sylr/deployment.yaml

## deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "8"
  creationTimestamp: "2020-11-02T14:42:53Z"
  generation: 8
  labels:
    app.kubernetes.io/instance: flux
    app.kubernetes.io/version: latest
    control-plane: controller
  name: kustomize-controller
  namespace: flux
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: kustomize-controller
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      annotations:
        prometheus.io/port: "8080"
        prometheus.io/scrape: "true"
      creationTimestamp: null
      labels:
        app: kustomize-controller
    spec:
      containers:
      - args:
        - --events-addr=http://notification-controller/
        - --watch-all-namespaces=true
        - --log-level=info
        - --log-json
        - --enable-leader-election
        env:
        - name: RUNTIME_NAMESPACE
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
        image: ghcr.io/fluxcd/kustomize-controller:v0.2.1
        imagePullPolicy: IfNotPresent
        livenessProbe:
          failureThreshold: 3
          httpGet:
            path: /healthz
            port: healthz
            scheme: HTTP
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        name: manager
        ports:
        - containerPort: 8080
          name: http-prom
          protocol: TCP
        - containerPort: 9440
          name: healthz
          protocol: TCP
        readinessProbe:
          failureThreshold: 3
          httpGet:
            path: /readyz
            port: healthz
            scheme: HTTP
          periodSeconds: 10
          successThreshold: 1
          timeoutSeconds: 1
        resources:
          limits:
            cpu: "1"
            memory: 1Gi
          requests:
            cpu: 100m
            memory: 64Mi
        securityContext:
          allowPrivilegeEscalation: false
          readOnlyRootFilesystem: false
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /tmp
          name: temp
        - mountPath: /home/controller/.ssh/
          name: flux-workspaces-secret
      dnsPolicy: ClusterFirst
      nodeSelector:
        kubernetes.io/arch: amd64
        kubernetes.io/os: linux
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext:
        fsGroup: 100 # edited to match controller user id
      terminationGracePeriodSeconds: 10
      volumes:
      - emptyDir: {}
        name: temp
      - name: flux-workspaces-secret
        secret:
          defaultMode: 384
          items:
          - key: identity
            path: id_ed25519
          - key: identity.pub
            path: id_ed25519.pub
          - key: known_hosts
            path: known_hosts
          secretName: flux-workspaces
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	annotations:
	deployment.kubernetes.io/revision: "8"
	creationTimestamp: "2020-11-02T14:42:53Z"
	generation: 8
	labels:
	app.kubernetes.io/instance: flux
	app.kubernetes.io/version: latest
	control-plane: controller
	name: kustomize-controller
	namespace: flux
	spec:
	progressDeadlineSeconds: 600
	replicas: 1
	revisionHistoryLimit: 10
	selector:
	matchLabels:
	app: kustomize-controller
	strategy:
	rollingUpdate:
	maxSurge: 25%
	maxUnavailable: 25%
	type: RollingUpdate
	template:
	metadata:
	annotations:
	prometheus.io/port: "8080"
	prometheus.io/scrape: "true"
	creationTimestamp: null
	labels:
	app: kustomize-controller
	spec:
	containers:
	- args:
	- --events-addr=http://notification-controller/
	- --watch-all-namespaces=true
	- --log-level=info
	- --log-json
	- --enable-leader-election
	env:
	- name: RUNTIME_NAMESPACE
	valueFrom:
	fieldRef:
	apiVersion: v1
	fieldPath: metadata.namespace
	image: ghcr.io/fluxcd/kustomize-controller:v0.2.1
	imagePullPolicy: IfNotPresent
	livenessProbe:
	failureThreshold: 3
	httpGet:
	path: /healthz
	port: healthz
	scheme: HTTP
	periodSeconds: 10
	successThreshold: 1
	timeoutSeconds: 1
	name: manager
	ports:
	- containerPort: 8080
	name: http-prom
	protocol: TCP
	- containerPort: 9440
	name: healthz
	protocol: TCP
	readinessProbe:
	failureThreshold: 3
	httpGet:
	path: /readyz
	port: healthz
	scheme: HTTP
	periodSeconds: 10
	successThreshold: 1
	timeoutSeconds: 1
	resources:
	limits:
	cpu: "1"
	memory: 1Gi
	requests:
	cpu: 100m
	memory: 64Mi
	securityContext:
	allowPrivilegeEscalation: false
	readOnlyRootFilesystem: false
	terminationMessagePath: /dev/termination-log
	terminationMessagePolicy: File
	volumeMounts:
	- mountPath: /tmp
	name: temp
	- mountPath: /home/controller/.ssh/
	name: flux-workspaces-secret
	dnsPolicy: ClusterFirst
	nodeSelector:
	kubernetes.io/arch: amd64
	kubernetes.io/os: linux
	restartPolicy: Always
	schedulerName: default-scheduler
	securityContext:
	fsGroup: 100 # edited to match controller user id
	terminationGracePeriodSeconds: 10
	volumes:
	- emptyDir: {}
	name: temp
	- name: flux-workspaces-secret
	secret:
	defaultMode: 384
	items:
	- key: identity
	path: id_ed25519
	- key: identity.pub
	path: id_ed25519.pub
	- key: known_hosts
	path: known_hosts
	secretName: flux-workspaces