{{/*
# ============LICENSE_START=======================================================
-# Copyright (C) 2024 Deutsche Telekom Intellectual Property. All rights reserved.
+# Copyright (C) 2024-2025 Deutsche Telekom Intellectual Property. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
"logging": {
"level": "debug"
},
- "services": [
- {
- "name": "opa-bundle-server",
- "url": "http://policy-opa-pdp:8282/opa/bundles"
- }
- ],
- "bundles": {
- "opabundle": {
- "service": "opa-bundle-server",
- "resource": "bundle.tar.gz",
- "polling": {
- "min_delay_seconds": 60,
- "max_delay_seconds": 120
- }
- }
- },
"decision_logs": {
"console": true
}
{{/*\r
# ============LICENSE_START=======================================================\r
-# Copyright (C) 2024 Deutsche Telekom Intellectual Property. All rights reserved.\r
+# Copyright (C) 2024-2025 Deutsche Telekom Intellectual Property. All rights reserved.\r
# ================================================================================\r
# Licensed under the Apache License, Version 2.0 (the "License");\r
# you may not use this file except in compliance with the License.\r
# ============LICENSE_END=========================================================\r
*/}}\r
\r
-apiVersion: v1\r
-kind: ConfigMap\r
-metadata:\r
- name: {{ .Chart.Name }}-configmap-policies-data\r
- namespace: default\r
- labels:\r
- app: {{ .Chart.Name }}\r
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}\r
- release: release\r
- heritage: Helm\r
- {{- with .Files.Glob "resources/policies/*" }}\r
-binaryData:\r
- {{- range $path, $bytes := . }}\r
- {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }}\r
- {{- end }}\r
- {{- end }}\r
----\r
apiVersion: v1\r
kind: ConfigMap\r
metadata:\r
{{/*\r
# ============LICENSE_START=======================================================\r
-# Copyright (C) 2024 Deutsche Telekom Intellectual Property. All rights reserved.\r
+# Copyright (C) 2024-2025 Deutsche Telekom Intellectual Property. All rights reserved.\r
# ================================================================================\r
# Licensed under the Apache License, Version 2.0 (the "License");\r
# you may not use this file except in compliance with the License.\r
release: release\r
spec:\r
initContainers:\r
- - command:\r
- - /bin/sh\r
- args:\r
- - -c\r
- - |\r
- echo "*** set right permissions to the different folders"\r
- chown -R {{ .Values.permissions.uid }}:{{ .Values.permissions.gid }} /var/log;\r
- chmod -R 755 /var/log\r
- chown -R {{ .Values.permissions.uid }}:{{ .Values.permissions.gid }} /opt/;\r
- chmod -R 755 /opt/*\r
- tar -xvf /tmp/policies/policy-data.tar.gz -C /opt/\r
- image: busybox:latest\r
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}\r
- securityContext:\r
- runAsUser: 1000\r
- runAsGroup: 1000\r
- allowPrivilegeEscalation: false\r
- readOnlyRootFilesystem: true\r
- name: {{ .Chart.Name }}-readiness\r
- volumeMounts:\r
- - name: logs\r
- mountPath: /var/log\r
- - name: tmp-policies-data\r
- mountPath: /tmp/policies\r
- - name : opa-policies-data\r
- mountPath: /opt/\r
-\r
+ - name: {{ .Chart.Name }}-readiness\r
+ image: busybox\r
+ command: ["sh", "-c", "echo Init container started; sleep 10; echo Init container completed"]\r
containers:\r
- name: {{ .Chart.Name }}\r
image: {{ .Values.global.repository }}/{{ .Values.global.image.opa }}\r
timeoutSeconds: {{ .Values.readiness.timeout }}\r
env:\r
- name: UseSASLForKAFKA\r
- value: "{{ .Values.kafka.useSASL }}" \r
+ value: "{{ .Values.kafka.useSASL }}"\r
- name: BOOSTSTRAP_SERVER\r
value: "{{ .Values.kafka.brokers }}"\r
- name: KAFKA_USERNAME\r
value: "{{ .Values.kafka.username }}"\r
- name: KAFKA_PASSWORD\r
- value: "{{ .Values.kafka.password }}" \r
+ value: "{{ .Values.kafka.password }}"\r
- name: LOG_LEVEL\r
value: "{{ .Values.log.loglevel }}"\r
- name: GROUPID\r
- name: TOPIC\r
value: "{{ .Values.kafka.topic }}"\r
volumeMounts:\r
- - name: opa-policies-data\r
- mountPath: /opt\r
- name: opa-config\r
mountPath: /app/config\r
- name: opa-bundles\r
mountPath: /app/bundles\r
- name: logs\r
- mountPath: /var/log\r
+ mountPath: /var/logs\r
resources:\r
{{ toYaml .Values.resources.small | indent 12 }}\r
{{- if .Values.nodeSelector }}\r
{{- end }}\r
serviceAccountName: {{ .Chart.Name }}-read\r
volumes:\r
- - name: tmp-policies-data\r
- configMap:\r
- name: {{ .Chart.Name }}-configmap-policies-data\r
- defaultMode: 0755\r
- - name: opa-policies-data\r
- persistentVolumeClaim:\r
- claimName: {{ .Chart.Name }}-policies-data\r
- name: opa-config\r
configMap:\r
name: {{ .Chart.Name }}-configmap-config\r
+++ /dev/null
-{{/*
-# ============LICENSE_START=======================================================
-# Copyright (C) 2024 Deutsche Telekom Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-*/}}
-
-
-apiVersion: v1
-kind: PersistentVolumeClaim
-metadata:
- name: {{ .Chart.Name }}-policies-data
- namespace: default
- labels:
- app: {{ .Chart.Name }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: 13.0.1
- heritage: {{ .Release.Service }}
-spec:
- accessModes:
- - ReadWriteMany
- resources:
- requests:
- storage: 5G
- storageClassName: microk8s-hostpath
- volumeMode: Filesystem
-
-
Code Review / policy / docker.git / commitdiff