apiVersion: apps/v1 kind: Deployment metadata: name: pieced-operator namespace: {{ .Release.Namespace }} labels: app.kubernetes.io/name: pieced-operator spec: replicas: {{ .Values.replicaCount }} selector: matchLabels: app.kubernetes.io/name: pieced-operator template: metadata: labels: app.kubernetes.io/name: pieced-operator spec: {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ .Values.serviceAccount.name }} securityContext: {{- toYaml .Values.securityContext | nindent 8 }} automountServiceAccountToken: true # Required for K8s API + Vault K8s auth containers: - name: operator image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" imagePullPolicy: {{ .Values.image.pullPolicy }} args: - --vault-addr={{ .Values.config.vault.address }} - --vault-role={{ .Values.config.vault.role }} - --vault-auth-path={{ .Values.config.vault.authPath }} - --litellm-url={{ .Values.config.litellm.url }} - --metrics-bind-address=:8080 - --health-probe-bind-address=:8081 {{- if .Values.leaderElection.enabled }} # Leader election is built into the manager {{- end }} env: - name: POD_NAMESPACE valueFrom: fieldRef: fieldPath: metadata.namespace ports: - name: metrics containerPort: 8080 protocol: TCP - name: health containerPort: 8081 protocol: TCP livenessProbe: httpGet: path: /healthz port: health initialDelaySeconds: 15 periodSeconds: 20 readinessProbe: httpGet: path: /readyz port: health initialDelaySeconds: 5 periodSeconds: 10 securityContext: {{- toYaml .Values.containerSecurityContext | nindent 12 }} resources: {{- toYaml .Values.resources | nindent 12 }} terminationGracePeriodSeconds: 10