diff --git a/templates/deployment.yaml b/templates/deployment.yaml index 782d32c..8568027 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -22,20 +22,21 @@ spec: labels: {{- include "drone.selectorLabels" . | nindent 8 }} spec: + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} containers: - name: {{ .Chart.Name }} envFrom: - secretRef: name: {{ include "drone.fullname" . }} - securityContext: - {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} + {{- with .Values.livenessProbe }} livenessProbe: - httpGet: - scheme: HTTP - path: /healthz - port: http + {{- toYaml . | nindent 12 }} + {{- end }} ports: - name: http containerPort: 80 @@ -43,14 +44,15 @@ spec: - name: https containerPort: 443 protocol: TCP + {{- with .Values.readinessProbe }} readinessProbe: - httpGet: - scheme: HTTP - path: /healthz - port: http + {{- toYaml . | nindent 12 }} + {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- if .Values.config.DRONE_DATABASE_DRIVER | default "sqlite3" | eq "sqlite3" }} + securityContext: + {{- toYaml .Values.securityContext | nindent 12 }} volumeMounts: - name: data mountPath: {{ default "/data/database.sqlite" .Values.config.DRONE_DATABASE_DATASOURCE | dir }} @@ -63,10 +65,6 @@ spec: {{- toYaml . | nindent 10 }} {{- end }} {{- end }} - {{- with .Values.affinity }} - affinity: - {{- toYaml . | nindent 8 }} - {{- end }} {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} diff --git a/values.yaml b/values.yaml index f3944a9..695506f 100644 --- a/values.yaml +++ b/values.yaml @@ -23,13 +23,7 @@ podSecurityContext: {} # is set to sqlite3. replicas: 1 -securityContext: {} - # capabilities: - # drop: - # - ALL - # readOnlyRootFilesystem: true - # runAsNonRoot: true - # runAsUser: 1000 +affinity: {} config: {} # DRONE_BITBUCKET_CLIENT_ID @@ -524,22 +518,6 @@ config: {} # https://docs.drone.io/server/reference/drone-webhook-skip-verify/ # DRONE_WEBHOOK_SKIP_VERIFY: "" -serviceAccount: - annotations: {} - -service: - annotations: {} - # externalIPs: [] - # externalTrafficPolicy: "Cluster" - # loadBalancerClass: "" - # loadBalancerIP: "" - # loadBalancerSourceRanges: [] - # internalTrafficPolicy: "Cluster" - name: http - targetPort: 80 - type: ClusterIP - port: 80 - ingress: enabled: false className: "nginx" @@ -557,6 +535,20 @@ ingress: hosts: - "your-hostname" +livenessProbe: + httpGet: + scheme: HTTP + path: /healthz + port: http + +nodeSelector: {} + +readinessProbe: + httpGet: + scheme: HTTP + path: /healthz + port: http + resources: {} # We usually recommend not to specify default resources and to leave this as a conscious # choice for the user. This also increases chances charts run on environments with little @@ -569,12 +561,32 @@ resources: {} # cpu: 100m # memory: 128Mi -nodeSelector: {} +securityContext: {} + # capabilities: + # drop: + # - ALL + # readOnlyRootFilesystem: true + # runAsNonRoot: true + # runAsUser: 1000 + +serviceAccount: + annotations: {} + +service: + annotations: {} + # externalIPs: [] + # externalTrafficPolicy: "Cluster" + # loadBalancerClass: "" + # loadBalancerIP: "" + # loadBalancerSourceRanges: [] + # internalTrafficPolicy: "Cluster" + name: http + targetPort: 80 + type: ClusterIP + port: 80 tolerations: [] -affinity: {} - # persistence is only required when config.DATABASE_DRIVER is sqlite3 or # undefined. persistence: