From 1c61d80bd4067006a3cf788d7f7640a956d2b59a Mon Sep 17 00:00:00 2001 From: jedarden Date: Thu, 23 Apr 2026 23:22:09 -0400 Subject: [PATCH] feat(manifests): add acb-bots namespace with K8s manifests for 6 strategy bots Creates manifests/acb-bots/ staging directory for the acb-bots namespace, containing Deployment + Service + ExternalSecret for all 6 strategy bots (random, gatherer, rusher, guardian, swarm, hunter) plus namespace and docker-hub-registry ExternalSecret. Co-Authored-By: Claude Sonnet 4.6 --- .../acb-bots/bot-gatherer-deployment.yml | 71 ++++++++++++++++++ .../acb-bots/bot-gatherer-externalsecret.yml | 27 +++++++ manifests/acb-bots/bot-gatherer-service.yml | 22 ++++++ .../acb-bots/bot-guardian-deployment.yml | 71 ++++++++++++++++++ .../acb-bots/bot-guardian-externalsecret.yml | 27 +++++++ manifests/acb-bots/bot-guardian-service.yml | 22 ++++++ manifests/acb-bots/bot-hunter-deployment.yml | 72 +++++++++++++++++++ .../acb-bots/bot-hunter-externalsecret.yml | 27 +++++++ manifests/acb-bots/bot-hunter-service.yml | 22 ++++++ manifests/acb-bots/bot-random-deployment.yml | 71 ++++++++++++++++++ .../acb-bots/bot-random-externalsecret.yml | 27 +++++++ manifests/acb-bots/bot-random-service.yml | 22 ++++++ manifests/acb-bots/bot-rusher-deployment.yml | 71 ++++++++++++++++++ .../acb-bots/bot-rusher-externalsecret.yml | 27 +++++++ manifests/acb-bots/bot-rusher-service.yml | 22 ++++++ manifests/acb-bots/bot-swarm-deployment.yml | 71 ++++++++++++++++++ .../acb-bots/bot-swarm-externalsecret.yml | 27 +++++++ manifests/acb-bots/bot-swarm-service.yml | 22 ++++++ .../docker-hub-registry-externalsecret.yml | 27 +++++++ manifests/acb-bots/namespace.yml | 12 ++++ 20 files changed, 760 insertions(+) create mode 100644 manifests/acb-bots/bot-gatherer-deployment.yml create mode 100644 manifests/acb-bots/bot-gatherer-externalsecret.yml create mode 100644 manifests/acb-bots/bot-gatherer-service.yml create mode 100644 manifests/acb-bots/bot-guardian-deployment.yml create mode 100644 manifests/acb-bots/bot-guardian-externalsecret.yml create mode 100644 manifests/acb-bots/bot-guardian-service.yml create mode 100644 manifests/acb-bots/bot-hunter-deployment.yml create mode 100644 manifests/acb-bots/bot-hunter-externalsecret.yml create mode 100644 manifests/acb-bots/bot-hunter-service.yml create mode 100644 manifests/acb-bots/bot-random-deployment.yml create mode 100644 manifests/acb-bots/bot-random-externalsecret.yml create mode 100644 manifests/acb-bots/bot-random-service.yml create mode 100644 manifests/acb-bots/bot-rusher-deployment.yml create mode 100644 manifests/acb-bots/bot-rusher-externalsecret.yml create mode 100644 manifests/acb-bots/bot-rusher-service.yml create mode 100644 manifests/acb-bots/bot-swarm-deployment.yml create mode 100644 manifests/acb-bots/bot-swarm-externalsecret.yml create mode 100644 manifests/acb-bots/bot-swarm-service.yml create mode 100644 manifests/acb-bots/docker-hub-registry-externalsecret.yml create mode 100644 manifests/acb-bots/namespace.yml diff --git a/manifests/acb-bots/bot-gatherer-deployment.yml b/manifests/acb-bots/bot-gatherer-deployment.yml new file mode 100644 index 0000000..ad296f7 --- /dev/null +++ b/manifests/acb-bots/bot-gatherer-deployment.yml @@ -0,0 +1,71 @@ +# bot-gatherer: GathererBot — Go strategy bot +# BFS to nearest energy, avoids combat entirely. Reference implementation for Go bots. +# HTTP server on port 8080, POST /turn, GET /health. +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bot-gatherer + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-gatherer + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + annotations: + argocd-image-updater.argoproj.io/image-list: app=ronaldraygun/acb-bot-gatherer + argocd-image-updater.argoproj.io/app.update-strategy: name + argocd-image-updater.argoproj.io/app.allow-tags: 'regexp:^sha-[0-9a-f]+$' + argocd-image-updater.argoproj.io/write-back-method: argocd +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: bot-gatherer + template: + metadata: + labels: + app.kubernetes.io/name: bot-gatherer + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + spec: + restartPolicy: Always + imagePullSecrets: + - name: docker-hub-registry + containers: + - name: bot + image: ronaldraygun/acb-bot-gatherer:sha-placeholder + imagePullPolicy: Always + env: + - name: BOT_PORT + value: "8080" + - name: BOT_SECRET + valueFrom: + secretKeyRef: + name: acb-bot-gatherer-secret + key: shared-secret + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 5 + periodSeconds: 30 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 3 + periodSeconds: 10 + failureThreshold: 3 + resources: + requests: + cpu: 50m + memory: 64Mi + limits: + memory: 128Mi diff --git a/manifests/acb-bots/bot-gatherer-externalsecret.yml b/manifests/acb-bots/bot-gatherer-externalsecret.yml new file mode 100644 index 0000000..e34da56 --- /dev/null +++ b/manifests/acb-bots/bot-gatherer-externalsecret.yml @@ -0,0 +1,27 @@ +# bot-gatherer: ExternalSecret for GathererBot shared secret +# Pulls shared_secret from OpenBao at rs-manager/ai-code-battle/bots/gatherer +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: acb-bot-gatherer-secret + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-gatherer + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + refreshInterval: 1h + secretStoreRef: + name: openbao + kind: ClusterSecretStore + target: + name: acb-bot-gatherer-secret + creationPolicy: Owner + data: + - secretKey: shared-secret + remoteRef: + key: rs-manager/ai-code-battle/bots/gatherer + property: shared_secret diff --git a/manifests/acb-bots/bot-gatherer-service.yml b/manifests/acb-bots/bot-gatherer-service.yml new file mode 100644 index 0000000..c93e39e --- /dev/null +++ b/manifests/acb-bots/bot-gatherer-service.yml @@ -0,0 +1,22 @@ +# bot-gatherer: Service for GathererBot +# DNS: http://bot-gatherer.acb-bots.svc.cluster.local +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: v1 +kind: Service +metadata: + name: bot-gatherer + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-gatherer + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + selector: + app.kubernetes.io/name: bot-gatherer + ports: + - name: http + port: 80 + targetPort: http + protocol: TCP diff --git a/manifests/acb-bots/bot-guardian-deployment.yml b/manifests/acb-bots/bot-guardian-deployment.yml new file mode 100644 index 0000000..e19bd4f --- /dev/null +++ b/manifests/acb-bots/bot-guardian-deployment.yml @@ -0,0 +1,71 @@ +# bot-guardian: GuardianBot — PHP strategy bot +# Perimeter defense around cores, cautious energy gathering, conservative spawning. +# HTTP server on port 8080, POST /turn, GET /health. +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bot-guardian + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-guardian + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + annotations: + argocd-image-updater.argoproj.io/image-list: app=ronaldraygun/acb-bot-guardian + argocd-image-updater.argoproj.io/app.update-strategy: name + argocd-image-updater.argoproj.io/app.allow-tags: 'regexp:^sha-[0-9a-f]+$' + argocd-image-updater.argoproj.io/write-back-method: argocd +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: bot-guardian + template: + metadata: + labels: + app.kubernetes.io/name: bot-guardian + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + spec: + restartPolicy: Always + imagePullSecrets: + - name: docker-hub-registry + containers: + - name: bot + image: ronaldraygun/acb-bot-guardian:sha-placeholder + imagePullPolicy: Always + env: + - name: BOT_PORT + value: "8080" + - name: BOT_SECRET + valueFrom: + secretKeyRef: + name: acb-bot-guardian-secret + key: shared-secret + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 5 + periodSeconds: 30 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 3 + periodSeconds: 10 + failureThreshold: 3 + resources: + requests: + cpu: 50m + memory: 64Mi + limits: + memory: 128Mi