blob: 1d7e0498af18616b9777210406d7910429648cab [file] [log] [blame]
Grzegorz-Lis4fad3022020-07-31 10:18:21 +02001apiVersion: apps/v1
Chenfei Gao9292e882019-02-27 22:14:45 -05002kind: Deployment
Andreas Geisslerf10c5552023-03-21 18:09:46 +01003metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
Chenfei Gao9292e882019-02-27 22:14:45 -05004spec:
Andreas Geisslerf10c5552023-03-21 18:09:46 +01005 selector: {{- include "common.selectors" . | nindent 4 }}
Chenfei Gao9292e882019-02-27 22:14:45 -05006 replicas: {{ .Values.replicaCount }}
7 template:
Andreas Geisslerf10c5552023-03-21 18:09:46 +01008 metadata: {{- include "common.templateMetadata" . | nindent 6 }}
Chenfei Gao9292e882019-02-27 22:14:45 -05009 spec:
Chenfei Gao8fdac3a2019-04-12 14:39:40 -040010 initContainers:
11 - command:
Sylvain Desbureaux1694e1d2020-08-21 09:58:25 +020012 - /app/ready.py
Chenfei Gao8fdac3a2019-04-12 14:39:40 -040013 args:
jhhd4258672020-08-09 12:08:08 -050014 - --job-name
saul.gillef208b02023-04-26 16:16:05 +010015{{ if not .Values.global.postgres.localCluster }}
jhhd4258672020-08-09 12:08:08 -050016 - {{ include "common.release" . }}-policy-galera-config
saul.gillef208b02023-04-26 16:16:05 +010017{{ else }}
18 - {{ include "common.release" . }}-policy-pg-config
19{{ end }}
Chenfei Gao8fdac3a2019-04-12 14:39:40 -040020 env:
21 - name: NAMESPACE
22 valueFrom:
23 fieldRef:
24 apiVersion: v1
25 fieldPath: metadata.namespace
Sylvain Desbureaux7c8c6862020-11-19 18:02:37 +010026 image: {{ include "repositoryGenerator.image.readiness" . }}
Chenfei Gao8fdac3a2019-04-12 14:39:40 -040027 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
28 name: {{ include "common.name" . }}-readiness
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020029 - command:
30 - sh
31 args:
32 - -c
Taka Choebd62952020-10-08 13:50:09 -040033 - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020034 env:
35 - name: SQL_USER
Dominik Mizyn11038102020-04-14 17:14:42 +020036 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12 }}
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020037 - name: SQL_PASSWORD
Dominik Mizyn11038102020-04-14 17:14:42 +020038 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 12 }}
39 - name: RESTSERVER_USER
40 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 12 }}
41 - name: RESTSERVER_PASSWORD
42 {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 12 }}
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020043 volumeMounts:
44 - mountPath: /config-input
45 name: apiconfig
46 - mountPath: /config
47 name: apiconfig-processed
Sylvain Desbureaux7c8c6862020-11-19 18:02:37 +010048 image: {{ include "repositoryGenerator.image.envsubst" . }}
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020049 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
50 name: {{ include "common.name" . }}-update-config
Chenfei Gao9292e882019-02-27 22:14:45 -050051 containers:
52 - name: {{ include "common.name" . }}
Sylvain Desbureaux7c8c6862020-11-19 18:02:37 +010053 image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
Chenfei Gao9292e882019-02-27 22:14:45 -050054 imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
55 command: ["/opt/app/policy/api/bin/policy-api.sh"]
a.sreekumar2f377362022-02-09 12:40:57 +000056 args: ["/opt/app/policy/api/etc/mounted/apiParameters.yaml"]
Andreas Geisslerf10c5552023-03-21 18:09:46 +010057 ports: {{ include "common.containerPorts" . | nindent 12 }}
Chenfei Gao9292e882019-02-27 22:14:45 -050058 # disable liveness probe when breakpoints set in debugger
59 # so K8s doesn't restart unresponsive container
60 {{- if eq .Values.liveness.enabled true }}
61 livenessProbe:
62 tcpSocket:
63 port: {{ .Values.service.internalPort }}
64 initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
65 periodSeconds: {{ .Values.liveness.periodSeconds }}
66 {{ end -}}
67 readinessProbe:
a.sreekumar2f377362022-02-09 12:40:57 +000068 httpGet:
69 path: {{ .Values.readiness.api }}
Chenfei Gao9292e882019-02-27 22:14:45 -050070 port: {{ .Values.service.internalPort }}
a.sreekumar2f377362022-02-09 12:40:57 +000071 httpHeaders:
72 - name: Authorization
73 value: Basic {{ printf "%s:%s" .Values.restServer.user .Values.restServer.password | b64enc }}
Andreas Geisslerf10c5552023-03-21 18:09:46 +010074 scheme: HTTP
a.sreekumar2f377362022-02-09 12:40:57 +000075 successThreshold: {{ .Values.readiness.successThreshold }}
76 failureThreshold: {{ .Values.readiness.failureThreshold }}
Chenfei Gao9292e882019-02-27 22:14:45 -050077 initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
78 periodSeconds: {{ .Values.readiness.periodSeconds }}
a.sreekumar2f377362022-02-09 12:40:57 +000079 timeoutSeconds: {{ .Values.readiness.timeout }}
Chenfei Gao9292e882019-02-27 22:14:45 -050080 volumeMounts:
81 - mountPath: /etc/localtime
82 name: localtime
83 readOnly: true
84 - mountPath: /opt/app/policy/api/etc/mounted
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +020085 name: apiconfig-processed
miroslavmasaryka7ac7f02023-03-01 14:12:26 +010086 resources: {{ include "common.resources" . | nindent 12 }}
Chenfei Gao9292e882019-02-27 22:14:45 -050087 {{- if .Values.nodeSelector }}
88 nodeSelector:
89{{ toYaml .Values.nodeSelector | indent 10 }}
90 {{- end -}}
91 {{- if .Values.affinity }}
92 affinity:
93{{ toYaml .Values.affinity | indent 10 }}
94 {{- end }}
farida azmyc1178372021-04-11 12:55:33 +020095 serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
Chenfei Gao9292e882019-02-27 22:14:45 -050096 volumes:
97 - name: localtime
98 hostPath:
99 path: /etc/localtime
100 - name: apiconfig
101 configMap:
102 name: {{ include "common.fullname" . }}-configmap
103 defaultMode: 0755
Krzysztof Opasiak09d1b312020-03-31 23:44:22 +0200104 - name: apiconfig-processed
105 emptyDir:
106 medium: Memory
Chenfei Gao9292e882019-02-27 22:14:45 -0500107 imagePullSecrets:
saul.gillef208b02023-04-26 16:16:05 +0100108 - name: "{{ include "common.namespace" . }}-docker-registry-key"