# Orchestrator Kubernetes Service
# Exposes orchestrator deployment internally and externally
# Supports ClusterIP (internal) and LoadBalancer (external) service types
# Imports user configuration from orchestrator.ncl
#
# Usage (called by generate-manifests.nu):
#   ./provisioning/scripts/platform-generate-manifests.nu kubernetes

let orchestrator_config = (import "orchestrator.ncl").orchestrator in

{
  apiVersion = "v1",
  kind = "Service",
  metadata = {
    name = "orchestrator",
    labels = {
      app = "orchestrator",
      component = "provisioning-platform",
    },
    annotations = {
      "description" = "Orchestrator service for workflow engine and task queue",
    },
  },
  spec = {
    # Service type: ClusterIP (internal) or LoadBalancer (external)
    # Solo/MultiUser/CI/CD: ClusterIP (internal only)
    # Enterprise: LoadBalancer (external access with load balancer)
    type = "ClusterIP",

    # Session affinity for stateful services
    sessionAffinity = "ClientIP",
    sessionAffinityConfig = {
      clientIP = {
        timeoutSeconds = 10800,  # 3 hours
      },
    },

    # Selector matches deployment pods
    selector = {
      app = "orchestrator",
    },

    # Ports
    ports = [
      {
        name = "http",
        protocol = "TCP",
        port = orchestrator_config.server.port,
        targetPort = orchestrator_config.server.port,
      },
    ],

    # Traffic policy
    trafficPolicy = {
      # For enterprise mode: distribute traffic across replicas
      loadBalancerSourceRanges = [],
    },
  },
}