intranet: bake Notes corpus into image, drop init container

Cluster egress to github.com is fronted by a step-ca TLS proxy that returns 404 page not found for unmatched routes — git clone of the public FlowerCore.Notes repo failed inside the pod even with GIT_SSL_NO_VERIFY=true. Rather than chase the egress NetworkPolicy / proxy config, bake the docs corpus directly into the image at /srv/flowercore-notes/docs. The corpus is just *.md + *.html (369 files, 2.7 MB uncompressed) — small enough that re-baking on every deploy is fine and avoids any runtime network dependency. Manifest changes: - Image bump: v202604240040search -> v202604240050corpus - Removed initContainers (clone-notes-corpus is now redundant) - Removed notes-corpus emptyDir + its volumeMounts - Vector-store PVC mount stays. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-04-24 00:50:00 -05:00
parent 3c5c1a07bd
commit cae03296f5
1 changed files with 1 additions and 30 deletions
--- a/apps/intranet/intranet.yaml
+++ b/apps/intranet/intranet.yaml
@@ -35,32 +35,9 @@ spec:
      labels:
        app: intranet-web
    spec:
-      initContainers:
-        - name: clone-notes-corpus
-          image: alpine/git:latest
-          imagePullPolicy: IfNotPresent
-          command:
-            - sh
-            - -c
-            - |
-              set -e
-              # Cluster egress is fronted by a step-ca TLS proxy whose cert
-              # doesn't match github.com. The Notes repo is public so there's
-              # no secret to protect — skip verify.
-              export GIT_SSL_NO_VERIFY=true
-              if [ -d /srv/flowercore-notes/.git ]; then
-                cd /srv/flowercore-notes && git fetch --depth=1 origin && git reset --hard origin/codex/notes-pimanager-live-drift
-              else
-                rm -rf /srv/flowercore-notes/* /srv/flowercore-notes/.[!.]* 2>/dev/null || true
-                git clone --depth=1 --branch codex/notes-pimanager-live-drift https://github.com/astoltz/FlowerCore.Notes.git /srv/flowercore-notes
-              fi
-              ls -la /srv/flowercore-notes/docs | head -10
-          volumeMounts:
-            - name: notes-corpus
-              mountPath: /srv/flowercore-notes
      containers:
        - name: intranet-web
-          image: localhost/fc-intranet-web:v202604240040search
+          image: localhost/fc-intranet-web:v202604240050corpus
          imagePullPolicy: Never
          ports:
            - containerPort: 5300
@@ -90,15 +67,9 @@ spec:
            initialDelaySeconds: 10
            periodSeconds: 10
          volumeMounts:
-            - name: notes-corpus
-              mountPath: /srv/flowercore-notes
-              readOnly: true
            - name: vector-store
              mountPath: /data
      volumes:
-        - name: notes-corpus
-          emptyDir:
-            sizeLimit: 1Gi
        - name: vector-store
          persistentVolumeClaim:
            claimName: intranet-vector-store