github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/prometheus-community/prometheus-adapter/templates/deployment.yaml (about) 1 apiVersion: apps/v1 2 kind: Deployment 3 metadata: 4 {{- if .Values.customAnnotations }} 5 annotations: 6 {{- toYaml .Values.customAnnotations | nindent 4 }} 7 {{- end }} 8 labels: 9 {{- include "k8s-prometheus-adapter.labels" . | indent 4 }} 10 name: {{ template "k8s-prometheus-adapter.fullname" . }} 11 namespace: {{ include "k8s-prometheus-adapter.namespace" . }} 12 spec: 13 replicas: {{ .Values.replicas }} 14 strategy: {{ toYaml .Values.strategy | nindent 4 }} 15 selector: 16 matchLabels: 17 {{- include "k8s-prometheus-adapter.selectorLabels" . | indent 6 }} 18 template: 19 metadata: 20 {{- if .Values.customAnnotations }} 21 annotations: 22 {{- toYaml .Values.customAnnotations | nindent 8 }} 23 {{- end }} 24 labels: 25 {{- include "k8s-prometheus-adapter.labels" . | indent 8 }} 26 {{- with .Values.podLabels }} 27 {{- toYaml . | trim | nindent 8 }} 28 {{- end }} 29 name: {{ template "k8s-prometheus-adapter.name" . }} 30 annotations: 31 checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} 32 {{- with .Values.podAnnotations }} 33 {{- toYaml . | trim | nindent 8 }} 34 {{- end }} 35 spec: 36 serviceAccountName: {{ template "k8s-prometheus-adapter.serviceAccountName" . }} 37 {{- if .Values.hostNetwork.enabled }} 38 hostNetwork: true 39 {{- end }} 40 {{- if .Values.dnsPolicy }} 41 dnsPolicy: {{ .Values.dnsPolicy }} 42 {{- end}} 43 containers: 44 - name: {{ .Chart.Name }} 45 image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 46 imagePullPolicy: {{ .Values.image.pullPolicy }} 47 args: 48 - /adapter 49 - --secure-port={{ .Values.listenPort }} 50 {{- if or .Values.tls.enable .Values.certManager.enabled }} 51 - --tls-cert-file=/var/run/serving-cert/tls.crt 52 - --tls-private-key-file=/var/run/serving-cert/tls.key 53 {{- end }} 54 - --cert-dir=/tmp/cert 55 - --logtostderr=true 56 - --prometheus-url={{ tpl .Values.prometheus.url . }}{{ if .Values.prometheus.port }}:{{ .Values.prometheus.port }}{{end}}{{ .Values.prometheus.path }} 57 - --metrics-relist-interval={{ .Values.metricsRelistInterval }} 58 - --v={{ .Values.logLevel }} 59 - --config=/etc/adapter/config.yaml 60 {{- if .Values.extraArguments }} 61 {{- toYaml .Values.extraArguments | trim | nindent 8 }} 62 {{- end }} 63 ports: 64 - containerPort: {{ .Values.listenPort }} 65 name: https 66 livenessProbe: 67 httpGet: 68 path: /healthz 69 port: https 70 scheme: HTTPS 71 initialDelaySeconds: 30 72 timeoutSeconds: 5 73 readinessProbe: 74 httpGet: 75 path: /healthz 76 port: https 77 scheme: HTTPS 78 initialDelaySeconds: 30 79 timeoutSeconds: 5 80 {{- if .Values.resources }} 81 resources: 82 {{- toYaml .Values.resources | nindent 10 }} 83 {{- end }} 84 {{- with .Values.dnsConfig }} 85 dnsConfig: 86 {{ toYaml . | indent 8 }} 87 {{- end }} 88 securityContext: 89 allowPrivilegeEscalation: false 90 capabilities: 91 drop: ["ALL"] 92 readOnlyRootFilesystem: true 93 runAsNonRoot: true 94 privileged: false 95 {{- if .Values.runAsUser }} 96 runAsUser: {{ .Values.runAsUser }} 97 {{- end }} 98 volumeMounts: 99 {{- if .Values.extraVolumeMounts }} 100 {{ toYaml .Values.extraVolumeMounts | trim | nindent 8 }} 101 {{ end }} 102 - mountPath: /etc/adapter/ 103 name: config 104 readOnly: true 105 - mountPath: /tmp 106 name: tmp 107 {{- if or .Values.tls.enable .Values.certManager.enabled }} 108 - mountPath: /var/run/serving-cert 109 name: volume-serving-cert 110 readOnly: true 111 {{- end }} 112 nodeSelector: 113 {{- toYaml .Values.nodeSelector | nindent 8 }} 114 affinity: 115 {{- toYaml .Values.affinity | nindent 8 }} 116 topologySpreadConstraints: 117 {{- toYaml .Values.topologySpreadConstraints | nindent 8 }} 118 priorityClassName: {{ .Values.priorityClassName }} 119 {{- if .Values.podSecurityContext }} 120 securityContext: 121 {{- toYaml .Values.podSecurityContext | nindent 8 }} 122 {{- end }} 123 tolerations: 124 {{- toYaml .Values.tolerations | nindent 8 }} 125 {{- if .Values.image.pullSecrets }} 126 imagePullSecrets: 127 {{- range .Values.image.pullSecrets }} 128 - name: {{ . }} 129 {{- end }} 130 {{- end }} 131 volumes: 132 {{- if .Values.extraVolumes }} 133 {{ toYaml .Values.extraVolumes | trim | nindent 6 }} 134 {{ end }} 135 - name: config 136 configMap: 137 name: {{ .Values.rules.existing | default (include "k8s-prometheus-adapter.fullname" . ) }} 138 - name: tmp 139 emptyDir: {} 140 {{- if or .Values.tls.enable .Values.certManager.enabled }} 141 - name: volume-serving-cert 142 secret: 143 secretName: {{ template "k8s-prometheus-adapter.fullname" . }} 144 {{- end }}