287 lines
11 KiB
YAML
287 lines
11 KiB
YAML
{{- $fullName := include "pgadmin.fullname" . -}}
|
|
apiVersion: {{ template "deployment.apiVersion" . }}
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ $fullName }}
|
|
namespace: {{ include "pgadmin.namespaceName" . }}
|
|
labels:
|
|
{{- include "pgadmin.labels" . | nindent 4 }}
|
|
{{- if .Values.annotations }}
|
|
annotations:
|
|
{{- if .Values.annotations }}
|
|
{{- .Values.annotations | toYaml | nindent 4 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
spec:
|
|
replicas: {{ .Values.replicaCount }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "pgadmin.selectorLabels" . | nindent 6 }}
|
|
{{- if .Values.strategy }}
|
|
strategy:
|
|
{{- .Values.strategy | toYaml | nindent 4 }}
|
|
{{- end }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/name: {{ include "pgadmin.name" . }}
|
|
app.kubernetes.io/instance: {{ .Release.Name }}
|
|
{{- with (merge .Values.podLabels .Values.commonLabels) }}
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- if or (not .Values.existingSecret) .Values.podAnnotations .Values.templatedPodAnnotations }}
|
|
annotations:
|
|
{{- if .Values.podAnnotations }}
|
|
{{- .Values.podAnnotations | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.templatedPodAnnotations }}
|
|
{{- tpl . $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- if not .Values.existingSecret }}
|
|
checksum/secret: {{ include (print $.Template.BasePath "/auth-secret.yaml") . | sha256sum }}
|
|
{{- end }}
|
|
{{- end }}
|
|
spec:
|
|
{{- if .Values.serviceAccount.create }}
|
|
serviceAccountName: {{ default $fullName .Values.serviceAccount.name }}
|
|
{{- end }}
|
|
{{- if .Values.hostAliases }}
|
|
hostAliases:
|
|
{{- range .Values.hostAliases }}
|
|
- ip: {{ .ip | quote }}
|
|
hostname:
|
|
{{- range .hostnames }}
|
|
- {{ . | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
automountServiceAccountToken: {{ .Values.serviceAccount.automountServiceAccountToken }}
|
|
{{- if or (.Values.VolumePermissions.enabled) .Values.extraInitContainers }}
|
|
initContainers:
|
|
{{- if .Values.VolumePermissions.enabled }}
|
|
- name: init-chmod-data
|
|
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
command: ["/bin/chown", "-R", "5050:5050", "/var/lib/pgadmin"]
|
|
volumeMounts:
|
|
- name: pgadmin-data
|
|
mountPath: /var/lib/pgadmin
|
|
subPath: "{{ .Values.persistentVolume.subPath }}"
|
|
securityContext:
|
|
runAsUser: 0
|
|
resources:
|
|
{{- .Values.init.resources | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.extraInitContainers }}
|
|
{{ tpl . $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.priorityClassName }}
|
|
priorityClassName: "{{ .Values.priorityClassName }}"
|
|
{{- end }}
|
|
containers:
|
|
- name: {{ .Chart.Name }}
|
|
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
{{- if .Values.containerSecurityContext.enabled }}
|
|
securityContext: {{- omit .Values.containerSecurityContext "enabled" | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.command }}
|
|
command:
|
|
{{- toYaml .Values.command | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.args }}
|
|
args:
|
|
{{- toYaml .Values.args | nindent 12 }}
|
|
{{- end }}
|
|
ports:
|
|
- name: {{ .Values.service.portName }}
|
|
containerPort: {{ .Values.containerPorts.http }}
|
|
protocol: TCP
|
|
