{{/*
# ============LICENSE_START=======================================================
# Copyright (C) 2020 AT&T Intellectual Property.
+# Modifications Copyright (C) 2022 Bell Canada. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "distribution-secret" "key" "login") | indent 10 }}
- name: DISTRIBUTION_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "distribution-secret" "key" "password") | indent 10 }}
+{{- if .Values.config.useStrimziKafka }}
+ - name: JAASLOGIN
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "policy-kafka-user" "key" "sasl.jaas.config") | indent 10 }}
+{{- end }}
volumeMounts:
- mountPath: /config-input
name: papconfig
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
{{- if .Values.global.aafEnabled }}
- command: ["bash","-c"]
+ command: ["sh","-c"]
args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\
- /opt/app/policy/pap/bin/policy-pap.sh /opt/app/policy/pap/etc/mounted/config.json"]
+ /opt/app/policy/pap/bin/policy-pap.sh /opt/app/policy/pap/etc/mounted/papParameters.yaml"]
{{- else }}
command: ["/opt/app/policy/pap/bin/policy-pap.sh"]
- args: ["/opt/app/policy/pap/etc/mounted/config.json"]
+ args: ["/opt/app/policy/pap/etc/mounted/papParameters.yaml"]
env:
- name: KEYSTORE_PASSWD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
- tcpSocket:
+ httpGet:
+ path: {{ .Values.readiness.api }}
port: {{ .Values.readiness.port }}
+ httpHeaders:
+ - name: Authorization
+ value: Basic {{ printf "%s:%s" .Values.restServer.user .Values.restServer.password | b64enc }}
+ scheme: {{ .Values.readiness.scheme }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeout }}
volumeMounts:
{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: /etc/localtime
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
{{ include "common.certInitializer.volumes" . | indent 8 }}
- name: localtime