Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 544863d73ef1137faaf031513ac6868ebf101953 / . / kubernetes / common / etcd-init / templates / job.yaml
blob: 69bcfaaf99c8e39c2217fd1f9ab8f8f8236097b2 [file] [log] [blame]
krishnaa96544863d2021-05-11 18:29:49 +0530[diff] [blame^]1{{/*
2# Copyright (C) 2021 Wipro Limited.
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15*/}}
16apiVersion: batch/v1
17kind: Job
18metadata:
19 name: {{ include "common.fullname" . }}-job
20 namespace: {{ include "common.namespace" . }}
21 labels:
22 app: {{ include "common.name" . }}
23 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
24 release: {{ include "common.release" . }}
25 heritage: {{ .Release.Service }}
26spec:
27 backoffLimit: {{ .Values.backoffLimit }}
28 template:
29 metadata:
30 labels:
31 app: {{ include "common.name" . }}
32 release: {{ include "common.release" . }}
33 name: {{ include "common.name" . }}
34 spec:
35 initContainers:
36 - name: {{ include "common.name" . }}-readiness
37 command:
38 - /app/ready.py
39 args:
40 - --container-name
41 - {{ .Values.etcd.containerName }}
42 env:
43 - name: NAMESPACE
44 valueFrom:
45 fieldRef:
46 apiVersion: v1
47 fieldPath: metadata.namespace
48 image: {{ include "repositoryGenerator.image.readiness" . }}
49 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
50 containers:
51 - name: {{ include "common.name" . }}
52 image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
53 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
54 command:
55 - /bin/sh
56 - -ec
57 - |
58 # Create users
59 export ETCDCTL_ENDPOINTS=http://${ETCD_HOST}:${ETCD_PORT}
60 export ETCDCTL_API=3
61 echo "${ROOT_PASSWORD}" | etcdctl user add root --interactive=false
62 echo "${APP_PASSWORD}" | etcdctl user add ${APP_USER} --interactive=false
63
64 # Create roles
65 etcdctl role add ${APP_ROLE}
66 etcdctl role grant-permission ${APP_ROLE} --prefix=true readwrite ${KEY_PREFIX}
67
68 etcdctl user grant-role ${APP_USER} ${APP_ROLE}
69 etcdctl auth enable
70 env:
71 - name: ALLOW_NONE_AUTHENTICATION
72 value: "yes"
73 - name: ETCD_HOST
74 value: "{{ .Values.etcd.serviceName }}.{{ include "common.namespace" . }}"
75 - name: ETCD_PORT
76 value: "{{ .Values.etcd.port }}"
77 - name: ROOT_PASSWORD
78 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "root-password" "key" "password" ) | indent 10 }}
79 - name: APP_USER
80 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-creds" "key" "login") | indent 10 }}
81 - name: APP_PASSWORD
82 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-creds" "key" "password") | indent 10 }}
83 - name: APP_ROLE
84 value: "{{ .Values.config.appRole }}"
85 - name: KEY_PREFIX
86 value: "{{ .Values.config.keyPrefix }}"
87 volumeMounts:
88 - mountPath: /etc/localtime
89 name: localtime
90 readOnly: true
91 resources: {{ include "common.resources" . | nindent 12 }}
92 {{- if .Values.nodeSelector }}
93 nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
94 {{- end -}}
95 {{- if .Values.affinity }}
96 affinity: {{ toYaml .Values.affinity | nindent 10 }}
97 {{- end }}
98 volumes:
99 - name: localtime
100 hostPath:
101 path: /etc/localtime
102 restartPolicy: Never
103 imagePullSecrets:
104 - name: "{{ include "common.namespace" . }}-docker-registry-key"