apiVersion: apps/v1
kind: Deployment
metadata:
  name: app
spec:
  template:
    spec:
      tolerations:
        - key: "public"
          operator: "Equal"
          value: "true"
          effect: "NoSchedule"
      affinity:
        nodeAffinity:
          preferredDuringSchedulingIgnoredDuringExecution:
            - weight: 100
              preference:
                matchExpressions:
                  - key: public
                    operator: In
                    values:
                      - "true"
      containers:
        - image: registry.gitlab.com/comentario/comentario:v3.13.1
          imagePullPolicy: IfNotPresent
          name: comentario
          ports:
            - containerPort: 80
              name: comentario
              protocol: TCP
          envFrom:
            - configMapRef:
                name: comentario-config
          resources:
            limits:
              cpu: 500m
              memory: 200Mi
          livenessProbe:
            httpGet:
              path: /
              port: comentario
          readinessProbe:
            httpGet:
              path: /
              port: comentario
          volumeMounts:
            - name: secrets-volume
              mountPath: /comentario-secrets
      volumes:
        - name: secrets-volume
          secret:
            secretName: comentario-secrets