X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdnc%2Ftemplates%2Fstatefulset.yaml;h=f0ee8a945688a0d63be5a76bdede98422f506635;hb=07efa9bb787a6a04dfb9771a3940b3461d247d20;hp=ea544e6211b941c6d9f3fdb4a1dd25480812ea95;hpb=17554770bdc355599c18fbdf87edbe9bcfc9b0e3;p=oom.git diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml index ea544e6211..f0ee8a9456 100644 --- a/kubernetes/sdnc/templates/statefulset.yaml +++ b/kubernetes/sdnc/templates/statefulset.yaml @@ -111,6 +111,15 @@ spec: - name: DMAAP_HTTP_PROXY_PASSWORD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "dmaap-proxy-creds" "key" "password") | indent 10 }} {{- end }} + {{ if .Values.config.sdnr.oauth.enabled }} + - name: OAUTH_TOKEN_SECRET + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "oauth-token-secret" "key" "password") | indent 10 }} + - name: KEYCLOAK_SECRET + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keycloak-secret" "key" "password") | indent 10 }} + + - name: ENABLE_ODLUX_RBAC + value: "{{ .Values.config.sdnr.oauth.odluxRbac.enabled | default "true" }}" + {{ end }} volumeMounts: @@ -146,7 +155,6 @@ spec: name: {{ include "common.name" . }}-readiness {{ end -}} {{ include "common.certInitializer.initContainer" . | indent 6 }} -{{ include "common.certServiceClient.initContainer" . | indent 6 }} - name: {{ include "common.name" . }}-chown image: {{ include "repositoryGenerator.image.busybox" . }} command: @@ -169,7 +177,7 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - {{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} + {{- if .Values.global.cmpv2Enabled }} {{- $linkCommand := include "common.certManager.linkVolumeMounts" . }} lifecycle: postStart: @@ -183,6 +191,9 @@ spec: - containerPort: {{ .Values.service.internalPort2 }} - containerPort: {{ .Values.service.internalPort3 }} - containerPort: {{ .Values.service.clusterPort }} + {{- if .Values.config.sdnr.netconfCallHome.enabled }} + - containerPort: {{ .Values.service.callHomePort }} + {{- end }} readinessProbe: tcpSocket: port: {{ .Values.service.internalPort }} @@ -294,11 +305,13 @@ spec: - name: ODL_CERT_DIR value: {{ (mustFirst (.Values.certificates)).mountPath }} {{- end }} - + - name: ENABLE_OAUTH + value: "{{ .Values.config.sdnr.oauth.enabled | default "false" }}" + - name: SDNR_NETCONF_CALLHOME_ENABLED + value: "{{ .Values.config.sdnr.netconfCallHome.enabled | default "false" }}" volumeMounts: {{ include "common.certInitializer.volumeMount" . | indent 10 }} -{{ include "common.certServiceClient.volumeMounts" . | indent 10 }} -{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} +{{- if .Values.global.cmpv2Enabled }} {{ include "common.certManager.volumeMounts" . | indent 10 }} {{- end }} - mountPath: /etc/localtime @@ -362,6 +375,11 @@ spec: - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.daexim.cfg name: properties subPath: org.opendaylight.daexim.cfg + {{- if .Values.config.sdnr.oauth.enabled }} + - mountPath: {{ .Values.config.odl.etcDir }}/oauth-provider.config.json + name: properties + subPath: oauth-provider.config.json + {{ end }} resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -417,8 +435,7 @@ spec: emptyDir: {} {{ else }} {{ include "common.certInitializer.volumes" . | nindent 8 }} -{{ include "common.certServiceClient.volumes" . | nindent 8 }} -{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }} +{{- if .Values.global.cmpv2Enabled }} {{ include "common.certManager.volumes" . | nindent 8 }} {{- end }} volumeClaimTemplates: