apiVersion: apps/v1
kind: Deployment
metadata:
  name:  {{ include "kubevirt-operator.fullname" . }}
  labels:
    {{- include "kubevirt-operator.labels" . | nindent 4 }}
    kubevirt.io: virt-operator
spec:
  replicas: 2
  selector:
    matchLabels:
      {{- include "kubevirt-operator.selectorLabels" . | nindent 6 }}
      kubevirt.io: virt-operator
  strategy:
    type: RollingUpdate
  template:
    metadata:
      annotations:
        scheduler.alpha.kubernetes.io/critical-pod: ""
      labels:
        {{- include "kubevirt-operator.selectorLabels" . | nindent 8 }}
        kubevirt.io: virt-operator
        prometheus.kubevirt.io: ""
    spec:
      {{- with .Values.imagePullSecrets }}
      imagePullSecrets:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      serviceAccountName: {{ include "kubevirt-operator.serviceAccountName" . }}
      containers:
      - name: virt-operator
        image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
        imagePullPolicy: {{ .Values.image.pullPolicy }}
        command:
        - virt-operator
        - --port
        - "8443"
        - -v
        - "2"
        env:
        - name: OPERATOR_IMAGE
          value: {{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}
        - name: WATCH_NAMESPACE
          valueFrom:
            fieldRef:
              fieldPath: metadata.annotations['olm.targetNamespaces']
        ports:
        - containerPort: 8443
          name: metrics
          protocol: TCP
        - containerPort: 8444
          name: webhooks
          protocol: TCP
        readinessProbe:
          httpGet:
            path: /metrics
            port: 8443
            scheme: HTTPS
          initialDelaySeconds: 5
          timeoutSeconds: 10
        resources:
          {{- toYaml .Values.resources | nindent 10 }}
        volumeMounts:
        - mountPath: /etc/virt-operator/certificates
          name: kubevirt-operator-certs
          readOnly: true
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 6 }}
      {{- end }}
      priorityClassName: {{ include "kubevirt-operator.priorityClassName" . }}
      securityContext:
        {{- toYaml .Values.securityContext | nindent 8 }}
      volumes:
      - name: kubevirt-operator-certs
        secret:
          optional: true
          secretName: kubevirt-operator-certs