diff options
author | amatthews <adrian.matthews@est.tech> | 2021-12-14 16:04:15 +0000 |
---|---|---|
committer | jhh <jorge.hernandez-herrero@att.com> | 2022-10-12 18:20:13 -0500 |
commit | 736bf37d0369fd88154f228efa4d94dd37156486 (patch) | |
tree | 3f5ff0031b8c2a1264a0543e0e9b556491c7486d /kubernetes/policy/components/policy-gui/templates | |
parent | 1712ea65fb6d28e88bcf579dad6b980ea002432e (diff) |
[POLICY] Service Mesh Compliance for Policy
Updating the basic requirements for Service Mesh Compliance within Policy.
Changing the DB jobs and updating the configuration files to use HTTP
Issue-ID: OOM-2253
Change-Id: If1aed68f0ed2f00d6a5cf06e5f95837f9405f65b
Signed-off-by: amatthews <adrian.matthews@est.tech>
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Diffstat (limited to 'kubernetes/policy/components/policy-gui/templates')
3 files changed, 46 insertions, 9 deletions
diff --git a/kubernetes/policy/components/policy-gui/templates/configmap.yaml b/kubernetes/policy/components/policy-gui/templates/configmap.yaml index 4f600882e9..9426b0f54f 100644 --- a/kubernetes/policy/components/policy-gui/templates/configmap.yaml +++ b/kubernetes/policy/components/policy-gui/templates/configmap.yaml @@ -21,7 +21,7 @@ apiVersion: v1 kind: ConfigMap metadata: - name: {{ include "common.fullname" . }} + name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} labels: app: {{ include "common.name" . }} @@ -29,6 +29,6 @@ metadata: release: {{ include "common.release" . }} heritage: {{ .Release.Service }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/*.{xml,yaml,yml}").AsConfig . | indent 2 }} {{ include "common.log.configMap" . }} diff --git a/kubernetes/policy/components/policy-gui/templates/deployment.yaml b/kubernetes/policy/components/policy-gui/templates/deployment.yaml index a155715580..5a43fc71b0 100644 --- a/kubernetes/policy/components/policy-gui/templates/deployment.yaml +++ b/kubernetes/policy/components/policy-gui/templates/deployment.yaml @@ -41,10 +41,34 @@ spec: spec: initContainers: - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: KEYSTORE + value: {{ .Values.certStores.keystoreLocation }} + - name: KEYSTORE_PASSWD + value: {{ .Values.certStores.keyStorePassword }} + - name: TRUSTSTORE + value: {{ .Values.certStores.truststoreLocation }} + - name: TRUSTSTORE_PASSWD + value: {{ .Values.certStores.trustStorePassword }} + - name: POLICY_LOGS + value: {{ .Values.log.path }} + volumeMounts: + - mountPath: /config-input + name: policy-gui-config + - mountPath: /config + name: policy-gui-config-processed + image: {{ include "repositoryGenerator.image.envsubst" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-update-config + - command: - /app/ready.py args: - --container-name - - policy-clamp-be + - policy-clamp-runtime-acm env: - name: NAMESPACE valueFrom: @@ -62,20 +86,20 @@ spec: - name: {{ include "common.name" . }} image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} -{{- if .Values.global.aafEnabled }} +{{- if not (include "common.onServiceMesh" .) }} command: ["sh","-c"] args: ["source {{ .Values.certInitializer.credsPath }}/.ci;/opt/app/policy/gui/bin/policy-gui.sh"] env: -{{- else }} +{{ else }} command: ["/opt/app/policy/gui/bin/policy-gui.sh"] env: - name: KEYSTORE_PASSWD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }} - name: TRUSTSTORE_PASSWD {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }} -{{- end }} +{{ end }} - name: CLAMP_URL - value: https://policy-clamp-be:8443 + value: http://policy-clamp-runtime-acm:6969 ports: - containerPort: {{ .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger @@ -95,6 +119,12 @@ spec: volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - name: logs mountPath: {{ .Values.log.path }} + - mountPath: /opt/app/policy/gui/etc/application.yml + name: policy-gui-config-processed + subPath: application.yml + - mountPath: /opt/app/policy/gui/etc/logback.xml + name: policy-gui-config-processed + subPath: logback.xml resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -113,5 +143,12 @@ spec: - name: logs emptyDir: {} {{ if .Values.global.centralizedLoggingEnabled }}{{ include "common.log.volumes" . | nindent 8 }}{{ end }} + - name: policy-gui-config + configMap: + name: {{ include "common.fullname" . }}-configmap + defaultMode: 0755 + - name: policy-gui-config-processed + emptyDir: + medium: Memory imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/components/policy-gui/templates/service.yaml b/kubernetes/policy/components/policy-gui/templates/service.yaml index 44e66b8680..827e93a4f2 100644 --- a/kubernetes/policy/components/policy-gui/templates/service.yaml +++ b/kubernetes/policy/components/policy-gui/templates/service.yaml @@ -34,11 +34,11 @@ spec: {{if eq .Values.service.type "NodePort" -}} - port: {{ .Values.service.internalPort }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} {{- else -}} - port: {{ .Values.service.externalPort }} targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} + name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }} {{- end}} selector: app: {{ include "common.name" . }} |