+ {{- if $policy }}
+ - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.dcaePolicySyncImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: policy-sync
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ apiVersion: v1
+ fieldPath: status.podIP
+ - name: POLICY_SYNC_PDP_USER
+ valueFrom:
+ secretKeyRef:
+ name: onap-policy-xacml-pdp-api-creds
+ key: login
+ - name: POLICY_SYNC_PDP_PASS
+ valueFrom:
+ secretKeyRef:
+ name: onap-policy-xacml-pdp-api-creds
+ key: password
+ - name: POLICY_SYNC_PDP_URL
+ value : http{{ if (include "common.needTLS" .) }}s{{ end }}://policy-xacml-pdp:6969
+ - name: POLICY_SYNC_OUTFILE
+ value : "/etc/policies/policies.json"
+ - name: POLICY_SYNC_V1_DECISION_ENDPOINT
+ value : "policy/pdpx/v1/decision"
+ {{- if $policy.filter }}
+ - name: POLICY_SYNC_FILTER
+ value: {{ $policy.filter }}
+ {{- end -}}
+ {{- if $policy.policyID }}
+ - name: POLICY_SYNC_ID
+ value: {{ $policy.policyID }}
+ {{- end -}}
+ {{- if $policy.duration }}
+ - name: POLICY_SYNC_DURATION
+ value: {{ $policy.duration }}
+ {{- end }}
+ resources: {{ include "common.resources" . | nindent 2 }}
+ volumeMounts:
+ - mountPath: /etc/policies
+ name: policy-shared
+ {{- if $certDir }}
+ - mountPath: /opt/ca-certificates/
+ name: tls-info
+ {{- end }}
+ {{- end }}