{{- $functionNs := default .Release.Namespace .Values.functionNamespace }}
{{- if .Values.basic_auth }}
{{- if not .Values.oauth2Plugin.enabled }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
labels:
app: {{ template "openfaas.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version }}
component: basic-auth-plugin
heritage: {{ .Release.Service }}
release: {{ .Release.Name }}
name: basic-auth-plugin
namespace: {{ .Release.Namespace | quote }}
spec:
replicas: {{ .Values.basicAuthPlugin.replicas }}
selector:
matchLabels:
app: basic-auth-plugin
template:
metadata:
annotations:
prometheus.io.scrape: "false"
labels:
app: basic-auth-plugin
spec:
{{- if .Values.basic_auth }}
volumes:
- name: auth
secret:
secretName: basic-auth
{{- end }}
containers:
- name: basic-auth-plugin
resources:
{{- .Values.basicAuthPlugin.resources | toYaml | nindent 12 }}
image: {{ .Values.basicAuthPlugin.image }}
imagePullPolicy: {{ .Values.openfaasImagePullPolicy }}
{{- if .Values.securityContext }}
securityContext:
readOnlyRootFilesystem: true
runAsUser: 10001
{{- end }}
livenessProbe:
{{- if .Values.httpProbe }}
httpGet:
path: /health
port: 8080
{{- else }}
exec:
command:
- wget
- --quiet
- --tries=1
- --timeout=5
- --spider
- http://localhost:8080/health
{{- end }}
timeoutSeconds: 5
readinessProbe:
{{- if .Values.httpProbe }}
httpGet:
path: /health
port: 8080
{{- else }}
exec:
command:
- wget
- --quiet
- --tries=1
- --timeout=5
- --spider
- http://localhost:8080/health
{{- end }}
timeoutSeconds: 5
env:
{{- if .Values.basic_auth }}
- name: secret_mount_path
value: "/var/secrets"
- name: basic_auth
value: "{{ .Values.basic_auth }}"
volumeMounts:
- name: auth
readOnly: true
mountPath: "/var/secrets"
ports:
- name: http
containerPort: 8080
protocol: TCP
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.affinity }}
affinity:
{{ toYaml . | indent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | indent 8 }}
{{- end }}
{{- end }}
{{- end }}