7b92332710
- DEVOPS-W-01: Add oliver006/redis_exporter to docker-compose.yml so the existing prometheus.yml scrape job (redis-exporter:9121) resolves - DEVOPS-W-04: Add redis-sentinel.yaml with Redis Sentinel HA setup (1 master StatefulSet + 2 replica StatefulSet + 3 sentinel pods) replacing the single-instance SPOF redis.yaml in staging K8s - DEVOPS-W-05: Add network-policy.yaml with default-deny-all NetworkPolicy + explicit allow rules for inter-service, Traefik ingress, Redis access, Prometheus scrape, and external egress (Neon PostgreSQL, AMQP) - DEVOPS-M-01: Add aquasecurity/trivy-action to docker-build.yml to scan every built image for CRITICAL/HIGH CVEs; results uploaded to GitHub Security tab via SARIF Co-Authored-By: Paperclip <noreply@paperclip.ing>
5.3 KiB
5.3 KiB