174 lines
5.8 KiB
YAML
174 lines
5.8 KiB
YAML
{{ $secretName := include "code-server.fullname" . }}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "code-server.fullname" . }}
|
|
labels:
|
|
app.kubernetes.io/name: {{ include "code-server.name" . }}
|
|
helm.sh/chart: {{ include "code-server.chart" . }}
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
app.kubernetes.io/managed-by: {{ .Release.Service }}
|
|
spec:
|
|
replicas: 1
|
|
strategy:
|
|
type: Recreate
|
|
selector:
|
|
matchLabels:
|
|
app.kubernetes.io/name: {{ include "code-server.name" . }}
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: {{ include "code-server.name" . }}
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
spec:
|
|
imagePullSecrets: {{- toYaml .Values.imagePullSecrets | nindent 8 }}
|
|
{{- if .Values.hostnameOverride }}
|
|
hostname: {{ .Values.hostnameOverride }}
|
|
{{- end }}
|
|
{{- if .Values.priorityClassName }}
|
|
priorityClassName: {{ .Values.priorityClassName }}
|
|
{{- end }}
|
|
{{- if .Values.securityContext.enabled }}
|
|
securityContext:
|
|
fsGroup: {{ .Values.securityContext.fsGroup }}
|
|
fsGroupChangePolicy: "OnRootMismatch" # There's a chmod already, and no other setup is using this volume!
|
|
{{- end }}
|
|
{{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
|
|
initContainers:
|
|
- name: init-chmod-data
|
|
image: busybox:latest
|
|
imagePullPolicy: IfNotPresent
|
|
command:
|
|
- sh
|
|
- -c
|
|
- |
|
|
chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} /home/coder
|
|
securityContext:
|
|
runAsUser: {{ .Values.volumePermissions.securityContext.runAsUser }}
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /home/coder
|
|
{{- if .Values.extraInitContainers }}
|
|
{{ tpl .Values.extraInitContainers . | indent 6}}
|
|
{{- end }}
|
|
{{- end }}
|
|
containers:
|
|
{{- if .Values.extraContainers }}
|
|
{{ tpl .Values.extraContainers . | indent 8}}
|
|
{{- end }}
|
|
- name: {{ .Chart.Name }}
|
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
{{- if .Values.securityContext.enabled }}
|
|
securityContext:
|
|
runAsUser: {{ .Values.securityContext.runAsUser }}
|
|
{{- end }}
|
|
{{- if .Values.lifecycle.enabled }}
|
|
lifecycle:
|
|
{{- if .Values.lifecycle.postStart }}
|
|
postStart:
|
|
{{ toYaml .Values.lifecycle.postStart | nindent 14 }}
|
|
{{- end }}
|
|
{{- if .Values.lifecycle.preStop }}
|
|
preStop:
|
|
{{ toYaml .Values.lifecycle.preStop | nindent 14 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
env:
|
|
{{- if .Values.extraVars }}
|
|
{{ toYaml .Values.extraVars | indent 10 }}
|
|
{{- end }}
|
|
- name: PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ .Values.secret.secretName | default $secretName }}
|
|
key: {{ .Values.secret.passwordField | default "password" }}
|
|
{{- if .Values.extraArgs }}
|
|
args:
|
|
{{ toYaml .Values.extraArgs | indent 10 }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: data
|
|
mountPath: /home/coder
|
|
{{- range .Values.extraConfigmapMounts }}
|
|
- name: {{ .name }}
|
|
mountPath: {{ .mountPath }}
|
|
subPath: {{ .subPath | default "" }}
|
|
readOnly: {{ .readOnly }}
|
|
{{- end }}
|
|
{{- range .Values.extraSecretMounts }}
|
|
- name: {{ .name }}
|
|
mountPath: {{ .mountPath }}
|
|
readOnly: {{ .readOnly }}
|
|
{{- end }}
|
|
{{- range .Values.extraVolumeMounts }}
|
|
- name: {{ .name }}
|
|
mountPath: {{ .mountPath }}
|
|
subPath: {{ .subPath | default "" }}
|
|
readOnly: {{ .readOnly }}
|
|
{{- end }}
|
|
ports:
|
|
- name: http
|
|
containerPort: 8080
|
|
protocol: TCP
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: http
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /
|
|
port: http
|
|
resources:
|
|
{{- toYaml .Values.resources | nindent 12 }}
|
|
{{- with .Values.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.affinity }}
|
|
affinity:
|
|
{{- tpl . $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
serviceAccountName: {{ template "code-server.serviceAccountName" . }}
|
|
volumes:
|
|
- name: data
|
|
{{- if .Values.persistence.enabled }}
|
|
{{- if not .Values.persistence.hostPath }}
|
|
persistentVolumeClaim:
|
|
claimName: {{ .Values.persistence.existingClaim | default (include "code-server.fullname" .) }}
|
|
{{- else }}
|
|
hostPath:
|
|
path: {{ .Values.persistence.hostPath }}
|
|
type: Directory
|
|
{{- end -}}
|
|
{{- else }}
|
|
emptyDir: {}
|
|
{{- end -}}
|
|
{{- range .Values.extraSecretMounts }}
|
|
- name: {{ .name }}
|
|
secret:
|
|
secretName: {{ .secretName }}
|
|
defaultMode: {{ .defaultMode }}
|
|
{{- end }}
|
|
{{- range .Values.extraConfigmapMounts }}
|
|
- name: {{ .name }}
|
|
configMap:
|
|
name: {{ .configMap }}
|
|
defaultMode: {{ .defaultMode }}
|
|
{{- end }}
|
|
{{- range .Values.extraVolumeMounts }}
|
|
- name: {{ .name }}
|
|
{{- if .existingClaim }}
|
|
persistentVolumeClaim:
|
|
claimName: {{ .existingClaim }}
|
|
{{- else }}
|
|
hostPath:
|
|
path: {{ .hostPath }}
|
|
type: Directory
|
|
{{- end }}
|
|
{{- end }}
|