diff --git a/deployments/k8s/base/claudebox.yaml b/deployments/k8s/base/claudebox.yaml index 45a20a1..8e78dd8 100644 --- a/deployments/k8s/base/claudebox.yaml +++ b/deployments/k8s/base/claudebox.yaml @@ -21,7 +21,7 @@ spec: spec: containers: - name: claudebox - image: us-central1-docker.pkg.dev/orchard9/docker-images/rdev-claudebox:v0.1.0 + image: ghcr.io/orchard9/rdev-claudebox:v0.1.0 imagePullPolicy: Always resources: @@ -37,10 +37,9 @@ spec: - name: workspace mountPath: /workspace - # Claude credentials (from secret) - - name: claude-credentials + # Claude config directory (persistent for auth) + - name: claude-config mountPath: /root/.claude - readOnly: true # Simple liveness check - container is running livenessProbe: @@ -66,14 +65,13 @@ spec: persistentVolumeClaim: claimName: claudebox-workspace - - name: claude-credentials - secret: - secretName: claude-credentials - defaultMode: 0600 + - name: claude-config + persistentVolumeClaim: + claimName: claudebox-claude-config - # Pull from Artifact Registry + # Pull from GitHub Container Registry imagePullSecrets: - - name: gcr-secret + - name: ghcr-secret --- # Headless service for StatefulSet apiVersion: v1 diff --git a/deployments/k8s/base/pvc.yaml b/deployments/k8s/base/pvc.yaml index 65b5213..b430a4d 100644 --- a/deployments/k8s/base/pvc.yaml +++ b/deployments/k8s/base/pvc.yaml @@ -13,3 +13,19 @@ spec: resources: requests: storage: 20Gi +--- +apiVersion: v1 +kind: PersistentVolumeClaim +metadata: + name: claudebox-claude-config + namespace: rdev + labels: + app.kubernetes.io/name: claudebox + app.kubernetes.io/part-of: rdev +spec: + accessModes: + - ReadWriteOnce + storageClassName: longhorn + resources: + requests: + storage: 1Gi diff --git a/scripts/build-push.sh b/scripts/build-push.sh index 8a10c68..2b35f60 100755 --- a/scripts/build-push.sh +++ b/scripts/build-push.sh @@ -1,5 +1,5 @@ #!/bin/bash -# Build and push claudebox image to Artifact Registry +# Build and push claudebox image to GitHub Container Registry set -e @@ -7,7 +7,7 @@ SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_ROOT="$(dirname "$SCRIPT_DIR")" # Image configuration -REGISTRY="us-central1-docker.pkg.dev/orchard9/docker-images" +REGISTRY="ghcr.io/orchard9" IMAGE_NAME="rdev-claudebox" VERSION="${1:-latest}" @@ -19,11 +19,11 @@ echo "" cd "$PROJECT_ROOT" -# Build the image -docker build -t "$IMAGE_TAG" -t "$REGISTRY/$IMAGE_NAME:latest" . +# Build the image for linux/amd64 (k3s nodes are amd64) +docker build --platform linux/amd64 -t "$IMAGE_TAG" -t "$REGISTRY/$IMAGE_NAME:latest" . echo "" -echo "Pushing to Artifact Registry..." +echo "Pushing to GitHub Container Registry..." # Push both tags docker push "$IMAGE_TAG" diff --git a/scripts/deploy.sh b/scripts/deploy.sh index 9e2abbd..30dbb9d 100755 --- a/scripts/deploy.sh +++ b/scripts/deploy.sh @@ -24,26 +24,21 @@ kubectl cluster-info > /dev/null || { exit 1 } -# Check if credentials secret exists -if ! kubectl get secret claude-credentials -n rdev > /dev/null 2>&1; then - echo "" - echo "Warning: claude-credentials secret not found!" - echo "Run ./scripts/create-credentials-secret.sh first" - echo "" - read -p "Continue anyway? (y/N) " -n 1 -r - echo - if [[ ! $REPLY =~ ^[Yy]$ ]]; then - exit 1 - fi -fi +# Note: Claude auth is stored in a PVC, not a secret +# User will authenticate via: kubectl exec -it -n rdev claudebox-0 -- claude login -# Check if gcr-secret exists in rdev namespace -if ! kubectl get secret gcr-secret -n rdev > /dev/null 2>&1; then +# Check if ghcr-secret exists in rdev namespace +if ! kubectl get secret ghcr-secret -n rdev > /dev/null 2>&1; then echo "" - echo "Copying gcr-secret from apps namespace to rdev..." - kubectl get secret gcr-secret -n apps -o yaml | \ + echo "Copying ghcr-secret from apps namespace to rdev..." + kubectl get secret ghcr-secret -n apps -o yaml | \ sed 's/namespace: apps/namespace: rdev/' | \ - kubectl apply -f - + kubectl apply -f - 2>/dev/null || { + echo "ghcr-secret not found in apps namespace, checking default..." + kubectl get secret ghcr-secret -n default -o yaml | \ + sed 's/namespace: default/namespace: rdev/' | \ + kubectl apply -f - + } fi # Apply manifests