---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: lifecycle-api
  namespace: lifecycle
  labels:
    app: lifecycle-api
spec:
  replicas: 3
  strategy:
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
  selector:
    matchLabels:
      app: lifecycle-api
  template:
    metadata:
      labels:
        app: lifecycle-api
      annotations:
        prometheus.io/scrape: "true"
        prometheus.io/port: "3000"
        prometheus.io/path: "/metrics"
    spec:
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 100
            podAffinityTerm:
              labelSelector:
                matchExpressions:
                - key: app
                  operator: In
                  values:
                  - lifecycle-api
              topologyKey: kubernetes.io/hostname
      containers:
      - name: api
        image: project-lifecycle:latest
        imagePullPolicy: Always
        args:
          - "api"
        ports:
        - name: http
          containerPort: 3000
        - name: metrics
          containerPort: 9090
        env:
        - name: DATABASE_URL
          value: "sqlite:///mnt/data/projects.db"
        - name: NATS_URL
          value: "nats://nats:4222"
        - name: RUST_LOG
          value: "info,lifecycle_api=debug"
        - name: API_HOST
          value: "0.0.0.0"
        - name: API_PORT
          value: "3000"
        volumeMounts:
        - name: data
          mountPath: /mnt/data
        livenessProbe:
          httpGet:
            path: /health
            port: http
          initialDelaySeconds: 10
          periodSeconds: 10
          timeoutSeconds: 5
        readinessProbe:
          httpGet:
            path: /ready
            port: http
          initialDelaySeconds: 5
          periodSeconds: 5
          timeoutSeconds: 3
        resources:
          requests:
            memory: "256Mi"
            cpu: "100m"
          limits:
            memory: "512Mi"
            cpu: "500m"
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: true
          runAsNonRoot: true
          runAsUser: 1000
      volumes:
      - name: data
        persistentVolumeClaim:
          claimName: api-data-pvc

---
apiVersion: v1
kind: Service
metadata:
  name: lifecycle-api
  namespace: lifecycle
  labels:
    app: lifecycle-api
spec:
  selector:
    app: lifecycle-api
  ports:
  - name: http
    port: 3000
    targetPort: 3000
  - name: metrics
    port: 9090
    targetPort: 9090
  type: ClusterIP

---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: api-data-pvc
  namespace: lifecycle
spec:
  accessModes:
    - ReadWriteMany
  resources:
    requests:
      storage: 20Gi

---
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
  name: lifecycle-api-hpa
  namespace: lifecycle
spec:
  scaleTargetRef:
    apiVersion: apps/v1
    kind: Deployment
    name: lifecycle-api
  minReplicas: 3
  maxReplicas: 10
  metrics:
  - type: Resource
    resource:
      name: cpu
      target:
        type: Utilization
        averageUtilization: 70
  - type: Resource
    resource:
      name: memory
      target:
        type: Utilization
        averageUtilization: 80