apiVersion: v1 kind: Secret metadata: name: cabinet-env namespace: {{ .Values.namespace }} annotations: helm.sh/hook: pre-install,pre-upgrade helm.sh/hook-weight: "-10" helm.sh/hook-delete-policy: before-hook-creation type: Opaque stringData: {{- range $key, $val := .Values.secrets }} {{ $key }}: {{ $val | quote }} {{- end }} --- apiVersion: v1 kind: ConfigMap metadata: name: cabinet-nginx-config namespace: {{ .Values.namespace }} data: php-custom.ini: | display_errors=Off log_errors=On error_reporting=E_ALL & ~E_DEPRECATED & ~E_USER_DEPRECATED default.conf: | server { listen 8080; server_name _; root /app/public; index index.php; client_max_body_size 108M; location / { try_files $uri /index.php$is_args$args; } location ~* \.(?:jpg|jpeg|gif|png|ico|css|js|svg|woff2)$ { expires 1y; add_header Cache-Control "public, immutable"; access_log off; try_files $uri =404; } location ~ ^/index\.php(/|$) { fastcgi_pass 127.0.0.1:9000; fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; fastcgi_param DOCUMENT_ROOT $realpath_root; fastcgi_param HTTP_PROXY ""; internal; } location ~ \.php$ { return 404; } } --- apiVersion: apps/v1 kind: Deployment metadata: name: cabinet namespace: {{ .Values.namespace }} labels: app: cabinet env: test spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: app: cabinet template: metadata: labels: app: cabinet env: test spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} containers: - name: php-fpm image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - containerPort: 9000 name: fpm envFrom: - secretRef: name: cabinet-env env: {{- range $key, $val := .Values.env }} - name: {{ $key }} value: {{ $val | quote }} {{- end }} volumeMounts: - name: app-public mountPath: /app/public - name: var-cache mountPath: /app/var/cache - name: var-log mountPath: /app/var/log - name: php-config mountPath: /usr/local/etc/php/conf.d/99-sova.ini subPath: php-custom.ini resources: {{- toYaml .Values.resources.php | nindent 12 }} - name: nginx image: {{ .Values.nginx.image }} ports: - containerPort: 8080 name: http volumeMounts: - name: app-public mountPath: /app/public readOnly: true - name: nginx-config mountPath: /etc/nginx/conf.d/default.conf subPath: default.conf resources: {{- toYaml .Values.resources.nginx | nindent 12 }} initContainers: - name: warmup-cache image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} command: ["php", "bin/console", "cache:warmup", "--env=prod"] envFrom: - secretRef: name: cabinet-env env: {{- range $key, $val := .Values.env }} - name: {{ $key }} value: {{ $val | quote }} {{- end }} volumeMounts: - name: var-cache mountPath: /app/var/cache - name: var-log mountPath: /app/var/log - name: php-config mountPath: /usr/local/etc/php/conf.d/99-sova.ini subPath: php-custom.ini - name: copy-public image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" command: ["sh", "-c", "cp -a /app/public/. /public/"] volumeMounts: - name: app-public mountPath: /public volumes: - name: app-public emptyDir: {} - name: nginx-config configMap: name: cabinet-nginx-config - name: php-config configMap: name: cabinet-nginx-config - name: var-cache emptyDir: {} - name: var-log emptyDir: {} --- apiVersion: v1 kind: Service metadata: name: cabinet namespace: {{ .Values.namespace }} spec: selector: app: cabinet ports: - name: http port: 80 targetPort: 8080 --- {{- if .Values.ingress.enabled }} apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: cabinet namespace: {{ .Values.namespace }} spec: ingressClassName: {{ .Values.ingress.className }} rules: - host: {{ .Values.ingress.host }} http: paths: - path: / pathType: Prefix backend: service: name: cabinet port: number: 80 {{- end }}