apiVersion: {{ .Values.rollout.enabled | ternary "argoproj.io/v1alpha1" "apps/v1" }} kind: {{ .Values.rollout.enabled | ternary "Rollout" "Deployment" }} metadata: name: {{ include "common.names.fullname" . }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} revisionHistoryLimit: {{ .Values.revisionHistoryLimit }} selector: matchLabels: {{ include "common.labels.matchLabels" . | nindent 6 }} strategy: {{- if .Values.rollout.enabled }} {{- if eq .Values.rollout.strategy.type "BlueGreen" }} blueGreen: activeService: {{ default (include "common.names.fullname" .) .Values.rollout.strategy.blueGreen.activeService | quote }} {{- if .Values.exposed }} previewService: {{ default (include "common.names.suffixedName" (dict "root" . "suffix" "preview")) .Values.rollout.strategy.blueGreen.previewService | quote }} {{- end }} autoPromotionEnabled: {{ .Values.rollout.strategy.blueGreen.autoPromotionEnabled }} previewReplicaCount: {{ .Values.rollout.strategy.blueGreen.previewReplicaCount }} antiAffinity: {{- .Values.rollout.strategy.blueGreen.antiAffinity | toYaml | nindent 8 }} scaleDownDelaySeconds: {{ .Values.rollout.strategy.blueGreen.scaleDownDelaySeconds }} # Add additional Blue-Green specific configurations here as needed {{- else if eq .Values.rollout.strategy.type "Canary" }} canary: {{- toYaml .Values.rollout.strategy.canary | nindent 6 }} {{- else if eq .Values.rollout.strategy.type "RollingUpdate" }} rollingUpdate: {{- toYaml .Values.rollout.strategy.rollingUpdate | nindent 6 }} {{- end }} {{- else }} {{- .Values.deployment.strategy | toYaml | nindent 4 }} {{- end }} template: metadata: {{ if .Values.podAnnotations }} annotations: {{- toYaml .Values.podAnnotations | nindent 8 }} {{ end }} labels: {{- include "common.labels.standard" . | nindent 8 }} spec: imagePullSecrets: {{- toYaml .Values.image.pullSecrets | nindent 8 }} volumes: - name: jwt secret: secretName: {{ .Values.application.jwt.secretName }} {{- if .Values.extraVolumes }} {{- .Values.extraVolumes | toYaml | nindent 8 }} {{- end }} containers: - name: {{ .Chart.Name }} {{- with .Values.podSecurityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} {{- if .Values.exposed }} ports: - name: http containerPort: {{ .Values.httpContainerPort }} protocol: TCP {{- end }} {{- if .Values.customLivenessProbe }} livenessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customLivenessProbe "context" $) | nindent 12 }} {{- else if .Values.livenessProbe.enabled }} livenessProbe: httpGet: path: /live port: 9000 initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} successThreshold: {{ .Values.livenessProbe.successThreshold }} failureThreshold: {{ .Values.livenessProbe.failureThreshold }} {{- end }} {{- if .Values.customReadinessProbe }} readinessProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customReadinessProbe "context" $) | nindent 12 }} {{- else if .Values.readinessProbe.enabled }} readinessProbe: httpGet: path: /ready port: 9000 initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} successThreshold: {{ .Values.readinessProbe.successThreshold }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} {{- end }} {{- if .Values.customStartupProbe }} startupProbe: {{- include "common.tplvalues.render" (dict "value" .Values.customStartupProbe "context" $) | nindent 12 }} {{- else if .Values.startupProbe.enabled }} startupProbe: httpGet: path: /live port: 9000 initialDelaySeconds: {{ .Values.startupProbe.initialDelaySeconds }} periodSeconds: {{ .Values.startupProbe.periodSeconds }} timeoutSeconds: {{ .Values.startupProbe.timeoutSeconds }} successThreshold: {{ .Values.startupProbe.successThreshold }} failureThreshold: {{ .Values.startupProbe.failureThreshold }} {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- if .Values.lifecycleHooks }} lifecycle: {{- include "common.tplvalues.render" (dict "value" .Values.lifecycleHooks "context" $) | nindent 12 }} {{- end }} volumeMounts: {{- if .Values.application.jwt.enabled }} - name: jwt mountPath: /secrets/jwk.json subPath: {{ .Values.application.jwt.jwkSecretKey }} readOnly: true - name: jwt mountPath: /secrets/jwk-old.json subPath: {{ .Values.application.jwt.jwkOldSecretKey }} readOnly: true {{- end }} {{- if .Values.extraVolumeMounts }} {{- .Values.extraVolumeMounts | toYaml | nindent 12 }} {{- end }} env: - name: LOGLEVEL value: {{ .Values.application.logLevel }} - name: LOG_REQUESTS {{- if .Values.application.jwt.enabled }} value: {{ .Values.application.logRequests | quote }} - name: JWK_FILE value: /secrets/jwk.json - name: OLDJWK_FILE value: /secrets/jwk-old.json {{- end }} {{- if .Values.application.pg.enabled }} - name: DATABASE_URL valueFrom: secretKeyRef: name: {{ .Values.application.pg.uriSecretName }} key: {{ .Values.application.pg.uriSecretKey }} {{- end }} {{- if .Values.application.hasura.enabled }} - name: HASURA_GRAPHQL_URL value: {{ .Values.application.hasura.graphqlUrl }} - name: HASURA_GRAPHQL_ADMIN_SECRET valueFrom: secretKeyRef: name: {{ .Values.application.hasura.adminSecretName }} key: {{ .Values.application.hasura.adminSecretKey }} {{- end }} {{- if .Values.application.amqp.enabled }} - name: AMQP_URL valueFrom: secretKeyRef: name: {{ .Values.application.amqp.uriSecretName }} key: {{ .Values.application.amqp.uriSecretKey }} {{- end }} {{- if .Values.application.minio.enabled }} - name: MINIO_ENDPOINT value: {{ .Values.application.minio.endpoint }} - name: MINIO_PORT value: {{ .Values.application.minio.port | quote }} - name: MINIO_ACCESS_KEY valueFrom: secretKeyRef: name: {{ .Values.application.minio.secretName }} key: {{ .Values.application.minio.accessKeySecretKey }} - name: MINIO_SECRET_KEY valueFrom: secretKeyRef: name: {{ .Values.application.minio.secretName }} key: {{ .Values.application.minio.secretKeySecretKey }} {{- end }} {{- if .Values.extraEnv }} {{ (tpl (.Values.extraEnv | toYaml) $) | nindent 12 }} {{- end }} {{- range $name, $value := .Values.envMap }} - name: "{{ $name }}" {{- if kindIs "string" $value }} value: {{ (tpl $value $) | quote }} {{- else }} {{- (tpl ($value | toYaml) $) | nindent 14 }} {{- end }} {{- end }} {{- if .Values.sidecars }} {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} {{- end }} {{- if .Values.initContainers }} initContainers: {{- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} {{- end }} {{- with .Values.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} nodeSelector: {{- toYaml .Values.nodeSelector | nindent 8 }} affinity: {{- toYaml .Values.affinity | nindent 8 }} tolerations: {{- toYaml .Values.tolerations | nindent 8 }}