{{- if .Values.controller.enabled -}} {{- if empty .Values.persistentVolumeClaim.projectsPath -}} {{- fail "Empty projects path detected in \".Values.persistentVolumeClaim.projectsPath\"!" -}} {{- end -}} apiVersion: apps/v1 kind: {{ include "base.controller.kind" . }} metadata: name: {{ include "code-server.fullname" . }} labels: {{- include "code-server.labels" . | nindent 4 }} {{- with .Values.controller.labels }} {{ toYaml . | indent 4 }} {{- end }} {{- with .Values.controller.annotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} spec: {{- if .Values.controller.replicas }} replicas: {{ .Values.controller.replicas }} {{- end }} {{- if eq (include "base.controller.kind" . ) "StatefulSet" }} serviceName: {{ include "code-server.fullname" . }}-headless {{- end }} selector: matchLabels: {{- include "code-server.selectorLabels" . | nindent 6 }} template: metadata: {{- with .Values.controller.annotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "code-server.selectorLabels" . | nindent 8 }} spec: serviceAccountName: {{ include "code-server.serviceAccountName" . }} initContainers: {{- if .Values.persistentVolumeClaim.ensurePermissions }} - name: {{ printf "%s-permissions" (include "code-server.fullname" .) }} image: busybox:latest imagePullPolicy: IfNotPresent command: ['sh', '-c', 'chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.runAsGroup }} {{ .Values.persistentVolumeClaim.mountPath }}'] {{- if eq (include "base.persistence.enabled" . ) "true" }} volumeMounts: - name: {{ include "base.persistence.suffix" (include "code-server.fullname" . ) }} mountPath: {{ .Values.persistentVolumeClaim.mountPath }} {{- end }} securityContext: runAsNonRoot: false runAsGroup: 0 runAsUser: 0 {{- end }} {{- if not (empty .Values.repositories) }} - name: {{ printf "%s-repositories" (include "code-server.fullname" $) }} image: alpine/git:latest imagePullPolicy: IfNotPresent workingDir: {{ .Values.persistentVolumeClaim.projectsPath }} command: ['/bin/sh'] args: ['/scripts/repo-updater.sh'] volumeMounts: - name: script-volume mountPath: /scripts {{- if eq (include "base.persistence.enabled" . ) "true" }} - name: {{ include "base.persistence.suffix" (include "code-server.fullname" . ) }} mountPath: {{ .Values.persistentVolumeClaim.mountPath }} {{- end }} {{- end }} containers: - name: {{ template "code-server.name" . }} image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: {{- range $key, $val := .Values.ports }} {{- if $val.enabled }} - name: {{ $key | quote }} containerPort: {{ $val.port }} protocol: {{ default "TCP" $val.protocol | quote }} {{- end }} {{- end }} env: {{- range $i, $val := .Values.env }} - name: {{ $val.name | quote }} value: {{ $val.value | quote }} {{- end }} {{- if .Values.ports.http.enabled }} - name: PORT value: {{ .Values.ports.http.port | quote }} {{- end }} {{- if or .Values.secret.create (not (empty .Values.secret.existingSecret)) }} - name: PASSWORD valueFrom: secretKeyRef: {{- if .Values.secret.existingSecret }} name: {{ .Values.secret.existingSecret }} {{- else }} name: {{ printf "%s-password" (include "code-server.fullname" .) }} {{- end }} key: password {{- end }} {{- if .Values.configMap.mountPath }} - name: CODE_SERVER_CONFIG value: {{ (printf "%s/config.yml" .Values.configMap.mountPath) | quote }} {{- end }} {{- if .Values.persistentVolumeClaim.mountPath }} - name: XDG_DATA_HOME value: {{ .Values.persistentVolumeClaim.mountPath | quote }} {{- end }} args: {{ if not .Values.extraArgs -}}[]{{- end }} {{- range $i, $val := .Values.extraArgs }} - {{ $val }} {{- end }} workingDir: {{ .Values.persistentVolumeClaim.projectsPath }} volumeMounts: - name: config-volume mountPath: {{ .Values.configMap.mountPath }} {{- if eq (include "base.persistence.enabled" . ) "true" }} - name: {{ include "base.persistence.suffix" (include "code-server.fullname" . ) }} mountPath: {{ .Values.persistentVolumeClaim.mountPath }} {{- end }} livenessProbe: httpGet: path: / port: http readinessProbe: httpGet: path: / port: http resources: {{ if not .Values.resources -}}{}{{- end }} {{- if .Values.resources }} {{- toYaml .Values.resources | nindent 12 }} {{- end }} volumes: {{- if not (empty .Values.repositories) }} - name: script-volume configMap: name: {{ printf "%s-scripts" (include "code-server.fullname" . ) }} defaultMode: 0777 {{- end }} - name: config-volume configMap: {{- if and .Values.configMap.create (empty .Values.configMap.existingConfigMap) }} name: {{ printf "%s-config" (include "code-server.fullname" . ) }} {{- else }} name: {{ .Values.configMap.existingConfigMap }} {{- end }} {{- if eq (include "base.persistence.enabled" . ) "true" }} {{- if eq (include "base.persistence.type" . ) "volumes" }} - name: {{ include "base.persistence.suffix" (include "code-server.fullname" . ) }} persistentVolumeClaim: {{- if eq (include "base.persistence.created" . ) "true" }} claimName: {{ include "base.persistence.suffix" (include "code-server.fullname" . ) }} {{- else }} claimName: {{ .Values.persistentVolumeClaim.existingPersistentVolumeClaim }} {{- end }} {{- end }} {{- end }} {{- if .Values.securityContext }} securityContext: {{- toYaml .Values.securityContext | nindent 8 }} {{- end }} {{- if .Values.dnsConfig }} dnsConfig: {{- toYaml .Values.dnsConfig | nindent 12 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- if eq (include "base.persistence.enabled" . ) "true" }} {{- if eq (include "base.persistence.type" . ) "volumeClaimTemplates" }} volumeClaimTemplates: - metadata: name: {{ include "base.persistence.suffix" (include "code-server.fullname" . ) }} spec: {{- include "base.persistence.spec" . | nindent 8 }} {{- end }} {{- end }} {{- end }}