{{ if .Values.clair.enabled }} apiVersion: apps/v1 kind: Deployment metadata: name: {{ template "harbor.clair" . }} labels: {{ include "harbor.labels" . | indent 4 }} app: clair spec: replicas: {{ .Values.clair.replicas }} selector: matchLabels: {{ include "harbor.matchLabels" . | indent 6 }} app: clair template: metadata: labels: {{ include "harbor.labels" . | indent 8 }} app: clair annotations: checksum/configmap: {{ include (print $.Template.BasePath "/clair/clair-cm.yaml") . | sha256sum }} {{- if .Values.clair.podAnnotations }} {{ toYaml .Values.clair.podAnnotations | indent 8 }} {{- end }} spec: containers: - name: clair image: {{ .Values.clair.image.repository }}:{{ .Values.clair.image.tag }} imagePullPolicy: {{ .Values.imagePullPolicy }} livenessProbe: httpGet: path: /health port: 6061 initialDelaySeconds: 30 periodSeconds: 10 readinessProbe: httpGet: path: /health port: 6061 initialDelaySeconds: 30 periodSeconds: 10 args: ["-log-level", "{{ .Values.logLevel }}"] env: {{- if .Values.clair.httpProxy }} - name: HTTP_PROXY value: {{ .Values.clair.httpProxy }} {{- end }} {{- if .Values.clair.httpsProxy }} - name: HTTPS_PROXY value: {{ .Values.clair.httpsProxy }} {{- end }} - name: NO_PROXY value: "{{ template "harbor.registry" . }},{{ template "harbor.core" . }}" {{- if .Values.clair.resources }} resources: {{ toYaml .Values.clair.resources | indent 10 }} {{- end }} ports: - containerPort: 6060 volumeMounts: - name: clair-config mountPath: /etc/clair/config.yaml subPath: config.yaml - name: etc-localtime mountPath: /etc/localtime volumes: - name: etc-localtime hostPath: path: /etc/localtime - name: clair-config configMap: name: "{{ template "harbor.clair" . }}" items: - key: config.yaml path: config.yaml {{- with .Values.clair.nodeSelector }} nodeSelector: {{ toYaml . | indent 8 }} {{- end }} {{- with .Values.clair.affinity }} affinity: {{ toYaml . | indent 8 }} {{- end }} {{- with .Values.clair.tolerations }} tolerations: {{ toYaml . | indent 8 }} {{- end }} {{ end }}