blob: 9408c1f5569ff7bf470d3e5aa2e5a114b998acd0 [file] [log] [blame]
Jakub Latusek44f0fdd2020-10-21 13:36:29 +02001{{/*
AndrewLamb8e090442020-10-15 09:28:09 +01002# Copyright © 2020 Nordix Foundation
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
Jakub Latusek44f0fdd2020-10-21 13:36:29 +020015*/}}
AndrewLamb8e090442020-10-15 09:28:09 +010016
17apiVersion: apps/v1
18kind: Deployment
19metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
20spec:
21 selector: {{- include "common.selectors" . | nindent 4 }}
22 replicas: {{ index .Values.replicaCount }}
23 minReadySeconds: {{ index .Values.minReadySeconds }}
24 strategy:
25 type: {{ index .Values.updateStrategy.type }}
26 rollingUpdate:
27 maxUnavailable: {{ index .Values.updateStrategy.maxUnavailable }}
28 maxSurge: {{ index .Values.updateStrategy.maxSurge }}
29 template:
30 metadata: {{- include "common.templateMetadata" . | nindent 6 }}
31 spec:
32 initContainers: {{ include "so.certificate.container_importer" . | nindent 8 }}
33 containers:
34 - name: {{ include "common.name" . }}
35 command:
36 - sh
37 args:
38 - -c
39 - |
40 export ETSI_NFVO_PASSWORD=`htpasswd -bnBC 10 "" $ETSI_NFVO_PASSWORD_INPUT | tr -d ':\n' | sed 's/\$2y/\$2a/'`
41 {{- if .Values.global.aafEnabled }}
42 export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
43 export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
Sylvain Desbureaux29548232020-10-21 18:15:08 +020044 export TRUSTSTORE="file:/${TRUSTSTORE}"
AndrewLamb8e090442020-10-15 09:28:09 +010045 {{- if .Values.global.security.aaf.enabled }}
46 export KEYSTORE_PASSWORD="${cadi_keystore_password}"
47 {{- end }}
48 {{- end }}
49 ./start-app.sh
50 image: {{ include "common.repository" . }}/{{ .Values.image }}
51 resources: {{ include "common.resources" . | nindent 12 }}
52 env:
53 - name: ETSI_NFVO_USERNAME
54 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "etsi-nfvo-nslcm-creds" "key" "login") | indent 14 }}
55 - name: ETSI_NFVO_PASSWORD_INPUT
56 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "etsi-nfvo-nslcm-creds" "key" "password") | indent 14 }}
rope2524d3f3682020-09-02 20:49:21 +010057 - name: DB_HOST
58 valueFrom:
59 secretKeyRef:
60 name: {{ include "common.release" . }}-so-db-secrets
61 key: mariadb.readwrite.host
62 - name: DB_PORT
63 valueFrom:
64 secretKeyRef:
65 name: {{ include "common.release" . }}-so-db-secrets
66 key: mariadb.readwrite.port
67 - name: DB_USERNAME
68 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "login") | indent 14 }}
69 - name: DB_PASSWORD
70 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-user-creds" "key" "password") | indent 14 }}
71 - name: DB_ADMIN_USERNAME
72 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 14 }}
73 - name: DB_ADMIN_PASSWORD
74 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 14 }}
AndrewLamb8e090442020-10-15 09:28:09 +010075 {{ include "so.certificates.env" . | indent 12 | trim }}
76 envFrom:
77 - configMapRef:
78 name: {{ include "common.fullname" . }}-configmap
79 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
80 volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 12 }}
81 - name: logs
82 mountPath: /app/logs
83 - name: config
84 mountPath: /app/config
85 readOnly: true
86 - name: {{ include "common.fullname" . }}-truststore
87 mountPath: /app/client
Jakub Latusekcda21232020-10-21 14:06:58 +020088 readOnly: true
AndrewLamb8e090442020-10-15 09:28:09 +010089 livenessProbe:
90 tcpSocket:
91 port: {{ index .Values.livenessProbe.port }}
92 initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
93 periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
94 successThreshold: {{ index .Values.livenessProbe.successThreshold}}
95 failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
96 ports: {{ include "common.containerPorts" . | nindent 12 }}
97 volumes: {{ include "so.certificate.volumes" . | nindent 8 }}
98 - name: logs
99 emptyDir: {}
100 - name: config
101 configMap:
102 name: {{ include "common.fullname" . }}-app-configmap
103 - name: {{ include "common.fullname" . }}-truststore
104 secret:
105 secretName: {{ include "common.release" . }}-so-truststore-secret
106 imagePullSecrets:
107 - name: "{{ include "common.namespace" . }}-docker-registry-key"