{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ .Values.service.internalPort }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort .Values.service.internalPlainPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: WEBPROTOCOL
- value: {{ .Values.config.webProtocol }}
+ value: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webProtocol .Values.config.webPlainProtocol }}
- name: WEBPORT
- value: {{ .Values.config.webPort | quote }}
+ value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.webPort .Values.config.webPlainPort | quote }}
- name: SDNRPROTOCOL
- value: {{ .Values.config.sdnrProtocol }}
+ value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrProtocol .Values.config.sdnrPlainProtocol }}
- name: SDNRHOST
- value: {{ .Values.config.sdnrHost }}.{{ include "common.namespace" . }}
+ value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrHost .Values.config.sdnrPlainHost }}.{{ include "common.namespace" . }}
- name: SDNRPORT
- value: {{ .Values.config.sdnrPort | quote }}
+ value : {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdnrPort .Values.config.sdnrPlainPort | quote }}
+ {{ if (include "common.needTLS" .) }}
- name: SSL_CERT_DIR
value: {{ .Values.config.sslCertDir }}
- name: SSL_CERTIFICATE
value: {{ .Values.config.sslCertiticate }}
- name: SSL_CERTIFICATE_KEY
value: {{ .Values.config.sslCertKey }}
+ {{ end }}
{{ if .Values.config.transportpce.enabled }}
- name: TRPCEURL
value: {{ .Values.config.transportpce.transportpceUrl }}
- name: TILEURL
value: {{ .Values.config.topologyserver.tileserverUrl }}
{{ end }}
-
+ - name: ENABLE_OAUTH
+ value: "{{ .Values.config.oauth.enabled | default "false" }}"
+ - name: ENABLE_ODLUX_RBAC
+ value: "{{ .Values.config.oauth.odluxRbac.enabled | default "false" }}"
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
resources: {{ include "common.resources" . | nindent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector: {{ toYaml .Values.nodeSelector | nindent 8 }}
+ {{- end }}
+ {{- if .Values.affinity }}
+ affinity: {{ toYaml .Values.affinity | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath: