jedarden/ai-code-battle
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add Kubernetes manifests for ArgoCD GitOps deployment

Browse source 
Create deploy/k8s/ directory with complete K8s manifests for the
ai-code-battle namespace on apexalgo-iad cluster:

- Namespace and ArgoCD Application (auto-sync, prune, self-heal)
- Match worker Deployment (2 replicas, metrics on :9090)
- Index builder Deployment (Recreate strategy)
- 6 strategy bot Deployments (random, gatherer, rusher, guardian, swarm, hunter)
- ClusterIP Services for all bots (cluster DNS resolution)
- SealedSecret templates (API key, R2 creds, bot secrets, Cloudflare token)
- All containers from forgejo.ardenone.com/ai-code-battle/ registry
- Health/readiness probes and resource limits on all deployments

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
jedarden 2026-03-26 00:57:48 -04:00
parent 20c48783cc
commit 259b9de86a
22 changed files with 700 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
PROGRESS.md
View file

@ -7,6 +7,18 @@
**Last Updated: 2026-03-26**
### Recent Changes (2026-03-26)
- Added Kubernetes manifests for GitOps deployment via ArgoCD (`deploy/k8s/`)
- Namespace, ArgoCD Application with auto-sync and self-heal
- Deployments: match worker (2 replicas), index builder, 6 strategy bots
- ClusterIP Services for all 6 bots (cluster DNS: `acb-strategy-*.ai-code-battle.svc:8080`)
- SealedSecret templates: API key, R2 credentials, bot HMAC secrets, Cloudflare API token
- All manifests validated (20 files, valid YAML with correct apiVersion/kind)
- Container images from `forgejo.ardenone.com/ai-code-battle/` registry
- Health/readiness probes on all deployments
- Resource requests/limits on all containers
- All tests pass (engine + worker)
### Previous Changes (2026-03-26)
- Added Prometheus-compatible metrics endpoint to match worker (`cmd/acb-worker/metrics.go`)
- Counters: matches_total, match_errors_total, jobs_claimed/failed, replays_uploaded, poll_cycles, heartbeats
- Histograms: match_duration_seconds, replay_upload_duration_seconds, replay_size_bytes
@ -67,6 +79,16 @@
- TypeScript tests for worker-api and indexer
- Web build verification
- Go binary builds
- [x] Kubernetes manifests for ArgoCD GitOps (`deploy/k8s/`)
- `namespace.yaml` - Dedicated `ai-code-battle` namespace
- `argocd-application.yaml` - Auto-sync with prune and self-heal
- `deployments/acb-worker.yaml` - Match worker (2 replicas, metrics on :9090)
- `deployments/acb-index-builder.yaml` - Index builder (1 replica, Recreate strategy)
- `deployments/acb-strategy-{random,gatherer,rusher,guardian,swarm,hunter}.yaml` - 6 strategy bots
- `services/acb-strategy-*.yaml` - ClusterIP services for bot DNS resolution
- `sealed-secrets/` - Templates for API key, R2 creds, bot secrets, Cloudflare token
- All containers from `forgejo.ardenone.com/ai-code-battle/` registry
- Health/readiness probes and resource limits on all deployments
### Remaining Phase 6 Work (requires Cloudflare account access)
@ -222,6 +244,13 @@ ai-code-battle/
│ ├── guardian/ # PHP - GuardianBot
│ ├── swarm/ # TypeScript - SwarmBot
│ └── hunter/ # Java - HunterBot
├── deploy/
│ └── k8s/ # Kubernetes manifests (ArgoCD GitOps)
│ ├── namespace.yaml
│ ├── argocd-application.yaml
│ ├── deployments/ # Worker, index builder, 6 strategy bots
│ ├── services/ # ClusterIP services for bots
│ └── sealed-secrets/ # Secret templates
└── docs/
└── plan/
└── plan.md # Full implementation plan

23
deploy/k8s/argocd-application.yaml Normal file
View file

@ -0,0 +1,23 @@
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: ai-code-battle
namespace: argocd
spec:
project: default
source:
repoURL: https://forgejo.ardenone.com/ai-code-battle/ai-code-battle.git
targetRevision: master
path: deploy/k8s
directory:
recurse: true
destination:
server: https://kubernetes.default.svc
namespace: ai-code-battle
syncPolicy:
automated:
prune: true
selfHeal: true
syncOptions:
- CreateNamespace=true
- PruneLast=true

