mirror of
https://github.com/kyverno/kyverno.git
synced 2025-04-13 15:57:31 +00:00
160 lines
6.3 KiB
YAML
160 lines
6.3 KiB
YAML
{{- if .Values.cleanupController.enabled -}}
|
|
{{- if not .Values.templating.debug -}}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ template "kyverno.cleanup-controller.name" . }}
|
|
namespace: {{ template "kyverno.namespace" . }}
|
|
labels:
|
|
{{- include "kyverno.cleanup-controller.labels" . | nindent 4 }}
|
|
spec:
|
|
replicas: {{ template "kyverno.deployment.replicas" .Values.cleanupController.replicas }}
|
|
{{- with .Values.cleanupController.updateStrategy }}
|
|
strategy:
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "kyverno.cleanup-controller.matchLabels" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{- include "kyverno.cleanup-controller.labels" . | nindent 8 }}
|
|
{{- with .Values.cleanupController.podLabels }}
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.podAnnotations }}
|
|
annotations: {{ tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
spec:
|
|
{{- with .Values.cleanupController.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.podSecurityContext }}
|
|
securityContext:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.nodeSelector }}
|
|
nodeSelector:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.tolerations }}
|
|
tolerations:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.topologySpreadConstraints }}
|
|
topologySpreadConstraints:
|
|
{{- tpl (toYaml .) $ | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.priorityClassName }}
|
|
priorityClassName: {{ . | quote }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.hostNetwork }}
|
|
hostNetwork: {{ . }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.dnsPolicy }}
|
|
dnsPolicy: {{ . }}
|
|
{{- end }}
|
|
{{- if or .Values.cleanupController.antiAffinity.enabled .Values.cleanupController.podAffinity .Values.cleanupController.nodeAffinity }}
|
|
affinity:
|
|
{{- if .Values.cleanupController.antiAffinity.enabled }}
|
|
{{- with .Values.cleanupController.podAntiAffinity }}
|
|
podAntiAffinity:
|
|
{{- tpl (toYaml .) $ | nindent 10 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.podAffinity }}
|
|
podAffinity:
|
|
{{- tpl (toYaml .) $ | nindent 10 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.nodeAffinity }}
|
|
nodeAffinity:
|
|
{{- tpl (toYaml .) $ | nindent 10 }}
|
|
{{- end }}
|
|
{{- end }}
|
|
serviceAccountName: {{ template "kyverno.cleanup-controller.serviceAccountName" . }}
|
|
containers:
|
|
- name: controller
|
|
image: {{ include "kyverno.cleanup-controller.image" (dict "image" .Values.cleanupController.image "defaultTag" .Chart.AppVersion) | quote }}
|
|
ports:
|
|
- containerPort: 9443
|
|
name: https
|
|
protocol: TCP
|
|
- containerPort: 8000
|
|
name: metrics
|
|
protocol: TCP
|
|
args:
|
|
- --servicePort={{ .Values.cleanupController.service.port }}
|
|
{{- if .Values.cleanupController.tracing.enabled }}
|
|
- --enableTracing
|
|
- --tracingAddress={{ .Values.cleanupController.tracing.address }}
|
|
- --tracingPort={{ .Values.cleanupController.tracing.port }}
|
|
{{- with .Values.cleanupController.tracing.creds }}
|
|
- --tracingCreds={{ . }}
|
|
{{- end }}
|
|
{{- end }}
|
|
- --disableMetrics={{ .Values.cleanupController.metering.disabled }}
|
|
{{- if not .Values.cleanupController.metering.disabled }}
|
|
- --otelConfig={{ .Values.cleanupController.metering.config }}
|
|
- --metricsPort={{ .Values.cleanupController.metering.port }}
|
|
{{- with .Values.cleanupController.metering.collector }}
|
|
- --otelCollector={{ . }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.metering.creds }}
|
|
- --transportCreds={{ . }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- include "kyverno.features.flags" (pick (mergeOverwrite .Values.features .Values.cleanupController.featuresOverride)
|
|
"dumpPayload"
|
|
"logging"
|
|
) | nindent 12 }}
|
|
{{- range $key, $value := .Values.cleanupController.extraArgs }}
|
|
{{- if $value }}
|
|
- --{{ $key }}={{ $value }}
|
|
{{- end }}
|
|
{{- end }}
|
|
env:
|
|
- name: KYVERNO_DEPLOYMENT
|
|
value: {{ template "kyverno.cleanup-controller.name" . }}
|
|
- name: INIT_CONFIG
|
|
value: {{ template "kyverno.config.configMapName" . }}
|
|
- name: METRICS_CONFIG
|
|
value: {{ template "kyverno.config.metricsConfigMapName" . }}
|
|
- name: KYVERNO_POD_NAME
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.name
|
|
- name: KYVERNO_SERVICEACCOUNT_NAME
|
|
value: {{ template "kyverno.cleanup-controller.serviceAccountName" . }}
|
|
- name: KYVERNO_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
- name: KYVERNO_SVC
|
|
value: {{ template "kyverno.cleanup-controller.name" . }}
|
|
{{- with .Values.cleanupController.extraEnvVars }}
|
|
{{- toYaml . | nindent 10 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.resources }}
|
|
resources:
|
|
{{- tpl (toYaml .) $ | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.securityContext }}
|
|
securityContext:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.startupProbe }}
|
|
startupProbe:
|
|
{{- tpl (toYaml .) $ | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.livenessProbe }}
|
|
livenessProbe:
|
|
{{- tpl (toYaml .) $ | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.cleanupController.readinessProbe }}
|
|
readinessProbe:
|
|
{{- tpl (toYaml .) $ | nindent 12 }}
|
|
{{- end }}
|
|
{{- end -}}
|
|
{{- end -}}
|