{{- $context := . }} {{- range .Values.mastodon.sidekiq.workers }} --- apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "mastodon.fullname" $context }}-sidekiq-{{ .name }} labels: {{- include "mastodon.labels" $context | nindent 4 }} app.kubernetes.io/component: sidekiq-{{ .name }} app.kubernetes.io/part-of: rails spec: {{- if (has "scheduler" .queues) }} {{- if (gt (int .replicas) 1) }} {{ fail "The scheduler queue should never have more than 1 replicas" }} {{- end }} strategy: type: Recreate {{- end }} replicas: {{ .replicas }} selector: matchLabels: {{- include "mastodon.selectorLabels" $context | nindent 6 }} app.kubernetes.io/component: sidekiq-{{ .name }} app.kubernetes.io/part-of: rails template: metadata: annotations: {{- with $context.Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} # roll the pods to pick up any db migrations or other changes {{- include "mastodon.rollingPodAnnotations" $context | nindent 8 }} checksum/config-secrets: {{ include ( print $.Template.BasePath "/secret-smtp.yaml" ) $context | sha256sum | quote }} labels: {{- include "mastodon.selectorLabels" $context | nindent 8 }} app.kubernetes.io/component: sidekiq-{{ .name }} app.kubernetes.io/part-of: rails spec: {{- with $context.Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "mastodon.serviceAccountName" $context }} {{- with (default $context.Values.podSecurityContext $context.Values.mastodon.sidekiq.podSecurityContext) }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} {{- with (default (default $context.Values.affinity $context.Values.mastodon.sidekiq.affinity) .affinity) }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- if (not $context.Values.mastodon.s3.enabled) }} volumes: - name: assets persistentVolumeClaim: claimName: {{ template "mastodon.fullname" $context }}-assets - name: system persistentVolumeClaim: claimName: {{ template "mastodon.fullname" $context }}-system {{- end }} containers: - name: {{ $context.Chart.Name }} securityContext: {{- toYaml $context.Values.mastodon.sidekiq.securityContext | nindent 12 }} image: "{{ $context.Values.image.repository }}:{{ $context.Values.image.tag | default $context.Chart.AppVersion }}" imagePullPolicy: {{ $context.Values.image.pullPolicy }} command: - bundle - exec - sidekiq - -c - {{ .concurrency | quote }} {{- range .queues }} - -q - {{ . | quote }} {{- end }} envFrom: - configMapRef: name: {{ include "mastodon.fullname" $context }}-env - secretRef: name: {{ template "mastodon.secretName" $context }} env: - name: "DB_PASS" valueFrom: secretKeyRef: name: {{ template "mastodon.postgresql.secretName" $context }} key: password - name: "REDIS_PASSWORD" valueFrom: secretKeyRef: name: {{ template "mastodon.redis.secretName" $context }} key: redis-password - name: "SMTP_LOGIN" valueFrom: secretKeyRef: name: {{ include "mastodon.smtp.secretName" $context }} key: login optional: true - name: "SMTP_PASSWORD" valueFrom: secretKeyRef: name: {{ include "mastodon.smtp.secretName" $context }} key: password {{- if (and $context.Values.mastodon.s3.enabled $context.Values.mastodon.s3.existingSecret) }} - name: "AWS_SECRET_ACCESS_KEY" valueFrom: secretKeyRef: name: {{ $context.Values.mastodon.s3.existingSecret }} key: AWS_SECRET_ACCESS_KEY - name: "AWS_ACCESS_KEY_ID" valueFrom: secretKeyRef: name: {{ $context.Values.mastodon.s3.existingSecret }} key: AWS_ACCESS_KEY_ID {{- end }} {{- if (not $context.Values.mastodon.s3.enabled) }} volumeMounts: - name: assets mountPath: /opt/mastodon/public/assets - name: system mountPath: /opt/mastodon/public/system {{- end }} resources: {{- toYaml (default (default $context.Values.resources $context.Values.mastodon.sidekiq.resources) .resources) | nindent 12 }} {{- with $context.Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with $context.Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- end }}