revert: drop fc-library manifest — Library.Web already deployed live (41h)

Library.Web is already running + serving at library.iamworkin.lan (root=200, healthz=200), deployed manually 41h ago (image fc-library-web:v20260602-..., PVC library-web-data holding the live SQLite DB). My from-scratch manifest used a different PVC name (library-data) which ArgoCD would attach as a fresh empty volume, orphaning the live DB. Adopting the live deploy into GitOps is a separate careful task. Not disturbing a working deployment. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-03 19:30:23 -05:00
parent 2c0afc28e4
commit f7d41cdc60
1 changed files with 0 additions and 224 deletions
--- a/apps/fc-library/library.yaml
+++ b/apps/fc-library/library.yaml
@@ -1,224 +0,0 @@
-# FlowerCore.Library.Web — library circulation / catalog / OPAC service.
-#
-# Deployment + Service + PVC + Certificate + IngressRoute. ArgoCD-managed.
-# Cloned from apps/worldbuilder/worldbuilder.yaml (proven from-scratch .Web pattern).
-#
-# Image build (BLUEJAY-WS):
-#   dotnet.exe publish src/FlowerCore.Library.Web -c Release -r linux-x64 --self-contained -o deploy/app -p:NoIncremental=true
-#   podman build -t localhost/fc-library:v<TAG> -f deploy/Dockerfile.deploy deploy
-#   podman save localhost/fc-library:v<TAG> -o /tmp/fc-library-v<TAG>.tar
-#   for ip in 10.0.56.11 10.0.56.12; do  # 2-node cluster (agent2 retired 2026-06-01)
-#     scp -o IdentitiesOnly=yes -i ~/.ssh/fcadmin_ed25519 /tmp/fc-library-v<TAG>.tar fcadmin@$ip:/tmp/
-#     ssh -o IdentitiesOnly=yes -i ~/.ssh/fcadmin_ed25519 fcadmin@$ip "sudo /var/lib/rancher/rke2/bin/ctr -a /run/k3s/containerd/containerd.sock -n k8s.io images import /tmp/fc-library-v<TAG>.tar"
-#   done
-#
-# DNS preflight: library.iamworkin.lan -> 10.0.56.200 already resolves in pfSense Unbound.
---
-apiVersion: v1
-kind: Namespace
-metadata:
-  name: fc-library
-  labels:
-    app.kubernetes.io/name: fc-library
-    app.kubernetes.io/part-of: flowercore
-    app.kubernetes.io/managed-by: argocd
-    flowercore.io/tenant-id: system
-    flowercore.io/created-by: bluejay-infra
---
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
-  name: library-data
-  namespace: fc-library
-  labels:
-    app.kubernetes.io/name: library-data
-    app.kubernetes.io/component: storage
-    app.kubernetes.io/part-of: flowercore
-    app.kubernetes.io/managed-by: argocd
-    flowercore.io/tenant-id: system
-    flowercore.io/created-by: bluejay-infra
-spec:
-  accessModes:
-    - ReadWriteOnce
-  storageClassName: longhorn
-  resources:
-    requests:
-      storage: 5Gi
---
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: library-web
-  namespace: fc-library
-  labels:
-    app.kubernetes.io/name: library-web
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: flowercore
-    app.kubernetes.io/managed-by: argocd
-    flowercore.io/tenant-id: system
-    flowercore.io/created-by: bluejay-infra
-  annotations:
-    flowercore.io/traceability-standard: k8s-pod-ownership-and-traceability-standard
-spec:
-  replicas: 1
-  revisionHistoryLimit: 3
-  strategy:
-    type: Recreate
-  selector:
-    matchLabels:
-      app.kubernetes.io/name: library-web
-  template:
-    metadata:
-      labels:
-        app.kubernetes.io/name: library-web
-        app.kubernetes.io/component: web
-        app.kubernetes.io/part-of: flowercore
-        app.kubernetes.io/managed-by: argocd
-        flowercore.io/tenant-id: system
-        flowercore.io/created-by: bluejay-infra
-      annotations:
-        prometheus.io/scrape: "true"
-        prometheus.io/port: "8080"
-        prometheus.io/path: "/metrics/prometheus"
-        flowercore.io/audit-trace-id: "library-web-runtime"
-    spec:
-      securityContext:
-        fsGroup: 1654
-        fsGroupChangePolicy: OnRootMismatch
