1 apiVersion: extensions/v1beta1
4 name: {{ include "common.fullname" . }}
5 namespace: {{ include "common.namespace" . }}
7 app: {{ include "common.name" . }}
8 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
9 release: {{ include "common.release" . }}
10 heritage: {{ .Release.Service }}
12 replicas: {{ .Values.replicaCount }}
16 app: {{ include "common.name" . }}
17 release: {{ include "common.release" . }}
24 - {{ include "common.release" . }}-galera-config
30 fieldPath: metadata.namespace
31 image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
32 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
33 name: {{ include "common.name" . }}-readiness
38 - "export SQL_PASSWORD_BASE64=`echo -n ${SQL_PASSWORD} | base64`; cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
40 - name: RESTSERVER_USER
41 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }}
42 - name: RESTSERVER_PASSWORD
43 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }}
45 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "login") | indent 10 }}
47 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "password") | indent 10 }}
49 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
51 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
53 - mountPath: /config-input
56 name: pdpxconfig-processed
57 image: "{{ .Values.global.envsubstImage }}"
58 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
59 name: {{ include "common.name" . }}-update-config
61 - name: {{ include "common.name" . }}
62 image: "{{ include "common.repository" . }}/{{ .Values.image }}"
63 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
64 command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"]
65 args: ["/opt/app/policy/pdpx/etc/mounted/config.json"]
67 - name: KEYSTORE_PASSWD
68 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
69 - name: TRUSTSTORE_PASSWD
70 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
72 - containerPort: {{ .Values.service.internalPort }}
73 # disable liveness probe when breakpoints set in debugger
74 # so K8s doesn't restart unresponsive container
75 {{- if eq .Values.liveness.enabled true }}
78 port: {{ .Values.service.internalPort }}
79 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
80 periodSeconds: {{ .Values.liveness.periodSeconds }}
84 port: {{ .Values.service.internalPort }}
85 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
86 periodSeconds: {{ .Values.readiness.periodSeconds }}
88 - mountPath: /etc/localtime
91 - mountPath: /opt/app/policy/pdpx/etc/mounted
92 name: pdpxconfig-processed
96 {{ include "common.resources" . | indent 12 }}
97 {{- if .Values.nodeSelector }}
99 {{ toYaml .Values.nodeSelector | indent 10 }}
101 {{- if .Values.affinity }}
103 {{ toYaml .Values.affinity | indent 10 }}
111 name: {{ include "common.fullname" . }}-configmap
113 - name: pdpxconfig-processed
117 - name: "{{ include "common.namespace" . }}-docker-registry-key"