apiVersion: v1 kind: Secret metadata: name: iris-root-ca-cert-secret-app labels: app: {{ .Values.irisworker.app }} type: Opaque data: {{ (.Files.Glob "certificates/rootCA/irisRootCACert.pem").AsSecrets | indent 2 }} --- apiVersion: v1 kind: Secret metadata: name: iris-ldap-certs-secret-app labels: app: {{ .Values.irisworker.app }} type: Opaque data: {{ (.Files.Glob "certificates/ldap/*").AsSecrets | indent 2 }} --- apiVersion: v1 kind: Secret metadata: name: iris-certs-dir-rootca-secrets-app labels: app: {{ .Values.irisworker.app }} type: Opaque data: {{ (.Files.Glob "certificates/rootCA/*").AsSecrets | indent 2 }} --- apiVersion: v1 kind: Secret metadata: name: iris-certs-dir-webcerts-secrets-app labels: app: {{ .Values.irisworker.app }} type: Opaque data: {{ (.Files.Glob "certificates/web_certificates/*").AsSecrets | indent 2 }} --- apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Values.irisapp.name }} spec: replicas: {{ .Values.irisapp.replicaCount }} selector: matchLabels: app: {{ .Values.irisapp.app }} template: metadata: labels: app: {{ .Values.irisapp.app }} spec: securityContext: {{- toYaml .Values.irisapp.podSecurityContext | nindent 8 }} containers: - name: {{ .Values.irisapp.name }} securityContext: {{- toYaml .Values.irisapp.securityContext | nindent 12 }} resources: {{- toYaml .Values.irisapp.resources | nindent 12 }} image: "{{ .Values.irisapp.image}}:{{ .Values.irisapp.tag }}" imagePullPolicy: "{{ .Values.irisapp.imagePullPolicy }}" command: ['nohup', './iris-entrypoint.sh', 'iriswebapp'] env: - name: POSTGRES_USER # Setting Database username value: {{ .Values.irisapp.POSTGRES_USER| quote }} - name: POSTGRES_PASSWORDD # Setting Database password value: {{ .Values.irisapp.POSTGRES_PASSWORD | quote }} - name: POSTGRES_ADMIN_USER # Setting Database admin user value: {{ .Values.irisapp.POSTGRES_ADMIN_USER | quote }} - name: POSTGRES_ADMIN_PASSWORD # Setting Database admin password value: {{ .Values.irisapp.POSTGRES_ADMIN_PASSWORD | quote }} - name: POSTGRES_PORT # Setting Database port value: {{ .Values.irisapp.POSTGRES_PORT | quote }} - name: POSTGRES_SERVER # Setting Database server value: {{ .Values.irisapp.POSTGRES_SERVER | quote }} - name: IRIS_SECRET_KEY value: {{ .Values.irisapp.IRIS_SECRET_KEY | quote }} - name: IRIS_SECURITY_PASSWORD_SALT value: {{ .Values.irisapp.IRIS_SECURITY_PASSWORD_SALT | quote }} - name: DB_RETRY_COUNT value: {{ .Values.irisapp.DB_RETRY_COUNT | quote }} - name: DB_RETRY_DELAY value: {{ .Values.irisapp.DB_RETRY_DELAY | quote }} - name: INTERFACE_HTTPS_PORT value: {{ .Values.irisapp.INTERFACE_HTTPS_PORT | quote }} - name: IRIS_ADM_USERNAME value: {{ .Values.irisapp.IRIS_ADM_USERNAME | quote }} - name: IRIS_ADM_PASSWORD value: {{ .Values.irisapp.IRIS_ADM_PASSWORD | quote }} ports: - containerPort: 8000 volumeMounts: - mountPath: /home/iris/downloads name: iris-downloads - mountPath: /home/iris/user_templates name: user-templates - mountPath: /home/iris/server_data name: server-data - mountPath: /etc/irisRootCACert.pem name: iris-root-ca-cert subPath: irisRootCACert.pem readOnly: true - mountPath: /home/iris/certificates/rootCA name: iris-certs-dir-rootca readOnly: true - mountPath: /home/iris/certificates/web_certificates name: iris-certs-dir-webcerts readOnly: true - mountPath: /iriswebapp/certificates/ldap/ name: iris-ldap-certs readOnly: true volumes: - name: iris-downloads emptyDir: {} - name: user-templates emptyDir: {} - name: server-data emptyDir: {} - name: iris-root-ca-cert secret: secretName: iris-root-ca-cert-secret-app - name: iris-ldap-certs secret: secretName: iris-ldap-certs-secret-app - name: iris-certs-dir-rootca secret: secretName: iris-certs-dir-rootca-secrets-app - name: iris-certs-dir-webcerts secret: secretName: iris-certs-dir-webcerts-secrets-app --- apiVersion: v1 kind: Service metadata: name: {{ .Values.irisapp.name }} labels: app: {{ .Values.irisapp.app }} spec: type: {{ .Values.irisapp.type }} ports: - port: {{ .Values.irisapp.service.port }} targetPort: {{ .Values.irisapp.service.targetPort }} selector: app: {{ .Values.irisapp.app }} ---