apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "phpmyadmin-nginx.fullname" . }} labels: {{- include "phpmyadmin-nginx.labels" . | nindent 4 }} spec: {{- if not .Values.autoscaling.enabled }} replicas: {{ .Values.replicaCount }} {{- end }} selector: matchLabels: {{- include "phpmyadmin-nginx.selectorLabels" . | nindent 6 }} template: metadata: annotations: checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }} checksum/nginx-config: {{ include (print $.Template.BasePath "/nginx-configmap.yaml") . | sha256sum }} {{- with .Values.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "phpmyadmin-nginx.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "phpmyadmin-nginx.serviceAccountName" . }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} initContainers: - name: copy-phpmyadmin image: "{{ .Values.image.phpmyadmin.registry }}/{{ .Values.image.phpmyadmin.repository }}:{{ .Values.image.phpmyadmin.tag }}" imagePullPolicy: {{ .Values.image.phpmyadmin.pullPolicy }} command: - sh - -c - | echo "Copying phpMyAdmin files to shared volume..." cp -rp /var/www/html/. /tmp/phpmyadmin/ echo "Copy completed successfully" securityContext: allowPrivilegeEscalation: false capabilities: drop: - ALL runAsNonRoot: true runAsUser: 82 volumeMounts: - name: phpmyadmin-data mountPath: /tmp/phpmyadmin containers: - name: nginx securityContext: {{- toYaml .Values.securityContext.nginx | nindent 10 }} image: "{{ .Values.image.nginx.registry }}/{{ .Values.image.nginx.repository }}:{{ .Values.image.nginx.tag }}" imagePullPolicy: {{ .Values.image.nginx.pullPolicy }} ports: - name: http containerPort: 8080 protocol: TCP livenessProbe: httpGet: path: / port: http initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} failureThreshold: {{ .Values.livenessProbe.failureThreshold }} readinessProbe: httpGet: path: / port: http initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.resources.nginx | nindent 10 }} volumeMounts: - name: nginx-config mountPath: /etc/nginx/nginx.conf subPath: nginx.conf readOnly: true - name: nginx-default-conf mountPath: /etc/nginx/conf.d/default.conf subPath: default.conf readOnly: true - name: nginx-cache mountPath: /var/cache/nginx - name: nginx-run mountPath: /var/run - name: phpmyadmin-data mountPath: /var/www/html - name: phpmyadmin securityContext: {{- toYaml .Values.securityContext.phpmyadmin | nindent 10 }} image: "{{ .Values.image.phpmyadmin.registry }}/{{ .Values.image.phpmyadmin.repository }}:{{ .Values.image.phpmyadmin.tag }}" imagePullPolicy: {{ .Values.image.phpmyadmin.pullPolicy }} env: {{- range .Values.phpmyadmin.hosts }} - name: PMA_HOST value: {{ .host | quote }} - name: PMA_PORT value: {{ .port | quote }} {{- end }} - name: PMA_ARBITRARY value: {{ .Values.phpmyadmin.env.PMA_ARBITRARY | quote }} {{- if .Values.phpmyadmin.env.PMA_ABSOLUTE_URI }} - name: PMA_ABSOLUTE_URI value: {{ .Values.phpmyadmin.env.PMA_ABSOLUTE_URI | quote }} {{- end }} - name: UPLOAD_LIMIT value: {{ .Values.phpmyadmin.env.UPLOAD_LIMIT | quote }} - name: MEMORY_LIMIT value: {{ .Values.phpmyadmin.env.MEMORY_LIMIT | quote }} - name: MAX_EXECUTION_TIME value: {{ .Values.phpmyadmin.env.MAX_EXECUTION_TIME | quote }} {{- if or .Values.phpmyadmin.blowfishSecret .Values.phpmyadmin.existingSecret }} - name: PMA_BLOWFISH_SECRET valueFrom: secretKeyRef: name: {{ .Values.phpmyadmin.existingSecret | default (include "phpmyadmin-nginx.fullname" .) }} key: blowfish-secret {{- end }} ports: - name: php-fpm containerPort: 9000 protocol: TCP livenessProbe: tcpSocket: port: php-fpm initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.livenessProbe.periodSeconds }} timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }} failureThreshold: {{ .Values.livenessProbe.failureThreshold }} readinessProbe: tcpSocket: port: php-fpm initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }} periodSeconds: {{ .Values.readinessProbe.periodSeconds }} timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }} failureThreshold: {{ .Values.readinessProbe.failureThreshold }} resources: {{- toYaml .Values.resources.phpmyadmin | nindent 10 }} volumeMounts: - name: phpmyadmin-data mountPath: /var/www/html - name: phpmyadmin-config mountPath: /etc/phpmyadmin/config.user.inc.php subPath: config.inc.php readOnly: true {{- if .Values.persistence.enabled }} - name: sessions mountPath: /sessions {{- end }} - name: php-fpm-run mountPath: /var/run volumes: - name: nginx-config configMap: name: {{ include "phpmyadmin-nginx.fullname" . }}-nginx items: - key: nginx.conf path: nginx.conf - name: nginx-default-conf configMap: name: {{ include "phpmyadmin-nginx.fullname" . }}-nginx items: - key: default.conf path: default.conf - name: phpmyadmin-config configMap: name: {{ include "phpmyadmin-nginx.fullname" . }} items: - key: config.inc.php path: config.inc.php - name: nginx-cache emptyDir: {} - name: nginx-run emptyDir: {} - name: php-fpm-run emptyDir: {} - name: phpmyadmin-data emptyDir: {} {{- if .Values.persistence.enabled }} - name: sessions persistentVolumeClaim: claimName: {{ include "phpmyadmin-nginx.fullname" . }} {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }}