PSA/helm/templates/hocuspocus/deployment.yaml

{{- $hp := .Values.hocuspocus }}
{{- if and (not (include "sebastian.hostedEnvEnabled" .)) (or (not (hasKey $hp "enabled")) $hp.enabled) }}
{{- $ns := include "sebastian.namespace" . -}}
{{- $existing := (lookup "apps/v1" "Deployment" $ns "hocuspocus") -}}
{{- $annotations := dict -}}
{{- if and $existing $existing.metadata $existing.metadata.annotations -}}
{{- $annotations = $existing.metadata.annotations -}}
{{- end -}}
{{- $owned := and $existing (eq (get $annotations "meta.helm.sh/release-name") .Release.Name) -}}
{{- if or (not $existing) $owned }}
apiVersion: apps/v1
kind: Deployment
metadata:
  name: hocuspocus
  namespace: {{ include "sebastian.namespace" . }}
  labels:
    {{- include "sebastian.labels" . | nindent 4 }}
  annotations:
    "helm.sh/resource-policy": keep
spec:
  replicas: {{ .Values.hocuspocus.replicaCount }}
  selector:
    matchLabels:
      app: hocuspocus
  template:
    metadata:
      labels:
        app: hocuspocus
        {{- if .Values.devEnv.enabled }}
        alga.dev/environment: "true"
        {{- end }}
    spec:
      securityContext:
        {{- toYaml .Values.podSecurityContext | nindent 8 }}
      {{- if .Values.hocuspocus.image.is_private }}
      imagePullSecrets:
        - name: "{{ .Values.hocuspocus.image.credentials }}"
      {{- end }}
      initContainers:
        - name: wait-for-redis
          image: redis:latest
          command: ['sh', '-c', 'until redis-cli -h $REDIS_HOST -p $REDIS_PORT -a $REDIS_PASSWORD ping; do echo waiting for redis; sleep 2; done;']
          env:
          {{- if .Values.redis.enabled }}
            - name: REDIS_HOST
              value: "redis.{{ include "sebastian.namespace" . }}.svc.cluster.local"
            - name: REDIS_PORT
              value: "6379"
            - name: REDIS_DB
              value: "1"
            - name: REDIS_USERNAME
              value: "default"
            - name: REDIS_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: redis-credentials
                  key: REDIS_PASSWORD
            {{- else }}
            - name: REDIS_HOST
              value: "{{ .Values.config.redis.host }}.{{ include "sebastian.namespace" . }}.svc.cluster.local"
            - name: REDIS_PORT
              value: "{{ .Values.config.redis.port }}"
            - name: REDIS_DB
              value: "{{ .Values.config.redis.db }}"
            - name: REDIS_USERNAME
              value: "default"
            - name: REDIS_PASSWORD
              {{- if .Values.config.redis.passwordSecret }}
              valueFrom:
                secretKeyRef:
                  name: {{ .Values.config.redis.passwordSecret.name }}
                  key: {{ .Values.config.redis.passwordSecret.key }}
              {{- else }}
              value: "{{ .Values.config.redis.password }}"
              {{- end }}
            {{- end }}
      containers:
        - name: {{ .Chart.Name }}
          securityContext:
            {{- toYaml .Values.securityContext | nindent 12 }}
          image: "{{ .Values.hocuspocus.image.name }}:{{ .Values.hocuspocus.image.tag }}"
          imagePullPolicy: {{ .Values.hocuspocus.pullPolicy }}
          env:
          {{- if .Values.redis.enabled }}
          - name: REDIS_HOST
            value: "redis.{{ include "sebastian.namespace" . }}.svc.cluster.local"
          - name: REDIS_PORT
            value: "6379"
          - name: REDIS_DB
            value: "1"
          - name: REDIS_USERNAME
            value: "default"
          - name: REDIS_PASSWORD
            valueFrom:
              secretKeyRef:
                name: redis-credentials
                key: REDIS_PASSWORD
          {{- else }}
          - name: REDIS_HOST
