hometown/chart/templates/deployment-web.yaml

129 lines
4.4 KiB
YAML
Raw Normal View History

apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "mastodon.fullname" . }}-web
labels:
{{- include "mastodon.labels" . | nindent 4 }}
spec:
Helm: Major refactoring regarding Deployments, Environment variables and more (#20733) * fix(chart): Remove non-functional Horizontal Pod Autoscaler The Horizontal Pod Autoscaler (HPA) refers to a Deployment that doesn't exist and therefore can not work. As a result it's pointless to carry it around in this chart and give the wrong impression it could work. This patch removes it from the helm chart and drops all references to it. * refactor(chart): Refactor sidekiq deployments to scale This patch reworks how the sidekiq deployment is set up, by splitting it into many sidekiq deployments, but at least one, which should allow to scale the number of sidekiq jobs as expected while being friendly to single user instances as well as larger ones. Further it introduces per deployment overwrites for the most relevant pod fields like resources, affinities and processed queues, number of jobs and the sidekiq security contexts. The exact implementation was inspired by an upstream issue: https://github.com/mastodon/mastodon/issues/20453 * fix(chart): Remove linode default values from values This patch drops the linode defaults from the values.yaml since these are not obvious and can cause unexpected connections as well as leaking secrets to linode, when other s3 storage backends are used and don't explicitly configure these options by accident. Mastodon will then try to authenticate to the linode backends and therefore disclose the authentication secrets. * refactor(chart): Rework reduce value reference duplication Since most of the values are simply setup like this: ``` {{- if .Values.someVariable }} SOME_VARIABLE: {{ .Values.someVariable }} {{- end }} ``` There is a lot of duplication in the references in order to full in the variables. There is an equivalent notation, which reduces the usage of the variable name to just once: ``` {{- with .Values.someVariable }} SOME_VARIABLE: {{ . }} {{- end }} ``` What seems like a pointless replacement, will reduce potential mistakes down the line by possibly only adjusting one of the two references. * fix(chart): Switch to new OMNIAUTH_ONLY variable This patch adjusts the helm chart to use the new `OMNIAUTH_ONLY` variable, which replaced the former `OAUTH_REDIRECT_AT_SIGN_IN` variable in the following commit: https://github.com/mastodon/mastodon/pull/17288 https://github.com/mastodon/mastodon/pull/17288/commits/3c8857917ea9b9b3a76adb7afcea5842c8e1c0d1 * fix(chart): Repair connection test to existing service Currently the connect test can't work, since it's connecting to a non-existing service this patch fixes the service name to make the job connect to the mastodon web service to verify the connection. * docs(chart): Adjust values.yaml to support helm-docs This patch updates most values to prepare an introduction of helm-docs. This should help to make the chart more user friendly by explaining the variables and provide a standardised README file, like many other helm charts do. References: https://github.com/norwoodj/helm-docs * refactor(chart): Allow individual overwrites for streaming and web deployment This patch works how the streaming and web deployments work by adding various fields to overwrite values such as affinities, resources, replica count, and security contexts. BREAKING CHANGE: This commit removes `.Values.replicaCount` in favour of `.Values.mastodon.web.replicas` and `.Values.mastodon.streaming.values`. * feat(chart): Add option for authorized fetch Currently the helm chart doesn't support authorized fetch aka. "Secure Mode" this patch fixes that by adding the needed config option to the values file and the configmap. * docs(chart): Improve helm-docs compatiblity This patch adjust a few more comments in the values.yaml to be picked up by helm-docs. This way, future adoption is properly prepared. * fix(chart): Add automatic detection of scheduler sidekiq queue This patch adds an automatic switch to the `Recreate` strategy for the sidekiq Pod in order to prevent accidental concurrency for the scheduler queue. * fix(chart): Repair broken DB_POOL variable
2022-11-24 20:30:29 +00:00
replicas: {{ .Values.mastodon.web.replicas }}
selector:
matchLabels:
{{- include "mastodon.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: rails
template:
metadata:
annotations:
