#@ load("@ytt:data", "data")

---
apiVersion: v1
kind: Namespace
metadata:
  name: #@ data.values.namespace
  labels:
    name: #@ data.values.namespace
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: #@ data.values.app_name + "-service-account"
  namespace: #@ data.values.namespace
---
apiVersion: v1
kind: ConfigMap
metadata:
  name: #@ data.values.app_name + "-config"
  namespace: #@ data.values.namespace
  labels:
    app: #@ data.values.app_name
data:
  #@yaml/text-templated-strings
  placeholder-name.yaml: |
    webhook:
      url: (@= data.values.webhook_url @)
      caBundle: (@= data.values.webhook_ca_bundle @)
---
#! TODO set up healthy, ready, etc. probes correctly for our deployment
#! TODO set the priority-critical-urgent on our deployment to ask kube to never let it die
#! TODO set resource minimums (e.g. 512MB RAM) on the deployment to make sure we get scheduled onto a reasonable node
apiVersion: apps/v1
kind: Deployment
metadata:
  name: #@ data.values.app_name + "-deployment"
  namespace: #@ data.values.namespace
  labels:
    app: #@ data.values.app_name
spec:
  replicas: 1 #! TODO more than one replica for high availability, and share the same serving certificate among them (maybe using client-go leader election)
  selector:
    matchLabels:
      app: #@ data.values.app_name
  template:
    metadata:
      labels:
        app: #@ data.values.app_name
    spec:
      serviceAccountName: #@ data.values.app_name + "-service-account"
      containers:
        - name: placeholder-name
          #@ if data.values.image_digest:
          image:  #@ data.values.image_repo + "@" + data.values.image_digest
          #@ else:
          image: #@ data.values.image_repo + ":" + data.values.image_tag
          #@ end
          imagePullPolicy: IfNotPresent
          command:
            - ./placeholder-name
          args:
            - --config=/etc/config/placeholder-name.yaml
            - --downward-api-path=/etc/podinfo
          volumeMounts:
            - name: config-volume
              mountPath: /etc/config
            - name: podinfo
              mountPath: /etc/podinfo
      volumes:
        - name: config-volume
          configMap:
            name: #@ data.values.app_name + "-config"
        - name: podinfo
          downwardAPI:
            items:
              - path: "labels"
                fieldRef:
                  fieldPath: metadata.labels
              - path: "namespace"
                fieldRef:
                  fieldPath: metadata.namespace