181 lines
6.8 KiB
YAML
181 lines
6.8 KiB
YAML
{{- if .Values.auth.enabled -}}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: {{ include "supabase.auth.fullname" . }}
|
|
labels:
|
|
{{- include "supabase.labels" . | nindent 4 }}
|
|
spec:
|
|
{{- if not .Values.auth.autoscaling.enabled }}
|
|
replicas: {{ .Values.auth.replicaCount }}
|
|
{{- end }}
|
|
selector:
|
|
matchLabels:
|
|
{{- include "supabase.auth.selectorLabels" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
{{- with .Values.auth.podAnnotations }}
|
|
annotations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "supabase.auth.selectorLabels" . | nindent 8 }}
|
|
spec:
|
|
{{- with .Values.auth.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
serviceAccountName: {{ include "supabase.auth.serviceAccountName" . }}
|
|
securityContext:
|
|
{{- toYaml .Values.auth.podSecurityContext | nindent 8 }}
|
|
initContainers:
|
|
- name: init-db
|
|
image: postgres:15-alpine
|
|
imagePullPolicy: IfNotPresent
|
|
env:
|
|
- name: DB_HOST
|
|
{{- if .Values.db.enabled }}
|
|
value: {{ include "supabase.db.fullname" . | quote }}
|
|
{{- else }}
|
|
value: {{ .Values.auth.environment.DB_HOST | quote }}
|
|
{{- end }}
|
|
- name: DB_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
{{- if .Values.secret.db.secretRef }}
|
|
name: {{ .Values.secret.db.secretRef }}
|
|
key: {{ .Values.secret.db.secretRefKey.username | default "username" }}
|
|
{{- else }}
|
|
name: {{ include "supabase.secret.db" . }}
|
|
key: username
|
|
{{- end }}
|
|
- name: DB_PORT
|
|
value: {{ .Values.auth.environment.DB_PORT | quote }}
|
|
command: ["/bin/sh", "-c"]
|
|
args:
|
|
- |
|
|
until pg_isready -h $(DB_HOST) -p $(DB_PORT) -U $(DB_USER); do
|
|
echo "Waiting for database to start..."
|
|
sleep 2
|
|
done
|
|
- echo "Database is ready"
|
|
containers:
|
|
- name: {{ include "supabase.auth.name" $ }}
|
|
securityContext:
|
|
{{- toYaml .Values.auth.securityContext | nindent 12 }}
|
|
image: "{{ .Values.auth.image.repository }}:{{ .Values.auth.image.tag | default .Chart.AppVersion }}"
|
|
imagePullPolicy: {{ .Values.auth.image.pullPolicy }}
|
|
env:
|
|
{{- range $key, $value := .Values.auth.environment }}
|
|
- name: {{ $key }}
|
|
value: {{ $value | quote }}
|
|
{{- end }}
|
|
{{- if .Values.db.enabled }}
|
|
- name: DB_HOST
|
|
value: {{ include "supabase.db.fullname" . }}
|
|
{{- end }}
|
|
- name: DB_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
{{- if .Values.secret.db.secretRef }}
|
|
name: {{ .Values.secret.db.secretRef }}
|
|
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
|
|
{{- else }}
|
|
name: {{ include "supabase.secret.db" . }}
|
|
key: password
|
|
{{- end }}
|
|
- name: DB_PASSWORD_ENC
|
|
valueFrom:
|
|
secretKeyRef:
|
|
{{- if .Values.secret.db.secretRef }}
|
|
name: {{ .Values.secret.db.secretRef }}
|
|
key: {{ .Values.secret.db.secretRefKey.password | default "password" }}
|
|
{{- else }}
|
|
name: {{ include "supabase.secret.db" . }}
|
|
key: password_encoded
|
|
{{- end }}
|
|
- name: DB_NAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
{{- if .Values.secret.db.secretRef }}
|
|
name: {{ .Values.secret.db.secretRef }}
|
|
key: {{ .Values.secret.db.secretRefKey.database | default "database" }}
|
|
{{- else }}
|
|
name: {{ include "supabase.secret.db" . }}
|
|
key: database
|
|
{{- end }}
|
|
- name: GOTRUE_DB_DATABASE_URL
|
|
value: $(DB_DRIVER)://$(DB_USER):$(DB_PASSWORD_ENC)@$(DB_HOST):$(DB_PORT)/$(DB_NAME)?search_path=auth&sslmode=$(DB_SSL)
|
|
- name: GOTRUE_DB_DRIVER
|
|
value: $(DB_DRIVER)
|
|
- name: GOTRUE_JWT_SECRET
|
|
valueFrom:
|
|
secretKeyRef:
|
|
{{- if .Values.secret.jwt.secretRef }}
|
|
name: {{ .Values.secret.jwt.secretRef }}
|
|
key: {{ .Values.secret.jwt.secretRefKey.secret | default "secret" }}
|
|
{{- else }}
|
|
name: {{ include "supabase.secret.jwt" . }}
|
|
key: secret
|
|
{{- end }}
|
|
- name: GOTRUE_SMTP_USER
|
|
valueFrom:
|
|
secretKeyRef:
|
|
{{- if .Values.secret.smtp.secretRef }}
|
|
name: {{ .Values.secret.smtp.secretRef }}
|
|
key: {{ .Values.secret.smtp.secretRefKey.username | default "username" }}
|
|
{{- else }}
|
|
name: {{ include "supabase.secret.smtp" . }}
|
|
key: username
|
|
{{- end }}
|
|
- name: GOTRUE_SMTP_PASS
|
|
valueFrom:
|
|
secretKeyRef:
|
|
{{- if .Values.secret.smtp.secretRef }}
|
|
name: {{ .Values.secret.smtp.secretRef }}
|
|
key: {{ .Values.secret.smtp.secretRefKey.password | default "password" }}
|
|
{{- else }}
|
|
name: {{ include "supabase.secret.smtp" . }}
|
|
key: password
|
|
{{- end }}
|
|
{{- with .Values.auth.envFrom }}
|
|
envFrom:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.auth.livenessProbe }}
|
|
livenessProbe:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.auth.readinessProbe }}
|
|
readinessProbe:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
ports:
|
|
- name: http
|
|
containerPort: 9999
|
|
protocol: TCP
|
|
{{- with .Values.auth.resources }}
|
|
resources:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.auth.volumeMounts }}
|
|
volumeMounts:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.auth.volumes }}
|
|
volumes:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.auth.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.auth.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- with .Values.auth.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 8 }}
|
|
{{- end }}
|
|
{{- end }} |