aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/policy/charts/policy-xacml-pdp/templates
diff options
context:
space:
mode:
authorjhh <jorge.hernandez-herrero@att.com>2020-08-09 12:08:08 -0500
committerJorge Hernandez <jorge.hernandez-herrero@att.com>2020-08-27 21:06:19 +0000
commitd425867ae1c52a9b31a06f1dea8810c1c7a0af65 (patch)
tree15f646c0ab60a2df0916ffd155790b81150b9ff4 /kubernetes/policy/charts/policy-xacml-pdp/templates
parent15c9df97f8bd5d7871b7287a2f525059e3ccb033 (diff)
[POLICY] certInit support + refactoring
Several changes are including in this patch: - certInitializer support (POLICY-2615, REQ-361) - renamed policy objects to start with "policy-" prefix (POLICY-1000) - add resources section to components that did not have or had it incorrectly set up rendering null (POLICY-2502) - Removal of legacy policy-engine components (POLICY-2743) - Miscellaneous refactoring of charts (POLICY-2745) - update pdp legacy reference to policy-xacml-pdp from pdp (legacy) Issue-ID: POLICY-2615 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: I8b6984a663bbb14d331a366ec02b6dd38755cde7 Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Diffstat (limited to 'kubernetes/policy/charts/policy-xacml-pdp/templates')
-rw-r--r--kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml32
-rw-r--r--kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml115
-rw-r--r--kubernetes/policy/charts/policy-xacml-pdp/templates/secrets.yaml15
-rw-r--r--kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml37
4 files changed, 0 insertions, 199 deletions
diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml
deleted file mode 100644
index 3ca4f82963..0000000000
--- a/kubernetes/policy/charts/policy-xacml-pdp/templates/configmap.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-# ============LICENSE_START=======================================================
-# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright (C) 2020 Nordix Foundation.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-configmap
- namespace: {{ include "common.namespace" . }}
-{{- with .Files.Glob "resources/config/*store" }}
-binaryData:
-{{- range $path, $bytes := . }}
- {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }}
-{{- end }}
-{{- end }}
-data:
-{{ tpl (.Files.Glob "resources/config/*.{json,properties,xml}").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml
deleted file mode 100644
index 3580018eb4..0000000000
--- a/kubernetes/policy/charts/policy-xacml-pdp/templates/deployment.yaml
+++ /dev/null
@@ -1,115 +0,0 @@
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: {{ include "common.fullname" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- selector:
- matchLabels:
- app: {{ include "common.name" . }}
- replicas: {{ .Values.replicaCount }}
- template:
- metadata:
- labels:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}
- spec:
- initContainers:
- - command:
- - /root/ready.py
- args:
- - --container-name
- - {{ include "common.release" . }}-galera-config
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
- - command:
- - sh
- args:
- - -c
- - "export SQL_PASSWORD_BASE64=`echo -n ${SQL_PASSWORD} | base64`; cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
- env:
- - name: RESTSERVER_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }}
- - name: RESTSERVER_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "password") | indent 10 }}
- - name: API_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "login") | indent 10 }}
- - name: API_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "api-creds" "key" "password") | indent 10 }}
- - name: SQL_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
- - name: SQL_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
- volumeMounts:
- - mountPath: /config-input
- name: pdpxconfig
- - mountPath: /config
- name: pdpxconfig-processed
- image: "{{ .Values.global.envsubstImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-update-config
- containers:
- - name: {{ include "common.name" . }}
- image: "{{ include "common.repository" . }}/{{ .Values.image }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command: ["/opt/app/policy/pdpx/bin/policy-pdpx.sh"]
- args: ["/opt/app/policy/pdpx/etc/mounted/config.json"]
- ports:
- - containerPort: {{ .Values.service.internalPort }}
- # disable liveness probe when breakpoints set in debugger
- # so K8s doesn't restart unresponsive container
- {{- if eq .Values.liveness.enabled true }}
- livenessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- {{ end -}}
- readinessProbe:
- tcpSocket:
- port: {{ .Values.service.internalPort }}
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- - mountPath: /opt/app/policy/pdpx/etc/mounted
- name: pdpxconfig-processed
- emptyDir:
- medium: Memory
- resources:
-{{ include "common.resources" . | indent 12 }}
- {{- if .Values.nodeSelector }}
- nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity:
-{{ toYaml .Values.affinity | indent 10 }}
- {{- end }}
- volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: pdpxconfig
- configMap:
- name: {{ include "common.fullname" . }}-configmap
- defaultMode: 0755
- - name: pdpxconfig-processed
- emptyDir:
- medium: Memory
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/secrets.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/secrets.yaml
deleted file mode 100644
index bd7eb8ea40..0000000000
--- a/kubernetes/policy/charts/policy-xacml-pdp/templates/secrets.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml b/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml
deleted file mode 100644
index 33b990f208..0000000000
--- a/kubernetes/policy/charts/policy-xacml-pdp/templates/service.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-# ============LICENSE_START=======================================================
-# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-
-apiVersion: v1
-kind: Service
-metadata:
- name: {{ include "common.servicename" . }}
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-spec:
- type: {{ .Values.service.type }}
- ports:
- - port: {{ .Values.service.externalPort }}
- targetPort: {{ .Values.service.internalPort }}
- name: {{ .Values.service.portName }}
- selector:
- app: {{ include "common.name" . }}
- release: {{ include "common.release" . }}