a8c8a0a14d
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Adds complete media storage pipeline with GCS presigned uploads, AI image/video/text generation via queue-based workers, realtime SSE event streaming, and comprehensive skeleton packages (storage, mediagen, textgen, generation, realtime, persona, routing, ai-client). Includes security fixes for media delete authorization, nil pointer guards in handlers, video persistence via download-then-upload, consistent signed URLs, and Image→ImageIcon rename to avoid DOM collision. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
38 lines
897 B
YAML
38 lines
897 B
YAML
apiVersion: v1
|
|
kind: ServiceAccount
|
|
metadata:
|
|
name: citadel-agent
|
|
namespace: observability
|
|
labels:
|
|
app.kubernetes.io/name: citadel-agent
|
|
app.kubernetes.io/part-of: citadel
|
|
---
|
|
# ClusterRole to read pod metadata for log enrichment
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRole
|
|
metadata:
|
|
name: citadel-agent
|
|
labels:
|
|
app.kubernetes.io/name: citadel-agent
|
|
app.kubernetes.io/part-of: citadel
|
|
rules:
|
|
- apiGroups: [""]
|
|
resources: ["pods", "namespaces"]
|
|
verbs: ["get", "list", "watch"]
|
|
---
|
|
apiVersion: rbac.authorization.k8s.io/v1
|
|
kind: ClusterRoleBinding
|
|
metadata:
|
|
name: citadel-agent
|
|
labels:
|
|
app.kubernetes.io/name: citadel-agent
|
|
app.kubernetes.io/part-of: citadel
|
|
roleRef:
|
|
apiGroup: rbac.authorization.k8s.io
|
|
kind: ClusterRole
|
|
name: citadel-agent
|
|
subjects:
|
|
- kind: ServiceAccount
|
|
name: citadel-agent
|
|
namespace: observability
|