# services/zot/deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
  name: zot
  namespace: zot
  labels: { app: zot }
spec:
  replicas: 1
  selector:
    matchLabels: { app: zot }
  template:
    metadata:
      labels: { app: zot }
    spec:
      nodeSelector:
        node-role.kubernetes.io/worker: "true"
      containers:
        - name: zot
          image: ghcr.io/project-zot/zot-linux-arm64:latest
          args: ["serve", "/etc/zot/config.json"]
          ports:
            - { name: http, containerPort: 5000 }
          volumeMounts:
            - name: cfg
              mountPath: /etc/zot/config.json
              subPath: config.json
              readOnly: true
            - name: htpasswd
              mountPath: /etc/zot/htpasswd
              subPath: htpasswd
              readOnly: true
            - name: zot-data
              mountPath: /var/lib/registry
          readinessProbe:
            httpGet: { path: /v2/, port: http }
            initialDelaySeconds: 5
            periodSeconds: 10
          livenessProbe:
            httpGet: { path: /v2/, port: http }
            initialDelaySeconds: 15
            periodSeconds: 20
          resources:
            requests: { cpu: "50m", memory: "64Mi" }
      volumes:
        - name: cfg
          configMap:
            name: zot-config
        - name: htpasswd
          secret:
            secretName: zot-htpasswd
        - name: zot-data
          persistentVolumeClaim:
            claimName: zot-data