apiVersion: apps/v1 kind: Deployment metadata: name: opal-server namespace: default labels: app: opal-server spec: replicas: 1 selector: matchLabels: app: opal-server template: metadata: labels: app: opal-server name: opal-server spec: containers: - name: opal-server image: permitio/opal-server:latest ports: - name: http containerPort: 7002 env: - name: OPAL_POLICY_REPO_URL valueFrom: secretKeyRef: name: opal-server-secret key: OPAL_POLICY_REPO_URL - name: OPAL_POLICY_REPO_SSH_KEY valueFrom: secretKeyRef: name: opal-server-secret key: OPAL_POLICY_REPO_SSH_KEY - name: OPAL_POLICY_REPO_WEBHOOK_SECRET valueFrom: secretKeyRef: name: opal-server-secret key: OPAL_POLICY_REPO_WEBHOOK_SECRET - name: OPAL_POLICY_REPO_WEBHOOK_PARAMS value: "{\"secret_header_name\":\"X-Gitlab-Token\",\"secret_type\":\"token\",\"secret_parsing_regex\":\"(.*)\",\"event_header_name\":\"X-Gitlab-Event\",\"push_event_value\":\"Push Hook\"}" - name: OPAL_LOG_FORMAT_INCLUDE_PID value: "true" - name: OPAL_DATA_CONFIG_SOURCES value: "{\"config\":{\"entries\":[]}}" - name: OPAL_POLICY_REPO_MAIN_BRANCH value: "develop"