Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 28734e089be80cde68480062edb62e15b6e2f352 / . / kubernetes / so / charts / so-nssmf-adapter / templates / deployment.yaml
blob: 8d1eaf8ea45f9217049d94961e6a8a9cd4899022 [file] [log] [blame]
jananib28734e02020-04-08 21:35:45 +0530[diff] [blame^]1# Copyright © 2020 Huawei Technologies Co., Ltd.
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14apiVersion: apps/v1
15kind: Deployment
16metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
17spec:
18 selector: {{- include "common.selectors" . | nindent 4 }}
19 replicas: {{ index .Values.replicaCount }}
20 minReadySeconds: {{ index .Values.minReadySeconds }}
21 strategy:
22 type: {{ index .Values.updateStrategy.type }}
23 rollingUpdate:
24 maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
25 maxSurge: {{ index .Values.updateStrategy.maxSurge }}
26 template:
27 metadata:
28 labels: {{- include "common.labels" . | nindent 8 }}
29 spec:
30 initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }}
31 - name: {{ include "common.name" . }}-readiness
32 command:
33 - /root/job_complete.py
34 args:
35 - --job-name
36 - {{ include "common.release" . }}-so-mariadb-config-job
37 env:
38 - name: NAMESPACE
39 valueFrom:
40 fieldRef:
41 apiVersion: v1
42 fieldPath: metadata.namespace
43 image: {{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}
44 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
45 containers:
46 - name: {{ include "common.name" . }}
47 command:
48 - sh
49 args:
50 - -c
51 - export BPEL_PASSWORD=`htpasswd -bnBC 10 "" $BPEL_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`; export ACTUATOR_PASSWORD=`htpasswd -bnBC 10 "" $ACTUATOR_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`; ./start-app.sh
52 image: {{ include "common.repository" . }}/{{ .Values.image }}
53 resources: {{ include "common.resources" . | nindent 12 }}
54 ports: {{- include "common.containerPorts" . | nindent 12 }}
55 env:
56 - name: DB_HOST
57 valueFrom:
58 secretKeyRef:
59 name: {{ include "common.release" . }}-so-db-secrets
60 key: mariadb.readwrite.host
61 - name: DB_PORT
62 valueFrom:
63 secretKeyRef:
64 name: {{ include "common.release" . }}-so-db-secrets
65 key: mariadb.readwrite.port
66 - name: DB_USERNAME
67 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }}
68 - name: DB_PASSWORD
69 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 14 }}
70 - name: DB_ADMIN_USERNAME
71 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 14 }}
72 - name: DB_ADMIN_PASSWORD
73 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 14 }}
74 - name: TRUSTSTORE
75 value: {{ .Values.global.client.certs.truststore }}
76 - name: TRUSTSTORE_PASSWORD
77 valueFrom:
78 secretKeyRef:
79 name: {{ .Release.Name}}-so-client-certs-secret
80 key: trustStorePassword
81 - name: BPEL_USERNAME
82 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-bpel-creds" "key" "login") | indent 14 }}
83 - name: BPEL_PASSWORD_INPUT
84 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-bpel-creds" "key" "password") | indent 14 }}
85 - name: ACTUATOR_USERNAME
86 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "login") | indent 14 }}
87 - name: ACTUATOR_PASSWORD_INPUT
88 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "server-actuator-creds" "key" "password") | indent 14 }}
89 {{- if eq .Values.global.security.aaf.enabled true }}
90 - name: KEYSTORE
91 value: {{ .Values.global.client.certs.keystore }}
92 - name: KEYSTORE_PASSWORD
93 valueFrom:
94 secretKeyRef:
95 name: {{ .Release.Name}}-so-client-certs-secret
96 key: keyStorePassword
97 {{- end }}
98 envFrom:
99 - configMapRef:
100 name: {{ include "common.fullname" . }}-env
101 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
102 volumeMounts: {{ include "so.certificate.volume-mounts" . | nindent 12 }}
103 - name: logs
104 mountPath: /app/logs
105 - name: config
106 mountPath: /app/config
107 readOnly: true
108 - name: {{ include "common.fullname" . }}-truststore
109 mountPath: /app/client
110 readOnly: true
111 livenessProbe:
112 httpGet:
113 path: {{ index .Values.livenessProbe.path}}
114 port: {{ index .Values.containerPort }}
115 scheme: {{ index .Values.livenessProbe.scheme}}
116 initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
117 periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
118 timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}}
119 successThreshold: {{ index .Values.livenessProbe.successThreshold}}
120 failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
121 volumes: {{ include "so.certificate.volumes" . | nindent 8 }}
122 - name: logs
123 emptyDir: {}
124 - name: config
125 configMap:
126 name: {{ include "common.fullname" . }}
127 - name: {{ include "common.fullname" . }}-truststore
128 secret:
129 secretName: {{ include "common.release" . }}-so-truststore-secret
130 imagePullSecrets:
131 - name: "{{ include "common.namespace" . }}-docker-registry-key"