diff --git a/templates/deployment.yaml b/templates/deployment.yaml index 0200f92..6533fc9 100644 --- a/templates/deployment.yaml +++ b/templates/deployment.yaml @@ -1,69 +1,180 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: {{ include "{{ .Chart.Name }}.fullname" . }} + name: {{ include "phpmyadmin-nginx.fullname" . }} labels: - {{- include "{{ .Chart.Name }}.labels" . | nindent 4 }} + {{- include "phpmyadmin-nginx.labels" . | nindent 4 }} spec: + {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} + {{- end }} selector: matchLabels: - {{- include "{{ .Chart.Name }}.selectorLabels" . | nindent 6 }} + {{- include "phpmyadmin-nginx.selectorLabels" . | nindent 6 }} template: metadata: + annotations: + checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} + checksum/nginx-config: {{ include (print $.Template.BasePath "/nginx-configmap.yaml") . | sha256sum }} + {{- with .Values.podAnnotations }} + {{- toYaml . | nindent 8 }} + {{- end }} labels: - {{- include "{{ .Chart.Name }}.selectorLabels" . | nindent 8 }} + {{- include "phpmyadmin-nginx.selectorLabels" . | nindent 8 }} spec: + {{- with .Values.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "phpmyadmin-nginx.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.podSecurityContext | nindent 8 }} + initContainers: + - name: init-php-fpm + image: "{{ .Values.image.phpmyadmin.registry }}/{{ .Values.image.phpmyadmin.repository }}:{{ .Values.image.phpmyadmin.tag }}" + imagePullPolicy: {{ .Values.image.phpmyadmin.pullPolicy }} + command: ['sh', '-c', 'echo "PHP-FPM init container completed"'] + securityContext: + {{- toYaml .Values.securityContext.phpmyadmin | nindent 10 }} containers: - - name: nginx - image: "{{ .Values.image.nginx.registry }}/{{ .Values.image.nginx.repository }}:{{ .Values.image.nginx.tag }}" - imagePullPolicy: {{ .Values.image.nginx.pullPolicy }} - ports: - - containerPort: 80 - volumeMounts: - - name: app-storage - mountPath: /var/www/html - subPath: html - - name: nginx-config - mountPath: /etc/nginx/nginx.conf - subPath: nginx.conf - - name: app-fpm - image: "{{ .Values.image.php.registry }}/{{ .Values.image.php.repository }}:{{ .Values.image.php.tag }}" - imagePullPolicy: {{ .Values.image.php.pullPolicy }} - ports: - - name: fpm - containerPort: 9000 # PHP-FPMは9000ポートでリッスン - volumeMounts: - - name: app-storage - mountPath: /var/www/html - subPath: html - env: - - name: DB_HOST - value: {{ .Values.externalDatabase.host | quote }} - - name: DB_PORT - value: {{ .Values.externalDatabase.port | quote }} - - name: DB_NAME - value: {{ .Values.externalDatabase.database | quote }} - - name: DB_USER - value: {{ .Values.externalDatabase.username | quote }} - - name: DB_PASSWORD - valueFrom: - secretKeyRef: - name: {{ include "{{ .Chart.Name }}.fullname" . }}-db-secret - key: {{ include "{{ .Chart.Name }}.fullname" . }}-db-key - dnsPolicy: ClusterFirst - dnsConfig: - options: - - name: ndots - value: "1" - volumes: - - name: app-storage - {{- if .Values.persistence.enabled }} - persistentVolumeClaim: - claimName: {{ include "{{ .Chart.Name }}.fullname" . }}-pvc - {{- else }} - emptyDir: {} - {{- end }} + - name: nginx + securityContext: + {{- toYaml .Values.securityContext.nginx | nindent 10 }} + image: "{{ .Values.image.nginx.registry }}/{{ .Values.image.nginx.repository }}:{{ .Values.image.nginx.tag }}" + imagePullPolicy: {{ .Values.image.nginx.pullPolicy }} + ports: + - name: