golden/k8s-config-templates/gold-baselineserver-template.yaml - buildbot - Git at Google

 apiVersion: v1
 kind: Service
 metadata:
   labels:
     app: gold-{{.INSTANCE_ID}}-baselineserver
   name: gold-{{.INSTANCE_ID}}-baselineserver
 spec:
   ports:
     - name: http
       port: 8000
     - name: metrics
       port: 20000
   selector:
     app: gold-{{.INSTANCE_ID}}-baselineserver
   type: NodePort
 ---
 apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: gold-{{.INSTANCE_ID}}-baselineserver
 spec:
   replicas: 3
   selector:
     matchLabels:
       app: gold-{{.INSTANCE_ID}}-baselineserver
   strategy:
     type: RollingUpdate
   template:
     metadata:
       labels:
         app: gold-{{.INSTANCE_ID}}-baselineserver
         appgroup: gold-{{.INSTANCE_ID}}
       annotations:
         prometheus.io.scrape: "true"
         prometheus.io.port: "20000"
     spec:
       automountServiceAccountToken: false
       securityContext:
         runAsUser: 2000 # aka skia
         fsGroup: 2000   # aka skia
       containers:
         - name: gold-{{.INSTANCE_ID}}-baselineserver
           image: {{.BASELINE_SERVER_IMAGE}}
           args:
             - "--fs_namespace={{.INSTANCE_ID}}"
             - "--fs_project_id={{.FIRESTORE_PROJECT}}"
             - "--hashes_gs_path=skia-gold-{{.INSTANCE_ID}}/hash_files/gold-{{.INSTANCE_ID}}-hashes.txt"
             - "--logtostderr"
             - "--primary_crs={{.CODE_REVIEW_SYSTEM}}"
             - "--port=:8000"
             - "--prom_port=:20000"
           ports:
             - containerPort: 8000
               name: http
             - containerPort: 20000
               name: prom
           volumeMounts:
             - name: gold-service-account-secrets
               mountPath: /etc/gold-config/
           env:
             - name: GOOGLE_APPLICATION_CREDENTIALS
               value: /etc/gold-config/service-account.json
           resources:
             requests:
               memory: "500Mi"
               cpu: "500m"
           readinessProbe:
             httpGet:
               path: /healthz
               port: 8000
             initialDelaySeconds: 5
             periodSeconds: 3
       volumes:
         - name: gold-service-account-secrets
           secret:
             secretName: gold-service-account-secrets
	apiVersion: v1
	kind: Service
	metadata:
	labels:
	app: gold-{{.INSTANCE_ID}}-baselineserver
	name: gold-{{.INSTANCE_ID}}-baselineserver
	spec:
	ports:
	- name: http
	port: 8000
	- name: metrics
	port: 20000
	selector:
	app: gold-{{.INSTANCE_ID}}-baselineserver
	type: NodePort
	---
	apiVersion: apps/v1
	kind: Deployment
	metadata:
	name: gold-{{.INSTANCE_ID}}-baselineserver
	spec:
	replicas: 3
	selector:
	matchLabels:
	app: gold-{{.INSTANCE_ID}}-baselineserver
	strategy:
	type: RollingUpdate
	template:
	metadata:
	labels:
	app: gold-{{.INSTANCE_ID}}-baselineserver
	appgroup: gold-{{.INSTANCE_ID}}
	annotations:
	prometheus.io.scrape: "true"
	prometheus.io.port: "20000"
	spec:
	automountServiceAccountToken: false
	securityContext:
	runAsUser: 2000 # aka skia
	fsGroup: 2000 # aka skia
	containers:
	- name: gold-{{.INSTANCE_ID}}-baselineserver
	image: {{.BASELINE_SERVER_IMAGE}}
	args:
	- "--fs_namespace={{.INSTANCE_ID}}"
	- "--fs_project_id={{.FIRESTORE_PROJECT}}"
	- "--hashes_gs_path=skia-gold-{{.INSTANCE_ID}}/hash_files/gold-{{.INSTANCE_ID}}-hashes.txt"
	- "--logtostderr"
	- "--primary_crs={{.CODE_REVIEW_SYSTEM}}"
	- "--port=:8000"
	- "--prom_port=:20000"
	ports:
	- containerPort: 8000
	name: http
	- containerPort: 20000
	name: prom
	volumeMounts:
	- name: gold-service-account-secrets
	mountPath: /etc/gold-config/
	env:
	- name: GOOGLE_APPLICATION_CREDENTIALS
	value: /etc/gold-config/service-account.json
	resources:
	requests:
	memory: "500Mi"
	cpu: "500m"
	readinessProbe:
	httpGet:
	path: /healthz
	port: 8000
	initialDelaySeconds: 5
	periodSeconds: 3
	volumes:
	- name: gold-service-account-secrets
	secret:
	secretName: gold-service-account-secrets