Helm: Major refactoring regarding Deployments, Environment variables and more (#20733) * fix(chart): Remove non-functional Horizontal Pod Autoscaler The Horizontal Pod Autoscaler (HPA) refers to a Deployment that doesn't exist and therefore can not work. As a result it's pointless to carry it around in this chart and give the wrong impression it could work. This patch removes it from the helm chart and drops all references to it. * refactor(chart): Refactor sidekiq deployments to scale This patch reworks how the sidekiq deployment is set up, by splitting it into many sidekiq deployments, but at least one, which should allow to scale the number of sidekiq jobs as expected while being friendly to single user instances as well as larger ones. Further it introduces per deployment overwrites for the most relevant pod fields like resources, affinities and processed queues, number of jobs and the sidekiq security contexts. The exact implementation was inspired by an upstream issue: https://github.com/mastodon/mastodon/issues/20453 * fix(chart): Remove linode default values from values This patch drops the linode defaults from the values.yaml since these are not obvious and can cause unexpected connections as well as leaking secrets to linode, when other s3 storage backends are used and don't explicitly configure these options by accident. Mastodon will then try to authenticate to the linode backends and therefore disclose the authentication secrets. * refactor(chart): Rework reduce value reference duplication Since most of the values are simply setup like this: ``` {{- if .Values.someVariable }} SOME_VARIABLE: {{ .Values.someVariable }} {{- end }} ``` There is a lot of duplication in the references in order to full in the variables. There is an equivalent notation, which reduces the usage of the variable name to just once: ``` {{- with .Values.someVariable }} SOME_VARIABLE: {{ . }} {{- end }} ``` What seems like a pointless replacement, will reduce potential mistakes down the line by possibly only adjusting one of the two references. * fix(chart): Switch to new OMNIAUTH_ONLY variable This patch adjusts the helm chart to use the new `OMNIAUTH_ONLY` variable, which replaced the former `OAUTH_REDIRECT_AT_SIGN_IN` variable in the following commit: https://github.com/mastodon/mastodon/pull/17288 https://github.com/mastodon/mastodon/pull/17288/commits/3c8857917ea9b9b3a76adb7afcea5842c8e1c0d1 * fix(chart): Repair connection test to existing service Currently the connect test can't work, since it's connecting to a non-existing service this patch fixes the service name to make the job connect to the mastodon web service to verify the connection. * docs(chart): Adjust values.yaml to support helm-docs This patch updates most values to prepare an introduction of helm-docs. This should help to make the chart more user friendly by explaining the variables and provide a standardised README file, like many other helm charts do. References: https://github.com/norwoodj/helm-docs * refactor(chart): Allow individual overwrites for streaming and web deployment This patch works how the streaming and web deployments work by adding various fields to overwrite values such as affinities, resources, replica count, and security contexts. BREAKING CHANGE: This commit removes `.Values.replicaCount` in favour of `.Values.mastodon.web.replicas` and `.Values.mastodon.streaming.values`. * feat(chart): Add option for authorized fetch Currently the helm chart doesn't support authorized fetch aka. "Secure Mode" this patch fixes that by adding the needed config option to the values file and the configmap. * docs(chart): Improve helm-docs compatiblity This patch adjust a few more comments in the values.yaml to be picked up by helm-docs. This way, future adoption is properly prepared. * fix(chart): Add automatic detection of scheduler sidekiq queue This patch adds an automatic switch to the `Recreate` strategy for the sidekiq Pod in order to prevent accidental concurrency for the scheduler queue. * fix(chart): Repair broken DB_POOL variable
2022-11-24 20:30:29 +00:00
{{- with (default .Values.podAnnotations .Values.mastodon.web.podAnnotations) }}
{{- toYaml . | nindent 8 }}
{{- end }}
# roll the pods to pick up any db migrations or other changes
{{- include "mastodon.rollingPodAnnotations" . | nindent 8 }}
labels:
{{- include "mastodon.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: web
app.kubernetes.io/part-of: rails
spec:
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "mastodon.serviceAccountName" . }}