http + containerPort: 8080 + protocol: TCP + livenessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + readinessProbe: + httpGet: + path: / + port: http + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + resources: + {{- toYaml .Values.resources.nginx | nindent 10 }} + volumeMounts: - name: nginx-config - configMap: - name: {{ include "{{ .Chart.Name }}.fullname" . }}-nginx-config + mountPath: /etc/nginx/nginx.conf + subPath: nginx.conf + readOnly: true + - name: nginx-default-conf + mountPath: /etc/nginx/conf.d/default.conf + subPath: default.conf + readOnly: true + - name: nginx-cache + mountPath: /var/cache/nginx + - name: nginx-run + mountPath: /var/run + - name: phpmyadmin-data + mountPath: /var/www/html + readOnly: true + - name: phpmyadmin + securityContext: + {{- toYaml .Values.securityContext.phpmyadmin | nindent 10 }} + image: "{{ .Values.image.phpmyadmin.registry }}/{{ .Values.image.phpmyadmin.repository }}:{{ .Values.image.phpmyadmin.tag }}" + imagePullPolicy: {{ .Values.image.phpmyadmin.pullPolicy }} + env: + {{- range .Values.phpmyadmin.hosts }} + - name: PMA_HOST + value: {{ .host | quote }} + - name: PMA_PORT + value: {{ .port | quote }} + {{- end }} + - name: PMA_ARBITRARY + value: {{ .Values.phpmyadmin.env.PMA_ARBITRARY | quote }} + {{- if .Values.phpmyadmin.env.PMA_ABSOLUTE_URI }} + - name: PMA_ABSOLUTE_URI + value: {{ .Values.phpmyadmin.env.PMA_ABSOLUTE_URI | quote }} + {{- end }} + - name: UPLOAD_LIMIT + value: {{ .Values.phpmyadmin.env.UPLOAD_LIMIT | quote }} + - name: MEMORY_LIMIT + value: {{ .Values.phpmyadmin.env.MEMORY_LIMIT | quote }} + - name: MAX_EXECUTION_TIME + value: {{ .Values.phpmyadmin.env.MAX_EXECUTION_TIME | quote }} + {{- if or .Values.phpmyadmin.blowfishSecret .Values.phpmyadmin.existingSecret }} + - name: PMA_BLOWFISH_SECRET + valueFrom: + secretKeyRef: + name: {{ .Values.phpmyadmin.existingSecret | default (include "phpmyadmin-nginx.fullname" .) }} + key: blowfish-secret + {{- end }} + ports: + - name: php-fpm + containerPort: 9000 + protocol: TCP + livenessProbe: + tcpSocket: + port: php-fpm + initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.livenessProbe.failureThreshold }} + readinessProbe: + tcpSocket: + port: php-fpm + initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} + periodSeconds: {{ .Values.readinessProbe.periodSeconds }} + timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} + failureThreshold: {{ .Values.readinessProbe.failureThreshold }} + resources: + {{- toYaml .Values.resources.phpmyadmin | nindent 10 }} + volumeMounts: + - name: phpmyadmin-data + mountPath: /var/www/html + {{- if .Values.persistence.enabled }} + - name: sessions + mountPath: /sessions + {{- end }} + - name: php-fpm-run + mountPath: /var/run + volumes: + - name: nginx-config + configMap: + name: {{ include "phpmyadmin-nginx.fullname" . }}-nginx + items: + - key: nginx.conf + path: nginx.conf + - name: nginx-default-conf + configMap: + name: {{ include "phpmyadmin-nginx.fullname" . }}-nginx + items: + - key: default.conf + path: default.conf + - name: nginx-cache + emptyDir: {} + - name: nginx-run + emptyDir: {} + - name: php-fpm-run + emptyDir: {} + - name: phpmyadmin-data + emptyDir: {} + {{- if .Values.persistence.enabled }} + - name: sessions + persistentVolumeClaim: + claimName: {{ include "phpmyadmin-nginx.fullname" . }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} \ No newline at end of file