github/kubescape
1
0
Fork 0
mirror of https://github.com/kubescape/kubescape.git synced 2026-02-14 18:09:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
eae6458b4248bbe01a2c267d823f18d1baa810d1
kubescape/httphandler/examples/microservice/ks-deployment.yaml
dwertent eae6458b42 fixed cmd init
2022-03-16 15:26:59 +02:00

112 lines
2.3 KiB
YAML
Raw Blame History

---
apiVersion: v1
kind: Namespace
metadata:
labels:
app: kubescape
name: ks-scanner
---
# ------------------- Kubescape Service Account ------------------- #
apiVersion: v1
kind: ServiceAccount
metadata:
labels:
app: kubescape
name: kubescape-discovery
namespace: ks-scanner
---
# ------------------- Kubescape Cluster Role & Cluster Role Binding ------------------- #
kind: ClusterRole
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kubescape-discovery-clusterroles
# "namespace" omitted since ClusterRoles are not namespaced
rules:
- apiGroups: ["*"]
resources: ["*"]
verbs: ["get", "list", "describe"]
---
kind: ClusterRoleBinding
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: kubescape-discovery-role-binding
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: ClusterRole
name: kubescape-discovery-clusterroles
subjects:
- kind: ServiceAccount
name: kubescape-discovery
namespace: ks-scanner
---
apiVersion: v1
kind: Service
metadata:
name: kubescape-service
namespace: ks-scanner
labels:
app: kubescape-service
spec:
type: NodePort
ports:
- port: 8080
name: http
targetPort: 8080
protocol: TCP
selector:
app: kubescape
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: kubescape
namespace: ks-scanner
labels:
app: kubescape
spec:
replicas: 1
selector:
matchLabels:
app: kubescape
template:
metadata:
labels:
app: kubescape
spec:
serviceAccountName: kubescape-discovery
containers:
- name: kubescape
livenessProbe:
httpGet:
path: /livez
port: 8080
initialDelaySeconds: 3
periodSeconds: 3
readinessProbe:
httpGet:
path: /readyz
port: 8080
initialDelaySeconds: 3
periodSeconds: 3
image: quay.io/armosec/kubescape:prometheus.v2
env:
- name: KS_DEFAULT_CONFIGMAP_NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
ports:
- containerPort: 8080
name: http
protocol: TCP
command:
- ksserver
resources:
requests:
cpu: 10m
memory: 100Mi
limits:
cpu: 500m
memory: 500Mi
Reference in New Issue View Git Blame Copy Permalink