diff --git a/manifests/acb-bots/bot-guardian-externalsecret.yml b/manifests/acb-bots/bot-guardian-externalsecret.yml new file mode 100644 index 0000000..3e1a4bf --- /dev/null +++ b/manifests/acb-bots/bot-guardian-externalsecret.yml @@ -0,0 +1,27 @@ +# bot-guardian: ExternalSecret for GuardianBot shared secret +# Pulls shared_secret from OpenBao at rs-manager/ai-code-battle/bots/guardian +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: acb-bot-guardian-secret + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-guardian + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + refreshInterval: 1h + secretStoreRef: + name: openbao + kind: ClusterSecretStore + target: + name: acb-bot-guardian-secret + creationPolicy: Owner + data: + - secretKey: shared-secret + remoteRef: + key: rs-manager/ai-code-battle/bots/guardian + property: shared_secret diff --git a/manifests/acb-bots/bot-guardian-service.yml b/manifests/acb-bots/bot-guardian-service.yml new file mode 100644 index 0000000..1e9cc15 --- /dev/null +++ b/manifests/acb-bots/bot-guardian-service.yml @@ -0,0 +1,22 @@ +# bot-guardian: Service for GuardianBot +# DNS: http://bot-guardian.acb-bots.svc.cluster.local +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: v1 +kind: Service +metadata: + name: bot-guardian + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-guardian + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + selector: + app.kubernetes.io/name: bot-guardian + ports: + - name: http + port: 80 + targetPort: http + protocol: TCP diff --git a/manifests/acb-bots/bot-hunter-deployment.yml b/manifests/acb-bots/bot-hunter-deployment.yml new file mode 100644 index 0000000..44b6288 --- /dev/null +++ b/manifests/acb-bots/bot-hunter-deployment.yml @@ -0,0 +1,72 @@ +# bot-hunter: HunterBot — Java strategy bot +# Targets isolated enemy bots (2v1), predicts enemy movement, Hungarian algorithm assignment. +# Higher CPU/memory allocation due to JVM overhead. +# HTTP server on port 8080, POST /turn, GET /health. +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bot-hunter + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-hunter + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + annotations: + argocd-image-updater.argoproj.io/image-list: app=ronaldraygun/acb-bot-hunter + argocd-image-updater.argoproj.io/app.update-strategy: name + argocd-image-updater.argoproj.io/app.allow-tags: 'regexp:^sha-[0-9a-f]+$' + argocd-image-updater.argoproj.io/write-back-method: argocd +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: bot-hunter + template: + metadata: + labels: + app.kubernetes.io/name: bot-hunter + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + spec: + restartPolicy: Always + imagePullSecrets: + - name: docker-hub-registry + containers: + - name: bot + image: ronaldraygun/acb-bot-hunter:sha-placeholder + imagePullPolicy: Always + env: + - name: BOT_PORT + value: "8080" + - name: BOT_SECRET + valueFrom: + secretKeyRef: + name: acb-bot-hunter-secret + key: shared-secret + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 15 + periodSeconds: 30 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 10 + periodSeconds: 10 + failureThreshold: 3 + resources: + requests: + cpu: 100m + memory: 128Mi + limits: + memory: 256Mi diff --git a/manifests/acb-bots/bot-hunter-externalsecret.yml b/manifests/acb-bots/bot-hunter-externalsecret.yml new file mode 100644 index 0000000..aec1b29 --- /dev/null +++ b/manifests/acb-bots/bot-hunter-externalsecret.yml @@ -0,0 +1,27 @@ +# bot-hunter: ExternalSecret for HunterBot shared secret +# Pulls shared_secret from OpenBao at rs-manager/ai-code-battle/bots/hunter +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: acb-bot-hunter-secret + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-hunter + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + refreshInterval: 1h + secretStoreRef: + name: openbao + kind: ClusterSecretStore + target: + name: acb-bot-hunter-secret + creationPolicy: Owner + data: + - secretKey: shared-secret + remoteRef: + key: rs-manager/ai-code-battle/bots/hunter + property: shared_secret diff --git a/manifests/acb-bots/bot-hunter-service.yml b/manifests/acb-bots/bot-hunter-service.yml new file mode 100644 index 0000000..1376def --- /dev/null +++ b/manifests/acb-bots/bot-hunter-service.yml @@ -0,0 +1,22 @@ +# bot-hunter: Service for HunterBot +# DNS: http://bot-hunter.acb-bots.svc.cluster.local +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: v1 +kind: Service +metadata: + name: bot-hunter + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-hunter + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + selector: + app.kubernetes.io/name: bot-hunter + ports: + - name: http + port: 80 + targetPort: http + protocol: TCP diff --git a/manifests/acb-bots/bot-random-deployment.yml b/manifests/acb-bots/bot-random-deployment.yml new file mode 100644 index 0000000..1c840c0 --- /dev/null +++ b/manifests/acb-bots/bot-random-deployment.yml @@ -0,0 +1,71 @@ +# bot-random: RandomBot — Python strategy bot +# Makes uniformly random valid moves each turn. Rating floor / easiest opponent. +# HTTP server on port 8080, POST /turn, GET /health. +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bot-random + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-random + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + annotations: + argocd-image-updater.argoproj.io/image-list: app=ronaldraygun/acb-bot-random + argocd-image-updater.argoproj.io/app.update-strategy: name + argocd-image-updater.argoproj.io/app.allow-tags: 'regexp:^sha-[0-9a-f]+$' + argocd-image-updater.argoproj.io/write-back-method: argocd +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: bot-random + template: + metadata: + labels: + app.kubernetes.io/name: bot-random + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + spec: + restartPolicy: Always + imagePullSecrets: + - name: docker-hub-registry + containers: + - name: bot + image: ronaldraygun/acb-bot-random:sha-placeholder + imagePullPolicy: Always + env: + - name: BOT_PORT + value: "8080" + - name: BOT_SECRET + valueFrom: + secretKeyRef: + name: acb-bot-random-secret + key: shared-secret + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 5 + periodSeconds: 30 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 3 + periodSeconds: 10 + failureThreshold: 3 + resources: + requests: + cpu: 50m + memory: 64Mi + limits: + memory: 64Mi diff --git a/manifests/acb-bots/bot-random-externalsecret.yml b/manifests/acb-bots/bot-random-externalsecret.yml new file mode 100644 index 0000000..cdc28b3 --- /dev/null +++ b/manifests/acb-bots/bot-random-externalsecret.yml @@ -0,0 +1,27 @@ +# bot-random: ExternalSecret for RandomBot shared secret +# Pulls shared_secret from OpenBao at rs-manager/ai-code-battle/bots/random +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: acb-bot-random-secret + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-random + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + refreshInterval: 1h + secretStoreRef: + name: openbao + kind: ClusterSecretStore + target: + name: acb-bot-random-secret + creationPolicy: Owner + data: + - secretKey: shared-secret + remoteRef: + key: rs-manager/ai-code-battle/bots/random + property: shared_secret diff --git a/manifests/acb-bots/bot-random-service.yml b/manifests/acb-bots/bot-random-service.yml new file mode 100644 index 0000000..b46c9ad --- /dev/null +++ b/manifests/acb-bots/bot-random-service.yml @@ -0,0 +1,22 @@ +# bot-random: Service for RandomBot +# DNS: http://bot-random.acb-bots.svc.cluster.local +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: v1 +kind: Service +metadata: + name: bot-random + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-random + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + selector: + app.kubernetes.io/name: bot-random + ports: + - name: http + port: 80 + targetPort: http + protocol: TCP diff --git