{{- if .Values.livenessProbe }}
|
|
livenessProbe:
|
|
httpGet:
|
|
port: {{ .Values.service.portName }}
|
|
{{- if .Values.env.contextPath }}
|
|
path: "{{ .Values.env.contextPath }}/misc/ping"
|
|
{{- else }}
|
|
path: /misc/ping
|
|
{{- end }}
|
|
{{- if or (eq (.Values.service.portName | lower) "http") (eq (.Values.service.portName | lower) "https") }}
|
|
scheme: {{ upper .Values.service.portName }}
|
|
{{- end }}
|
|
{{- .Values.livenessProbe | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.startupProbe }}
|
|
startupProbe:
|
|
httpGet:
|
|
port: {{ .Values.service.portName }}
|
|
{{- if .Values.env.contextPath }}
|
|
path: "{{ .Values.env.contextPath }}/misc/ping"
|
|
{{- else }}
|
|
path: /misc/ping
|
|
{{- end }}
|
|
{{- if or (eq (.Values.service.portName | lower) "http") (eq (.Values.service.portName | lower) "https") }}
|
|
scheme: {{ upper .Values.service.portName }}
|
|
{{- end }}
|
|
{{- .Values.startupProbe | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.readinessProbe }}
|
|
readinessProbe:
|
|
httpGet:
|
|
port: {{ .Values.service.portName }}
|
|
{{- if .Values.env.contextPath }}
|
|
path: "{{ .Values.env.contextPath }}/misc/ping"
|
|
{{- else }}
|
|
path: /misc/ping
|
|
{{- end }}
|
|
{{- if or (eq (.Values.service.portName | lower) "http") (eq (.Values.service.portName | lower) "https") }}
|
|
scheme: {{ upper .Values.service.portName }}
|
|
{{- end }}
|
|
{{- .Values.readinessProbe | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
env:
|
|
{{- with .Values.envVarsExtra }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
- name: PGADMIN_CONFIG_ENHANCED_COOKIE_PROTECTION
|
|
value: {{ .Values.env.enhanced_cookie_protection | quote }}
|
|
- name: PGADMIN_DEFAULT_EMAIL
|
|
value: {{ .Values.env.email }}
|
|
{{- if .Values.env.pgpassfile }}
|
|
- name: PGPASSFILE
|
|
value: {{ .Values.env.pgpassfile }}
|
|
{{- end }}
|
|
- name: PGADMIN_DEFAULT_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
{{- if not .Values.existingSecret }}
|
|
name: {{ $fullName }}
|
|
key: password
|
|
{{- else }}
|
|
name: {{ .Values.existingSecret }}
|
|
key: {{ .Values.secretKeys.pgadminPasswordKey }}
|
|
{{- end }}
|
|
{{- if .Values.env.contextPath }}
|
|
- name: SCRIPT_NAME
|
|
value: {{ .Values.env.contextPath }}
|
|
{{- end }}
|
|
{{- if and (.Values.serverDefinitions.enabled) (or (eq .Values.serverDefinitions.resourceType "ConfigMap") (eq .Values.serverDefinitions.resourceType "Secret")) -}}
|
|
{{- if or (.Values.serverDefinitions.existingConfigmap) (.Values.serverDefinitions.existingSecret) (.Values.existingSecret) (.Values.serverDefinitions.servers) }}
|
|
- name: PGADMIN_SERVER_JSON_FILE
|
|
value: /pgadmin4/servers.json
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- range .Values.env.variables }}
|
|
- name: {{ .name | quote }}
|
|
value: {{ .value | quote }}
|
|
{{- end }}
|
|
{{- if or .Values.envVarsFromConfigMaps .Values.envVarsFromSecrets }}
|
|
envFrom:
|
|
{{- range .Values.envVarsFromConfigMaps }}
|
|
- configMapRef:
|
|
name: {{ . | quote }}
|
|
{{- end }}
|
|
{{- range .Values.envVarsFromSecrets }}
|
|
- secretRef:
|
|
name: {{ . | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
volumeMounts:
|
|
- name: pgadmin-data
|
|
mountPath: /var/lib/pgadmin
|
|
subPath: "{{ .Values.persistentVolume.subPath }}"
|
|
