--- # yaml-language-server: $schema=https://kubernetes-schemas.pages.dev/helm.toolkit.fluxcd.io/helmrelease_v2beta2.json apiVersion: helm.toolkit.fluxcd.io/v2beta2 kind: HelmRelease metadata: name: &app kromgo spec: interval: 30m chart: spec: chart: app-template version: 2.5.0 sourceRef: kind: HelmRepository name: bjw-s namespace: flux-system install: remediation: retries: 3 upgrade: cleanupOnFail: true remediation: retries: 3 uninstall: keepHistory: false values: controllers: main: replicas: 2 strategy: RollingUpdate annotations: reloader.stakater.com/auto: "true" containers: main: image: repository: ghcr.io/kashalls/kromgo tag: 0.2.4@sha256:2c1076986904babdcfed38ffcf848e7609f3e108ee350a46ce8ed201407a8b81 env: PROMETHEUS_URL: http://thanos-query-frontend.observability.svc.cluster.local:9090 PORT: &port 8080 securityContext: allowPrivilegeEscalation: false readOnlyRootFilesystem: true capabilities: { drop: ["ALL"] } resources: requests: cpu: 10m limits: memory: 64Mi pod: securityContext: runAsUser: 568 runAsGroup: 568 runAsNonRoot: true topologySpreadConstraints: - maxSkew: 1 topologyKey: kubernetes.io/hostname whenUnsatisfiable: DoNotSchedule labelSelector: matchLabels: app.kubernetes.io/name: *app service: main: ports: http: port: *port ingress: main: enabled: true className: nginx annotations: external-dns.alpha.kubernetes.io/enabled: "true" external-dns.alpha.kubernetes.io/target: services.${SECRET_DOMAIN}. hajimari.io/icon: mdi:monitor-eye hosts: - host: &host "{{ .Release.Name }}.${SECRET_CLUSTER_DOMAIN}" paths: - path: / service: name: main port: http tls: - hosts: - *host persistence: config-file: type: configMap name: kromgo-configmap globalMounts: - path: /kromgo/config.yaml subPath: config.yaml readOnly: true