mirror of
https://github.com/kubeshark/kubeshark.git
synced 2026-02-14 10:00:08 +00:00
633a17a0e0
* 🔧 Add `scripting.enabled` helm value * 🔧 Add `REACT_APP_SCRIPTING_HIDDEN` front env * 🔧 Change `REACT_APP_SCRIPTING_HIDDEN` front env
191 lines
8.2 KiB
YAML
191 lines
8.2 KiB
YAML
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
labels:
|
|
app.kubeshark.com/app: front
|
|
{{- include "kubeshark.labels" . | nindent 4 }}
|
|
{{- if .Values.tap.annotations }}
|
|
annotations:
|
|
{{- toYaml .Values.tap.annotations | nindent 4 }}
|
|
{{- end }}
|
|
name: {{ include "kubeshark.name" . }}-front
|
|
namespace: {{ .Release.Namespace }}
|
|
spec:
|
|
replicas: 1 # Set the desired number of replicas
|
|
selector:
|
|
matchLabels:
|
|
app.kubeshark.com/app: front
|
|
{{- include "kubeshark.selectorLabels" . | nindent 6 }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app.kubeshark.com/app: front
|
|
{{- include "kubeshark.labels" . | nindent 8 }}
|
|
spec:
|
|
containers:
|
|
- env:
|
|
- name: REACT_APP_AUTH_ENABLED
|
|
value: '{{- if or (and .Values.cloudLicenseEnabled (not (empty .Values.license))) (not .Values.internetConnectivity) -}}
|
|
{{ (and .Values.tap.auth.enabled (eq .Values.tap.auth.type "dex")) | ternary true false }}
|
|
{{- else -}}
|
|
{{ .Values.cloudLicenseEnabled | ternary "true" .Values.tap.auth.enabled }}
|
|
{{- end }}'
|
|
- name: REACT_APP_AUTH_TYPE
|
|
value: '{{- if and .Values.cloudLicenseEnabled (not (eq .Values.tap.auth.type "dex")) -}}
|
|
default
|
|
{{- else -}}
|
|
{{ .Values.tap.auth.type }}
|
|
{{- end }}'
|
|
- name: REACT_APP_COMPLETE_STREAMING_ENABLED
|
|
value: '{{- if and (hasKey .Values.tap "dashboard") (hasKey .Values.tap.dashboard "completeStreamingEnabled") -}}
|
|
{{ eq .Values.tap.dashboard.completeStreamingEnabled true | ternary "true" "false" }}
|
|
{{- else -}}
|
|
true
|
|
{{- end }}'
|
|
- name: REACT_APP_STREAMING_TYPE
|
|
value: '{{ default "" (((.Values).tap).dashboard).streamingType }}'
|
|
- name: REACT_APP_AUTH_SAML_IDP_METADATA_URL
|
|
value: '{{ not (eq .Values.tap.auth.saml.idpMetadataUrl "") | ternary .Values.tap.auth.saml.idpMetadataUrl " " }}'
|
|
- name: REACT_APP_TIMEZONE
|
|
value: '{{ not (eq .Values.timezone "") | ternary .Values.timezone " " }}'
|
|
- name: REACT_APP_SCRIPTING_HIDDEN
|
|
value: '{{- if and .Values.scripting (eq (.Values.scripting.enabled | toString) "false") -}}
|
|
true
|
|
{{- else -}}
|
|
false
|
|
{{- end }}'
|
|
- name: REACT_APP_SCRIPTING_DISABLED
|
|
value: '{{- if .Values.tap.liveConfigMapChangesDisabled -}}
|
|
{{- if .Values.demoModeEnabled -}}
|
|
{{ .Values.demoModeEnabled | ternary false true }}
|
|
{{- else -}}
|
|
true
|
|
{{- end }}
|
|
{{- else -}}
|
|
false
|
|
{{- end }}'
|
|
- name: REACT_APP_TARGETED_PODS_UPDATE_DISABLED
|
|
value: '{{ .Values.tap.liveConfigMapChangesDisabled }}'
|
|
- name: REACT_APP_PRESET_FILTERS_CHANGING_ENABLED
|
|
value: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "false" "true" }}'
|
|
- name: REACT_APP_BPF_OVERRIDE_DISABLED
|
|
value: '{{ eq .Values.tap.packetCapture "af_packet" | ternary "false" "true" }}'
|
|
- name: REACT_APP_RECORDING_DISABLED
|
|
value: '{{ .Values.tap.liveConfigMapChangesDisabled }}'
|
|
- name: REACT_APP_STOP_TRAFFIC_CAPTURING_DISABLED
|
|
value: '{{- if and .Values.tap.liveConfigMapChangesDisabled .Values.tap.capture.stopped -}}
|
|
false
|
|
{{- else -}}
|
|
{{ .Values.tap.liveConfigMapChangesDisabled | ternary "true" "false" }}
|
|
{{- end -}}'
|
|
- name: 'REACT_APP_CLOUD_LICENSE_ENABLED'
|
|
value: '{{- if or (and .Values.cloudLicenseEnabled (not (empty .Values.license))) (not .Values.internetConnectivity) -}}
|
|
"false"
|
|
{{- else -}}
|
|
{{ .Values.cloudLicenseEnabled }}
|
|
{{- end }}'
|
|
- name: REACT_APP_SUPPORT_CHAT_ENABLED
|
|
value: '{{ and .Values.supportChatEnabled .Values.internetConnectivity | ternary "true" "false" }}'
|
|
- name: REACT_APP_BETA_ENABLED
|
|
value: '{{ default false .Values.betaEnabled | ternary "true" "false" }}'
|
|
- name: REACT_APP_DISSECTORS_UPDATING_ENABLED
|
|
value: '{{ .Values.tap.liveConfigMapChangesDisabled | ternary "false" "true" }}'
|
|
- name: REACT_APP_RAW_CAPTURE_ENABLED
|
|
value: '{{ .Values.tap.capture.raw.enabled | ternary "true" "false" }}'
|
|
- name: REACT_APP_SENTRY_ENABLED
|
|
value: '{{ (include "sentry.enabled" .) }}'
|
|
- name: REACT_APP_SENTRY_ENVIRONMENT
|
|
value: '{{ .Values.tap.sentry.environment }}'
|
|
{{- if .Values.tap.docker.overrideImage.front }}
|
|
image: '{{ .Values.tap.docker.overrideImage.front }}'
|
|
{{- else if .Values.tap.docker.overrideTag.front }}
|
|
image: '{{ .Values.tap.docker.registry }}/front:{{ .Values.tap.docker.overrideTag.front }}'
|
|
{{ else }}
|
|
image: '{{ .Values.tap.docker.registry }}/front:{{ not (eq .Values.tap.docker.tag "") | ternary .Values.tap.docker.tag (include "kubeshark.defaultVersion" .) }}'
|
|
{{- end }}
|
|
imagePullPolicy: {{ .Values.tap.docker.imagePullPolicy }}
|
|
name: kubeshark-front
|
|
livenessProbe:
|
|
periodSeconds: 1
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
initialDelaySeconds: 3
|
|
tcpSocket:
|
|
port: 8080
|
|
readinessProbe:
|
|
periodSeconds: 1
|
|
failureThreshold: 3
|
|
successThreshold: 1
|
|
initialDelaySeconds: 3
|
|
tcpSocket:
|
|
port: 8080
|
|
timeoutSeconds: 1
|
|
resources:
|
|
limits:
|
|
cpu: 750m
|
|
memory: 1Gi
|
|
requests:
|
|
cpu: 50m
|
|
memory: 50Mi
|
|
volumeMounts:
|
|
- name: nginx-config
|
|
mountPath: /etc/nginx/conf.d/default.conf
|
|
subPath: default.conf
|
|
readOnly: true
|
|
{{- if gt (len .Values.tap.nodeSelectorTerms.front) 0}}
|
|
affinity:
|
|
nodeAffinity:
|
|
requiredDuringSchedulingIgnoredDuringExecution:
|
|
nodeSelectorTerms:
|
|
{{- toYaml .Values.tap.nodeSelectorTerms.front | nindent 12 }}
|
|
{{- end }}
|
|
{{- if or .Values.tap.dns.nameservers .Values.tap.dns.searches .Values.tap.dns.options }}
|
|
dnsConfig:
|
|
{{- if .Values.tap.dns.nameservers }}
|
|
nameservers:
|
|
{{- range .Values.tap.dns.nameservers }}
|
|
- {{ . | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.tap.dns.searches }}
|
|
searches:
|
|
{{- range .Values.tap.dns.searches }}
|
|
- {{ . | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.tap.dns.options }}
|
|
options:
|
|
{{- range .Values.tap.dns.options }}
|
|
- name: {{ .name | quote }}
|
|
{{- if .value }}
|
|
value: {{ .value | quote }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- if .Values.tap.tolerations.front }}
|
|
tolerations:
|
|
{{- range .Values.tap.tolerations.front }}
|
|
- key: {{ .key | quote }}
|
|
operator: {{ .operator | quote }}
|
|
{{- if .value }}
|
|
value: {{ .value | quote }}
|
|
{{- end }}
|
|
{{- if .effect }}
|
|
effect: {{ .effect | quote }}
|
|
{{- end }}
|
|
{{- if .tolerationSeconds }}
|
|
tolerationSeconds: {{ .tolerationSeconds }}
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- end }}
|
|
volumes:
|
|
- name: nginx-config
|
|
configMap:
|
|
name: kubeshark-nginx-config-map
|
|
dnsPolicy: ClusterFirstWithHostNet
|
|
serviceAccountName: {{ include "kubeshark.serviceAccountName" . }}
|
|
{{- if .Values.tap.priorityClass }}
|
|
priorityClassName: {{ .Values.tap.priorityClass | quote }}
|
|
{{- end }}
|