{{if or (eq .Values.global.platform "kubernetes") (eq .Values.global.openshift.deploymentType "deployments")}} {{if .Values.gerrit.deploy}} kind: Deployment apiVersion: apps/v1 metadata: labels: app: {{ .Values.gerrit.name }} {{- include "gerrit-operator.labels" . | nindent 4 }} {{- with .Values.gerrit.annotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} name: {{ .Values.gerrit.name }} spec: replicas: 1 selector: matchLabels: app: {{ .Values.gerrit.name }} template: metadata: labels: app: {{ .Values.gerrit.name }} spec: volumes: - name: {{ .Values.gerrit.name }}-data persistentVolumeClaim: claimName: {{ .Values.gerrit.name }}-data {{- if .Values.gerrit.caCerts.enabled }} - name: ca-certs secret: secretName: {{ .Values.gerrit.caCerts.secret }} {{- end }} initContainers: {{- if .Values.gerrit.caCerts.enabled }} - name: ca-certs image: {{ default "adoptopenjdk/openjdk11:alpine" .Values.gerrit.caCerts.image }} imagePullPolicy: {{ .Values.gerrit.imagePullPolicy }} command: ["sh"] args: ["-c", "cp -f \"${JAVA_HOME}/lib/security/cacerts\" /tmp/certs/cacerts; if [ \"$(ls /tmp/secrets/ca-certs)\" ]; then for f in /tmp/secrets/ca-certs/*; do keytool -importcert -file \"${f}\" -alias \"$(basename \"${f}\")\" -keystore /tmp/certs/cacerts -storepass changeit -trustcacerts -noprompt; done; fi;"] volumeMounts: - mountPath: /tmp/certs name: {{ .Values.gerrit.name }}-data subPath: certs - mountPath: /tmp/secrets/ca-certs name: ca-certs {{- end }} containers: - name: {{ .Values.gerrit.name }} image: {{ .Values.gerrit.image }}:{{ .Values.gerrit.version }} imagePullPolicy: "{{ .Values.gerrit.imagePullPolicy }}" ports: - containerPort: 8080 protocol: TCP env: - name: HTTPD_LISTENURL value: 'proxy-https://*:8080' - name: WEBURL value: https://{{if .Values.gerrit.basePath}}{{ .Values.global.dnsWildCard }}{{else}}gerrit-{{ .Release.Namespace }}.{{ .Values.global.dnsWildCard }}{{end}} - name: GERRIT_INIT_ARGS value: '--install-plugin=delete-project --install-plugin=plugin-manager --install-plugin=commit-message-length-validator --install-plugin=download-commands --install-plugin=hooks --install-plugin=reviewnotes --install-plugin=singleusergroup --install-plugin=replication --install-plugin=webhooks' - name: JAVA_OPTIONS value: {{ template "gerrit.javaOptions" . }} {{- with .Values.gerrit.extraEnv }} {{- toYaml . | nindent 12 }} {{- end }} resources: {{ toYaml .Values.gerrit.resources | indent 12 }} volumeMounts: - name: {{ .Values.gerrit.name }}-data mountPath: /var/gerrit/review_site {{- if .Values.gerrit.caCerts.enabled }} - name: {{ .Values.gerrit.name }}-data mountPath: /var/gerrit/review_site/certs subPath: certs {{- end }} readinessProbe: httpGet: path: / port: 8080 scheme: HTTP initialDelaySeconds: 60 timeoutSeconds: 10 periodSeconds: 10 successThreshold: 1 failureThreshold: 3 terminationMessagePath: /dev/termination-log terminationMessagePolicy: File restartPolicy: Always terminationGracePeriodSeconds: 30 dnsPolicy: ClusterFirst serviceAccountName: {{ .Values.gerrit.name }} serviceAccount: {{ .Values.gerrit.name }} schedulerName: default-scheduler {{- with .Values.gerrit.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.gerrit.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.gerrit.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} strategy: type: Recreate revisionHistoryLimit: 10 progressDeadlineSeconds: 600 {{end}} {{end}}