name: distributionconfig-input
- mountPath: /config
name: distributionconfig
- image: "{{ .Values.global.envsubstImage }}"
+ image: {{ include "repositoryGenerator.image.envsubst" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-update-config
{{ include "common.certInitializer.initContainer" . | indent 6 }}
containers:
- name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ env:
+ - name: SASL_JAAS_CONFIG
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.name" . }}-ku
+ key: sasl.jaas.config
{{- if .Values.global.aafEnabled }}
- command: ["bash","-c"]
+ command: ["sh","-c"]
args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\
/opt/app/policy/distribution/bin/policy-dist.sh /opt/app/policy/distribution/etc/mounted/config.json"]
{{- else }}
- command: ["/opt/app/policy/distribution/bin/policy-dist.sh"]
- args: ["/opt/app/policy/distribution/etc/mounted/config.json"]
- env:
- name: KEYSTORE_PASSWD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
- name: TRUSTSTORE_PASSWD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
+ command: ["/opt/app/policy/distribution/bin/policy-dist.sh"]
+ args: ["/opt/app/policy/distribution/etc/mounted/config.json"]
{{- end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
readOnly: true
- mountPath: /opt/app/policy/distribution/etc/mounted
name: distributionconfig
- resources:
-{{ include "common.resources" . }}
+ resources: {{ include "common.resources" . | nindent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime