Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / f9f0beec8492e05a459bd7080ad095b4cf9292bc / . / charts / zot / templates / deployment.yaml
blob: 8918bc0c585c2769b0edf487223efc84b853718b [file] [log] [blame]
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "zot.fullname" . }}
labels:
{{- include "zot.labels" . | nindent 4 }}
spec:
replicas: {{ .Values.replicaCount }}
{{- with .Values.strategy }}
strategy:
{{- toYaml . | nindent 4 }}
{{- end }}
selector:
matchLabels:
{{- include "zot.selectorLabels" . | nindent 6 }}
template:
metadata:
annotations:
{{- with .Values.podAnnotations }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if and .Values.mountConfig .Values.configFiles }}
checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
{{- end }}
{{- if .Values.forceRoll }}
rollme: {{ randAlphaNum 5 | quote }}
{{- end }}
labels:
{{- include "zot.selectorLabels" . | nindent 8 }}
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "zot.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
env:
{{- toYaml .Values.env | nindent 12 }}
ports:
- name: zot
containerPort: 5000
protocol: TCP
{{- if or (not (empty .Values.extraVolumeMounts)) .Values.mountConfig .Values.mountSecret .Values.persistence .Values.externalSecrets }}
volumeMounts:
{{- if .Values.mountConfig }}
- mountPath: '/etc/zot'
name: {{ .Release.Name }}-config
{{- end }}
{{- if .Values.mountSecret }}
- mountPath: '/secret'
name: {{ .Release.Name }}-secret
{{- end }}
{{- range .Values.externalSecrets }}
- mountPath: {{ .mountPath | quote }}
name: {{ .secretName | quote }}
{{- end }}
{{- if .Values.persistence }}
- mountPath: '/var/lib/registry'
name: {{ .Release.Name }}-volume
{{- end }}
{{- with .Values.extraVolumeMounts }}
{{- toYaml . | nindent 12 }}
{{- end }}
{{- end }}
livenessProbe:
initialDelaySeconds: 5
httpGet:
path: /v2/
port: 5000
scheme: {{ .Values.httpGet.scheme }}
{{- if .Values.authHeader }}
httpHeaders:
- name: Authorization
value: Basic {{ .Values.authHeader }}
{{- end }}
readinessProbe:
initialDelaySeconds: 5
httpGet:
path: /v2/
port: 5000
scheme: {{ .Values.httpGet.scheme }}
{{- if .Values.authHeader }}
httpHeaders:
- name: Authorization
value: Basic {{ .Values.authHeader }}
{{- end }}
startupProbe:
initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.startupProbe.periodSeconds }}
failureThreshold: {{ .Values.startupProbe.failureThreshold }}
httpGet:
path: /v2/
port: 5000
scheme: {{ .Values.httpGet.scheme }}
{{- if .Values.authHeader }}
httpHeaders:
- name: Authorization
value: Basic {{ .Values.authHeader }}
{{- end }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
{{- if or .Values.mountConfig .Values.mountSecret .Values.persistence .Values.externalSecrets (not (empty .Values.extraVolumes))}}
volumes:
{{- if .Values.mountConfig }}
- name: {{ .Release.Name }}-config
configMap:
name: {{ .Release.Name }}-config
{{- end }}
{{- if .Values.mountSecret }}
- name: {{ .Release.Name }}-secret
secret:
secretName: {{ .Release.Name }}-secret
{{- end }}
{{- range .Values.externalSecrets }}
- name: {{ .secretName }}
secret:
secretName: {{ .secretName }}
{{- end }}
{{- if .Values.persistence }}
- name: {{ .Release.Name }}-volume
persistentVolumeClaim:
claimName: {{ .Values.pvc.name | default (printf "%s-pvc" .Release.Name) }}
{{- end }}
{{- with .Values.extraVolumes }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}