mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-23 06:29:51 -05:00
62168bbf98
* Also run helm-lint in CI now
64 lines
1.7 KiB
YAML
64 lines
1.7 KiB
YAML
apiVersion: apps/v1
|
|
kind: DaemonSet
|
|
metadata:
|
|
labels:
|
|
component: kms
|
|
k8s-app: kms
|
|
kubernetes.io/cluster-service: "true"
|
|
name: kms
|
|
namespace: {{ .Values.namespace }}
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
k8s-app: kms
|
|
template:
|
|
metadata:
|
|
labels:
|
|
k8s-app: kms
|
|
spec:
|
|
containers:
|
|
- args:
|
|
- --port={{ .Values.kmsPort }}
|
|
image: {{ .Values.kmsImage }}
|
|
name: kms
|
|
resources: {}
|
|
volumeMounts:
|
|
- mountPath: {{ .Values.serviceBasePath }}
|
|
name: config
|
|
readOnly: true
|
|
nodeSelector:
|
|
node-role.kubernetes.io/control-plane: ""
|
|
priorityClassName: system-cluster-critical
|
|
serviceAccountName: kms
|
|
tolerations:
|
|
- key: CriticalAddonsOnly
|
|
operator: Exists
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/master
|
|
operator: Equal
|
|
value: "true"
|
|
- effect: NoSchedule
|
|
key: node-role.kubernetes.io/control-plane
|
|
operator: Exists
|
|
- effect: NoExecute
|
|
operator: Exists
|
|
- effect: NoSchedule
|
|
operator: Exists
|
|
volumes:
|
|
- name: config
|
|
projected:
|
|
sources:
|
|
- configMap:
|
|
items:
|
|
- key: {{ .Values.measurementsFilename }}
|
|
path: {{ .Values.measurementsFilename }}
|
|
name: {{ .Values.joinConfigCMName }}
|
|
- secret:
|
|
items:
|
|
- key: {{ .Values.masterSecretKeyName }}
|
|
path: {{ .Values.masterSecretKeyName }}
|
|
- key: {{ .Values.saltKeyName }}
|
|
path: {{ .Values.saltKeyName }}
|
|
name: {{ .Values.masterSecretName }}
|
|
updateStrategy: {}
|