coder/helm/templates/coder.yaml

{{- include "coder.verifyDeprecated" . -}}
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: {{ .Values.coder.serviceAccount.name | quote }}
  annotations: {{ toYaml .Values.coder.serviceAccount.annotations | nindent 4 }}
  labels:
    {{- include "coder.labels" . | nindent 4 }}
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: coder
  labels:
    {{- include "coder.labels" . | nindent 4 }}
    {{- with .Values.coder.labels }}
    {{- toYaml . | nindent 4 }}
    {{- end }}
  annotations: {{ toYaml .Values.coder.annotations | nindent 4}}
spec:
  replicas: {{ .Values.coder.replicaCount }}
  selector:
    matchLabels:
      {{- include "coder.selectorLabels" . | nindent 6 }}
  template:
    metadata:
      labels:
        {{- include "coder.labels" . | nindent 8 }}
        {{- with .Values.coder.podLabels }}
        {{- toYaml . | nindent 8 }}
        {{- end }}
      annotations:
        {{- toYaml .Values.coder.podAnnotations | nindent 8  }}
    spec:
      serviceAccountName: {{ .Values.coder.serviceAccount.name | quote }}
      restartPolicy: Always
      {{- with .Values.coder.image.pullSecrets }}
      imagePullSecrets:
      {{- toYaml . | nindent 8 }}
      {{- end }}
      terminationGracePeriodSeconds: 60
      {{- with .Values.coder.affinity }}
      affinity:
      {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.coder.tolerations }}
      tolerations:
      {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.coder.nodeSelector }}
      nodeSelector:
      {{ toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.coder.initContainers }}
      initContainers:
      {{ toYaml . | nindent 8 }}
      {{- end }}
      containers:
        - name: coder
          image: {{ include "coder.image" . | quote }}
          imagePullPolicy: {{ .Values.coder.image.pullPolicy }}
          command:
            - /opt/coder
          args:
            {{- if .Values.coder.workspaceProxy }}
            - wsproxy
            {{- end }}
            - server
          resources:
            {{- toYaml .Values.coder.resources | nindent 12 }}
          lifecycle:
            {{- toYaml .Values.coder.lifecycle | nindent 12 }}
          env:
            - name: CODER_HTTP_ADDRESS
              value: "0.0.0.0:8080"
            - name: CODER_PROMETHEUS_ADDRESS
              value: "0.0.0.0:2112"
            # Set the default access URL so a `helm apply` works by default.
            # See: https://github.com/coder/coder/issues/5024
            {{- $hasAccessURL := false }}
            {{- range .Values.coder.env }}
              {{- if eq .name "CODER_ACCESS_URL" }}
                {{- $hasAccessURL = true }}
              {{- end }}
            {{- end }}
            {{- if not $hasAccessURL }}
            - name: CODER_ACCESS_URL
              value: {{ include "coder.defaultAccessURL" . | quote }}
            {{- end }}
            # Used for inter-pod communication with high-availability.
            - name: KUBE_POD_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
            - name: CODER_DERP_SERVER_RELAY_URL
              value: "http://$(KUBE_POD_IP):8080"
            {{- include "coder.tlsEnv" . | nindent 12 }}
            {{- with .Values.coder.env -}}
            {{ toYaml . | nindent 12 }}
            {{- end }}
          ports:
            - name: "http"
              containerPort: 8080
              protocol: TCP
            {{- if eq (include "coder.tlsEnabled" .) "true" }}
            - name: "https"
              containerPort: 8443
              protocol: TCP
            {{- end }}
            {{- range .Values.coder.env }}
            {{- if eq .name "CODER_PROMETHEUS_ENABLE" }}
            {{/*
            This sadly has to be nested to avoid evaluating the second part
            of the condition too early and potentially getting type errors if
            the value is not a string (like a `valueFrom`). We do not support
            `valueFrom` for this env var specifically.
            */}}
            {{- if eq .value "true" }}
            - name: "prometheus-http"
              containerPort: 2112
              protocol: TCP
            {{- end }}
            {{- end }}
            {{- end }}
          securityContext: {{ toYaml .Values.coder.securityContext | nindent 12 }}
          readinessProbe:
            httpGet:
              path: /api/v2/buildinfo
              port: "http"
              scheme: "HTTP"
          livenessProbe:
            httpGet:
              path: /api/v2/buildinfo
              port: "http"
              scheme: "HTTP"
          {{- include "coder.volumeMounts" . | nindent 10 }}

      {{- include "coder.volumes" . | nindent 6 }}
feat: support multiple certificates in coder server and helm (#4150) 2022-10-04 11:45:21 +00:00			`{{- include "coder.verifyDeprecated" . -}}`
Auto import kubernetes template in Helm charts (#3550) 2022-08-25 19:32:35 +00:00			`---`
			`apiVersion: v1`
			`kind: ServiceAccount`
			`metadata:`
feat: set service account name in helm (#5913) Signed-off-by: Spike Curtis <spike@coder.com> 2023-01-31 06:35:32 +00:00			`name: {{ .Values.coder.serviceAccount.name \| quote }}`
helm: add sa annotations (#4640) * helm: add sa annotations * rm: test annotation * fix: labels bracket Co-authored-by: Dean Sheather <dean@deansheather.com> Co-authored-by: Dean Sheather <dean@deansheather.com> 2022-10-19 13:49:48 +00:00			`annotations: {{ toYaml .Values.coder.serviceAccount.annotations \| nindent 4 }}`
			`labels:`
			`{{- include "coder.labels" . \| nindent 4 }}`
Auto import kubernetes template in Helm charts (#3550) 2022-08-25 19:32:35 +00:00			`---`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`apiVersion: apps/v1`
			`kind: Deployment`
			`metadata:`
			`name: coder`
			`labels:`
			`{{- include "coder.labels" . \| nindent 4 }}`
fix(helm): missing templating for deployment labels (#6869) Co-authored-by: Dean Sheather <dean@deansheather.com> 2023-04-06 07:03:21 +00:00			`{{- with .Values.coder.labels }}`
			`{{- toYaml . \| nindent 4 }}`
			`{{- end }}`
add: deployment annotations (#4342) 2022-10-03 18:31:34 +00:00			`annotations: {{ toYaml .Values.coder.annotations \| nindent 4}}`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`spec:`
feat: Add high availability for multiple replicas (#4555) * feat: HA tailnet coordinator * fixup! feat: HA tailnet coordinator * fixup! feat: HA tailnet coordinator * remove printlns * close all connections on coordinator * impelement high availability feature * fixup! impelement high availability feature * fixup! impelement high availability feature * fixup! impelement high availability feature * fixup! impelement high availability feature * Add replicas * Add DERP meshing to arbitrary addresses * Move packages to highavailability folder * Move coordinator to high availability package * Add flags for HA * Rename to replicasync * Denest packages for replicas * Add test for multiple replicas * Fix coordination test * Add HA to the helm chart * Rename function pointer * Add warnings for HA * Add the ability to block endpoints * Add flag to disable P2P connections * Wow, I made the tests pass * Add replicas endpoint * Ensure close kills replica * Update sql * Add database latency to high availability * Pipe TLS to DERP mesh * Fix DERP mesh with TLS * Add tests for TLS * Fix replica sync TLS * Fix RootCA for replica meshing * Remove ID from replicasync * Fix getting certificates for meshing * Remove excessive locking * Fix linting * Store mesh key in the database * Fix replica key for tests * Fix types gen * Fix unlocking unlocked * Fix race in tests * Update enterprise/derpmesh/derpmesh.go Co-authored-by: Colin Adler <colin1adler@gmail.com> * Rename to syncReplicas * Reuse http client * Delete old replicas on a CRON * Fix race condition in connection tests * Fix linting * Fix nil type * Move pubsub to in-memory for twenty test * Add comment for configuration tweaking * Fix leak with transport * Fix close leak in derpmesh * Fix race when creating server * Remove handler update * Skip test on Windows * Fix DERP mesh test * Wrap HTTP handler replacement in mutex * Fix error message for relay * Fix API handler for normal tests * Fix speedtest * Fix replica resend * Fix derpmesh send * Ping async * Increase wait time of template version jobd * Fix race when closing replica sync * Add name to client * Log the derpmap being used * Don't connect if DERP is empty * Improve agent coordinator logging * Fix lock in coordinator * Fix relay addr * Fix race when updating durations * Fix client publish race * Run pubsub loop in a queue * Store agent nodes in order * Fix coordinator locking * Check for closed pipe Co-authored-by: Colin Adler <colin1adler@gmail.com> 2022-10-17 13:43:30 +00:00			`replicas: {{ .Values.coder.replicaCount }}`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`selector:`
			`matchLabels:`
			`{{- include "coder.selectorLabels" . \| nindent 6 }}`
			`template:`
			`metadata:`
			`labels:`
fix(helm): revert `app.kubernetes.io/part-of` as a selector (#5806) Deployment selectors are immutable! 2023-01-20 05:31:05 +00:00			`{{- include "coder.labels" . \| nindent 8 }}`
feat(helm): add labels for coder pod (#7139) * feat(helm): add labels for coder pod * feedback & syntax fix * ordering * fix: notation 2023-04-14 18:55:38 +00:00			`{{- with .Values.coder.podLabels }}`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
feat: podAnnotations (#6703) * feat: podAnnotations * rm: test values * feedback * fix: unknown revision 2023-03-22 18:35:24 +00:00			`annotations:`
			`{{- toYaml .Values.coder.podAnnotations \| nindent 8 }}`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`spec:`
feat: set service account name in helm (#5913) Signed-off-by: Spike Curtis <spike@coder.com> 2023-01-31 06:35:32 +00:00			`serviceAccountName: {{ .Values.coder.serviceAccount.name \| quote }}`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`restartPolicy: Always`
helm: add imagePullSecret for air-gapped cust's (#4700) * helm: add imagePullSecret for air-gapped cust's * helm: pullSecrets array * fix: tag * indentation Co-authored-by: Dean Sheather <dean@deansheather.com> * array Co-authored-by: Dean Sheather <dean@deansheather.com> Co-authored-by: Dean Sheather <dean@deansheather.com> 2022-10-24 17:24:21 +00:00			`{{- with .Values.coder.image.pullSecrets }}`
			`imagePullSecrets:`
helm: add affinity, nodeSelectors, tolerations (#4763) 2022-11-09 22:08:44 +00:00			`{{- toYaml . \| nindent 8 }}`
helm: add imagePullSecret for air-gapped cust's (#4700) * helm: add imagePullSecret for air-gapped cust's * helm: pullSecrets array * fix: tag * indentation Co-authored-by: Dean Sheather <dean@deansheather.com> * array Co-authored-by: Dean Sheather <dean@deansheather.com> Co-authored-by: Dean Sheather <dean@deansheather.com> 2022-10-24 17:24:21 +00:00			`{{- end }}`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`terminationGracePeriodSeconds: 60`
helm: add affinity, nodeSelectors, tolerations (#4763) 2022-11-09 22:08:44 +00:00			`{{- with .Values.coder.affinity }}`
			`affinity:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
			`{{- with .Values.coder.tolerations }}`
			`tolerations:`
			`{{- toYaml . \| nindent 8 }}`
			`{{- end }}`
			`{{- with .Values.coder.nodeSelector }}`
			`nodeSelector:`
			`{{ toYaml . \| nindent 8 }}`
			`{{- end }}`
feat: add init containers to the helm chart (#5874) * add init containers to coder deployment * fix formatting issues 2023-01-30 02:02:55 +00:00			`{{- with .Values.coder.initContainers }}`
			`initContainers:`
			`{{ toYaml . \| nindent 8 }}`
			`{{- end }}`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`containers:`
			`- name: coder`
fix: prevent running helm chart without valid tag (#3770) Co-authored-by: Eric Paulsen <ericpaulsen@coder.com> 2022-09-02 11:01:30 +00:00			`image: {{ include "coder.image" . \| quote }}`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`imagePullPolicy: {{ .Values.coder.image.pullPolicy }}`
chore: add workspaceProxy to helm chart (#7398) 2023-05-04 21:07:49 +00:00			`command:`
			`- /opt/coder`
			`args:`
			`{{- if .Values.coder.workspaceProxy }}`
fix(helm): change proxy to wsproxy (#7499) 2023-05-11 17:55:04 +00:00			`- wsproxy`
chore: add workspaceProxy to helm chart (#7398) 2023-05-04 21:07:49 +00:00			`{{- end }}`
			`- server`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`resources:`
fix: coder resource template (#4681) 2022-10-21 15:07:05 +00:00			`{{- toYaml .Values.coder.resources \| nindent 12 }}`
feat: Add ability to configure coder container lifecycle hooks in helm chart (#6432) 2023-03-17 00:55:24 +00:00			`lifecycle:`
			`{{- toYaml .Values.coder.lifecycle \| nindent 12 }}`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`env:`
feat: allow http and https listening simultaneously (#5365) 2022-12-15 20:09:19 +00:00			`- name: CODER_HTTP_ADDRESS`
			`value: "0.0.0.0:8080"`
			`- name: CODER_PROMETHEUS_ADDRESS`
fix(helm): use correct prometheus port (#5644) 2023-01-10 16:16:56 +00:00			`value: "0.0.0.0:2112"`
fix: Set a default `CODER_ACCESS_URL` in Helm (#5041) * fix: Set a default `CODER_ACCESS_URL` in Helm This allows for a simple `helm apply` to create a full Coder deployment that works for creating workspaces. * Update docs 2022-11-13 20:49:57 +00:00			# Set the default access URL so a `helm apply` works by default.
			`# See: https://github.com/coder/coder/issues/5024`
			`{{- $hasAccessURL := false }}`
			`{{- range .Values.coder.env }}`
			`{{- if eq .name "CODER_ACCESS_URL" }}`
			`{{- $hasAccessURL = true }}`
			`{{- end }}`
			`{{- end }}`
			`{{- if not $hasAccessURL }}`
			`- name: CODER_ACCESS_URL`
feat: allow http and https listening simultaneously (#5365) 2022-12-15 20:09:19 +00:00			`value: {{ include "coder.defaultAccessURL" . \| quote }}`
fix: Set a default `CODER_ACCESS_URL` in Helm (#5041) * fix: Set a default `CODER_ACCESS_URL` in Helm This allows for a simple `helm apply` to create a full Coder deployment that works for creating workspaces. * Update docs 2022-11-13 20:49:57 +00:00			`{{- end }}`
feat: Add high availability for multiple replicas (#4555) * feat: HA tailnet coordinator * fixup! feat: HA tailnet coordinator * fixup! feat: HA tailnet coordinator * remove printlns * close all connections on coordinator * impelement high availability feature * fixup! impelement high availability feature * fixup! impelement high availability feature * fixup! impelement high availability feature * fixup! impelement high availability feature * Add replicas * Add DERP meshing to arbitrary addresses * Move packages to highavailability folder * Move coordinator to high availability package * Add flags for HA * Rename to replicasync * Denest packages for replicas * Add test for multiple replicas * Fix coordination test * Add HA to the helm chart * Rename function pointer * Add warnings for HA * Add the ability to block endpoints * Add flag to disable P2P connections * Wow, I made the tests pass * Add replicas endpoint * Ensure close kills replica * Update sql * Add database latency to high availability * Pipe TLS to DERP mesh * Fix DERP mesh with TLS * Add tests for TLS * Fix replica sync TLS * Fix RootCA for replica meshing * Remove ID from replicasync * Fix getting certificates for meshing * Remove excessive locking * Fix linting * Store mesh key in the database * Fix replica key for tests * Fix types gen * Fix unlocking unlocked * Fix race in tests * Update enterprise/derpmesh/derpmesh.go Co-authored-by: Colin Adler <colin1adler@gmail.com> * Rename to syncReplicas * Reuse http client * Delete old replicas on a CRON * Fix race condition in connection tests * Fix linting * Fix nil type * Move pubsub to in-memory for twenty test * Add comment for configuration tweaking * Fix leak with transport * Fix close leak in derpmesh * Fix race when creating server * Remove handler update * Skip test on Windows * Fix DERP mesh test * Wrap HTTP handler replacement in mutex * Fix error message for relay * Fix API handler for normal tests * Fix speedtest * Fix replica resend * Fix derpmesh send * Ping async * Increase wait time of template version jobd * Fix race when closing replica sync * Add name to client * Log the derpmap being used * Don't connect if DERP is empty * Improve agent coordinator logging * Fix lock in coordinator * Fix relay addr * Fix race when updating durations * Fix client publish race * Run pubsub loop in a queue * Store agent nodes in order * Fix coordinator locking * Check for closed pipe Co-authored-by: Colin Adler <colin1adler@gmail.com> 2022-10-17 13:43:30 +00:00			`# Used for inter-pod communication with high-availability.`
			`- name: KUBE_POD_IP`
			`valueFrom:`
			`fieldRef:`
			`fieldPath: status.podIP`
docs: add high availability (#4583) - Rename `CODER_DERP_SERVER_RELAY_ADDRESS` Co-authored-by: Ammar Bandukwala <ammar@ammar.io> 2022-10-17 19:27:38 +00:00			`- name: CODER_DERP_SERVER_RELAY_URL`
feat: allow http and https listening simultaneously (#5365) 2022-12-15 20:09:19 +00:00			`value: "http://$(KUBE_POD_IP):8080"`
feat: support multiple certificates in coder server and helm (#4150) 2022-10-04 11:45:21 +00:00			`{{- include "coder.tlsEnv" . \| nindent 12 }}`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`{{- with .Values.coder.env -}}`
			`{{ toYaml . \| nindent 12 }}`
			`{{- end }}`
			`ports:`
feat: allow http and https listening simultaneously (#5365) 2022-12-15 20:09:19 +00:00			`- name: "http"`
			`containerPort: 8080`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`protocol: TCP`
feat: allow http and https listening simultaneously (#5365) 2022-12-15 20:09:19 +00:00			`{{- if eq (include "coder.tlsEnabled" .) "true" }}`
			`- name: "https"`
			`containerPort: 8443`
			`protocol: TCP`
			`{{- end }}`
feat: Define Prometheus port in the pod spec (#5213) * WIP * portSpec * Done * Docs * Fix: env 2022-12-01 15:43:32 +00:00			`{{- range .Values.coder.env }}`
fix: fix helm prometheus block causing failures (#5458) 2022-12-18 18:48:08 +00:00			`{{- if eq .name "CODER_PROMETHEUS_ENABLE" }}`
			`{{/*`
			`This sadly has to be nested to avoid evaluating the second part`
			`of the condition too early and potentially getting type errors if`
			the value is not a string (like a `valueFrom`). We do not support
			`valueFrom` for this env var specifically.
			`*/}}`
			`{{- if eq .value "true" }}`
feat: Define Prometheus port in the pod spec (#5213) * WIP * portSpec * Done * Docs * Fix: env 2022-12-01 15:43:32 +00:00			`- name: "prometheus-http"`
fix(helm): use correct prometheus port (#5644) 2023-01-10 16:16:56 +00:00			`containerPort: 2112`
feat: Define Prometheus port in the pod spec (#5213) * WIP * portSpec * Done * Docs * Fix: env 2022-12-01 15:43:32 +00:00			`protocol: TCP`
			`{{- end }}`
			`{{- end }}`
fix: fix helm prometheus block causing failures (#5458) 2022-12-18 18:48:08 +00:00			`{{- end }}`
helm: add deployment securityContext values (#6136) * helm: add deployment securityContext values * rm: podSecurityContext 2023-02-09 18:26:35 +00:00			`securityContext: {{ toYaml .Values.coder.securityContext \| nindent 12 }}`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`readinessProbe:`
			`httpGet:`
			`path: /api/v2/buildinfo`
feat: allow http and https listening simultaneously (#5365) 2022-12-15 20:09:19 +00:00			`port: "http"`
			`scheme: "HTTP"`
feat: change docker to use "coder" user and add basic Helm chart (#2746) 2022-07-26 18:19:29 +00:00			`livenessProbe:`
			`httpGet:`
			`path: /api/v2/buildinfo`
feat: allow http and https listening simultaneously (#5365) 2022-12-15 20:09:19 +00:00			`port: "http"`
			`scheme: "HTTP"`
feat: support multiple certificates in coder server and helm (#4150) 2022-10-04 11:45:21 +00:00			`{{- include "coder.volumeMounts" . \| nindent 10 }}`
fix: mount TLS secret in helm chart (#3717) 2022-08-27 15:03:10 +00:00
feat: support multiple certificates in coder server and helm (#4150) 2022-10-04 11:45:21 +00:00			`{{- include "coder.volumes" . \| nindent 6 }}`