# ==============================
# Ory Kratos Deployment + Service
# ==============================
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: kratos
spec:
  selector:
    matchLabels:
      app: kratos
  template:
    metadata:
      labels:
        app: kratos
    spec:
      volumes:
        - name: kratos-config
          configMap:
            name: kratos-config
      initContainers:
        - name: kratos-migrate
          image: shadowlegend/ory-kratos@sha256:1e2a07fa1406c90eb2a16df5da509d163db394262c1a91baf73cc32009dcccd6
          env:
            - name: DSN
              valueFrom:
                secretKeyRef:
                  name: postgres-kratos-app
                  key: uri
          command:
            - sh
            - -c
            - kratos migrate sql -e --yes
      containers:
        - name: kratos
          image: shadowlegend/ory-kratos@sha256:1e2a07fa1406c90eb2a16df5da509d163db394262c1a91baf73cc32009dcccd6
          env:
            - name: DSN
              valueFrom:
                secretKeyRef:
                  name: postgres-kratos-app
                  key: uri
            - name: KRATOS_LOG_LEVEL
              value: "info"
          command:
            - kratos
            - serve
            - --watch-courier
            - --config
            - /etc/config/kratos.yml
          resources:
            limits:
              memory: "128Mi"
              cpu: "500m"
            requests:
              memory: 64Mi
              cpu: 20m
          ports:
            - containerPort: 4433
            - containerPort: 4434
          volumeMounts:
            - name: kratos-config
              mountPath: /etc/config

---
apiVersion: v1
kind: Service
metadata:
  name: kratos
spec:
  selector:
    app: kratos
  ports:
    - name: public
      port: 4433
      targetPort: 4433
    - name: admin
      port: 4434
      targetPort: 4434