- name: common
version: ~12.x-0
repository: '@local'
- - name: certInitializer
- version: ~12.x-0
- repository: '@local'
- name: postgres
version: ~12.x-0
repository: '@local'
- name: repositoryGenerator
version: ~12.x-0
repository: '@local'
+ - name: readinessCheck
+ version: ~12.x-0
+ repository: '@local'
error_log /var/log/nginx/error.log;
server {
- listen *:8703 ssl;
- server_name
- ssl on;
- ssl_certificate {{ .Values.certInitializer.credsPath }}/certs/cert.pem;
- ssl_certificate_key {{ .Values.certInitializer.credsPath }}/certs/cert.key;
- ssl_session_cache builtin:1000 shared:SSL:80m;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
- ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;
- ssl_prefer_server_ciphers on;
- ssl_session_timeout 10m;
+ listen {{ .Values.service.internalPort }};
+ server_name {{ .Values.service.name }};
keepalive_timeout 70;
location / {
{{/*
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
apiVersion: apps/v1
kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
+ selector: {{- include "common.selectors" . | nindent 4 }}
+ replicas: {{ .Values.replicaCount }}
template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- name: {{ include "common.name" . }}
+ metadata: {{- include "common.templateMetadata" . | nindent 6 }}
spec:
- initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
+ initContainers:
- command:
- sh
args:
image: {{ include "repositoryGenerator.image.envsubst" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-update-config
-
- - command:
- - /app/ready.py
- args:
- - --container-name
- - "{{ .Values.postgres.nameOverride }}"
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
+ {{ include "common.readinessCheck.waitFor" . | nindent 6 }}
containers:
- image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}
- resources:
-{{ include "common.resources" . | indent 12 }}
- volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
+ ports: {{ include "common.containerPorts" . | nindent 8 }}
+ resources: {{ include "common.resources" . | nindent 10 }}
+ volumeMounts:
- mountPath: /service/webapps/ROOT/WEB-INF/classes/mybatis/configuration/configuration.xml
name: init-data
subPath: configuration.xml
periodSeconds: {{ .Values.readiness.periodSeconds }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
- volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
+ volumes:
- name: init-data-input
configMap:
name: {{ include "common.fullname" . }}
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
{{ include "common.ingress" . }}
{{/*
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
- name: init-data
mountPath: /aaa/init/marketplace_tables_postgres.sql
subPath: marketplace_tables_postgres.sql
+ {{ include "common.waitForJobContainer" . | indent 6 | trim }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
volumes:
{{/*
# Copyright © 2017 Amdocs, Bell Canada
+# Modification © 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# limitations under the License.
*/}}
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- {{if eq .Values.service.type "NodePort" -}}
- - port: {{ .Values.service.internalPort }}
- nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- {{- else -}}
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- {{- end}}
- name: {{ .Values.service.portName | default "http" }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
+{{ include "common.service" . }}
\ No newline at end of file
# Copyright © 2017 Amdocs, Bell Canada
+# Modifications © 2023 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
password: '{{ .Values.postgres.config.pgUserPassword }}'
passwordPolicy: generate
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
- nameOverride: refrepo-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: refrepo
- fqi: refrepo@refrepo.onap.org
- fqi_namespace: org.onap.refrepo
- public_fqdn: refrepo.onap.org
- cadi_longitude: "0.0"
- cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- aaf_add_config: |
- echo "*** transform AAF certs into pem files"
- mkdir -p {{ .Values.credsPath }}/certs
- echo "keystore password: $$cadi_keystore_password_p12"
- openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
- -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
- -passin pass:$cadi_keystore_password_p12 \
- -passout pass:$cadi_keystore_password_p12
- echo "*** copy key"
- cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
- {{ .Values.credsPath }}/certs/cert.key
- echo "*** change ownership of certificates to targeted user"
- chown -R 999 {{ .Values.credsPath }}/certs
-
-
#################################################################
# Application configuration defaults.
#################################################################
service:
type: NodePort
name: refrepo
- portName: https
- nodePort: 97
internalPort: 8703
+ ports:
+ - name: http
+ port: 8703
+ nodePort: '97'
ingress:
enabled: false
port: 8703
config:
ssl: "redirect"
+
+readinessCheck:
+ wait_for:
+ - '{{ .Values.postgres.nameOverride }}'
+
+wait_for_job_container:
+ containers:
+ - '{{ include "common.name" . }}-job'
Code Review / oom.git / commitdiff