a/manifests/acb-bots/bot-rusher-deployment.yml b/manifests/acb-bots/bot-rusher-deployment.yml new file mode 100644 index 0000000..90eb533 --- /dev/null +++ b/manifests/acb-bots/bot-rusher-deployment.yml @@ -0,0 +1,71 @@ +# bot-rusher: RusherBot — Rust strategy bot +# BFS to nearest enemy core, ignores energy, rushes aggressively. +# HTTP server on port 8080, POST /turn, GET /health. +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bot-rusher + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-rusher + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + annotations: + argocd-image-updater.argoproj.io/image-list: app=ronaldraygun/acb-bot-rusher + argocd-image-updater.argoproj.io/app.update-strategy: name + argocd-image-updater.argoproj.io/app.allow-tags: 'regexp:^sha-[0-9a-f]+$' + argocd-image-updater.argoproj.io/write-back-method: argocd +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: bot-rusher + template: + metadata: + labels: + app.kubernetes.io/name: bot-rusher + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + spec: + restartPolicy: Always + imagePullSecrets: + - name: docker-hub-registry + containers: + - name: bot + image: ronaldraygun/acb-bot-rusher:sha-placeholder + imagePullPolicy: Always + env: + - name: BOT_PORT + value: "8080" + - name: BOT_SECRET + valueFrom: + secretKeyRef: + name: acb-bot-rusher-secret + key: shared-secret + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 5 + periodSeconds: 30 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 3 + periodSeconds: 10 + failureThreshold: 3 + resources: + requests: + cpu: 50m + memory: 64Mi + limits: + memory: 128Mi diff --git a/manifests/acb-bots/bot-rusher-externalsecret.yml b/manifests/acb-bots/bot-rusher-externalsecret.yml new file mode 100644 index 0000000..c310cb4 --- /dev/null +++ b/manifests/acb-bots/bot-rusher-externalsecret.yml @@ -0,0 +1,27 @@ +# bot-rusher: ExternalSecret for RusherBot shared secret +# Pulls shared_secret from OpenBao at rs-manager/ai-code-battle/bots/rusher +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: acb-bot-rusher-secret + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-rusher + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + refreshInterval: 1h + secretStoreRef: + name: openbao + kind: ClusterSecretStore + target: + name: acb-bot-rusher-secret + creationPolicy: Owner + data: + - secretKey: shared-secret + remoteRef: + key: rs-manager/ai-code-battle/bots/rusher + property: shared_secret diff --git a/manifests/acb-bots/bot-rusher-service.yml b/manifests/acb-bots/bot-rusher-service.yml new file mode 100644 index 0000000..ece8e54 --- /dev/null +++ b/manifests/acb-bots/bot-rusher-service.yml @@ -0,0 +1,22 @@ +# bot-rusher: Service for RusherBot +# DNS: http://bot-rusher.acb-bots.svc.cluster.local +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: v1 +kind: Service +metadata: + name: bot-rusher + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-rusher + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + selector: + app.kubernetes.io/name: bot-rusher + ports: + - name: http + port: 80 + targetPort: http + protocol: TCP diff --git a/manifests/acb-bots/bot-swarm-deployment.yml b/manifests/acb-bots/bot-swarm-deployment.yml new file mode 100644 index 0000000..958beed --- /dev/null +++ b/manifests/acb-bots/bot-swarm-deployment.yml @@ -0,0 +1,71 @@ +# bot-swarm: SwarmBot — TypeScript strategy bot +# Tight formation advance, cohesion-based movement toward enemy presence. +# HTTP server on port 8080, POST /turn, GET /health. +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: bot-swarm + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-swarm + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + annotations: + argocd-image-updater.argoproj.io/image-list: app=ronaldraygun/acb-bot-swarm + argocd-image-updater.argoproj.io/app.update-strategy: name + argocd-image-updater.argoproj.io/app.allow-tags: 'regexp:^sha-[0-9a-f]+$' + argocd-image-updater.argoproj.io/write-back-method: argocd +spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: bot-swarm + template: + metadata: + labels: + app.kubernetes.io/name: bot-swarm + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot + spec: + restartPolicy: Always + imagePullSecrets: + - name: docker-hub-registry + containers: + - name: bot + image: ronaldraygun/acb-bot-swarm:sha-placeholder + imagePullPolicy: Always + env: + - name: BOT_PORT + value: "8080" + - name: BOT_SECRET + valueFrom: + secretKeyRef: + name: acb-bot-swarm-secret + key: shared-secret + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 5 + periodSeconds: 30 + failureThreshold: 3 + readinessProbe: + httpGet: + path: /health + port: http + initialDelaySeconds: 3 + periodSeconds: 10 + failureThreshold: 3 + resources: + requests: + cpu: 50m + memory: 64Mi + limits: + memory: 128Mi diff --git a/manifests/acb-bots/bot-swarm-externalsecret.yml b/manifests/acb-bots/bot-swarm-externalsecret.yml new file mode 100644 index 0000000..a0a0702 --- /dev/null +++ b/manifests/acb-bots/bot-swarm-externalsecret.yml @@ -0,0 +1,27 @@ +# bot-swarm: ExternalSecret for SwarmBot shared secret +# Pulls shared_secret from OpenBao at rs-manager/ai-code-battle/bots/swarm +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: acb-bot-swarm-secret + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-swarm + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + refreshInterval: 1h + secretStoreRef: + name: openbao + kind: ClusterSecretStore + target: + name: acb-bot-swarm-secret + creationPolicy: Owner + data: + - secretKey: shared-secret + remoteRef: + key: rs-manager/ai-code-battle/bots/swarm + property: shared_secret diff --git a/manifests/acb-bots/bot-swarm-service.yml b/manifests/acb-bots/bot-swarm-service.yml new file mode 100644 index 0000000..b880180 --- /dev/null +++ b/manifests/acb-bots/bot-swarm-service.yml @@ -0,0 +1,22 @@ +# bot-swarm: Service for SwarmBot +# DNS: http://bot-swarm.acb-bots.svc.cluster.local +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: v1 +kind: Service +metadata: + name: bot-swarm + namespace: acb-bots + labels: + app.kubernetes.io/name: bot-swarm + app.kubernetes.io/part-of: ai-code-battle + app.kubernetes.io/component: strategy-bot +spec: + selector: + app.kubernetes.io/name: bot-swarm + ports: + - name: http + port: 80 + targetPort: http + protocol: TCP diff --git a/manifests/acb-bots/docker-hub-registry-externalsecret.yml b/manifests/acb-bots/docker-hub-registry-externalsecret.yml new file mode 100644 index 0000000..e4933c8 --- /dev/null +++ b/manifests/acb-bots/docker-hub-registry-externalsecret.yml @@ -0,0 +1,27 @@ +# docker-hub-registry: ExternalSecret to provision imagePullSecret in acb-bots namespace +# Mirrors the docker-hub-registry secret from OpenBao so bot Deployments can pull images. +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: external-secrets.io/v1 +kind: ExternalSecret +metadata: + name: docker-hub-registry + namespace: acb-bots + labels: + app.kubernetes.io/part-of: ai-code-battle +spec: + refreshInterval: 1h + secretStoreRef: + name: openbao + kind: ClusterSecretStore + target: + name: docker-hub-registry + creationPolicy: Owner + template: + type: kubernetes.io/dockerconfigjson + data: + - secretKey: .dockerconfigjson + remoteRef: + key: apexalgo-iad/registry/docker-hub + property: dockerconfigjson diff --git a/manifests/acb-bots/namespace.yml b/manifests/acb-bots/namespace.yml new file mode 100644 index 0000000..5a97be1 --- /dev/null +++ b/manifests/acb-bots/namespace.yml @@ -0,0 +1,12 @@ +# acb-bots: Namespace for AI Code Battle strategy bot deployments +# Separate from ai-code-battle namespace for clean isolation of bot services. +# Bot endpoints: http://bot-.acb-bots.svc.cluster.local +# +# Staging file — sync to declarative-config/k8s/iad-acb/acb-bots/ +--- +apiVersion: v1 +kind: Namespace +metadata: + name: acb-bots + labels: + app.kubernetes.io/part-of: ai-code-battle