382 lines
13 KiB
YAML
382 lines
13 KiB
YAML
{{/*
|
|
Deployments — One per enabled service.
|
|
All pods share app-data-pvc mounted at /data.
|
|
*/}}
|
|
|
|
{{/* ============================================================
|
|
gitdata — Main API server
|
|
============================================================ */}}
|
|
{{- if .Values.gitdata.enabled }}
|
|
{{- $svc := .Values.gitdata }}
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "app.serviceFullname" (dict "root" . "name" "gitdata") }}
|
|
namespace: {{ include "app.namespace" . }}
|
|
labels:
|
|
{{- include "app.serviceLabels" (dict "root" . "name" "gitdata") | nindent 4 }}
|
|
spec:
|
|
replicas: {{ $svc.replicaCount }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "app.serviceSelectorLabels" (dict "root" . "name" "gitdata") | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
{{- with $svc.podAnnotations }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "app.serviceLabels" (dict "root" . "name" "gitdata") | nindent 8 }}
|
|
spec:
|
|
{{- include "app.imagePullSecrets" . | nindent 6 }}
|
|
serviceAccountName: {{ include "app.serviceAccountName" . }}
|
|
securityContext:
|
|
{{- toYaml $svc.podSecurityContext | nindent 8 }}
|
|
containers:
|
|
- name: {{ .Chart.Name }}
|
|
image: {{ include "app.image" (dict "root" . "svc" $svc.image) }}
|
|
imagePullPolicy: {{ .Values.global.image.pullPolicy }}
|
|
ports:
|
|
- name: http
|
|
containerPort: 8080
|
|
protocol: TCP
|
|
envFrom:
|
|
- configMapRef:
|
|
name: {{ include "app.fullname" . }}
|
|
resources:
|
|
{{- toYaml $svc.resources | nindent 12 }}
|
|
securityContext:
|
|
{{- toYaml $svc.securityContext | nindent 12 }}
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data
|
|
{{- with $svc.volumeMounts }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
startupProbe:
|
|
httpGet:
|
|
path: {{ $svc.startupProbe.httpGet.path }}
|
|
port: {{ $svc.startupProbe.httpGet.port }}
|
|
initialDelaySeconds: {{ $svc.startupProbe.initialDelaySeconds }}
|
|
periodSeconds: {{ $svc.startupProbe.periodSeconds }}
|
|
failureThreshold: {{ $svc.startupProbe.failureThreshold }}
|
|
livenessProbe:
|
|
httpGet:
|
|
path: {{ $svc.livenessProbe.httpGet.path }}
|
|
port: {{ $svc.livenessProbe.httpGet.port }}
|
|
periodSeconds: {{ $svc.livenessProbe.periodSeconds }}
|
|
readinessProbe:
|
|
httpGet:
|
|
path: {{ $svc.readinessProbe.httpGet.path }}
|
|
port: {{ $svc.readinessProbe.httpGet.port }}
|
|
periodSeconds: {{ $svc.readinessProbe.periodSeconds }}
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: app-data-pvc
|
|
{{- with $svc.volumes }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{/* ============================================================
|
|
gitpod — Git protocol server (HTTP + SSH + gRPC)
|
|
============================================================ */}}
|
|
{{- if .Values.gitpod.enabled }}
|
|
{{- $svc := .Values.gitpod }}
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "app.serviceFullname" (dict "root" . "name" "gitpod") }}
|
|
namespace: {{ include "app.namespace" . }}
|
|
labels:
|
|
{{- include "app.serviceLabels" (dict "root" . "name" "gitpod") | nindent 4 }}
|
|
spec:
|
|
replicas: {{ $svc.replicaCount }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "app.serviceSelectorLabels" (dict "root" . "name" "gitpod") | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
{{- with $svc.podAnnotations }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "app.serviceLabels" (dict "root" . "name" "gitpod") | nindent 8 }}
|
|
spec:
