certService/helm/aaf-cert-service/templates/deployment.yaml


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

apiVersion: apps/v1
kind: Deployment
metadata:
  name: {{ .Chart.Name }}-deployment
spec:
  selector:
    matchLabels:
      app: {{ .Values.appLabel }}
  replicas: {{ .Values.replicaCount }}
  template:
    metadata:
      labels:
        app: {{ .Values.appLabel }}
    spec:
      volumes:
      - name: {{ .Values.volume.name }}
        secret:
          secretName: {{ .Values.secret.name }}
      - name: {{ .Values.tls.server.volume.name }}
        secret:
          secretName: {{ .Values.tls.server.secret.name }}
      containers:
      - name: aaf-cert-service
        image: {{ .Values.repository }}/{{ .Values.image }}
        imagePullPolicy: {{ .Values.pullPolicy }}
        ports:
        - containerPort: {{ .Values.containerPort }}
        env:
          - name: HTTPS_PORT
            value: "{{ .Values.containerPort }}"
          - name: KEYSTORE_PATH
            value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.jksName }}"
          - name: KEYSTORE_P12_PATH
            value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.p12Name }}"
          - name: TRUSTSTORE_PATH
            value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.jksName }}"
          - name: ROOT_CERT
            value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.crtName }}"
          - name: KEYSTORE_PASSWORD
            value: "{{ .Values.envs.keystore.password }}"
          - name: TRUSTSTORE_PASSWORD
            value: "{{ .Values.envs.truststore.password }}"
        livenessProbe:
          exec:
            command:
              - /bin/bash
              - -c
              - {{ .Values.liveness.command }}
            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
            periodSeconds: {{ .Values.liveness.periodSeconds }}
        readinessProbe:
          exec:
            command:
              - /bin/bash
              - -c
              - {{ .Values.readiness.command }}
            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
            periodSeconds: {{ .Values.readiness.periodSeconds }}
        volumeMounts:
        - name: {{ .Values.volume.name }}
          mountPath: {{ .Values.volume.mountPath }}
          readOnly: true
        - name: {{ .Values.tls.server.volume.name }}
          mountPath: {{ .Values.tls.server.volume.mountPath }}
          readOnly: true
        resources:
          {{ toYaml .Values.resources }}