--- # yaml-language-server: $schema=https://raw.githubusercontent.com/bjw-s/helm-charts/main/charts/other/app-template/schemas/helmrelease-helm-v2.schema.json apiVersion: helm.toolkit.fluxcd.io/v2 kind: HelmRelease metadata: name: &app scrutiny spec: interval: 1h chartRef: kind: OCIRepository name: app-template install: remediation: retries: 3 upgrade: cleanupOnFail: true remediation: strategy: rollback retries: 3 values: defaultPodOptions: automountServiceAccountToken: false controllers: scrutiny: annotations: reloader.stakater.com/auto: "true" containers: app: image: repository: ghcr.io/analogj/scrutiny tag: master-web@sha256:dfded9111313af87cc7e065f2093616179dc19f24bbd445e8391c117d5c771c6 env: TZ: ${TIMEZONE} SCRUTINY_WEB_INFLUXDB_HOST: influx.database.svc.cluster.local envFrom: - secretRef: name: scrutiny-secret resources: requests: cpu: 100m memory: 128Mi limits: memory: 128Mi service: app: controller: *app ports: http: port: &port 8080 route: app: hostnames: ["{{ .Release.Name }}.${SECRET_EXTERNAL_DOMAIN}"] parentRefs: - name: internal namespace: network sectionName: https rules: - backendRefs: - name: *app port: *port probes: liveness: enabled: true custom: true spec: initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 1 failureThreshold: 3 httpGet: path: /api/health port: *port readiness: enabled: true custom: true spec: initialDelaySeconds: 30 periodSeconds: 10 timeoutSeconds: 1 failureThreshold: 3 httpGet: path: /api/health port: *port startup: enabled: true custom: true spec: initialDelaySeconds: 0 timeoutSeconds: 1 periodSeconds: 5 failureThreshold: 30 httpGet: path: /api/health port: *port persistence: config: enabled: true existingClaim: *app globalMounts: - path: /opt/scrutiny/config udev: enabled: true type: hostPath hostPath: /run/udev globalMounts: - path: /run/udev