Helm: Major refactoring regarding Deployments, Environment variables and more (#20733) * fix(chart): Remove non-functional Horizontal Pod Autoscaler The Horizontal Pod Autoscaler (HPA) refers to a Deployment that doesn't exist and therefore can not work. As a result it's pointless to carry it around in this chart and give the wrong impression it could work. This patch removes it from the helm chart and drops all references to it. * refactor(chart): Refactor sidekiq deployments to scale This patch reworks how the sidekiq deployment is set up, by splitting it into many sidekiq deployments, but at least one, which should allow to scale the number of sidekiq jobs as expected while being friendly to single user instances as well as larger ones. Further it introduces per deployment overwrites for the most relevant pod fields like resources, affinities and processed queues, number of jobs and the sidekiq security contexts. The exact implementation was inspired by an upstream issue: https://github.com/mastodon/mastodon/issues/20453 * fix(chart): Remove linode default values from values This patch drops the linode defaults from the values.yaml since these are not obvious and can cause unexpected connections as well as leaking secrets to linode, when other s3 storage backends are used and don't explicitly configure these options by accident. Mastodon will then try to authenticate to the linode backends and therefore disclose the authentication secrets. * refactor(chart): Rework reduce value reference duplication Since most of the values are simply setup like this: ``` {{- if .Values.someVariable }} SOME_VARIABLE: {{ .Values.someVariable }} {{- end }} ``` There is a lot of duplication in the references in order to full in the variables. There is an equivalent notation, which reduces the usage of the variable name to just once: ``` {{- with .Values.someVariable }} SOME_VARIABLE: {{ . }} {{- end }} ``` What seems like a pointless replacement, will reduce potential mistakes down the line by possibly only adjusting one of the two references. * fix(chart): Switch to new OMNIAUTH_ONLY variable This patch adjusts the helm chart to use the new `OMNIAUTH_ONLY` variable, which replaced the former `OAUTH_REDIRECT_AT_SIGN_IN` variable in the following commit: https://github.com/mastodon/mastodon/pull/17288 https://github.com/mastodon/mastodon/pull/17288/commits/3c8857917ea9b9b3a76adb7afcea5842c8e1c0d1 * fix(chart): Repair connection test to existing service Currently the connect test can't work, since it's connecting to a non-existing service this patch fixes the service name to make the job connect to the mastodon web service to verify the connection. * docs(chart): Adjust values.yaml to support helm-docs This patch updates most values to prepare an introduction of helm-docs. This should help to make the chart more user friendly by explaining the variables and provide a standardised README file, like many other helm charts do. References: https://github.com/norwoodj/helm-docs * refactor(chart): Allow individual overwrites for streaming and web deployment This patch works how the streaming and web deployments work by adding various fields to overwrite values such as affinities, resources, replica count, and security contexts. BREAKING CHANGE: This commit removes `.Values.replicaCount` in favour of `.Values.mastodon.web.replicas` and `.Values.mastodon.streaming.values`. * feat(chart): Add option for authorized fetch Currently the helm chart doesn't support authorized fetch aka. "Secure Mode" this patch fixes that by adding the needed config option to the values file and the configmap. * docs(chart): Improve helm-docs compatiblity This patch adjust a few more comments in the values.yaml to be picked up by helm-docs. This way, future adoption is properly prepared. * fix(chart): Add automatic detection of scheduler sidekiq queue This patch adds an automatic switch to the `Recreate` strategy for the sidekiq Pod in order to prevent accidental concurrency for the scheduler queue. * fix(chart): Repair broken DB_POOL variable
2022-11-24 20:30:29 +00:00
{{- with (default .Values.podSecurityContext .Values.mastodon.web.podSecurityContext) }}
securityContext:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if (not .Values.mastodon.s3.enabled) }}
volumes:
- name: assets
persistentVolumeClaim:
claimName: {{ template "mastodon.fullname" . }}-assets
- name: system
persistentVolumeClaim:
claimName: {{ template "mastodon.fullname" . }}-system
{{- end }}
containers:
Helm: Major refactoring regarding Deployments, Environment variables and more (#20733) * fix(chart): Remove non-functional Horizontal Pod Autoscaler The Horizontal Pod Autoscaler (HPA) refers to a Deployment that doesn't exist and therefore can not work. As a result it's pointless to carry it around in this chart and give the wrong impression it could work. This patch removes it from the helm chart and drops all references to it. * refactor(chart): Refactor sidekiq deployments to scale This patch reworks how the sidekiq deployment is set up, by splitting it into many sidekiq deployments, but at least one, which should allow to scale the number of sidekiq jobs as expected while being friendly to single user instances as well as larger ones. Further it introduces per deployment overwrites for the most relevant pod fields like resources, affinities and processed queues, number of jobs and the sidekiq security contexts. The exact implementation was inspired by an upstream issue: https://github.com/mastodon/mastodon/issues/20453 * fix(chart): Remove linode default values from values This patch drops the linode defaults from the values.yaml since these are not obvious and can cause unexpected connections as well as leaking secrets to linode, when other s3 storage backends are used and don't explicitly configure these options by accident. Mastodon will then try to authenticate to the linode backends and therefore disclose the authentication secrets. * refactor(chart): Rework reduce value reference duplication Since most of the values are simply setup like this: ``` {{- if .Values.someVariable }} SOME_VARIABLE: {{ .Values.someVariable }} {{- end }} ``` There is a lot of duplication in the references in order to full in the variables. There is an equivalent notation, which reduces the usage of the variable name to just once: ``` {{- with .Values.someVariable }} SOME_VARIABLE: {{ . }} {{- end }} ``` What seems like a pointless replacement, will reduce potential mistakes down the line by possibly only adjusting one of the two references. * fix(chart): Switch to new OMNIAUTH_ONLY variable This patch adjusts the helm chart to use the new `OMNIAUTH_ONLY` variable, which replaced the former `OAUTH_REDIRECT_AT_SIGN_IN` variable in the following commit: https://github.com/mastodon/mastodon/pull/17288 https://github.com/mastodon/mastodon/pull/17288/commits/3c8857917ea9b9b3a76adb7afcea5842c8e1c0d1 * fix(chart): Repair connection test to existing service Currently the connect test can't work, since it's connecting to a non-existing service this patch fixes the service name to make the job connect to the mastodon web service to verify the connection. * docs(chart): Adjust values.yaml to support helm-docs This patch updates most values to prepare an introduction of helm-docs. This should help to make the chart more user friendly by explaining the variables and provide a standardised README file, like many other helm charts do. References: https://github.com/norwoodj/helm-docs * refactor(chart): Allow individual overwrites for streaming and web deployment This patch works how the streaming and web deployments work by adding various fields to overwrite values such as affinities, resources, replica count, and security contexts. BREAKING CHANGE: This commit removes `.Values.replicaCount` in favour of `.Values.mastodon.web.replicas` and `.Values.mastodon.streaming.values`. * feat(chart): Add option for authorized fetch Currently the helm chart doesn't support authorized fetch aka. "Secure Mode" this patch fixes that by adding the needed config option to the values file and the configmap. * docs(chart): Improve helm-docs compatiblity This patch adjust a few more comments in the values.yaml to be picked up by helm-docs. This way, future adoption is properly prepared. * fix(chart): Add automatic detection of scheduler sidekiq queue This patch adds an automatic switch to the `Recreate` strategy for the sidekiq Pod in order to prevent accidental concurrency for the scheduler queue. * fix(chart): Repair broken DB_POOL variable
2022-11-24 20:30:29 +00:00
- name: {{ .Chart.Name }}-web
{{- with (default .Values.securityContext .Values.mastodon.web.securityContext) }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
command:
- bundle
- exec
- puma
- -C
- config/puma.rb
envFrom:
- configMapRef:
name: {{ include "mastodon.fullname" . }}-env
- secretRef:
name: {{ template "mastodon.secretName" . }}
env:
- name: "DB_PASS"
valueFrom:
secretKeyRef:
name: {{ template "mastodon.postgresql.secretName" . }}
key: password
- name: "REDIS_PASSWORD"
valueFrom:
secretKeyRef:
name: {{ template "mastodon.redis.secretName" . }}
key: redis-password
- name: "PORT"
value: {{ .Values.mastodon.web.port | quote }}
