Text file src/github.com/GoogleCloudPlatform/k8s-config-connector/operator/config/manager/manager.yaml

Documentation: github.com/GoogleCloudPlatform/k8s-config-connector/operator/config/manager

     1# Copyright 2022 Google LLC
     2#
     3# Licensed under the Apache License, Version 2.0 (the "License");
     4# you may not use this file except in compliance with the License.
     5# You may obtain a copy of the License at
     6#
     7#      http://www.apache.org/licenses/LICENSE-2.0
     8#
     9# Unless required by applicable law or agreed to in writing, software
    10# distributed under the License is distributed on an "AS IS" BASIS,
    11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12# See the License for the specific language governing permissions and
    13# limitations under the License.
    14
    15apiVersion: v1
    16kind: Namespace
    17metadata:
    18  name: configconnector-operator-system
    19---
    20apiVersion: v1
    21kind: ServiceAccount
    22metadata:
    23  name: configconnector-operator
    24---
    25apiVersion: v1
    26kind: Service
    27metadata:
    28  name: configconnector-operator-service
    29spec:
    30  ports:
    31  - name: controller-manager
    32    port: 443
    33  selector:
    34    cnrm.cloud.google.com/component: configconnector-operator
    35---
    36apiVersion: apps/v1
    37kind: StatefulSet
    38metadata:
    39  labels:
    40    cnrm.cloud.google.com/component: configconnector-operator
    41  name: configconnector-operator
    42spec:
    43  # specifying replicas explicitly would help to enforce the intended
    44  # value when the file is applied.
    45  replicas: 1
    46  selector:
    47    matchLabels:
    48      cnrm.cloud.google.com/component: configconnector-operator
    49  serviceName: configconnector-operator-service
    50  template:
    51    metadata:
    52      labels:
    53        cnrm.cloud.google.com/component: configconnector-operator
    54    spec:
    55      securityContext:
    56        seccompProfile:
    57          type: RuntimeDefault
    58      containers:
    59      - args:
    60        - --local-repo=/configconnector-operator/channels
    61        command:
    62        - /configconnector-operator/manager
    63        image: operator:latest
    64        imagePullPolicy: Always
    65        name: manager
    66        resources:
    67          limits:
    68            memory: 1Gi
    69          requests:
    70            # This value was tuned to run on a GKE cluster with
    71            # default node settings. Increasing this value may
    72            # result in a backwards-incompatible change that breaks
    73            # add-on updates by not allowing new versions to schedule themselves.
    74            cpu: 100m
    75            memory: 512Mi
    76        securityContext:
    77          runAsUser: 1000
    78          runAsNonRoot: true
    79          runAsGroup: 1000
    80          capabilities:
    81            drop:
    82            - all
    83          allowPrivilegeEscalation: false
    84      enableServiceLinks: false
    85      serviceAccountName: configconnector-operator
    86      terminationGracePeriodSeconds: 10

View as plain text