[SDC] Service Mesh Compliance for SDC

Adding basic requirements for Service Mesh Compliance within SDC.

Change-Id: Ib9104ef2e8b6daf0b9b529288cee158b297ce9e4
Issue-ID: OOM-2253
Signed-off-by: rope252 <gareth.roper@est.tech>
Signed-off-by: othman touijer <othman.touijer@soprasteria.com>
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl b/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl
deleted file mode 100644
index 546bab7..0000000
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl
+++ /dev/null
@@ -1 +0,0 @@
-{{- define "wfd-fe.internalPort" }}{{ if .Values.config.isHttpsEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }}
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
index b703e66..d573090 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
@@ -98,11 +98,11 @@
             ./startup.sh
           {{- end }}
           ports:
-          - containerPort: {{ template "wfd-fe.internalPort" . }}
+          - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
           {{ if .Values.liveness.enabled }}
           livenessProbe:
             tcpSocket:
-              port: {{ template "wfd-fe.internalPort" . }}
+              port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
             periodSeconds: {{ .Values.liveness.periodSeconds }}
             successThreshold: {{ .Values.liveness.successThreshold }}
@@ -110,14 +110,14 @@
           {{ end }}
           readinessProbe:
             tcpSocket:
-              port: {{ template "wfd-fe.internalPort" . }}
+              port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
             successThreshold: {{ .Values.readiness.successThreshold }}
             failureThreshold: {{ .Values.readiness.failureThreshold }}
           startupProbe:
             tcpSocket:
-              port: {{ template "wfd-fe.internalPort" . }}
+              port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
             initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
             periodSeconds: {{ .Values.startup.periodSeconds }}
             successThreshold: {{ .Values.startup.successThreshold }}
@@ -128,13 +128,13 @@
           - name: JAVA_OPTIONS
             value: {{ .Values.config.javaOptions }}
           - name: BACKEND
-            value: {{ .Values.config.backendServerURL }}
+            value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.backendServerURL.https .Values.config.backendServerURL.http }}"
           - name: IS_HTTPS
-            value: "{{ .Values.config.isHttpsEnabled}}"
-            {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
+            value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}"
+            {{- if and (include "common.needTLS" .) (eq .Values.security.isDefaultStore false) }}
           - name: TRUST_ALL
             value: "{{ .Values.config.isTrustAll}}"
-            {{ end }}
+            {{- end }}
           volumeMounts:
           - name: {{ include "common.fullname" . }}-localtime
             mountPath: /etc/localtime
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
index bc838ac..08feb5a 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
@@ -31,7 +31,7 @@
           "version": "v1",
           "url": "/",
           "protocol": "UI",
-          "port": "{{ .Values.service.internalPort2 }}",
+          "port": "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}",
           "visualRange":"0|1"
       }
       ]'
@@ -39,13 +39,13 @@
   type: {{ .Values.service.type }}
   ports:
     {{if eq .Values.service.type "NodePort" -}}
-    - port: {{ template "wfd-fe.internalPort" . }}
+    - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName  }}
+      name: {{ .Values.service.portName  }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
     {{- else -}}
-    - port:  {{ if .Values.config.isHttpsEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }}
-      targetPort: {{ template "wfd-fe.internalPort" . }}
-      name: {{ .Values.service.portName }}
+    - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }}
+      targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
+      name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
     {{- end}}
   selector:
     app: {{ include "common.name" . }}
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
index b3e3b39..c7e680a 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
@@ -55,8 +55,9 @@
 
 config:
   javaOptions: "-Xmx256m -Xms256m"
-  backendServerURL: "https://sdc-wfd-be:8443"
-  isHttpsEnabled: true
+  backendServerURL:
+    https: "https://sdc-wfd-be:8443"
+    http: "http://sdc-wfd-be:8080"
   # following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties
   isTrustAll: true
 # https relevant settings. Change in case you have other trust files then default ones.