blob: 116a7cdfed73dc81926fc45be37d7071ae24b879 [file] [log] [blame]
{{/*
# Copyright © 2017 Amdocs, Bell Canada
# Copyright © 2020 Samsung Electronics
# Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ include "common.fullname" . }}
namespace: {{ include "common.namespace" . }}
labels:
app: {{ include "common.name" . }}
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ include "common.release" . }}
heritage: {{ .Release.Service }}
spec:
selector:
matchLabels:
app: {{ include "common.name" . }}
replicas: {{ .Values.replicaCount }}
template:
metadata:
labels:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
- command:
- /app/ready.py
args:
- --job-name
- {{ include "common.fullname" . }}-mariadb-init-config-job
env:
- name: NAMESPACE
valueFrom:
fieldRef:
apiVersion: v1
fieldPath: metadata.namespace
image: {{ include "repositoryGenerator.image.readiness" . }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
{{- if .Values.global.aafEnabled }}
command:
- sh
args:
- -c
- |
export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
export VID_TRUSTSTORE_PLAIN_PASSWORD=${VID_TRUSTSTORE_PASSWORD}
export VID_TRUSTSTORE_PASSWORD=`java -cp /usr/local/tomcat/webapps/vid/WEB-INF/lib/jetty-util-9.4.20.v20190813.jar org.eclipse.jetty.util.security.Password ${VID_TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
/tmp/vid/localize.sh
{{- end }}
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{- if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
env:
- name: ASDC_CLIENT_REST_HOST
value: sdc-be.{{ include "common.namespace" . }}
- name: ASDC_CLIENT_REST_AUTH
value: "{{ .Values.config.asdcclientrestauth }}"
- name: ASDC_CLIENT_REST_PORT
value: "{{ .Values.config.asdcclientrestport }}"
- name: ASDC_CLIENT_REST_PROTOCOL
value: "https"
- name: VID_AAI_URL
value: https://aai.{{ include "common.namespace" . }}:{{ .Values.config.vidaaiport }}
- name: VID_ECOMP_SHARED_CONTEXT_REST_URL
value: http://portal-app.{{ include "common.namespace" . }}:{{ .Values.config.onapport }}/ONAPPORTAL/context
- name: VID_MSO_SERVER_URL
value: http://so.{{ include "common.namespace" . }}:{{ .Values.config.msoport }}/onap/so/infra
- name: VID_MSO_PASS
value: "{{ .Values.config.vidmsopass }}"
- name: MSO_DME2_SERVER_URL
value: "{{ .Values.config.msodme2serverurl }}"
- name: MSO_DME2_ENABLED
value: {{ .Values.global.debugEnabled | default .Values.debugEnabled | quote }}
- name: VID_ECOMP_REDIRECT_URL
value: https://{{ .Values.config.portalhost }}:{{ .Values.config.onapport }}/ONAPPORTAL/login.htm
- name: VID_ECOMP_REST_URL
value: https://portal-app:{{ .Values.config.onapportrest }}/ONAPPORTAL/auxapi
- name: VID_ROLE_ACCESS_CENTRALIZED
value: "{{ .Values.config.roleaccesscentralized }}"
- name: VID_CONTACT_US_LINK
value: "{{ .Values.config.vidcontactuslink }}"
- name: VID_UEB_URL_LIST
value: message-router.{{ include "common.namespace" . }}
- name: VID_MYSQL_HOST
value: {{ include "common.mariadbService" . }}
- name: VID_MYSQL_PORT
value: "{{ include "common.mariadbPort" . }}"
- name: VID_MYSQL_DBNAME
value: {{ index .Values "mariadb-galera" "db" "name" }}
- name: VID_MYSQL_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "vid-db-user-secret" "key" "login") | indent 14 }}
- name: VID_MYSQL_PASS
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "vid-db-user-secret" "key" "password") | indent 14 }}
- name: VID_MYSQL_MAXCONNECTIONS
value: "{{ .Values.config.vidmysqlmaxconnections }}"
{{- if .Values.global.aafEnabled }}
- name: VID_KEYSTORE_FILENAME
value: "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.jks"
- name: VID_TRUSTSTORE_FILENAME
value: "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.trust.jks"
{{- end }}
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- mountPath: "{{ .Values.log.path }}"
name: vid-logs
- mountPath: /tmp/logback.xml
name: vid-logback
subPath: logback.xml
- mountPath: /opt/app/vid
name: vid-cache
resources:
{{ include "common.resources" . | indent 12 }}
{{- if .Values.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
{{- end -}}
{{- if .Values.affinity }}
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
# side car containers
{{ include "common.log.sidecar" . | nindent 8 }}
volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime
{{ include "common.log.volumes" . | nindent 8 }}
- name: vid-cache
emptyDir: {}
- name: vid-logs
emptyDir: {}
- name: vid-logback
configMap:
name: {{ include "common.fullname" . }}-log-configmap
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"