about summary refs log tree commit diff
path: root/chart/templates/deployment-sidekiq.yaml
blob: 878b01150f84c992cc268672f6be2eb3c556f8bc (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ include "mastodon.fullname" . }}-sidekiq
  labels:
    {{- include "mastodon.labels" . | nindent 4 }}
spec:
  {{- if not .Values.autoscaling.enabled }}
  replicas: {{ .Values.replicaCount }}
  {{- end }}
  selector:
    matchLabels:
      {{- include "mastodon.selectorLabels" . | nindent 6 }}
      app.kubernetes.io/component: sidekiq
      app.kubernetes.io/part-of: rails
  template:
    metadata:
      annotations:
        {{- with .Values.podAnnotations }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
        # roll the pods to pick up any db migrations or other changes
        {{- include "mastodon.rollingPodAnnotations" . | nindent 8 }}
      labels:
        {{- include "mastodon.selectorLabels" . | nindent 8 }}
        app.kubernetes.io/component: sidekiq
        app.kubernetes.io/part-of: rails
    spec:
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      serviceAccountName: {{ include "mastodon.serviceAccountName" . }}
      {{- with .Values.podSecurityContext }}
      securityContext:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- if (not .Values.mastodon.s3.enabled) }}
      # ensure we run on the same node as the other rails components; only
      # required when using PVCs that are ReadWriteOnce
      {{- if or (eq "ReadWriteOnce" .Values.mastodon.persistence.assets.accessMode) (eq "ReadWriteOnce" .Values.mastodon.persistence.system.accessMode) }}
      affinity:
        podAffinity:
          requiredDuringSchedulingIgnoredDuringExecution:
          - labelSelector:
              matchExpressions:
                - key: app.kubernetes.io/part-of
                  operator: In
                  values:
                    - rails
            topologyKey: kubernetes.io/hostname
      {{- end }}
      volumes:
        - name: assets
          persistentVolumeClaim:
            claimName: {{ template "mastodon.fullname" . }}-assets
        - name: system
          persistentVolumeClaim:
            claimName: {{ template "mastodon.fullname" . }}-system
      {{- end }}
      containers:
        - name: {{ .Chart.Name }}
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          command:
            - bundle
            - exec
            - sidekiq
            - -c
            - {{ .Values.mastodon.sidekiq.concurrency | quote }}
          envFrom:
            - configMapRef:
                name: {{ include "mastodon.fullname" . }}-env
            - secretRef:
                name: {{ template "mastodon.secretName" . }}
          env:
            - name: "DB_PASS"
              valueFrom:
                secretKeyRef:
                  name: {{ template "mastodon.postgresql.secretName" . }}
                  key: password
            - name: "REDIS_PASSWORD"
              valueFrom:
                secretKeyRef:
                  name: {{ template "mastodon.redis.secretName" . }}
                  key: redis-password
            {{- if (and .Values.mastodon.s3.enabled .Values.mastodon.s3.existingSecret) }}
            - name: "AWS_SECRET_ACCESS_KEY"
              valueFrom:
                secretKeyRef:
                  name: {{ .Values.mastodon.s3.existingSecret }}
                  key: AWS_SECRET_ACCESS_KEY
            - name: "AWS_ACCESS_KEY_ID"
              valueFrom:
                secretKeyRef:
                  name: {{ .Values.mastodon.s3.existingSecret }}
                  key: AWS_ACCESS_KEY_ID
            {{- end }}
            {{- if .Values.mastodon.smtp.existingSecret }}
            - name: "SMTP_LOGIN"
              valueFrom:
                secretKeyRef:
                  name: {{ .Values.mastodon.smtp.existingSecret }}
                  key: login
                  optional: true
            - name: "SMTP_PASSWORD"
              valueFrom:
                secretKeyRef:
                  name: {{ .Values.mastodon.smtp.existingSecret }}
                  key: password
            {{- end }}
          {{- if (not .Values.mastodon.s3.enabled) }}
          volumeMounts:
            - name: assets
              mountPath: /opt/mastodon/public/assets
            - name: system
              mountPath: /opt/mastodon/public/system
          {{- end }}
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}