Blame - charts/env-manager/templates/install.yaml - helm-charts

blob: dd14caf8d5d83b27fa97598c7e99dee8d611c34b [file] [log] [blame]

Giorgi Lekveishvili	4ec4c02	2024-08-17 15:09:24 +0400	[diff] [blame]	1	apiVersion: rbac.authorization.k8s.io/v1
				2	kind: ClusterRole
				3	metadata:
				4	name: {{ .Values.clusterRoleName }}
				5	rules: # TODO(gio): restrict to ns create and dnszone get
				6	- apiGroups:
				7	- "*"
				8	resources:
				9	- "*"
				10	verbs:
				11	- "*"
				12	# - apiGroups:
				13	# - ""
				14	# resources:
				15	# - namespaces
				16	# verbs:
				17	# - create
				18	---
				19	apiVersion: rbac.authorization.k8s.io/v1
				20	kind: ClusterRoleBinding
				21	metadata:
				22	name: {{ .Values.clusterRoleName }}
				23	roleRef:
				24	apiGroup: rbac.authorization.k8s.io
				25	kind: ClusterRole
				26	name: {{ .Values.clusterRoleName }}
				27	subjects:
				28	- kind: ServiceAccount
				29	name: default
				30	namespace: {{ .Release.Namespace }}
				31	---
				32	apiVersion: v1
				33	kind: Secret
				34	metadata:
				35	name: ssh-key
				36	type: Opaque
				37	data:
				38	private: {{ .Values.sshPrivateKey }}
				39	---
				40	apiVersion: v1
				41	kind: Service
				42	metadata:
				43	name: env-manager
				44	namespace: {{ .Release.Namespace }}
				45	annotations:
				46	metallb.universe.tf/address-pool: local
				47	spec:
				48	type: LoadBalancer
				49	selector:
				50	app: env-manager
				51	ports:
				52	- name: http
				53	port: 80
				54	targetPort: http
				55	protocol: TCP
				56	---
				57	apiVersion: apps/v1
				58	kind: Deployment
				59	metadata:
				60	name: env-manager
				61	namespace: {{ .Release.Namespace }}
				62	spec:
				63	selector:
				64	matchLabels:
				65	app: env-manager
				66	replicas: 1
				67	template:
				68	metadata:
				69	labels:
				70	app: env-manager
				71	spec:
				72	volumes:
				73	- name: ssh-key
				74	secret:
				75	secretName: ssh-key
				76	containers:
				77	- name: env-manager
				78	image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
				79	imagePullPolicy: {{ .Values.image.pullPolicy }}
				80	ports:
				81	- name: http
				82	containerPort: 8080
				83	protocol: TCP
				84	command:
				85	- pcloud-installer
				86	- envmanager
				87	- --repo-addr={{ .Values.repoIP }}:{{ .Values.repoPort }}
				88	- --repo-name={{ .Values.repoName }}
				89	- --ssh-key=/pcloud/ssh-key/private
				90	- --port=8080
				91	volumeMounts:
				92	- name: ssh-key
				93	readOnly: true
				94	mountPath: /pcloud/ssh-key