imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}
env:
+ {{- range $cred := .Values.credentials }}
+ - name: {{ $cred.name }}
+ {{- include "common.secret.envFromSecretFast" (dict "global" $ "uid" $cred.uid "key" $cred.key) | indent 10 }}
+ {{- end }}
{{- if $certDir }}
- name: DCAE_CA_CERTPATH
value: {{ $certDir }}/cacert.pem
volumeMounts:
- mountPath: /app-config
name: app-config
+ - mountPath: /app-config-input
+ name: app-config-input
{{- if $logDir }}
- mountPath: {{ $logDir}}
name: component-log
{{- if $certDir }}
- mountPath: {{ $certDir }}
name: tls-info
- {{- if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+ {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{- include "common.certManager.volumeMountsReadOnly" . | nindent 8 -}}
{{- end -}}
{{- end }}
{{- if $certDir }}
- emptyDir: {}
name: tls-info
- {{ if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+ {{ if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{ include "common.certManager.volumesReadOnly" . | nindent 6 }}
{{- end }}
{{- end }}
*/}}
{{- define "dcaegen2-services-common._certPostProcessor" -}}
{{- $certDir := default "" .Values.certDirectory . -}}
- {{- if and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+ {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{- $cmpv2Certificate := (index .Values.certificates 0) -}}
{{- $cmpv2CertificateDir := $cmpv2Certificate.mountPath -}}
{{- $certType := "pem" -}}
value: {{ $keystoreDestinationPaths | quote }}
{{- end }}
{{- end -}}
+
+{{/*
+ Template returns string "true" if CMPv2 certificates should be used and nothing (so it can be used in with statements)
+ when they shouldn't. Example use:
+ {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
+
+*/}}
+{{- define "dcaegen2-services-common.shouldUseCmpv2Certificates" -}}
+ {{- $certDir := default "" .Values.certDirectory . -}}
+ {{- if (and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration .Values.useCmpv2Certificates) -}}
+ true
+ {{- end -}}
+{{- end -}}
# limitations under the License.
*/}}
-{{ if and .Values.certDirectory .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{ include "certManagerCertificate.certificate" . }}
{{ end }}
passwordPolicy: required
# CMPv2 certificate
-# It is used only when global parameter cmpv2Enabled is true
+# It is used only when:
+# - certDirectory is set
+# - global cmpv2Enabled flag is set to true
+# - global CertManagerIntegration flag is set to true
+# - flag useCmpv2Certificates is set to true
# Disabled by default
+useCmpv2Certificates: false
certificates:
- mountPath: /etc/ves-hv/ssl/external
commonName: dcae-hv-ves-collector
# limitations under the License.
*/}}
-{{ if and .Values.certDirectory .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{ include "certManagerCertificate.certificate" . }}
{{ end }}
tlsServer: true
# CMPv2 certificate
-# It is used only when global parameter cmpv2Enabled is true
+# It is used only when:
+# - certDirectory is set
+# - global cmpv2Enabled flag is set to true
+# - global CertManagerIntegration flag is set to true
+# - flag useCmpv2Certificates is set to true
# Disabled by default
+useCmpv2Certificates: false
certificates:
- mountPath: /opt/app/dcae-certificate/external
commonName: dcae-ves-collector
livenessProbe:
httpGet:
path: /sdc2/rest/healthCheck
- port: {{ .Values.liveness.port }}
- scheme: {{ if (include "common.needTLS" .) }}HTTPS{{ else }}HTTP{{ end }}
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
- exec:
- command:
- - "/var/lib/jetty/ready-probe.sh"
+ httpGet:
+ path: /sdc2/rest/healthCheck
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
failureThreshold: {{ .Values.readiness.failureThreshold }}
resources: {{ include "common.resources" . | nindent 12 }}
startupProbe:
- exec:
- command:
- - "/var/lib/jetty/ready-probe.sh"
+ httpGet:
+ path: /sdc2/rest/healthCheck
+ port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
periodSeconds: {{ .Values.startup.periodSeconds }}
timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
fieldPath: status.podIP
volumeMounts:
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/environments/
+ mountPath: /app/jetty/chef-solo/environments/
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
lifecycle:
postStart:
exec:
- command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+ command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
# side car containers
- name: {{ include "common.name" . }}-filebeat-onap
image: {{ include "repositoryGenerator.image.logging" . }}
- name: {{ include "common.fullname" . }}-environments
mountPath: /home/onap/chef-solo/environments/
- name: sdc-logs
- mountPath: /var/lib/jetty/logs
+ mountPath: /home/onap/logs
env:
- name: ENVNAME
value: {{ .Values.env.name }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-backend-all-plugins:1.8.5
-backendInitImage: onap/sdc-backend-init:1.8.5
+image: onap/sdc-backend-all-plugins:1.9.0
+backendInitImage: onap/sdc-backend-init:1.9.0
pullPolicy: Always
failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
- port: api
enabled: true
readiness:
type: NodePort
name: sdc-be
both_tls_and_plain: true
+ internalPort: 8080
msb:
- port: 8443
url: "/sdc/v1"
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/sdc-cassandra:1.8.5
-cassandraInitImage: onap/sdc-cassandra-init:1.8.5
+image: onap/sdc-cassandra:1.9.0
+cassandraInitImage: onap/sdc-cassandra-init:1.9.0
pullPolicy: Always
config:
value: {{ .Values.config.javaOptions }}
volumeMounts:
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/environments/
+ mountPath: /app/jetty/chef-solo/environments/
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-configs
- mountPath: /var/lib/jetty/config/catalog-fe/plugins-configuration.yaml
+ mountPath: /app/jetty/config/catalog-fe/plugins-configuration.yaml
subPath: plugins-configuration.yaml
- name: {{ include "common.fullname" . }}-logback
mountPath: /tmp/logback.xml
lifecycle:
postStart:
exec:
- command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/catalog-fe/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+ command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/catalog-fe/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
# side car containers
- name: {{ include "common.name" . }}-filebeat-onap
image: {{ include "repositoryGenerator.image.logging" . }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-frontend:1.8.5
+image: onap/sdc-frontend:1.9.0
pullPolicy: Always
config:
- containerPort: {{ .Values.service.internalPort2 }}
{{ if eq .Values.liveness.enabled true }}
livenessProbe:
- exec:
- command:
- - "/var/lib/jetty/ready-probe.sh"
+ httpGet:
+ path: /onboarding-api/v1.0/healthcheck
+ port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
failureThreshold: {{ .Values.liveness.failureThreshold }}
{{ end }}
readinessProbe:
- exec:
- command:
- - "/var/lib/jetty/ready-probe.sh"
+ httpGet:
+ path: /onboarding-api/v1.0/healthcheck
+ port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
successThreshold: {{ .Values.readiness.successThreshold }}
failureThreshold: {{ .Values.readiness.failureThreshold }}
startupProbe:
- exec:
- command:
- - "/var/lib/jetty/ready-probe.sh"
+ httpGet:
+ path: /onboarding-api/v1.0/healthcheck
+ port: {{ .Values.service.internalPort2 }}
initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
periodSeconds: {{ .Values.startup.periodSeconds }}
timeoutSeconds: {{ .Values.startup.timeoutSeconds }}
value: {{ .Values.cert.certDir }}
volumeMounts:
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/environments/
+ mountPath: /app/jetty/chef-solo/environments/
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
subPath: org.onap.sdc.p12
- name: sdc-environments-output
- mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
+ mountPath: /app/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
subPath: org.onap.sdc.trust.jks
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
lifecycle:
postStart:
exec:
- command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/var/lib/jetty/config/onboarding-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+ command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/app/jetty/config/onboarding-be/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
# side car containers
- name: {{ include "common.name" . }}-filebeat-onap
image: {{ include "repositoryGenerator.image.logging" . }}
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-onboard-backend:1.8.5
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.8.5
+image: onap/sdc-onboard-backend:1.9.0
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.9.0
pullPolicy: Always
# flag to enable debugging - application support required
##Certificate storage persistence
##This is temporary solution for SDC-1980
cert:
- certDir: /var/lib/jetty/cert
+ certDir: /app/jetty/cert
persistence:
enabled: true
size: 10Mi
- name: sdc-helm-validator
version: ~8.x-0
repository: 'file://components/sdc-helm-validator'
- condition: sdc-helm-validator.enabled
+ condition: sdcHelmValidator.enabled
"VnfRepo": {
"vnfRepoPort": "{{.Values.config.environment.vnfRepoPort}}",
"vnfRepoHost": "refrepo.{{include "common.namespace" .}}"
+ },
+ "HelmValidator": {
+ "validator_enabled": "{{.Values.sdcHelmValidator.enabled}}",
+ "helm_version": "{{.Values.sdcHelmValidator.helmVersion}}",
+ "deployable": "{{.Values.sdcHelmValidator.deployable}}",
+ "lintable": "{{.Values.sdcHelmValidator.lintable}}",
+ "strict_lintable": "{{.Values.sdcHelmValidator.strictLintable}}",
+ "validator_url": "{{.Values.sdcHelmValidator.url}}"
}
},
"override_attributes": {
# dependency / sub-chart configuration
sdc-wfd:
enabled: true
-sdc-helm-validator:
+sdcHelmValidator:
enabled: true
+ helmVersion: 3.5.2
+ deployable: true
+ lintable: false
+ strictLintable: false
+ url: http://sdc-helm-validator:8080/validate
Code Review / oom.git / commitdiff