apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ include "passbook.fullname" . }}-web
  labels:
    app.kubernetes.io/name: {{ include "passbook.name" . }}
    helm.sh/chart: {{ include "passbook.chart" . }}
    app.kubernetes.io/instance: {{ .Release.Name }}
    app.kubernetes.io/managed-by: {{ .Release.Service }}
    k8s.passbook.beryju.org/component: web
spec:
  replicas: {{ .Values.serverReplicas }}
  selector:
    matchLabels:
      app.kubernetes.io/name: {{ include "passbook.name" . }}
      app.kubernetes.io/instance: {{ .Release.Name }}
      k8s.passbook.beryju.org/component: web
  template:
    metadata:
      labels:
        app.kubernetes.io/name: {{ include "passbook.name" . }}
        app.kubernetes.io/instance: {{ .Release.Name }}
        k8s.passbook.beryju.org/component: web
    spec:
      affinity:
        podAntiAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
          - weight: 1
            podAffinityTerm:
              labelSelector:
                matchExpressions:
                - key: app.kubernetes.io/name
                  operator: In
                  values:
                  - {{ include "passbook.name" . }}
                - key: app.kubernetes.io/instance
                  operator: In
                  values:
                  - {{ .Release.Name }}
                - key: k8s.passbook.beryju.org/component
                  operator: In
                  values:
                  - web
              topologyKey: "kubernetes.io/hostname"
      initContainers:
        - name: passbook-database-migrations
          image: "{{ .Values.image.name }}:{{ .Values.image.tag }}"
          args: [migrate]
          envFrom:
            - configMapRef:
                name: {{ include "passbook.fullname" . }}-config
              prefix: PASSBOOK_
          env:
            - name: PASSBOOK_SECRET_KEY
              valueFrom:
                secretKeyRef:
                  name: {{ include "passbook.fullname" . }}-secret-key
                  key: secret_key
            - name: PASSBOOK_REDIS__PASSWORD
              valueFrom:
                secretKeyRef:
                  name: "{{ .Release.Name }}-redis"
                  key: redis-password
            - name: PASSBOOK_POSTGRESQL__PASSWORD
              valueFrom:
                secretKeyRef:
                  name: "{{ .Release.Name }}-postgresql"
                  key: postgresql-password
      containers:
        - name: {{ .Chart.Name }}
          image: "{{ .Values.image.name }}:{{ .Values.image.tag }}"
          args: [server]
          envFrom:
            - configMapRef:
                name: {{ include "passbook.fullname" . }}-config
              prefix: PASSBOOK_
          env:
            - name: PASSBOOK_SECRET_KEY
              valueFrom:
                secretKeyRef:
                  name: "{{ include "passbook.fullname" . }}-secret-key"
                  key: "secret_key"
            - name: PASSBOOK_REDIS__PASSWORD
              valueFrom:
                secretKeyRef:
                  name: "{{ .Release.Name }}-redis"
                  key: "redis-password"
            - name: PASSBOOK_POSTGRESQL__PASSWORD
              valueFrom:
                secretKeyRef:
                  name: "{{ .Release.Name }}-postgresql"
                  key: "postgresql-password"
          ports:
            - name: http
              containerPort: 8000
              protocol: TCP
          livenessProbe:
            httpGet:
              path: /
              port: http
              httpHeaders:
                - name: Host
                  value: kubernetes-healthcheck-host
          readinessProbe:
            httpGet:
              path: /
              port: http
              httpHeaders:
                - name: Host
                  value: kubernetes-healthcheck-host
          resources:
            requests:
              cpu: 100m
              memory: 300M
            limits:
              cpu: 300m
              memory: 500M