Blame - charts/cert-manager/templates/deployment.yaml - pcloud

blob: aea5736c0c88109c22cd498f411c8caa6568e0c4 [file] [log] [blame]

Giorgi Lekveishvili	d1234c1	2023-06-19 10:37:06 +0400	[diff] [blame]	1	apiVersion: apps/v1
				2	kind: Deployment
				3	metadata:
				4	name: {{ template "cert-manager.fullname" . }}
				5	namespace: {{ include "cert-manager.namespace" . }}
				6	labels:
				7	app: {{ template "cert-manager.name" . }}
				8	app.kubernetes.io/name: {{ template "cert-manager.name" . }}
				9	app.kubernetes.io/instance: {{ .Release.Name }}
				10	app.kubernetes.io/component: "controller"
				11	{{- include "labels" . \| nindent 4 }}
				12	{{- with .Values.deploymentAnnotations }}
				13	annotations:
				14	{{- toYaml . \| nindent 4 }}
				15	{{- end }}
				16	spec:
				17	replicas: {{ .Values.replicaCount }}
				18	selector:
				19	matchLabels:
				20	app.kubernetes.io/name: {{ template "cert-manager.name" . }}
				21	app.kubernetes.io/instance: {{ .Release.Name }}
				22	app.kubernetes.io/component: "controller"
				23	{{- with .Values.strategy }}
				24	strategy:
				25	{{- toYaml . \| nindent 4 }}
				26	{{- end }}
				27	template:
				28	metadata:
				29	labels:
				30	app: {{ template "cert-manager.name" . }}
				31	app.kubernetes.io/name: {{ template "cert-manager.name" . }}
				32	app.kubernetes.io/instance: {{ .Release.Name }}
				33	app.kubernetes.io/component: "controller"
				34	{{- include "labels" . \| nindent 8 }}
				35	{{- with .Values.podLabels }}
				36	{{- toYaml . \| nindent 8 }}
				37	{{- end }}
				38	{{- with .Values.podAnnotations }}
				39	annotations:
				40	{{- toYaml . \| nindent 8 }}
				41	{{- end }}
				42	{{- if and .Values.prometheus.enabled (not .Values.prometheus.servicemonitor.enabled) }}
				43	{{- if not .Values.podAnnotations }}
				44	annotations:
				45	{{- end }}
				46	prometheus.io/path: "/metrics"
				47	prometheus.io/scrape: 'true'
				48	prometheus.io/port: '9402'
				49	{{- end }}
				50	spec:
				51	serviceAccountName: {{ template "cert-manager.serviceAccountName" . }}
				52	{{- if hasKey .Values "automountServiceAccountToken" }}
				53	automountServiceAccountToken: {{ .Values.automountServiceAccountToken }}
				54	{{- end }}
				55	{{- with .Values.global.priorityClassName }}
				56	priorityClassName: {{ . \| quote }}
				57	{{- end }}
				58	{{- with .Values.securityContext }}
				59	securityContext:
				60	{{- toYaml . \| nindent 8 }}
				61	{{- end }}
				62	{{- with .Values.volumes }}
				63	volumes:
				64	{{- toYaml . \| nindent 8 }}
				65	{{- end }}
				66	containers:
				67	- name: {{ .Chart.Name }}-controller
				68	{{- with .Values.image }}
				69	image: "{{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}}"
				70	{{- end }}
				71	imagePullPolicy: {{ .Values.image.pullPolicy }}
				72	args:
				73	{{- if .Values.global.logLevel }}
				74	- --v={{ .Values.global.logLevel }}
				75	{{- end }}
				76	{{- if .Values.clusterResourceNamespace }}
				77	- --cluster-resource-namespace={{ .Values.clusterResourceNamespace }}
				78	{{- else }}
				79	- --cluster-resource-namespace=$(POD_NAMESPACE)
				80	{{- end }}
				81	{{- with .Values.global.leaderElection }}
				82	- --leader-election-namespace={{ .namespace }}
				83	{{- if .leaseDuration }}
				84	- --leader-election-lease-duration={{ .leaseDuration }}
				85	{{- end }}
				86	{{- if .renewDeadline }}
				87	- --leader-election-renew-deadline={{ .renewDeadline }}
				88	{{- end }}
				89	{{- if .retryPeriod }}
				90	- --leader-election-retry-period={{ .retryPeriod }}
				91	{{- end }}
				92	{{- end }}
				93	{{- with .Values.acmesolver.image }}
				94	- --acme-http01-solver-image={{- if .registry -}}{{ .registry }}/{{- end -}}{{ .repository }}{{- if (.digest) -}} @{{ .digest }}{{- else -}}:{{ default $.Chart.AppVersion .tag }} {{- end -}}
				95	{{- end }}
				96	{{- with .Values.extraArgs }}
				97	{{- toYaml . \| nindent 10 }}
				98	{{- end }}
				99	{{- with .Values.ingressShim }}
				100	{{- if .defaultIssuerName }}
				101	- --default-issuer-name={{ .defaultIssuerName }}
				102	{{- end }}
				103	{{- if .defaultIssuerKind }}
				104	- --default-issuer-kind={{ .defaultIssuerKind }}
				105	{{- end }}
				106	{{- if .defaultIssuerGroup }}
				107	- --default-issuer-group={{ .defaultIssuerGroup }}
				108	{{- end }}
				109	{{- end }}
				110	{{- if .Values.featureGates }}
				111	- --feature-gates={{ .Values.featureGates }}
				112	{{- end }}
				113	{{- if .Values.maxConcurrentChallenges }}
				114	- --max-concurrent-challenges={{ .Values.maxConcurrentChallenges }}
				115	{{- end }}
Giorgi Lekveishvili	0048a78	2023-06-20 18:32:21 +0400	[diff] [blame^]	116	{{- if .Values.enableCertificateOwnerRef }}
				117	- --enable-certificate-owner-ref=true
				118	{{- end }}
				119	{{- if .Values.dns01RecursiveNameserversOnly }}
				120	- --dns01-recursive-nameservers-only=true
				121	{{- end }}
				122	{{- with .Values.dns01RecursiveNameservers }}
				123	- --dns01-recursive-nameservers={{ . }}
				124	{{- end }}
Giorgi Lekveishvili	d1234c1	2023-06-19 10:37:06 +0400	[diff] [blame]	125	ports:
				126	- containerPort: 9402
				127	name: http-metrics
				128	protocol: TCP
Giorgi Lekveishvili	0048a78	2023-06-20 18:32:21 +0400	[diff] [blame^]	129	- containerPort: 9403
				130	name: http-healthz
				131	protocol: TCP
Giorgi Lekveishvili	d1234c1	2023-06-19 10:37:06 +0400	[diff] [blame]	132	{{- with .Values.containerSecurityContext }}
				133	securityContext:
				134	{{- toYaml . \| nindent 12 }}
				135	{{- end }}
				136	{{- with .Values.volumeMounts }}
				137	volumeMounts:
				138	{{- toYaml . \| nindent 12 }}
				139	{{- end }}
				140	env:
				141	- name: POD_NAMESPACE
				142	valueFrom:
				143	fieldRef:
				144	fieldPath: metadata.namespace
				145	{{- with .Values.extraEnv }}
				146	{{- toYaml . \| nindent 10 }}
				147	{{- end }}
				148	{{- with .Values.http_proxy }}
				149	- name: HTTP_PROXY
				150	value: {{ . }}
				151	{{- end }}
				152	{{- with .Values.https_proxy }}
				153	- name: HTTPS_PROXY
				154	value: {{ . }}
				155	{{- end }}
				156	{{- with .Values.no_proxy }}
				157	- name: NO_PROXY
				158	value: {{ . }}
				159	{{- end }}
				160	{{- with .Values.resources }}
				161	resources:
				162	{{- toYaml . \| nindent 12 }}
				163	{{- end }}
Giorgi Lekveishvili	0048a78	2023-06-20 18:32:21 +0400	[diff] [blame^]	164
				165	{{- with .Values.livenessProbe }}
				166	{{- if .enabled }}
				167	# LivenessProbe settings are based on those used for the Kubernetes
				168	# controller-manager. See:
				169	# https://github.com/kubernetes/kubernetes/blob/806b30170c61a38fedd54cc9ede4cd6275a1ad3b/cmd/kubeadm/app/util/staticpod/utils.go#L241-L245
				170	livenessProbe:
				171	httpGet:
				172	port: http-healthz
				173	path: /livez
				174	scheme: HTTP
				175	initialDelaySeconds: {{ .initialDelaySeconds }}
				176	periodSeconds: {{ .periodSeconds }}
				177	timeoutSeconds: {{ .timeoutSeconds }}
				178	successThreshold: {{ .successThreshold }}
				179	failureThreshold: {{ .failureThreshold }}
				180	{{- end }}
				181	{{- end }}
Giorgi Lekveishvili	d1234c1	2023-06-19 10:37:06 +0400	[diff] [blame]	182	{{- with .Values.nodeSelector }}
				183	nodeSelector:
				184	{{- toYaml . \| nindent 8 }}
				185	{{- end }}
				186	{{- with .Values.affinity }}
				187	affinity:
				188	{{- toYaml . \| nindent 8 }}
				189	{{- end }}
				190	{{- with .Values.tolerations }}
				191	tolerations:
				192	{{- toYaml . \| nindent 8 }}
				193	{{- end }}
				194	{{- with .Values.topologySpreadConstraints }}
				195	topologySpreadConstraints:
				196	{{- toYaml . \| nindent 8 }}
				197	{{- end }}
				198	{{- with .Values.podDnsPolicy }}
				199	dnsPolicy: {{ . }}
				200	{{- end }}
				201	{{- with .Values.podDnsConfig }}
				202	dnsConfig:
				203	{{- toYaml . \| nindent 8 }}
				204	{{- end }}