2 # ============LICENSE_START=======================================================
3 # Copyright (C) 2020 AT&T Intellectual Property.
4 # ================================================================================
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 # SPDX-License-Identifier: Apache-2.0
18 # ============LICENSE_END=========================================================
24 name: {{ include "common.fullname" . }}
25 namespace: {{ include "common.namespace" . }}
27 app: {{ include "common.name" . }}
28 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
29 release: {{ include "common.release" . }}
30 heritage: {{ .Release.Service }}
34 app: {{ include "common.name" . }}
35 replicas: {{ .Values.replicaCount }}
39 app: {{ include "common.name" . }}
40 release: {{ include "common.release" . }}
47 - {{ include "common.release" . }}-policy-galera-config
53 fieldPath: metadata.namespace
54 image: {{ include "repositoryGenerator.image.readiness" . }}
55 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
56 name: {{ include "common.name" . }}-readiness
61 - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
63 - name: RESTSERVER_USER
64 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }}
65 - name: RESTSERVER_PASSWORD
66 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }}
68 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "login") | indent 10 }}
70 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "password") | indent 10 }}
72 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
74 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
76 - mountPath: /config-input
79 name: pdpxconfig-processed
80 image: {{ include "repositoryGenerator.image.envsubst" . }}
81 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
82 name: {{ include "common.name" . }}-update-config
83 {{ include "common.certInitializer.initContainer" . | indent 6 }}
85 - name: {{ include "common.name" . }}
86 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
87 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
88 {{- if .Values.global.aafEnabled }}
89 command: ["bash","-c"]
90 args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\
91 /opt/app/policy/pdpx/bin/policy-pdpx.sh /opt/app/policy/pdpx/etc/mounted/config.json"]
93 command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"]
94 args: ["/opt/app/policy/pdpx/etc/mounted/config.json"]
96 - name: KEYSTORE_PASSWD
97 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
98 - name: TRUSTSTORE_PASSWD
99 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
102 - containerPort: {{ .Values.service.internalPort }}
103 # disable liveness probe when breakpoints set in debugger
104 # so K8s doesn't restart unresponsive container
105 {{- if eq .Values.liveness.enabled true }}
108 port: {{ .Values.service.internalPort }}
109 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
110 periodSeconds: {{ .Values.liveness.periodSeconds }}
114 port: {{ .Values.service.internalPort }}
115 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
116 periodSeconds: {{ .Values.readiness.periodSeconds }}
118 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
119 - mountPath: /etc/localtime
122 - mountPath: /opt/app/policy/pdpx/etc/mounted
123 name: pdpxconfig-processed
125 {{ include "common.resources" . }}
126 {{- if .Values.nodeSelector }}
128 {{ toYaml .Values.nodeSelector | indent 10 }}
130 {{- if .Values.affinity }}
132 {{ toYaml .Values.affinity | indent 10 }}
135 {{ include "common.certInitializer.volumes" . | indent 8 }}
141 name: {{ include "common.fullname" . }}-configmap
143 - name: pdpxconfig-processed
147 - name: "{{ include "common.namespace" . }}-docker-registry-key"