apiVersion: apps/v1 kind: Deployment metadata: labels: app.kubernetes.io/component: notification-controller app.kubernetes.io/instance: flux-system app.kubernetes.io/part-of: flux control-plane: controller name: notification-controller namespace: flux-system spec: replicas: 1 selector: matchLabels: app: notification-controller template: metadata: annotations: prometheus.io/port: "8080" prometheus.io/scrape: "true" labels: app: notification-controller spec: containers: - args: - --watch-all-namespaces - --log-level=info - --log-encoding=json - --enable-leader-election env: - name: RUNTIME_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace image: ghcr.io/fluxcd/notification-controller:v1.2.4 imagePullPolicy: IfNotPresent livenessProbe: httpGet: path: /healthz port: healthz name: manager ports: - containerPort: 9090 name: http protocol: TCP - containerPort: 9292 name: http-webhook protocol: TCP - containerPort: 8080 name: http-prom protocol: TCP - containerPort: 9440 name: healthz protocol: TCP readinessProbe: httpGet: path: /readyz port: healthz resources: limits: cpu: 1000m memory: 1Gi requests: cpu: 100m memory: 64Mi securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL readOnlyRootFilesystem: true runAsNonRoot: true seccompProfile: type: RuntimeDefault volumeMounts: - mountPath: /tmp name: temp securityContext: fsGroup: 1337 serviceAccountName: notification-controller terminationGracePeriodSeconds: 10 volumes: - emptyDir: {} name: temp