# Orchestrator Kubernetes Service
# Exposes orchestrator deployment internally and externally
# Supports ClusterIP (internal) and LoadBalancer (external) service types
#
# Usage:
#   nickel eval --format json orchestrator-service.yaml.ncl | yq -P > orchestrator-service.yaml
#   kubectl apply -f orchestrator-service.yaml

{
  apiVersion = "v1",
  kind = "Service",
  metadata = {
    name = "orchestrator",
    labels = {
      app = "orchestrator",
      component = "provisioning-platform",
    },
    annotations = {
      "description" = "Orchestrator service for workflow engine and task queue",
    },
  },
  spec = {
    # Service type: ClusterIP (internal) or LoadBalancer (external)
    # Solo/MultiUser/CI/CD: ClusterIP (internal only)
    # Enterprise: LoadBalancer (external access with load balancer)
    type = "ClusterIP",

    # Session affinity for stateful services
    sessionAffinity = "ClientIP",
    sessionAffinityConfig = {
      clientIP = {
        timeoutSeconds = 10800,  # 3 hours
      },
    },

    # Selector matches deployment pods
    selector = {
      app = "orchestrator",
    },

    # Ports
    ports = [
      {
        name = "http",
        protocol = "TCP",
        port = 9090,
        targetPort = 9090,
      },
      {
        name = "metrics",
        protocol = "TCP",
        port = 9091,
        targetPort = 9091,
      },
    ],

    # Traffic policy
    trafficPolicy = {
      # For enterprise mode: distribute traffic across replicas
      loadBalancerSourceRanges = [],
    },
  },
}