-
asraa authoredSigned-off-by:
Asra Ali <asraa@google.com>asraa authoredSigned-off-by:Asra Ali <asraa@google.com>
rekor.yaml 2.61 KiB
#
# Copyright 2021 The Sigstore Authors.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: Deployment
metadata:
name: rekor-server
labels:
app: rekor-server
spec:
replicas: 3
selector:
matchLabels:
app: rekor-server
template:
metadata:
labels:
app: rekor-server
annotations:
prometheus.io/scrape: "true"
prometheus.io/path: /metrics
prometheus.io/port: "2112"
spec:
containers:
- name: rekor-server
image: ko://github.com/sigstore/rekor/cmd/rekor-server
ports:
- containerPort: 3000
- containerPort: 2112 # metrics
args: [
"serve",
"--trillian_log_server.address=trillian-server",
"--trillian_log_server.port=8090",
"--rekor_server.address=0.0.0.0",
"--redis_server.address=10.234.175.59",
"--redis_server.port=6379",
"--trillian_log_server.tlog_id=3904496407287907110",
"--log_type=prod",
"--rekor_server.signer=$(KMS)",
"--enable_attestation_storage=$(ENABLE_ATTESTATION_STORAGE)",
"--attestation_storage_bucket=$(ATTESTATION_BUCKET)",
"--rekor_server.timestamp_chain=$(TIMESTAMP_CHAIN)"
]
env:
- name: KMS
valueFrom:
configMapKeyRef:
name: rekor-config
key: kms
- name: ENABLE_ATTESTATION_STORAGE
valueFrom:
configMapKeyRef:
name: rekor-config
key: enable_attestation_storage
- name: ATTESTATION_BUCKET
valueFrom:
configMapKeyRef:
name: rekor-config