apiVersion: apps/v1 kind: Deployment metadata: labels: app: keda-metrics-apiserver app.kubernetes.io/name: keda-metrics-apiserver app.kubernetes.io/part-of: keda-operator app.kubernetes.io/version: 2.13.1 name: keda-metrics-apiserver namespace: keda spec: replicas: 1 selector: matchLabels: app: keda-metrics-apiserver template: metadata: labels: app: keda-metrics-apiserver name: keda-metrics-apiserver spec: containers: - args: - /usr/local/bin/keda-adapter - --secure-port=6443 - --logtostderr=true - --stderrthreshold=ERROR - --v=0 - --client-ca-file=/certs/ca.crt - --tls-cert-file=/certs/tls.crt - --tls-private-key-file=/certs/tls.key - --cert-dir=/certs env: - name: WATCH_NAMESPACE value: "" - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace - name: KEDA_HTTP_DEFAULT_TIMEOUT value: "" image: ghcr.io/kedacore/keda-metrics-apiserver:2.13.1 imagePullPolicy: Always livenessProbe: httpGet: path: /healthz port: 6443 scheme: HTTPS initialDelaySeconds: 5 name: keda-metrics-apiserver ports: - containerPort: 6443 name: https - containerPort: 8080 name: http readinessProbe: httpGet: path: /readyz port: 6443 scheme: HTTPS initialDelaySeconds: 5 resources: limits: cpu: 1000m memory: 1000Mi requests: cpu: 100m memory: 100Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /tmp name: temp-vol - mountPath: /certs name: certificates readOnly: true nodeSelector: kubernetes.io/os: linux securityContext: runAsNonRoot: true serviceAccountName: keda-operator volumes: - emptyDir: {} name: temp-vol - name: certificates secret: defaultMode: 420 secretName: kedaorg-certs