| Giorgi Lekveishvili | 2df23db | 2023-12-14 07:55:22 +0400 | [diff] [blame] | 1 | apiVersion: v1 |
| 2 | kind: ServiceAccount |
| 3 | metadata: |
| 4 | name: fluxcd-reconciler |
| 5 | namespace: {{ .Release.Namespace }} |
| 6 | --- |
| 7 | apiVersion: rbac.authorization.k8s.io/v1 |
| 8 | kind: ClusterRole |
| 9 | metadata: |
| 10 | name: fluxcd-reconciler |
| 11 | rules: # TODO(gio): restrict to ns create and dnszone get |
| 12 | - apiGroups: |
| 13 | - "source.toolkit.fluxcd.io/v1" |
| 14 | resources: |
| 15 | - "gitrepositories" |
| 16 | verbs: |
| 17 | - get |
| 18 | - update |
| 19 | - apiGroups: |
| 20 | - "kustomize.toolkit.fluxcd.io" |
| 21 | resources: |
| 22 | - "kustomizations" |
| 23 | verbs: |
| 24 | - get |
| 25 | - update |
| 26 | --- |
| 27 | apiVersion: rbac.authorization.k8s.io/v1 |
| 28 | kind: ClusterRoleBinding |
| 29 | metadata: |
| 30 | name: fluxcd-reconciler |
| 31 | roleRef: |
| 32 | apiGroup: rbac.authorization.k8s.io |
| 33 | kind: ClusterRole |
| 34 | name: fluxcd-reconciler |
| 35 | subjects: |
| 36 | - kind: ServiceAccount |
| 37 | name: fluxcd-reconciler |
| 38 | namespace: {{ .Release.Namespace }} |
| 39 | --- |
| 40 | apiVersion: v1 |
| 41 | kind: Service |
| 42 | metadata: |
| 43 | name: fluxcd-reconciler |
| 44 | namespace: {{ .Release.Namespace }} |
| 45 | spec: |
| 46 | type: ClusterIP |
| 47 | selector: |
| 48 | app: fluxcd-reconciler |
| 49 | ports: |
| 50 | - name: http |
| 51 | port: 80 |
| 52 | targetPort: http |
| 53 | protocol: TCP |
| 54 | --- |
| 55 | apiVersion: apps/v1 |
| 56 | kind: Deployment |
| 57 | metadata: |
| 58 | name: fluxcd-reconciler |
| 59 | namespace: {{ .Release.Namespace }} |
| 60 | spec: |
| 61 | selector: |
| 62 | matchLabels: |
| 63 | app: fluxcd-reconciler |
| 64 | replicas: 1 |
| 65 | serviceAccountName: fluxcd-reconciler |
| 66 | template: |
| 67 | metadata: |
| 68 | labels: |
| 69 | app: fluxcd-reconciler |
| 70 | spec: |
| 71 | containers: |
| 72 | - name: fluxcd-reconciler |
| 73 | image: {{ .Values.image.repository }}:{{ .Values.image.tag }} |
| 74 | imagePullPolicy: {{ .Values.image.pullPolicy }} |
| 75 | ports: |
| 76 | - name: http |
| 77 | containerPort: 8080 |
| 78 | protocol: TCP |
| Giorgi Lekveishvili | 2dd35c2 | 2023-12-17 21:22:00 +0400 | [diff] [blame^] | 79 | command: ["/fluxcd_reconciler", "--port=8080"] |
| Giorgi Lekveishvili | 2df23db | 2023-12-14 07:55:22 +0400 | [diff] [blame] | 80 | resources: |
| 81 | requests: |
| 82 | memory: "10Mi" |
| 83 | cpu: "10m" |
| 84 | limits: |
| 85 | memory: "20Mi" |
| 86 | cpu: "100m" |
| 87 | tolerations: |
| 88 | - key: "pcloud" |
| 89 | operator: "Equal" |
| 90 | value: "role" |
| 91 | effect: "NoSchedule" |