apiVersion: apps/v1
kind: Deployment
metadata:
  name: mas
  namespace: mas
  labels:
    app: mas
spec:
  replicas: 1
  selector:
    matchLabels:
      app: mas
  template:
    metadata:
      labels:
        app: mas
    spec:
      hostPID: true  # 호스트 프로세스 네임스페이스 접근
      serviceAccountName: mas
      containers:
      - name: mas
        image: ghcr.io/mayne0213/mas:latest
        imagePullPolicy: Always
        securityContext:
          privileged: true  # nsenter 사용을 위한 권한
        ports:
        - containerPort: 8000
          name: http
        env:
        - name: ANTHROPIC_API_KEY
          valueFrom:
            secretKeyRef:
              name: mas-api-keys
              key: anthropic-api-key
        # Chainlit uses asyncpg directly (not SQLAlchemy)
        - name: CHAINLIT_DATABASE_URL
          value: "postgresql://bluemayne:$(POSTGRES_PASSWORD)@postgresql-rw.postgresql.svc.cluster.local:5432/mas"
        # SQLAlchemy format (if needed)
        - name: DATABASE_URL
          value: "postgresql://bluemayne:$(POSTGRES_PASSWORD)@postgresql-rw.postgresql.svc.cluster.local:5432/mas"
        - name: POSTGRES_HOST
          value: "postgresql-rw.postgresql.svc.cluster.local"
        - name: POSTGRES_PORT
          value: "5432"
        - name: POSTGRES_USER
          value: "bluemayne"
        - name: POSTGRES_PASSWORD
          valueFrom:
            secretKeyRef:
              name: postgresql-password
              key: password
        - name: GITEA_TOKEN
          valueFrom:
            secretKeyRef:
              name: mas-api-keys
              key: gitea-token
              optional: true
        - name: REDIS_URL
          value: "redis://redis:6379/0"
        resources:
          requests:
            memory: "256Mi"
            cpu: "100m"
          limits:
            memory: "1Gi"