{{- if .Values.gateway.enabled }} apiVersion: {{ include "common.capabilities.deployment.apiVersion" . }} kind: Deployment metadata: name: {{ include "common.names.fullname" . }} namespace: {{ .Release.Namespace }} labels: {{- include "common.labels.standard" . | nindent 4 }} {{- if .Values.commonLabels }} {{- include "common.tplvalues.render" ( dict "value" .Values.commonLabels "context" $ ) | nindent 4 }} {{- end }} {{- if .Values.commonAnnotations }} annotations: {{- include "common.tplvalues.render" ( dict "value" .Values.commonAnnotations "context" $ ) | nindent 4 }} {{- end }} spec: replicas: {{ .Values.gateway.replicaCount }} {{- if .Values.deployment.updateStrategy }} strategy: {{- toYaml .Values.deployment.updateStrategy | nindent 4 }} {{- end }} selector: matchLabels: {{- include "common.labels.matchLabels" . | nindent 6 }} template: metadata: labels: {{- include "common.labels.standard" . | nindent 8 }} {{- if .Values.podLabels }} {{- include "common.tplvalues.render" (dict "value" .Values.podLabels "context" $) | nindent 8 }} {{- end }} {{- if or .Values.podAnnotations (include "minio.createSecret" .) }} annotations: {{- if (include "minio.createSecret" .) }} checksum/credentials-secret: {{ include (print $.Template.BasePath "/secrets.yaml") . | sha256sum }} {{- end }} {{- if .Values.podAnnotations }} {{- include "common.tplvalues.render" ( dict "value" .Values.podAnnotations "context" $) | nindent 8 }} {{- end }} {{- end }} spec: {{- include "minio.imagePullSecrets" . | nindent 6 }} {{- if .Values.schedulerName }} schedulerName: {{ .Values.schedulerName }} {{- end }} serviceAccountName: {{ template "minio.serviceAccountName" . }} {{- if .Values.affinity }} affinity: {{- include "common.tplvalues.render" (dict "value" .Values.affinity "context" $) | nindent 8 }} {{- else }} affinity: podAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAffinityPreset "context" $) | nindent 10 }} podAntiAffinity: {{- include "common.affinities.pods" (dict "type" .Values.podAntiAffinityPreset "context" $) | nindent 10 }} nodeAffinity: {{- include "common.affinities.nodes" (dict "type" .Values.nodeAffinityPreset.type "key" .Values.nodeAffinityPreset.key "values" .Values.nodeAffinityPreset.values) | nindent 10 }} {{- end }} {{- if .Values.nodeSelector }} nodeSelector: {{- include "common.tplvalues.render" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }} {{- end }} {{- if .Values.tolerations }} tolerations: {{- include "common.tplvalues.render" (dict "value" .Values.tolerations "context" $) | nindent 8 }} {{- end }} {{- if .Values.hostAliases }} hostAliases: {{- include "common.tplvalues.render" (dict "value" .Values.hostAliases "context" $) | nindent 8 }} {{- end }} {{- if .Values.securityContext.enabled }} securityContext: fsGroup: {{ .Values.securityContext.fsGroup }} {{- end }} {{- if .Values.initContainers }} initContainers: {- include "common.tplvalues.render" (dict "value" .Values.initContainers "context" $) | nindent 8 }} {{- end }} containers: - name: minio image: {{ include "minio.image" . }} imagePullPolicy: {{ .Values.image.pullPolicy | quote }} {{- if .Values.securityContext.enabled }} securityContext: runAsUser: {{ .Values.securityContext.runAsUser }} {{- end }} command: {{- if .Values.command }} {{- include "common.tplvalues.render" (dict "value" .Values.command "context" $) | nindent 12 }} {{- else }} - minio {{- end }} args: {{- if .Values.args }} {{- include "common.tplvalues.render" (dict "value" .Values.args "context" $) | nindent 12 }} {{- else }} - --certs-dir - /opt/bitnami/minio/certs - gateway - {{ .Values.gateway.type }} {{- if eq .Values.gateway.type "gcs" }} - {{ .Values.gateway.auth.gcs.projectID }} {{- else if eq .Values.gateway.type "nas" }} - {{ .Values.persistence.mountPath }} {{- else if eq .Values.gateway.type "s3" }} - {{ .Values.gateway.auth.s3.serviceEndpoint }} {{- end }} {{- end }} env: {{- if eq .Values.gateway.type "azure" }} - name: AZURE_STORAGE_ACCOUNT valueFrom: secretKeyRef: name: {{ include "minio.secretName" . }} key: azure-storage-account-name - name: AZURE_STORAGE_KEY valueFrom: secretKeyRef: name: {{ include "minio.secretName" . }} key: azure-storage-account-key {{- else if and (eq .Values.gateway.type "gcs") .Values.gateway.auth.gcs.keyJSON }} - name: GOOGLE_APPLICATION_CREDENTIALS value: "/opt/bitnami/minio/secrets/key.json" {{- end }} - name: MINIO_ROOT_USER valueFrom: secretKeyRef: name: {{ include "minio.secretName" . }} key: access-key - name: MINIO_ROOT_PASSWORD valueFrom: secretKeyRef: name: {{ include "minio.secretName" . }} key: secret-key - name: MINIO_PROMETHEUS_AUTH_TYPE value: {{ .Values.metrics.prometheusAuthType | quote }} {{- if .Values.extraEnv }} {{- include "common.tplvalues.render" (dict "value" .Values.extraEnv "context" $) | nindent 12 }} {{- end }} envFrom: {{- if .Values.extraEnvVarsCM }} - configMapRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsCM "context" $) }} {{- end }} {{- if .Values.extraEnvVarsSecret }} - secretRef: name: {{ include "common.tplvalues.render" (dict "value" .Values.extraEnvVarsSecret "context" $) }} {{- end }} ports: - name: minio containerPort: {{ .Values.containerPort }} protocol: TCP {{- if .Values.resources }} resources: {{- toYaml .Values.resources | nindent 12 }} {{- end }} volumeMounts: {{- if and (eq .Values.gateway.type "gcs") .Values.gateway.auth.gcs.keyJSON }} - name: minio-credentials mountPath: /opt/bitnami/minio/secrets/ readOnly: true {{- end }} {{- if eq .Values.gateway.type "nas" }} - name: data mountPath: {{ .Values.persistence.mountPath }} subPath: {{ .Release.Namespace }}/{{ include "common.names.fullname" . }} {{- if .Values.global.srs.pvc }} - name: srs-vol mountPath: /data/live-cluster-hls subPath: {{ .Values.global.srs.mpath.cluster.hls }} - name: srs-vol mountPath: /data/live-cluster-dvr subPath: {{ .Values.global.srs.mpath.cluster.dvr }} - name: srs-vol mountPath: /data/live-rtc-hls subPath: {{ .Values.global.srs.mpath.rtc.hls }} - name: srs-vol mountPath: /data/live-rtc-dvr subPath: {{ .Values.global.srs.mpath.rtc.dvr }} {{- end }} {{- end }} {{- if .Values.extraVolumeMounts }} {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumeMounts "context" $) | nindent 12 }} {{- end }} {{- if .Values.sidecars }} {{- include "common.tplvalues.render" (dict "value" .Values.sidecars "context" $) | nindent 8 }} {{- end }} volumes: {{- if and (eq .Values.gateway.type "gcs") .Values.gateway.auth.gcs.keyJSON }} - name: minio-credentials secret: secretName: {{ include "minio.secretName" . }} {{- end }} {{- if eq .Values.gateway.type "nas" }} - name: data {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ include "minio.claimName" . }} {{- else }} emptyDir: {} {{- end }} {{- if .Values.global.srs.pvc }} - name: srs-vol persistentVolumeClaim: claimName: {{ .Values.global.srs.pvc }} {{- end }} {{- end }} {{- if .Values.extraVolumes }} {{- include "common.tplvalues.render" (dict "value" .Values.extraVolumes "context" $) | nindent 8 }} {{- end }} {{- end }}