80 lines
2.0 KiB
YAML
80 lines
2.0 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubernetes.io/component: helm-controller
|
|
app.kubernetes.io/instance: flux-system
|
|
app.kubernetes.io/part-of: flux
|
|
control-plane: controller
|
|
name: helm-controller
|
|
namespace: flux-system
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: helm-controller
|
|
template:
|
|
metadata:
|
|
annotations:
|
|
prometheus.io/port: "8080"
|
|
prometheus.io/scrape: "true"
|
|
labels:
|
|
app: helm-controller
|
|
spec:
|
|
containers:
|
|
- args:
|
|
- --events-addr=http://notification-controller.flux-system.svc.cluster.local./
|
|
- --watch-all-namespaces
|
|
- --log-level=info
|
|
- --log-encoding=json
|
|
- --enable-leader-election
|
|
env:
|
|
- name: RUNTIME_NAMESPACE
|
|
valueFrom:
|
|
fieldRef:
|
|
fieldPath: metadata.namespace
|
|
image: ghcr.io/fluxcd/helm-controller:v0.37.4
|
|
imagePullPolicy: IfNotPresent
|
|
livenessProbe:
|
|
httpGet:
|
|
path: /healthz
|
|
port: healthz
|
|
name: manager
|
|
ports:
|
|
- containerPort: 8080
|
|
name: http-prom
|
|
protocol: TCP
|
|
- containerPort: 9440
|
|
name: healthz
|
|
protocol: TCP
|
|
readinessProbe:
|
|
httpGet:
|
|
path: /readyz
|
|
port: healthz
|
|
resources:
|
|
limits:
|
|
cpu: 1000m
|
|
memory: 1Gi
|
|
requests:
|
|
cpu: 100m
|
|
memory: 64Mi
|
|
securityContext:
|
|
allowPrivilegeEscalation: false
|
|
capabilities:
|
|
drop:
|
|
- ALL
|
|
readOnlyRootFilesystem: true
|
|
runAsNonRoot: true
|
|
seccompProfile:
|
|
type: RuntimeDefault
|
|
volumeMounts:
|
|
- mountPath: /tmp
|
|
name: temp
|
|
priorityClassName: system-cluster-critical
|
|
securityContext:
|
|
fsGroup: 1337
|
|
serviceAccountName: helm-controller
|
|
terminationGracePeriodSeconds: 600
|
|
volumes:
|
|
- emptyDir: {}
|
|
name: temp |