apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "..fullname" . }} labels: {{- include "..labels" . | nindent 4 }} spec: {{- if .Values.site.resources }} replicas: {{ .Values.site.resources.replicas | default 1 }} {{- else }} replicas: 1 {{- end }} selector: matchLabels: {{- include "..selector-labels" . | nindent 6 }} template: metadata: labels: {{- include "..selector-labels" . | nindent 8 }} spec: securityContext: fsGroup: 101 volumes: - name: serverconfig configMap: name: {{ include "..fullname" . }}-cfg {{- if and .Values.secrets .Values.secrets.external }} {{- range .Values.secrets.external }} {{- if eq .type "file" }} - name: {{ .name }} secret: secretName: {{- include "..fullname" $ }}-exts-{{ .name }} {{- end }} {{- end }} {{- end }} {{- if .Values.storage.kubernetes }} {{- range .Values.storage.kubernetes }} - name: {{ .name }} {{- if eq .type "secret" }} secret: secretName: "{{- include "..fullname" $ }}-sec-{{ .name }}" {{- end }} {{- if eq .type "configmap" }} configMap: name: "{{- include "..fullname" $ }}-sec-{{ .name }}" {{- end }} {{- end }} {{- end }} {{- if .Values.storage.cloud.active }} - name: cloud persistentVolumeClaim: claimName: pvc-{{- include "..name" . }}-cloud {{- end }} {{- if .Values.storage.local.active }} - name: local persistentVolumeClaim: claimName: pvc-{{- include "..name" . }}-local {{- end }} {{- if and .Values.secrets .Values.secrets.external }} {{- range .Values.secrets.external }} {{- if eq .type "docker" }} imagePullSecrets: - name: "{{- include "..fullname" $ }}-exts-{{ .name }}" {{- end }} {{- end }} {{- end }} {{- if .Values.storage.kubernetes }} {{- range .Values.storage.kubernetes }} {{- if eq .type "docker" }} imagePullSecrets: - name: "{{- include "..fullname" $ }}-sec-{{ .name }}" {{- end }} {{- end }} {{- end }} {{- if not .Values.init.asJob }} initContainers: {{- if and .Values.storage.cloud.active .Values.storage.local.active .Values.storage.local.cloneCloud }} - name: init-local-storage securityContext: allowPrivilegeEscalation: false runAsUser: 0 image: cloudyne/ubuntu-ci:latest command: ["python3"] args: ["/usr/local/bin/storage-clone", "/mnt/cloud", "/mnt/local"] imagePullPolicy: Always volumeMounts: - name: cloud mountPath: /mnt/cloud - name: local mountPath: /mnt/local {{- end }} - name: init-site securityContext: allowPrivilegeEscalation: false runAsUser: 0 image: "{{ .Values.site.image }}" imagePullPolicy: Always volumeMounts: - name: serverconfig mountPath: /init-go/config.json subPath: init.json {{- if .Values.storage.cloud.active }} - name: cloud mountPath: "/mnt/cloud" {{- end }} {{- if .Values.storage.local.active }} {{- range .Values.storage.folders }} - name: local mountPath: "/app/web/app/{{ . }}" subPath: "{{ . }}" {{- end }} {{- else }} {{- if .Values.storage.cloud.active }} {{- range .Values.storage.folders }} - name: cloud mountPath: "/app/web/app/{{ . }}" subPath: "{{ . }}" {{- end }} {{- end }} {{- end }} envFrom: - configMapRef: name: {{ include "..fullname" . }}-env {{- if and .Values.secrets .Values.secrets.external }} {{- range .Values.secrets.external }} {{- if eq .type "env" }} - secretRef: name: "{{- include "..fullname" $ }}-exts-{{ .name }}" {{- end }} {{- end }} {{- end }} - secretRef: name: {{ include "..fullname" . }}-db-auth command: ["sh"] args: ["-c", "/init-go/init-go"] {{- end }} containers: - name: wordpress securityContext: runAsUser: 101 image: "{{ .Values.site.image }}" imagePullPolicy: Always volumeMounts: - name: serverconfig mountPath: /docker-entrypoint.d/unit.json subPath: unit.json {{- if .Values.storage.cloud.active }} - name: cloud mountPath: "/mnt/cloud" {{- end }} {{- if .Values.storage.local.active }} {{- range .Values.storage.folders }} {{- if or ( eq . certificates ) ( eq . secrets ) }} - name: cloud mountPath: "/app/{{ . }}" subPath: "{{ . }}" {{- else }} - name: cloud mountPath: "/app/web/app/{{ . }}" subPath: "{{ . }}" {{- end }} {{- end }} {{- else }} {{- if .Values.storage.cloud.active }} {{- range .Values.storage.folders }} - name: cloud mountPath: "/app/web/app/{{ . }}" subPath: "{{ . }}" {{- end }} {{- end }} {{- end }} {{- include "..resourcelimits" . | nindent 10 }} envFrom: - configMapRef: name: {{ include "..fullname" . }}-env {{- if and .Values.secrets .Values.secrets.external }} {{- range .Values.secrets.external }} {{- if eq .type "env" }} - secretRef: name: "{{- include "..fullname" $ }}-exts-{{ .name }}" {{- end }} {{- end }} {{- end }} - secretRef: name: {{ include "..fullname" . }}-db-auth ports: - containerPort: 8080 name: http protocol: TCP