Initial commit: Resume site with Flux CD automation

- Add HTML comment for hiring pipeline
- Configure Helm chart for Kubernetes deployment
- Set up ingress for resume.caffeinetux.com
- Configure Harbor registry at images.caffeinetux.com
- Add Flux CD manifests for GitOps deployment
- Update CI workflow for Harbor integration

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

flux/README.md

@@ -0,0 +1,86 @@
+# Flux Deployment for Resume Site
+
+This directory contains Flux CD manifests for automated deployment of the resume site to Kubernetes.
+
+## Prerequisites
+
+1. Flux CD installed in your cluster
+2. Gitea repository created and pushed
+3. Harbor credentials configured
+4. Docker image built and pushed to Harbor
+
+## Setup Instructions
+
+### 1. Update GitRepository URL
+
+Edit `gitrepository.yaml` and replace the placeholder URL with your actual Gitea repository URL:
+
+```yaml
+url: https://your-gitea-url/username/resume-site.git
+```
+
+### 2. Build and Push Docker Image
+
+```bash
+# Login to Harbor
+docker login images.caffeinetux.com
+
+# Build the image
+docker build -t images.caffeinetux.com/production/resume-site:latest .
+
+# Push to Harbor
+docker push images.caffeinetux.com/production/resume-site:latest
+```
+
+### 3. Deploy with Flux
+
+Apply the Flux manifests to your cluster:
+
+```bash
+kubectl apply -k flux/
+```
+
+Flux will:
+- Clone the Git repository
+- Deploy the Helm chart from `./helm`
+- Create an Ingress at https://resume.caffeinetux.com
+- Automatically sync changes from Git
+
+### 4. Verify Deployment
+
+```bash
+# Check Flux GitRepository
+kubectl get gitrepository -n flux-system resume-site
+
+# Check Flux HelmRelease
+kubectl get helmrelease -n default resume-site
+
+# Check pods
+kubectl get pods -n default -l app.kubernetes.io/name=resume-site
+
+# Check ingress
+kubectl get ingress -n default
+```
+
+## Automatic Updates
+
+Flux checks the Git repository every minute. Any changes to the `helm/` directory will trigger an automatic update of the deployment.
+
+## Secrets
+
+If you need to configure Harbor image pull secrets:
+
+```bash
+kubectl create secret docker-registry harbor-creds \
+  --docker-server=images.caffeinetux.com \
+  --docker-username=YOUR_USERNAME \
+  --docker-password=YOUR_PASSWORD \
+  --namespace=default
+```
+
+Then update `helm/values.yaml`:
+
+```yaml
+imagePullSecrets:
+  - name: harbor-creds
+```

flux/gitrepository.yaml

@@ -0,0 +1,15 @@
+apiVersion: source.toolkit.fluxcd.io/v1
+kind: GitRepository
+metadata:
+  name: resume-site
+  namespace: flux-system
+spec:
+  interval: 1m
+  url: https://GITEA_URL/GITEA_USER/resume-site.git  # Update with actual Gitea URL
+  ref:
+    branch: main
+  ignore: |
+    # exclude all
+    /*
+    # include helm chart
+    !/helm/

flux/helmrelease.yaml

@@ -0,0 +1,36 @@
+apiVersion: helm.toolkit.fluxcd.io/v2
+kind: HelmRelease
+metadata:
+  name: resume-site
+  namespace: default
+spec:
+  interval: 5m
+  chart:
+    spec:
+      chart: ./helm
+      sourceRef:
+        kind: GitRepository
+        name: resume-site
+        namespace: flux-system
+      interval: 1m
+  values:
+    replicaCount: 2
+    image:
+      repository: images.caffeinetux.com/production/resume-site
+      pullPolicy: IfNotPresent
+      tag: "latest"
+    ingress:
+      enabled: true
+      className: nginx
+      annotations:
+        cert-manager.io/cluster-issuer: letsencrypt-prod
+        nginx.ingress.kubernetes.io/ssl-redirect: "true"
+      hosts:
+        - host: resume.caffeinetux.com
+          paths:
+            - path: /
+              pathType: Prefix
+      tls:
+        - secretName: resume-tls
+          hosts:
+            - resume.caffeinetux.com

flux/kustomization.yaml

@@ -0,0 +1,5 @@
+apiVersion: kustomize.config.k8s.io/v1beta1
+kind: Kustomization
+resources:
+  - gitrepository.yaml
+  - helmrelease.yaml