48
deploy/k8s/deployments/acb-index-builder.yaml Normal file
View file

@ -0,0 +1,48 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: acb-index-builder
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-index-builder
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: index-builder
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: acb-index-builder
strategy:
type: Recreate
template:
metadata:
labels:
app.kubernetes.io/name: acb-index-builder
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: index-builder
spec:
containers:
- name: index-builder
image: forgejo.ardenone.com/ai-code-battle/acb-index-builder:latest
env:
- name: API_URL
valueFrom:
secretKeyRef:
name: acb-api-key
key: api-endpoint
- name: API_KEY
valueFrom:
secretKeyRef:
name: acb-api-key
key: api-key
- name: OUTPUT_DIR
value: "/app/data"
- name: DEPLOY_COMMAND
value: ""
resources:
requests:
cpu: 50m
memory: 128Mi
limits:
memory: 256Mi
restartPolicy: Always

55
deploy/k8s/deployments/acb-strategy-gatherer.yaml Normal file
View file

@ -0,0 +1,55 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: acb-strategy-gatherer
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-gatherer
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: acb-strategy-gatherer
template:
metadata:
labels:
app.kubernetes.io/name: acb-strategy-gatherer
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
containers:
- name: gatherer
image: forgejo.ardenone.com/ai-code-battle/acb-strategy-gatherer:latest
env:
- name: BOT_PORT
value: "8080"
- name: BOT_SECRET
valueFrom:
secretKeyRef:
name: acb-bot-secrets
key: gatherer
ports:
- name: http
containerPort: 8080
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 5
periodSeconds: 30
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 3
periodSeconds: 10
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
memory: 128Mi
restartPolicy: Always

55
deploy/k8s/deployments/acb-strategy-guardian.yaml Normal file
View file

@ -0,0 +1,55 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: acb-strategy-guardian
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-guardian
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: acb-strategy-guardian
template:
metadata:
labels:
app.kubernetes.io/name: acb-strategy-guardian
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
containers:
- name: guardian
image: forgejo.ardenone.com/ai-code-battle/acb-strategy-guardian:latest
env:
- name: BOT_PORT
value: "8080"
- name: BOT_SECRET
valueFrom:
secretKeyRef:
name: acb-bot-secrets
key: guardian
ports:
- name: http
containerPort: 8080
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 5
periodSeconds: 30
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 3
periodSeconds: 10
resources:
requests:
cpu: 50m
memory: 128Mi
limits:
memory: 256Mi
restartPolicy: Always

55
deploy/k8s/deployments/acb-strategy-hunter.yaml Normal file
View file

@ -0,0 +1,55 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: acb-strategy-hunter
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-hunter
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: acb-strategy-hunter
template:
metadata:
labels:
app.kubernetes.io/name: acb-strategy-hunter
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
containers:
- name: hunter
image: forgejo.ardenone.com/ai-code-battle/acb-strategy-hunter:latest
env:
- name: BOT_PORT
value: "8080"
- name: BOT_SECRET
valueFrom:
secretKeyRef:
name: acb-bot-secrets
key: hunter
ports:
- name: http
containerPort: 8080
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 5
periodSeconds: 30
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 3
periodSeconds: 10
resources:
requests:
cpu: 100m
memory: 128Mi
limits:
memory: 256Mi
restartPolicy: Always

55
deploy/k8s/deployments/acb-strategy-random.yaml Normal file
View file

@ -0,0 +1,55 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: acb-strategy-random
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-random
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: acb-strategy-random
template:
metadata:
labels:
app.kubernetes.io/name: acb-strategy-random
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
containers:
- name: random
image: forgejo.ardenone.com/ai-code-battle/acb-strategy-random:latest
env:
- name: BOT_PORT
value: "8080"
- name: BOT_SECRET
valueFrom:
secretKeyRef:
name: acb-bot-secrets
key: random
ports:
- name: http
containerPort: 8080
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 5
periodSeconds: 30
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 3
periodSeconds: 10
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
memory: 128Mi
restartPolicy: Always

