Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 3e45d0a3e4fe59195baa584ea287d7f391ebc315 / . / charts / penpot / templates / exporter / deployment.yaml
blob: dccbdf00f8dd6a3603ce7c5bfbdee3044c191eb9 [file] [log] [blame]
Giorgi Lekveishvili3e45d0a2023-06-26 09:53:42 +0400[diff] [blame^]1apiVersion: apps/v1
2kind: Deployment
3metadata:
4 name: {{ include "penpot.fullname" . }}-exporter
5 namespace: {{ .Release.Namespace }}
6 labels:
7 {{- include "penpot.labels" . | nindent 4 }}
8spec:
9 replicas: {{ .Values.exporter.replicaCount }}
10 selector:
11 matchLabels:
12 {{- include "penpot.exporterSelectorLabels" . | nindent 6 }}
13 template:
14 metadata:
15 labels:
16 {{- include "penpot.exporterSelectorLabels" . | nindent 8 }}
17 spec:
18 {{- with .Values.global.imagePullSecrets }}
19 imagePullSecrets:
20 {{- toYaml . | nindent 8 }}
21 {{- end }}
22 serviceAccountName: {{ include "penpot.serviceAccountName" . }}
23 {{ if .Values.exporter.podSecurityContext.enabled }}
24 securityContext:
25 {{- omit .Values.exporter.podSecurityContext "enabled" | toYaml | nindent 8 }}
26 {{- end }}
27 containers:
28 - name: {{ .Chart.Name }}-exporter
29 {{ if .Values.exporter.containerSecurityContext.enabled }}
30 securityContext:
31 {{- omit .Values.exporter.containerSecurityContext "enabled" | toYaml | nindent 12 }}
32 {{- end }}
33 image: "{{ .Values.exporter.image.repository }}:{{ .Values.exporter.image.tag }}"
34 imagePullPolicy: {{ .Values.exporter.image.imagePullPolicy }}
35 env:
36 - name: PENPOT_PUBLIC_URI
37 value: {{ .Values.config.publicURI | quote }}
38 - name: PENPOT_FLAGS
39 value: "$PENPOT_FLAGS {{ .Values.config.flags }}"
40 - name: PENPOT_SECRET_KEY
41 value: {{ .Values.config.apiSecretKey | quote }}
42 - name: PENPOT_DATABASE_URI
43 value: "postgresql://{{ .Values.config.postgresql.host }}:{{ .Values.config.postgresql.port }}/{{ .Values.config.postgresql.database }}"
44 - name: PENPOT_DATABASE_USERNAME
45 {{- if not .Values.config.postgresql.secretKeys.usernameKey }}
46 value: {{ .Values.config.postgresql.username | quote }}
47 {{- else }}
48 valueFrom:
49 secretKeyRef:
50 name: {{ .Values.config.postgresql.existingSecret }}
51 key: {{ .Values.config.postgresql.secretKeys.usernameKey }}
52 {{- end }}
53 - name: PENPOT_DATABASE_PASSWORD
54 {{- if not .Values.config.postgresql.secretKeys.passwordKey }}
55 value: {{ .Values.config.postgresql.password | quote }}
56 {{- else }}
57 valueFrom:
58 secretKeyRef:
59 name: {{ .Values.config.postgresql.existingSecret }}
60 key: {{ .Values.config.postgresql.secretKeys.passwordKey }}
61 {{- end }}
62 - name: PENPOT_REDIS_URI
63 value: "redis://{{ .Values.config.redis.host }}:{{ .Values.config.redis.port }}/{{ .Values.config.redis.database }}"
64 - name: PENPOT_ASSETS_STORAGE_BACKEND
65 value: {{ .Values.config.assets.storageBackend | quote }}
66 {{- if eq .Values.config.assets.storageBackend "assets-fs" }}
67 - name: PENPOT_STORAGE_ASSETS_FS_DIRECTORY
68 value: {{ .Values.config.assets.filesystem.directory | quote }}
69 {{- else if eq .Values.config.assets.storageBackend "assets-s3" }}
70 - name: PENPOT_STORAGE_ASSETS_S3_REGION
71 value: {{ .Values.config.assets.s3.region | quote }}
72 - name: PENPOT_STORAGE_ASSETS_S3_BUCKET
73 value: {{ .Values.config.assets.s3.bucket | quote }}
74 - name: AWS_ACCESS_KEY_ID
75 {{- if not .Values.config.assets.s3.secretKeys.accessKeyIDKey }}
76 value: {{ .Values.config.assets.s3.accessKeyID | quote }}
77 {{- else }}
78 valueFrom:
79 secretKeyRef:
80 name: {{ .Values.config.assets.s3.existingSecret }}
81 key: {{ .Values.config.assets.s3.secretKeys.accessKeyIDKey }}
82 {{- end }}
83 - name: AWS_SECRET_ACCESS_KEY
84 {{- if not .Values.config.assets.s3.secretKeys.secretAccessKey }}
85 value: {{ .Values.config.assets.s3.secretAccessKey | quote }}
86 {{- else }}
87 valueFrom:
88 secretKeyRef:
89 name: {{ .Values.config.assets.s3.existingSecret }}
90 key: {{ .Values.config.assets.s3.secretKeys.secretAccessKey }}
91 {{- end }}
92 - name: PENPOT_STORAGE_ASSETS_S3_ENDPOINT
93 {{- if not .Values.config.assets.s3.secretKeys.endpointURIKey }}
94 value: {{ .Values.config.assets.s3.endpointURI | quote }}
95 {{- else }}
96 valueFrom:
97 secretKeyRef:
98 name: {{ .Values.config.assets.s3.existingSecret }}
99 key: {{ .Values.config.assets.s3.secretKeys.endpointURIKey }}
100 {{- end }}
101 {{- end }}
102 - name: PENPOT_TELEMETRY_ENABLED
103 value: {{ .Values.config.telemetryEnabled | quote }}
104
105 {{- if .Values.config.smtp.enabled }}
106 {{- if .Values.config.smtp.defaultFrom }}
107 - name: PENPOT_SMTP_DEFAULT_FROM
108 value: {{ .Values.config.smtp.defaultFrom | quote }}
109 {{- end }}
110 {{- if .Values.config.smtp.defaultReplyTo }}
111 - name: PENPOT_SMTP_DEFAULT_REPLY_TO
112 value: {{ .Values.config.smtp.defaultReplyTo | quote }}
113 {{- end }}
114 {{- if .Values.config.smtp.host }}
115 - name: PENPOT_SMTP_HOST
116 value: {{ .Values.config.smtp.host | quote }}
117 {{- end }}
118 {{- if .Values.config.smtp.port }}
119 - name: PENPOT_SMTP_PORT
120 value: {{ .Values.config.smtp.port | quote }}
121 {{- end }}
122 {{- if not .Values.config.smtp.secretKeys.usernameKey }}
123 - name: PENPOT_SMTP_USERNAME
124 value: {{ .Values.config.smtp.username | quote }}
125 {{- else }}
126 - name: PENPOT_SMTP_USERNAME
127 valueFrom:
128 secretKeyRef:
129 name: {{ .Values.config.smtp.existingSecret }}
130 key: {{ .Values.config.smtp.secretKeys.usernameKey }}
131 {{- end }}
132 {{- if not .Values.config.smtp.secretKeys.passwordKey }}
133 - name: PENPOT_SMTP_PASSWORD
134 value: {{ .Values.config.smtp.password | quote }}
135 {{- else }}
136 - name: PENPOT_SMTP_PASSWORD
137 valueFrom:
138 secretKeyRef:
139 name: {{ .Values.config.smtp.existingSecret }}
140 key: {{ .Values.config.smtp.secretKeys.passwordKey }}
141 {{- end }}
142 {{- if .Values.config.smtp.tls }}
143 - name: PENPOT_SMTP_TLS
144 value: {{ .Values.config.smtp.tls | quote }}
145 {{- end }}
146 {{- if .Values.config.smtp.ssl }}
147 - name: PENPOT_SMTP_SSL
148 value: {{ .Values.config.smtp.ssl | quote }}
149 {{- end }}
150 {{- end }}
151
152
153 {{- if .Values.config.registrationDomainWhitelist }}
154 - name: PENPOT_REGISTRATION_DOMAIN_WHITELIST
155 value: {{ .Values.config.registrationDomainWhitelist | quote }}
156 {{- end }}
157
158 {{- if .Values.config.providers.google.enabled }}
159 {{- if not .Values.config.providers.secretKeys.googleClientIDKey }}
160 - name: PENPOT_GOOGLE_CLIENT_ID
161 value: {{ .Values.config.providers.google.clientID | quote }}
162 {{- else }}
163 - name: PENPOT_GOOGLE_CLIENT_ID
164 valueFrom:
165 secretKeyRef:
166 name: {{ .Values.config.providers.existingSecret }}
167 key: {{ .Values.config.providers.secretKeys.googleClientIDKey }}
168 {{- end }}
169 {{- if not .Values.config.providers.secretKeys.googleClientSecretKey}}
170 - name: PENPOT_GOOGLE_CLIENT_SECRET
171 value: {{ .Values.config.providers.google.clientSecret | quote }}
172 {{- else }}
173 - name: PENPOT_GOOGLE_CLIENT_SECRET
