github-mirrors/imagepullsecret-injector
1
0
Fork 0
mirror of https://github.com/ysoftdevs/imagepullsecret-injector.git synced 2026-03-17 23:04:15 +01:00
Code Issues Packages Projects Releases 10 Wiki Activity
Files
e0fe690e4e2920d3aa9bc46c6c107842a36a7dac
imagepullsecret-injector/charts/imagepullsecret-injector/templates/deployment.yaml
Martin Šalata 8da5aafc21 Log everything in JSON
2021-07-27 14:18:18 +02:00

54 lines
2.2 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: imagepullsecret-injector-webhook-deployment
namespace : {{ .Release.Namespace }}
labels:
app: imagepullsecret-injector
{{- include "imagepullsecret-injector.labels" . | nindent 4 }}
spec:
replicas: 1
selector:
matchLabels:
app: imagepullsecret-injector
template:
metadata:
labels:
app: imagepullsecret-injector
spec:
serviceAccountName: imagepullsecret-injector
containers:
- name: imagepullsecret-injector
image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: IfNotPresent
args:
- 2>&1
env:
- name: CONFIG_PORT
value: "8443"
- name: CONFIG_CERT_PATH
value: "/etc/webhook/certs/cert.pem"
- name: CONFIG_KEY_PATH
value: "/etc/webhook/certs/key.pem"
- name: CONFIG_EXCLUDE_NAMESPACES
value: {{ join "," .Values.imagepullsecretInjector.excludeNamespaces | quote }}
- name: CONFIG_SERVICE_ACCOUNTS
value: {{ join "," .Values.imagepullsecretInjector.saNames | quote }}
- name: CONFIG_TARGET_IMAGE_PULL_SECRET_NAME
value: {{ .Values.imagepullsecretInjector.targetSecretName | quote }}
- name: CONFIG_SOURCE_IMAGE_PULL_SECRET_NAME
value: {{ .Values.imagepullsecretInjector.dockerconfigjsonRef.secretName | quote }}
- name: CONFIG_SOURCE_IMAGE_PULL_SECRET_NAMESPACE
value: {{ .Values.imagepullsecretInjector.dockerconfigjsonRef.secretNamespace | default .Release.Namespace | quote }}
- name: CONFIG_IGNORE_SECRET_CREATION_ERROR
value: {{ .Values.imagepullsecretInjector.ignoreSecretCreationError | quote }}
- name: CONFIG_ALL_SERVICE_ACCOUNTS
value: {{ .Values.imagepullsecretInjector.allSaNames | quote }}
volumeMounts:
- name: webhook-certs
mountPath: /etc/webhook/certs
readOnly: true
volumes:
- name: webhook-certs
secret:
secretName: {{ include "imagepullsecret-injector.certificateSecretName" . }}
Reference in New Issue View Git Blame Copy Permalink