summaryrefslogtreecommitdiffstats
path: root/kubernetes/sdc/components/sdc-wfd-fe
diff options
context:
space:
mode:
authorothman touijer <othman.touijer@soprasteria.com>2022-01-05 14:40:37 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2022-01-25 18:26:59 +0100
commit2b764d035310d91744b4c22ace83593b9a561116 (patch)
treef637fd322498ce1246d49bf92195352f10d17a0e /kubernetes/sdc/components/sdc-wfd-fe
parent0df88b139440c5bb2f0e46e5195bc2455554dc4d (diff)
[SDC] Service Mesh Compliance for SDC
Adding basic requirements for Service Mesh Compliance within SDC. Change-Id: Ib9104ef2e8b6daf0b9b529288cee158b297ce9e4 Issue-ID: OOM-2253 Signed-off-by: rope252 <gareth.roper@est.tech> Signed-off-by: othman touijer <othman.touijer@soprasteria.com>
Diffstat (limited to 'kubernetes/sdc/components/sdc-wfd-fe')
-rw-r--r--kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl1
-rw-r--r--kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml16
-rw-r--r--kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml12
-rw-r--r--kubernetes/sdc/components/sdc-wfd-fe/values.yaml5
4 files changed, 17 insertions, 17 deletions
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl b/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl
deleted file mode 100644
index 546bab7ddf..0000000000
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl
+++ /dev/null
@@ -1 +0,0 @@
-{{- define "wfd-fe.internalPort" }}{{ if .Values.config.isHttpsEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }}
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
index b703e6656c..d57309004d 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
@@ -98,11 +98,11 @@ spec:
./startup.sh
{{- end }}
ports:
- - containerPort: {{ template "wfd-fe.internalPort" . }}
+ - containerPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
{{ if .Values.liveness.enabled }}
livenessProbe:
tcpSocket:
- port: {{ template "wfd-fe.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
successThreshold: {{ .Values.liveness.successThreshold }}
@@ -110,14 +110,14 @@ spec:
{{ end }}
readinessProbe:
tcpSocket:
- port: {{ template "wfd-fe.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
successThreshold: {{ .Values.readiness.successThreshold }}
failureThreshold: {{ .Values.readiness.failureThreshold }}
startupProbe:
tcpSocket:
- port: {{ template "wfd-fe.internalPort" . }}
+ port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.startup.initialDelaySeconds }}
periodSeconds: {{ .Values.startup.periodSeconds }}
successThreshold: {{ .Values.startup.successThreshold }}
@@ -128,13 +128,13 @@ spec:
- name: JAVA_OPTIONS
value: {{ .Values.config.javaOptions }}
- name: BACKEND
- value: {{ .Values.config.backendServerURL }}
+ value: "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.config.backendServerURL.https .Values.config.backendServerURL.http }}"
- name: IS_HTTPS
- value: "{{ .Values.config.isHttpsEnabled}}"
- {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
+ value: "{{ (eq "true" (include "common.needTLS" .)) | ternary "true" "false" }}"
+ {{- if and (include "common.needTLS" .) (eq .Values.security.isDefaultStore false) }}
- name: TRUST_ALL
value: "{{ .Values.config.isTrustAll}}"
- {{ end }}
+ {{- end }}
volumeMounts:
- name: {{ include "common.fullname" . }}-localtime
mountPath: /etc/localtime
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
index bc838ac22f..08feb5a6ed 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
@@ -31,7 +31,7 @@ metadata:
"version": "v1",
"url": "/",
"protocol": "UI",
- "port": "{{ .Values.service.internalPort2 }}",
+ "port": "{{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}",
"visualRange":"0|1"
}
]'
@@ -39,13 +39,13 @@ spec:
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
- - port: {{ template "wfd-fe.internalPort" . }}
+ - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
- name: {{ .Values.service.portName }}
+ name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
{{- else -}}
- - port: {{ if .Values.config.isHttpsEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }}
- targetPort: {{ template "wfd-fe.internalPort" . }}
- name: {{ .Values.service.portName }}
+ - port: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.externalPort2 .Values.service.externalPort }}
+ targetPort: {{ (eq "true" (include "common.needTLS" .)) | ternary .Values.service.internalPort2 .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}{{ (eq "true" (include "common.needTLS" .)) | ternary "s" "" }}
{{- end}}
selector:
app: {{ include "common.name" . }}
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
index b3e3b39a41..c7e680a745 100644
--- a/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
@@ -55,8 +55,9 @@ debugEnabled: false
config:
javaOptions: "-Xmx256m -Xms256m"
- backendServerURL: "https://sdc-wfd-be:8443"
- isHttpsEnabled: true
+ backendServerURL:
+ https: "https://sdc-wfd-be:8443"
+ http: "http://sdc-wfd-be:8080"
# following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties
isTrustAll: true
# https relevant settings. Change in case you have other trust files then default ones.