apiVersion: apps/v1
kind: Deployment
metadata:
  name: postgresql
spec:
  selector:
    matchLabels:
      app: postgresql
  strategy:
    type: Recreate
  template:
    metadata:
      labels:
        app: postgresql
    spec:
      containers:
        - image: postgres
          name: postgresql
          env:
            - name: POSTGRES_USER_FILE
              value: /var/run/secrets/postgres-secrets/postgres-user
            - name: POSTGRES_DB_FILE
              value: /var/run/secrets/postgres-secrets/postgres-db
            - name: POSTGRES_PASSWORD_FILE
              value: /var/run/secrets/postgres-secrets/postgres-password
          ports:
            - containerPort: 5432
              name: postgresql
          cmd:
          volumeMounts:
            - name: postgresql
              mountPath: /var/lib/postgresql/data
            - name: postgres-secret-volume
              mountPath: /var/run/secrets/postgres-secrets
              readOnly: true
            - name: postgres-config-volume
              mountPath: /etc/postgresql/postgresql.conf
              subPath: postgresql.conf
              readOnly: true
      volumes:
        - name: postgresql
          persistentVolumeClaim:
            claimName: postgres-claim
        - name: postgres-secret-volume
          secret:
            secretName: postgres-secret
        - name: postgres-config-volume
          configMap:
            name: postgres-config