apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Release.Name }} namespace: {{ .Release.Namespace }} labels: {{- include "basic-app.labels" . | nindent 4 }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "basic-app.selectorLabels" . | nindent 6 }} template: metadata: labels: {{- include "basic-app.selectorLabels" . | nindent 8 }} spec: initContainers: - name: git-cloner image: "{{ .Values.updater.image.repository }}:{{ .Values.updater.image.tag }}" imagePullPolicy: {{ .Values.updater.image.pullPolicy }} volumeMounts: - name: data mountPath: "/web" {{- if .Values.updater.ssh.enabled }} - name: ssh-key mountPath: "/ssh" readOnly: true {{- end}} command: - /bin/sh - -ec - | cd /web test -d .git && exit 0 {{- if .Values.updater.ssh.enabled }} git clone ${GIT_URL} . --config core.sshCommand="ssh -i /ssh/ssh-key -o StrictHostKeyChecking=accept-new" {{- else }} git clone ${GIT_URL} . {{- end}} git lfs install git lfs pull env: - name: GIT_URL value: "{{ .Values.updater.url }}" containers: - name: web image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - containerPort: 80 protocol: TCP name: http-svc volumeMounts: - name: data mountPath: "/var/www/html" {{- if not (eq "" .Values.configWeb.path) }} - name: config mountPath: {{ printf "/var/www/html/%s" .Values.configWeb.path }} readOnly: true subPath: {{ .Values.configWeb.key }} {{- end}} env: {{- with .Values.env.plain }} {{- toYaml . | nindent 12 }} {{- end }} {{- range .Values.env.configMapKeys }} - name: {{ .name }} valueFrom: configMapKeyRef: name: {{ .configMapName }} key: {{ .key }} {{- end }} {{- range .Values.env.secretKeys }} - name: {{ .name }} valueFrom: secretKeyRef: name: {{ .secretName }} key: {{ .key }} {{- end }} envFrom: {{- range .Values.env.configMapRefs }} - configMapRef: name: {{ .name }} optional: {{ .optional | default false }} {{- end }} {{- range .Values.env.secretRefs }} - secretRef: name: {{ .name }} optional: {{ .optional | default false }} {{- end }} - name: updater image: "{{ .Values.updater.image.repository }}:{{ .Values.updater.image.tag }}" imagePullPolicy: {{ .Values.updater.image.pullPolicy }} {{- if .Values.updater.ssh.enabled }} command: ["/webhook-runner.sh", "ssh"] {{- else }} command: ["/webhook-runner.sh", "http"] {{- end }} ports: - containerPort: 8000 protocol: TCP name: webhook-svc volumeMounts: - name: data mountPath: /web {{- if .Values.updater.ssh.enabled }} - name: ssh-key mountPath: "/ssh-key" readOnly: true {{- end}} env: - name: "DATA_DIR" value: "/web" {{- with .Values.updater.env.plain }} {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.env.plain }} {{- toYaml . | nindent 12 }} {{- end }} {{- range .Values.env.configMapKeys }} - name: {{ .name }} valueFrom: configMapKeyRef: name: {{ .configMapName }} key: {{ .key }} {{- end }} {{- range .Values.env.secretKeys }} - name: {{ .name }} valueFrom: secretKeyRef: name: {{ .secretName }} key: {{ .key }} {{- end }} envFrom: {{- range .Values.env.configMapRefs }} - configMapRef: name: {{ .name }} optional: {{ .optional | default false }} {{- end }} - secretRef: name: {{ .Release.Name }}-webhook-secret {{- range .Values.env.secretRefs }} - secretRef: name: {{ .name }} optional: {{ .optional | default false }} {{- end }} volumes: - name: data persistentVolumeClaim: claimName: {{ .Release.Name }}-pvc {{- if .Values.updater.ssh.enabled }} - name: ssh-key secret: secretName: {{ .Values.updater.ssh.secretName }} defaultMode: 0400 {{- end }} {{- if not (eq "" .Values.config-web.path) }} - name: config secret: secretName: {{ .Values.config-web.secretName }} items: - key: {{ .Values.config-web.key }} path: {{ .Values.config-web.key }} {{- end }}