1 # ============LICENSE_START=======================================================
2 # Copyright (C) 2020 AT&T Intellectual Property.
3 # ================================================================================
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
16 # SPDX-License-Identifier: Apache-2.0
17 # ============LICENSE_END=========================================================
22 name: {{ include "common.fullname" . }}
23 namespace: {{ include "common.namespace" . }}
25 app: {{ include "common.name" . }}
26 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
27 release: {{ include "common.release" . }}
28 heritage: {{ .Release.Service }}
32 app: {{ include "common.name" . }}
33 replicas: {{ .Values.replicaCount }}
37 app: {{ include "common.name" . }}
38 release: {{ include "common.release" . }}
45 - {{ include "common.release" . }}-policy-galera-config
51 fieldPath: metadata.namespace
52 image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
53 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
54 name: {{ include "common.name" . }}-readiness
59 - "export SQL_PASSWORD_BASE64=`echo -n ${SQL_PASSWORD} | base64`; cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
61 - name: RESTSERVER_USER
62 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }}
63 - name: RESTSERVER_PASSWORD
64 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }}
66 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "login") | indent 10 }}
68 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "password") | indent 10 }}
70 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
72 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
74 - mountPath: /config-input
77 name: pdpxconfig-processed
78 image: "{{ .Values.global.envsubstImage }}"
79 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
80 name: {{ include "common.name" . }}-update-config
81 {{ include "common.certInitializer.initContainer" . | indent 6 }}
83 - name: {{ include "common.name" . }}
84 image: "{{ include "common.repository" . }}/{{ .Values.image }}"
85 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
86 {{- if .Values.global.aafEnabled }}
87 command: ["bash","-c"]
88 args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\
89 /opt/app/policy/pdpx/bin/policy-pdpx.sh /opt/app/policy/pdpx/etc/mounted/config.json"]
91 command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"]
92 args: ["/opt/app/policy/pdpx/etc/mounted/config.json"]
94 - name: KEYSTORE_PASSWD
95 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
96 - name: TRUSTSTORE_PASSWD
97 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
100 - containerPort: {{ .Values.service.internalPort }}
101 # disable liveness probe when breakpoints set in debugger
102 # so K8s doesn't restart unresponsive container
103 {{- if eq .Values.liveness.enabled true }}
106 port: {{ .Values.service.internalPort }}
107 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
108 periodSeconds: {{ .Values.liveness.periodSeconds }}
112 port: {{ .Values.service.internalPort }}
113 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
114 periodSeconds: {{ .Values.readiness.periodSeconds }}
116 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
117 - mountPath: /etc/localtime
120 - mountPath: /opt/app/policy/pdpx/etc/mounted
121 name: pdpxconfig-processed
125 {{ include "common.resources" . }}
126 {{- if .Values.nodeSelector }}
128 {{ toYaml .Values.nodeSelector | indent 10 }}
130 {{- if .Values.affinity }}
132 {{ toYaml .Values.affinity | indent 10 }}
135 {{ include "common.certInitializer.volumes" . | indent 8 }}
141 name: {{ include "common.fullname" . }}-configmap
143 - name: pdpxconfig-processed
147 - name: "{{ include "common.namespace" . }}-docker-registry-key"