-      containers:
-        - name: web
-          image: localhost/fc-library:v202606031925
-          imagePullPolicy: Never
-          ports:
-            - containerPort: 8080
-              name: http
-          env:
-            - name: ASPNETCORE_URLS
-              value: "http://+:8080"
-            - name: ASPNETCORE_ENVIRONMENT
-              value: "Production"
-            - name: DOTNET_RUNNING_IN_CONTAINER
-              value: "true"
-            - name: DOTNET_SYSTEM_GLOBALIZATION_INVARIANT
-              value: "false"
-            - name: FlowerCore__Database__Provider
-              value: "Sqlite"
-            - name: FlowerCore__Database__ConnectionStrings__Sqlite
-              value: "Data Source=/data/library.db"
-          resources:
-            requests:
-              cpu: 25m
-              memory: 256Mi
-            limits:
-              cpu: 1000m
-              memory: 768Mi
-          startupProbe:
-            httpGet:
-              path: /healthz
-              port: 8080
-            initialDelaySeconds: 5
-            periodSeconds: 5
-            failureThreshold: 30
-          readinessProbe:
-            httpGet:
-              path: /healthz
-              port: 8080
-            periodSeconds: 10
-            failureThreshold: 3
-          livenessProbe:
-            tcpSocket:
-              port: 8080
-            initialDelaySeconds: 30
-            periodSeconds: 30
-            failureThreshold: 3
-          securityContext:
-            runAsNonRoot: true
-            runAsUser: 1654
-            runAsGroup: 1654
-            allowPrivilegeEscalation: false
-            readOnlyRootFilesystem: true
-            capabilities:
-              drop:
-                - ALL
-          volumeMounts:
-            - name: data
-              mountPath: /data
-            - name: tmp
-              mountPath: /tmp
-            - name: logs
-              mountPath: /app/logs
-      volumes:
-        - name: data
-          persistentVolumeClaim:
-            claimName: library-data
-        - name: tmp
-          emptyDir: {}
-        - name: logs
-          emptyDir: {}
---
-apiVersion: v1
-kind: Service
-metadata:
-  name: library-web
-  namespace: fc-library
-  labels:
-    app.kubernetes.io/name: library-web
-    app.kubernetes.io/component: web
-    app.kubernetes.io/part-of: flowercore
-    app.kubernetes.io/managed-by: argocd
-    flowercore.io/tenant-id: system
-    flowercore.io/created-by: bluejay-infra
-spec:
-  type: ClusterIP
-  selector:
-    app.kubernetes.io/name: library-web
-  ports:
-    - name: http
-      port: 80
-      targetPort: 8080
---
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name: library-web-tls
-  namespace: fc-library
-  labels:
-    app.kubernetes.io/name: library-web-tls
-    app.kubernetes.io/component: ingress
-    app.kubernetes.io/part-of: flowercore
-    app.kubernetes.io/managed-by: argocd
-    flowercore.io/tenant-id: system
-    flowercore.io/created-by: bluejay-infra
-spec:
-  secretName: library-web-tls
-  issuerRef:
-    name: step-ca-acme
-    kind: ClusterIssuer
-  dnsNames:
-    - library.iamworkin.lan
-  duration: 720h     # 30d (step-ca cap)
-  renewBefore: 240h  # 10d
---
-apiVersion: traefik.io/v1alpha1
-kind: IngressRoute
-metadata:
-  name: library-web
-  namespace: fc-library
-  labels:
-    app.kubernetes.io/name: library-web
-    app.kubernetes.io/component: ingress
-    app.kubernetes.io/part-of: flowercore
-    app.kubernetes.io/managed-by: argocd
-    flowercore.io/tenant-id: system
-    flowercore.io/created-by: bluejay-infra
-spec:
-  entryPoints:
-    - websecure
-  routes:
-    - match: Host(`library.iamworkin.lan`)
-      kind: Rule
-      services:
-        - name: library-web
-          port: 80
-  tls:
-    secretName: library-web-tls