X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdc%2Fcharts%2Fsdc-onboarding-be%2Ftemplates%2Fdeployment.yaml;h=f2baa1fd9077f28ccfa883277861cf84b34ba618;hb=2f987f69b45998da0ff21fd7dc14d18206352507;hp=78b111658a5df4f597a2e12c9f069a635274474f;hpb=069a2274c2c108c201872e612a4dad22be397c98;p=oom.git

diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml
index 78b111658a..f2baa1fd90 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml
+++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml
@@ -13,7 +13,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
 kind: Deployment
 metadata:
   name: {{ include "common.fullname" . }}
@@ -24,6 +24,9 @@ metadata:
     release: {{ include "common.release" . }}
     heritage: {{ .Release.Service }}
 spec:
+  selector:
+    matchLabels:
+      app: {{ include "common.name" . }}
   replicas: {{ .Values.replicaCount }}
   template:
     metadata:
@@ -33,10 +36,10 @@ spec:
     spec:
       initContainers:
       - name: {{ include "common.name" . }}-job-completion
-        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
         command:
-        - /root/job_complete.py
+        - /app/ready.py
         args:
         - --job-name
         - {{ include "common.release" . }}-sdc-onboarding-be-cassandra-init
@@ -46,6 +49,43 @@ spec:
             fieldRef:
               apiVersion: v1
               fieldPath: metadata.namespace
+      - name: {{ include "common.name" . }}-update-config
+        image: "{{ .Values.global.envsubstImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        command:
+          - sh
+        args:
+          - -c
+          - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
+        env:
+          - name: KEYSTORE_PASS
+            valueFrom:
+              secretKeyRef:
+                name: {{ include "common.release" . }}-sdc-cs-secrets
+                key: keystore_password
+          - name: TRUSTSTORE_PASS
+            valueFrom:
+              secretKeyRef:
+                name: {{ include "common.release" . }}-sdc-cs-secrets
+                key: truststore_password
+        volumeMounts:
+          - name: {{ include "common.fullname" . }}-environments
+            mountPath: /config-input/
+          - name: sdc-environments-output
+            mountPath: /config-output/
+      - name: volume-permissions
+        image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        command:
+          - /bin/sh
+          - -c
+          - |
+            chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} //onboard/cert
+        securityContext:
+          runAsUser: 0
+        volumeMounts:
+          - name: {{ include "common.fullname" . }}-cert-storage
+            mountPath: "/onboard/cert"
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -57,7 +97,7 @@ spec:
           livenessProbe:
             exec:
               command:
-              - "/var/lib/ready-probe.sh"
+              - "/var/lib/jetty/ready-probe.sh"
             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
             periodSeconds: {{ .Values.liveness.periodSeconds }}
             timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
@@ -65,7 +105,7 @@ spec:
           readinessProbe:
             exec:
               command:
-              - "/var/lib/ready-probe.sh"
+              - "/var/lib/jetty/ready-probe.sh"
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
             timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
@@ -93,8 +133,14 @@ spec:
           - name: SDC_CERT_DIR
             value: {{ .Values.cert.certDir }}
           volumeMounts:
-          - name: {{ include "common.fullname" . }}-environments
-            mountPath: /root/chef-solo/environments/
+          - name: sdc-environments-output
+            mountPath: /var/lib/jetty/chef-solo/environments/
+          - name: sdc-cert
+            mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
+            subPath: org.onap.sdc.p12
+          - name: sdc-cert
+            mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
+            subPath: org.onap.sdc.trust.jks
           - name: {{ include "common.fullname" . }}-localtime
             mountPath: /etc/localtime
             readOnly: true
@@ -125,6 +171,9 @@ spec:
       - name: {{ include "common.fullname" . }}-localtime
         hostPath:
           path: /etc/localtime
+      - name: sdc-cert
+        secret:
+          secretName: sdc-cert
       - name: {{ include "common.fullname" . }}-filebeat-conf
         configMap:
           name: {{ include "common.release" . }}-sdc-filebeat-configmap
@@ -137,6 +186,8 @@ spec:
         configMap:
           name: {{ include "common.release" . }}-sdc-environments-configmap
           defaultMode: 0755
+      - name: sdc-environments-output
+        emptyDir: { medium: "Memory" }
       - name:  {{ include "common.fullname" . }}-logs
         emptyDir: {}
       - name:  {{ include "common.fullname" . }}-cert-storage