apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Chart.Name }} labels: app: {{ .Chart.Name }} spec: selector: matchLabels: app: {{ .Chart.Name }} replicas: {{ .Values.replicas }} strategy: rollingUpdate: maxSurge: 25% maxUnavailable: 25% type: RollingUpdate template: metadata: labels: app: {{ .Chart.Name }} collect.logs: "json" annotations: sidecar.istio.io/inject: "false" spec: containers: - name: {{ .Chart.Name }} image: "{{ .Values.image.name }}:{{ .Values.image.version }}" ports: - containerPort: {{ .Values.port }} name: ui livenessProbe: httpGet: path: {{ .Values.livenessPath }} port: {{ .Values.port }} httpHeaders: - name: X-B3-Sampled value: "0" failureThreshold: 10 initialDelaySeconds: 100 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 readinessProbe: httpGet: path: {{ .Values.readinessPath }} port: {{ .Values.port }} httpHeaders: - name: X-B3-Sampled value: "0" failureThreshold: 10 initialDelaySeconds: 100 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 {{- if not .Values.global.disableRequestsLimits }} resources: limits: cpu: 500m memory: 768Mi requests: cpu: 500m memory: 768Mi {{- end }} env: - name: JAVA_OPTS value: {{ .Values.javaOpts }} - name: KAFKA_USER_KEYSTORE_CERTIFICATE valueFrom: secretKeyRef: name: {{ .Values.kafka.user }} key: user.crt - name: KAFKA_USER_KEYSTORE_KEY valueFrom: secretKeyRef: name: {{ .Values.kafka.user }} key: user.key - name: KAFKA_CLUSTER_TRUSTSTORE valueFrom: secretKeyRef: name: {{ .Values.kafka.clusterName }}-cluster-ca-cert key: ca.crt volumeMounts: - name: {{ .Chart.Name }} mountPath: {{ .Values.appConfigMountPath }} - name: {{ .Values.db.secret.name }} mountPath: {{ .Values.appSecretsMountPathBpmsDB }} - name: keycloak-client-{{ .Values.keycloak.client }}-{{ .Values.keycloak.adminRealm.name }}-secret mountPath: {{ .Values.appSecretsMountPathAdminKeycloakClient }} - name: keycloak-client-{{ .Values.keycloak.client }}-{{ .Values.keycloak.officerRealm.name }}-secret mountPath: {{ .Values.appSecretsMountPathOfficerKeycloakClient }} serviceAccountName: {{ .Chart.Name }} {{- if .Values.nodeSelector }} nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }} {{- end }} {{- if .Values.podSecurityContext }} securityContext: {{ toYaml .Values.podSecurityContext | nindent 8 }} {{- end }} volumes: - name: {{ .Chart.Name }} configMap: name: {{ .Chart.Name }} - name: {{ .Values.db.secret.name }} secret: secretName: {{ .Values.db.secret.name }} items: - key: user path: spring.datasource.username - key: password path: spring.datasource.password - name: keycloak-client-{{ .Values.keycloak.client }}-{{ .Values.keycloak.adminRealm.name }}-secret secret: secretName: keycloak-client-{{ .Values.keycloak.client }}-{{ .Values.keycloak.adminRealm.name }}-secret items: - key: clientSecret path: admin-realm.client-secret - name: keycloak-client-{{ .Values.keycloak.client }}-{{ .Values.keycloak.officerRealm.name }}-secret secret: secretName: keycloak-client-{{ .Values.keycloak.client }}-{{ .Values.keycloak.officerRealm.name }}-secret items: - key: clientSecret path: officer-realm.client-secret