Code Review / oom.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
[GENERAL] Use readiness container v3.0.1
[oom.git] / kubernetes / so / charts / so-vfc-adapter / templates / deployment.yaml
diff --git a/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml
index a69c189..d2d72d0 100755 (executable)
--- a/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml
+++ b/kubernetes/so/charts/so-vfc-adapter/templates/deployment.yaml
@@ -11,7 +11,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ include "common.fullname" . }}
@@ -19,8 +19,11 @@ metadata:
   labels:
     app: {{ include "common.fullname" . }}
     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ .Release.Name }}
+    release: {{ include "common.release" . }}
 spec:
+  selector:
+    matchLabels:
+      app: {{ include "common.name" . }}
   replicas: {{ index .Values.replicaCount }}
   minReadySeconds: {{ index .Values.minReadySeconds }}
   strategy:
@@ -32,83 +35,70 @@ spec:
     metadata:
       labels:
         app: {{ include "common.name" . }}
-        release: {{ .Release.Name }}
+        release: {{ include "common.release" . }}
     spec:
-      initContainers:
-      - name: so-chown
-        image: alpine:3.6
-        volumeMounts:
-        - name: logs
-          mountPath: /app/logs
-        imagePullPolicy: {{ index .Values.pullPolicy }}
-        command: ["/bin/sh", "-c", "chown -Rf 1000:1000 /app/logs"]
-      restartPolicy: Always
+      initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
+      - command:
+        - /app/ready.py
+        args:
+        - --job-name
+        - {{ include "common.release" . }}-so-mariadb-config-job
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
       containers:
       - name: {{ include "common.name" . }}
         image: {{ include "common.repository" . }}/{{ .Values.image }}
         resources:
-{{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }}
+{{ include "common.resources" . | indent 12 }}
         env:
         - name: DB_HOST
           valueFrom:
             secretKeyRef:
-              name: {{ .Release.Name}}-so-db-secrets
+              name: {{ include "common.release" . }}-so-db-secrets
               key: mariadb.readwrite.host
         - name: DB_PORT
           valueFrom:
             secretKeyRef:
-              name: {{ .Release.Name}}-so-db-secrets
+              name: {{ include "common.release" . }}-so-db-secrets
               key: mariadb.readwrite.port
         - name: DB_USERNAME
-          valueFrom:
-            secretKeyRef:
-              name: {{ .Release.Name}}-so-db-secrets
-              key: mariadb.readwrite.rolename
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 10 }}
         - name: DB_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ .Release.Name}}-so-db-secrets
-              key: mariadb.readwrite.password
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 10 }}
         - name: DB_ADMIN_USERNAME
-          valueFrom:
-            secretKeyRef:
-              name: {{ .Release.Name}}-so-db-secrets
-              key: mariadb.admin.rolename
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
         - name: DB_ADMIN_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
+         {{- if eq .Values.global.security.aaf.enabled true }}
+        - name: TRUSTSTORE
+          value: /app/org.onap.so.trust.jks
+        - name: TRUSTSTORE_PASSWORD
           valueFrom:
             secretKeyRef:
-              name: {{ .Release.Name}}-so-db-secrets
-              key: mariadb.admin.password
-        - name: CADI_KEYSTORE_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ .Release.Name}}-so-ssl-pwd-secret
-              key: cadi_keystore_password
-        - name: CADI_TRUSTSTORE_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ .Release.Name}}-so-ssl-pwd-secret
-              key: cadi_truststore_password
-        - name: MSO_KEYSTORE_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ .Release.Name}}-so-ssl-client-secret
-              key: keystore_password
-        - name: MSO_TRUSTSTORE_PASSWORD
+              name: {{ .Release.Name}}-so-client-certs-secret
+              key: trustStorePassword
+        - name: KEYSTORE
+          value: /app/org.onap.so.jks
+        - name: KEYSTORE_PASSWORD
           valueFrom:
             secretKeyRef:
-              name: {{ .Release.Name}}-so-ssl-client-secret
-              key: truststore_password
+              name: {{ .Release.Name}}-so-client-certs-secret
+              key: keyStorePassword
+        {{- end }}
         envFrom:
         - configMapRef:
             name: {{ include "common.fullname" . }}-configmap
-        imagePullPolicy:  {{ index .Values "global" "pullPolicy" }}
-        volumeMounts:
+        imagePullPolicy:  {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts: {{ include "so.certificate.volume-mounts" . | nindent 8 }}
         - name: logs
           mountPath: /app/logs
-        - name: certs
-          mountPath: /app/certs/
-          readOnly: true
         - name: config
           mountPath: /app/config
           readOnly: true
@@ -126,12 +116,9 @@ spec:
         - containerPort: {{ index .Values.containerPort }}
           name: {{ .Values.service.portName }}
           protocol: TCP
-      volumes:
+      volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
       - name: logs
         emptyDir: {}
-      - name: certs
-        secret:
-            secretName: {{ .Release.Name}}-so-ssl-secret
       - name: config
         configMap:
             name: {{ include "common.fullname" . }}-app-configmap
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).