netflux-kubernetes/deploy/base/deploy-drone.yaml

100 lines
2.6 KiB
YAML
Raw Normal View History

2022-05-18 18:11:15 +02:00
apiVersion: apps/v1
kind: Deployment
metadata:
name: drone
labels:
2022-06-05 17:44:52 +02:00
app: drone
component: web
2022-05-18 18:11:15 +02:00
app.kubernetes.io/name: drone
app.kubernetes.io/instance: drone
2023-09-11 00:18:13 +02:00
annotations:
ignore-check.kube-linter.io/run-as-non-root: "Not yet implemented"
2022-05-18 18:11:15 +02:00
spec:
selector:
matchLabels:
2022-06-05 17:44:52 +02:00
app: drone
component: web
2022-05-18 18:11:15 +02:00
template:
metadata:
labels:
2022-06-05 17:44:52 +02:00
app: drone
component: web
2022-05-18 18:11:15 +02:00
app.kubernetes.io/name: drone
app.kubernetes.io/instance: drone
spec:
containers:
- name: drone
image: drone/drone:2
imagePullPolicy: IfNotPresent
ports:
- name: http
protocol: TCP
containerPort: 80
env:
# Limit users permitted to use Drone, to prevent bitcoin mining :-/
- name: DRONE_USER_FILTER
value: rob
- name: DRONE_DATABASE_DRIVER
value: postgres
- name: DRONE_DATABASE_DATASOURCE
valueFrom:
secretKeyRef:
name: drone-credentials
key: database-url
- name: DRONE_GITEA_CLIENT_ID
valueFrom:
secretKeyRef:
name: drone-credentials
key: gitea-client-id
- name: DRONE_GITEA_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: drone-credentials
key: gitea-client-secret
- name: DRONE_RPC_SECRET
valueFrom:
secretKeyRef:
name: drone-credentials
key: rpc-secret
- name: DRONE_GITEA_SERVER
valueFrom:
configMapKeyRef:
name: drone-config
key: gitea-server
- name: DRONE_SERVER_HOST
valueFrom:
configMapKeyRef:
name: drone-config
key: server-host
- name: DRONE_SERVER_PROTO
valueFrom:
configMapKeyRef:
name: drone-config
key: server-proto
- name: DRONE_LOGS_DEBUG
valueFrom:
configMapKeyRef:
name: drone-config
key: logs-debug
2023-03-21 02:37:42 +01:00
- name: DRONE_MAX_POOL_SIZE
value: "1"
2022-05-18 18:11:15 +02:00
resources:
requests:
memory: "32Mi"
cpu: "50m"
limits:
memory: "128Mi"
cpu: "250m"
securityContext:
readOnlyRootFilesystem: true
2022-05-18 18:11:15 +02:00
livenessProbe:
failureThreshold: 10
httpGet:
path: /healthz
port: 80
scheme: HTTP
initialDelaySeconds: 30
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 10