TazLab K8s: hugo-wiki Detail
Level 3 (Detail) — Wiki deployment, ingress, TLS, and image automation.
Concept
hugo-wiki serves the static Hugo-generated wiki (this site) at wiki.tazlab.net. It follows the same deployment pattern as hugo-blog but uses a separate image pipeline and namespace.
Manifests
File: apps/base/hugo-wiki/
| File | Purpose |
|---|---|
hugo-wiki.yaml | Deployment + Service + Ingress (all in one file) |
Deployment
| Field | Value |
|---|---|
| Image | tazzo/tazlab-wiki:wiki-<N>-<sha> |
| Port | 80 |
| Replicas | 1 |
| Namespace | hugo-wiki |
Image line with flux setter marker:
image: tazzo/tazlab-wiki:wiki-2-a2d807775cc7578fd27155601e1ac5b38443ead8 # {"$imagepolicy": "flux-system:hugo-wiki"}
Ingress
| Field | Value |
|---|---|
| Hostname | wiki.tazlab.net |
| TLS | wildcard-tls (ExternalSecret from Vault tazlab-secrets-vault) |
| Entrypoints | web, websecure |
| Annotations | Homepage integration (group: Developer, icon: book-open.svg) |
The wiki uses the wildcard TLS certificate delivered through ExternalSecret in the hugo-wiki namespace, not a cert-manager Certificate.
Image Automation
File: infrastructure/automation/hugo-wiki/automation.yaml
| Resource | Name | Details |
|---|---|---|
| ImageRepository | hugo-wiki | tazzo/tazlab-wiki, poll 1m |
| ImagePolicy | hugo-wiki | Tag ^wiki-(?P<value>[0-9]+)-.*$, numerical asc |
| ImageUpdateAutomation | hugo-wiki | Commits to ./apps/base/hugo-wiki, strategy Setters |
Delivery Chain
wiki.tazlab.net (Git push) → GitHub Action (publish.yml) → Docker Hub (tazzo/tazlab-wiki:wiki-<N>-<sha>)
→ Flux ImageRepository (poll 1m) → ImagePolicy → ImageUpdateAutomation (commit)
→ Flux reconcile apps-static-wiki → Deployment rollout
DAG Position
configs (Level 2, creates wildcard-tls + wiki ExternalSecrets)
→ apps-static-wiki (Level 3, deploys hugo-wiki)
See Also
- Parent hub: tazlab-k8s
- Sibling detail: hugo-blog Detail
- Source repo: wiki.tazlab.net
- Image automation: Image Automation Detail