TazLab K8s: hugo-wiki Detail

Level 3 (Detail) — Wiki deployment, ingress, TLS, and image automation.

Concept

hugo-wiki serves the static Hugo-generated wiki (this site) at wiki.tazlab.net. It follows the same deployment pattern as hugo-blog but uses a separate image pipeline and namespace.

Manifests

File: apps/base/hugo-wiki/

FilePurpose
hugo-wiki.yamlDeployment + Service + Ingress (all in one file)

Deployment

FieldValue
Imagetazzo/tazlab-wiki:wiki-<N>-<sha>
Port80
Replicas1
Namespacehugo-wiki

Image line with flux setter marker:

image: tazzo/tazlab-wiki:wiki-2-a2d807775cc7578fd27155601e1ac5b38443ead8 # {"$imagepolicy": "flux-system:hugo-wiki"}

Ingress

FieldValue
Hostnamewiki.tazlab.net
TLSwildcard-tls (ExternalSecret from Vault tazlab-secrets-vault)
Entrypointsweb, websecure
AnnotationsHomepage integration (group: Developer, icon: book-open.svg)

The wiki uses the wildcard TLS certificate delivered through ExternalSecret in the hugo-wiki namespace, not a cert-manager Certificate.

Image Automation

File: infrastructure/automation/hugo-wiki/automation.yaml

ResourceNameDetails
ImageRepositoryhugo-wikitazzo/tazlab-wiki, poll 1m
ImagePolicyhugo-wikiTag ^wiki-(?P<value>[0-9]+)-.*$, numerical asc
ImageUpdateAutomationhugo-wikiCommits to ./apps/base/hugo-wiki, strategy Setters

Delivery Chain

wiki.tazlab.net (Git push) → GitHub Action (publish.yml) → Docker Hub (tazzo/tazlab-wiki:wiki-<N>-<sha>)
→ Flux ImageRepository (poll 1m) → ImagePolicy → ImageUpdateAutomation (commit)
→ Flux reconcile apps-static-wiki → Deployment rollout

DAG Position

configs (Level 2, creates wildcard-tls + wiki ExternalSecrets)
→ apps-static-wiki (Level 3, deploys hugo-wiki)

See Also