# # Copyright The CloudNativePG Contributors # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # --- apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "cloudnative-pg.fullname" . }} labels: {{- include "cloudnative-pg.labels" . | nindent 4 }} {{- with .Values.commonAnnotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "cloudnative-pg.selectorLabels" . | nindent 6 }} template: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/config.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "cloudnative-pg.selectorLabels" . | nindent 8 }} {{- with .Values.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} {{- if .Values.hostNetwork }} hostNetwork: {{ .Values.hostNetwork }} {{- end }} {{- if .Values.dnsPolicy }} dnsPolicy: {{ .Values.dnsPolicy }} {{- end }} containers: - args: - controller - --leader-elect {{- if .Values.config.name }} {{- if not .Values.config.secret }} - --config-map-name={{ .Values.config.name }} {{- else }} - --secret-name={{ .Values.config.name }} {{- end }} {{- end }} - --webhook-port={{ .Values.webhook.port }} {{- range .Values.additionalArgs }} - {{ . }} {{- end }} command: - /manager env: - name: OPERATOR_IMAGE_NAME value: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" - name: OPERATOR_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: MONITORING_QUERIES_CONFIGMAP value: "{{ .Values.monitoringQueriesConfigMap.name }}" {{- if .Values.additionalEnv }} {{- tpl (.Values.additionalEnv | toYaml) . | nindent 8 }} {{- end }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} livenessProbe: httpGet: path: /readyz port: {{ .Values.webhook.port }} scheme: HTTPS {{- if .Values.webhook.livenessProbe.initialDelaySeconds }} initialDelaySeconds: {{ .Values.webhook.livenessProbe.initialDelaySeconds }} {{- end }} name: manager ports: - containerPort: 8080 name: metrics protocol: TCP - containerPort: {{ .Values.webhook.port }} name: webhook-server protocol: TCP readinessProbe: httpGet: path: /readyz port: {{ .Values.webhook.port }} scheme: HTTPS {{- if .Values.webhook.readinessProbe.initialDelaySeconds }} initialDelaySeconds: {{ .Values.webhook.readinessProbe.initialDelaySeconds }} {{- end }} resources: {{- toYaml .Values.resources | nindent 10 }} securityContext: {{- toYaml .Values.containerSecurityContext | nindent 10 }} volumeMounts: - mountPath: /controller name: scratch-data - mountPath: /run/secrets/cnpg.io/webhook name: webhook-certificates {{- if .Values.priorityClassName }} priorityClassName: {{ .Values.priorityClassName }} {{- end }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} serviceAccountName: {{ include "cloudnative-pg.serviceAccountName" . }} terminationGracePeriodSeconds: 10 {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} volumes: - emptyDir: {} name: scratch-data - name: webhook-certificates secret: defaultMode: 420 optional: true secretName: cnpg-webhook-cert