49 lines
1.5 KiB
YAML
49 lines
1.5 KiB
YAML
{{- if .Values.cloudSqlProxy.enabled -}}
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: backstage-cloudsql-proxy
|
|
namespace: {{ .Values.namespaceOverride }}
|
|
labels:
|
|
{{- include "backstage.labels" . | nindent 4 }}
|
|
app: backstage-cloudsql-proxy
|
|
spec:
|
|
replicas: 1
|
|
selector:
|
|
matchLabels:
|
|
app: backstage-cloudsql-proxy
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: backstage-cloudsql-proxy
|
|
{{- include "backstage.selectorLabels" . | nindent 8 }}
|
|
spec:
|
|
serviceAccountName: {{ .Values.cloudSqlProxyServiceAccount.name }}
|
|
automountServiceAccountToken: true
|
|
securityContext:
|
|
fsGroup: 65532
|
|
runAsUser: 65532
|
|
runAsNonRoot: true
|
|
containers:
|
|
- name: cloud-sql-proxy
|
|
image: "{{ .Values.cloudSqlProxy.image.repository }}:{{ .Values.cloudSqlProxy.image.tag }}"
|
|
args:
|
|
- "{{ .Values.cloudSqlProxy.connectionName }}"
|
|
- "--port={{ .Values.cloudSqlProxy.port }}"
|
|
- "--address=0.0.0.0"
|
|
{{- if .Values.cloudSqlProxy.privateIp }}
|
|
- "--private-ip"
|
|
{{- end }}
|
|
ports:
|
|
- name: postgres
|
|
containerPort: {{ .Values.cloudSqlProxy.port }}
|
|
protocol: TCP
|
|
securityContext:
|
|
runAsNonRoot: true
|
|
runAsUser: 65532
|
|
allowPrivilegeEscalation: false
|
|
readOnlyRootFilesystem: false
|
|
resources:
|
|
{{- toYaml .Values.cloudSqlProxy.resources | nindent 10 }}
|
|
{{- end }}
|