labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
+ release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
replicas: {{ .Values.replicaCount }}
metadata:
labels:
app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
+ release: {{ include "common.release" . }}
spec:
initContainers:
- name: {{ include "common.name" . }}-job-completion
- /root/job_complete.py
args:
- --job-name
- - {{ .Release.Name }}-sdc-onboarding-be-cassandra-init
+ - {{ include "common.release" . }}-sdc-onboarding-be-cassandra-init
env:
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
+ - name: {{ include "common.name" . }}-update-config
+ image: "{{ .Values.global.envsubstImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - sh
+ args:
+ - -c
+ - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
+ env:
+ - name: KEYSTORE_PASS
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.release" . }}-sdc-cs-secrets
+ key: keystore_password
+ - name: TRUSTSTORE_PASS
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.release" . }}-sdc-cs-secrets
+ key: truststore_password
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-environments
+ mountPath: /config-input/
+ - name: sdc-environments-output
+ mountPath: /config-output/
+ - name: volume-permissions
+ image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - /bin/sh
+ - -c
+ - |
+ chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} //onboard/cert
+ securityContext:
+ runAsUser: 0
+ volumeMounts:
+ - name: {{ include "common.fullname" . }}-cert-storage
+ mountPath: "/onboard/cert"
containers:
- name: {{ include "common.name" . }}
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- containerPort: {{ .Values.service.internalPort2 }}
{{ if eq .Values.liveness.enabled true }}
livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
+ exec:
+ command:
+ - "/var/lib/jetty/ready-probe.sh"
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
{{ end }}
readinessProbe:
exec:
command:
- - "/var/lib/ready-probe.sh"
+ - "/var/lib/jetty/ready-probe.sh"
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
resources:
{{ include "common.resources" . | indent 12 }}
env:
fieldPath: status.podIP
- name: SDC_USER
valueFrom:
- secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user}
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}
- name: SDC_PASSWORD
valueFrom:
- secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password}
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}
+ - name: SDC_CERT_DIR
+ value: {{ .Values.cert.certDir }}
volumeMounts:
- - name: {{ include "common.fullname" . }}-environments
- mountPath: /root/chef-solo/environments/
+ - name: sdc-environments-output
+ mountPath: /var/lib/jetty/chef-solo/environments/
+ - name: sdc-cert
+ mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
+ subPath: org.onap.sdc.p12
+ - name: sdc-cert
+ mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
+ subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
readOnly: true
- name: {{ include "common.fullname" . }}-logback
mountPath: /tmp/logback.xml
subPath: logback.xml
+ - name: {{ include "common.fullname" . }}-cert-storage
+ mountPath: "{{ .Values.cert.certDir }}"
lifecycle:
postStart:
exec:
- name: {{ include "common.fullname" . }}-localtime
hostPath:
path: /etc/localtime
+ - name: sdc-cert
+ secret:
+ secretName: sdc-cert
- name: {{ include "common.fullname" . }}-filebeat-conf
configMap:
- name: {{ .Release.Name }}-sdc-filebeat-configmap
+ name: {{ include "common.release" . }}-sdc-filebeat-configmap
- name: {{ include "common.fullname" . }}-data-filebeat
emptyDir: {}
- name: {{ include "common.fullname" . }}-logback
name : {{ include "common.fullname" . }}-logging-configmap
- name: {{ include "common.fullname" . }}-environments
configMap:
- name: {{ .Release.Name }}-sdc-environments-configmap
+ name: {{ include "common.release" . }}-sdc-environments-configmap
defaultMode: 0755
+ - name: sdc-environments-output
+ emptyDir: { medium: "Memory" }
- name: {{ include "common.fullname" . }}-logs
emptyDir: {}
+ - name: {{ include "common.fullname" . }}-cert-storage
+ persistentVolumeClaim:
+ claimName: {{ include "common.fullname" . }}-cert
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
Code Review / oom.git / blobdiff