aws-ssm/templates/deployment.yaml
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "ssm.fullname" . }}
labels:
app: {{ template "ssm.name" . }}
app.kubernetes.io/name: {{ template "ssm.name" . }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
app.kubernetes.io/instance: {{ .Release.Name }}
app.kubernetes.io/version: {{ .Chart.AppVersion }}
helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxSurge: 1
maxUnavailable: 0
selector:
matchLabels:
app: {{ template "ssm.name" . }}
release: {{ .Release.Name }}
template:
metadata:
labels:
app: {{ template "ssm.name" . }}
release: {{ .Release.Name }}
{{- with .Values.podAnnotations }}
annotations:
{{ . | toYaml | indent 8 }}
{{- end }}
spec:
{{- if .Values.rbac.enabled }}
serviceAccountName: {{ template "ssm.fullname" . }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
image: {{ .Values.image.name }}:{{ .Values.image.tag }}
ports:
- name: http
containerPort: {{ .Values.metrics_port }}
livenessProbe:
initialDelaySeconds: 30
timeoutSeconds: 3
httpGet:
path: /healthz
port: {{ .Values.metrics_port }}
readinessProbe:
initialDelaySeconds: 15
periodSeconds: 5
httpGet:
path: /healthz
port: {{ .Values.metrics_port }}
{{ if and (ne .Values.aws.secret_key "") (ne .Values.aws.access_key "") -}}
envFrom:
- secretRef:
name: aws-ssm-credentials
{{ end -}}
env:
- name: METRICS_URL
value: 0.0.0.0:{{ .Values.metrics_port }}
- name: AWS_REGION
value: "{{ .Values.aws.region }}"
{{ if ne .Values.host_ssl_dir "" -}}
volumeMounts:
- mountPath: {{ .Values.ssl.mount_path }}
name: aws-host-ca-certificates
{{ end -}}
resources:
{{ toYaml .Values.resources | indent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 8 }}
{{- end }}
{{ if or ( ne .Values.host_ssl_dir "") (.Values.ssl.mount_host) -}}
volumes:
- name: aws-host-ca-certificates
hostPath:
path: {{ .Values.ssl.host_path }}
{{- end }}