apiVersion: v1 kind: Secret metadata: name: iris-root-ca-cert-secret-worker labels: app: {{ .Values.irisworker.app }} type: Opaque data: {{ (.Files.Glob "certificates/rootCA/irisRootCACert.pem").AsSecrets | indent 2 }} --- apiVersion: v1 kind: Secret metadata: name: iris-ldap-certs-secret-worker labels: app: {{ .Values.irisworker.app }} type: Opaque data: {{ (.Files.Glob "certificates/ldap/*").AsSecrets | indent 2 }} --- apiVersion: v1 kind: Secret metadata: name: iris-certs-dir-rootca-secrets-worker labels: app: {{ .Values.irisworker.app }} type: Opaque data: {{ (.Files.Glob "certificates/rootCA/*").AsSecrets | indent 2 }} --- apiVersion: v1 kind: Secret metadata: name: iris-certs-dir-webcerts-secrets-worker labels: app: {{ .Values.irisworker.app }} type: Opaque data: {{ (.Files.Glob "certificates/web_certificates/*").AsSecrets | indent 2 }} --- apiVersion: apps/v1 kind: Deployment metadata: name: {{ .Values.irisworker.name }} spec: replicas: {{ .Values.irisworker.replicaCount }} selector: matchLabels: app: {{ .Values.irisworker.app }} template: metadata: labels: app: {{ .Values.irisworker.app }} spec: securityContext: {{- toYaml .Values.irisworker.podSecurityContext | nindent 8 }} containers: - name: {{ .Values.irisworker.name }} securityContext: {{- toYaml .Values.irisworker.securityContext | nindent 12 }} resources: {{- toYaml .Values.irisworker.resources | nindent 12 }} image: "{{ .Values.irisworker.image}}:{{ .Values.irisworker.tag }}" imagePullPolicy: "{{ .Values.irisworker.imagePullPolicy }}" command: ['./wait-for-iriswebapp.sh', "{{ .Values.irisapp.name }}:{{ .Values.irisapp.service.port }}", './iris-entrypoint.sh', 'iris-worker'] env: - name: DOCKERIZED value: {{ .Values.irisworker.DOCKERIZED | quote }} - name: POSTGRES_USER value: {{ .Values.irisworker.POSTGRES_USER | quote }} - name: POSTGRES_PASSWORDD value: {{ .Values.irisworker.POSTGRES_PASSWORD | quote }} - name: POSTGRES_ADMIN_USER value: {{ .Values.irisworker.POSTGRES_ADMIN_USER | quote }} - name: POSTGRES_ADMIN_PASSWORD value: {{ .Values.irisworker.POSTGRES_ADMIN_PASSWORD | quote }} - name: POSTGRES_PORT value: {{ .Values.irisworker.POSTGRES_PORT | quote }} - name: POSTGRES_SERVER value: {{ .Values.irisworker.POSTGRES_SERVER | quote }} - name: IRIS_SECRET_KEY value: {{ .Values.irisworker.IRIS_SECRET_KEY | quote }} - name: IRIS_SECURITY_PASSWORD_SALT value: {{ .Values.irisworker.IRIS_SECURITY_PASSWORD_SALT | quote }} - name: NUMBER_OF_CHILD value: {{ .Values.irisworker.NUMBER_OF_CHILD | quote }} volumeMounts: - mountPath: /home/iris/downloads name: iris-downloads - mountPath: /home/iris/user_templates name: user-templates - mountPath: /home/iris/server_data name: server-data - mountPath: /etc/irisRootCACert.pem name: iris-root-ca-cert subPath: irisRootCACert.pem readOnly: true - mountPath: /home/iris/certificates/rootCA name: iris-certs-dir-rootca readOnly: true - mountPath: /home/iris/certificates/web_certificates name: iris-certs-dir-webcerts readOnly: true - mountPath: /iriswebapp/certificates/ldap/ name: iris-ldap-certs readOnly: true volumes: - name: iris-downloads emptyDir: {} - name: user-templates emptyDir: {} - name: server-data emptyDir: {} - name: iris-root-ca-cert secret: secretName: iris-root-ca-cert-secret-worker - name: iris-certs-dir-rootca secret: secretName: iris-certs-dir-rootca-secrets-worker - name: iris-ldap-certs secret: secretName: iris-ldap-certs-secret-worker - name: iris-certs-dir-webcerts secret: secretName: iris-certs-dir-webcerts-secrets-worker ---