apiVersion: apps/v1 kind: Deployment metadata: name: online-boutique labels: app: online-boutique app.kubernetes.io/name: online-boutique app.kubernetes.io/component: application app.kubernetes.io/part-of: golden-path spec: replicas: 2 selector: matchLabels: app: online-boutique app.kubernetes.io/name: online-boutique template: metadata: labels: app: online-boutique app.kubernetes.io/name: online-boutique app.kubernetes.io/version: "1.0.0" annotations: # Prometheus scraping annotations prometheus.io/scrape: "true" prometheus.io/port: "8080" prometheus.io/path: "/actuator/prometheus" spec: containers: - name: app image: bstagecjotdevacr.azurecr.io/online-boutique:latest imagePullPolicy: Always ports: - name: http containerPort: 8080 protocol: TCP # Environment variables env: - name: SPRING_PROFILES_ACTIVE value: "development" - name: ENVIRONMENT value: "development" # Startup probe - gives app time to start startupProbe: httpGet: path: /actuator/health/liveness port: http initialDelaySeconds: 10 periodSeconds: 5 timeoutSeconds: 3 failureThreshold: 30 # 150 seconds total # Liveness probe - restarts container if app is dead livenessProbe: httpGet: path: /actuator/health/liveness port: http initialDelaySeconds: 0 periodSeconds: 10 timeoutSeconds: 3 failureThreshold: 3 # Readiness probe - removes from load balancer if not ready readinessProbe: httpGet: path: /actuator/health/readiness port: http initialDelaySeconds: 0 periodSeconds: 5 timeoutSeconds: 3 failureThreshold: 3 # Resource limits and requests resources: requests: memory: "512Mi" cpu: "250m" limits: memory: "1Gi" cpu: "500m" # Security context securityContext: runAsNonRoot: true runAsUser: 1000 allowPrivilegeEscalation: false readOnlyRootFilesystem: false capabilities: drop: - ALL # Pod-level security context securityContext: fsGroup: 1000 # Graceful shutdown terminationGracePeriodSeconds: 30