labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
+ release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
metadata:
labels:
app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
+ release: {{ include "common.release" . }}
spec:
+ initContainers:
+ - name: {{ include "common.name" . }}-chown
+ command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /share/"]
+ image: "{{ .Values.global.busyBoxRepository }}/{{ .Values.global.busyBoxImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-logs
+ mountPath: /share/logs
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: JAVA_TRUSTSTORE
+ value: /share/etc/certs/{{ .Values.global.truststoreFile }}
+ - name: SSL_KEYSTORE
+ value: /share/etc/certs/{{ .Values.global.keystoreFile }}
+ - name: JAVA_TRUSTSTORE_PASSWORD
+ value: {{ .Values.global.truststorePassword }}
+ - name: SSL_KEYSTORE_PASSWORD
+ value: {{ .Values.global.keystorePassword }}
+ - name: AUTHENTICATION
+ value: proprietary-auth
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
- name: {{ include "common.fullname" . }}-logs
mountPath: /share/debug-logs
- name: {{ include "common.fullname" . }}-config
- mountPath: /share/etc/config
+ mountPath: /share/etc/config
+ - name: {{ include "common.fullname" . }}-certs
+ mountPath: /share/etc/certs
+ - name: {{ include "common.fullname" . }}-certs
+ mountPath: /opt/app/cmso/src/main/resources/aaf
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
path: cadi.properties
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
+ - name: {{ include "common.fullname" . }}-certs
+ secret:
+ secretName: {{ include "common.release" . }}-{{ .Values.global.commonConfigPrefix }}-certs
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"