diff options
| author |   Dominik Mizyn <d.mizyn@samsung.com> | 2020-04-14 18:03:53 +0200 |
|---|---|---|
| committer | Dominik Mizyn <d.mizyn@samsung.com> | 2020-05-08 13:07:16 +0200 |
| commit | 4aa534fa3920335f1ec899331b435ac6b8c8521b (patch) | |
| tree | 0d96fb381e3e9fbdaad27cd0754e333803dfb028 /kubernetes/policy/charts/policy-distribution/templates/deployment.yaml | |
| parent | 60d0cc8d265cf1c4cf98cf60fcded73296bc49fc (diff) | |
[POLICY] Remove hardcoded credentials from policy-distribution
This patch remove hardcoded healthcheck credentials from
policy-distribution.
Issue-ID: OOM-2342
Signed-off-by: Dominik Mizyn <d.mizyn@samsung.com>
Change-Id: I7c71fcceab030bd7858e8de9fe3f58451ac505d6
[Fix init container]
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Diffstat (limited to 'kubernetes/policy/charts/policy-distribution/templates/deployment.yaml')
| -rw-r--r-- | kubernetes/policy/charts/policy-distribution/templates/deployment.yaml | 36 |
1 files changed, 35 insertions, 1 deletions
diff --git a/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml b/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml index 65961d8f8b..b3b017acd3 100644 --- a/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml +++ b/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml @@ -16,6 +16,37 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: + initContainers: + - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: RESTSERVER_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }} + - name: RESTSERVER_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }} + - name: API_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "apiparameters-creds" "key" "login") | indent 10 }} + - name: API_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "apiparameters-creds" "key" "password") | indent 10 }} + - name: PAP_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "papparameters-creds" "key" "login") | indent 10 }} + - name: PAP_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "papparameters-creds" "key" "password") | indent 10 }} + - name: SDCBE_USER + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdcbe-creds" "key" "login") | indent 10 }} + - name: SDCBE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "sdcbe-creds" "key" "password") | indent 10 }} + volumeMounts: + - mountPath: /config-input + name: distributionconfig-input + - mountPath: /config + name: distributionconfig + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-update-config containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -58,9 +89,12 @@ spec: - name: localtime hostPath: path: /etc/localtime - - name: distributionconfig + - name: distributionconfig-input configMap: name: {{ include "common.fullname" . }}-configmap defaultMode: 0755 + - name: distributionconfig + emptyDir: + medium: Memory imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" |