Merge "[AAI] Make aai log level configurable"

[oom.git] / kubernetes / policy / components / policy-gui / templates / deployment.yaml

diff --git a/kubernetes/policy/components/policy-gui/templates/deployment.yaml b/kubernetes/policy/components/policy-gui/templates/deployment.yaml
index 5a43fc7..a236d5f 100644 (file)
--- a/kubernetes/policy/components/policy-gui/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-gui/templates/deployment.yaml
@@ -20,24 +20,12 @@
 
 apiVersion: apps/v1
 kind: Deployment
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
 spec:
+  selector: {{- include "common.selectors" . | nindent 4 }}
   replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      app: {{ include "common.name" . }}
   template:
-    metadata:
-      labels:
-        app: {{ include "common.name" . }}
-        release: {{ include "common.release" . }}
+    metadata: {{- include "common.templateMetadata" . | nindent 6 }}
     spec:
       initContainers:
       - command:
@@ -46,14 +34,6 @@ spec:
           - -c
           - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
         env:
-        - name: KEYSTORE
-          value: {{ .Values.certStores.keystoreLocation }}
-        - name: KEYSTORE_PASSWD
-          value: {{ .Values.certStores.keyStorePassword }}
-        - name: TRUSTSTORE
-          value: {{ .Values.certStores.truststoreLocation }}
-        - name: TRUSTSTORE_PASSWD
-          value: {{ .Values.certStores.trustStorePassword }}
         - name: POLICY_LOGS
           value: {{ .Values.log.path }}
         volumeMounts:
@@ -67,7 +47,7 @@ spec:
       - command:
         - /app/ready.py
         args:
-        - --container-name
+        - --service-name
         - policy-clamp-runtime-acm
         env:
         - name: NAMESPACE
@@ -78,7 +58,13 @@ spec:
         image: {{ include "repositoryGenerator.image.readiness" . }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-readiness
-{{ include "common.certInitializer.initContainer" . | nindent 6 }}
+        resources:
+          limits:
+            cpu: "100m"
+            memory: "500Mi"
+          requests:
+            cpu: "3m"
+            memory: "20Mi"
       containers:
         # side car containers
         {{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.sidecar" . | nindent 8 }}{{ end }}
@@ -86,22 +72,11 @@ spec:
         - name: {{ include "common.name" . }}
           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-{{- if not (include "common.onServiceMesh" .)  }}
-          command: ["sh","-c"]
-          args: ["source {{ .Values.certInitializer.credsPath }}/.ci;/opt/app/policy/gui/bin/policy-gui.sh"]
-          env:
-{{ else }}
           command: ["/opt/app/policy/gui/bin/policy-gui.sh"]
           env:
-          - name: KEYSTORE_PASSWD
-            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
-          - name: TRUSTSTORE_PASSWD
-            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
-{{ end }}
           - name: CLAMP_URL
             value: http://policy-clamp-runtime-acm:6969
-          ports:
-          - containerPort: {{ .Values.service.internalPort }}
+          ports: {{ include "common.containerPorts" . | nindent 12  }}
           # disable liveness probe when breakpoints set in debugger
           # so K8s doesn't restart unresponsive container
           {{- if eq .Values.liveness.enabled true }}
@@ -116,7 +91,7 @@ spec:
               port: {{ .Values.service.internalPort }}
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
-          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
+          volumeMounts:
           - name: logs
             mountPath: {{ .Values.log.path }}
           - mountPath: /opt/app/policy/gui/etc/application.yml
@@ -125,8 +100,7 @@ spec:
           - mountPath: /opt/app/policy/gui/etc/logback.xml
             name: policy-gui-config-processed
             subPath: logback.xml
-          resources:
-{{ include "common.resources" . | indent 12 }}
+          resources: {{ include "common.resources" . | nindent 12 }}
         {{- if .Values.nodeSelector }}
         nodeSelector:
 {{ toYaml .Values.nodeSelector | indent 10 }}
@@ -136,7 +110,7 @@ spec:
 {{ toYaml .Values.affinity | indent 10 }}
         {{- end }}
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
-      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
+      volumes:
         - name: {{ include "common.fullname" . }}-config
           configMap:
             name: {{ include "common.fullname" . }}
@@ -150,5 +124,4 @@ spec:
         - name: policy-gui-config-processed
           emptyDir:
             medium: Memory
-      imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      {{- include "common.imagePullSecrets" . | nindent 6 }}