174 valueFrom:
175 secretKeyRef:
176 name: {{ .Values.config.providers.existingSecret }}
177 key: {{ .Values.config.providers.secretKeys.googleClientSecretKey }}
178 {{- end }}
179 {{- end }}
180
181 {{- if .Values.config.providers.github.enabled }}
182 {{- if not .Values.config.providers.secretKeys.githubClientIDKey }}
183 - name: PENPOT_GITHUB_CLIENT_ID
184 value: {{ .Values.config.providers.github.clientID | quote }}
185 {{- else }}
186 - name: PENPOT_GITHUB_CLIENT_ID
187 valueFrom:
188 secretKeyRef:
189 name: {{ .Values.config.providers.existingSecret }}
190 key: {{ .Values.config.providers.secretKeys.githubClientIDKey }}
191 {{- end }}
192 {{- if not .Values.config.providers.secretKeys.githubClientSecretKey }}
193 - name: PENPOT_GITHUB_CLIENT_SECRET
194 value: {{ .Values.config.providers.github.clientSecret | quote }}
195 {{- else }}
196 - name: PENPOT_GITHUB_CLIENT_SECRET
197 valueFrom:
198 secretKeyRef:
199 name: {{ .Values.config.providers.existingSecret }}
200 key: {{ .Values.config.providers.secretKeys.githubClientSecretKey }}
201 {{- end }}
202 {{- end }}
203
204 {{- if .Values.config.providers.gitlab.enabled }}
205 {{- if .Values.config.providers.gitlab.baseURI }}
206 - name: PENPOT_GITLAB_BASE_URI
207 value: {{ .Values.config.providers.gitlab.baseURI | quote }}
208 {{- end }}
209 {{- if not .Values.config.providers.secretKeys.gitlabClientIDKey }}
210 - name: PENPOT_GITLAB_CLIENT_ID
211 value: {{ .Values.config.providers.gitlab.clientID | quote }}
212 {{- else }}
213 - name: PENPOT_GITLAB_CLIENT_ID
214 valueFrom:
215 secretKeyRef:
216 name: {{ .Values.config.providers.existingSecret }}
217 key: {{ .Values.config.providers.secretKeys.gitlabClientIDKey }}
218 {{- end }}
219 {{- if not .Values.config.providers.secretKeys.gitlabClientSecretKey }}
220 - name: PENPOT_GITLAB_CLIENT_SECRET
221 value: {{ .Values.config.providers.gitlab.clientSecret | quote }}
222 {{- else }}
223 - name: PENPOT_GITLAB_CLIENT_SECRET
224 valueFrom:
225 secretKeyRef:
226 name: {{ .Values.config.providers.existingSecret }}
227 key: {{ .Values.config.providers.secretKeys.gitlabClientSecretKey }}
228 {{- end }}
229 {{- end }}
230
231 {{- if .Values.config.providers.oidc.enabled }}
232 {{- if .Values.config.providers.oidc.baseURI }}
233 - name: PENPOT_OIDC_BASE_URI
234 value: {{ .Values.config.providers.oidc.baseURI | quote }}
235 {{- end }}
236 {{- if not .Values.config.providers.secretKeys.oidcClientIDKey }}
237 - name: PENPOT_OIDC_CLIENT_ID
238 value: {{ .Values.config.providers.oidc.clientID | quote}}
239 {{- else }}
240 - name: PENPOT_OIDC_CLIENT_ID
241 valueFrom:
242 secretKeyRef:
243 name: {{ .Values.config.providers.existingSecret }}
244 key: {{ .Values.config.providers.secretKeys.oidcClientIDKey }}
245 {{- end }}
246 {{- if not .Values.config.providers.secretKeys.oidcClientSecretKey}}
247 - name: PENPOT_OIDC_CLIENT_SECRET
248 value: {{ .Values.config.providers.oidc.clientSecret | quote }}
249 {{- else }}
250 - name: PENPOT_OIDC_CLIENT_SECRET
251 valueFrom:
252 secretKeyRef:
253 name: {{ .Values.config.providers.existingSecret }}
254 key: {{ .Values.config.providers.secretKeys.oidcClientSecretKey }}
255 {{- end }}
256 {{- if .Values.config.providers.oidc.authURI }}
257 - name: PENPOT_OIDC_AUTH_URI
258 value: {{ .Values.config.providers.oidc.authURI | quote }}
259 {{- end }}
260 {{- if .Values.config.providers.oidc.tokenURI }}
261 - name: PENPOT_OIDC_TOKEN_URI
262 value: {{ .Values.config.providers.oidc.tokenURI | quote }}
