apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "geoServer.fullname" . }} labels: {{- include "geoServer.labels" . | nindent 4 }} spec: selector: matchLabels: {{- include "geoServer.selectorLabels" . | nindent 6 }} replicas: {{ .Values.global.registry.geoServer.replicas }} strategy: type: Recreate template: metadata: labels: collect.logs: "plain-text" {{- include "geoServer.labels" . | nindent 8 }} annotations: backup.velero.io/backup-volumes: {{- include "geoServer.volume.name" . | indent 1 }} {{- if .Values.global.registry.geoServer.istio.sidecar.enabled }} traffic.sidecar.istio.io/excludeOutboundPorts: '6379' sidecar.istio.io/inject: 'true' {{- include "geoServer.istioResources" . | nindent 8 }} {{- end }} spec: containers: - name: {{ template "geoServer.fullname" . }} env: {{- range $name, $value := .Values.global.registry.geoServer.container.envVars }} - name: {{ $name }} value: {{ $value | quote }} {{- end }} {{- if .Values.geoServer.volume.enabled }} - name: GEOSERVER_DATA_DIR value: {{ .Values.geoServer.volume.mountPath }} {{- end }} - name: GEOSERVER_ADMIN_PASSWORD valueFrom: secretKeyRef: name: {{ .Values.geoServer.secret.name }} key: password - name: PROXY_BASE_URL {{- $url := printf "https://%s/geoserver" ( include "geoServer.hostname" . )}} value: {{ $url }} - name: GEOSERVER_CSRF_WHITELIST value: '{{ template "officer-portal.hostname" (dict "root" $ "portal" "officer") }},{{ template "geoServer.hostname" . }}' - name: HTTP_MAX_HEADER_SIZE value: "64000" - name: JAVA_OPTS value: {{ .Values.geoServer.javaOpts }} - name: GEOSERVER_ADMIN_USER value: admin image: "{{ .Values.image.name }}:{{ .Values.image.version }}" ports: - containerPort: {{ .Values.geoServer.service.port }} name: {{.Values.geoServer.service.portName }} - containerPort: {{ .Values.geoServer.jvmMetrics.port }} name: {{.Values.geoServer.jvmMetrics.portName }} livenessProbe: httpGet: path: {{ .Values.geoServer.httpHealthCheckPath }} port: {{ .Values.geoServer.service.port }} failureThreshold: 10 initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 readinessProbe: httpGet: path: {{ .Values.geoServer.httpHealthCheckPath }} port: {{ .Values.geoServer.service.port }} failureThreshold: 10 initialDelaySeconds: 60 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 5 {{- if or .Values.global.registry.geoServer.container.resources.requests .Values.global.registry.geoServer.container.resources.limits }} resources: {{- toYaml .Values.global.registry.geoServer.container.resources | nindent 12 }} {{- end }} volumeMounts: - name: {{- include "geoServer.volume.name" . | indent 1 }} mountPath: {{ .Values.geoServer.volume.mountPath }} readOnly: {{ .Values.geoServer.volume.readOnly }} {{- if .Values.geoServer.serviceAccount.enabled }} serviceAccountName: {{ default ( include "geoServer.serviceAccountName" . ) .Values.geoServer.serviceAccount.name }} {{- end }} {{- if .Values.geoServer.podSecurityContext }} securityContext: {{ toYaml .Values.geoServer.podSecurityContext | nindent 8 }} {{- end }} {{- if .Values.geoServer.volume.enabled }} volumes: - name: {{- include "geoServer.volume.name" . | indent 1 }} persistentVolumeClaim: claimName: {{- include "geoServer.volume.name" . | indent 1 }} {{- end }}