apiVersion: apps/v1
kind: Deployment
metadata:
  name: semaphore
  namespace: semaphore
spec:
  replicas: 1
  selector:
    matchLabels:
      app: semaphore
  template:
    metadata:
      labels:
        app: semaphore
    spec:
      securityContext:
        fsGroup: 1000
      containers:
        - name: semaphore
          image: semaphoreui/semaphore:latest
          
          command: ["semaphore"]
          args: ["server"]

          env:
            # --- DB ---
            - name: SEMAPHORE_DB_DIALECT
              value: bolt
            - name: SEMAPHORE_DB_PATH
              value: /var/lib/semaphore/semaphore.db

            # --- AUTO CONFIG WITHOUT SETUP ---
            - name: SEMAPHORE_CONFIG_PATH
              value: /tmp/semaphore/config.json

            # --- SERVER ---
            - name: SEMAPHORE_PORT
              value: "3000"
            - name: SEMAPHORE_PLAYBOOK_PATH
              value: /tmp/semaphore/

            # --- AUTO ADMIN ---
            - name: SEMAPHORE_ADMIN
              value: admin
            - name: SEMAPHORE_ADMIN_NAME
              value: Administrator
            - name: SEMAPHORE_ADMIN_EMAIL
              value: admin@local
            - name: SEMAPHORE_ADMIN_PASSWORD
              value: admin123

            # --- SECRET KEY ---
            - name: SEMAPHORE_ACCESS_KEY_ENCRYPTION
              value: mysecretkey

          ports:
            - containerPort: 3000

          volumeMounts:
            - name: semaphore-data
              mountPath: /var/lib/semaphore

      volumes:
        - name: semaphore-data
          persistentVolumeClaim:
            claimName: semaphore-data