-
Notifications
You must be signed in to change notification settings - Fork 89
/
Copy pathdeployment.yaml
68 lines (68 loc) · 2.25 KB
/
deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "cluster-secret.fullname" . }}-account
labels:
{{- include "cluster-secret.labels" . | nindent 4 }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "cluster-secret.fullname" . }}-clustersecret
labels:
app: clustersecret
{{- include "cluster-secret.labels" . | nindent 4 }}
spec:
selector:
matchLabels:
app: clustersecret
{{- include "cluster-secret.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
app: clustersecret
{{- include "cluster-secret.selectorLabels" . | nindent 8 }}
annotations:
{{- range $key, $value := .Values.podAnnotations }}
{{- printf "%s: %s" $key (tpl $value $ | quote) | nindent 8 }}
{{- end }}
spec:
securityContext:
runAsUser: 100 # 100 is set by the container and can NOT be changed here - this would result in a getpwuid() error
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
containers:
- env:
{{- .Values.env | toYaml | nindent 8 }}
- name: KUBERNETES_CLUSTER_DOMAIN
value: {{ .Values.kubernetesClusterDomain }}
- name: CLUSTER_SECRET_VERSION
value: {{ .Chart.AppVersion | quote }}
- name: REPLACE_EXISTING
value: {{ .Values.replace_existing | default "false" | quote }}
image: {{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
name: clustersecret
securityContext:
runAsUser: 100 # 100 is set by the container and can NOT be changed here - this would result in a getpwuid() error
livenessProbe:
httpGet:
path: /healthz
port: 8080
periodSeconds: 120
resources:
{{ toYaml .Values.resources | indent 10 }}
serviceAccountName: {{ include "cluster-secret.fullname" . }}-account
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}