apiVersion: apps/v1 kind: Deployment metadata: name: drone labels: app: drone component: web app.kubernetes.io/name: drone app.kubernetes.io/instance: drone spec: selector: matchLabels: app: drone component: web template: metadata: labels: app: drone component: web app.kubernetes.io/name: drone app.kubernetes.io/instance: drone spec: containers: - name: drone image: drone/drone:2 imagePullPolicy: IfNotPresent ports: - name: http protocol: TCP containerPort: 80 env: # Limit users permitted to use Drone, to prevent bitcoin mining :-/ - name: DRONE_USER_FILTER value: rob - name: DRONE_DATABASE_DRIVER value: postgres - name: DRONE_DATABASE_DATASOURCE valueFrom: secretKeyRef: name: drone-credentials key: database-url - name: DRONE_GITEA_CLIENT_ID valueFrom: secretKeyRef: name: drone-credentials key: gitea-client-id - name: DRONE_GITEA_CLIENT_SECRET valueFrom: secretKeyRef: name: drone-credentials key: gitea-client-secret - name: DRONE_RPC_SECRET valueFrom: secretKeyRef: name: drone-credentials key: rpc-secret - name: DRONE_GITEA_SERVER valueFrom: configMapKeyRef: name: drone-config key: gitea-server - name: DRONE_SERVER_HOST valueFrom: configMapKeyRef: name: drone-config key: server-host - name: DRONE_SERVER_PROTO valueFrom: configMapKeyRef: name: drone-config key: server-proto - name: DRONE_LOGS_DEBUG valueFrom: configMapKeyRef: name: drone-config key: logs-debug - name: DRONE_MAX_POOL_SIZE value: "1" resources: requests: memory: "32Mi" cpu: "50m" limits: memory: "128Mi" cpu: "250m" securityContext: readOnlyRootFilesystem: true livenessProbe: failureThreshold: 10 httpGet: path: /healthz port: 80 scheme: HTTP initialDelaySeconds: 30 periodSeconds: 10 successThreshold: 1 timeoutSeconds: 10