summaryrefslogtreecommitdiffstats
path: root/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
diff options
context:
space:
mode:
authorothman touijer <othman.touijer@soprasteria.com>2022-01-05 14:40:37 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2022-01-25 18:26:59 +0100
commit2b764d035310d91744b4c22ace83593b9a561116 (patch)
treef637fd322498ce1246d49bf92195352f10d17a0e /kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
parent0df88b139440c5bb2f0e46e5195bc2455554dc4d (diff)
[SDC] Service Mesh Compliance for SDC
Adding basic requirements for Service Mesh Compliance within SDC. Change-Id: Ib9104ef2e8b6daf0b9b529288cee158b297ce9e4 Issue-ID: OOM-2253 Signed-off-by: rope252 <gareth.roper@est.tech> Signed-off-by: othman touijer <othman.touijer@soprasteria.com>
Diffstat (limited to 'kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml')
-rw-r--r--kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml19
1 files changed, 12 insertions, 7 deletions
diff --git a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
index 1cfcad4f56..a187e19a75 100644
--- a/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
@@ -79,13 +79,13 @@ spec:
./startup.sh
{{- end }}
ports:
- - containerPort: {{ template "wfd-be.internalPort" . }}
+ - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
# so K8s doesn't restart unresponsive container
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ template "wfd-be.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
successThreshold: {{ .Values.liveness.successThreshold }}
@@ -93,14 +93,14 @@ spec:
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ template "wfd-be.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
successThreshold: {{ .Values.readiness.successThreshold }}
failureThreshold: {{ .Values.readiness.failureThreshold }}
startupProbe:
tcpSocket:
- port: {{ template "wfd-be.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
periodSeconds: {{ .Values.startup.periodSeconds }}
successThreshold: {{ .Values.startup.successThreshold }}
@@ -128,20 +128,25 @@ spec:
valueFrom:
secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: cs_truststore_password}
- name: SDC_PROTOCOL
- value: "{{ .Values.config.sdcProtocol }}"
+ value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "HTTPS" "HTTP" }}"
- name: SDC_ENDPOINT
- value: "{{ .Values.config.sdcEndpoint }}"
+ value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.sdcEndpoint.https .Values.config.sdcEndpoint.http }}"
- name: SDC_USER
value: "{{ .Values.config.sdcExternalUser }}"
- name: SDC_PASSWORD
valueFrom:
secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: wf_external_user_password}
+ {{- if (include "common.needTLS" .) }}
- name: SERVER_SSL_ENABLED
- value: "{{ .Values.config.serverSSLEnabled }}"
+ value: "true"
- name: SERVER_SSL_KEYSTORE_TYPE
value: "{{ .Values.config.serverSSLKeyStoreType }}"
- name: SERVER_SSL_TRUSTSTORE_TYPE
value: "{{ .Values.config.serverSSLTrustStoreType }}"
+ {{- else }}
+ - name: SERVER_SSL_ENABLED
+ value: "false"
+ {{- end }}
volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
resources: {{ include "common.resources" . | nindent 12 }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}