blob: d57309004dd57968c6afcae10fb4bc70ce557c97 [file] [log] [blame]
Jakub Latusekd8eaff62020-10-21 13:36:29 +02001{{/*
priyanshu3af9db62018-08-16 16:23:52 +05302# Copyright © 2018 Amdocs, Bell Canada
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
Jakub Latusekd8eaff62020-10-21 13:36:29 +020015*/}}
priyanshu3af9db62018-08-16 16:23:52 +053016
kwasiel59cc6a42020-07-23 10:02:49 +000017apiVersion: apps/v1
priyanshu3af9db62018-08-16 16:23:52 +053018kind: Deployment
19metadata:
20 name: {{ include "common.fullname" . }}
21 namespace: {{ include "common.namespace" . }}
22 labels:
23 app: {{ include "common.name" . }}
24 chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
Krzysztof Opasiak137d7cc2020-01-24 23:49:11 +010025 release: {{ include "common.release" . }}
priyanshu3af9db62018-08-16 16:23:52 +053026 heritage: {{ .Release.Service }}
27spec:
kwasiel59cc6a42020-07-23 10:02:49 +000028 selector:
29 matchLabels:
30 app: {{ include "common.name" . }}
priyanshu3af9db62018-08-16 16:23:52 +053031 replicas: {{ .Values.replicaCount }}
32 template:
33 metadata:
34 labels:
35 app: {{ include "common.name" . }}
Krzysztof Opasiak137d7cc2020-01-24 23:49:11 +010036 release: {{ include "common.release" . }}
priyanshu3af9db62018-08-16 16:23:52 +053037 spec:
ChrisC742a7b22020-09-04 11:29:57 +020038 initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
priyanshu3af9db62018-08-16 16:23:52 +053039 - name: {{ include "common.name" . }}-readiness
40 command:
Sylvain Desbureaux1694e1d2020-08-21 09:58:25 +020041 - /app/ready.py
priyanshu3af9db62018-08-16 16:23:52 +053042 args:
43 - --container-name
44 - "sdc-wfd-be"
45 env:
46 - name: NAMESPACE
47 valueFrom:
48 fieldRef:
49 apiVersion: v1
50 fieldPath: metadata.namespace
Sylvain Desbureaux0a1eaf32020-11-19 17:56:08 +010051 image: {{ include "repositoryGenerator.image.readiness" . }}
priyanshu3af9db62018-08-16 16:23:52 +053052 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ChrisC32172342020-10-02 16:39:13 +020053 resources:
54 limits:
55 cpu: 100m
56 memory: 100Mi
57 requests:
58 cpu: 3m
59 memory: 20Mi
ChrisC742a7b22020-09-04 11:29:57 +020060 {{- if .Values.global.aafEnabled }}
61 - name: {{ include "common.fullname" . }}-move-cert
62 command:
63 - /bin/sh
64 args:
65 - -c
66 - |
67 cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /sdc-certs/{{ .Values.certInitializer.keystoreFile }}
68 cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /sdc-certs/{{ .Values.certInitializer.truststoreFile }}
69 cp {{ .Values.certInitializer.credsPath }}/mycreds.prop /sdc-certs/mycreds.prop
Sylvain Desbureaux0a1eaf32020-11-19 17:56:08 +010070 image: {{ include "repositoryGenerator.image.busybox" . }}
ChrisC742a7b22020-09-04 11:29:57 +020071 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
72 volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
73 - name: sdc-certs
74 mountPath: /sdc-certs
ChrisC32172342020-10-02 16:39:13 +020075 resources:
76 limits:
77 cpu: 100m
78 memory: 100Mi
79 requests:
80 cpu: 3m
81 memory: 20Mi
ChrisC742a7b22020-09-04 11:29:57 +020082 {{- end }}
priyanshu3af9db62018-08-16 16:23:52 +053083 containers:
84 - name: {{ include "common.name" . }}
Sylvain Desbureaux0a1eaf32020-11-19 17:56:08 +010085 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
priyanshu3af9db62018-08-16 16:23:52 +053086 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
ChrisC742a7b22020-09-04 11:29:57 +020087 {{- if .Values.global.aafEnabled }}
88 command:
89 - sh
90 args:
91 - "-c"
92 - |
93 export $(grep '^c' /sdc-certs/mycreds.prop | xargs -0)
94 export KEYSTORE_PASS=$cadi_keystore_password_p12
95 export TRUSTSTORE_PASS=$cadi_truststore_password
96 export KEYSTORE_PATH=/etc/{{ .Values.certInitializer.keystoreFile }}
97 export TRUSTSTORE_PATH=/etc/{{ .Values.certInitializer.truststoreFile }}
98 ./startup.sh
99 {{- end }}
priyanshu3af9db62018-08-16 16:23:52 +0530100 ports:
othman touijer2b764d02022-01-05 14:40:37 +0100101 - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
priyanshu3af9db62018-08-16 16:23:52 +0530102 {{ if .Values.liveness.enabled }}
103 livenessProbe:
104 tcpSocket:
othman touijer2b764d02022-01-05 14:40:37 +0100105 port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
priyanshu3af9db62018-08-16 16:23:52 +0530106 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
107 periodSeconds: {{ .Values.liveness.periodSeconds }}
Sylvain Desbureaux8c9416b2021-05-05 11:12:48 +0200108 successThreshold: {{ .Values.liveness.successThreshold }}
109 failureThreshold: {{ .Values.liveness.failureThreshold }}
priyanshu3af9db62018-08-16 16:23:52 +0530110 {{ end }}
111 readinessProbe:
112 tcpSocket:
othman touijer2b764d02022-01-05 14:40:37 +0100113 port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
priyanshu3af9db62018-08-16 16:23:52 +0530114 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
115 periodSeconds: {{ .Values.readiness.periodSeconds }}
Sylvain Desbureaux8c9416b2021-05-05 11:12:48 +0200116 successThreshold: {{ .Values.readiness.successThreshold }}
117 failureThreshold: {{ .Values.readiness.failureThreshold }}
118 startupProbe:
119 tcpSocket:
othman touijer2b764d02022-01-05 14:40:37 +0100120 port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
Sylvain Desbureaux8c9416b2021-05-05 11:12:48 +0200121 initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
122 periodSeconds: {{ .Values.startup.periodSeconds }}
123 successThreshold: {{ .Values.startup.successThreshold }}
124 failureThreshold: {{ .Values.startup.failureThreshold }}
priyanshu3af9db62018-08-16 16:23:52 +0530125 env:
126 - name: ENVNAME
ChrisC742a7b22020-09-04 11:29:57 +0200127 value: {{ .Values.env.name }}
priyanshu3af9db62018-08-16 16:23:52 +0530128 - name: JAVA_OPTIONS
129 value: {{ .Values.config.javaOptions }}
130 - name: BACKEND
othman touijer2b764d02022-01-05 14:40:37 +0100131 value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.backendServerURL.https .Values.config.backendServerURL.http }}"
dfx1971b2734ed2019-05-07 10:35:58 +0300132 - name: IS_HTTPS
othman touijer2b764d02022-01-05 14:40:37 +0100133 value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}"
134 {{- if and (include "common.needTLS" .) (eq .Values.security.isDefaultStore false) }}
IlanaPc80bff92019-11-18 21:10:08 +0200135 - name: TRUST_ALL
136 value: "{{ .Values.config.isTrustAll}}"
othman touijer2b764d02022-01-05 14:40:37 +0100137 {{- end }}
priyanshu3af9db62018-08-16 16:23:52 +0530138 volumeMounts:
139 - name: {{ include "common.fullname" . }}-localtime
140 mountPath: /etc/localtime
141 readOnly: true
ChrisC742a7b22020-09-04 11:29:57 +0200142 {{- if .Values.global.aafEnabled }}
143 - name: sdc-certs
Jakub Latusekd06aa1f2020-09-24 18:48:18 +0200144 mountPath: /sdc-certs/mycreds.prop
145 subPath: mycreds.prop
ChrisC742a7b22020-09-04 11:29:57 +0200146 - name: sdc-certs
147 mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.keystoreFile }}
148 subPath: {{ .Values.certInitializer.keystoreFile }}
149 - name: sdc-certs
150 mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.truststoreFile }}
151 subPath: {{ .Values.certInitializer.truststoreFile }}
152 {{ end }}
ChrisC32172342020-10-02 16:39:13 +0200153 resources: {{ include "common.resources" . | nindent 12 }}
priyanshu3af9db62018-08-16 16:23:52 +0530154 {{- if .Values.nodeSelector }}
155 nodeSelector:
156{{ toYaml .Values.nodeSelector | indent 10 }}
157 {{- end -}}
158 {{- if .Values.affinity }}
159 affinity:
160{{ toYaml .Values.affinity | indent 10 }}
161 {{- end }}
priyanshu3af9db62018-08-16 16:23:52 +0530162 # side car containers
Maciej Wereski771ec2a2021-10-14 13:59:12 +0000163 {{ include "common.log.sidecar" . | nindent 8 }}
farida azmy1383b4c2021-04-06 12:33:31 +0200164 serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
ChrisC742a7b22020-09-04 11:29:57 +0200165 volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
priyanshu3af9db62018-08-16 16:23:52 +0530166 - name: {{ include "common.fullname" . }}-localtime
167 hostPath:
168 path: /etc/localtime
ChrisC742a7b22020-09-04 11:29:57 +0200169 {{- if .Values.global.aafEnabled }}
170 - name: sdc-certs
171 emptyDir:
172 medium: "Memory"
173 {{- end }}
Maciej Wereski771ec2a2021-10-14 13:59:12 +0000174 {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix . )) | nindent 8 }}
175 - name: logs
priyanshu3af9db62018-08-16 16:23:52 +0530176 emptyDir: {}
177 imagePullSecrets:
kwasiel59cc6a42020-07-23 10:02:49 +0000178 - name: "{{ include "common.namespace" . }}-docker-registry-key"