apiVersion: apps/v1
kind: Deployment
metadata:
  name: sonatype-nexus
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sonatype-nexus
  template:
    metadata:
      labels:
        app: sonatype-nexus
    spec:
      securityContext:
        fsGroup: 200 # Set the fsGroup so that volume directories are writable by the Nexus process
      nodeSelector:
        kubernetes.io/arch: arm64
      containers:
        - name: nexus
          image: sonatype/nexus3
          securityContext:
            runAsUser: 200 # Ensure the container runs as the nexus user
            runAsGroup: 200
          ports:
            - containerPort: 8081
          volumeMounts:
            - name: nexus-vol
              mountPath: /nexus-data
              subPath: sonatype
      volumes:
        - name: nexus-vol
          persistentVolumeClaim:
            claimName: sonatype-nexus-data