# See the License for the specific language governing permissions and
# limitations under the License.
-apiVersion: extensions/v1beta1
+apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "common.fullname" . }}
labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ .Release.Name }}
+ release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
+ selector:
+ matchLabels:
+ app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
- release: {{ .Release.Name }}
+ release: {{ include "common.release" . }}
spec:
initContainers:
{{- if .Values.initJob.enabled }}
- name: {{ include "common.name" . }}-job-completion
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+ image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
command:
- - /root/job_complete.py
+ - /app/ready.py
args:
- --job-name
- {{ include "common.fullname" . }}-workflow-init
image: "{{ include "common.repository" . }}/{{ .Values.image }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ports:
- - containerPort: {{ .Values.service.internalPort }}
- - containerPort: {{ .Values.service.internalPort2 }}
+ - containerPort: {{ template "wfd-be.internalPort" . }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ template "wfd-be.internalPort" . }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ template "wfd-be.internalPort" . }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: CS_HOSTS
- value: "{{ .Values.config.cassandraHosts }}"
+ value: "{{ .Values.global.cassandra.serviceName }}"
- name: CS_PORT
value: "{{ .Values.config.cassandraClientPort }}"
- name: CS_AUTHENTICATE
value: "{{ .Values.config.cassandraAuthenticationEnabled }}"
- name: CS_USER
valueFrom:
- secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_user}
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_user}
- name: CS_PASSWORD
valueFrom:
- secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password}
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: sdc_password}
- name: CS_SSL_ENABLED
value: "{{ .Values.config.cassandraSSLEnabled }}"
- name: CS_TRUST_STORE_PATH
value: "{{ .Values.config.cassandraTrustStorePath }}"
- name: CS_TRUST_STORE_PASSWORD
- value: "{{ .Values.config.cassandraTrustStorePassword }}"
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_truststore_password}
- name: SDC_PROTOCOL
value: "{{ .Values.config.sdcProtocol }}"
- name: SDC_ENDPOINT
- name: SDC_USER
value: "{{ .Values.config.sdcExternalUser }}"
- name: SDC_PASSWORD
- value: "{{ .Values.config.sdcExternalUserPassword }}"
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: wf_external_user_password}
- name: SERVER_SSL_ENABLED
value: "{{ .Values.config.serverSSLEnabled }}"
- name: SERVER_SSL_KEYSTORE_TYPE
- value: "{{ .Values.config.ser }}"
+ value: "{{ .Values.config.serverSSLKeyStoreType }}"
- name: SERVER_SSL_KEYSTORE_PATH
value: "{{ .Values.config.serverSSLKeyStorePath }}"
- name: SERVER_SSL_KEY_PASSWORD
- value: "{{ .Values.config.serverSSLKeyPassword }}"
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: keystore_password}
+ - name: SERVER_SSL_TRUSTSTORE_TYPE
+ value: "{{ .Values.config.serverSSLTrustStoreType }}"
+ - name: SERVER_SSL_TRUSTSTORE_PATH
+ value: "{{ .Values.config.serverSSLTrustStorePath }}"
+ - name: SERVER_SSL_TRUST_PASSWORD
+ valueFrom:
+ secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: truststore_password}
volumeMounts:
- {{ if .Values.config.cassandraSSLEnabled }}
- - name: {{ include "common.fullname" . }}-cassandra-client-truststore
- mountPath: /config/cassandra-client-truststore
- subPath: truststore
- readOnly: true
- {{- end }}
- {{ if .Values.config.serverSSLEnabled }}
- - name: {{ include "common.fullname" . }}-server-https-keystore
- mountPath: /config/server-https-keystore
- subPath: keystore
- readOnly: true
- {{- end }}
+ - name: sdc-cert
+ mountPath: /keystore
+ subPath: org.onap.sdc.p12
+ - name: sdc-cert
+ mountPath: /truststore
+ subPath: org.onap.sdc.trust.jks
volumes:
- {{ if .Values.config.cassandraSSLEnabled }}
- - name: {{ include "common.fullname" . }}-cassandra-client-truststore
- hostPath:
- path: /config/cassandra-client-truststore
- {{- end }}
- {{ if .Values.config.serverSSLEnabled }}
- - name: {{ include "common.fullname" . }}-server-https-keystore
- hostPath:
- path: /config/server-https-keystore
- {{- end }}
+ - name: sdc-cert
+ secret:
+ secretName: sdc-cert
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
Code Review / oom.git / blobdiff