diff options
| author |   Konrad Bańka <k.banka@samsung.com> | 2020-10-28 16:49:19 +0100 |
|---|---|---|
| committer | Konrad Ba?ka <k.banka@samsung.com> | 2020-11-23 00:32:15 +0000 |
| commit | 32d44e977649f3a4085a565adfbede964a029657 (patch) | |
| tree | d635d9c0d989305be8a29c62e576bd5eac85a8e3 /kubernetes/a1policymanagement/templates/deployment.yaml | |
| parent | 8c3f7856d4e6e9df0a35f090bfcbef8586937cf5 (diff) | |
[CCSDK] Make a1policymanagement react on ConfigMap updates
Updated Deployment spec to template ConfigMap files in runtime allowing
live reaction of application to config changes.
Provided Configmaps with scripts to handle monitoring configmap-provided
files.
Updated envsubst to explicitly point to downloaded version.
Issue-ID: CCSDK-2958
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Change-Id: I22e18f2838c0956f899cb9fa96d9fd862e6c6942
(cherry picked from commit 52c38b98b8410de74e545f5cd7f79c2d959bc81a)
Diffstat (limited to 'kubernetes/a1policymanagement/templates/deployment.yaml')
| -rw-r--r-- | kubernetes/a1policymanagement/templates/deployment.yaml | 32 |
1 files changed, 30 insertions, 2 deletions
diff --git a/kubernetes/a1policymanagement/templates/deployment.yaml b/kubernetes/a1policymanagement/templates/deployment.yaml index 6987bd41c5..1a2866b981 100644 --- a/kubernetes/a1policymanagement/templates/deployment.yaml +++ b/kubernetes/a1policymanagement/templates/deployment.yaml @@ -1,6 +1,7 @@ {{/* ################################################################################ # Copyright (c) 2020 Nordix Foundation. # +# Copyright © 2020 Samsung Electronics, Modifications # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -27,14 +28,14 @@ spec: labels: {{- include "common.labels" . | nindent 8 }} spec: initContainers: - - name: {{ include "common.name" . }}-update-config + - name: {{ include "common.name" . }}-bootstrap-config image: "{{ .Values.global.envsubstImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} command: - sh args: - -c - - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done" + - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; chmod o+w /config/${PFILE}; done" env: - name: A1CONTROLLER_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }} @@ -46,6 +47,29 @@ spec: - mountPath: /config name: config containers: + - name: {{ include "common.name" . }}-update-config + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + securityContext: + runAsGroup: {{ .Values.groupID }} + runAsUser: {{ .Values.userID }} + runAsNonRoot: true + command: + - sh + args: + - /tmp/scripts/daemon.sh + env: + - name: A1CONTROLLER_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "login") | indent 10 }} + - name: A1CONTROLLER_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "controller-secret" "key" "password") | indent 10 }} + volumeMounts: + - mountPath: /tmp/scripts + name: {{ include "common.fullname" . }}-envsubst-scripts + - mountPath: /config-input + name: {{ include "common.fullname" . }}-policy-conf-input + - mountPath: /config + name: config - name: {{ include "common.name" . }} image: {{ include "common.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} @@ -70,6 +94,10 @@ spec: - name: {{ include "common.fullname" . }}-policy-conf-input configMap: name: {{ include "common.fullname" . }}-policy-conf + defaultMode: 0555 + - name: {{ include "common.fullname" . }}-envsubst-scripts + configMap: + name: {{ include "common.fullname" . }}-envsubst-scripts - name: config emptyDir: medium: Memory |