apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: plane
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  ignoreDifferences:
    # PVCs - creationTimestamp und Status ignorieren
    - group: ""
      kind: PersistentVolumeClaim
      jsonPointers:
        - /metadata/creationTimestamp
        - /status
    
    # StatefulSets - alle volumeClaimTemplates komplett ignorieren
    - group: apps
      kind: StatefulSet
      jsonPointers:
        - /spec/volumeClaimTemplates
        - /status
        - /spec/replicas
    
    # Worker Deployment - Replica Status ignorieren
    - group: apps
      kind: Deployment
      name: plane-worker-wl
      jsonPointers:
        - /status
        
  project: default
  source:
    repoURL: 'https://helm.plane.so/'
    chart: 'plane-ce'
    targetRevision: 1.3.3
    helm:
      values: |
        
        ingress:
          enabled: true
          appHost: "plane.innovation-hub-niedersachsen.de"
          ingressClass: "traefik"
          ingress_annotations:
            cert-manager.io/cluster-issuer: lets-encrypt
            traefik.ingress.kubernetes.io/router.entrypoints: websecure
        
        ssl:
          tls_secret_name: "plane-tls"
          createIssuer: false
          generateCerts: false
        
        minio:
          local_setup: false
        
        env:
          docstore_bucket: "planedocstore"
          doc_upload_size_limit: "5242880"
          aws_access_key: "a0ccb47cc0994bf51ecd"
          aws_secret_access_key: "0d54ee2f943f2a56b8cafc3afe9cb1e2f9fecac2"
          aws_region: "eu-central-1"
          aws_s3_endpoint_url: "https://sws3.innovation-hub-niedersachsen.de"
          # Celery Worker Konfiguration - Optimiert für Stabilität
          CELERY_WORKER_CONCURRENCY: "2"
          CELERY_WORKER_MAX_TASKS_PER_CHILD: "100"
          CELERY_WORKER_MAX_MEMORY_PER_CHILD: "200000"
          # Task Timeouts zur Vermeidung von Memory-Leaks
          CELERY_TASK_SOFT_TIME_LIMIT: "300"
          CELERY_TASK_TIME_LIMIT: "600"
        
        # Worker-spezifische Einstellungen
        worker:
          replicas: 1
          # Reduzierte Concurrency für bessere Memory-Nutzung
          concurrency: 1
          resources:
            requests:
              memory: "4Gi"
              cpu: "500m"
            limits:
              memory: "8Gi"
              cpu: "2000m"
          # Vereinfachte Health Checks
          readinessProbe:
            exec:
              command:
                - /bin/sh
                - -c
                - celery -A plane inspect ping -d celery@$HOSTNAME -t 5
            initialDelaySeconds: 60
            periodSeconds: 60
            timeoutSeconds: 15
            failureThreshold: 5
          livenessProbe:
            exec:
              command:
                - /bin/sh
                - -c
                - celery -A plane inspect ping -d celery@$HOSTNAME -t 5
            initialDelaySeconds: 120
            periodSeconds: 120
            timeoutSeconds: 15
            failureThreshold: 5
          
  destination:
    server: 'https://kubernetes.default.svc'
    namespace: plane
    
  syncPolicy:
    managedNamespaceMetadata:
      labels:
        pod-security.kubernetes.io/enforce: "privileged"
    automated:
      selfHeal: true
      prune: true
    syncOptions:
      - CreateNamespace=true
      - ServerSideApply=true
      - PruneLast=true
      - RespectIgnoreDifferences=true