apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ template "docker-registry.fullname" . }}
  namespace: {{ .Values.namespace | default .Release.Namespace }}
  labels:
    app: {{ template "docker-registry.name" . }}
    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
    release: {{ .Release.Name }}
    heritage: {{ .Release.Service }}
spec:
  selector:
    matchLabels:
      app: {{ template "docker-registry.name" . }}
      release: {{ .Release.Name }}
  replicas: {{ .Values.replicaCount }}
  {{- if .Values.updateStrategy }}
  strategy: {{ toYaml .Values.updateStrategy | nindent 4 }}
  {{- end }}
  minReadySeconds: 5
  template:
    metadata:
      labels:
        app: {{ template "docker-registry.name" . }}
        release: {{ .Release.Name }}
        {{- with .Values.podLabels }}
        {{ toYaml . | nindent 8 }}
        {{- end }}
      annotations:
        checksum/config: {{ include (print $.Template.BasePath "/configmap.yaml") . | sha256sum }}
        checksum/secret: {{ include (print $.Template.BasePath "/secret.yaml") . | sha256sum }}
        {{- if .Values.podAnnotations }}
        {{ toYaml .Values.podAnnotations | nindent 8 }}
        {{- end }}
    spec:
      {{- if or (eq .Values.serviceAccount.create true) (ne .Values.serviceAccount.name "") }}
      serviceAccountName: {{ .Values.serviceAccount.name | default (include "docker-registry.fullname" .) }}
      {{- end }}
      {{- if .Values.imagePullSecrets }}
      imagePullSecrets: {{ toYaml .Values.imagePullSecrets | nindent 8 }}
      {{- end }}
      {{- if .Values.priorityClassName }}
      priorityClassName: "{{ .Values.priorityClassName }}"
      {{- end }}
      {{- if .Values.securityContext.enabled }}
      securityContext:
        fsGroup: {{ .Values.securityContext.fsGroup }}
        runAsUser: {{ .Values.securityContext.runAsUser }}
      {{- end }}
      {{- with .Values.initContainers }}
      initContainers:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
          imagePullPolicy: {{ .Values.image.pullPolicy }}
          command:
          - /bin/registry
          - serve
          - /etc/docker/registry/config.yml
          ports:
            - containerPort: 5000
            {{- if .Values.metrics.enabled }}
            - containerPort: {{ (split ":" .Values.configData.http.debug.addr)._1 }}
              name: http-metrics
              protocol: TCP
            {{- end }}
          livenessProbe:
            httpGet:
              {{- if .Values.tlsSecretName }}
              scheme: HTTPS
              {{- end }}
              path: /
              port: 5000
          readinessProbe:
            httpGet:
              {{- if .Values.tlsSecretName }}
              scheme: HTTPS
              {{- end }}
              path: /
              port: 5000
          resources: {{ toYaml .Values.resources | nindent 12 }}
          env: {{ include "docker-registry.envs" . | nindent 12 }}
          volumeMounts: {{ include "docker-registry.volumeMounts" . | nindent 12 }}
      {{- if .Values.nodeSelector }}
      nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
      {{- end }}
      {{- if .Values.affinity }}
      affinity: {{ toYaml .Values.affinity | nindent 8 }}
      {{- end }}
      {{- if .Values.tolerations }}
      tolerations: {{ toYaml .Values.tolerations | nindent 8 }}
      {{- end }}
      volumes: {{ include "docker-registry.volumes" . | nindent 8 }}