Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 329af57afc69ffec3f292ef7bc87b3e68da97931 / . / charts / appmanager / templates / install.yaml
blob: e8231d5b5415209d15a9647cb539ebb0f9b742f2 [file] [log] [blame]
Giorgi Lekveishvilicd46ca62023-07-07 11:58:35 +0400[diff] [blame]1apiVersion: rbac.authorization.k8s.io/v1
Giorgi Lekveishvili9d037332023-07-06 19:48:49 +0400[diff] [blame]2kind: ClusterRole
3metadata:
4 name: {{ .Values.clusterRoleName }}
5rules:
6- apiGroups:
7 - ""
8 resources:
9 - namespaces
10 verbs:
11 - create
12---
13apiVersion: rbac.authorization.k8s.io/v1
14kind: ClusterRoleBinding
15metadata:
16 name: {{ .Values.clusterRoleName }}
17roleRef:
18 apiGroup: rbac.authorization.k8s.io
19 kind: ClusterRole
20 name: {{ .Values.clusterRoleName }}
21subjects:
22- kind: ServiceAccount
23 name: default
24 namespace: {{ .Release.Namespace }}
25---
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]26apiVersion: v1
27kind: Secret
28metadata:
29 name: ssh-key
30type: Opaque
31data:
32 private: {{ .Values.sshPrivateKey }}
33---
34apiVersion: v1
35kind: Service
36metadata:
37 name: appmanager
38 namespace: {{ .Release.Namespace }}
39spec:
40 type: ClusterIP
41 selector:
42 app: appmanager
43 ports:
44 - name: http
45 port: 80
46 targetPort: http
47 protocol: TCP
48---
49apiVersion: networking.k8s.io/v1
50kind: Ingress
51metadata:
52 name: ingress
53 namespace: {{ .Release.Namespace }}
Giorgi Lekveishviliaf940c82023-07-07 12:10:16 +0400[diff] [blame]54 {{- if .Values.ingress.certificateIssuer }}
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]55 annotations:
56 acme.cert-manager.io/http01-edit-in-place: "true"
57 cert-manager.io/cluster-issuer: {{ .Values.ingress.certificateIssuer}}
Giorgi Lekveishvili9d037332023-07-06 19:48:49 +0400[diff] [blame]58 {{- end }}
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]59spec:
60 ingressClassName: {{ .Values.ingress.className }}
Giorgi Lekveishviliaf940c82023-07-07 12:10:16 +0400[diff] [blame]61 {{- if .Values.ingress.certificateIssuer }}
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]62 tls:
63 - hosts:
64 - {{ .Values.ingress.domain }}
65 secretName: cert-appmanager
Giorgi Lekveishvili9d037332023-07-06 19:48:49 +0400[diff] [blame]66 {{- end }}
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]67 rules:
68 - host: {{ .Values.ingress.domain }}
69 http:
70 paths:
71 - path: /
72 pathType: Prefix
73 backend:
74 service:
75 name: appmanager
76 port:
77 name: http
78---
79apiVersion: apps/v1
80kind: Deployment
81metadata:
82 name: appmanager
83 namespace: {{ .Release.Namespace }}
84spec:
85 selector:
86 matchLabels:
87 app: appmanager
88 replicas: 1
89 template:
90 metadata:
91 labels:
92 app: appmanager
93 spec:
94 volumes:
95 - name: ssh-key
96 secret:
97 secretName: ssh-key
98 containers:
99 - name: appmanager
100 image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
101 imagePullPolicy: {{ .Values.image.pullPolicy }}
102 ports:
103 - name: http
104 containerPort: 8080
105 protocol: TCP
106 command:
107 - pcloud-installer
108 - appmanager
109 - --repo-addr={{ .Values.repoAddr }}
110 - --ssh-key=/pcloud/ssh-key/private
111 - --port=8080
Giorgi Lekveishvili4586b4b2023-11-08 17:09:28 +0400[diff] [blame]112 {{- if .Values.appRepoAddr }}
113 - --app-repo-addr={{ .Values.appRepoAddr }}
114 {{- end}}
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]115 volumeMounts:
116 - name: ssh-key
117 readOnly: true
118 mountPath: /pcloud/ssh-key