github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-06-28 16:41:02 +03:00
Code Issues Packages Projects Releases Wiki Activity
openappsec/build_system/charts/open-appsec-kong/templates/migrations.yaml

109 lines
4.4 KiB
YAML
Raw Blame History

{{- if .Values.deployment.kong.enabled }}
{{- if .Release.IsInstall -}}
{{/* .migrations.init isn't normally exposed in values.yaml, since it should
generally always run on install--there should never be any reason to
disable it, and at worst it's a no-op. However, https://github.com/helm/helm/issues/3308
means we cannot use the default function to create a hidden value, hence
the workaround with this $runInit variable.
*/}}
{{- $runInit := true -}}
{{- if (hasKey .Values.migrations "init") -}}
{{- $runInit = .Values.migrations.init -}}
{{- end -}}
{{- if (and ($runInit) (not (eq .Values.env.database "off"))) }}
apiVersion: batch/v1
kind: Job
metadata:
name: {{ template "kong.fullname" . }}-init-migrations
namespace: {{ template "kong.namespace" . }}
labels:
{{- include "kong.metaLabels" . | nindent 4 }}
app.kubernetes.io/component: init-migrations
annotations:
argocd.argoproj.io/hook: Sync
argocd.argoproj.io/hook-delete-policy: BeforeHookCreation
{{- range $key, $value := .Values.migrations.jobAnnotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
backoffLimit: {{ .Values.migrations.backoffLimit }}
template:
metadata:
name: {{ template "kong.name" . }}-init-migrations
labels:
{{- include "kong.metaLabels" . | nindent 8 }}
app.kubernetes.io/component: init-migrations
{{- if .Values.migrations.annotations }}
annotations:
{{- range $key, $value := .Values.migrations.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
{{- if (and (not .Values.deployment.serviceAccount.automountServiceAccountToken) (or .Values.deployment.serviceAccount.create .Values.deployment.serviceAccount.name)) }}
kuma.io/service-account-token-volume: {{ template "kong.serviceAccountTokenName" . }}
{{- end }}
{{- end }}
spec:
{{- if or .Values.deployment.serviceAccount.create .Values.deployment.serviceAccount.name }}
serviceAccountName: {{ template "kong.serviceAccountName" . }}
{{- end }}
{{- if (and (or .Values.deployment.serviceAccount.create .Values.deployment.serviceAccount.name) .Values.deployment.serviceAccount.automountServiceAccountToken) }}
automountServiceAccountToken: true
{{- else }}
automountServiceAccountToken: false
{{ end }}
{{- if .Values.image.pullSecrets }}
imagePullSecrets:
{{- range .Values.image.pullSecrets }}
- name: {{ . }}
{{- end }}
{{- end }}
{{- if (or (and (.Values.postgresql.enabled) .Values.waitImage.enabled) .Values.deployment.initContainers) }}
initContainers:
{{- if .Values.deployment.initContainers }}
{{- toYaml .Values.deployment.initContainers | nindent 6 }}
{{- end }}
{{- if (and (.Values.postgresql.enabled) .Values.waitImage.enabled) }}
{{- include "kong.wait-for-postgres" . | nindent 6 }}
{{- end }}
{{- end }}
containers:
{{- if .Values.migrations.sidecarContainers }}
{{- toYaml .Values.migrations.sidecarContainers | nindent 6 }}
{{- end }}
- name: {{ template "kong.name" . }}-migrations
image: {{ include "kong.getRepoTag" .Values.image }}
imagePullPolicy: {{ .Values.image.pullPolicy }}
securityContext:
{{ toYaml .Values.containerSecurityContext | nindent 10 }}
env:
{{- include "kong.no_daemon_env" . | nindent 8 }}
{{- include "kong.envFrom" .Values.envFrom | nindent 8 }}
args: [ "kong", "migrations", "bootstrap" ]
volumeMounts:
{{- include "kong.volumeMounts" . | nindent 8 }}
{{- include "kong.userDefinedVolumeMounts" .Values.deployment | nindent 8 }}
resources:
{{- toYaml .Values.migrations.resources | nindent 10 }}
securityContext:
{{- include "kong.podsecuritycontext" . | nindent 8 }}
{{- if .Values.affinity }}
affinity:
{{- toYaml .Values.affinity | nindent 8 }}
{{- end }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{- toYaml .Values.nodeSelector | nindent 8 }}
{{- end }}
{{- if .Values.tolerations }}
tolerations:
{{- toYaml .Values.tolerations | nindent 8 }}
{{- end }}
restartPolicy: OnFailure
volumes:
{{- include "kong.volumes" . | nindent 6 -}}
{{- include "kong.userDefinedVolumes" . | nindent 6 -}}
{{- end }}
{{- end }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink