helm_website/templates/deployment.yaml

166 lines
5.4 KiB
YAML

apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}
namespace: {{ .Release.Namespace }}
labels:
{{- include "basic-app.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
{{- include "basic-app.selectorLabels" . | nindent 6 }}
template:
metadata:
labels:
{{- include "basic-app.selectorLabels" . | nindent 8 }}
spec:
initContainers:
- name: git-cloner
image: "{{ .Values.updater.image.repository }}:{{ .Values.updater.image.tag }}"
imagePullPolicy: {{ .Values.updater.image.pullPolicy }}
volumeMounts:
- name: data
mountPath: "/web"
{{- if .Values.updater.ssh.enabled }}
- name: ssh-key
mountPath: "/ssh"
readOnly: true
{{- end}}
command:
- /bin/sh
- -ec
- |
cd /web
test -d .git && exit 0
{{- if .Values.updater.ssh.enabled }}
git clone ${GIT_URL} . --config core.sshCommand="ssh -i /ssh/ssh-key -o StrictHostKeyChecking=accept-new"
{{- else }}
git clone ${GIT_URL} .
{{- end}}
git lfs install
git lfs pull
env:
- name: GIT_URL
value: "{{ .Values.updater.url }}"
containers:
- name: web
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- containerPort: 80
protocol: TCP
name: http-svc
volumeMounts:
- name: data
mountPath: "/var/www/html"
{{- if not (eq "" .Values.configWeb.path) }}
- name: config
mountPath: {{ printf "/var/www/html/%s" .Values.configWeb.path }}
readOnly: true
subPath: {{ .Values.configWeb.key }}
{{- end}}
env:
{{- with .Values.env.plain }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- range .Values.env.configMapKeys }}
- name: {{ .name }}
valueFrom:
configMapKeyRef:
name: {{ .configMapName }}
key: {{ .key }}
{{- end }}
{{- range .Values.env.secretKeys }}
- name: {{ .name }}
valueFrom:
secretKeyRef:
name: {{ .secretName }}
key: {{ .key }}
{{- end }}
envFrom:
{{- range .Values.env.configMapRefs }}
- configMapRef:
name: {{ .name }}
optional: {{ .optional | default false }}
{{- end }}
{{- range .Values.env.secretRefs }}
- secretRef:
name: {{ .name }}
optional: {{ .optional | default false }}
{{- end }}
- name: updater
image: "{{ .Values.updater.image.repository }}:{{ .Values.updater.image.tag }}"
imagePullPolicy: {{ .Values.updater.image.pullPolicy }}
{{- if .Values.updater.ssh.enabled }}
command: ["/webhook-runner.sh", "ssh"]
{{- else }}
command: ["/webhook-runner.sh", "http"]
{{- end }}
ports:
- containerPort: 8000
protocol: TCP
name: webhook-svc
volumeMounts:
- name: data
mountPath: /web
{{- if .Values.updater.ssh.enabled }}
- name: ssh-key
mountPath: "/ssh-key"
readOnly: true
{{- end}}
env:
- name: "DATA_DIR"
value: "/web"
{{- with .Values.updater.env.plain }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.env.plain }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- range .Values.env.configMapKeys }}
- name: {{ .name }}
valueFrom:
configMapKeyRef:
name: {{ .configMapName }}
key: {{ .key }}
{{- end }}
{{- range .Values.env.secretKeys }}
- name: {{ .name }}
valueFrom:
secretKeyRef:
name: {{ .secretName }}
key: {{ .key }}
{{- end }}
envFrom:
{{- range .Values.env.configMapRefs }}
- configMapRef:
name: {{ .name }}
optional: {{ .optional | default false }}
{{- end }}
- secretRef:
name: {{ .Release.Name }}-webhook-secret
{{- range .Values.env.secretRefs }}
- secretRef:
name: {{ .name }}
optional: {{ .optional | default false }}
{{- end }}
volumes:
- name: data
persistentVolumeClaim:
claimName: {{ .Release.Name }}-pvc
{{- if .Values.updater.ssh.enabled }}
- name: ssh-key
secret:
secretName: {{ .Values.updater.ssh.secretName }}
defaultMode: 0400
{{- end }}
{{- if not (eq "" .Values.config-web.path) }}
- name: config
secret:
secretName: {{ .Values.config-web.secretName }}
items:
- key: {{ .Values.config-web.key }}
path: {{ .Values.config-web.key }}
{{- end }}