            value: "{{ .Values.config.redis.host }}.{{ include "sebastian.namespace" . }}.svc.cluster.local"
          - name: REDIS_PORT
            value: "{{ .Values.config.redis.port }}"
          - name: REDIS_DB
            value: "{{ .Values.config.redis.db }}"
          - name: REDIS_USERNAME
            value: "default"
          - name: REDIS_PASSWORD
            {{- if .Values.config.redis.passwordSecret }}
            valueFrom:
              secretKeyRef:
                name: {{ .Values.config.redis.passwordSecret.name }}
                key: {{ .Values.config.redis.passwordSecret.key }}
            {{- else }}
            value: "{{ .Values.config.redis.password }}"
            {{- end }}
          {{- end }}
          {{- if .Values.db.enabled }}
          - name: DB_HOST
            value: "db.{{ include "sebastian.namespace" . }}.svc.cluster.local"
          - name: DB_USER_HOCUSPOCUS
            value: "hocuspocus_user"
          - name: DB_PORT
            value: "5432"
          - name: DB_NAME_HOCUSPOCUS
            value: "hocuspocus"
          - name: DB_PASSWORD_HOCUSPOCUS
            valueFrom:
              secretKeyRef:
                name: db-credentials
                key: DB_PASSWORD_HOCUSPOCUS
          {{- else }}
          - name: DB_HOST
            value: "{{ .Values.config.db.host }}"
          - name: DB_USER_HOCUSPOCUS
            value: "{{ .Values.config.db.hocuspocus_user | default "hocuspocus_user" }}"
          - name: DB_PORT
            value: "{{ .Values.config.db.port }}"
          - name: DB_NAME_HOCUSPOCUS
            value: "{{ .Values.config.db.hocuspocus_database }}"
          - name: DB_PASSWORD_HOCUSPOCUS
            {{- if .Values.config.db.hocuspocus_password_secret }}
            valueFrom:
              secretKeyRef:
                name: {{ .Values.config.db.hocuspocus_password_secret.name }}
                key: {{ .Values.config.db.hocuspocus_password_secret.key }}
            {{- else }}
            value: "{{ .Values.config.db.password }}"
            {{- end }}
          {{- end }}
          # ----------- AI Document Assist ----------------
          - name: AI_DOCUMENT_API_URL
            value: "https://{{ .Values.host }}/api/v1/ai/document-assist"
          - name: AI_DOCUMENT_API_KEY
            valueFrom:
              secretKeyRef:
                name: "{{include "sebastian.fullname" .}}-secrets"
                key: AI_DOCUMENT_API_KEY
          # ----------- Collaborative Doc Persistence ----------------
          - name: COLLAB_PERSIST_API_URL
            value: "https://{{ .Values.host }}/api/internal/collab/persist"
          - name: COLLAB_PERSIST_API_KEY
            valueFrom:
              secretKeyRef:
                name: "{{include "sebastian.fullname" .}}-secrets"
                key: COLLAB_PERSIST_API_KEY
          # ----------- HOCUSPOCUS JWT ----------------
          - name: HOCUSPOCUS_JWT_SECRET
            valueFrom:
              secretKeyRef:
                name: "{{include "sebastian.fullname" .}}-secrets"
                key: HOCUSPOCUS_JWT_SECRET
          ports:
            - name: http
              containerPort: {{ .Values.hocuspocus.service.port }}
              protocol: TCP
          resources:
            {{- toYaml .Values.resources | nindent 12 }}
      {{- if .Values.devEnv.enabled }}
      {{- with .Values.devEnv.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- else }}
      {{- with .Values.nodeSelector }}
      nodeSelector:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- with .Values.affinity }}
      affinity:
        {{- toYaml . | nindent 8 }}
      {{- end }}
      {{- end }}
      {{- with .Values.tolerations }}
      tolerations:
        {{- toYaml . | nindent 8 }}
      {{- end }}
{{- end }}
{{- end }}