178 lines
		
	
	
		
			5.5 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
			
		
		
	
	
			178 lines
		
	
	
		
			5.5 KiB
		
	
	
	
		
			YAML
		
	
	
	
	
	
| apiVersion: apps/v1
 | |
| kind: Deployment
 | |
| metadata:
 | |
|   name:  {{ template "openldap.fullname" . }}
 | |
|   labels:
 | |
|     app: {{ template "openldap.name" . }}
 | |
|     chart: {{ template "openldap.chart" . }}
 | |
|     release: {{ .Release.Name }}
 | |
|     heritage: {{ .Release.Service }}
 | |
| {{- if .Values.extraLabels }}
 | |
| {{ toYaml .Values.extraLabels | indent 4 }}
 | |
| {{- end }}
 | |
| spec:
 | |
|   replicas: {{ .Values.replicaCount }}
 | |
| {{- if .Values.strategy }}
 | |
|   strategy:
 | |
| {{ toYaml .Values.strategy | indent 4 }}
 | |
| {{- end }}
 | |
|   selector:
 | |
|     matchLabels:
 | |
|       app: {{ template "openldap.name" . }}
 | |
|       release: {{ .Release.Name }}
 | |
|   template:
 | |
|     metadata:
 | |
|       annotations:
 | |
|         checksum/configmap-env: {{ include (print $.Template.BasePath "/configmap-env.yaml") . | sha256sum }}
 | |
| {{- if .Values.customLdifFiles}}
 | |
|         checksum/configmap-customldif: {{ include (print $.Template.BasePath "/configmap-customldif.yaml") . | sha256sum }}
 | |
| {{- end }}
 | |
| {{- if .Values.podAnnotations}}
 | |
| {{ toYaml .Values.podAnnotations | indent 8}}
 | |
| {{- end }}
 | |
|       labels:
 | |
|         app: {{ template "openldap.name" . }}
 | |
|         release: {{ .Release.Name }}
 | |
|     spec:
 | |
|       {{- if or .Values.customLdifFiles .Values.tls.enabled }}
 | |
|       initContainers:
 | |
|       {{- end }}
 | |
|       {{- if .Values.customLdifFiles }}
 | |
|       - name: {{ .Chart.Name }}-init-ldif
 | |
|         image: busybox
 | |
|         command: ['sh', '-c', 'cp /customldif/* /ldifworkingdir']
 | |
|         imagePullPolicy: {{ .Values.image.pullPolicy }}
 | |
|         volumeMounts:
 | |
|         - name: customldif
 | |
|           mountPath: /customldif
 | |
|         - name: ldifworkingdir
 | |
|           mountPath: /ldifworkingdir
 | |
|         resources:
 | |
| {{ toYaml .Values.initResources | indent 10 }}
 | |
|       {{- end }}
 | |
|       {{- if .Values.tls.enabled }}
 | |
|       - name: {{ .Chart.Name }}-init-tls
 | |
|         image: busybox
 | |
|         command: ['sh', '-c', 'cp /tls/* /certs']
 | |
|         imagePullPolicy: {{ .Values.image.pullPolicy }}
 | |
|         volumeMounts:
 | |
|           - name: tls
 | |
|             mountPath: /tls
 | |
|           - name: certs
 | |
|             mountPath: /certs
 | |
|         resources:
 | |
| {{ toYaml .Values.initResources | indent 10 }}
 | |
|       {{- if .Values.tls.CA.enabled }}
 | |
|       - name: {{ .Chart.Name }}-init-catls
 | |
|         image: busybox
 | |
|         command: ['sh', '-c', 'cp /catls/ca.crt /certs']
 | |
|         volumeMounts:
 | |
|           - name: catls
 | |
|             mountPath: /catls
 | |
|           - name: certs
 | |
|             mountPath: /certs
 | |
|         resources:
 | |
| {{ toYaml .Values.initResources | indent 10 }}
 | |
|       {{- end }}
 | |
|       {{- end }}
 | |
|       containers:
 | |
|         - name: {{ .Chart.Name }}
 | |
|           image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
 | |
|           imagePullPolicy: {{ .Values.image.pullPolicy }}
 | |
|           args:
 | |
|             - -l
 | |
|             - {{ .Values.logLevel }}
 | |
| {{- if .Values.customLdifFiles }}
 | |
