| {{- $root := . -}} |
| |
| apiVersion: apps/v1 |
| kind: StatefulSet |
| metadata: |
| name: {{ .Release.Name }}-gerrit-replica-statefulset |
| labels: |
| app.kubernetes.io/component: gerrit-replica |
| app.kubernetes.io/instance: {{ .Release.Name }} |
| chart: {{ template "gerrit-replica.chart" . }} |
| heritage: {{ .Release.Service }} |
| release: {{ .Release.Name }} |
| {{- if .Values.additionalLabels }} |
| {{ toYaml .Values.additionalLabels | indent 4 }} |
| {{- end }} |
| spec: |
| serviceName: {{ .Release.Name }}-gerrit-replica-service |
| replicas: {{ .Values.gerritReplica.replicas }} |
| updateStrategy: |
| rollingUpdate: |
| partition: {{ .Values.gerritReplica.updatePartition }} |
| selector: |
| matchLabels: |
| app.kubernetes.io/component: gerrit-replica |
| app.kubernetes.io/instance: {{ .Release.Name }} |
| template: |
| metadata: |
| labels: |
| app.kubernetes.io/component: gerrit-replica |
| app.kubernetes.io/instance: {{ .Release.Name }} |
| chart: {{ template "gerrit-replica.chart" . }} |
| heritage: {{ .Release.Service }} |
| release: {{ .Release.Name }} |
| {{- if .Values.additionalLabels }} |
| {{ toYaml .Values.additionalLabels | indent 8 }} |
| {{- end }} |
| {{- if .Values.gerritReplica.additionalPodLabels }} |
| {{ toYaml .Values.gerritReplica.additionalPodLabels | indent 8 }} |
| {{- end }} |
| annotations: |
| chartRevision: "{{ .Release.Revision }}" |
| {{- if .Values.gerritReplica.additionalAnnotations }} |
| {{ toYaml .Values.gerritReplica.additionalAnnotations | indent 8 }} |
| {{- end }} |
| spec: |
| {{- with .Values.gerritReplica.tolerations }} |
| tolerations: |
| {{- toYaml . | nindent 8 }} |
| {{- end }} |
| {{- with .Values.gerritReplica.topologySpreadConstraints }} |
| topologySpreadConstraints: |
| {{- toYaml . | nindent 8 }} |
| {{- end }} |
| {{- with .Values.gerritReplica.nodeSelector }} |
| nodeSelector: |
| {{- toYaml . | nindent 8 }} |
| {{- end }} |
| {{- with .Values.gerritReplica.affinity }} |
| affinity: |
| {{- toYaml . | nindent 8 }} |
| {{- end }} |
| {{- with .Values.gerritReplica.priorityClassName }} |
| priorityClassName: {{ . }} |
| {{- end }} |
| terminationGracePeriodSeconds: {{ .Values.gerritReplica.gracefulStopTimeout }} |
| securityContext: |
| fsGroup: 100 |
| {{ if .Values.images.registry.ImagePullSecret.name -}} |
| imagePullSecrets: |
| - name: {{ .Values.images.registry.ImagePullSecret.name }} |
| {{- range .Values.images.additionalImagePullSecrets }} |
| - name: {{ . }} |
| {{- end }} |
| {{- end }} |
| initContainers: |
| {{- if and .Values.nfsWorkaround.enabled .Values.nfsWorkaround.chownOnStartup }} |
| - name: nfs-init |
| image: {{ .Values.images.busybox.registry -}}/busybox:{{- .Values.images.busybox.tag }} |
| command: |
| - sh |
| - -c |
| args: |
| - | |
| chown 1000:100 /var/mnt/logs |
| chown 1000:100 /var/mnt/git |
| env: |
| - name: POD_NAME |
| valueFrom: |
| fieldRef: |
| fieldPath: metadata.name |
| volumeMounts: |
| - name: logs |
| subPathExpr: "gerrit-replica/$(POD_NAME)" |
| mountPath: "/var/mnt/logs" |
| - name: git-repositories |
| mountPath: "/var/mnt/git" |
| {{- if .Values.nfsWorkaround.idDomain }} |
| - name: nfs-config |
| mountPath: "/etc/idmapd.conf" |
| subPath: idmapd.conf |
| {{- end }} |
| {{- end }} |
| - name: gerrit-init |
| image: {{ template "registry" . }}{{ .Values.gerritReplica.images.gerritInit }}:{{ .Values.images.version }} |
| imagePullPolicy: {{ .Values.images.imagePullPolicy }} |
| env: |
| - name: POD_NAME |
| valueFrom: |
| fieldRef: |
| fieldPath: metadata.name |
| volumeMounts: |
| - name: gerrit-site |
| mountPath: "/var/gerrit" |
| - name: git-repositories |
| mountPath: "/var/mnt/git" |
