[SDNC] SDNC ServiceMesh compatibility

[oom.git] / kubernetes / sdnc / components / sdnc-web / templates / deployment.yaml

diff --git a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml
index 52345de..03432d3 100644 (file)
--- a/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml
+++ b/kubernetes/sdnc/components/sdnc-web/templates/deployment.yaml
@@ -14,11 +14,10 @@
 # limitations under the License.
 */}}
 
-nclude "common.repository" . }}apiVersion: apps/v1
+apiVersion: apps/v1
 kind: Deployment
 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
 spec:
-  serviceName: "sdnc-web"
   replicas: {{ .Values.replicaCount }}
   selector: {{- include "common.selectors" . | nindent 4 }}
   template:
@@ -26,7 +25,7 @@ spec:
     spec:
       initContainers: {{ include "common.certInitializer.initContainer" . | indent 6 }}
       - name: {{ include "common.name" . }}-readiness
-        image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
+        image: {{ include "repositoryGenerator.image.readiness" . }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         command:
         - /app/ready.py
@@ -42,7 +41,7 @@ spec:
 
       containers:
         - name: {{ include "common.name" . }}
-          image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+          image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           ports: {{- include "common.containerPorts" . | indent 10 }}
           # disable liveness probe when breakpoints set in debugger
@@ -50,45 +49,61 @@ spec:
           {{ if .Values.liveness.enabled }}
           livenessProbe:
             tcpSocket:
-              port: {{ .Values.service.internalPort }}
+              port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }}
             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
             periodSeconds: {{ .Values.liveness.periodSeconds }}
           {{ end }}
           readinessProbe:
             tcpSocket:
-              port: {{ .Values.service.internalPort }}
+              port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }}
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
           env:
           - name: WEBPROTOCOL
-            value: {{ .Values.config.webProtocol }}
+            value: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webProtocol .Values.config.webPlainProtocol }}
           - name: WEBPORT
-            value: {{ .Values.config.webPort | quote }}
+            value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webPort .Values.config.webPlainPort | quote }}
           - name: SDNRPROTOCOL
-            value: {{ .Values.config.sdnrProtocol }}
+            value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrProtocol .Values.config.sdnrPlainProtocol }}
           - name: SDNRHOST
-            value: {{ .Values.config.sdnrHost }}.{{ include "common.namespace" . }}
+            value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrHost .Values.config.sdnrPlainHost }}.{{ include "common.namespace" . }}
           - name: SDNRPORT
-            value: {{ .Values.config.sdnrPort | quote }}
+            value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrPort .Values.config.sdnrPlainPort | quote }}
+          {{ if (include "common.needTLS" .) }}
           - name: SSL_CERT_DIR
             value: {{ .Values.config.sslCertDir }}
           - name: SSL_CERTIFICATE
             value: {{ .Values.config.sslCertiticate }}
           - name: SSL_CERTIFICATE_KEY
             value: {{ .Values.config.sslCertKey }}
+          {{ end }}
+          {{ if .Values.config.transportpce.enabled }}
+          - name: TRPCEURL
+            value: {{ .Values.config.transportpce.transportpceUrl }}
+          {{ end }}
+          {{ if .Values.config.topologyserver.enabled }}
+          - name: TOPOURL
+            value: {{ .Values.config.topologyserver.topologyserverUrl }}
+          - name: TILEURL
+            value: {{ .Values.config.topologyserver.tileserverUrl }}
+          {{ end }}
+          - name: ENABLE_OAUTH
+            value: "{{ .Values.config.oauth.enabled | default "false" }}"
+          - name: ENABLE_ODLUX_RBAC
+            value: "{{ .Values.config.oauth.odluxRbac.enabled | default "false" }}"
           volumeMounts:  {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
 
           resources: {{ include "common.resources" . | nindent 12 }}
-        {{- if .Values.nodeSelector }}
-        nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
-        {{- end -}}
-        {{- if .Values.affinity }}
-        affinity:
-{{ toYaml .Values.affinity | indent 10 }}
-        {{- end }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
+      {{- end }}
+      {{- if .Values.affinity }}
+      affinity: {{ toYaml .Values.affinity | nindent 8 }}
+      {{- end }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
       volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
       - name: localtime
         hostPath: