apiVersion: v1
kind: Namespace
metadata:
  name: tptest
  labels:
    name: tptest
---
apiVersion: v1
kind: Service
metadata:
  name: trustedprofile-test
  namespace: tptest
spec:
  ports:
  - port: 8080
    targetPort: 8080
    protocol: TCP
  type: ClusterIP
  selector:
    app: tptest
---
apiVersion: apps/v1
kind: Deployment
metadata:
  name: trustedprofile-test-deployment
  namespace: tptest
spec:
  selector:
    matchLabels:
      app: tptest
  replicas: 1
  template:
    metadata:
      labels:
        app: tptest
    spec:
      containers:
      - name: tptest-container
        image: icr.io/solution-tutorials/tutorial-trusted-profile-enterprise-security:v1.0.3
        imagePullPolicy: Always
        ports:
        - containerPort: 8080
        volumeMounts:
        - mountPath: /var/run/secrets/tokens
          name: sa-token
      serviceAccountName: default
      volumes:
      - name: sa-token
        projected:
          sources:
          - serviceAccountToken:
              path: sa-token
              expirationSeconds: 3600
              audience: iam