Merge "[SO] Correct connection configuration to sdnc"

[oom.git] / kubernetes / sdc / charts / sdc-wfd-fe / templates / deployment.yaml

diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml
index 0dfc61a..180c427 100644 (file)
--- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml
@@ -20,7 +20,7 @@ metadata:
   labels:
     app: {{ include "common.name" . }}
     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ .Release.Name }}
+    release: {{ include "common.release" . }}
     heritage: {{ .Release.Service }}
 spec:
   replicas: {{ .Values.replicaCount }}
@@ -28,7 +28,7 @@ spec:
     metadata:
       labels:
         app: {{ include "common.name" . }}
-        release: {{ .Release.Name }}
+        release: {{ include "common.release" . }}
     spec:
       initContainers:
       - name: {{ include "common.name" . }}-readiness
@@ -50,17 +50,17 @@ spec:
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           ports:
-          - containerPort: {{ .Values.service.internalPort }}
+          - containerPort: {{ template "wfd-fe.internalPort" . }}
           {{ if .Values.liveness.enabled }}
           livenessProbe:
             tcpSocket:
-              port: {{ .Values.service.internalPort }}
+              port: {{ template "wfd-fe.internalPort" . }}
             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
             periodSeconds: {{ .Values.liveness.periodSeconds }}
           {{ end }}
           readinessProbe:
             tcpSocket:
-              port: {{ .Values.service.internalPort }}
+              port: {{ template "wfd-fe.internalPort" . }}
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
           env:
@@ -70,12 +70,34 @@ spec:
             value: {{ .Values.config.javaOptions }}
           - name: BACKEND
             value: {{ .Values.config.backendServerURL }}
+          - name: IS_HTTPS
+            value: "{{ .Values.config.isHttpsEnabled}}"
+            {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
+          - name: KEYSTORE_PASS
+            valueFrom:
+              secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: keystore_password}
+          - name: TRUSTSTORE_PASS
+            valueFrom:
+              secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: truststore_password}
+          - name: TRUSTSTORE_PATH
+            value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}"
+          - name: KEYSTORE_PATH
+            value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}"
+          - name: TRUST_ALL
+            value: "{{ .Values.config.isTrustAll}}"
+            {{ end }}
           volumeMounts:
           - name: {{ include "common.fullname" . }}-localtime
             mountPath: /etc/localtime
             readOnly: true
+          - name: sdc-cert
+            mountPath: /var/lib/jetty/etc/org.onap.sdc.p12
+            subPath: org.onap.sdc.p12
+          - name: sdc-cert
+            mountPath: /var/lib/jetty/etc/org.onap.sdc.trust.jks
+            subPath: org.onap.sdc.trust.jks
           resources:
-{{ toYaml .Values.resources | indent 12 }}
+{{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}
         nodeSelector:
 {{ toYaml .Values.nodeSelector | indent 10 }}
@@ -84,7 +106,6 @@ spec:
         affinity:
 {{ toYaml .Values.affinity | indent 10 }}
         {{- end }}
-
         # side car containers
         - name: {{ include "common.name" . }}-filebeat-onap
           image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
@@ -101,9 +122,12 @@ spec:
         - name: {{ include "common.fullname" . }}-localtime
           hostPath:
             path: /etc/localtime
+        - name: sdc-cert
+          secret:
+            secretName: sdc-cert
         - name: {{ include "common.fullname" . }}-filebeat-conf
           configMap:
-            name: {{ .Release.Name }}-sdc-filebeat-configmap
+            name: {{ include "common.release" . }}-sdc-filebeat-configmap
         - name: {{ include "common.fullname" . }}-data-filebeat
           emptyDir: {}
         - name:  {{ include "common.fullname" . }}-logs