{{- if (and .Values.mastodon.s3.enabled .Values.mastodon.s3.existingSecret) }}
- name: "AWS_SECRET_ACCESS_KEY"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: AWS_SECRET_ACCESS_KEY
- name: "AWS_ACCESS_KEY_ID"
valueFrom:
secretKeyRef:
name: {{ .Values.mastodon.s3.existingSecret }}
key: AWS_ACCESS_KEY_ID
{{- end }}
{{- if (not .Values.mastodon.s3.enabled) }}
volumeMounts:
- name: assets
mountPath: /opt/mastodon/public/assets
- name: system
mountPath: /opt/mastodon/public/system
{{- end }}
ports:
- name: http
containerPort: {{ .Values.mastodon.web.port }}
protocol: TCP
livenessProbe:
tcpSocket:
port: http
readinessProbe:
httpGet:
path: /health
port: http
startupProbe:
httpGet:
path: /health
port: http
failureThreshold: 30
periodSeconds: 5
Helm: Major refactoring regarding Deployments, Environment variables and more (#20733) * fix(chart): Remove non-functional Horizontal Pod Autoscaler The Horizontal Pod Autoscaler (HPA) refers to a Deployment that doesn't exist and therefore can not work. As a result it's pointless to carry it around in this chart and give the wrong impression it could work. This patch removes it from the helm chart and drops all references to it. * refactor(chart): Refactor sidekiq deployments to scale This patch reworks how the sidekiq deployment is set up, by splitting it into many sidekiq deployments, but at least one, which should allow to scale the number of sidekiq jobs as expected while being friendly to single user instances as well as larger ones. Further it introduces per deployment overwrites for the most relevant pod fields like resources, affinities and processed queues, number of jobs and the sidekiq security contexts. The exact implementation was inspired by an upstream issue: https://github.com/mastodon/mastodon/issues/20453 * fix(chart): Remove linode default values from values This patch drops the linode defaults from the values.yaml since these are not obvious and can cause unexpected connections as well as leaking secrets to linode, when other s3 storage backends are used and don't explicitly configure these options by accident. Mastodon will then try to authenticate to the linode backends and therefore disclose the authentication secrets. * refactor(chart): Rework reduce value reference duplication Since most of the values are simply setup like this: ``` {{- if .Values.someVariable }} SOME_VARIABLE: {{ .Values.someVariable }} {{- end }} ``` There is a lot of duplication in the references in order to full in the variables. There is an equivalent notation, which reduces the usage of the variable name to just once: ``` {{- with .Values.someVariable }} SOME_VARIABLE: {{ . }} {{- end }} ``` What seems like a pointless replacement, will reduce potential mistakes down the line by possibly only adjusting one of the two references. * fix(chart): Switch to new OMNIAUTH_ONLY variable This patch adjusts the helm chart to use the new `OMNIAUTH_ONLY` variable, which replaced the former `OAUTH_REDIRECT_AT_SIGN_IN` variable in the following commit: https://github.com/mastodon/mastodon/pull/17288 https://github.com/mastodon/mastodon/pull/17288/commits/3c8857917ea9b9b3a76adb7afcea5842c8e1c0d1 * fix(chart): Repair connection test to existing service Currently the connect test can't work, since it's connecting to a non-existing service this patch fixes the service name to make the job connect to the mastodon web service to verify the connection. * docs(chart): Adjust values.yaml to support helm-docs This patch updates most values to prepare an introduction of helm-docs. This should help to make the chart more user friendly by explaining the variables and provide a standardised README file, like many other helm charts do. References: https://github.com/norwoodj/helm-docs * refactor(chart): Allow individual overwrites for streaming and web deployment This patch works how the streaming and web deployments work by adding various fields to overwrite values such as affinities, resources, replica count, and security contexts. BREAKING CHANGE: This commit removes `.Values.replicaCount` in favour of `.Values.mastodon.web.replicas` and `.Values.mastodon.streaming.values`. * feat(chart): Add option for authorized fetch Currently the helm chart doesn't support authorized fetch aka. "Secure Mode" this patch fixes that by adding the needed config option to the values file and the configmap. * docs(chart): Improve helm-docs compatiblity This patch adjust a few more comments in the values.yaml to be picked up by helm-docs. This way, future adoption is properly prepared. * fix(chart): Add automatic detection of scheduler sidekiq queue This patch adds an automatic switch to the `Recreate` strategy for the sidekiq Pod in order to prevent accidental concurrency for the scheduler queue. * fix(chart): Repair broken DB_POOL variable
