Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
[SO] Remove so-secret component
[oom.git] / kubernetes / so / components / so-nssmf-adapter / templates / deployment.yaml
1 {{/*
2 # Copyright © 2020 Huawei Technologies Co., Ltd.
3 #
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
7 #
8 #       http://www.apache.org/licenses/LICENSE-2.0
9 #
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15 */}}
16 apiVersion: apps/v1
17 kind: Deployment
18 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
19 spec:
20   selector: {{- include "common.selectors" . | nindent 4 }}
21   replicas: {{ index .Values.replicaCount }}
22   minReadySeconds: {{ index .Values.minReadySeconds }}
23   strategy:
24     type: {{ index .Values.updateStrategy.type }}
25     rollingUpdate:
26       maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
27       maxSurge: {{ index .Values.updateStrategy.maxSurge }}
28   template:
29     metadata:
30       labels: {{- include "common.labels" . | nindent 8 }}
31     spec:
32       initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }}
33         - name: {{ include "common.name" . }}-readiness
34           command:
35             - /app/ready.py
36           args:
37             - --job-name
38             - {{ include "common.release" . }}-so-mariadb-config-job
39           env:
40             - name: NAMESPACE
41               valueFrom:
42                 fieldRef:
43                   apiVersion: v1
44                   fieldPath: metadata.namespace
45           image: {{ include "common.repository" . }}/{{ .Values.global.readinessImage }}
46           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
47       containers:
48         - name: {{ include "common.name" . }}
49           command:
50             - sh
51           args:
52             - -c
53             - |
54               export BPEL_PASSWORD=`htpasswd -bnBC 10 "" $BPEL_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`
55               export ACTUATOR_PASSWORD=`htpasswd -bnBC 10 "" $ACTUATOR_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`
56               {{- if .Values.global.aafEnabled }}
57               export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
58               export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
59               {{- if .Values.global.security.aaf.enabled }}
60               export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}"
61               {{- end }}
62               {{- end }}
63               ./start-app.sh
64           image: {{ include "common.repository" . }}/{{ .Values.image }}
65           resources: {{ include "common.resources" . | nindent 12 }}
66           ports: {{- include "common.containerPorts" . | nindent 12  }}
67           env:
68             - name: DB_HOST
69               valueFrom:
70                 secretKeyRef:
71                   name: {{ include "common.release" . }}-so-db-secrets
72                   key: mariadb.readwrite.host
73             - name: DB_PORT
74               valueFrom:
75                 secretKeyRef:
76                   name: {{ include "common.release" . }}-so-db-secrets
77                   key: mariadb.readwrite.port
78             - name: DB_USERNAME
79               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }}
80             - name: DB_PASSWORD
81               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 14 }}
82             - name: DB_ADMIN_USERNAME
83               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 14 }}
84             - name: DB_ADMIN_PASSWORD
85               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 14 }}
86             - name: BPEL_USERNAME
87               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-bpel-creds" "key" "login") | indent 14 }}
88             - name: BPEL_PASSWORD_INPUT
89               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-bpel-creds" "key" "password") | indent 14 }}
90             - name: ACTUATOR_USERNAME
91               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }}
92             - name: ACTUATOR_PASSWORD_INPUT
93               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }}
94             {{ include "so.certificates.env" . | nindent 12 }}
95           envFrom:
96             - configMapRef:
97                 name: {{ include "common.fullname" . }}-env
98           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
99           volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }}
100             - name: logs
101               mountPath: /app/logs
102             - name: config
103               mountPath: /app/config
104               readOnly: true
105           livenessProbe:
106             httpGet:
107               path: {{ index .Values.livenessProbe.path}}
108               port: {{ index .Values.containerPort }}
109               scheme: {{ index .Values.livenessProbe.scheme}}
110             initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
111             periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
112             timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}}
113             successThreshold: {{ index .Values.livenessProbe.successThreshold}}
114             failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
115       volumes: {{ include "so.certificate.volumes" . | nindent 8 }}
116         - name: logs
117           emptyDir: {}
118         - name: config
119           configMap:
120             name: {{ include "common.fullname" . }}
121       imagePullSecrets:
122         - name: "{{ include "common.namespace" . }}-docker-registry-key"
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).