow
  namespace: ml-pipeline
  labels:
    app: mlflow
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mlflow
  template:
    metadata:
      labels:
        app: mlflow
    spec:
      serviceAccountName: mlflow
      securityContext:
        runAsNonRoot: true
        runAsUser: 1000
      containers:
        - name: mlflow
          image: "ghcr.io/mlflow/mlflow:v2.12.1"
          ports:
            - containerPort: 5000
          env:
            - name: MLFLOW_S3_ENDPOINT_URL
              value: "https://s3.us-east-1.amazonaws.com"
            - name: AWS_DEFAULT_REGION
              value: "us-east-1"
            - name: MLFLOW_TRACKING_URI
              value: "postgresql://$(DB_USER):$(DB_PASSWORD)@$(DB_HOST):5432/mlflow"
          envFrom:
            - secretRef:
                name: mlflow-db-credentials
          resources:
            requests:
              cpu: 500m
              memory: 1Gi
            limits:
              cpu: "2"
              memory: 4Gi
          livenessProbe:
            httpGet:
              path: /health
              port: 5000
            initialDelaySeconds: 30
            periodSeconds: 30
          readinessProbe:
            httpGet:
              path: /health
              port: 5000
            initialDelaySeconds: 10
            periodSeconds: 10
          volumeMounts:
            - name: mlflow-artifacts
              mountPath: /mlflow/artifacts
      volumes:
        - name: mlflow-artifacts
          emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
  name: mlflow
  namespace: ml-pipeline
spec:
  selector:
    app: mlflow
  ports:
    - port: 5000
      targetPort: 5000
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: mlflow
  namespace: ml-pipeline