forked from kubearmor/KubeArmor
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdeployment.yaml
63 lines (62 loc) · 2.2 KB
/
deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Values.kubearmorOperator.name }}
namespace: {{ .Release.Namespace }}
labels:
kubearmor-app: {{ .Values.kubearmorOperator.name }}
spec:
selector:
matchLabels:
kubearmor-app: {{ .Values.kubearmorOperator.name }}
template:
metadata:
labels:
kubearmor-app: {{ .Values.kubearmorOperator.name }}
{{- with .Values.kubearmorOperator.podLabels }}
{{- . | toYaml | nindent 8 }}
{{- end }}
{{- with .Values.kubearmorOperator.podAnnotations }}
annotations:
{{- . | toYaml | nindent 8 }}
{{- end }}
spec:
{{- with .Values.kubearmorOperator.podSecurityContext }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.kubearmorOperator.image.imagePullSecrets }}
imagePullSecrets:
{{ toYaml .Values.kubearmorOperator.image.imagePullSecrets | indent 6 }}
{{- end }}
{{- if .Values.kubearmorOperator.tolerations }}
tolerations:
{{ toYaml .Values.kubearmorOperator.tolerations | indent 6 }}
{{- end }}
containers:
- name: {{ .Values.kubearmorOperator.name }}
env:
- name: KUBEARMOR_OPERATOR_NS
valueFrom:
fieldRef:
fieldPath: metadata.namespace
{{- if .Values.imagePinning -}}
{{ include "pinnedImages" .Values.oci_meta | trim | nindent 8 }}
{{- end }}
image: {{ include "operatorImage" . }}
imagePullPolicy: {{ .Values.kubearmorOperator.imagePullPolicy }}
args:
- --annotateExisting={{ .Values.kubearmorOperator.annotateExisting }}
- --annotateResource={{ .Values.kubearmorOperator.annotateResource }}
{{- if .Values.kubearmorOperator.args -}}
{{- toYaml .Values.kubearmorOperator.args | trim | nindent 8 }}
{{- end }}
{{- with .Values.kubearmorOperator.securityContext }}
securityContext:
{{- toYaml . | nindent 10 }}
{{- end }}
{{- with .Values.kubearmorOperator.resources }}
resources:
{{- toYaml . | nindent 10 }}
{{- end }}
serviceAccountName: {{ .Values.kubearmorOperator.name }}