github.com/verrazzano/verrazzano@v1.7.0/platform-operator/thirdparty/charts/velero/templates/restic-daemonset.yaml (about) 1 {{- if .Values.deployRestic }} 2 {{- $provider := .Values.configuration.provider -}} 3 {{/* 'restic.securityContext' got renamed to 'restic.containerSecurityContext', merge both dicts into one for backward compatibility */}} 4 {{- $containerSecurityContext := merge (.Values.restic.containerSecurityContext | default dict) (.Values.restic.securityContext | default dict) -}} 5 apiVersion: apps/v1 6 kind: DaemonSet 7 metadata: 8 name: restic 9 namespace: {{ .Release.Namespace }} 10 {{- with .Values.restic.annotations }} 11 annotations: 12 {{- toYaml . | nindent 4 }} 13 {{- end }} 14 labels: 15 app.kubernetes.io/name: {{ include "velero.name" . }} 16 app.kubernetes.io/instance: {{ .Release.Name }} 17 app.kubernetes.io/managed-by: {{ .Release.Service }} 18 helm.sh/chart: {{ include "velero.chart" . }} 19 {{- with .Values.restic.labels }} 20 {{- toYaml . | nindent 4 }} 21 {{- end }} 22 spec: 23 selector: 24 matchLabels: 25 name: restic 26 template: 27 metadata: 28 labels: 29 name: restic 30 app.kubernetes.io/name: {{ include "velero.name" . }} 31 app.kubernetes.io/instance: {{ .Release.Name }} 32 app.kubernetes.io/managed-by: {{ .Release.Service }} 33 helm.sh/chart: {{ include "velero.chart" . }} 34 {{- if .Values.podLabels }} 35 {{- toYaml .Values.podLabels | nindent 8 }} 36 {{- end }} 37 {{- with .Values.podAnnotations }} 38 annotations: 39 {{- toYaml . | nindent 8 }} 40 {{- end }} 41 spec: 42 {{- if .Values.image.imagePullSecrets }} 43 imagePullSecrets: 44 {{- range .Values.image.imagePullSecrets }} 45 - name: {{ . }} 46 {{- end }} 47 {{- end }} 48 serviceAccountName: {{ include "velero.serverServiceAccount" . }} 49 {{- with .Values.restic.podSecurityContext }} 50 securityContext: 51 {{- toYaml . | nindent 8 }} 52 {{- end }} 53 {{- if .Values.restic.priorityClassName }} 54 priorityClassName: {{ include "velero.restic.priorityClassName" . }} 55 {{- end }} 56 volumes: 57 {{- if .Values.credentials.useSecret }} 58 - name: cloud-credentials 59 secret: 60 secretName: {{ include "velero.secretName" . }} 61 {{- end }} 62 - name: host-pods 63 hostPath: 64 path: {{ .Values.restic.podVolumePath }} 65 {{- if .Values.restic.useScratchEmptyDir }} 66 - name: scratch 67 emptyDir: {} 68 {{- end }} 69 {{- if .Values.restic.extraVolumes }} 70 {{- toYaml .Values.restic.extraVolumes | nindent 8 }} 71 {{- end }} 72 dnsPolicy: {{ .Values.restic.dnsPolicy }} 73 containers: 74 - name: restic 75 {{- if .Values.image.digest }} 76 image: "{{ .Values.image.repository }}@{{ .Values.image.digest }}" 77 {{- else }} 78 image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 79 {{- end }} 80 imagePullPolicy: {{ .Values.image.pullPolicy }} 81 command: 82 - /velero 83 args: 84 - restic 85 - server 86 {{- with .Values.configuration }} 87 {{- with .features }} 88 - --features={{ . }} 89 {{- end }} 90 {{- with .logLevel }} 91 - --log-level={{ . }} 92 {{- end }} 93 {{- with .logFormat }} 94 - --log-format={{ . }} 95 {{- end }} 96 {{- end }} 97 volumeMounts: 98 {{- if .Values.credentials.useSecret }} 99 - name: cloud-credentials 100 mountPath: /credentials 101 {{- end }} 102 - name: host-pods 103 mountPath: /host_pods 104 mountPropagation: HostToContainer 105 {{- if .Values.restic.useScratchEmptyDir }} 106 - name: scratch 107 mountPath: /scratch 108 {{- end }} 109 {{- if .Values.restic.extraVolumeMounts }} 110 {{- toYaml .Values.restic.extraVolumeMounts | nindent 12 }} 111 {{- end }} 112 {{- if .Values.credentials.extraSecretRef }} 113 envFrom: 114 - secretRef: 115 name: {{ .Values.credentials.extraSecretRef }} 116 {{- end }} 117 env: 118 - name: VELERO_NAMESPACE 119 valueFrom: 120 fieldRef: 121 fieldPath: metadata.namespace 122 - name: NODE_NAME 123 valueFrom: 124 fieldRef: 125 fieldPath: spec.nodeName 126 - name: VELERO_SCRATCH_DIR 127 value: /scratch 128 {{- if .Values.credentials.useSecret }} 129 {{- if eq $provider "aws" }} 130 - name: AWS_SHARED_CREDENTIALS_FILE 131 value: /credentials/cloud 132 {{- else if eq $provider "gcp" }} 133 - name: GOOGLE_APPLICATION_CREDENTIALS 134 value: /credentials/cloud 135 {{- else if eq $provider "azure" }} 136 - name: AZURE_CREDENTIALS_FILE 137 value: /credentials/cloud 138 {{- else if eq $provider "alibabacloud" }} 139 - name: ALIBABA_CLOUD_CREDENTIALS_FILE 140 value: /credentials/cloud 141 {{- end }} 142 {{- end }} 143 {{- with .Values.configuration.extraEnvVars }} 144 {{- range $key, $value := . }} 145 - name: {{ default "none" $key }} 146 value: {{ default "none" $value | quote }} 147 {{- end }} 148 {{- end }} 149 {{- with .Values.credentials.extraEnvVars }} 150 {{- range $key, $value := . }} 151 - name: {{ default "none" $key }} 152 valueFrom: 153 secretKeyRef: 154 name: {{ include "velero.secretName" $ }} 155 key: {{ default "none" $key }} 156 {{- end }} 157 {{- end }} 158 securityContext: 159 privileged: {{ .Values.restic.privileged }} 160 {{- with $containerSecurityContext }} 161 {{- toYaml . | nindent 12 }} 162 {{- end }} 163 {{- with .Values.restic.resources }} 164 resources: 165 {{- toYaml . | nindent 12 }} 166 {{- end }} 167 {{- with .Values.restic.tolerations }} 168 tolerations: 169 {{- toYaml . | nindent 8 }} 170 {{- end }} 171 {{- with .Values.restic.nodeSelector }} 172 nodeSelector: 173 {{- toYaml . | nindent 8 }} 174 {{- end }} 175 {{- end }}