diff options
| author |   Konrad Bańka <k.banka@samsung.com> | 2020-10-28 16:49:19 +0100 |
|---|---|---|
| committer | Konrad Bańka <k.banka@samsung.com> | 2020-11-05 15:31:17 +0100 |
| commit | 52c38b98b8410de74e545f5cd7f79c2d959bc81a (patch) | |
| tree | 0f7abe0a272cb16c30eecd9339179446d08cc33a /kubernetes/a1policymanagement/templates/deployment.yaml | |
| parent | 2627db3364c949c6e45b55a7b8f408bb4da56948 (diff) | |
[CCSDK] Make a1policymanagement react on ConfigMap updates
Updated Deployment spec to template ConfigMap files in runtime allowing
live reaction of application to config changes.
Provided Configmaps with scripts to handle monitoring configmap-provided
files.
Updated envsubst to explicitly point to downloaded version.
Issue-ID: CCSDK-2958
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Change-Id: I22e18f2838c0956f899cb9fa96d9fd862e6c6942
Diffstat (limited to 'kubernetes/a1policymanagement/templates/deployment.yaml')
| -rw-r--r-- | kubernetes/a1policymanagement/templates/deployment.yaml | 32 |
1 files changed, 30 insertions, 2 deletions
diff --git a/kubernetes/a1policymanagement/templates/deployment.yaml b/kubernetes/a1policymanagement/templates/deployment.yaml index 6987bd41c5..1a2866b981 100644 --- a/kubernetes/a1policymanagement/templates/deployment.yaml +++ b/kubernetes/a1policymanagement/templates/deployment.yaml @@ -1,6 +1,7 @@ {{/* ################################################################################ # Copyright (c) 2020 Nordix Foundation. # +# Copyright © 2020 Samsung Electronics, Modifications # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -27,14 +28,14 @@ spec: labels: {{- include "common.labels" . | nindent 8 }} spec: initContainers: - - name: {{ include "common.name" . }}-update-config + - name: {{ include "common.name" . }}-bootstrap-config image: "{{ .Values.global.envsubstImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - sh args: - -c - - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done" + - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; chmod o+w /config/${PFILE}; done" env: - name: A1CONTROLLER_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }} @@ -46,6 +47,29 @@ spec: - mountPath: /config name: config containers: + - name: {{ include "common.name" . }}-update-config + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + securityContext: + runAsGroup: {{ .Values.groupID }} + runAsUser: {{ .Values.userID }} + runAsNonRoot: true + command: + - sh + args: + - /tmp/scripts/daemon.sh + env: + - name: A1CONTROLLER_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }} + - name: A1CONTROLLER_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "password") | indent 10 }} + volumeMounts: + - mountPath: /tmp/scripts + name: {{ include "common.fullname" . }}-envsubst-scripts + - mountPath: /config-input + name: {{ include "common.fullname" . }}-policy-conf-input + - mountPath: /config + name: config - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -70,6 +94,10 @@ spec: - name: {{ include "common.fullname" . }}-policy-conf-input configMap: name: {{ include "common.fullname" . }}-policy-conf + defaultMode: 0555 + - name: {{ include "common.fullname" . }}-envsubst-scripts + configMap: + name: {{ include "common.fullname" . }}-envsubst-scripts - name: config emptyDir: medium: Memory |