4 name: {{ include "common.fullname" . }}
5 namespace: {{ include "common.namespace" . }}
7 app: {{ include "common.name" . }}
8 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
9 release: {{ include "common.release" . }}
10 heritage: {{ .Release.Service }}
14 app: {{ include "common.name" . }}
15 replicas: {{ .Values.replicaCount }}
19 app: {{ include "common.name" . }}
20 release: {{ include "common.release" . }}
27 - {{ include "common.release" . }}-policy-galera-config
33 fieldPath: metadata.namespace
34 image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
35 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
36 name: {{ include "common.name" . }}-readiness
41 - "export SQL_PASSWORD_BASE64=`echo -n ${SQL_PASSWORD} | base64`; cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
44 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12 }}
46 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 12 }}
47 - name: RESTSERVER_USER
48 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 12 }}
49 - name: RESTSERVER_PASSWORD
50 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 12 }}
52 - mountPath: /config-input
55 name: apiconfig-processed
56 image: "{{ .Values.global.envsubstImage }}"
57 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
58 name: {{ include "common.name" . }}-update-config
59 {{ include "common.certInitializer.initContainer" . | indent 8 }}
61 - name: {{ include "common.name" . }}
62 image: "{{ include "common.repository" . }}/{{ .Values.image }}"
63 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
64 {{- if .Values.global.aafEnabled }}
65 command: ["bash","-c"]
66 args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\
67 /opt/app/policy/api/bin/policy-api.sh /opt/app/policy/api/etc/mounted/config.json"]
69 command: ["/opt/app/policy/api/bin/policy-api.sh"]
70 args: ["/opt/app/policy/api/etc/mounted/config.json"]
72 - name: KEYSTORE_PASSWD
73 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
74 - name: TRUSTSTORE_PASSWD
75 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
78 - containerPort: {{ .Values.service.internalPort }}
79 # disable liveness probe when breakpoints set in debugger
80 # so K8s doesn't restart unresponsive container
81 {{- if eq .Values.liveness.enabled true }}
84 port: {{ .Values.service.internalPort }}
85 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
86 periodSeconds: {{ .Values.liveness.periodSeconds }}
90 port: {{ .Values.service.internalPort }}
91 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
92 periodSeconds: {{ .Values.readiness.periodSeconds }}
94 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
95 - mountPath: /etc/localtime
98 - mountPath: /opt/app/policy/api/etc/mounted
99 name: apiconfig-processed
101 {{ include "common.resources" . }}
102 {{- if .Values.nodeSelector }}
104 {{ toYaml .Values.nodeSelector | indent 10 }}
106 {{- if .Values.affinity }}
108 {{ toYaml .Values.affinity | indent 10 }}
111 {{ include "common.certInitializer.volumes" . | indent 8 }}
117 name: {{ include "common.fullname" . }}-configmap
119 - name: apiconfig-processed
123 - name: "{{ include "common.namespace" . }}-docker-registry-key"