apiVersion: apps/v1
kind: Deployment
metadata:
  name: apolo-postgres
  namespace: apolo
  labels:
    app.kubernetes.io/name: apolo-postgres
    app.kubernetes.io/part-of: apolo
    app.kubernetes.io/component: postgres
spec:
  replicas: 1
  selector:
    matchLabels:
      app.kubernetes.io/name: apolo-postgres
  template:
    metadata:
      labels:
        app.kubernetes.io/name: apolo-postgres
        app.kubernetes.io/part-of: apolo
        app.kubernetes.io/component: postgres
    spec:
      imagePullSecrets:
        - name: harbor-cred-apolo
      securityContext:
        fsGroup: 999
      initContainers:
        - name: init-pgdata
          image: busybox:1.36
          command:
            - sh
            - -c
            - |
              mkdir -p /var/lib/postgresql/data/pgdata
              chown -R 999:999 /var/lib/postgresql/data
              chmod 700 /var/lib/postgresql/data/pgdata
          volumeMounts:
            - name: pgdata
              mountPath: /var/lib/postgresql/data
          securityContext:
            runAsUser: 0
      containers:
        - name: postgres
          image: harbor.c2et.net/apolo/xrf-db:6.0
          imagePullPolicy: IfNotPresent
          securityContext:
            runAsUser: 999
            runAsGroup: 999
          env:
            - name: PGDATA
              value: /var/lib/postgresql/data/pgdata
          envFrom:
            - secretRef:
                name: apolo-db-secret
          ports:
            - containerPort: 5432
          readinessProbe:
            exec:
              command: ["/bin/sh","-c","pg_isready -U $POSTGRES_USER -d $POSTGRES_DB -h 127.0.0.1"]
            initialDelaySeconds: 10
            periodSeconds: 10
          livenessProbe:
            tcpSocket: { port: 5432 }
            initialDelaySeconds: 30
            periodSeconds: 20
      volumes:
        - name: pgdata
          persistentVolumeClaim:
            claimName: apolo-pgdata