{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }}
- name: AAI_CLIENT_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }}
+ - name: AAI_TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 10 }}
+ - name: ANSIBLE_TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 10 }}
+ - name: SO_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 10 }}
+ - name: SO_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 10 }}
+ - name: NENG_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 10 }}
+ - name: NENG_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 10 }}
+ - name: CDS_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 10 }}
+ - name: CDS_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 10 }}
+ - name: HONEYCOMB_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 10 }}
+ - name: HONEYCOMB_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 10 }}
+ - name: TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 10 }}
+ - name: KEYSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 10 }}
+ - name: DMAAP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 10 }}
+ - name: DMAAP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 10 }}
+ - name: DMAAP_AUTHKEY
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 10 }}
- name: MODELSERVICE_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }}
- name: MODELSERVICE_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
- name: SDNC_DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+ - name: MYSQL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+ - name: MYSQL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
- name: ODL_ADMIN_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
+ - name: ODL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
- name: ODL_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
+ - name: ODL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}
{{ if and .Values.config.sdnr.dmaapProxy.enabled .Values.config.sdnr.dmaapProxy.usepwd }}
- name: DMAAP_HTTP_PROXY_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "login") | indent 10 }}
- name: DMAAP_HTTP_PROXY_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }}
{{- end }}
+ {{ if .Values.config.sdnr.oauth.enabled }}
+ - name: OAUTH_TOKEN_SECRET
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }}
+ - name: KEYCLOAK_SECRET
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }}
+
+ - name: ENABLE_ODLUX_RBAC
+ value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}"
+ {{ end }}
volumeMounts:
args:
- -c
- |
- mkdir {{ .Values.persistence.mdsalPath }}/daexim
mkdir {{ .Values.persistence.mdsalPath }}/journal
mkdir {{ .Values.persistence.mdsalPath }}/snapshots
+ mkdir {{ .Values.persistence.mdsalPath }}/daexim
chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
{{- if .Values.global.aafEnabled }}
chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ {{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+ {{- $linkCommand := include "common.certManager.linkVolumeMounts" . }}
+ lifecycle:
+ postStart:
+ exec:
+ command: ["sh", "-c", {{$linkCommand | quote}} ]
+ {{- end }}
command: ["/bin/bash"]
args: ["-c", "/opt/onap/sdnc/bin/createLinks.sh ; /opt/onap/sdnc/bin/startODL.sh"]
ports:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }}
- name: ODL_ADMIN_USERNAME
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }}
+ - name: ODL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }}
- name: ODL_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }}
+ - name: ODL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }}
- name: SDNC_DB_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
- name: SDNC_DB_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
+ - name: MYSQL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
+ - name: MYSQL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
+ - name: MYSQL_DATABASE
+ value: "{{ .Values.config.dbSdnctlDatabase }}"
- name: SDNC_CONFIG_DIR
value: "{{ .Values.config.configDir }}"
+ - name: AAI_CLIENT_NAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 12 }}
+ - name: AAI_CLIENT_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 12 }}
+ - name: AAI_TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-truststore-password" "key" "password") | indent 12 }}
+ - name: ANSIBLE_TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-truststore-password" "key" "password") | indent 12 }}
+ - name: SO_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "login") | indent 12 }}
+ - name: SO_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "so-user-creds" "key" "password") | indent 12 }}
+ - name: NENG_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "login") | indent 12 }}
+ - name: NENG_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "neng-user-creds" "key" "password") | indent 12 }}
+ - name: CDS_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "login") | indent 12 }}
+ - name: CDS_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cds-user-creds" "key" "password") | indent 12 }}
+ - name: HONEYCOMB_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "login") | indent 12 }}
+ - name: HONEYCOMB_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "honeycomb-user-creds" "key" "password") | indent 12 }}
+ - name: TRUSTSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
+ - name: KEYSTORE_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
+ - name: DMAAP_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "login") | indent 12 }}
+ - name: DMAAP_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-user-creds" "key" "password") | indent 12 }}
+ - name: DMAAP_AUTHKEY
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-authkey" "key" "password") | indent 12 }}
- name: ENABLE_ODL_CLUSTER
value: "{{ .Values.config.enableClustering }}"
- name: MY_ODL_CLUSTER
{{- if .Values.config.sdnr.sdnrdbTrustAllCerts }}
- name: SDNRDBTRUSTALLCERTS
value: "true"
- {{ end }}
-
+ {{- end }}
+ {{- if .Values.global.cmpv2Enabled }}
+ - name: ODL_CERT_DIR
+ value: {{ (mustFirst (.Values.certificates)).mountPath }}
+ {{- end }}
+ - name: ENABLE_OAUTH
+ value: "{{ .Values.config.sdnr.oauth.enabled | default "false" }}"
volumeMounts:
{{ include "common.certInitializer.volumeMount" . | indent 10 }}
{{ include "common.certServiceClient.volumeMounts" . | indent 10 }}
+{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certManager.volumeMounts" . | indent 10 }}
+{{- end }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties
name: properties
subPath: mountpoint-state-provider.properties
+ - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.daexim.cfg
+ name: properties
+ subPath: org.opendaylight.daexim.cfg
+ {{- if .Values.config.sdnr.oauth.enabled }}
+ - mountPath: {{ .Values.config.odl.etcDir }}/oauth-provider.config.json
+ name: properties
+ subPath: oauth-provider.config.json
+ {{ end }}
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
{{ else }}
{{ include "common.certInitializer.volumes" . | nindent 8 }}
{{ include "common.certServiceClient.volumes" . | nindent 8 }}
+{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certManager.volumes" . | nindent 8 }}
+{{- end }}
volumeClaimTemplates:
- metadata:
name: {{ include "common.fullname" . }}-data
Code Review / oom.git / blobdiff