diff options
author | othman touijer <othman.touijer@soprasteria.com> | 2022-01-05 14:40:37 +0100 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2022-01-25 18:26:59 +0100 |
commit | 2b764d035310d91744b4c22ace83593b9a561116 (patch) | |
tree | f637fd322498ce1246d49bf92195352f10d17a0e /kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml | |
parent | 0df88b139440c5bb2f0e46e5195bc2455554dc4d (diff) |
[SDC] Service Mesh Compliance for SDC
Adding basic requirements for Service Mesh Compliance within SDC.
Change-Id: Ib9104ef2e8b6daf0b9b529288cee158b297ce9e4
Issue-ID: OOM-2253
Signed-off-by: rope252 <gareth.roper@est.tech>
Signed-off-by: othman touijer <othman.touijer@soprasteria.com>
Diffstat (limited to 'kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml')
-rw-r--r-- | kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml index 1cfcad4f56..a187e19a75 100644 --- a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml +++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml @@ -79,13 +79,13 @@ spec: ./startup.sh {{- end }} ports: - - containerPort: {{ template "wfd-be.internalPort" . }} + - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} # disable liveness probe when breakpoints set in debugger # so K8s doesn't restart unresponsive container {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ template "wfd-be.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} successThreshold: {{ .Values.liveness.successThreshold }} @@ -93,14 +93,14 @@ spec: {{ end }} readinessProbe: tcpSocket: - port: {{ template "wfd-be.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} successThreshold: {{ .Values.readiness.successThreshold }} failureThreshold: {{ .Values.readiness.failureThreshold }} startupProbe: tcpSocket: - port: {{ template "wfd-be.internalPort" . }} + port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }} initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }} periodSeconds: {{ .Values.startup.periodSeconds }} successThreshold: {{ .Values.startup.successThreshold }} @@ -128,20 +128,25 @@ spec: valueFrom: secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_truststore_password} - name: SDC_PROTOCOL - value: "{{ .Values.config.sdcProtocol }}" + value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "HTTPS" "HTTP" }}" - name: SDC_ENDPOINT - value: "{{ .Values.config.sdcEndpoint }}" + value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdcEndpoint.https .Values.config.sdcEndpoint.http }}" - name: SDC_USER value: "{{ .Values.config.sdcExternalUser }}" - name: SDC_PASSWORD valueFrom: secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: wf_external_user_password} + {{- if (include "common.needTLS" .) }} - name: SERVER_SSL_ENABLED - value: "{{ .Values.config.serverSSLEnabled }}" + value: "true" - name: SERVER_SSL_KEYSTORE_TYPE value: "{{ .Values.config.serverSSLKeyStoreType }}" - name: SERVER_SSL_TRUSTSTORE_TYPE value: "{{ .Values.config.serverSSLTrustStoreType }}" + {{- else }} + - name: SERVER_SSL_ENABLED + value: "false" + {{- end }} volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} resources: {{ include "common.resources" . | nindent 12 }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} |