apiVersion: v1 kind: Secret metadata: name: postgres-secret namespace: file-transformer type: Opaque data: postgres-password: c2VjdXJlX3Bhc3N3b3JkXzEyMw== # secure_password_123 --- apiVersion: v1 kind: ConfigMap metadata: name: postgres-config namespace: file-transformer data: POSTGRES_DB: file_transformer POSTGRES_USER: file_user --- apiVersion: apps/v1 kind: Deployment metadata: name: postgres namespace: file-transformer labels: app: postgres spec: replicas: 1 selector: matchLabels: app: postgres template: metadata: labels: app: postgres spec: containers: - name: postgres image: postgres:15-alpine ports: - containerPort: 5432 env: - name: POSTGRES_DB valueFrom: configMapKeyRef: name: postgres-config key: POSTGRES_DB - name: POSTGRES_USER valueFrom: configMapKeyRef: name: postgres-config key: POSTGRES_USER - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: name: postgres-secret key: postgres-password volumeMounts: - name: postgres-storage mountPath: /var/lib/postgresql/data - name: postgres-init mountPath: /docker-entrypoint-initdb.d resources: requests: memory: "256Mi" cpu: "250m" limits: memory: "512Mi" cpu: "500m" volumes: - name: postgres-storage persistentVolumeClaim: claimName: postgres-pvc - name: postgres-init configMap: name: postgres-init-script --- apiVersion: v1 kind: Service metadata: name: postgres namespace: file-transformer spec: selector: app: postgres ports: - port: 5432 targetPort: 5432 type: ClusterIP --- apiVersion: v1 kind: PersistentVolumeClaim metadata: name: postgres-pvc namespace: file-transformer spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi