From f86782a60f2f8a0cef62ccda44d5694e8353a94c Mon Sep 17 00:00:00 2001 From: kisfenyo Date: Wed, 25 Mar 2026 20:00:40 +0100 Subject: [PATCH] added JARR worker --- jarrs-system/jarr-dev.yaml | 169 +++++++++++++++++++++++++++++++++++++ 1 file changed, 169 insertions(+) diff --git a/jarrs-system/jarr-dev.yaml b/jarrs-system/jarr-dev.yaml index fc1796e..d1274e0 100644 --- a/jarrs-system/jarr-dev.yaml +++ b/jarrs-system/jarr-dev.yaml @@ -534,3 +534,172 @@ spec: - hosts: - dev.jarrs.eu secretName: dev-jarr-tls +--- +# ============================================================================= +# JARR Worker Deployment +# ============================================================================= +# Separate deployment for the BullMQ background worker. +# Uses the same Docker image as the API, with CMD override. +# +# Processes: token cleanup (hourly), scheduled pulls, pre-flight checks. +# Publishes real-time events via EventBus (Redis Pub/Sub). +# +# No Service or Ingress needed — worker doesn't accept inbound traffic. +# k8s probes access the container health endpoint directly via pod IP. +# +# APPLY (append to jarr-dev.yaml or apply separately): +# kubectl apply -f dev-jarr-worker.yaml +# kubectl -n jarrs-system rollout status deployment/dev-jarr-worker +# +# VERIFY: +# kubectl -n jarrs-system get pods -l app.kubernetes.io/component=worker +# kubectl -n jarrs-system logs deploy/dev-jarr-worker -c jarr-worker --tail=50 +# kubectl exec -n jarrs-system deploy/dev-jarr-worker -c jarr-worker -- wget -qO- http://localhost:3001/health +# ============================================================================= +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + name: dev-jarr-worker + namespace: jarrs-system + labels: + app.kubernetes.io/name: jarr + app.kubernetes.io/instance: dev-jarr + app.kubernetes.io/component: worker +spec: + replicas: 1 + strategy: + type: Recreate # No rolling update needed — single worker is fine + selector: + matchLabels: + app.kubernetes.io/instance: dev-jarr + app.kubernetes.io/component: worker + template: + metadata: + labels: + app.kubernetes.io/name: jarr + app.kubernetes.io/instance: dev-jarr + app.kubernetes.io/component: worker + spec: + initContainers: + # 1. Wait for PostgreSQL to accept connections + - name: wait-for-db + image: busybox:1.36 + command: + - sh + - -c + - | + echo "Waiting for PostgreSQL..." + until nc -z dev-jarr-postgres 5432; do + echo "PostgreSQL not ready, waiting..." + sleep 2 + done + echo "PostgreSQL is ready!" + # 2. Wait for Redis to accept connections + - name: wait-for-redis + image: busybox:1.36 + command: + - sh + - -c + - | + echo "Waiting for Redis..." + until nc -z dev-jarr-redis 6379; do + echo "Redis not ready, waiting..." + sleep 2 + done + echo "Redis is ready!" + # 3. Wait for API to be healthy (migrations complete) + # Prevents the worker from picking up stale queued jobs + # before schema migrations have been applied. + - name: wait-for-api + image: busybox:1.36 + command: + - sh + - -c + - | + echo "Waiting for API to be healthy (migrations done)..." + until wget -qO- http://dev-jarr:3000/v1/health >/dev/null 2>&1; do + echo "API not ready, waiting..." + sleep 3 + done + echo "API is healthy!" + containers: + - name: jarr-worker + image: gitea.dooplex.hu/admin/jarr:latest + imagePullPolicy: Always + command: ["node", "apps/api/dist/worker.js"] + env: + - name: NODE_ENV + value: development + # Database + - name: DB_USER + valueFrom: + secretKeyRef: + name: dev-jarr-db + key: username + - name: DB_PASS + valueFrom: + secretKeyRef: + name: dev-jarr-db + key: password + - name: DATABASE_URL + value: "postgresql://$(DB_USER):$(DB_PASS)@dev-jarr-postgres:5432/jarr_dev" + # Redis + - name: REDIS_URL + value: "redis://dev-jarr-redis:6379" + # JWT (needed by NotificationService for HMAC unsubscribe tokens) + - name: JWT_ACCESS_SECRET + valueFrom: + secretKeyRef: + name: dev-jarr-app + key: jwt-access-secret + # Email (scheduled pulls trigger notifications → emails) + - name: RESEND_API_KEY + valueFrom: + secretKeyRef: + name: dev-jarr-app + key: resend-api-key + - name: EMAIL_FROM + value: "noreply@jarrs.eu" + # URLs (used in email templates for links) + - name: BASE_URL + value: "https://dev.jarrs.eu" + - name: WEB_URL + value: "https://dev.jarrs.eu" + # Worker health port (matches default, explicit for clarity) + - name: WORKER_HEALTH_PORT + value: "3001" + ports: + - containerPort: 3001 + name: health + protocol: TCP + resources: + requests: + cpu: 50m + memory: 128Mi + limits: + cpu: 500m + memory: 512Mi + startupProbe: + httpGet: + path: /health + port: health + periodSeconds: 5 + failureThreshold: 12 # 60s max startup (Redis connect + scheduler registration) + timeoutSeconds: 3 + readinessProbe: + httpGet: + path: /health + port: health + initialDelaySeconds: 5 + periodSeconds: 15 + failureThreshold: 3 + timeoutSeconds: 3 + livenessProbe: + httpGet: + path: /health + port: health + initialDelaySeconds: 15 + periodSeconds: 30 + failureThreshold: 5 + timeoutSeconds: 5 \ No newline at end of file