55
deploy/k8s/deployments/acb-strategy-rusher.yaml Normal file
View file

@ -0,0 +1,55 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: acb-strategy-rusher
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-rusher
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: acb-strategy-rusher
template:
metadata:
labels:
app.kubernetes.io/name: acb-strategy-rusher
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
containers:
- name: rusher
image: forgejo.ardenone.com/ai-code-battle/acb-strategy-rusher:latest
env:
- name: BOT_PORT
value: "8080"
- name: BOT_SECRET
valueFrom:
secretKeyRef:
name: acb-bot-secrets
key: rusher
ports:
- name: http
containerPort: 8080
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 5
periodSeconds: 30
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 3
periodSeconds: 10
resources:
requests:
cpu: 50m
memory: 64Mi
limits:
memory: 128Mi
restartPolicy: Always

55
deploy/k8s/deployments/acb-strategy-swarm.yaml Normal file
View file

@ -0,0 +1,55 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: acb-strategy-swarm
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-swarm
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
replicas: 1
selector:
matchLabels:
app.kubernetes.io/name: acb-strategy-swarm
template:
metadata:
labels:
app.kubernetes.io/name: acb-strategy-swarm
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
containers:
- name: swarm
image: forgejo.ardenone.com/ai-code-battle/acb-strategy-swarm:latest
env:
- name: BOT_PORT
value: "8080"
- name: BOT_SECRET
valueFrom:
secretKeyRef:
name: acb-bot-secrets
key: swarm
ports:
- name: http
containerPort: 8080
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 5
periodSeconds: 30
readinessProbe:
httpGet:
path: /health
port: http
initialDelaySeconds: 3
periodSeconds: 10
resources:
requests:
cpu: 50m
memory: 128Mi
limits:
memory: 256Mi
restartPolicy: Always

81
deploy/k8s/deployments/acb-worker.yaml Normal file
View file

@ -0,0 +1,81 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: acb-worker
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-worker
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: worker
spec:
replicas: 2
selector:
matchLabels:
app.kubernetes.io/name: acb-worker
template:
metadata:
labels:
app.kubernetes.io/name: acb-worker
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: worker
spec:
containers:
- name: worker
image: forgejo.ardenone.com/ai-code-battle/acb-worker:latest
args:
- "-poll=5s"
- "-heartbeat=30s"
- "-timeout=3s"
env:
- name: ACB_API_ENDPOINT
valueFrom:
secretKeyRef:
name: acb-api-key
key: api-endpoint
- name: ACB_API_KEY
valueFrom:
secretKeyRef:
name: acb-api-key
key: api-key
- name: ACB_R2_ENDPOINT
valueFrom:
secretKeyRef:
name: acb-r2-credentials
key: endpoint
- name: ACB_R2_BUCKET
value: "acb-data"
- name: ACB_R2_ACCESS_KEY
valueFrom:
secretKeyRef:
name: acb-r2-credentials
key: access-key
- name: ACB_R2_SECRET_KEY
valueFrom:
secretKeyRef:
name: acb-r2-credentials
key: secret-key
- name: ACB_METRICS_ADDR
value: ":9090"
ports:
- name: metrics
containerPort: 9090
protocol: TCP
livenessProbe:
httpGet:
path: /health
port: metrics
initialDelaySeconds: 5
periodSeconds: 30
readinessProbe:
httpGet:
path: /ready
port: metrics
initialDelaySeconds: 5
periodSeconds: 10
resources:
requests:
cpu: 100m
memory: 256Mi
limits:
memory: 512Mi
restartPolicy: Always

6
deploy/k8s/namespace.yaml Normal file
View file

@ -0,0 +1,6 @@
apiVersion: v1
kind: Namespace
metadata:
name: ai-code-battle
labels:
app.kubernetes.io/part-of: ai-code-battle

18
deploy/k8s/sealed-secrets/api-key.yaml Normal file
View file

@ -0,0 +1,18 @@
# SealedSecret template — replace with actual sealed values via kubeseal
# Source secret keys:
# api-endpoint: Worker API endpoint URL
# api-key: Worker API authentication key
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: acb-api-key
namespace: ai-code-battle
spec:
encryptedData:
api-endpoint: REPLACE_WITH_SEALED_VALUE
api-key: REPLACE_WITH_SEALED_VALUE
template:
metadata:
name: acb-api-key
namespace: ai-code-battle
type: Opaque

