caterpillar/api/helm/api-platform/templates/deployment.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ include "api-platform.fullname" . }}
  labels:
    {{- include "api-platform.labels" . | nindent 4 }}
spec:
  {{- if not .Values.autoscaling.enabled }}
  replicas: {{ .Values.replicaCount }}
  {{- end }}
  selector:
    matchLabels:
      {{- include "api-platform.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      {{- with .Values.podAnnotations }}
      annotations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      labels:
        {{- include "api-platform.selectorLabels" . | nindent 8 }}
    spec:
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      serviceAccountName: {{ include "api-platform.serviceAccountName" . }}
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
      containers:
        - name: {{ .Chart.Name }}-caddy
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.caddy.image.repository }}:{{ .Values.caddy.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.caddy.image.pullPolicy }}
          env:
            - name: SERVER_NAME
              value: :80
            - name: PWA_UPSTREAM
              value: {{ include "api-platform.fullname" . }}-pwa:3000
            - name: MERCURE_PUBLISHER_JWT_KEY
              valueFrom:
                secretKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: mercure-jwt-secret
            - name: MERCURE_SUBSCRIBER_JWT_KEY
              valueFrom:
                secretKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: mercure-jwt-secret
          ports:
            - name: http
              containerPort: 80
              protocol: TCP
            - name: admin
              containerPort: 2019
              protocol: TCP
          volumeMounts:
            - mountPath: /var/run/php
              name: php-socket
          lifecycle:
            preStop:
              exec:
                command: ["curl", "-XPOST", "http://localhost:2019/stop"]
          readinessProbe:
            tcpSocket:
              port: 80
            initialDelaySeconds: 3
            periodSeconds: 3
          livenessProbe:
            tcpSocket:
              port: 80
            initialDelaySeconds: 3
            periodSeconds: 3
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
        - name: {{ .Chart.Name }}-php
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.php.image.repository }}:{{ .Values.php.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.php.image.pullPolicy }}
          env:
            - name: TRUSTED_HOSTS
              valueFrom:
                configMapKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: php-trusted-hosts
            - name: TRUSTED_PROXIES
              valueFrom:
                configMapKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: php-trusted-proxies
            - name: APP_ENV
              valueFrom:
                configMapKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: php-app-env
            - name: APP_DEBUG
              valueFrom:
                configMapKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: php-app-debug
            - name: APP_SECRET
              valueFrom:
                secretKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: php-app-secret
            - name: CORS_ALLOW_ORIGIN
              valueFrom:
                configMapKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: php-cors-allow-origin
            - name: DATABASE_URL
              valueFrom:
                secretKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: database-url
            - name: MERCURE_URL
              valueFrom:
                configMapKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: mercure-url
            - name: MERCURE_PUBLIC_URL
              valueFrom:
                configMapKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: mercure-public-url
            - name: MERCURE_JWT_SECRET
              valueFrom:
                secretKeyRef:
                  name: {{ include "api-platform.fullname" . }}
                  key: mercure-jwt-secret
          volumeMounts:
            - mountPath: /var/run/php
              name: php-socket
          lifecycle:
            preStop:
              exec:
                command: ["/bin/sh", "-c", "/bin/sleep 1; kill -QUIT 1"]
          startupProbe:
            exec:
              command:
                - docker-healthcheck
            failureThreshold: 40
            periodSeconds: 3
          readinessProbe:
            exec:
              command:
                - docker-healthcheck
            periodSeconds: 3
          livenessProbe:
            exec:
              command:
                - docker-healthcheck
            periodSeconds: 3
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
      volumes:
      - name: php-socket
        emptyDir: {}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}