-
Notifications
You must be signed in to change notification settings - Fork 10
/
deployment.yaml
101 lines (100 loc) · 3.23 KB
/
deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
{{/*
Copyright (c) HashiCorp, Inc.
SPDX-License-Identifier: MPL-2.0
*/}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: terraform-enterprise
labels:
app: terraform-enterprise
spec:
replicas: {{ .Values.replicaCount }}
selector:
matchLabels:
app: terraform-enterprise
template:
metadata:
annotations:
{{- if .Values.pod.annotations }}
{{ toYaml .Values.pod.annotations | indent 8 }}
{{ end }}
{{- if .Values.tfe.metrics.enable }}
prometheus.io/path: "/metrics"
prometheus.io/port: "{{ .Values.tfe.metrics.httpPort }}"
prometheus.io/scrape: "true"
{{- end }}
labels:
app: terraform-enterprise
spec:
nodeSelector:
{{- toYaml .Values.nodeSelector | nindent 8 }}
affinity:
{{- toYaml .Values.affinity | nindent 8 }}
tolerations:
{{- toYaml .Values.tolerations | nindent 8 }}
securityContext:
{{- toYaml .Values.securityContext | nindent 8 }}
volumes:
- name: certificates
secret:
secretName: {{ .Values.tls.certificateSecret }}
{{- if .Values.tls.caCertData }}
- name: ca-certificates
secret:
secretName: terraform-enterprise-ca-certificates
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ .Release.Namespace }}
initContainers:
{{ toYaml .Values.initContainers | nindent 8}}
containers:
- name: terraform-enterprise
image: {{ .Values.image.repository }}/{{ .Values.image.name }}:{{ .Values.image.tag }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
envFrom:
- configMapRef:
name: terraform-enterprise-env-config
{{- if .Values.env.configMapRefs }}
{{- range .Values.env.configMapRefs }}
- configMapRef:
name: {{ .name }}
{{- end }}
{{- end }}
- secretRef:
name: terraform-enterprise-env-secrets
{{- if .Values.env.secretRefs }}
{{- range .Values.env.secretRefs }}
- secretRef:
name: {{ .name }}
{{- end }}
{{- end }}
readinessProbe:
httpGet:
path: /_health_check
port: {{ .Values.tfe.privateHttpPort }}
scheme: HTTP
resources:
{{- toYaml .Values.resources | nindent 12 }}
volumeMounts:
- name: certificates
mountPath: {{ .Values.tls.certMountPath }}
subPath: tls.crt
- name: certificates
mountPath: {{ .Values.tls.keyMountPath }}
subPath: tls.key
{{- if .Values.tls.caCertData }}
- name: ca-certificates
mountPath: {{ include "cacert.path" . }}
subPath: {{ .Values.tls.caCertFileName }}
{{- end }}
ports:
- containerPort: {{ .Values.tfe.privateHttpPort }}
- containerPort: {{ .Values.tfe.privateHttpsPort }}
{{- if .Values.tfe.metrics.enable }}
- containerPort: {{.Values.tfe.metrics.httpPort}}
- containerPort: {{.Values.tfe.metrics.httpsPort}}
{{- end }}