aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml')
-rwxr-xr-xkubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml21
1 files changed, 14 insertions, 7 deletions
diff --git a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml
index b475d2ce2d..cda1aa4bae 100755
--- a/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-xacml-pdp/templates/deployment.yaml
@@ -53,7 +53,7 @@ spec:
- sh
args:
- -c
- - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done"
+ - JAASLOGIN=`echo $JAASLOGIN | tr -d '"'`; cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done
env:
- name: RESTSERVER_USER
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }}
@@ -67,6 +67,19 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
- name: SQL_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
+ - name: JAASLOGIN
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "common.name" . }}-ku
+ key: sasl.jaas.config
+ - name: KAFKA_URL
+ value: {{ include "common.release" . }}-{{ .Values.global.kafkaBootstrap }}
+ - name: SASL
+ value: {{ .Values.kafkaUser.authenticationType | upper }}
+ - name: GROUP_ID
+ value: {{ .Values.config.kafka.consumer.groupId }}
+ - name: PAP_TOPIC
+ value: {{ .Values.config.app.listener.policyPdpPapTopic }}
volumeMounts:
- mountPath: /config-input
name: pdpxconfig
@@ -97,9 +110,6 @@ spec:
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- - mountPath: /etc/localtime
- name: localtime
- readOnly: true
- mountPath: /opt/app/policy/pdpx/etc/mounted
name: pdpxconfig-processed
resources: {{ include "common.resources" . | nindent 12 }}
@@ -113,9 +123,6 @@ spec:
{{- end }}
serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
volumes:
- - name: localtime
- hostPath:
- path: /etc/localtime
- name: pdpxconfig
configMap:
name: {{ include "common.fullname" . }}-configmap