aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/contrib/components/ejbca/templates/deployment.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/contrib/components/ejbca/templates/deployment.yaml')
-rw-r--r--kubernetes/contrib/components/ejbca/templates/deployment.yaml120
1 files changed, 0 insertions, 120 deletions
diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml
deleted file mode 100644
index a36dcacb23..0000000000
--- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml
+++ /dev/null
@@ -1,120 +0,0 @@
-{{/*
-# Copyright © 2020, Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
-spec:
- replicas: {{ .Values.replicaCount }}
- selector: {{- include "common.selectors" . | nindent 4 }}
- template:
- metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- {{- if (include "common.onServiceMesh" . ) }}
- annotations:
- {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }}
- linkerd.io/inject: disabled
- {{- end }}
- {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }}
- sidecar.istio.io/rewriteAppHTTPProbers: "false"
- proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }'
- {{- end }}
- {{- end }}
- spec:
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- initContainers:
- - name: {{ include "common.name" . }}-db-readiness
- command:
- - /app/ready.py
- args:
- - --container-name
- {{- if .Values.global.mariadbGalera.localCluster }}
- - ejbca-galera
- {{- else }}
- - ejbca-config
- {{- end }}
- env:
- - name: NAMESPACE
- valueFrom:
- fieldRef:
- apiVersion: v1
- fieldPath: metadata.namespace
- image: {{ include "repositoryGenerator.image.readiness" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- containers:
- - name: {{ include "common.name" . }}-ejbca
- image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.ejbca.image }}
- imagePullPolicy: {{ .Values.pullPolicy }}
- lifecycle:
- postStart:
- exec:
- command:
- - sh
- - -c
- - |
- sleep 60; /opt/primekey/scripts/ejbca-config.sh
- volumeMounts:
- - name: "{{ include "common.fullname" . }}-volume"
- mountPath: /opt/primekey/scripts/
- - name: "{{ include "common.fullname" . }}-profiles-volume"
- mountPath: /opt/primekey/custom_profiles/
- ports: {{ include "common.containerPorts" . | nindent 10 }}
- env:
- - name: INITIAL_ADMIN
- value: ";PublicAccessAuthenticationToken:TRANSPORT_ANY;"
- - name: NO_CREATE_CA
- value: "true"
- - name: DATABASE_JDBC_URL
- value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ .Values.mysqlDatabase }}
- - name: DATABASE_USER
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-db-secret" "key" "login") | indent 10 }}
- - name: DATABASE_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-db-secret" "key" "password") | indent 10 }}
- - name: RA_IAK
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-ra-iak" "key" "password") | indent 10 }}
- - name: CLIENT_IAK
- {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-client-iak" "key" "password") | indent 10 }}
- livenessProbe:
- httpGet:
- port: {{ .Values.liveness.port }}
- path: {{ .Values.liveness.path }}
- scheme: HTTPS
- initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
- periodSeconds: {{ .Values.liveness.periodSeconds }}
- readinessProbe:
- httpGet:
- port: {{ .Values.readiness.port }}
- path: {{ .Values.readiness.path }}
- scheme: HTTPS
- initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
- periodSeconds: {{ .Values.readiness.periodSeconds }}
- {{- if .Values.nodeSelector }}
- nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }}
- {{- end -}}
- {{- if .Values.affinity }}
- affinity: {{ toYaml .Values.affinity | nindent 10 }}
- {{- end }}
- resources: {{ include "common.resources" . | nindent 10 }}
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes:
- - configMap:
- name: "{{ include "common.fullname" . }}-config-script"
- defaultMode: 0755
- name: "{{ include "common.fullname" . }}-volume"
- - configMap:
- name: "{{ include "common.fullname" . }}-profiles"
- defaultMode: 0755
- name: "{{ include "common.fullname" . }}-profiles-volume"