96 lines
2.9 KiB
YAML
96 lines
2.9 KiB
YAML
{{- if .Values.natsbox.enabled }}
|
|
---
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "nats.fullname" . }}-box
|
|
namespace: {{ .Release.Namespace | quote }}
|
|
labels:
|
|
app: {{ include "nats.fullname" . }}-box
|
|
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: {{ include "nats.fullname" . }}-box
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: {{ include "nats.fullname" . }}-box
|
|
{{- if .Values.natsbox.podAnnotations }}
|
|
annotations:
|
|
{{- range $key, $value := .Values.natsbox.podAnnotations }}
|
|
{{ $key }}: {{ $value | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
spec:
|
|
{{- with .Values.natsbox.affinity }}
|
|
affinity:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
volumes:
|
|
{{- if .Values.natsbox.credentials }}
|
|
- name: nats-sys-creds
|
|
secret:
|
|
secretName: {{ .Values.natsbox.credentials.secret.name }}
|
|
{{- end }}
|
|
{{- with .Values.nats.tls }}
|
|
{{ $secretName := .secret.name }}
|
|
- name: {{ $secretName }}-clients-volume
|
|
secret:
|
|
secretName: {{ $secretName }}
|
|
{{- end }}
|
|
{{- with .Values.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
containers:
|
|
- name: nats-box
|
|
image: {{ .Values.natsbox.image }}
|
|
imagePullPolicy: {{ .Values.natsbox.pullPolicy }}
|
|
resources:
|
|
{{- toYaml .Values.natsbox.resources | nindent 10 }}
|
|
env:
|
|
- name: NATS_URL
|
|
value: {{ template "nats.fullname" . }}
|
|
{{- if .Values.natsbox.credentials }}
|
|
- name: USER_CREDS
|
|
value: /etc/nats-config/creds/{{ .Values.natsbox.credentials.secret.key }}
|
|
- name: USER2_CREDS
|
|
value: /etc/nats-config/creds/{{ .Values.natsbox.credentials.secret.key }}
|
|
{{- end }}
|
|
{{- with .Values.nats.tls }}
|
|
{{ $secretName := .secret.name }}
|
|
lifecycle:
|
|
postStart:
|
|
exec:
|
|
command:
|
|
- /bin/sh
|
|
- -c
|
|
- cp /etc/nats-certs/clients/{{ $secretName }}/* /usr/local/share/ca-certificates && update-ca-certificates
|
|
{{- end }}
|
|
command:
|
|
- "tail"
|
|
- "-f"
|
|
- "/dev/null"
|
|
volumeMounts:
|
|
{{- if .Values.natsbox.credentials }}
|
|
- name: nats-sys-creds
|
|
mountPath: /etc/nats-config/creds
|
|
{{- end }}
|
|
{{- with .Values.nats.tls }}
|
|
#######################
|
|
# #
|
|
# TLS Volumes Mounts #
|
|
# #
|
|
#######################
|
|
{{ $secretName := .secret.name }}
|
|
- name: {{ $secretName }}-clients-volume
|
|
mountPath: /etc/nats-certs/clients/{{ $secretName }}
|
|
{{- end }}
|
|
{{- with .Values.securityContext }}
|
|
securityContext:
|
|
{{ toYaml . | indent 8 }}
|
|
{{- end }}
|
|
{{- end }}
|