blob: 1c9e1962cf9d08da4898db91c6ee83dd3f666d50 [file] [log] [blame]
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: autoroll-be-luci-go-infra-autoroll
spec:
serviceName: "autoroll-be-luci-go-infra-autoroll"
replicas: 1
selector:
matchLabels:
app: autoroll-be-luci-go-infra-autoroll
updateStrategy:
type: RollingUpdate
template:
metadata:
labels:
app: autoroll-be-luci-go-infra-autoroll # Pod template's label selector
annotations:
prometheus.io.scrape: "true"
prometheus.io.port: "20000"
spec:
automountServiceAccountToken: false
securityContext:
runAsUser: 2000 # aka skia
fsGroup: 2000 # aka skia
containers:
- name: autoroll-be-luci-go-infra-autoroll
image: gcr.io/skia-public/autoroll-be:2019-10-01T16_39_30Z-borenet-ad41711-clean
args:
- "--logtostderr"
- "--config=eyJjaGlsZE5hbWUiOiJsdWNpLWdvIiwiY29udGFjdHMiOlsidGFuZHJpaUBjaHJvbWl1bS5vcmciXSwiaXNJbnRlcm5hbCI6ZmFsc2UsInBhcmVudE5hbWUiOiJpbmZyYSIsInBhcmVudFdhdGVyZmFsbCI6Imh0dHBzOi8vY2kuY2hyb21pdW0ub3JnL3AvaW5mcmEvZy9pbmZyYS9jb25zb2xlIiwicm9sbGVyTmFtZSI6Imx1Y2ktZ28taW5mcmEtYXV0b3JvbGwiLCJzZXJ2aWNlQWNjb3VudCI6ImNocm9taXVtLWF1dG9yb2xsQHNraWEtcHVibGljLmlhbS5nc2VydmljZWFjY291bnQuY29tIiwic2hlcmlmZiI6WyJ0YW5kcmlpK2luZnJhLXJvbGxAY2hyb21pdW0ub3JnIl0sImdlcnJpdCI6eyJ1cmwiOiJodHRwczovL2Nocm9taXVtLXJldmlldy5nb29nbGVzb3VyY2UuY29tIiwicHJvamVjdCI6ImluZnJhL2luZnJhIiwiY29uZmlnIjoiY2hyb21pdW0ifSwiZnJlZVR5cGVSZXBvTWFuYWdlciI6bnVsbCwibm9DaGVja291dERFUFNSZXBvTWFuYWdlciI6eyJjaGlsZEJyYW5jaCI6Im1hc3RlciIsImNoaWxkUGF0aCI6ImluZnJhL2dvL3NyYy9nby5jaHJvbWl1bS5vcmcvbHVjaSIsInBhcmVudEJyYW5jaCI6Im1hc3RlciIsImNoaWxkUmV2TGlua1RtcGwiOiJodHRwczovL2Nocm9taXVtLmdvb2dsZXNvdXJjZS5jb20vaW5mcmEvbHVjaS9sdWNpLWdvLmdpdC8rLyVzIiwiY29tbWl0TXNnVG1wbCI6IiIsInBhcmVudFJlcG8iOiJodHRwczovL2Nocm9taXVtLmdvb2dsZXNvdXJjZS5jb20vaW5mcmEvaW5mcmEuZ2l0IiwiY2hpbGRSZXBvIjoiaHR0cHM6Ly9jaHJvbWl1bS5nb29nbGVzb3VyY2UuY29tL2luZnJhL2x1Y2kvbHVjaS1nby5naXQiLCJpbmNsdWRlQnVncyI6dHJ1ZSwiaW5jbHVkZUxvZyI6dHJ1ZSwidHJhbnNpdGl2ZURlcHMiOm51bGx9LCJrdWJlcm5ldGVzIjp7ImNwdSI6IjEiLCJtZW1vcnkiOiIyR2kiLCJkaXNrIjoiIn0sIm1heFJvbGxGcmVxdWVuY3kiOiIwbSJ9"
- "--email_creds=/var/secrets/autoroll-email-creds"
- "--firestore_instance=production"
- "--port=:8000"
- "--prom_port=:20000"
- "--recipes_cfg=/usr/local/share/autoroll/recipes.cfg"
- "--workdir=/tmp"
- "--chat_webhooks_file=/etc/notifier-chat-config/chat_config.txt"
ports:
- containerPort: 8000
- containerPort: 20000
volumeMounts:
- name: autoroll-be-chromium-autoroll-sa
mountPath: /var/secrets/google
- name: autoroll-email-creds
mountPath: /var/secrets/autoroll-email-creds
- name: notifier-chat-config
mountPath: /etc/notifier-chat-config/
env:
- name: GOOGLE_APPLICATION_CREDENTIALS
value: /var/secrets/google/key.json
- name: TMPDIR
value: /tmp
resources:
limits:
memory: "2Gi"
cpu: 1
readinessProbe:
httpGet:
path: /healthz
port: 8000
initialDelaySeconds: 30
periodSeconds: 30
failureThreshold: 10
volumes:
- name: autoroll-be-chromium-autoroll-sa
secret:
secretName: chromium-autoroll
- name: autoroll-email-creds
secret:
secretName: autoroll-email-creds
- name: notifier-chat-config
secret:
secretName: notifier-chat-config