Homyak is a web application built with Go and deployed to Kubernetes via Helm.
# Build the application
make build
# Run the application
./bin/homyak
# Run tests
make testPrerequisites:
- Kubernetes cluster (kubespray-managed)
- kubectl configured
- Helm 3.x installed
- GitHub Container Registry access
# Deploy to production
helm install homyak ./helm --namespace homyak --create-namespace
# Deploy with custom values
helm install homyak ./helm --namespace homyak \
--set image.tag=latest \
--set replicaCount=3- Helm Chart README - Complete guide for deploying with Helm
- Operations Guide - Daily operations, troubleshooting, maintenance
- GitHub Secrets - Required secrets and setup instructions
- cert-manager Setup - TLS certificate configuration
The application follows Clean Architecture principles:
cmd/homyak/ - Application entry point
internal/
domain/ - Business logic and entities
repository/ - Data access layer
usecase/ - Application use cases
transport/ - HTTP handlers and middleware
The project uses GitHub Actions for:
- Build - Docker image builds on every push
- Lint - Code quality checks with golangci-lint
- Deploy - Automatic deployment to Kubernetes on push to
mainbranch
- Triggers: Push to any branch
- Builds Docker image with commit SHA tag
- Pushes to GitHub Container Registry:
ghcr.io/victorzhuk/homyak
- Triggers: Push to
mainbranch, manual workflow_dispatch - Deploys using Helm chart
- Configures Kubernetes via KUBECONFIG_BASE64 secret
- Deploys to
homyaknamespace
Application is configured via environment variables with APP_ prefix:
| Variable | Description | Default |
|---|---|---|
APP_DEBUG |
Enable debug logging | false |
APP_ENV |
Environment (local, development, production) | local |
APP_HTTP_ADDR |
HTTP server address | :8080 |
APP_HTTP_MAX_HEADER_SIZE_MB |
Max header size in MB | 1 |
APP_HTTP_READ_TIMEOUT |
HTTP read timeout | 3s |
APP_HTTP_WRITE_TIMEOUT |
HTTP write timeout | 3s |
APP_FEEDBACK_FORM_URL |
Feedback form redirect URL | http://localhost:8080 |
Environment variables are loaded directly into the application (no ConfigMap/Secret required for this stateless app).
- Go 1.25+
- Docker
- Make
# Build
make build
# Run
make run
# Test
make test
# Lint
make lint-
Deploy:
helm upgrade --install homyak ./helm \ --namespace homyak \ --create-namespace \ --wait \ --timeout 5m
-
Verify:
kubectl get all -n homyak kubectl logs -n homyak -l app.kubernetes.io/name=homyak
Push to main branch triggers:
- Docker image build and push
- Kubernetes deployment via Helm
- Rollout verification
See docs/secrets.md for required GitHub secrets setup.
- Liveness:
GET /healthz- Container restart if fails - Readiness:
GET /readyz- Traffic stops if fails - Metrics:
GET /metrics- Prometheus metrics
# Check pod status
kubectl get pods -n homyak
# View logs
kubectl logs -n homyak -l app.kubernetes.io/name=homyak --tail=100 -f
# Check resource usage
kubectl top pods -n homyak# Describe pod for events
kubectl describe pod <pod-name> -n homyak
# View pod logs
kubectl logs <pod-name> -n homyak# Check rollout status
kubectl rollout status deployment homyak -n homyak
# View history
helm history homyak -n homyak
# Rollback
helm rollback homyak -n homyak# Check certificate
kubectl get certificate -n homyak
# Check cert-manager logs
kubectl logs -n cert-manager -l app.kubernetes.io/name=cert-managerSee docs/operations.md for detailed troubleshooting.
- Runs as non-root user (UID 1000)
- Read-only root filesystem
- No privilege escalation
- All capabilities dropped
- Service account token not mounted
- TLS via Let's Encrypt (cert-manager)
- GitHub: https://github.com/victorzhuk/homyak
- Website: https://victorzh.uk
Contributions welcome! Please read the contribution guidelines before submitting PRs.