Gitiles
Code Review Sign In
code.v1.dodo.cloud / pcloud / 9d03733c524209066eb5a71aa4cc5cff80034785 / . / charts / appmanager / templates / install.yaml
blob: 7274aa94d44a227eb907060e8b2cc35eb809d1e1 [file] [log] [blame]
Giorgi Lekveishvili9d037332023-07-06 19:48:49 +0400[diff] [blame^]1kind: ClusterRole
2metadata:
3 name: {{ .Values.clusterRoleName }}
4rules:
5- apiGroups:
6 - ""
7 resources:
8 - namespaces
9 verbs:
10 - create
11---
12apiVersion: rbac.authorization.k8s.io/v1
13kind: ClusterRoleBinding
14metadata:
15 name: {{ .Values.clusterRoleName }}
16roleRef:
17 apiGroup: rbac.authorization.k8s.io
18 kind: ClusterRole
19 name: {{ .Values.clusterRoleName }}
20subjects:
21- kind: ServiceAccount
22 name: default
23 namespace: {{ .Release.Namespace }}
24---
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]25apiVersion: v1
26kind: Secret
27metadata:
28 name: ssh-key
29type: Opaque
30data:
31 private: {{ .Values.sshPrivateKey }}
32---
33apiVersion: v1
34kind: Service
35metadata:
36 name: appmanager
37 namespace: {{ .Release.Namespace }}
38spec:
39 type: ClusterIP
40 selector:
41 app: appmanager
42 ports:
43 - name: http
44 port: 80
45 targetPort: http
46 protocol: TCP
47---
48apiVersion: networking.k8s.io/v1
49kind: Ingress
50metadata:
51 name: ingress
52 namespace: {{ .Release.Namespace }}
Giorgi Lekveishvili9d037332023-07-06 19:48:49 +0400[diff] [blame^]53 {{- if .Values.certificateIssuer }}
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]54 annotations:
55 acme.cert-manager.io/http01-edit-in-place: "true"
56 cert-manager.io/cluster-issuer: {{ .Values.ingress.certificateIssuer}}
Giorgi Lekveishvili9d037332023-07-06 19:48:49 +0400[diff] [blame^]57 {{- end }}
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]58spec:
59 ingressClassName: {{ .Values.ingress.className }}
Giorgi Lekveishvili9d037332023-07-06 19:48:49 +0400[diff] [blame^]60 {{- if .Values.certificateIssuer }}
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]61 tls:
62 - hosts:
63 - {{ .Values.ingress.domain }}
64 secretName: cert-appmanager
Giorgi Lekveishvili9d037332023-07-06 19:48:49 +0400[diff] [blame^]65 {{- end }}
Giorgi Lekveishvilida912e72023-07-06 18:48:55 +0400[diff] [blame]66 rules:
67 - host: {{ .Values.ingress.domain }}
68 http:
69 paths:
70 - path: /
71 pathType: Prefix
72 backend:
73 service:
74 name: appmanager
75 port:
76 name: http
77---
78apiVersion: apps/v1
79kind: Deployment
80metadata:
81 name: appmanager
82 namespace: {{ .Release.Namespace }}
83spec:
84 selector:
85 matchLabels:
86 app: appmanager
87 replicas: 1
88 template:
89 metadata:
90 labels:
91 app: appmanager
92 spec:
93 volumes:
94 - name: ssh-key
95 secret:
96 secretName: ssh-key
97 containers:
98 - name: appmanager
99 image: {{ .Values.image.repository }}:{{ .Values.image.tag }}
100 imagePullPolicy: {{ .Values.image.pullPolicy }}
101 ports:
102 - name: http
103 containerPort: 8080
104 protocol: TCP
105 command:
106 - pcloud-installer
107 - appmanager
108 - --repo-addr={{ .Values.repoAddr }}
109 - --ssh-key=/pcloud/ssh-key/private
110 - --port=8080
111 volumeMounts:
112 - name: ssh-key
113 readOnly: true
114 mountPath: /pcloud/ssh-key