# PostgreSQL dedicado do tenant (banco da aplicação + banco do Keycloak)
apiVersion: v1
kind: ConfigMap
metadata:
  name: pg-initdb
  namespace: piloto-prod
data:
  01-keycloak.sql: |
    CREATE DATABASE keycloak;
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: postgres-data
  namespace: piloto-prod
spec:
  accessModes: [ReadWriteOnce]
  storageClassName: local-path
  resources:
    requests:
      storage: 5Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: postgres
  namespace: piloto-prod
spec:
  replicas: 1
  selector:
    matchLabels:
      app: postgres
  template:
    metadata:
      labels:
        app: postgres
    spec:
      containers:
        - name: postgres
          image: postgres:16
          ports:
            - containerPort: 5432
          env:
            - name: POSTGRES_DB
              value: athleticmap
            - name: POSTGRES_USER
              value: atm
            - name: POSTGRES_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: db-credentials
                  key: password
            - name: PGDATA
              value: /var/lib/postgresql/data/pgdata
          volumeMounts:
            - name: data
              mountPath: /var/lib/postgresql/data
            - name: initdb
              mountPath: /docker-entrypoint-initdb.d
          readinessProbe:
            exec:
              command: ["pg_isready", "-U", "atm", "-d", "athleticmap"]
            initialDelaySeconds: 10
            periodSeconds: 5
      volumes:
        - name: data
          persistentVolumeClaim:
            claimName: postgres-data
        - name: initdb
          configMap:
            name: pg-initdb
---
apiVersion: v1
kind: Service
metadata:
  name: postgres
  namespace: piloto-prod
spec:
  selector:
    app: postgres
  ports:
    - port: 5432
      targetPort: 5432