template/deployments/helm/charts/templates/deployment.yaml (88 lines of code) (raw):
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Config.GetVariableValue "APPNAME" | printf "{{ include \"%s.fullname\" . }}" }}
labels:
{{ .Config.GetVariableValue "APPNAME" | printf "{{- include \"%s.labels\" . | nindent 4 }}" }}
{{- `
namespace: {{ .Values.namespace }}
` -}}
spec:
{{- `
{{- if not .Values.autoscaling.enabled }}
replicas: {{ .Values.replicaCount }}
{{- end }}
` -}}
selector:
matchLabels:
{{ .Config.GetVariableValue "APPNAME" | printf "{{- include \"%s.selectorLabels\" . | nindent 6 }}" }}
template:
metadata:
{{- `
{{- with .Values.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
` -}}
labels:
{{ .Config.GetVariableValue "APPNAME" | printf "{{- include \"%s.selectorLabels\" . | nindent 8 }}" }}
{{- if eq (.Config.GetVariableValue "ENABLEWORKLOADIDENTITY") "true" }}
azure.workload.identity/use: "true"
{{- end}}
namespace: {{ print "{{ .Values.namespace }}" }}
spec:
{{- `
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
` -}}
{{- if eq (.Config.GetVariableValue "ENABLEWORKLOADIDENTITY") "true" }}
serviceAccountName: {{ .Config.GetVariableValue "SERVICEACCOUNT" }}
{{- end}}
{{- `
securityContext:
{{- toYaml .Values.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.securityContext | nindent 12 }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
ports:
- name: http
containerPort: {{ .Values.containerPort }}
protocol: TCP
livenessProbe:
{{- toYaml .Values.livenessProbe | nindent 12 }}
readinessProbe:
{{- toYaml .Values.readinessProbe | nindent 12 }}
startupProbe:
{{- toYaml .Values.startupProbe | nindent 12 }}
resources:
{{- toYaml .Values.resources | nindent 12 }}
` -}}
envFrom:
- configMapRef:
name: {{ .Config.GetVariableValue "APPNAME" | printf "{{ include \"%s.fullname\" . }}-config" }}
- secretRef:
name: {{ .Config.GetVariableValue "ENVSECRETREF" }}
optional: true
{{- `
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.topologySpreadConstraints }}
topologySpreadConstraints:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
` -}}