237 lines
9.1 KiB
YAML
237 lines
9.1 KiB
YAML
{{- include "hydra.automigration.typeVerification" . -}}
|
|
{{- $migrationExtraEnv := ternary .Values.deployment.automigration.extraEnv .Values.deployment.extraEnv (not (empty .Values.deployment.automigration.extraEnv )) -}}
|
|
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "hydra.fullname" . }}
|
|
{{- if .Release.Namespace }}
|
|
namespace: {{ .Release.Namespace }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "hydra.labels" . | nindent 4 }}
|
|
{{- with .Values.deployment.labels }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
annotations:
|
|
{{- with .Values.deployment.annotations }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
spec:
|
|
{{- if not .Values.deployment.autoscaling.enabled }}
|
|
replicas: {{ .Values.replicaCount }}
|
|
{{- end }}
|
|
revisionHistoryLimit: {{ .Values.deployment.revisionHistoryLimit }}
|
|
strategy:
|
|
{{- toYaml .Values.deployment.strategy | nindent 4 }}
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: {{ include "hydra.name" . }}
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{- include "hydra.labels" . | nindent 8 }}
|
|
{{- with .Values.deployment.labels }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $.Values.deployment.podMetadata.labels }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
annotations:
|
|
{{- include "hydra.annotations.checksum" . | nindent 8 -}}
|
|
{{- with .Values.deployment.annotations }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with $.Values.deployment.podMetadata.annotations }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
spec:
|
|
{{- with .Values.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
volumes:
|
|
- name: {{ include "hydra.name" . }}-config-volume
|
|
configMap:
|
|
name: {{ include "hydra.fullname" . }}
|
|
{{- if .Values.deployment.extraVolumes }}
|
|
{{- toYaml .Values.deployment.extraVolumes | nindent 8 }}
|
|
{{- end }}
|
|
serviceAccountName: {{ include "hydra.serviceAccountName" . }}
|
|
automountServiceAccountToken: {{ .Values.deployment.automountServiceAccountToken }}
|
|
terminationGracePeriodSeconds: {{ .Values.deployment.terminationGracePeriodSeconds }}
|
|
containers:
|
|
- name: {{ .Chart.Name }}
|
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
command: {{- toYaml .Values.hydra.command | nindent 12 }}
|
|
{{- if .Values.hydra.customArgs }}
|
|
args: {{- toYaml .Values.hydra.customArgs | nindent 12 }}
|
|
{{- else }}
|
|
args:
|
|
- serve
|
|
- all
|
|
{{- if .Values.hydra.dev }}
|
|
- "--dev"
|
|
{{- end }}
|
|
- --config
|
|
- /etc/config/hydra.yaml
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: {{ include "hydra.name" . }}-config-volume
|
|
mountPath: /etc/config
|
|
readOnly: true
|
|
{{- if .Values.deployment.extraVolumeMounts }}
|
|
{{- toYaml .Values.deployment.extraVolumeMounts | nindent 12 }}
|
|
{{- end }}
|
|
ports:
|
|
- name: http-public
|
|
containerPort: {{ .Values.hydra.config.serve.public.port }}
|
|
protocol: TCP
|
|
- name: http-admin
|
|
containerPort: {{ .Values.hydra.config.serve.admin.port }}
|
|
protocol: TCP
|
|
{{- if .Values.deployment.customLivenessProbe }}
|
|
livenessProbe:
|
|
{{- toYaml .Values.deployment.customLivenessProbe | nindent 12 }}
|
|
{{- end }}
|
|
readinessProbe:
|
|
{{- if .Values.deployment.customReadinessProbe }}
|
|
{{- toYaml .Values.deployment.customReadinessProbe | nindent 12 }}
|
|
{{- else }}
|
|
httpGet:
|
|
path: /health/alive
|
|
port: {{ .Values.hydra.config.serve.admin.port }}
|
|
httpHeaders:
|
|
- name: Host
|
|
value: '127.0.0.1'
|
|
{{- toYaml .Values.deployment.readinessProbe | nindent 12 }}
|
|
{{- end }}
|
|
startupProbe:
|
|
{{- if .Values.deployment.customStartupProbe }}
|
|
{{- toYaml .Values.deployment.customStartupProbe | nindent 12 }}
|
|
