image: repository: tccr.io/truecharts/docker-in-docker pullPolicy: IfNotPresent tag: v24.0.5@sha256:fae06ffa9abb2907fbc1bec6f62472e3ad834cb412c3142d3afb31435f4a23fb hostNetwork: true securityContext: container: privileged: true readOnlyRootFilesystem: false allowPrivilegeEscalation: true runAsNonRoot: false runAsUser: 0 runAsGroup: 0 fsGroup: 0 service: main: enabled: true type: ClusterIP ports: main: port: 2376 type: HTTPS lifecycle: postStart: exec: command: - /bin/bash - -c - | if [ "${COMPOSE_FILE}" ]; then counter=0; while ! docker info > /dev/null 2>&1 && [[ ${counter} -lt 10 ]]; do echo "docker not running yet. Waiting..." >> /proc/1/fd/1; sleep 5; counter=$((counter+1)); done docker-compose -f "${COMPOSE_FILE}" up -d && echo "Loading COMPOSE_FILE at location ${COMPOSE_FILE}" >> /proc/1/fd/1; else echo "COMPOSE_FILE not set, not auto-loading compose-file" >> /proc/1/fd/1; fi workload: main: podSpec: containers: main: probes: liveness: initialDelaySeconds: 30 type: tcp readiness: initialDelaySeconds: 30 type: tcp startup: initialDelaySeconds: 30 type: tcp env: DOCKER_TLS_CERTDIR: /certs COMPOSE_FILE: "" type: StatefulSet replicas: 1 strategy: RollingUpdate persistence: docker-certs-ca: enabled: true mountPath: /config volumeClaimTemplates: docker-certs-client: enabled: true mountPath: /certs/client docker: enabled: true mountPath: /var/lib/docker portal: open: enabled: false