{{- if and (.Values.serverDefinitions.enabled) (or (eq .Values.serverDefinitions.resourceType "ConfigMap") (eq .Values.serverDefinitions.resourceType "Secret")) -}}
|
|
{{- if or (.Values.serverDefinitions.existingConfigmap) (.Values.serverDefinitions.existingSecret) (.Values.existingSecret) (.Values.serverDefinitions.servers) }}
|
|
- name: definitions
|
|
mountPath: /pgadmin4/servers.json
|
|
subPath: servers.json
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- range .Values.extraConfigmapMounts }}
|
|
- name: {{ .name }}
|
|
mountPath: {{ .mountPath }}
|
|
subPath: {{ .subPath }}
|
|
readOnly: {{ .readOnly }}
|
|
{{- end }}
|
|
{{- range .Values.extraSecretMounts }}
|
|
- name: {{ .name }}
|
|
mountPath: {{ .mountPath }}
|
|
subPath: {{ .subPath }}
|
|
readOnly: {{ .readOnly }}
|
|
{{- end }}
|
|
{{- if .Values.extraVolumeMounts }}
|
|
{{- .Values.extraVolumeMounts | toYaml | nindent 12 }}
|
|
{{- end }}
|
|
resources:
|
|
{{- .Values.resources | toYaml | nindent 12 }}
|
|
{{- with .Values.extraContainers }}
|
|
{{ tpl . $ | nindent 8 }}
|
|
{{- end }}
|
|
volumes:
|
|
- name: pgadmin-data
|
|
{{- if .Values.persistentVolume.enabled }}
|
|
persistentVolumeClaim:
|
|
claimName: {{ if .Values.persistentVolume.existingClaim }}{{ .Values.persistentVolume.existingClaim }}{{- else }}{{ $fullName }}{{- end }}
|
|
{{- else }}
|
|
emptyDir: {}
|
|
{{- end }}
|
|
{{- range .Values.extraConfigmapMounts }}
|
|
- name: {{ .name }}
|
|
configMap:
|
|
name: {{ tpl (.configMap) $ }}
|
|
defaultMode: {{ .defaultMode | default 256 }}
|
|
{{- end }}
|
|
{{- range .Values.extraSecretMounts }}
|
|
- name: {{ .name }}
|
|
secret:
|
|
secretName: {{ tpl (.secret) $ }}
|
|
defaultMode: {{ .defaultMode | default 256 }}
|
|
{{- end }}
|
|
{{- if .Values.extraVolumes }}
|
|
{{- .Values.extraVolumes | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
{{- if and (.Values.serverDefinitions.enabled) (eq .Values.serverDefinitions.resourceType "Secret") -}}
|
|
{{- if or (.Values.serverDefinitions.existingSecret) (.Values.existingSecret) (.Values.serverDefinitions.servers) }}
|
|
- name: definitions
|
|
secret:
|
|
secretName: {{ include "pgadmin.serverDefinitionsSecret" . }}
|
|
{{- end }}
|
|
{{- else if and (.Values.serverDefinitions.enabled) (eq .Values.serverDefinitions.resourceType "ConfigMap") -}}
|
|
{{ if or (.Values.serverDefinitions.existingConfigmap) (.Values.serverDefinitions.servers) }}
|
|
- name: definitions
|
|
configMap:
|
|
name: {{ include "pgadmin.serverDefinitionsConfigmap" . }}
|
|
items:
|
|
- key: servers.json
|
|
path: servers.json
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- .Values.imagePullSecrets | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.nodeSelector }}
|
|
nodeSelector:
|
|
{{- .Values.nodeSelector | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.securityContext }}
|
|
securityContext:
|
|
{{- .Values.securityContext | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.affinity }}
|
|
affinity:
|
|
{{- .Values.affinity | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.tolerations }}
|
|
tolerations:
|
|
{{- .Values.tolerations | toYaml | nindent 8 }}
|
|
{{- end }}
|
|
{{- if .Values.dnsPolicy }}
|
|
dnsPolicy: {{ .Values.dnsPolicy }}
|
|
{{- end }}
|
|
{{- if .Values.dnsConfig }}
|
|
dnsConfig:
|
|
{{- .Values.dnsConfig | toYaml | nindent 8 }}
|
|
{{- end }}
|