{{- else }}
|
|
httpGet:
|
|
path: /health/ready
|
|
port: {{ .Values.hydra.config.serve.admin.port }}
|
|
httpHeaders:
|
|
- name: Host
|
|
value: '127.0.0.1'
|
|
{{- toYaml .Values.deployment.startupProbe | nindent 12 }}
|
|
{{- end }}
|
|
env:
|
|
{{- $issuer := include "hydra.config.urls.issuer" . -}}
|
|
{{- if $issuer }}
|
|
- name: URLS_SELF_ISSUER
|
|
value: {{ $issuer | quote }}
|
|
{{- end }}
|
|
{{- if not (empty ( include "hydra.dsn" . )) }}
|
|
{{- if not (include "ory.extraEnvContainsEnvName" (list .Values.deployment.extraEnv "DSN")) }}
|
|
- name: DSN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "hydra.secretname" . }}
|
|
key: dsn
|
|
{{- end }}
|
|
{{- end }}
|
|
- name: SECRETS_SYSTEM
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "hydra.secretname" . }}
|
|
key: secretsSystem
|
|
- name: SECRETS_COOKIE
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "hydra.secretname" . }}
|
|
key: secretsCookie
|
|
{{- if .Values.deployment.extraEnv }}
|
|
{{- tpl (toYaml .Values.deployment.extraEnv) . | nindent 12 }}
|
|
{{- end }}
|
|
resources:
|
|
{{- toYaml .Values.deployment.resources | nindent 12 }}
|
|
{{- if .Values.deployment.securityContext }}
|
|
securityContext:
|
|
{{- toYaml .Values.deployment.securityContext | nindent 12 }}
|
|
{{- end }}
|
|
lifecycle:
|
|
{{- toYaml .Values.deployment.lifecycle | nindent 12 }}
|
|
{{- if .Values.deployment.extraContainers }}
|
|
{{- tpl .Values.deployment.extraContainers . | nindent 8 }}
|
|
{{- end }}
|
|
initContainers:
|
|
{{- if .Values.deployment.extraInitContainers }}
|
|
{{- tpl .Values.deployment.extraInitContainers . | nindent 8 }}
|
|
{{- end }}
|
|
{{- if and ( .Values.hydra.automigration.enabled ) ( eq .Values.hydra.automigration.type "initContainer" ) }}
|
|
- name: {{ .Chart.Name }}-automigrate
|
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
{{- if .Values.hydra.automigration.customCommand }}
|
|
command: {{- toYaml .Values.hydra.automigration.customCommand | nindent 12 }}
|
|
{{- else }}
|
|
command: ["hydra"]
|
|
{{- end }}
|
|
{{- if .Values.hydra.automigration.customArgs }}
|
|
args: {{- toYaml .Values.hydra.automigration.customArgs | nindent 12 }}
|
|
{{- else }}
|
|
args: ["migrate", "sql", "-e", "--yes", "--config", "/etc/config/hydra.yaml"]
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: {{ include "hydra.name" . }}-config-volume
|
|
mountPath: /etc/config
|
|
readOnly: true
|
|
{{- with .Values.deployment.extraVolumeMounts }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
env:
|
|
{{- if not (empty ( include "hydra.dsn" . )) }}
|
|
{{- if not (include "ory.extraEnvContainsEnvName" (list $migrationExtraEnv "DSN")) }}
|
|
- name: DSN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "hydra.secretname" . }}
|
|
key: dsn
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if $migrationExtraEnv }}
|
|
{{- tpl (toYaml $migrationExtraEnv) . | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.hydra.automigration.resources }}
|
|
resources:
|
|
{{- toYaml .Values.hydra.automigration.resources | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.deployment.initContainerSecurityContext }}
|
|
securityContext:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.priorityClassName }}
|
|
priorityClassName: {{ .Values.priorityClassName }}
|
|
{{- end }}
|
|
{{- with .Values.deployment.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.deployment.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.deployment.topologySpreadConstraints }}
|
|
topologySpreadConstraints:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.deployment.podSecurityContext }}
|
|
securityContext:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.deployment.dnsConfig }}
|
|
dnsConfig:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|