| - name: logs |
| subPathExpr: "gerrit-replica/$(POD_NAME)" |
| mountPath: "/var/mnt/logs" |
| - name: gerrit-init-config |
| mountPath: "/var/config/gerrit-init.yaml" |
| subPath: gerrit-init.yaml |
| {{- if and .Values.nfsWorkaround.enabled .Values.nfsWorkaround.idDomain }} |
| - name: nfs-config |
| mountPath: "/etc/idmapd.conf" |
| subPath: idmapd.conf |
| {{- end }} |
| {{- if and .Values.gerritReplica.pluginManagement.cache.enabled }} |
| - name: gerrit-plugin-cache |
| mountPath: "/var/mnt/plugins" |
| {{- end }} |
| - name: gerrit-config |
| mountPath: "/var/mnt/etc/config" |
| - name: gerrit-replica-secure-config |
| mountPath: "/var/mnt/etc/secret" |
| {{ if .Values.caCert -}} |
| - name: tls-ca |
| subPath: ca.crt |
| mountPath: "/var/config/ca.crt" |
| {{- end }} |
| {{- range .Values.gerritReplica.additionalConfigMaps }} |
| - name: {{ .name }} |
| mountPath: "/var/mnt/data/{{ .subDir }}" |
| {{- end }} |
| containers: |
| - name: gerrit-replica |
| image: {{ template "registry" . }}{{ .Values.gerritReplica.images.gerritReplica }}:{{ .Values.images.version }} |
| imagePullPolicy: {{ .Values.images.imagePullPolicy }} |
| env: |
| - name: POD_NAME |
| valueFrom: |
| fieldRef: |
| fieldPath: metadata.name |
| lifecycle: |
| preStop: |
| exec: |
| command: |
| - "/bin/ash" |
| - "-c" |
| - "kill -2 $(pidof java) && tail --pid=$(pidof java) -f /dev/null" |
| ports: |
| - name: http |
| containerPort: 8080 |
| {{ if .Values.gerritReplica.service.ssh -}} |
| - name: ssh |
| containerPort: 29418 |
| {{- end }} |
| volumeMounts: |
| - name: gerrit-site |
| mountPath: "/var/gerrit" |
| - name: git-repositories |
| mountPath: "/var/mnt/git" |
| - name: logs |
| subPathExpr: "gerrit-replica/$(POD_NAME)" |
| mountPath: "/var/mnt/logs" |
| {{- if and .Values.nfsWorkaround.enabled .Values.nfsWorkaround.idDomain }} |
| - name: nfs-config |
| mountPath: "/etc/idmapd.conf" |
| subPath: idmapd.conf |
| {{- end }} |
| - name: gerrit-config |
| mountPath: "/var/mnt/etc/config" |
| - name: gerrit-replica-secure-config |
| mountPath: "/var/mnt/etc/secret" |
| {{- range .Values.gerritReplica.additionalConfigMaps }} |
| - name: {{ .name }} |
| mountPath: "/var/mnt/data/{{ .subDir }}" |
| {{- end }} |
| livenessProbe: |
| httpGet: |
| path: /config/server/healthcheck~status |
| port: http |
| {{- if .Values.gerritReplica.probeScheme }} |
| scheme: {{ .Values.gerritReplica.probeScheme }} |
| {{- end }} |
| {{ toYaml .Values.gerritReplica.livenessProbe | indent 10 }} |
| readinessProbe: |
| httpGet: |
| path: /config/server/healthcheck~status |
| port: http |
| {{- if .Values.gerritReplica.probeScheme }} |
| scheme: {{ .Values.gerritReplica.probeScheme }} |
| {{- end }} |
| {{ toYaml .Values.gerritReplica.readinessProbe | indent 10 }} |
| startupProbe: |
| httpGet: |
| path: /config/server/healthcheck~status |
| port: http |
| {{- if .Values.gerritReplica.probeScheme }} |
| scheme: {{ .Values.gerritReplica.probeScheme }} |
| {{- end }} |
| {{ toYaml .Values.gerritReplica.startupProbe | indent 10 }} |
| resources: |
| {{ toYaml .Values.gerritReplica.resources | indent 10 }} |
| {{ if .Values.istio.enabled -}} |
| - name: istio-proxy |
| image: auto |
| lifecycle: |
| preStop: |
| exec: |
| command: |
| - "/bin/sh" |
| - "-c" |
| - "while [ $(netstat -plunt | grep tcp | grep -v envoy | wc -l | xargs) -ne 0 ]; do sleep 1; done" |
| {{- end }} |
| {{ if .Values.promtailSidecar.enabled -}} |
| - name: promtail |
| image: {{ .Values.promtailSidecar.image }}:v{{ .Values.promtailSidecar.version }} |
| imagePullPolicy: {{ .Values.images.imagePullPolicy }} |
| command: |
| - sh |
| - -ec |
| args: |
| - |- |
