Merge "[AAI] Make aai log level configurable"

[oom.git] / kubernetes / so / components / so-nssmf-adapter / templates / deployment.yaml

diff --git a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml
index d07f58e..5aea302 100755 (executable)
--- a/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml
+++ b/kubernetes/so/components/so-nssmf-adapter/templates/deployment.yaml
@@ -1,3 +1,4 @@
+{{/*
 # Copyright © 2020 Huawei Technologies Co., Ltd.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -11,6 +12,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+*/}}
 apiVersion: apps/v1
 kind: Deployment
 metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
@@ -24,24 +26,10 @@ spec:
       maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
       maxSurge: {{ index .Values.updateStrategy.maxSurge }}
   template:
-    metadata:
-      labels: {{- include "common.labels" . | nindent 8 }}
+    metadata: {{- include "common.templateMetadata" . | nindent 6 }}
     spec:
-      initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }}
-        - name: {{ include "common.name" . }}-readiness
-          command:
-            - /app/ready.py
-          args:
-            - --job-name
-            - {{ include "common.release" . }}-so-mariadb-config-job
-          env:
-            - name: NAMESPACE
-              valueFrom:
-                fieldRef:
-                  apiVersion: v1
-                  fieldPath: metadata.namespace
-          image: {{ include "common.repository" . }}/{{ .Values.global.readinessImage }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+      initContainers:
+      {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }}
       containers:
         - name: {{ include "common.name" . }}
           command:
@@ -51,28 +39,15 @@ spec:
             - |
               export BPEL_PASSWORD=`htpasswd -bnBC 10 "" $BPEL_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`
               export ACTUATOR_PASSWORD=`htpasswd -bnBC 10 "" $ACTUATOR_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`
-              {{- if .Values.global.aafEnabled }}
-              export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
-              export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
-              {{- if .Values.global.security.aaf.enabled }}
-              export KEYSTORE_PASSWORD="${cadi_keystore_password}"
-              {{- end }}
-              {{- end }}
               ./start-app.sh
-          image: {{ include "common.repository" . }}/{{ .Values.image }}
+          image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
           resources: {{ include "common.resources" . | nindent 12 }}
           ports: {{- include "common.containerPorts" . | nindent 12  }}
           env:
             - name: DB_HOST
-              valueFrom:
-                secretKeyRef:
-                  name: {{ include "common.release" . }}-so-db-secrets
-                  key: mariadb.readwrite.host
+              value: {{ include "common.mariadbService" . }}
             - name: DB_PORT
-              valueFrom:
-                secretKeyRef:
-                  name: {{ include "common.release" . }}-so-db-secrets
-                  key: mariadb.readwrite.port
+              value: {{ include "common.mariadbPort" . | quote }}
             - name: DB_USERNAME
               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }}
             - name: DB_PASSWORD
@@ -89,20 +64,16 @@ spec:
               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }}
             - name: ACTUATOR_PASSWORD_INPUT
               {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }}
-            {{ include "so.certificates.env" . | indent 8 | trim }}
           envFrom:
             - configMapRef:
                 name: {{ include "common.fullname" . }}-env
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }}
+          volumeMounts:
             - name: logs
               mountPath: /app/logs
             - name: config
               mountPath: /app/config
               readOnly: true
-            - name: {{ include "common.fullname" . }}-truststore
-              mountPath: /app/client
-              readOnly: true
           livenessProbe:
             httpGet:
               path: {{ index .Values.livenessProbe.path}}
@@ -113,14 +84,11 @@ spec:
             timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}}
             successThreshold: {{ index .Values.livenessProbe.successThreshold}}
             failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
-      volumes: {{ include "so.certificate.volumes" . | nindent 8 }}
+      serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
+      volumes:
         - name: logs
           emptyDir: {}
         - name: config
           configMap:
             name: {{ include "common.fullname" . }}
-        - name:  {{ include "common.fullname" . }}-truststore
-          secret:
-            secretName: {{ include "common.release" . }}-so-truststore-secret
-      imagePullSecrets:
-        - name: "{{ include "common.namespace" . }}-docker-registry-key"
+      {{- include "common.imagePullSecrets" . | nindent 6 }}