apiVersion: apps/v1 kind: Deployment metadata: {{- with (mergeOverwrite (deepCopy .Values.global.deploymentAnnotations) .Values.back.deploymentAnnotations) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} name: {{ include "kyoo.back.fullname" . }} labels: {{- include "kyoo.labels" (dict "context" . "component" .Values.back.name "name" .Values.back.name) | nindent 4 }} spec: replicas: {{ .Values.back.replicaCount }} {{- with .Values.back.updateStrategy }} strategy: {{- toYaml . | nindent 4 }} {{- end }} selector: matchLabels: {{- include "kyoo.selectorLabels" (dict "context" . "name" .Values.back.name) | nindent 6 }} template: metadata: {{- with (mergeOverwrite (deepCopy .Values.global.podAnnotations) .Values.back.podAnnotations) }} annotations: {{- range $key, $value := . }} {{ $key }}: {{ $value | quote }} {{- end }} {{- end }} labels: {{- include "kyoo.labels" (dict "context" . "component" .Values.back.name "name" .Values.back.name) | nindent 8 }} {{- with (mergeOverwrite (deepCopy .Values.global.podLabels) .Values.back.podLabels) }} {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.back.imagePullSecrets | default .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.global.securityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "kyoo.back.serviceAccountName" . }} initContainers: - name: migrations image: {{ .Values.back.kyoo_migrations.image.repository | default (printf "%s/kyoo_migrations" .Values.global.image.repositoryBase) }}:{{ default (include "kyoo.defaultTag" .) .Values.back.kyoo_migrations.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy }} args: {{- with .Values.back.kyoo_migrations.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} env: - name: POSTGRES_USER valueFrom: secretKeyRef: key: {{ .Values.global.postgres.kyoo_back.kyoo_migrations.userKey }} name: {{ .Values.global.postgres.kyoo_back.kyoo_migrations.existingSecret }} - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: key: {{ .Values.global.postgres.kyoo_back.kyoo_migrations.passwordKey }} name: {{ .Values.global.postgres.kyoo_back.kyoo_migrations.existingSecret }} - name: POSTGRES_DB value: {{ .Values.global.postgres.kyoo_back.database }} - name: POSTGRES_SERVER value: {{ .Values.global.postgres.kyoo_back.host }} - name: POSTGRES_PORT value: "{{ .Values.global.postgres.kyoo_back.port }}" {{- with .Values.back.extraInitContainers }} {{- tpl (toYaml .) $ | nindent 6 }} {{- end }} containers: - name: main image: {{ .Values.back.kyoo_back.image.repository | default (printf "%s/kyoo_back" .Values.global.image.repositoryBase) }}:{{ default (include "kyoo.defaultTag" .) .Values.back.kyoo_back.image.tag }} imagePullPolicy: {{ default .Values.global.image.imagePullPolicy }} args: {{- with .Values.back.kyoo_back.extraArgs }} {{- toYaml . | nindent 12 }} {{- end }} env: - name: TRANSCODER_URL value: "http://{{ include "kyoo.transcoder.fullname" . }}:7666/video" - name: KYOO_PREFIX value: "/api" - name: PUBLIC_URL value: {{ .Values.kyoo.address | quote }} - name: REQUIRE_ACCOUNT_VERIFICATION value: {{ .Values.kyoo.requireAccountVerification | quote }} - name: DEFAULT_PERMISSIONS value: {{ .Values.kyoo.defaultPermissions | quote }} - name: UNLOGGED_PERMISSIONS value: {{ .Values.kyoo.unloggedPermissions | quote}} - name: KYOO_APIKEYS valueFrom: secretKeyRef: key: {{ .Values.kyoo.apikey.apikeyKey }} name: {{ .Values.kyoo.apikey.existingSecret }} - name: POSTGRES_USER valueFrom: secretKeyRef: key: {{ .Values.global.postgres.kyoo_back.kyoo_back.userKey }} name: {{ .Values.global.postgres.kyoo_back.kyoo_back.existingSecret }} - name: POSTGRES_PASSWORD valueFrom: secretKeyRef: key: {{ .Values.global.postgres.kyoo_back.kyoo_back.passwordKey }} name: {{ .Values.global.postgres.kyoo_back.kyoo_back.existingSecret }} - name: POSTGRES_DB value: {{ .Values.global.postgres.kyoo_back.database }} - name: POSTGRES_SERVER value: {{ .Values.global.postgres.kyoo_back.host | quote }} - name: POSTGRES_PORT value: {{ .Values.global.postgres.kyoo_back.port | quote }} - name: RABBITMQ_DEFAULT_USER valueFrom: secretKeyRef: key: {{ .Values.global.rabbitmq.kyoo_back.userKey }} name: {{ .Values.global.rabbitmq.kyoo_back.existingSecret }} - name: RABBITMQ_DEFAULT_PASS valueFrom: secretKeyRef: key: {{ .Values.global.rabbitmq.kyoo_back.passwordKey }} name: {{ .Values.global.rabbitmq.kyoo_back.existingSecret }} - name: RABBITMQ_HOST value: {{ .Values.global.rabbitmq.host | quote }} - name: RABBITMQ_PORT value: {{ .Values.global.rabbitmq.port | quote }} - name: MEILI_HOST value: "{{ .Values.global.meilisearch.proto }}://{{ .Values.global.meilisearch.host }}:{{ .Values.global.meilisearch.port }}" - name: MEILI_MASTER_KEY valueFrom: secretKeyRef: key: {{ .Values.global.meilisearch.kyoo_back.masterkeyKey }} name: {{ .Values.global.meilisearch.kyoo_back.existingSecret }} {{- range $index, $provider := .Values.kyoo.oidc_providers }} - name: OIDC_{{ $provider.name | upper }}_NAME value: {{ $provider.name | quote }} - name: OIDC_{{ $provider.name | upper }}_LOGO value: {{ $provider.logo | quote }} - name: OIDC_{{ $provider.name | upper }}_CLIENTID valueFrom: secretKeyRef: key: {{ $provider.clientIdKey }} name: {{ $provider.existingSecret }} - name: OIDC_{{ $provider.name | upper }}_SECRET valueFrom: secretKeyRef: key: {{ $provider.clientSecretKey }} name: {{ $provider.existingSecret }} - name: OIDC_{{ $provider.name | upper }}_AUTHORIZATION value: {{ $provider.authorizationAddress | quote }} - name: OIDC_{{ $provider.name | upper }}_TOKEN value: {{ $provider.tokenAddress | quote }} - name: OIDC_{{ $provider.name | upper }}_PROFILE value: {{ $provider.profileAddress | quote }} - name: OIDC_{{ $provider.name | upper }}_SCOPE value: {{ $provider.scope | quote }} - name: OIDC_{{ $provider.name | upper }}_AUTHMETHOD value: {{ $provider.authMethod | default "ClientSecretBasic" | quote }} {{- end }} {{- with (concat .Values.global.extraEnv .Values.back.kyoo_back.extraEnv) }} {{- toYaml . | nindent 12 }} {{- end }} ports: - name: main containerPort: 5000 protocol: TCP {{- with .Values.back.kyoo_back.livenessProbe }} livenessProbe: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.back.kyoo_back.readinessProbe }} readinessProbe: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.back.kyoo_back.resources }} resources: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.back.kyoo_back.containerSecurityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} volumeMounts: {{- if .Values.back.persistence.enabled }} - name: backmetadata mountPath: /metadata {{- end }} {{- with .Values.back.kyoo_back.volumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.back.kyoo_back.extraVolumeMounts }} {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.back.extraContainers }} {{- tpl (toYaml .) $ | nindent 8 }} {{- end }} volumes: {{- if .Values.back.persistence.enabled }} {{- if .Values.back.persistence.existingClaim }} - name: backmetadata persistentVolumeClaim: claimName: {{ .Values.back.persistence.existingClaim }} {{- else }} - name: backmetadata persistentVolumeClaim: claimName: {{ include "kyoo.backmetadata.fullname" . }} {{- end }} {{- end }} {{- with .Values.back.volumes }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.back.extraVolumes }} {{- toYaml . | nindent 8 }} {{- end }}