apiVersion: apps/v1
kind: Deployment
metadata:
  annotations:
    deployment.kubernetes.io/revision: "5"
  creationTimestamp: "2026-04-17T14:37:38Z"
  generation: 9
  name: phpipam-web
  namespace: phpipam
  resourceVersion: "13888239"
  uid: fd050c22-8ed7-4c0b-bf9f-7f199e48ae22
spec:
  progressDeadlineSeconds: 600
  replicas: 1
  revisionHistoryLimit: 10
  selector:
    matchLabels:
      app: phpipam-web
  strategy:
    rollingUpdate:
      maxSurge: 25%
      maxUnavailable: 25%
    type: RollingUpdate
  template:
    metadata:
      labels:
        app: phpipam-web
    spec:
      containers:
      - image: gitea.lab.cudanet.org/cudanet/phpipam/nginx:latest
        imagePullPolicy: Always
        name: nginx
        resources: {}
        securityContext:
          runAsUser: 1001
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /var/www/html
          name: phpipam-code
        - mountPath: /etc/nginx/nginx.conf
          name: nginx-config
          subPath: nginx.conf
        - mountPath: /etc/nginx/conf.d/phpipam.conf
          name: nginx-config
          subPath: phpipam.conf
        - mountPath: /var/cache/nginx
          name: ephemeral-storage
        - mountPath: /tmp
          name: ephemeral-storage
      dnsPolicy: ClusterFirst
      initContainers:
      - command:
        - /bin/sh
        - -c
        - |
          set -ex
          echo "Wiping existing locked files to reset CephFS ownership..."
          # Deleting the old files is the only way to bypass 'Operation not permitted'
          rm -rf /dst/* /dst/.* 2>/dev/null || true

          echo "Copying fresh source code..."
          cp -rf /var/www/html/. /dst/

          # We skip chown entirely because it triggers the CephFS error.
          # New files created by UID 1001 are already owned by UID 1001.
        image: gitea.lab.cudanet.org/cudanet/phpipam/php-fpm:latest
        imagePullPolicy: Always
        name: install-code
        resources: {}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
        - mountPath: /dst
          name: phpipam-code
      restartPolicy: Always
      schedulerName: default-scheduler
      securityContext:
        fsGroup: 0
        runAsUser: 1001
      serviceAccount: phpipam
      serviceAccountName: phpipam
      terminationGracePeriodSeconds: 30
      volumes:
      - name: phpipam-code
        persistentVolumeClaim:
          claimName: phpipam-code-pvc
      - configMap:
          defaultMode: 420
          name: nginx-conf
        name: nginx-config
      - emptyDir: {}
        name: ephemeral-storage
status:
  availableReplicas: 1
  conditions:
  - lastTransitionTime: "2026-04-17T16:18:27Z"
    lastUpdateTime: "2026-04-17T16:18:27Z"
    message: Deployment has minimum availability.
    reason: MinimumReplicasAvailable
    status: "True"
    type: Available
  - lastTransitionTime: "2026-04-17T14:37:38Z"
    lastUpdateTime: "2026-04-17T16:18:27Z"
    message: ReplicaSet "phpipam-web-59cbb776f5" has successfully progressed.
    reason: NewReplicaSetAvailable
    status: "True"
    type: Progressing
  observedGeneration: 9
  readyReplicas: 1
  replicas: 1
  updatedReplicas: 1