# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: apps/v1beta1
+apiVersion: apps/v1
kind: StatefulSet
metadata:
name: {{ include "common.fullname" . }}
labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
+ release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
serviceName: {{ include "common.servicename" . }}
metadata:
labels:
app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
+ release: {{ include "common.release" . }}
spec:
initContainers:
+ - command:
+ - sh
+ args:
+ - -c
+ - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; chmod 0755 /config/${PFILE}; done"
+ env:
+ - name: JDBC_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+ - name: JDBC_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+ - name: PDP_HTTP_USER_ID
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "login") | indent 10 }}
+ - name: PDP_HTTP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "password") | indent 10 }}
+ - name: PDP_PAP_PDP_HTTP_USER_ID
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "login") | indent 10 }}
+ - name: PDP_PAP_PDP_HTTP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "password") | indent 10 }}
+ volumeMounts:
+ - mountPath: /config-input/pe
+ name: pe-input
+ - mountPath: /config-input/pe-pdp
+ name: pe-pdp-input
+ - mountPath: /config/pe
+ name: pe
+ - mountPath: /config/pe-pdp
+ name: pe-pdp
+ image: "{{ .Values.global.envsubstImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-update-config
- command:
- /root/ready.py
args:
name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: JDBC_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+ - name: JDBC_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
resources:
-{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }}
+{{ include "common.resources" . | indent 12 }}
ports:
- containerPort: {{ .Values.service.externalPort }}
{{- if eq .Values.liveness.enabled true }}
name: pe
subPath: base.conf
- mountPath: /tmp/policy-install/config/pdp-tweaks.sh
- name: pe-pdp
+ name: pe-pdp-input
subPath: pdp-tweaks.sh
- mountPath: /tmp/policy-install/config/pdplp.conf
name: pe-pdp
path: /etc/localtime
- name: filebeat-conf
configMap:
- name: {{ .Release.Name }}-filebeat-configmap
+ name: {{ include "common.release" . }}-filebeat-configmap
- name: policy-logs
emptyDir: {}
- name: policy-data-filebeat
- name: policy-logback
configMap:
name: {{ include "common.fullname" . }}-log-configmap
- - name: pe
+ - name: pe-input
configMap:
- name: {{ .Release.Name }}-pe-configmap
+ name: {{ include "common.release" . }}-pe-configmap
defaultMode: 0755
- name: pe-scripts
configMap:
- name: {{ .Release.Name }}-pe-scripts-configmap
+ name: {{ include "common.release" . }}-pe-scripts-configmap
defaultMode: 0777
- - name: pe-pdp
+ - name: pe-pdp-input
configMap:
name: {{ include "common.fullname" . }}-pe-configmap
defaultMode: 0755
+ - name: pe
+ emptyDir:
+ medium: Memory
+ - name: pe-pdp
+ emptyDir:
+ medium: Memory
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
Code Review / oom.git / blobdiff