Pulpit V2 is the containerized, multi-tenant evolution of Pulpit V1. V1 proved the product and low-cost serverless architecture. V2 exists to demonstrate Kubernetes, EKS, Terraform, Helm, ArgoCD, Prometheus, Grafana, OIDC, IRSA, and service decomposition in a real domain instead of a generic demo app.
Status: initial starter repository seeded from the V1 codebase and V2 architecture plan
Build a production-style SaaS platform for bilingual church sermon search with:
- tenant isolation per church
- containerized ingest, query, and API services
- GitOps deployment flow
- metrics and dashboards that show business and platform behavior
- teardown-friendly infrastructure for portfolio demos
- V1 repo: manynames3/pulpit
- V1 architecture: static frontend + serverless AWS query backend + local ingest runner
- V2 architecture: EKS + microservices + Helm + ArgoCD + Prometheus/Grafana
This repository is not starting from zero. It is seeded from the current Pulpit codebase so the existing retrieval logic, AWS patterns, and ingest behavior can be migrated incrementally instead of rewritten blindly.
ingest-service- pulls YouTube captions
- chunks sermons
- generates embeddings through Bedrock Titan
- stores sermon content and metadata
query-service- receives natural-language questions
- retrieves relevant chunks
- calls Bedrock for cited answers
- exposes Prometheus metrics
api-service- auth/session edge
- tenant-aware request routing
- health and control endpoints for the platform
- Amazon EKS
- Terraform
- Helm
- ArgoCD
- ECR
- IRSA
- External Secrets Operator
- AWS ALB Ingress Controller
- Prometheus, Grafana, Alertmanager
- Amazon DynamoDB
- Amazon S3
- Amazon Bedrock
- Amazon Cognito
pulpit-v2/
├── terraform/ # V2 EKS and platform infrastructure
├── services/ # Containerized FastAPI services
├── helm/ # Helm chart and values
├── manifests/ # GitOps and tenant manifests
├── docs/ # Architecture and runbooks
├── frontend/ # V1 reference code (seed material)
├── frontend-alternative/ # V1 reference code (seed material)
├── lambda/ # V1 reference code (seed material)
├── modules/ # V1 Terraform modules (seed material)
└── scripts/ # V1 ingest/indexing scripts (seed material)
- EKS cluster
- networking
- node groups
- ECR
- OIDC
- ALB ingress controller
- FastAPI service containers
- non-root Dockerfiles
- GitHub Actions build/push flow
- Helm chart
- namespaces
- quotas
- HPA
- External Secrets
- ArgoCD
- app-of-apps pattern
- tenant manifests
- kube-prometheus-stack
- Grafana dashboards
- Alertmanager rules
- cost and latency metrics
- move V1 retrieval logic into
query-service - move V1 ingest/indexing logic into
ingest-service - preserve bilingual search behavior
V1 is a deployable working product. V2 is a platform and DevOps portfolio project. Keeping them separate:
- protects the live V1 deployment
- keeps the recruiter story clean
- isolates Terraform state and CI/CD
- allows aggressive infrastructure experiments without breaking the product demo
This repo now includes:
- V2 folder structure
- Terraform Phase 1 scaffold for VPC, ECR, EKS, and optional GitHub OIDC role setup
- starter FastAPI services with health endpoints
- starter Dockerfiles
- Helm chart with:
- Deployments and Services for
api-serviceandquery-service - CronJob and metrics Service for
ingest-service - ALB-style ingress
- HPA for
query-service ServiceMonitorandPrometheusRulestarters- IRSA-ready service account annotations
ExternalSecretsupport for tenant-scoped runtime configuration
- Deployments and Services for
- tenant manifests for:
bethel-atlantademo-church
- ArgoCD app-of-apps scaffolding for shared namespaces, tenant policies, and tenant workload apps
- starter Grafana dashboard artifact under
helm/observability - starter CI workflow for Terraform validation and container builds
- V2 architecture and runbook docs
- V1 code retained as migration reference
- Apply and verify the Phase 1 EKS stack
- Install ArgoCD, External Secrets Operator, and kube-prometheus-stack into the cluster
- Create tenant IRSA roles and SSM parameter paths
- Validate the tenant apps and dashboard wiring end to end
- Migrate V1 ingest and query logic into services