K3S-Cluster/home-cluster-ops
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4039f2ab44f836751bae37d5cf14ccf9403fcd6b
home-cluster-ops/infrastructures/renovate/base/deployment.yaml
Edward Cheng 2d747d698c fix pem file path
2024-07-20 16:02:19 +10:00

135 lines
4.2 KiB
YAML
Raw Blame History

apiVersion: apps/v1
kind: Deployment
metadata:
name: renovate
namespace: renovate
labels:
app.kubernetes.io/name: renovate
spec:
selector:
matchLabels:
app.kubernetes.io/name: renovate
template:
metadata:
labels:
app.kubernetes.io/name: renovate
spec:
securityContext:
runAsUser: 1000
runAsGroup: 1000
containers:
- name: renovate
image: ghcr.io/mend/renovate-ce:7.5.0-full
securityContext:
allowPrivilegeEscalation: false
env:
- name: MEND_RNV_ACCEPT_TOS
value: y
- name: MEND_RNV_LICENSE_KEY
valueFrom:
secretKeyRef:
name: renovate-secrets
key: renovate_license_key
- name: MEND_RNV_PLATFORM
value: github
- name: MEND_RNV_ENDPOINT
value: "https://api.github.com/"
- name: MEND_RNV_DATA_HANDLER_TYPE
value: "postgresql"
- name: PGDATABASE
valueFrom:
secretKeyRef:
name: renovate-secrets
key: db_pg_database
- name: PGUSER
valueFrom:
secretKeyRef:
name: renovate-secrets
key: db_pg_user
- name: PGPORT
value: "5432"
- name: PGHOST
valueFrom:
secretKeyRef:
name: renovate-secrets
key: db_pg_host
- name: PGPASSWORD
valueFrom:
secretKeyRef:
name: renovate-secrets
key: db_pg_password
- name: MEND_RNV_GITHUB_APP_ID
value: "938218"
- name: RNV_GITHUB_PEM_FILE_PATH
value: "/usr/src/app/rpi5-cluster-renovate.2024-07-05.private-key.pem"
- name: MEND_RNV_WEBHOOK_SECRET
valueFrom:
secretKeyRef:
name: renovate-secrets
key: github_app_webhook_secret
- name: MEND_RNV_ADMIN_API_ENABLED
value: "true"
- name: MEND_RNV_SERVER_API_SECRET
valueFrom:
secretKeyRef:
name: renovate-secrets
key: server_api_secret
- name: GITHUB_COM_TOKEN
valueFrom:
secretKeyRef:
name: renovate-secrets
key: github_pat
- name: MEND_RNV_AUTODISCOVER_FILTER
value: "3dwardch3ng/home-cluster-ops"
- name: MEND_RNV_ENQUEUE_JOBS_ON_STARTUP
value: "enabled"
- name: MEND_RNV_LOG_HISTORY_DIR
value: "/logs"
ports:
- name: http
containerPort: 8080
protocol: TCP
livenessProbe:
initialDelaySeconds: 2
httpGet:
path: /health
port: http
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
readinessProbe:
httpGet:
path: /health
port: http
periodSeconds: 10
timeoutSeconds: 1
failureThreshold: 3
successThreshold: 1
volumeMounts:
- name: renovate-config-js-volume
mountPath: /usr/src/app/config.js
subPath: config.js
- name: renovate-cache-volume
mountPath: /tmp/renovate
- name: renovate-logs
mountPath: /logs
- name: renovate-gh-app-pem
mountPath: /usr/src/app/renovate.private-key.pem
volumes:
- name: renovate-config-js-volume
configMap:
name: renovate-config-js
- name: renovate-cache-volume
emptyDir: {}
- name: renovate-logs
hostPath:
path: /mnt/nfs/AppData/renovate/logs
type: Directory
- name: renovate-gh-app-pem
hostPath:
path: /mnt/nfs/AppData/renovate/key/rpi5-cluster-renovate.2024-07-05.private-key.pem
type: File
nodeSelector:
kubernetes.io/arch: amd64
Reference in New Issue View Git Blame Copy Permalink