{{- include "coder.verifyDeprecated" . -}} --- apiVersion: v1 kind: ServiceAccount metadata: name: {{ .Values.coder.serviceAccount.name | quote }} annotations: {{ toYaml .Values.coder.serviceAccount.annotations | nindent 4 }} labels: {{- include "coder.labels" . | nindent 4 }} --- apiVersion: apps/v1 kind: Deployment metadata: name: coder labels: {{- include "coder.labels" . | nindent 4 }} {{- with .Values.coder.labels }} {{- toYaml . | nindent 4 }} {{- end }} annotations: {{ toYaml .Values.coder.annotations | nindent 4}} spec: replicas: {{ .Values.coder.replicaCount }} selector: matchLabels: {{- include "coder.selectorLabels" . | nindent 6 }} template: metadata: labels: {{- include "coder.labels" . | nindent 8 }} {{- with .Values.coder.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} annotations: {{- toYaml .Values.coder.podAnnotations | nindent 8 }} spec: serviceAccountName: {{ .Values.coder.serviceAccount.name | quote }} restartPolicy: Always {{- with .Values.coder.image.pullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} terminationGracePeriodSeconds: 60 {{- with .Values.coder.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.coder.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.coder.nodeSelector }} nodeSelector: {{ toYaml . | nindent 8 }} {{- end }} {{- with .Values.coder.initContainers }} initContainers: {{ toYaml . | nindent 8 }} {{- end }} containers: - name: coder image: {{ include "coder.image" . | quote }} imagePullPolicy: {{ .Values.coder.image.pullPolicy }} command: - /opt/coder args: {{- if .Values.coder.workspaceProxy }} - wsproxy {{- end }} - server resources: {{- toYaml .Values.coder.resources | nindent 12 }} lifecycle: {{- toYaml .Values.coder.lifecycle | nindent 12 }} env: - name: CODER_HTTP_ADDRESS value: "0.0.0.0:8080" - name: CODER_PROMETHEUS_ADDRESS value: "0.0.0.0:2112" # Set the default access URL so a `helm apply` works by default. # See: https://github.com/coder/coder/issues/5024 {{- $hasAccessURL := false }} {{- range .Values.coder.env }} {{- if eq .name "CODER_ACCESS_URL" }} {{- $hasAccessURL = true }} {{- end }} {{- end }} {{- if not $hasAccessURL }} - name: CODER_ACCESS_URL value: {{ include "coder.defaultAccessURL" . | quote }} {{- end }} # Used for inter-pod communication with high-availability. - name: KUBE_POD_IP valueFrom: fieldRef: fieldPath: status.podIP - name: CODER_DERP_SERVER_RELAY_URL value: "http://$(KUBE_POD_IP):8080" {{- include "coder.tlsEnv" . | nindent 12 }} {{- with .Values.coder.env -}} {{ toYaml . | nindent 12 }} {{- end }} ports: - name: "http" containerPort: 8080 protocol: TCP {{- if eq (include "coder.tlsEnabled" .) "true" }} - name: "https" containerPort: 8443 protocol: TCP {{- end }} {{- range .Values.coder.env }} {{- if eq .name "CODER_PROMETHEUS_ENABLE" }} {{/* This sadly has to be nested to avoid evaluating the second part of the condition too early and potentially getting type errors if the value is not a string (like a `valueFrom`). We do not support `valueFrom` for this env var specifically. */}} {{- if eq .value "true" }} - name: "prometheus-http" containerPort: 2112 protocol: TCP {{- end }} {{- end }} {{- end }} securityContext: {{ toYaml .Values.coder.securityContext | nindent 12 }} readinessProbe: httpGet: path: /api/v2/buildinfo port: "http" scheme: "HTTP" livenessProbe: httpGet: path: /api/v2/buildinfo port: "http" scheme: "HTTP" {{- include "coder.volumeMounts" . | nindent 10 }} {{- include "coder.volumes" . | nindent 6 }}