Merge "[Tree-wide] Make chart build process predictible"

[oom.git] / kubernetes / dmaap / components / dmaap-bc / templates / deployment.yaml

diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
index 3e08185..a957ace 100644 (file)
--- a/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/deployment.yaml
@@ -23,6 +23,25 @@ spec:
     spec:
 {{- if or .Values.global.aafEnabled .Values.PG.enabled }}
       initContainers:
+      - command:
+        - sh
+        args:
+        - -c
+        - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; done"
+        env:
+        - name: PG_USER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "login") | indent 10 }}
+        - name: PG_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pg-user-creds" "key" "password") | indent 10 }}
+        volumeMounts:
+        - mountPath: /config-input
+          name: {{ include "common.name" . }}-config-input
+        - mountPath: /config
+          name: {{ include "common.name" . }}-config
+        image: "{{ .Values.global.envsubstImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-update-config
+
 {{- if .Values.global.aafEnabled }}
       - name: {{ include "common.name" . }}-aaf-readiness
         command:
@@ -48,7 +67,7 @@ spec:
         command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"]
         volumeMounts:
         - mountPath: {{ .Values.persistence.aafCredsPath }}
-          name: {{ include "common.name" . }}-aaf-config
+          name: {{ include "common.name" . }}-aaf-config-vol
         env:
         - name: APP_FQI
           value: "{{ .Values.aafConfig.fqi }}"
@@ -75,6 +94,26 @@ spec:
           value: "{{ .Values.aafConfig.cadiLongitude }}"
         - name: cadi_latitude
           value: "{{ .Values.aafConfig.cadiLatitude }}"
+      - name: {{ include "common.name" . }}-permission-fixer
+        image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+        - mountPath: {{ .Values.persistence.aafCredsPath }}
+          name: {{ include "common.name" . }}-aaf-config-vol
+        command: ["chown","-Rf","1000:1001", "/opt/app/"]
+#       See AAF-425 for explanation of why this is needed.
+#       This artifact is provisioned in AAF for both pks12 and jks format and apparently
+#       the cadi library is not using the jks password on the jks keystore.
+#       So, this attempts to "fix" the credential property file until this is fixed properly.
+      - name: {{ include "common.name" . }}-cred-fixer
+        image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+        - mountPath: {{ .Values.persistence.aafCredsPath }}
+          name: {{ include "common.name" . }}-aaf-config-vol
+        command: ["/bin/sh"]
+        args: [ "-c", "sed -i -e '/cadi_keystore_password=/d' -e '/cadi_keystore_password_jks/p' -e 's/cadi_keystore_password_jks/cadi_keystore_password/' -e 's/dmaap-bc.p12/dmaap-bc.jks/' /opt/app/osaaf/local/org.onap.dmaap-bc.cred.props" ]
+
 {{- end }}
 {{- if .Values.PG.enabled }}
       - name: {{ include "common.name" . }}-postgres-readiness
@@ -95,7 +134,7 @@ spec:
 {{- end }}
       containers:
         - name: {{ include "common.name" . }}
-          image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+          image: "{{ .Values.repository }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           ports: {{ include "common.containerPorts" . | nindent 10  }}
           {{ if eq .Values.liveness.enabled true -}}
@@ -118,13 +157,12 @@ spec:
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
+          - mountPath: {{ .Values.persistence.aafCredsPath }}
+            name: {{ include "common.name" . }}-aaf-config-vol
 # NOTE: on the following several configMaps, careful to include / at end
 #       since there may be more than one file in each mountPath
           - name: {{ include "common.name" . }}-config
             mountPath: /opt/app/config/conf/
-          - name: {{ include "common.name" . }}-aaf-config
-            mountPath: /opt/app/dmaapbc/etc/org.onap.dmaap-bc.props
-            subPath: org.onap.dmaap-bc.props
           resources: {{ include "common.resources" . | nindent 12 }}
         {{- if .Values.nodeSelector }}
         nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
@@ -136,11 +174,13 @@ spec:
         - name: localtime
           hostPath:
             path: /etc/localtime
-        - name: {{ include "common.name" . }}-config
+        - name: {{ include "common.name" . }}-config-input
           configMap:
             name: {{ include "common.fullname" . }}-config
-        - name: {{ include "common.name" . }}-aaf-config
-          configMap:
-            name: {{ include "common.fullname" . }}-aaf-config
+        - name: {{ include "common.name" . }}-aaf-config-vol
+          emptyDir: {}
+        - name: {{ include "common.name" . }}-config
+          emptyDir:
+            medium: Memory
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"