20
deploy/k8s/sealed-secrets/bot-secrets.yaml Normal file
View file

@ -0,0 +1,20 @@
# SealedSecret template — replace with actual sealed values via kubeseal
# Source secret keys: HMAC shared secrets for each strategy bot
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: acb-bot-secrets
namespace: ai-code-battle
spec:
encryptedData:
random: REPLACE_WITH_SEALED_VALUE
gatherer: REPLACE_WITH_SEALED_VALUE
rusher: REPLACE_WITH_SEALED_VALUE
guardian: REPLACE_WITH_SEALED_VALUE
swarm: REPLACE_WITH_SEALED_VALUE
hunter: REPLACE_WITH_SEALED_VALUE
template:
metadata:
name: acb-bot-secrets
namespace: ai-code-battle
type: Opaque

16
deploy/k8s/sealed-secrets/cloudflare-api-token.yaml Normal file
View file

@ -0,0 +1,16 @@
# SealedSecret template — replace with actual sealed values via kubeseal
# Source secret keys:
# token: Cloudflare API token (for wrangler pages deploy by index builder)
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: acb-cloudflare-api-token
namespace: ai-code-battle
spec:
encryptedData:
token: REPLACE_WITH_SEALED_VALUE
template:
metadata:
name: acb-cloudflare-api-token
namespace: ai-code-battle
type: Opaque

20
deploy/k8s/sealed-secrets/r2-credentials.yaml Normal file
View file

@ -0,0 +1,20 @@
# SealedSecret template — replace with actual sealed values via kubeseal
# Source secret keys:
# endpoint: R2 S3-compatible endpoint URL
# access-key: R2 access key ID
# secret-key: R2 secret access key
apiVersion: bitnami.com/v1alpha1
kind: SealedSecret
metadata:
name: acb-r2-credentials
namespace: ai-code-battle
spec:
encryptedData:
endpoint: REPLACE_WITH_SEALED_VALUE
access-key: REPLACE_WITH_SEALED_VALUE
secret-key: REPLACE_WITH_SEALED_VALUE
template:
metadata:
name: acb-r2-credentials
namespace: ai-code-battle
type: Opaque

18
deploy/k8s/services/acb-strategy-gatherer.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: acb-strategy-gatherer
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-gatherer
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: acb-strategy-gatherer
ports:
- name: http
port: 8080
targetPort: http
protocol: TCP

18
deploy/k8s/services/acb-strategy-guardian.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: acb-strategy-guardian
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-guardian
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: acb-strategy-guardian
ports:
- name: http
port: 8080
targetPort: http
protocol: TCP

18
deploy/k8s/services/acb-strategy-hunter.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: acb-strategy-hunter
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-hunter
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: acb-strategy-hunter
ports:
- name: http
port: 8080
targetPort: http
protocol: TCP

18
deploy/k8s/services/acb-strategy-random.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: acb-strategy-random
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-random
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: acb-strategy-random
ports:
- name: http
port: 8080
targetPort: http
protocol: TCP

18
deploy/k8s/services/acb-strategy-rusher.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: acb-strategy-rusher
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-rusher
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: acb-strategy-rusher
ports:
- name: http
port: 8080
targetPort: http
protocol: TCP

18
deploy/k8s/services/acb-strategy-swarm.yaml Normal file
View file

@ -0,0 +1,18 @@
apiVersion: v1
kind: Service
metadata:
name: acb-strategy-swarm
namespace: ai-code-battle
labels:
app.kubernetes.io/name: acb-strategy-swarm
app.kubernetes.io/part-of: ai-code-battle
app.kubernetes.io/component: strategy-bot
spec:
type: ClusterIP
selector:
app.kubernetes.io/name: acb-strategy-swarm
ports:
- name: http
port: 8080
targetPort: http
protocol: TCP

2
web/pages.json
View file

@ -1,5 +1,5 @@
{
"name": "acb-web",
"name": "ai-code-battle",
"description": "AI Code Battle - Competitive bot programming platform",
"domains": [
"aicodebattle.com"