apiVersion: v1 kind: Namespace metadata: name: firehydrant-system --- apiVersion: v1 kind: Secret metadata: name: firehydrant-keys namespace: firehydrant-system stringData: FIREHYDRANT_API_KEY: [[YOUR_BOT_TOKEN]] --- kind: ConfigMap apiVersion: v1 metadata: name: firehydrant-cm namespace: firehydrant-system data: config.yml: | apiToken: '$FIREHYDRANT_API_KEY' fireHydrantUrl: 'api.firehydrant.io' watch: - namespace: "*" environment: [[YOUR_ENVIRONMENT_NAME]] resources: - resource: deployments.v1.apps updateOn: ["spec", "metadata", "status"] includeDiff: true skipServiceCreate: false - resource: configmaps updateOn: ["data"] includeDiff: true skipServiceCreate: true --- apiVersion: v1 kind: ServiceAccount metadata: name: firehydrant-k8s-changelog-serviceaccount namespace: firehydrant-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: firehydrant-system-clusterrole rules: - apiGroups: - "" - "extensions" - "apps" resources: - configmaps - services - deployments - replicasets - daemonsets - statefulsets verbs: - list - watch - get --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: name: firehydrant-clusterrole-nisa-binding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole name: firehydrant-system-clusterrole subjects: - kind: ServiceAccount name: firehydrant-k8s-changelog-serviceaccount namespace: firehydrant-system --- apiVersion: apps/v1 kind: Deployment metadata: name: firehydrant-k8s-changelog namespace: firehydrant-system labels: app: firehydrant-k8s-changelog app.kubernetes.io/name: firehydrant-k8s-changelog app.kubernetes.io/component: changelog spec: replicas: 1 strategy: type: RollingUpdate selector: matchLabels: app: firehydrant-k8s-changelog template: metadata: labels: app: firehydrant-k8s-changelog spec: serviceAccount: firehydrant-k8s-changelog-serviceaccount containers: - name: changelog image: quay.io/firehydrant/k8s-changelog:v0.0.20 command: - firehydrant-k8s-changelog - watch envFrom: - secretRef: name: firehydrant-keys volumeMounts: - name: config mountPath: /etc/k8s-watcher resources: limits: cpu: 10m memory: 128Mi requests: cpu: 10m memory: 128Mi volumes: - name: config configMap: name: firehydrant-cm