3 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
5 selector: {{- include "common.selectors" . | nindent 4 }}
6 replicas: {{ .Values.replicaCount }}
8 metadata: {{- include "common.templateMetadata" . | nindent 6 }}
15 {{ if not .Values.global.postgres.localCluster }}
16 - {{ include "common.release" . }}-policy-galera-config
18 - {{ include "common.release" . }}-policy-pg-config
25 fieldPath: metadata.namespace
26 image: {{ include "repositoryGenerator.image.readiness" . }}
27 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
28 name: {{ include "common.name" . }}-readiness
33 - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
36 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12 }}
38 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 12 }}
39 - name: RESTSERVER_USER
40 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 12 }}
41 - name: RESTSERVER_PASSWORD
42 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 12 }}
44 - mountPath: /config-input
47 name: apiconfig-processed
48 image: {{ include "repositoryGenerator.image.envsubst" . }}
49 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
50 name: {{ include "common.name" . }}-update-config
52 - name: {{ include "common.name" . }}
53 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
54 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
55 command: ["/opt/app/policy/api/bin/policy-api.sh"]
56 args: ["/opt/app/policy/api/etc/mounted/apiParameters.yaml"]
57 ports: {{ include "common.containerPorts" . | nindent 12 }}
58 # disable liveness probe when breakpoints set in debugger
59 # so K8s doesn't restart unresponsive container
60 {{- if eq .Values.liveness.enabled true }}
63 port: {{ .Values.service.internalPort }}
64 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
65 periodSeconds: {{ .Values.liveness.periodSeconds }}
69 path: {{ .Values.readiness.api }}
70 port: {{ .Values.service.internalPort }}
73 value: Basic {{ printf "%s:%s" .Values.restServer.user .Values.restServer.password | b64enc }}
75 successThreshold: {{ .Values.readiness.successThreshold }}
76 failureThreshold: {{ .Values.readiness.failureThreshold }}
77 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
78 periodSeconds: {{ .Values.readiness.periodSeconds }}
79 timeoutSeconds: {{ .Values.readiness.timeout }}
81 - mountPath: /etc/localtime
84 - mountPath: /opt/app/policy/api/etc/mounted
85 name: apiconfig-processed
86 resources: {{ include "common.resources" . | nindent 12 }}
87 {{- if .Values.nodeSelector }}
89 {{ toYaml .Values.nodeSelector | indent 10 }}
91 {{- if .Values.affinity }}
93 {{ toYaml .Values.affinity | indent 10 }}
95 serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
102 name: {{ include "common.fullname" . }}-configmap
104 - name: apiconfig-processed
108 - name: "{{ include "common.namespace" . }}-docker-registry-key"