2 ################################################################################
3 # Copyright (c) 2020 Nordix Foundation. #
4 # Copyright © 2020 Samsung Electronics, Modifications #
6 # Licensed under the Apache License, Version 2.0 (the "License"); #
7 # you may not use this file except in compliance with the License. #
8 # You may obtain a copy of the License at #
10 # http://www.apache.org/licenses/LICENSE-2.0 #
12 # Unless required by applicable law or agreed to in writing, software #
13 # distributed under the License is distributed on an "AS IS" BASIS, #
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
15 # See the License for the specific language governing permissions and #
16 # limitations under the License. #
17 ################################################################################
22 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
24 serviceName: {{ include "common.servicename" . }}
25 replicas: {{ index .Values.replicaCount }}
26 selector: {{- include "common.selectors" . | nindent 4 }}
29 labels: {{- include "common.labels" . | nindent 8 }}
32 - name: "{{ include "common.namespace" . }}-docker-registry-key"
33 initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
34 - name: {{ include "common.name" . }}-bootstrap-config
35 image: {{ include "repositoryGenerator.image.envsubst" . }}
36 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
42 {{- if (include "common.needTLS" .) }}
43 export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop\
49 envsubst <${PFILE} >/config/${PFILE}
50 chmod o+w /config/${PFILE}
52 cat /config/application.yaml
54 - name: A1CONTROLLER_USER
55 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }}
56 - name: A1CONTROLLER_PASSWORD
57 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "password") | indent 10 }}
58 volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
59 - mountPath: /config-input
60 name: {{ include "common.fullname" . }}-policy-conf-input
64 - name: {{ include "common.name" . }}-update-config
65 image: {{ include "repositoryGenerator.image.envsubst" . }}
66 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
68 runAsGroup: {{ .Values.groupID }}
69 runAsUser: {{ .Values.userID }}
74 - /tmp/scripts/daemon.sh
76 - name: A1CONTROLLER_USER
77 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }}
78 - name: A1CONTROLLER_PASSWORD
79 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "password") | indent 10 }}
81 - mountPath: /tmp/scripts
82 name: {{ include "common.fullname" . }}-envsubst-scripts
83 - mountPath: /config-input
84 name: {{ include "common.fullname" . }}-policy-conf-input
87 - name: {{ include "common.name" . }}
88 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
89 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
90 ports: {{ include "common.containerPorts" . | nindent 10 }}
93 port: {{ .Values.readiness.port }}
94 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
95 periodSeconds: {{ .Values.liveness.periodSeconds }}
99 port: {{ .Values.liveness.port }}
100 scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
101 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
102 periodSeconds: {{ .Values.liveness.periodSeconds }}
103 volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
105 mountPath: /opt/app/policy-agent/data/application_configuration.json
106 subPath: application_configuration.json
108 mountPath: /opt/app/policy-agent/config/application.yaml
109 subPath: application.yaml
110 - name: {{ include "common.fullname" . }}
111 mountPath: "/var/policy-management-service/database"
112 resources: {{ include "common.resources" . | nindent 10 }}
113 serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
114 volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
115 - name: {{ include "common.fullname" . }}-policy-conf-input
117 name: {{ include "common.fullname" . }}-policy-conf
118 - name: {{ include "common.fullname" . }}-envsubst-scripts
120 name: {{ include "common.fullname" . }}-envsubst-scripts
125 {{- if not .Values.persistence.enabled }}
126 - name: {{ include "common.fullname" . }}
129 volumeClaimTemplates:
130 - {{include "common.PVCTemplate" . | indent 6 | trim }}