{{/* Deployments — One per enabled service. All pods share app-data-pvc mounted at /data. */}} {{/* ============================================================ gitdata — Main API server ============================================================ */}} {{- if .Values.gitdata.enabled }} {{- $svc := .Values.gitdata }} --- apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "app.serviceFullname" (dict "root" . "name" "gitdata") }} namespace: {{ include "app.namespace" . }} labels: {{- include "app.serviceLabels" (dict "root" . "name" "gitdata") | nindent 4 }} spec: replicas: {{ $svc.replicaCount }} selector: matchLabels: {{- include "app.serviceSelectorLabels" (dict "root" . "name" "gitdata") | nindent 6 }} template: metadata: annotations: {{- with $svc.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "app.serviceLabels" (dict "root" . "name" "gitdata") | nindent 8 }} spec: {{- include "app.imagePullSecrets" . | nindent 6 }} serviceAccountName: {{ include "app.serviceAccountName" . }} securityContext: {{- toYaml $svc.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} image: {{ include "app.image" (dict "root" . "svc" $svc.image) }} imagePullPolicy: {{ .Values.global.image.pullPolicy }} ports: - name: http containerPort: 8080 protocol: TCP envFrom: - configMapRef: name: {{ include "app.fullname" . }} resources: {{- toYaml $svc.resources | nindent 12 }} securityContext: {{- toYaml $svc.securityContext | nindent 12 }} volumeMounts: - name: data mountPath: /data {{- with $svc.volumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} startupProbe: httpGet: path: {{ $svc.startupProbe.httpGet.path }} port: {{ $svc.startupProbe.httpGet.port }} initialDelaySeconds: {{ $svc.startupProbe.initialDelaySeconds }} periodSeconds: {{ $svc.startupProbe.periodSeconds }} failureThreshold: {{ $svc.startupProbe.failureThreshold }} livenessProbe: httpGet: path: {{ $svc.livenessProbe.httpGet.path }} port: {{ $svc.livenessProbe.httpGet.port }} periodSeconds: {{ $svc.livenessProbe.periodSeconds }} readinessProbe: httpGet: path: {{ $svc.readinessProbe.httpGet.path }} port: {{ $svc.readinessProbe.httpGet.port }} periodSeconds: {{ $svc.readinessProbe.periodSeconds }} volumes: - name: data persistentVolumeClaim: claimName: app-data-pvc {{- with $svc.volumes }} {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} {{/* ============================================================ gitpod — Git protocol server (HTTP + SSH + gRPC) ============================================================ */}} {{- if .Values.gitpod.enabled }} {{- $svc := .Values.gitpod }} --- apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "app.serviceFullname" (dict "root" . "name" "gitpod") }} namespace: {{ include "app.namespace" . }} labels: {{- include "app.serviceLabels" (dict "root" . "name" "gitpod") | nindent 4 }} spec: replicas: {{ $svc.replicaCount }} selector: matchLabels: {{- include "app.serviceSelectorLabels" (dict "root" . "name" "gitpod") | nindent 6 }} template: metadata: annotations: {{- with $svc.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "app.serviceLabels" (dict "root" . "name" "gitpod") | nindent 8 }} spec: {{- include "app.imagePullSecrets" . | nindent 6 }} serviceAccountName: {{ include "app.serviceAccountName" . }} securityContext: {{- toYaml $svc.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} image: {{ include "app.image" (dict "root" . "svc" $svc.image) }} imagePullPolicy: {{ .Values.global.image.pullPolicy }} ports: - name: http containerPort: 8080 protocol: TCP - name: ssh containerPort: 2222 protocol: TCP - name: grpc containerPort: 50051 protocol: TCP envFrom: - configMapRef: name: {{ include "app.fullname" . }} resources: {{- toYaml $svc.resources | nindent 12 }} securityContext: {{- toYaml $svc.securityContext | nindent 12 }} volumeMounts: - name: data mountPath: /data {{- with $svc.volumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} {{- if $svc.sshHostKeySecret }} - name: ssh-host-key mountPath: /etc/ssh readOnly: true {{- end }} startupProbe: httpGet: path: {{ $svc.startupProbe.httpGet.path }} port: {{ $svc.startupProbe.httpGet.port }} initialDelaySeconds: {{ $svc.startupProbe.initialDelaySeconds }} periodSeconds: {{ $svc.startupProbe.periodSeconds }} failureThreshold: {{ $svc.startupProbe.failureThreshold }} livenessProbe: httpGet: path: {{ $svc.livenessProbe.httpGet.path }} port: {{ $svc.livenessProbe.httpGet.port }} periodSeconds: {{ $svc.livenessProbe.periodSeconds }} readinessProbe: httpGet: path: {{ $svc.readinessProbe.httpGet.path }} port: {{ $svc.readinessProbe.httpGet.port }} periodSeconds: {{ $svc.readinessProbe.periodSeconds }} volumes: - name: data persistentVolumeClaim: claimName: app-data-pvc {{- if $svc.sshHostKeySecret }} - name: ssh-host-key secret: secretName: {{ $svc.sshHostKeySecret }} defaultMode: 0600 {{- end }} {{- with $svc.volumes }} {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} {{/* ============================================================ gitsync — Git sync worker ============================================================ */}} {{- if .Values.gitsync.enabled }} {{- $svc := .Values.gitsync }} --- apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "app.serviceFullname" (dict "root" . "name" "gitsync") }} namespace: {{ include "app.namespace" . }} labels: {{- include "app.serviceLabels" (dict "root" . "name" "gitsync") | nindent 4 }} spec: replicas: {{ $svc.replicaCount }} selector: matchLabels: {{- include "app.serviceSelectorLabels" (dict "root" . "name" "gitsync") | nindent 6 }} template: metadata: annotations: {{- with $svc.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "app.serviceLabels" (dict "root" . "name" "gitsync") | nindent 8 }} spec: {{- include "app.imagePullSecrets" . | nindent 6 }} serviceAccountName: {{ include "app.serviceAccountName" . }} securityContext: {{- toYaml $svc.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} image: {{ include "app.image" (dict "root" . "svc" $svc.image) }} imagePullPolicy: {{ .Values.global.image.pullPolicy }} ports: - name: health containerPort: 8081 protocol: TCP envFrom: - configMapRef: name: {{ include "app.fullname" . }} resources: {{- toYaml $svc.resources | nindent 12 }} securityContext: {{- toYaml $svc.securityContext | nindent 12 }} volumeMounts: - name: data mountPath: /data {{- with $svc.volumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} startupProbe: httpGet: path: {{ $svc.startupProbe.httpGet.path }} port: {{ $svc.startupProbe.httpGet.port }} initialDelaySeconds: {{ $svc.startupProbe.initialDelaySeconds }} periodSeconds: {{ $svc.startupProbe.periodSeconds }} failureThreshold: {{ $svc.startupProbe.failureThreshold }} livenessProbe: httpGet: path: {{ $svc.livenessProbe.httpGet.path }} port: {{ $svc.livenessProbe.httpGet.port }} periodSeconds: {{ $svc.livenessProbe.periodSeconds }} readinessProbe: httpGet: path: {{ $svc.readinessProbe.httpGet.path }} port: {{ $svc.readinessProbe.httpGet.port }} periodSeconds: {{ $svc.readinessProbe.periodSeconds }} volumes: - name: data persistentVolumeClaim: claimName: app-data-pvc {{- with $svc.volumes }} {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- end }} {{/* ============================================================ email — Email worker service ============================================================ */}} {{- if .Values.email.enabled }} {{- $svc := .Values.email }} --- apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "app.serviceFullname" (dict "root" . "name" "email") }} namespace: {{ include "app.namespace" . }} labels: {{- include "app.serviceLabels" (dict "root" . "name" "email") | nindent 4 }} spec: replicas: {{ $svc.replicaCount }} selector: matchLabels: {{- include "app.serviceSelectorLabels" (dict "root" . "name" "email") | nindent 6 }} template: metadata: annotations: {{- with $svc.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "app.serviceLabels" (dict "root" . "name" "email") | nindent 8 }} spec: {{- include "app.imagePullSecrets" . | nindent 6 }} serviceAccountName: {{ include "app.serviceAccountName" . }} securityContext: {{- toYaml $svc.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} image: {{ include "app.image" (dict "root" . "svc" $svc.image) }} imagePullPolicy: {{ .Values.global.image.pullPolicy }} ports: - name: health containerPort: 8083 protocol: TCP envFrom: - configMapRef: name: {{ include "app.fullname" . }} resources: {{- toYaml $svc.resources | nindent 12 }} securityContext: {{- toYaml $svc.securityContext | nindent 12 }} volumeMounts: - name: data mountPath: /data {{- with $svc.volumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} startupProbe: httpGet: path: {{ $svc.startupProbe.httpGet.path }} port: {{ $svc.startupProbe.httpGet.port }} initialDelaySeconds: {{ $svc.startupProbe.initialDelaySeconds }} periodSeconds: {{ $svc.startupProbe.periodSeconds }} failureThreshold: {{ $svc.startupProbe.failureThreshold }} livenessProbe: httpGet: path: {{ $svc.livenessProbe.httpGet.path }} port: {{ $svc.livenessProbe.httpGet.port }} periodSeconds: {{ $svc.livenessProbe.periodSeconds }} readinessProbe: httpGet: path: {{ $svc.readinessProbe.httpGet.path }} port: {{ $svc.readinessProbe.httpGet.port }} periodSeconds: {{ $svc.readinessProbe.periodSeconds }} volumes: - name: data persistentVolumeClaim: claimName: app-data-pvc {{- with $svc.volumes }} {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- with $svc.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- end }}