{{- if and .Values.gc.enable (or .Values.enableNodeFeatureApi .Values.topologyUpdater.enable) -}} apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "node-feature-discovery.fullname" . }}-gc namespace: {{ include "node-feature-discovery.namespace" . }} labels: {{- include "node-feature-discovery.labels" . | nindent 4 }} role: gc {{- with .Values.gc.deploymentAnnotations }} annotations: {{- toYaml . | nindent 4 }} {{- end }} spec: replicas: {{ .Values.gc.replicaCount | default 1 }} selector: matchLabels: {{- include "node-feature-discovery.selectorLabels" . | nindent 6 }} role: gc template: metadata: labels: {{- include "node-feature-discovery.selectorLabels" . | nindent 8 }} role: gc {{- with .Values.gc.annotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} spec: serviceAccountName: {{ include "node-feature-discovery.gc.serviceAccountName" . }} dnsPolicy: ClusterFirstWithHostNet {{- with .Values.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} securityContext: {{- toYaml .Values.gc.podSecurityContext | nindent 8 }} containers: - name: gc image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}" imagePullPolicy: "{{ .Values.image.pullPolicy }}" env: - name: NODE_NAME valueFrom: fieldRef: fieldPath: spec.nodeName command: - "nfd-gc" args: {{- if .Values.gc.interval | empty | not }} - "-gc-interval={{ .Values.gc.interval }}" {{- end }} resources: {{- toYaml .Values.gc.resources | nindent 12 }} securityContext: allowPrivilegeEscalation: false capabilities: drop: [ "ALL" ] readOnlyRootFilesystem: true runAsNonRoot: true ports: - name: metrics containerPort: {{ .Values.gc.metricsPort | default "8081"}} {{- with .Values.gc.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.gc.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.gc.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- end }}