apiVersion: apps/v1 kind: Deployment metadata:

name: <%= config[:appname] %>-<%= config[:environment] %>
namespace: <%= config[:namespace] %>
labels:
  app: <%= config[:appname] %>-<%= config[:environment] %>

spec:

replicas: 1
strategy:
  rollingUpdate:
    maxSurge: 1
    maxUnavailable: 0
  type: RollingUpdate
selector:
  matchLabels:
    app: <%= config[:appname] %>-<%= config[:environment] %>
template:
  metadata:
    labels:
      app: <%= config[:appname] %>-<%= config[:environment] %>
  spec:
    volumes:
    - name: rails-data
      emptyDir: {}
    containers:
    - env:
      - name: RAILS_ENV
        value: production
      envFrom:
      - configMapRef:
          name: <%= config[:appname] %>-<%= config[:environment] %>-config
      - secretRef:
          name: <%= config[:appname] %>-<%= config[:environment] %>-dbconfig
      image: <%= config[:imagename] %>
      imagePullPolicy: Always
      volumeMounts:
      - name: rails-data
        mountPath: /app/public-shared
      lifecycle:
        postStart:
          exec:
            command: ["/bin/sh", "-c", "cp -r /app/public/* /app/public-shared"]
      livenessProbe:
        failureThreshold: 3
        httpGet:
          path: /healthcheck
          port: 3000
          scheme: HTTP
        initialDelaySeconds: 10
        periodSeconds: 10
        successThreshold: 1
        timeoutSeconds: 10
      name: <%= config[:appname] %>-<%= config[:environment] %>
      readinessProbe:
        failureThreshold: 3
        httpGet:
          path: /healthcheck
          port: 3000
          scheme: HTTP
        initialDelaySeconds: 10
        periodSeconds: 10
        successThreshold: 2
        timeoutSeconds: 10
      resources:
        requests:
          memory: "512Mi"
          cpu: "500m"
        limits:
          memory: "1024Mi"
          cpu: "1000m"
      securityContext:
        allowPrivilegeEscalation: false
        privileged: false
        procMount: Default
        readOnlyRootFilesystem: false
        runAsNonRoot: false
      stdin: true
      tty: true
    - env:
      - name: HTTPS_PROXY_REDIRECT
        value: "1"
      - name: NGINX_SERVER_NAME
        value: <%= config[:hostname] %>
      image: nexus.devops-e.de:8090/ema/rails-http:latest
      imagePullPolicy: Always
      volumeMounts:
      - name: rails-data
        mountPath: /app/public
      name: <%= config[:appname] %>-<%= config[:environment] %>-nginx
      ports:
      - containerPort: 80
        name: 80tcp2
        protocol: TCP
      resources:
        requests:
          memory: "128Mi"
          cpu: "125m"
        limits:
          memory: "256Mi"
          cpu: "250m"
      securityContext:
        allowPrivilegeEscalation: false
        privileged: false
        procMount: Default
        readOnlyRootFilesystem: false
        runAsNonRoot: false
      stdin: true
      tty: true
    dnsPolicy: ClusterFirst
    hostAliases:
    - hostnames:
      - rails
      ip: 127.0.0.1
    imagePullSecrets:
    - name: nexus
    restartPolicy: Always