apiVersion: apps/v1 kind: Deployment metadata: name: loomio-worker spec: replicas: 1 selector: matchLabels: component: worker template: metadata: labels: component: worker spec: containers: - name: worker image: {{ .workerImage }} env: - name: TASK value: worker - name: RAILS_ENV value: production - name: SITE_NAME value: {{ .appName }} - name: CANONICAL_HOST value: {{ .domain }} - name: PUBLIC_APP_URL value: https://{{ .domain }} - name: SUPPORT_EMAIL value: {{ .supportEmail }} - name: DATABASE_URL valueFrom: secretKeyRef: name: loomio-secrets key: dbUrl - name: REDIS_URL value: {{ .redisUrl }} - name: DEVISE_SECRET valueFrom: secretKeyRef: name: loomio-secrets key: deviseSecret - name: SECRET_COOKIE_TOKEN valueFrom: secretKeyRef: name: loomio-secrets key: secretCookieToken - name: ACTIVE_STORAGE_SERVICE value: {{ .activeStorageService }} - name: SMTP_AUTH value: {{ .smtp.auth }} - name: SMTP_DOMAIN value: {{ .smtp.domain }} - name: SMTP_SERVER value: {{ .smtp.host }} - name: SMTP_PORT value: "{{ .smtp.port }}" - name: SMTP_USERNAME value: {{ .smtp.user }} - name: SMTP_PASSWORD valueFrom: secretKeyRef: name: loomio-secrets key: smtpPassword - name: SMTP_USE_SSL value: "{{ .smtp.tls }}" - name: REPLY_HOSTNAME value: {{ .smtp.from }} - name: BUNDLE_APP_CONFIG value: /loomio/tmp/.bundle volumeMounts: - name: uploads mountPath: /loomio/public/system - name: storage mountPath: /loomio/storage - name: tmp mountPath: /loomio/tmp - name: log mountPath: /loomio/log resources: requests: memory: 256Mi cpu: 100m limits: memory: 1Gi cpu: 500m securityContext: runAsNonRoot: false runAsUser: 0 allowPrivilegeEscalation: false capabilities: drop: [ALL] readOnlyRootFilesystem: false seccompProfile: type: RuntimeDefault volumes: - name: uploads persistentVolumeClaim: claimName: loomio-uploads - name: storage persistentVolumeClaim: claimName: loomio-storage - name: tmp emptyDir: {} - name: log emptyDir: {}