{{- if .Values.gateway.enabled }} {{ $dict := dict "ctx" . "component" "gateway" }} apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "tempo.resourceName" $dict }} namespace: {{ .Release.Namespace }} labels: {{- include "tempo.labels" $dict | nindent 4 }} spec: minReadySeconds: 10 {{- if not .Values.gateway.autoscaling.enabled }} replicas: {{ .Values.gateway.replicas }} {{- end }} revisionHistoryLimit: 10 selector: matchLabels: {{- include "tempo.selectorLabels" $dict | nindent 6 }} template: metadata: annotations: checksum/config: {{ include (print .Template.BasePath "/gateway/configmap-gateway.yaml") . | sha256sum }} {{- with .Values.tempo.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.gateway.podAnnotations }} {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "tempo.selectorLabels" $dict | nindent 8 }} {{- with .Values.tempo.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.gateway.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} spec: {{- if or (.Values.gateway.priorityClassName) (.Values.global.priorityClassName) }} priorityClassName: {{ default .Values.gateway.priorityClassName .Values.global.priorityClassName }} {{- end }} serviceAccountName: {{ include "tempo.serviceAccountName" . }} {{- with .Values.tempo.podSecurityContext }} securityContext: {{- toYaml . | nindent 8 }} {{- end }} terminationGracePeriodSeconds: {{ .Values.gateway.terminationGracePeriodSeconds }} enableServiceLinks: false {{- include "tempo.gatewayImagePullSecrets" . | nindent 6 -}} {{- with .Values.gateway.hostAliases }} hostAliases: {{- toYaml . | nindent 8 }} {{- end }} containers: - name: nginx image: "{{ include "tempo.imageReference" $dict }}" imagePullPolicy: {{ .Values.gateway.image.pullPolicy }} ports: - name: http-metrics containerPort: 8080 protocol: TCP {{- with .Values.gateway.extraEnv }} env: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.gateway.extraEnvFrom }} envFrom: {{- toYaml . | nindent 12 }} {{- end }} readinessProbe: {{- toYaml .Values.gateway.readinessProbe | nindent 12 }} volumeMounts: - name: config mountPath: /etc/nginx {{- if .Values.enterprise.enabled }} - name: license mountPath: /license {{- end }} {{- if .Values.gateway.basicAuth.enabled }} - name: auth mountPath: /etc/nginx/secrets {{- end }} - name: tmp mountPath: /tmp - name: docker-entrypoint-d-override mountPath: /docker-entrypoint.d {{- if .Values.gateway.extraVolumeMounts }} {{- toYaml .Values.gateway.extraVolumeMounts | nindent 12 }} {{- end }} resources: {{- toYaml .Values.gateway.resources | nindent 12 }} {{- with .Values.tempo.securityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} {{- if semverCompare ">= 1.19-0" .Capabilities.KubeVersion.Version }} {{- with .Values.gateway.topologySpreadConstraints }} topologySpreadConstraints: {{- tpl . $ | nindent 8 }} {{- end }} {{- end }} {{- with .Values.gateway.affinity }} affinity: {{- tpl . $ | nindent 8 }} {{- end }} {{- with .Values.gateway.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.gateway.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} volumes: - name: config configMap: name: {{ include "tempo.resourceName" (dict "ctx" . "component" "gateway") }} {{- if .Values.enterprise.enabled -}} - name: license secret: secretName: {{ tpl .Values.license.secretName . }} {{- end }} {{- if .Values.gateway.basicAuth.enabled }} - name: auth secret: secretName: {{ include "tempo.gatewayAuthSecret" . }} {{- end }} - name: tmp emptyDir: {} - name: docker-entrypoint-d-override emptyDir: {} {{- if .Values.gateway.extraVolumes }} {{- toYaml .Values.gateway.extraVolumes | nindent 8 }} {{- end }} {{- end }}