blob: 20ab92437a1794230eeae63259fae6bbe6f97dba [file] [log] [blame]
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: autoroll-be-swiftshader-skia-autoroll
spec:
serviceName: "autoroll-be-swiftshader-skia-autoroll"
replicas: 1
selector:
matchLabels:
app: autoroll-be-swiftshader-skia-autoroll
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
app: autoroll-be-swiftshader-skia-autoroll # Pod template's label selector
annotations:
prometheus.io.scrape: "true"
prometheus.io.port: "20000"
spec:
automountServiceAccountToken: false
securityContext:
runAsUser: 2000 # aka skia
fsGroup: 2000 # aka skia
containers:
- name: autoroll-be-swiftshader-skia-autoroll
image: gcr.io/skia-public/autoroll-be:2019-01-16T13_17_33Z-borenet-a3f6fe3-clean
args:
- "--logtostderr"
- "--config_file=/usr/local/share/autoroll/config/swiftshader-skia.json"
- "--email_creds=/var/secrets/autoroll-email-creds"
- "--port=:8000"
- "--prom_port=:20000"
- "--recipes_cfg=/usr/local/share/autoroll/recipes.cfg"
- "--workdir=/data"
ports:
- containerPort: 8000
- containerPort: 20000
volumeMounts:
- name: autoroll-be-swiftshader-skia-autoroll-storage
mountPath: /data
- name: autoroll-be-skia-autoroll-sa
mountPath: /var/secrets/google
- name: autoroll-email-creds
mountPath: /var/secrets/autoroll-email-creds
env:
- name: GOOGLE_APPLICATION_CREDENTIALS
value: /var/secrets/google/key.json
- name: TMPDIR
value: /data/tmp
resources:
limits:
memory: "2Gi"
cpu: 1
readinessProbe:
httpGet:
path: /healthz
port: 8000
initialDelaySeconds: 30
periodSeconds: 30
failureThreshold: 10
volumes:
- name: autoroll-be-skia-autoroll-sa
secret:
secretName: skia-autoroll
- name: autoroll-email-creds
secret:
secretName: autoroll-email-creds
volumeClaimTemplates:
- metadata:
name: autoroll-be-swiftshader-skia-autoroll-storage
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 2Gi