| /usr/bin/promtail \ |
| -config.file=/etc/promtail/promtail.yaml \ |
| -client.url={{ .Values.promtailSidecar.loki.url }}/loki/api/v1/push \ |
| -client.external-labels=instance=$HOSTNAME |
| env: |
| - name: POD_NAME |
| valueFrom: |
| fieldRef: |
| fieldPath: metadata.name |
| resources: |
| {{ toYaml .Values.promtailSidecar.resources | indent 10 }} |
| volumeMounts: |
| - name: promtail-config |
| mountPath: /etc/promtail/promtail.yaml |
| subPath: promtail.yaml |
| - name: promtail-secret |
| mountPath: /etc/promtail/promtail.secret |
| subPath: promtail.secret |
| {{- if not .Values.promtailSidecar.tls.skipVerify }} |
| - name: tls-ca |
| mountPath: /etc/promtail/promtail.ca.crt |
| subPath: ca.crt |
| {{- end }} |
| - name: logs |
| subPathExpr: "gerrit-replica/$(POD_NAME)" |
| mountPath: "/var/gerrit/logs" |
| {{- if and .Values.nfsWorkaround.enabled .Values.nfsWorkaround.idDomain }} |
| - name: nfs-config |
| mountPath: "/etc/idmapd.conf" |
| subPath: idmapd.conf |
| {{- end }} |
| {{- end }} |
| volumes: |
| {{ if not .Values.gerritReplica.persistence.enabled -}} |
| - name: gerrit-site |
| emptyDir: {} |
| {{- end }} |
| {{- if and .Values.gerritReplica.pluginManagement.cache.enabled }} |
| - name: gerrit-plugin-cache |
| persistentVolumeClaim: |
| claimName: {{ .Release.Name }}-plugin-cache-pvc |
| {{- end }} |
| - name: git-repositories |
| persistentVolumeClaim: |
| {{- if .Values.gitRepositoryStorage.externalPVC.use }} |
| claimName: {{ .Values.gitRepositoryStorage.externalPVC.name }} |
| {{- else }} |
| claimName: {{ .Release.Name }}-git-repositories-pvc |
| {{- end }} |
| - name: logs |
| {{ if .Values.logStorage.enabled -}} |
| persistentVolumeClaim: |
| {{- if .Values.logStorage.externalPVC.use }} |
| claimName: {{ .Values.logStorage.externalPVC.name }} |
| {{- else }} |
| claimName: {{ .Release.Name }}-log-pvc |
| {{- end }} |
| {{ else -}} |
| emptyDir: {} |
| {{- end }} |
| - name: gerrit-init-config |
| configMap: |
| name: {{ .Release.Name }}-gerrit-init-configmap |
| - name: gerrit-config |
| configMap: |
| name: {{ .Release.Name }}-gerrit-replica-configmap |
| - name: gerrit-replica-secure-config |
| secret: |
| secretName: {{ .Release.Name }}-gerrit-replica-secure-config |
| {{ if .Values.caCert -}} |
| - name: tls-ca |
| secret: |
| secretName: {{ .Release.Name }}-tls-ca |
| {{- end }} |
| {{- range .Values.gerritReplica.additionalConfigMaps }} |
| - name: {{ .name }} |
| configMap: |
| name: {{ if .data }}{{ $root.Release.Name }}-{{ .name }}{{ else }}{{ .name }}{{ end }} |
| {{- end }} |
| {{- if and .Values.nfsWorkaround.enabled .Values.nfsWorkaround.idDomain }} |
| - name: nfs-config |
| configMap: |
| name: {{ .Release.Name }}-nfs-configmap |
| {{- end }} |
| {{ if .Values.promtailSidecar.enabled -}} |
| - name: promtail-config |
| configMap: |
| name: {{ .Release.Name }}-promtail-gerrit-configmap |
| - name: promtail-secret |
| secret: |
| secretName: {{ .Release.Name }}-promtail-secret |
| {{- end }} |
| {{ if .Values.gerritReplica.persistence.enabled -}} |
| volumeClaimTemplates: |
| - metadata: |
| name: gerrit-site |
| labels: |
| app.kubernetes.io/component: gerrit-replica |
| app.kubernetes.io/instance: {{ .Release.Name }} |
| chart: {{ template "gerrit-replica.chart" . }} |
| heritage: {{ .Release.Service }} |
| release: {{ .Release.Name }} |
| {{- if .Values.additionalLabels }} |
| {{ toYaml .Values.additionalLabels | indent 8 }} |
| {{- end }} |
| spec: |
| accessModes: |
| - ReadWriteOnce |
| resources: |
| requests: |
| storage: {{ .Values.gerritReplica.persistence.size }} |
| storageClassName: {{ .Values.storageClasses.default.name }} |
| {{- end }} |