|             - --copy-service
 | |
| {{- end }}
 | |
|           ports:
 | |
|             - name: ldap-port
 | |
|               containerPort: 389
 | |
|             - name: ssl-ldap-port
 | |
|               containerPort: 636
 | |
|           envFrom:
 | |
|             - configMapRef:
 | |
|                 name: {{ template "openldap.fullname" . }}-env
 | |
|             - secretRef:
 | |
|                 name: {{ template "openldap.secretName" . }}
 | |
|           volumeMounts:
 | |
|             - name: data
 | |
|               mountPath: /var/lib/ldap
 | |
|               subPath: data
 | |
|             - name: data
 | |
|               mountPath: /etc/ldap/slapd.d
 | |
|               subPath: config-data
 | |
|             {{- if .Values.customLdifFiles }}
 | |
|             - name: ldifworkingdir
 | |
|               mountPath: /container/service/slapd/assets/config/bootstrap/ldif/custom
 | |
|             {{- end }}
 | |
|             {{- if .Values.tls.enabled }}
 | |
|             - name: certs
 | |
|               mountPath: /container/service/slapd/assets/certs
 | |
|             {{- end }}
 | |
|           env:
 | |
|           {{- if .Values.tls.enabled }}
 | |
|             - name: LDAP_TLS_CRT_FILENAME
 | |
|               value: tls.crt
 | |
|             - name: LDAP_TLS_KEY_FILENAME
 | |
|               value: tls.key
 | |
|           {{- if .Values.tls.CA.enabled }}
 | |
|             - name: LDAP_TLS_CA_CRT_FILENAME
 | |
|               value: ca.crt
 | |
|           {{- end }}
 | |
|           {{- end }}
 | |
|           livenessProbe:
 | |
|             tcpSocket:
 | |
|               port: ldap-port
 | |
|             initialDelaySeconds: 20
 | |
|             periodSeconds: 10
 | |
|             failureThreshold: 10
 | |
|           readinessProbe:
 | |
|             tcpSocket:
 | |
|               port: ldap-port
 | |
|             initialDelaySeconds: 20
 | |
|             periodSeconds: 10
 | |
|             failureThreshold: 10
 | |
|           resources:
 | |
| {{ toYaml .Values.resources | indent 12 }}
 | |
|     {{- with .Values.nodeSelector }}
 | |
|       nodeSelector:
 | |
| {{ toYaml . | indent 8 }}
 | |
|     {{- end }}
 | |
|     {{- with .Values.affinity }}
 | |
|       affinity:
 | |
| {{ toYaml . | indent 8 }}
 | |
|     {{- end }}
 | |
|     {{- with .Values.tolerations }}
 | |
|       tolerations:
 | |
| {{ toYaml . | indent 8 }}
 | |
|     {{- end }}
 | |
|       volumes:
 | |
|         {{- if .Values.customLdifFiles }}
 | |
|         - name: customldif
 | |
|           configMap:
 | |
|             name: {{ template "openldap.fullname" . }}-customldif
 | |
|         - name: ldifworkingdir
 | |
|           emptyDir: {}
 | |
|         {{- end }}
 | |
|         {{- if .Values.tls.enabled }}
 | |
|         - name: tls
 | |
|           secret:
 | |
|             secretName: {{ .Values.tls.secret }}
 | |
|         {{- if .Values.tls.CA.enabled }}
 | |
|         - name: catls
 | |
|           secret:
 | |
|             secretName: {{ .Values.tls.CA.secret }}
 | |
|         {{- end }}
 | |
|         {{- end }}
 | |
|         - name: certs
 | |
|           emptyDir:
 | |
|             medium: Memory
 | |
|         - name: data
 | |
|         {{- if .Values.persistence.enabled }}
 | |
|           persistentVolumeClaim:
 | |
|             claimName: {{ .Values.persistence.existingClaim | default (include "openldap.fullname" .) }}
 | |
|         {{- else }}
 | |
|           emptyDir: {}
 | |
|         {{- end -}}
 |