"implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl",
"databaseDriver": "org.mariadb.jdbc.Driver",
"databaseUrl": "jdbc:mariadb://{{ .Values.global.mariadb.service.name }}:{{ .Values.global.mariadb.service.internalPort }}/{{ .Values.global.mariadb.config.mysqlDatabase }}",
- "databaseUser": "{{ .Values.global.mariadb.config.userName }}",
- "databasePassword": "{{ .Values.global.mariadb.config.userPassword | b64enc }}",
+ "databaseUser": "${SQL_USER}",
+ "databasePassword": "${SQL_PASSWORD_BASE64}",
"persistenceUnit": "PolicyMariaDb"
},
"topicParameterGroup": {
image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
+
+ - command:
+ - sh
+ args:
+ - -c
+ - "export SQL_PASSWORD_BASE64=`echo -n ${SQL_PASSWORD} | base64`; cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
+ env:
+ - name: SQL_USER
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
+ - name: SQL_PASSWORD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+ volumeMounts:
+ - mountPath: /config-input
+ name: papconfig
+ - mountPath: /config
+ name: papconfig-processed
+ image: "{{ .Values.global.envsubstImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-update-config
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
name: localtime
readOnly: true
- mountPath: /opt/app/policy/pap/etc/mounted
- name: papconfig
+ name: papconfig-processed
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
configMap:
name: {{ include "common.fullname" . }}-configmap
defaultMode: 0755
+ - name: papconfig-processed
+ emptyDir:
+ medium: Memory
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
--- /dev/null
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+{{ include "common.secretFast" . }}
#################################################################
global:
persistence: {}
+ envsubstImage: dibi/envsubst
+
+#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: db-secret
+ type: basicAuth
+ externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
+ login: '{{ .Values.db.user }}'
+ password: '{{ .Values.db.password }}'
+ passwordPolicy: required
#################################################################
# Application configuration defaults.
# application configuration
+db:
+ user: policy_user
+ password: policy_user
+
# default number of instances
replicaCount: 1