apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  name: {{ .Values.appName}}
  namespace: {{.Values.namespace}}
  labels:
    app: {{ .Values.appName}}
    version: {{.Values.version}}
spec:
  revisionHistoryLimit: 1
  minReadySeconds: 10
  strategy:
  # indicate which strategy we want for rolling update
    type: RollingUpdate
    rollingUpdate:
      maxSurge: 0
      maxUnavailable: 1
  replicas: {{ .Values.replicas}}
  selector:
    matchLabels:
      app: {{ .Values.appName}}
      version: {{.Values.version}}
  template:
    metadata:
      labels:
        app: {{ .Values.appName}}
        version: {{.Values.version}}
    spec:
      {{ if .Values.pullSecret }}
      imagePullSecrets:
        - name: {{ .Values.pullSecret }}
      {{ end }}
      serviceAccount: default
      volumes:
      - name: {{ .Values.appName}}-cert-volume
        secret:
          secretName: {{.Values.sharedCert}}
          optional: true
          items:
          - key: PEM_CERT
            path: otf.pem
          - key: PEM_KEY
            path: privateKey.pem
      - name: {{ .Values.appName}}-ssh-volume
        secret:
          secretName: {{.Values.appName}}
          optional: true
          items:
          - key: id_private_key
            path: id_otf.key
      {{ if or (eq .Values.env "st") (eq .Values.env "prod-dr")}}
      {{else}}
      - name: logging-pvc
        # persistentVolumeClaim:
        #   {{if eq .Values.env "prod"}}
        #   claimName: {{ .Values.pvc.prod | quote }}
        #   {{ else }}
        #   claimName: {{ .Values.pvc.dev | quote }}
        #   {{ end }}
      {{end}}
      containers:
      - name: {{ .Values.appName}}
        image: {{ .Values.image}}
        imagePullPolicy: Always
        ports:
        - name: http
          containerPort: 5000
          # nodePort: {{.Values.nodePort}}
          protocol: TCP
        {{ if eq .Values.env "st"}}
        resources:
          limits: 
            memory: "2Gi"
            cpu: "1"
          requests:
            memory: "1Gi"
            cpu: "500m"
        {{else}}   
        resources:
          limits:
            memory: "4Gi"
            cpu: "2"
          requests:
            memory: "1Gi"
            cpu: "1"
        {{end}}
        env:
        - name: NAMESPACE
          value: {{.Values.namespace}}
        - name: APP_NAME
          value: {{ .Values.appName}}
        - name: APP_VERSION
          value: {{.Values.version}}
        - name: id_private_key_passphrase
          valueFrom:
            secretKeyRef:
              name: {{ .Values.appName}}
              key: id_private_key_passphrase
              optional: true
        volumeMounts:
        - name: {{.Values.appName}}-cert-volume
          mountPath: /opt/cert
        - name: {{.Values.appName}}-ssh-volume
          mountPath: /ssh      
        {{ if or (eq .Values.env "st") (eq .Values.env "prod-dr")}}
        {{else}}
        - name: logging-pvc
          mountPath: "/otf/logs"
        {{end}}  
        livenessProbe:
          httpGet:
            path: {{.Values.health}}
            port: http
            scheme: HTTP
            httpHeaders:
              - name: X-Custom-Header
                value: Alive
          initialDelaySeconds: 30
          timeoutSeconds: 30
          periodSeconds: 30
        readinessProbe:
          httpGet:
            path: {{.Values.health}}
            port: http
            scheme: HTTP
            httpHeaders:
              - name: X-Custom-Header
                value: Ready
          initialDelaySeconds: 30
          timeoutSeconds: 30
          periodSeconds: 30
      restartPolicy: Always