apiVersion: apps/v1
kind: Deployment
metadata:
  name: frontend-deployment
  labels:
    app: employee-frontend
spec:
  replicas: 1
  selector:
    matchLabels:
      app: employee-frontend
  template:
    metadata:
      labels:
        app: employee-frontend
    spec:
      serviceAccountName: frontend-sa
      securityContext:
        runAsUser: 1000
        runAsGroup: 3000
        fsGroup: 2000
      containers:
        - name: employee-frontend
          image: docker.io/adelyao/employee-fe:test
          ports:
            - containerPort: 8080
          readinessProbe:
            httpGet:
              path: /
              port: 8080
            initialDelaySeconds: 20
            periodSeconds: 10
          livenessProbe:
            httpGet:
              path: /
              port: 8080
            initialDelaySeconds: 30
            periodSeconds: 10
          securityContext:
            runAsNonRoot: true
            readOnlyRootFilesystem: false
            allowPrivilegeEscalation: false
            capabilities:
              drop:
                - ALL
          resources:
            requests:
              memory: "64Mi"
              cpu: "100m"
            limits:
              memory: "128Mi"
              cpu: "200m"
          volumeMounts:
            - name: run
              mountPath: /run
      volumes:
        - name: run
          emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
  name: frontend-service
  # namespace: intern-workspace
  labels:
    app: employee-frontend
spec:
  type: NodePort
  ports:
    - port: 8080
      targetPort: 8080
      nodePort: 30080
      protocol: TCP
  selector:
    app: employee-frontend
  template:
    spec:
      containers:
        - image: docker.io/adelyao/employee-fe:test