|
|
{{- include "app.imagePullSecrets" . | nindent 6 }}
|
|
serviceAccountName: {{ include "app.serviceAccountName" . }}
|
|
securityContext:
|
|
{{- toYaml $svc.podSecurityContext | nindent 8 }}
|
|
containers:
|
|
- name: {{ .Chart.Name }}
|
|
image: {{ include "app.image" (dict "root" . "svc" $svc.image) }}
|
|
imagePullPolicy: {{ .Values.global.image.pullPolicy }}
|
|
ports:
|
|
- name: http
|
|
containerPort: 8080
|
|
protocol: TCP
|
|
- name: ssh
|
|
containerPort: 2222
|
|
protocol: TCP
|
|
- name: grpc
|
|
containerPort: 50051
|
|
protocol: TCP
|
|
envFrom:
|
|
- configMapRef:
|
|
name: {{ include "app.fullname" . }}
|
|
resources:
|
|
{{- toYaml $svc.resources | nindent 12 }}
|
|
securityContext:
|
|
{{- toYaml $svc.securityContext | nindent 12 }}
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data
|
|
{{- with $svc.volumeMounts }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- if $svc.sshHostKeySecret }}
|
|
- name: ssh-host-key
|
|
mountPath: /etc/ssh
|
|
readOnly: true
|
|
{{- end }}
|
|
startupProbe:
|
|
httpGet:
|
|
path: {{ $svc.startupProbe.httpGet.path }}
|
|
port: {{ $svc.startupProbe.httpGet.port }}
|
|
initialDelaySeconds: {{ $svc.startupProbe.initialDelaySeconds }}
|
|
periodSeconds: {{ $svc.startupProbe.periodSeconds }}
|
|
failureThreshold: {{ $svc.startupProbe.failureThreshold }}
|
|
livenessProbe:
|
|
httpGet:
|
|
path: {{ $svc.livenessProbe.httpGet.path }}
|
|
port: {{ $svc.livenessProbe.httpGet.port }}
|
|
periodSeconds: {{ $svc.livenessProbe.periodSeconds }}
|
|
readinessProbe:
|
|
httpGet:
|
|
path: {{ $svc.readinessProbe.httpGet.path }}
|
|
port: {{ $svc.readinessProbe.httpGet.port }}
|
|
periodSeconds: {{ $svc.readinessProbe.periodSeconds }}
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: app-data-pvc
|
|
{{- if $svc.sshHostKeySecret }}
|
|
- name: ssh-host-key
|
|
secret:
|
|
secretName: {{ $svc.sshHostKeySecret }}
|
|
defaultMode: 0600
|
|
{{- end }}
|
|
{{- with $svc.volumes }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{/* ============================================================
|
|
gitsync — Git sync worker
|
|
============================================================ */}}
|
|
{{- if .Values.gitsync.enabled }}
|
|
{{- $svc := .Values.gitsync }}
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "app.serviceFullname" (dict "root" . "name" "gitsync") }}
|
|
namespace: {{ include "app.namespace" . }}
|
|
labels:
|
|
{{- include "app.serviceLabels" (dict "root" . "name" "gitsync") | nindent 4 }}
|
|
spec:
|
|
replicas: {{ $svc.replicaCount }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "app.serviceSelectorLabels" (dict "root" . "name" "gitsync") | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
{{- with $svc.podAnnotations }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "app.serviceLabels" (dict "root" . "name" "gitsync") | nindent 8 }}
|
|
spec:
|
|
{{- include "app.imagePullSecrets" . | nindent 6 }}
|
|
serviceAccountName: {{ include "app.serviceAccountName" . }}
|
|
securityContext:
|
|
{{- toYaml $svc.podSecurityContext | nindent 8 }}
|
|
containers:
|
|
- name: {{ .Chart.Name }}
|
|
image: {{ include "app.image" (dict "root" . "svc" $svc.image) }}
|
|
imagePullPolicy: {{ .Values.global.image.pullPolicy }}
|
|
ports:
|
|
- name: health
|
|
containerPort: 8081
|
|
protocol: TCP
|
|
envFrom:
|
|
- configMapRef:
|
|
name: {{ include "app.fullname" . }}
|
|
resources:
|
|
{{- toYaml $svc.resources | nindent 12 }}
|
|
securityContext:
|
|
{{- toYaml $svc.securityContext | nindent 12 }}
