-
Notifications
You must be signed in to change notification settings - Fork 3
/
gangway-deploy.yaml
68 lines (68 loc) · 1.66 KB
/
gangway-deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: gangway
name: gangway
namespace: kube-authentication
spec:
replicas: 1
selector:
matchLabels:
app: gangway
template:
metadata:
labels:
app: gangway
spec:
initContainers:
- name: gangway-certs
image: alpine:latest
imagePullPolicy: Always
command:
- sh
- -c
- apk add --update ca-certificates openssl && cp /var/tmp/* /usr/local/share/ca-certificates && update-ca-certificates && cp /etc/ssl/certs/* /tmp/
volumeMounts:
- mountPath: /var/tmp
name: custom-certs
- mountPath: /tmp/
name: ssl-certs
containers:
- command:
- gangway
- -config
- /gangway/gangway.yaml
env:
- name: GANGWAY_SESSION_SECURITY_KEY
valueFrom:
secretKeyRef:
key: sesssionkey
name: gangway-key
image: gcr.io/heptio-images/gangway:v3.1.0
imagePullPolicy: Always
name: gangway
ports:
- containerPort: 8080
name: http
protocol: TCP
volumeMounts:
- mountPath: /gangway/
name: gangway
- mountPath: /etc/ssl/certs
name: ssl-certs
volumes:
- configMap:
defaultMode: 420
name: gangway
name: gangway
- name: custom-certs
secret:
secretName: dex.example.com.tls
items:
- key: tls.crt
path: tls.crt
- key: tls.key
path: tls.key
- name: ssl-certs
emptyDir: {}