2022-11-24 20:30:29 +00:00
{{- with (default .Values.resources .Values.mastodon.web.resources) }}
resources:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
Helm: Major refactoring regarding Deployments, Environment variables and more (#20733) * fix(chart): Remove non-functional Horizontal Pod Autoscaler The Horizontal Pod Autoscaler (HPA) refers to a Deployment that doesn't exist and therefore can not work. As a result it's pointless to carry it around in this chart and give the wrong impression it could work. This patch removes it from the helm chart and drops all references to it. * refactor(chart): Refactor sidekiq deployments to scale This patch reworks how the sidekiq deployment is set up, by splitting it into many sidekiq deployments, but at least one, which should allow to scale the number of sidekiq jobs as expected while being friendly to single user instances as well as larger ones. Further it introduces per deployment overwrites for the most relevant pod fields like resources, affinities and processed queues, number of jobs and the sidekiq security contexts. The exact implementation was inspired by an upstream issue: https://github.com/mastodon/mastodon/issues/20453 * fix(chart): Remove linode default values from values This patch drops the linode defaults from the values.yaml since these are not obvious and can cause unexpected connections as well as leaking secrets to linode, when other s3 storage backends are used and don't explicitly configure these options by accident. Mastodon will then try to authenticate to the linode backends and therefore disclose the authentication secrets. * refactor(chart): Rework reduce value reference duplication Since most of the values are simply setup like this: ``` {{- if .Values.someVariable }} SOME_VARIABLE: {{ .Values.someVariable }} {{- end }} ``` There is a lot of duplication in the references in order to full in the variables. There is an equivalent notation, which reduces the usage of the variable name to just once: ``` {{- with .Values.someVariable }} SOME_VARIABLE: {{ . }} {{- end }} ``` What seems like a pointless replacement, will reduce potential mistakes down the line by possibly only adjusting one of the two references. * fix(chart): Switch to new OMNIAUTH_ONLY variable This patch adjusts the helm chart to use the new `OMNIAUTH_ONLY` variable, which replaced the former `OAUTH_REDIRECT_AT_SIGN_IN` variable in the following commit: https://github.com/mastodon/mastodon/pull/17288 https://github.com/mastodon/mastodon/pull/17288/commits/3c8857917ea9b9b3a76adb7afcea5842c8e1c0d1 * fix(chart): Repair connection test to existing service Currently the connect test can't work, since it's connecting to a non-existing service this patch fixes the service name to make the job connect to the mastodon web service to verify the connection. * docs(chart): Adjust values.yaml to support helm-docs This patch updates most values to prepare an introduction of helm-docs. This should help to make the chart more user friendly by explaining the variables and provide a standardised README file, like many other helm charts do. References: https://github.com/norwoodj/helm-docs * refactor(chart): Allow individual overwrites for streaming and web deployment This patch works how the streaming and web deployments work by adding various fields to overwrite values such as affinities, resources, replica count, and security contexts. BREAKING CHANGE: This commit removes `.Values.replicaCount` in favour of `.Values.mastodon.web.replicas` and `.Values.mastodon.streaming.values`. * feat(chart): Add option for authorized fetch Currently the helm chart doesn't support authorized fetch aka. "Secure Mode" this patch fixes that by adding the needed config option to the values file and the configmap. * docs(chart): Improve helm-docs compatiblity This patch adjust a few more comments in the values.yaml to be picked up by helm-docs. This way, future adoption is properly prepared. * fix(chart): Add automatic detection of scheduler sidekiq queue This patch adds an automatic switch to the `Recreate` strategy for the sidekiq Pod in order to prevent accidental concurrency for the scheduler queue. * fix(chart): Repair broken DB_POOL variable
2022-11-24 20:30:29 +00:00
{{- with (default .Values.affinity .Values.mastodon.web.affinity) }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}