.k8s/live/dev/deployment-worker.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: claim-for-crown-court-defence-worker
namespace: cccd-dev
spec:
replicas: 1
strategy:
type: RollingUpdate
rollingUpdate:
maxUnavailable: 0
maxSurge: 100%
selector:
matchLabels:
app: cccd-worker
tier: worker
template:
metadata:
labels:
app: cccd-worker
tier: worker
spec:
serviceAccountName: cccd-dev-service
containers:
- name: cccd-worker
imagePullPolicy: Always
image: 754256621582.dkr.ecr.eu-west-2.amazonaws.com/laa-get-paid/cccd:set-me
command:
- /bin/sh
- -c
- |
echo "IRB.conf[:USE_AUTOCOMPLETE] = false" >> ~/.irbrc
bundle exec sidekiq
readinessProbe:
exec:
command: ['bin/worker_healthcheck']
initialDelaySeconds: 20
periodSeconds: 30
livenessProbe:
exec:
command: ['bin/worker_healthcheck']
initialDelaySeconds: 30
periodSeconds: 300
securityContext:
capabilities:
drop:
- ALL
runAsNonRoot: true
allowPrivilegeEscalation: false
seccompProfile:
type: RuntimeDefault
# configMapRef: non-secret env vars defined in `app-config.yaml`
# secretRef: secret env vars defined by app secrets
# WHERE env var name matches key name
#
envFrom:
- configMapRef:
name: cccd-app-config
- secretRef:
name: cccd-secrets
# secret env vars defined by infrastructure/terraform
# WHERE env var name does not match key name
env:
- name: DATABASE_URL
valueFrom:
secretKeyRef:
name: cccd-rds
key: url
- name: SETTINGS__AWS__S3__BUCKET
valueFrom:
secretKeyRef:
name: cccd-s3-bucket
key: bucket_name
- name: SETTINGS__AWS__SNS__SUBMITTED_TOPIC_ARN
valueFrom:
secretKeyRef:
name: cccd-messaging
key: topic_arn
- name: AWS_RESPONSE_QUEUE_NAME
valueFrom:
secretKeyRef:
name: cccd-messaging
key: sqs_cccd_name
- name: REDIS_URL
valueFrom:
secretKeyRef:
name: cccd-elasticache-redis
key: url