Problem
The docs cover Docker images, rolling deploys, and managed-Postgres specifics (including the Cloud SQL / AlloyDB auth-proxy native-sidecar pattern as raw pod YAML), but there is no installable Kubernetes artifact. Every team currently hand-writes Deployments for workers and the UI, a migrations hook, and probes — and makes the same decisions (one DDL owner, runtime-only grants for workers, maintenance leadership is in-process so no separate ticker) that the docs already prescribe.
Proposal
A first-party Helm chart (or kustomize base — decide which) covering:
- Worker Deployment — replicas,
DATABASE_URL from secret, resource requests, graceful-shutdown terminationGracePeriodSeconds aligned with job deadlines, optional auth-proxy native sidecar (matching the documented Cloud SQL/AlloyDB pattern).
- Migrations Job / hook —
awa migrate as the single DDL owner (pre-install/pre-upgrade hook), so workers run with runtime-only grants per docs/security.md.
- UI Deployment + Service —
awa serve, --read-only toggle, sized small; ingress deliberately left to the operator (pairs with the admin-auth issue).
- Probes — what liveness/readiness mean for a worker (DB reachability vs. runtime registration) needs a documented answer; if a health endpoint is missing for workers, that's a sub-task.
- No external ticker — chart docs should state explicitly that maintenance/cron are leader-elected inside workers (ADR-007), since k8s users habitually reach for CronJobs.
Decisions needed: chart location (charts/ in-repo vs. separate repo), publish target (OCI registry / GH pages), chart-lint + kind-based smoke in CI, and whether the version tracks the app version.
Refs: ADR-007, ADR-028, docs/deployment.md, docs/deploying-on-managed-postgres.md, docs/security.md.
Problem
The docs cover Docker images, rolling deploys, and managed-Postgres specifics (including the Cloud SQL / AlloyDB auth-proxy native-sidecar pattern as raw pod YAML), but there is no installable Kubernetes artifact. Every team currently hand-writes Deployments for workers and the UI, a migrations hook, and probes — and makes the same decisions (one DDL owner, runtime-only grants for workers, maintenance leadership is in-process so no separate ticker) that the docs already prescribe.
Proposal
A first-party Helm chart (or kustomize base — decide which) covering:
DATABASE_URLfrom secret, resource requests, graceful-shutdownterminationGracePeriodSecondsaligned with job deadlines, optional auth-proxy native sidecar (matching the documented Cloud SQL/AlloyDB pattern).awa migrateas the single DDL owner (pre-install/pre-upgrade hook), so workers run with runtime-only grants perdocs/security.md.awa serve,--read-onlytoggle, sized small; ingress deliberately left to the operator (pairs with the admin-auth issue).Decisions needed: chart location (
charts/in-repo vs. separate repo), publish target (OCI registry / GH pages), chart-lint + kind-based smoke in CI, and whether the version tracks the app version.Refs: ADR-007, ADR-028,
docs/deployment.md,docs/deploying-on-managed-postgres.md,docs/security.md.