apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "hapi-fhir-jpaserver.fullname" . }} labels: {{- include "hapi-fhir-jpaserver.labels" . | nindent 4 }} {{- with .Values.deploymentAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: {{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 6 }} template: metadata: {{- with .Values.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "hapi-fhir-jpaserver.selectorLabels" . | nindent 8 }} spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} securityContext: {{- toYaml .Values.podSecurityContext | nindent 8 }} {{- if .Values.postgresql.enabled }} initContainers: - name: wait-for-db image: busybox:1.32 imagePullPolicy: IfNotPresent securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true privileged: false capabilities: drop: - ALL runAsNonRoot: true runAsUser: 11111 runAsGroup: 11111 command: ["sh", "-c", "while ! nc -z {{ .Release.Name }}-postgresql 5432 -w 5; do echo $(date) waiting for database; sleep 5; done;"] {{- end }} containers: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} image: "{{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} ports: - name: http containerPort: 8080 protocol: TCP readinessProbe: httpGet: path: / port: http {{- with .Values.readinessProbe }} initialDelaySeconds: {{ .initialDelaySeconds }} periodSeconds: {{ .periodSeconds }} timeoutSeconds: {{ .timeoutSeconds }} successThreshold: {{ .successThreshold }} failureThreshold: {{ .failureThreshold }} {{- end }} startupProbe: httpGet: path: /fhir/Patient?_count=1 port: http {{- with .Values.startupProbe }} initialDelaySeconds: {{ .initialDelaySeconds }} periodSeconds: {{ .periodSeconds }} timeoutSeconds: {{ .timeoutSeconds }} successThreshold: {{ .successThreshold }} failureThreshold: {{ .failureThreshold }} {{- end }} resources: {{- toYaml .Values.resources | nindent 12 }} env: - name: SPRING_DATASOURCE_URL value: {{ include "hapi-fhir-jpaserver.database.jdbcUrl" $ }} - name: SPRING_DATASOURCE_USERNAME value: {{ include "hapi-fhir-jpaserver.database.user" $ }} - name: SPRING_DATASOURCE_PASSWORD valueFrom: secretKeyRef: name: {{ include "hapi-fhir-jpaserver.postgresql.secretName" . }} key: postgresql-password - name: SPRING_DATASOURCE_DRIVERCLASSNAME value: org.postgresql.Driver - name: SPRING_JPA_PROPERTIES_HIBERNATE_DIALECT value: org.hibernate.dialect.PostgreSQL10Dialect - name: HAPI_FHIR_USE_APACHE_ADDRESS_STRATEGY value: "true" - name: SPRING_JPA_DATABASE_PLATFORM value: org.hibernate.dialect.PostgreSQLDialect {{- if .Values.extraEnv }} {{ toYaml .Values.extraEnv | nindent 12 }} {{- end }} volumeMounts: - mountPath: /tmp name: tmp-volume - mountPath: /app/target name: lucenefiles-volume {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} volumes: - name: tmp-volume emptyDir: {} - name: lucenefiles-volume emptyDir: {}