263 {{- end }}
264 {{- if .Values.config.providers.oidc.userURI }}
265 - name: PENPOT_OIDC_USER_URI
266 value: {{ .Values.config.providers.oidc.userURI | quote }}
267 {{- end }}
268 {{- if .Values.config.providers.oidc.roles }}
269 - name: PENPOT_OIDC_ROLES
270 value: {{ .Values.config.providers.oidc.roles | quote }}
271 {{- end }}
272 {{- if .Values.config.providers.oidc.rolesAttribute }}
273 - name: PENPOT_OIDC_ROLES_ATTR
274 value: {{ .Values.config.providers.oidc.rolesAttribute | quote }}
275 {{- end }}
276 {{- if .Values.config.providers.oidc.scopes }}
277 - name: PENPOT_OIDC_SCOPES
278 value: {{ .Values.config.providers.oidc.scopes | quote }}
279 {{- end }}
280 {{- if .Values.config.providers.oidc.nameAttribute }}
281 - name: PENPOT_OIDC_NAME_ATTR
282 value: {{ .Values.config.providers.oidc.nameAttribute | quote }}
283 {{- end }}
284 {{- if .Values.config.providers.oidc.emailAttribute }}
285 - name: PENPOT_OIDC_EMAIL_ATTR
286 value: {{ .Values.config.providers.oidc.emailAttribute | quote }}
287 {{- end }}
288 {{- end }}
289
290 {{- if .Values.config.providers.ldap.enabled }}
291 {{- if .Values.config.providers.ldap.host }}
292 - name: PENPOT_LDAP_HOST
293 value: {{ .Values.config.providers.ldap.host | quote }}
294 {{- end }}
295 {{- if .Values.config.providers.ldap.port }}
296 - name: PENPOT_LDAP_PORT
297 value: {{ .Values.config.providers.ldap.port | quote }}
298 {{- end }}
299 {{- if .Values.config.providers.ldap.ssl }}
300 - name: PENPOT_LDAP_SSL
301 value: {{ .Values.config.providers.ldap.ssl | quote }}
302 {{- end }}
303 {{- if .Values.config.providers.ldap.startTLS }}
304 - name: PENPOT_LDAP_STARTTLS
305 value: {{ .Values.config.providers.ldap.startTLS | quote }}
306 {{- end }}
307 {{- if .Values.config.providers.ldap.baseDN }}
308 - name: PENPOT_LDAP_BASE_DN
309 value: {{ .Values.config.providers.ldap.baseDN | quote }}
310 {{- end }}
311 {{- if .Values.config.providers.ldap.bindDN }}
312 - name: PENPOT_LDAP_BIND_DN
313 value: {{ .Values.config.providers.ldap.bindDN | quote }}
314 {{- end }}
315 {{- if .Values.config.providers.ldap.bindPassword }}
316 - name: PENPOT_LDAP_BIND_PASSWORD
317 value: {{ .Values.config.providers.ldap.bindPassword | quote }}
318 {{- end }}
319 {{- if .Values.config.providers.ldap.attributesUsername }}
320 - name: PENPOT_LDAP_ATTRS_USERNAME
321 value: {{ .Values.config.providers.ldap.attributesUsername | quote }}
322 {{- end }}
323 {{- if .Values.config.providers.ldap.attributesEmail }}
324 - name: PENPOT_LDAP_ATTRS_EMAIL
325 value: {{ .Values.config.providers.ldap.attributesEmail | quote }}
326 {{- end }}
327 {{- if .Values.config.providers.ldap.attributesFullname }}
328 - name: PENPOT_LDAP_ATTRS_FULLNAME
329 value: {{ .Values.config.providers.ldap.attributesFullname | quote }}
330 {{- end }}
331 {{- if .Values.config.providers.ldap.attributesPhoto }}
332 - name: PENPOT_LDAP_ATTRS_PHOTO
333 value: {{ .Values.config.providers.ldap.attributesPhoto | quote }}
334 {{- end }}
335 {{- end }}
336 ports:
337 - name: http
338 containerPort: {{ .Values.exporter.service.port }}
339 protocol: TCP
340 resources:
341 {{- toYaml .Values.exporter.resources | nindent 12 }}
342 {{- with .Values.exporter.nodeSelector }}
343 nodeSelector:
344 {{- toYaml . | nindent 8 }}
345 {{- end }}
346 {{- with .Values.exporter.affinity }}
347 affinity:
348 {{- toYaml . | nindent 8 }}
349 {{- end }}
350 {{- with .Values.exporter.tolerations }}
351 tolerations:
352 {{- toYaml . | nindent 8 }}
353 {{- end }}