kind: Deployment
apiVersion: apps/v1
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
+metadata:
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+ release: "{{ include "common.release" . }}"
+ heritage: "{{ .Release.Service }}"
spec:
replicas: {{ index .Values.replicaCount }}
selector: {{- include "common.selectors" . | nindent 4 }}
metadata:
labels: {{- include "common.labels" . | nindent 8 }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- name: {{ include "common.name" . }}-bootstrap-config
- image: "{{ .Values.global.envsubstImage }}"
+ image: {{ include "repositoryGenerator.image.envsubst" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command:
- sh
args:
- -c
- - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; chmod o+w /config/${PFILE}; done"
+ - |
+ export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop\
+ | xargs -0)
+ cd /config-input
+ for PFILE in `ls -1`
+ do
+ envsubst <${PFILE} >/config/${PFILE}
+ chmod o+w /config/${PFILE}
+ done
+ cat /config/application.yaml
env:
- name: A1CONTROLLER_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }}
- name: A1CONTROLLER_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "password") | indent 10 }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
- mountPath: /config-input
name: {{ include "common.fullname" . }}-policy-conf-input
- mountPath: /config
- mountPath: /config
name: config
- name: {{ include "common.name" . }}
- image: {{ include "common.repository" . }}/{{ .Values.image }}
+ image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports: {{ include "common.containerPorts" . | nindent 10 }}
readinessProbe:
scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
- name: config
- mountPath: /opt/app/policy-agent/data
+ mountPath: /opt/app/policy-agent/data/application_configuration.json
+ subPath: application_configuration.json
+ - name: config
+ mountPath: /opt/app/policy-agent/config/application.yaml
+ subPath: application.yaml
+ - name: vardata
+ mountPath: "/var/policy-management-service/database"
resources: {{ include "common.resources" . | nindent 10 }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: {{ include "common.fullname" . }}-policy-conf-input
configMap:
name: {{ include "common.fullname" . }}-policy-conf
- defaultMode: 0555
- name: {{ include "common.fullname" . }}-envsubst-scripts
configMap:
name: {{ include "common.fullname" . }}-envsubst-scripts
+ defaultMode: 0555
- name: config
emptyDir:
medium: Memory
+ - name: vardata
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}
Code Review / oom.git / blobdiff