--- apiVersion: v1 kind: Template metadata: name: quay objects: - apiVersion: rbac.authorization.k8s.io/v1beta1 kind: Role metadata: name: ${{NAME}} rules: - apiGroups: - "" resources: - secrets verbs: - get - patch - update - apiGroups: - "" resources: - namespaces verbs: - get - apiGroups: - extensions - apps resources: - deployments verbs: - get - list - patch - update - watch - apiVersion: rbac.authorization.k8s.io/v1beta1 kind: RoleBinding metadata: name: ${{NAME}} roleRef: apiGroup: rbac.authorization.k8s.io kind: Role name: ${{NAME}} subjects: - kind: ServiceAccount name: default - apiVersion: v1 kind: Service metadata: name: quay-clusterip-service spec: type: ClusterIP ports: - protocol: TCP name: clusterip port: ${{CLUSTERIP_SERVICE_PORT}} targetPort: ${{CLUSTERIP_SERVICE_TARGET_PORT}} selector: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} - apiVersion: v1 kind: Service metadata: name: quay-loadbalancer-service spec: ports: - name: loadbalancer protocol: TCP port: ${{LOADBALANCER_SERVICE_PORT}} targetPort: ${{LOADBALANCER_SERVICE_TARGET_PORT}} loadBalancerIP: type: LoadBalancer selector: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} - apiVersion: apps/v1 kind: Deployment metadata: name: quay-app labels: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} spec: replicas: ${{QUAY_APP_DEPLOYMENT_REPLICAS}} minReadySeconds: ${{QUAY_APP_DEPLOYMENT_MIN_READY_SECONDS}} progressDeadlineSeconds: ${{QUAY_APP_DEPLOYMENT_PROGRESS_DEADLINE_SECONDS}} revisionHistoryLimit: ${{QUAY_APP_DEPLOYMENT_REVISION_HISTORY_LIMITS}} strategy: type: ${{QUAY_APP_DEPLOYMENT_STRATEGY_TYPE}} rollingUpdate: maxUnavailable: ${{QUAY_APP_DEPLOYMENT_MAX_UNAVAILABLE}} maxSurge: ${{QUAY_APP_DEPLOYMENT_MAX_SURGE}} selector: matchLabels: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} template: metadata: labels: ${{QUAY_APP_COMPONENT_LABEL_KEY}}: ${{QUAY_APP_COMPONENT_LABEL_VALUE}} spec: volumes: - name: configvolume secret: secretName: ${{QUAY_APP_CONFIG_SECRET}} containers: - name: quay-app image: ${IMAGE}:${IMAGE_TAG} imagePullPolicy: Always ports: - containerPort: 8443 volumeMounts: - name: configvolume readOnly: false mountPath: /conf/stack livenessProbe: httpGet: path: /health/instance port: 8443 initialDelaySeconds: ${{QUAY_APP_LIVENESS_PROBE_INITIAL_DELAY_SECONDS}} periodSeconds: ${{QUAY_APP_LIVENESS_PROBE_PERIOD_SECONDS}} timeoutSeconds: ${{QUAY_APP_LIVENESS_PROBE_TIMEOUT_SECONDS}} readinessProbe: httpGet: path: /health/endtoend port: 8443 initialDelaySeconds: ${{QUAY_APP_READINESS_PROBE_INITIAL_DELAY_SECONDS}} periodSeconds: ${{QUAY_APP_READINESS_PROBE_PERIOD_SECONDS}} timeoutSeconds: ${{QUAY_APP_READINESS_PROBE_TIMEOUT_SECONDS}} resources: limits: cpu: ${{QUAY_APP_CPU_LIMIT}} memory: ${{QUAY_APP_MEMORY_LIMIT}} requests: cpu: ${{QUAY_APP_CPU_REQUEST}} memory: ${{QUAY_APP_MEMORY_REQUEST}} parameters: - name: NAME value: "quay" displayName: name description: Defaults to quay. - name: IMAGE value: "quay.io/app-sre/quay" displayName: quay image description: quay docker image. Defaults to quay.io/app-sre/quay. - name: IMAGE_TAG value: "latest" displayName: quay version description: quay version which defaults to latest - name: CLUSTERIP_SERVICE_PORT value: "443" displayName: clusterip service port - name: CLUSTERIP_SERVICE_TARGET_PORT value: "8443" displayName: clusterip service target port - name: QUAY_APP_COMPONENT_LABEL_KEY value: "quay-component" displayName: quay app selector label - name: QUAY_APP_COMPONENT_LABEL_VALUE value: "app" displayName: quay app selector label value - name: LOADBALANCER_SERVICE_PORT value: "443" displayName: loadbalancer service port - name: LOADBALANCER_SERVICE_TARGET_PORT value: "8443" displayName: loadbalancer service target port - name: QUAY_APP_CONFIG_SECRET value: "quay-config-secret" displayName: quay app config secret - name: QUAY_APP_DEPLOYMENT_REPLICAS value: "1" displayName: quay app deployment replicas - name: QUAY_APP_MEMORY_REQUEST value: "1024Mi" displayName: "quay app memory request" - name: QUAY_APP_CPU_REQUEST value: "1" displayName: "quay app CPU request" - name: QUAY_APP_MEMORY_LIMIT value: "1024Mi" displayName: "quay app memory limit" - name: QUAY_APP_CPU_LIMIT value: "1" displayName: "quay app CPU limit" - name: QUAY_APP_DEPLOYMENT_MIN_READY_SECONDS value: "0" displayName: quay app deployment min ready seconds - name: QUAY_APP_DEPLOYMENT_PROGRESS_DEADLINE_SECONDS value: "600s" displayName: quay app deployment progress deadline seconds - name: QUAY_APP_DEPLOYMENT_REVISION_HISTORY_LIMITS value: "10" displayName: quay app deployment revision history limits - name: QUAY_APP_DEPLOYMENT_STRATEGY_TYPE value: "RollingUpdate" displayName: quay app deployment strategy - name: QUAY_APP_DEPLOYMENT_MAX_SURGE value: "25%" displayName: quay app deployment max surge - name: QUAY_APP_DEPLOYMENT_MAX_UNAVAILABLE value: "25%" displayName: quay app deployment max unavailable - name: QUAY_APP_LIVENESS_PROBE_INITIAL_DELAY_SECONDS value: "15" displayName: quay app liveness probe initial delay seconds - name: QUAY_APP_LIVENESS_PROBE_PERIOD_SECONDS value: "30" displayName: quay app liveness probe period seconds - name: QUAY_APP_LIVENESS_PROBE_TIMEOUT_SECONDS value: "10" displayName: quay app liveness probe timeout - name: QUAY_APP_READINESS_PROBE_INITIAL_DELAY_SECONDS value: "15" displayName: quay app readiness probe initial delay seconds - name: QUAY_APP_READINESS_PROBE_PERIOD_SECONDS value: "30" displayName: quay app readiness probe period seconds - name: QUAY_APP_READINESS_PROBE_TIMEOUT_SECONDS value: "10" displayName: quay app readiness probe timeout