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data
|
|
{{- with $svc.volumeMounts }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
startupProbe:
|
|
httpGet:
|
|
path: {{ $svc.startupProbe.httpGet.path }}
|
|
port: {{ $svc.startupProbe.httpGet.port }}
|
|
initialDelaySeconds: {{ $svc.startupProbe.initialDelaySeconds }}
|
|
periodSeconds: {{ $svc.startupProbe.periodSeconds }}
|
|
failureThreshold: {{ $svc.startupProbe.failureThreshold }}
|
|
livenessProbe:
|
|
httpGet:
|
|
path: {{ $svc.livenessProbe.httpGet.path }}
|
|
port: {{ $svc.livenessProbe.httpGet.port }}
|
|
periodSeconds: {{ $svc.livenessProbe.periodSeconds }}
|
|
readinessProbe:
|
|
httpGet:
|
|
path: {{ $svc.readinessProbe.httpGet.path }}
|
|
port: {{ $svc.readinessProbe.httpGet.port }}
|
|
periodSeconds: {{ $svc.readinessProbe.periodSeconds }}
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: app-data-pvc
|
|
{{- with $svc.volumes }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
|
|
{{/* ============================================================
|
|
email — Email worker service
|
|
============================================================ */}}
|
|
{{- if .Values.email.enabled }}
|
|
{{- $svc := .Values.email }}
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "app.serviceFullname" (dict "root" . "name" "email") }}
|
|
namespace: {{ include "app.namespace" . }}
|
|
labels:
|
|
{{- include "app.serviceLabels" (dict "root" . "name" "email") | nindent 4 }}
|
|
spec:
|
|
replicas: {{ $svc.replicaCount }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "app.serviceSelectorLabels" (dict "root" . "name" "email") | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
{{- with $svc.podAnnotations }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "app.serviceLabels" (dict "root" . "name" "email") | nindent 8 }}
|
|
spec:
|
|
{{- include "app.imagePullSecrets" . | nindent 6 }}
|
|
serviceAccountName: {{ include "app.serviceAccountName" . }}
|
|
securityContext:
|
|
{{- toYaml $svc.podSecurityContext | nindent 8 }}
|
|
containers:
|
|
- name: {{ .Chart.Name }}
|
|
image: {{ include "app.image" (dict "root" . "svc" $svc.image) }}
|
|
imagePullPolicy: {{ .Values.global.image.pullPolicy }}
|
|
ports:
|
|
- name: health
|
|
containerPort: 8083
|
|
protocol: TCP
|
|
envFrom:
|
|
- configMapRef:
|
|
name: {{ include "app.fullname" . }}
|
|
resources:
|
|
{{- toYaml $svc.resources | nindent 12 }}
|
|
securityContext:
|
|
{{- toYaml $svc.securityContext | nindent 12 }}
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /data
|
|
{{- with $svc.volumeMounts }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
startupProbe:
|
|
httpGet:
|
|
path: {{ $svc.startupProbe.httpGet.path }}
|
|
port: {{ $svc.startupProbe.httpGet.port }}
|
|
initialDelaySeconds: {{ $svc.startupProbe.initialDelaySeconds }}
|
|
periodSeconds: {{ $svc.startupProbe.periodSeconds }}
|
|
failureThreshold: {{ $svc.startupProbe.failureThreshold }}
|
|
livenessProbe:
|
|
httpGet:
|
|
path: {{ $svc.livenessProbe.httpGet.path }}
|
|
port: {{ $svc.livenessProbe.httpGet.port }}
|
|
periodSeconds: {{ $svc.livenessProbe.periodSeconds }}
|
|
readinessProbe:
|
|
httpGet:
|
|
path: {{ $svc.readinessProbe.httpGet.path }}
|
|
port: {{ $svc.readinessProbe.httpGet.port }}
|
|
periodSeconds: {{ $svc.readinessProbe.periodSeconds }}
|
|
volumes:
|
|
- name: data
|
|
persistentVolumeClaim:
|
|
claimName: app-data-pvc
|
|
{{- with $svc.volumes }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $svc.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|