Text file src/github.com/GoogleCloudPlatform/k8s-config-connector/config/installbundle/components/deletiondefender/deletiondefender.yaml

Documentation: github.com/GoogleCloudPlatform/k8s-config-connector/config/installbundle/components/deletiondefender

     1# Copyright 2022 Google LLC
     2#
     3# Licensed under the Apache License, Version 2.0 (the "License");
     4# you may not use this file except in compliance with the License.
     5# You may obtain a copy of the License at
     6#
     7#      http://www.apache.org/licenses/LICENSE-2.0
     8#
     9# Unless required by applicable law or agreed to in writing, software
    10# distributed under the License is distributed on an "AS IS" BASIS,
    11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12# See the License for the specific language governing permissions and
    13# limitations under the License.
    14
    15apiVersion: v1
    16kind: ServiceAccount
    17metadata:
    18  name: deletiondefender
    19---
    20apiVersion: v1
    21kind: Service
    22metadata:
    23  name: deletiondefender
    24spec:
    25  selector:
    26    cnrm.cloud.google.com/component: cnrm-deletiondefender
    27  ports:
    28    - port: 443
    29      name: deletiondefender
    30---
    31apiVersion: apps/v1
    32kind: StatefulSet
    33metadata:
    34  name: deletiondefender
    35  labels:
    36    cnrm.cloud.google.com/component: cnrm-deletiondefender
    37spec:
    38  selector:
    39    matchLabels:
    40      cnrm.cloud.google.com/component: cnrm-deletiondefender
    41  serviceName: deletiondefender
    42  template:
    43    metadata:
    44      labels:
    45        cnrm.cloud.google.com/component: cnrm-deletiondefender
    46    spec:
    47      serviceAccountName: deletiondefender
    48      containers:
    49      - command:
    50        - /configconnector/deletiondefender
    51        image: deletiondefender:latest
    52        imagePullPolicy: Always
    53        name: deletiondefender
    54        ports:
    55        # Port used for readiness probe
    56        - containerPort: 23232
    57        resources:
    58          limits:
    59            memory: 1Gi
    60          requests:
    61            # This value was tuned to run on a GKE cluster with
    62            # default node settings. Increasing this value may
    63            # result in a backwards-incompatible change that breaks
    64            # add-on updates by not allowing new versions to schedule themselves.
    65            cpu: 250m
    66            memory: 1Gi
    67        securityContext:
    68          privileged: false
    69          runAsUser: 1000
    70          runAsNonRoot: true
    71          allowPrivilegeEscalation: false
    72        readinessProbe:
    73          httpGet:
    74            path: /ready
    75            port: 23232
    76          initialDelaySeconds: 7
    77          periodSeconds: 3
    78      enableServiceLinks: false
    79      terminationGracePeriodSeconds: 10

View as plain text