[SDC] Chart cleanup for AAF/TLS removal

Use latest helm templates and remove TLS/AAF related parts

Issue-ID: OOM-3121

Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de>
Change-Id: I453d9bfb471462a3c2f4825a3a542c61df353cf5

1 files changed, 11 insertions, 80 deletions

diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
index d57309004d..b667af2a60 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
@@ -16,26 +16,14 @@
 
 apiVersion: apps/v1
 kind: Deployment
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
+metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
 spec:
-  selector:
-    matchLabels:
-      app: {{ include "common.name" . }}
+  selector: {{- include "common.selectors" . | nindent 4 }}
   replicas: {{ .Values.replicaCount }}
   template:
-    metadata:
-      labels:
-        app: {{ include "common.name" . }}
-        release: {{ include "common.release" . }}
+    metadata: {{- include "common.templateMetadata" . | nindent 6 }}
     spec:
-      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
+      initContainers:
       - name: {{ include "common.name" . }}-readiness
         command:
         - /app/ready.py
@@ -57,52 +45,15 @@ spec:
           requests:
             cpu: 3m
             memory: 20Mi
-      {{- if .Values.global.aafEnabled }}
-      - name: {{ include "common.fullname" . }}-move-cert
-        command:
-          - /bin/sh
-        args:
-          - -c
-          - |
-            cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /sdc-certs/{{ .Values.certInitializer.keystoreFile }}
-            cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /sdc-certs/{{ .Values.certInitializer.truststoreFile }}
-            cp {{ .Values.certInitializer.credsPath }}/mycreds.prop /sdc-certs/mycreds.prop
-        image: {{ include "repositoryGenerator.image.busybox" . }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
-          - name: sdc-certs
-            mountPath: /sdc-certs
-        resources:
-          limits:
-            cpu: 100m
-            memory: 100Mi
-          requests:
-            cpu: 3m
-            memory: 20Mi
-      {{- end }}
       containers:
         - name: {{ include "common.name" . }}
           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          {{- if .Values.global.aafEnabled }}
-          command:
-          - sh
-          args:
-          - "-c"
-          - |
-            export $(grep '^c' /sdc-certs/mycreds.prop | xargs -0)
-            export KEYSTORE_PASS=$cadi_keystore_password_p12
-            export TRUSTSTORE_PASS=$cadi_truststore_password
-            export KEYSTORE_PATH=/etc/{{ .Values.certInitializer.keystoreFile }}
-            export TRUSTSTORE_PATH=/etc/{{ .Values.certInitializer.truststoreFile }}
-            ./startup.sh
-          {{- end }}
-          ports:
-          - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
+          ports: {{ include "common.containerPorts" . | nindent 12  }}
           {{ if .Values.liveness.enabled }}
           livenessProbe:
             tcpSocket:
-              port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
+              port: {{ .Values.service.internalPort }}
             initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
             periodSeconds: {{ .Values.liveness.periodSeconds }}
             successThreshold: {{ .Values.liveness.successThreshold }}
@@ -110,14 +61,14 @@ spec:
           {{ end }}
           readinessProbe:
             tcpSocket:
-              port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
+              port: {{ .Values.service.internalPort }}
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
             successThreshold: {{ .Values.readiness.successThreshold }}
             failureThreshold: {{ .Values.readiness.failureThreshold }}
           startupProbe:
             tcpSocket:
-              port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
+              port: {{ .Values.service.internalPort }}
             initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
             periodSeconds: {{ .Values.startup.periodSeconds }}
             successThreshold: {{ .Values.startup.successThreshold }}
@@ -128,28 +79,13 @@ spec:
           - name: JAVA_OPTIONS
             value: {{ .Values.config.javaOptions }}
           - name: BACKEND
-            value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.backendServerURL.https .Values.config.backendServerURL.http }}"
+            value: "{{ .Values.config.backendServerURL.http }}"
           - name: IS_HTTPS
-            value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}"
-            {{- if and (include "common.needTLS" .) (eq .Values.security.isDefaultStore false) }}
-          - name: TRUST_ALL
-            value: "{{ .Values.config.isTrustAll}}"
-            {{- end }}
+            value: "false"
           volumeMounts:
           - name: {{ include "common.fullname" . }}-localtime
             mountPath: /etc/localtime
             readOnly: true
-          {{- if .Values.global.aafEnabled }}
-          - name: sdc-certs
-            mountPath: /sdc-certs/mycreds.prop
-            subPath: mycreds.prop
-          - name: sdc-certs
-            mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.keystoreFile }}
-            subPath: {{ .Values.certInitializer.keystoreFile }}
-          - name: sdc-certs
-            mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.truststoreFile }}
-            subPath: {{ .Values.certInitializer.truststoreFile }}
-          {{ end }}
           resources: {{ include "common.resources" . | nindent 12 }}
         {{- if .Values.nodeSelector }}
         nodeSelector:
@@ -162,15 +98,10 @@ spec:
         # side car containers
         {{ include "common.log.sidecar" . | nindent 8 }}
       serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
-      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
+      volumes:
         - name: {{ include "common.fullname" . }}-localtime
           hostPath:
             path: /etc/localtime
-        {{- if .Values.global.aafEnabled }}
-        - name: sdc-certs
-          emptyDir:
-            medium: "Memory"
-        {{- end }}
         {{ include "common.log.volumes" (dict "dot" . "configMapNamePrefix" (tpl .Values.logConfigMapNamePrefix . )) | nindent 8 }}
         - name: logs
           emptyDir: {}