X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fdcaegen2-services%2Fcommon%2Fdcaegen2-services-common%2Ftemplates%2F_deployment.tpl;h=5ba7d2977ad829a150cd04248d1032358bde3713;hb=4b22da9e93fce560cf47880696f9b7cee09f3342;hp=ffff46fab50efbba70ba556729b50090e73ece11;hpb=2fd8a3fa4bfb9fbf5045a85b2d84165f226ada74;p=oom.git

diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index ffff46fab5..5ba7d2977a 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -4,6 +4,7 @@
 # Copyright (c) 2021 J. F. Lucas. All rights reserved.
 # Copyright (c) 2021 AT&T Intellectual Property. All rights reserved.
 # Copyright (c) 2021 Nokia. All rights reserved.
+# Copyright (c) 2021 Nordix Foundation.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -206,18 +207,34 @@ The sidecar is included if .Values.policies is set.  The
 Policy-sync sidecar polls PolicyEngine (PDP) periodically based
 on .Values.policies.duration and configuration retrieved is shared with
 DCAE Microservice container by common volume. Policy can be retrieved based on
-list of policyID or filter
+list of policyID or filter. An optional policyRelease parameter can be specified
+to override the default policy helm release (used for retreiving the secret containing
+pdp username and password)
+
+Following is example policy config override
+
+dcaePolicySyncImage: onap/org.onap.dcaegen2.deployments.dcae-services-policy-sync:1.0.1
+policies:
+  duration: 300
+  policyRelease: "onap"
+  policyID: |
+    '["onap.vfirewall.tca","onap.vdns.tca"]'
 */}}
 
 {{- define "dcaegen2-services-common.microserviceDeployment" -}}
 {{- $logDir :=  default "" .Values.logDirectory -}}
 {{- $certDir := default "" .Values.certDirectory . -}}
 {{- $tlsServer := default "" .Values.tlsServer -}}
-{{- $policy := default "" .Values.policies -}}
-
+{{- $commonRelease :=  print (include "common.release" .) -}}
+{{- $policy := default dict .Values.policies -}}
+{{- $policyRls := default $commonRelease $policy.policyRelease -}}
+{{- $drFeedConfig := default "" .Values.drFeedConfig -}}
+{{- $dcaeName := print (include "common.fullname" .) }}
+{{- $dcaeLabel := (dict "dcaeMicroserviceName" $dcaeName) -}}
+{{- $dot := . -}}
 apiVersion: apps/v1
 kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata: {{- include "common.resourceMetadata" (dict "dot" $dot "labels" $dcaeLabel) | nindent 2 }}
 spec:
   replicas: 1
   selector: {{- include "common.selectors" . | nindent 4 }}
@@ -225,6 +242,7 @@ spec:
     metadata: {{- include "common.templateMetadata" . | nindent 6 }}
     spec:
       initContainers:
+      {{- if not $drFeedConfig }}
       - command:
         - sh
         args:
@@ -247,14 +265,18 @@ spec:
         image: {{ include "repositoryGenerator.image.envsubst" . }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-update-config
-
+      {{- end }}
       {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
+      {{- include "common.dmaap.provisioning.initContainer" . | nindent 6 }}
       - name: init-consul
         image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.consulLoaderImage }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         args:
         - --key-yaml
         - "{{ include "common.name" . }}|/app-config/application_config.yaml"
+        env:
+        - name: CONSUL_HOST
+          value: {{ .Values.consulHost | default "consul-server-ui" }}.{{ include "common.namespace" . }}
         resources: {{ include "common.resources" . | nindent 2 }}
         volumeMounts:
           - mountPath: /app-config
@@ -380,12 +402,12 @@ spec:
         - name: POLICY_SYNC_PDP_USER
           valueFrom:
             secretKeyRef:
-              name: onap-policy-xacml-pdp-api-creds
+              name: {{ $policyRls }}-policy-xacml-pdp-api-creds
               key: login
         - name: POLICY_SYNC_PDP_PASS
           valueFrom:
             secretKeyRef:
-              name: onap-policy-xacml-pdp-api-creds
+              name: {{ $policyRls }}-policy-xacml-pdp-api-creds
               key: password
         - name: POLICY_SYNC_PDP_URL
           value : http{{ if (include "common.needTLS" .) }}s{{ end }}://policy-xacml-pdp:6969
@@ -403,7 +425,7 @@ spec:
         {{- end -}}
         {{- if $policy.duration }}
         - name: POLICY_SYNC_DURATION
-          value: {{ $policy.duration }}
+          value: "{{ $policy.duration }}"
         {{- end }}
         resources: {{ include "common.resources" . | nindent 2 }}
         volumeMounts:
@@ -415,6 +437,7 @@ spec:
         {{- end }}
       {{- end }}
       hostname: {{ include "common.name" . }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes:
       - configMap:
           defaultMode: 420
@@ -444,6 +467,7 @@ spec:
       - name: policy-shared
         emptyDir: {}
       {{- end }}
+      {{- include "common.dmaap.provisioning._volumes" . | nindent 6 -}}
       {{- include "dcaegen2-services-common._externalVolumes" . | nindent 6 }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"