diff options
Diffstat (limited to 'kubernetes/sdc/charts/sdc-wfd-fe')
5 files changed, 28 insertions, 90 deletions
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl b/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl new file mode 100644 index 0000000000..546bab7ddf --- /dev/null +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl @@ -0,0 +1 @@ +{{- define "wfd-fe.internalPort" }}{{ if .Values.config.isHttpsEnabled }}{{ .Values.service.internalPort2 }}{{ else }}{{ .Values.service.internalPort }}{{ end }}{{- end }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml index 1daee714b6..08ecaa6daa 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml @@ -50,18 +50,17 @@ spec: image: "{{ include "common.repository" . }}/{{ .Values.image }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} ports: - - containerPort: {{ .Values.service.internalPort }} - - containerPort: {{ .Values.service.internalPort2 }} + - containerPort: {{ template "wfd-fe.internalPort" . }} {{ if .Values.liveness.enabled }} livenessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ template "wfd-fe.internalPort" . }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} {{ end }} readinessProbe: tcpSocket: - port: {{ .Values.service.internalPort }} + port: {{ template "wfd-fe.internalPort" . }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} env: @@ -75,13 +74,17 @@ spec: value: "{{ .Values.config.isHttpsEnabled}}" {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }} - name: KEYSTORE_PASS - value: "{{ .Values.security.keystorePass}}" + valueFrom: + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: keystore_password} - name: TRUSTSTORE_PASS - value: "{{ .Values.security.truststorePass}}" + valueFrom: + secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: truststore_password} - name: TRUSTSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}" - name: KEYSTORE_PATH value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}" + - name: TRUST_ALL + value: "{{ .Values.config.isTrustAll}}" {{ end }} volumeMounts: - name: {{ include "common.fullname" . }}-localtime diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml index e10de6df20..8f87c68f1e 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml @@ -1,59 +1 @@ -# Copyright © 2018 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -{{- define "rules.wf" -}} -- http: - paths: - - path: /workflows/ - backend: - serviceName: {{.Values.service.name}} - servicePort: {{.Values.service.internalPort}} -{{- end -}} - -{{- if .Values.ingress.enabled }} - -apiVersion: extensions/v1beta1 -kind: Ingress -metadata: - name: {{ include "common.fullname" . }}-ingress - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -{{- with .Values.ingress.annotations }} - annotations: -{{ toYaml . | indent 4 }} -{{- end }} -spec: - rules: -{{- if .Values.ingress.hosts}} -{{- range .Values.ingress.hosts}} -{{- include "rules.wf" $ | nindent 2}} -{{- if .}} - host: {{. | quote}} -{{- end}} -{{- end}} - tls: - - hosts: -{{- range .Values.ingress.hosts}} -{{- if .}} - - {{ . | quote }} -{{- end}} -{{- end }} -{{- else}} -{{- include "rules.wf" . | nindent 2}} -{{- end}} -{{ end }} +{{ include "common.ingress" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml index 87ca3607d7..d8a105513a 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml @@ -29,7 +29,7 @@ metadata: "version": "v1", "url": "/", "protocol": "UI", - "port": "{{ .Values.service.internalPort }}", + "port": "{{ .Values.service.internalPort2 }}", "visualRange":"0|1" } ]' @@ -37,19 +37,13 @@ spec: type: {{ .Values.service.type }} ports: {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} + - port: {{ template "wfd-fe.internalPort" . }} nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName | default "http" }} - - port: {{ .Values.service.internalPort2 }} - nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{ .Values.service.nodePort2 }} - name: {{ .Values.service.portName2 | default "https" }} + name: {{ .Values.service.portName }} {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName | default "http" }} - - port: {{ .Values.service.externalPort2 }} - targetPort: {{ .Values.service.internalPort2 }} - name: {{ .Values.service.portName2 | default "https" }} + - port: {{ if .Values.config.isHttpsEnabled }}{{ .Values.service.externalPort2 }}{{ else }}{{ .Values.service.externalPort }}{{ end }} + targetPort: {{ template "wfd-fe.internalPort" . }} + name: {{ .Values.service.portName }} {{- end}} selector: app: {{ include "common.name" . }} diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml index 54e0e9b229..fc30297885 100644 --- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml +++ b/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml @@ -28,7 +28,7 @@ global: ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/workflow-frontend:1.5.2 +image: onap/workflow-frontend:1.6.0 pullPolicy: Always # flag to enable debugging - application support required @@ -36,16 +36,15 @@ debugEnabled: false config: javaOptions: "-Xmx256m -Xms256m" - backendServerURL: "http://sdc-wfd-be:8080" + backendServerURL: "https://sdc-wfd-be:8443" isHttpsEnabled: true - + # following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties + isTrustAll: true # https relevant settings. Change in case you have other trust files then default ones. security: isDefaultStore: false truststoreFilename: "org.onap.sdc.trust.jks" keystoreFilename: "org.onap.sdc.p12" - keystorePass: "!ppJ.JvWn0hGh)oVF]([Kv)^" - truststorePass: "].][xgtze]hBhz*wy]}m#lf*" storePath: "etc" # default number of instances @@ -71,25 +70,24 @@ service: type: NodePort internalPort: 8080 externalPort: 8080 - portName: sdc-wfd-fe - nodePort: "56" - portName2: sdc-wfd-fe2 internalPort2: 8443 externalPort2: 8443 - nodePort2: "31" + portName: sdc-wfd-fe + nodePort: "56" # only one node port. set to http or https port depending on isHttpsEnabled property ingress: enabled: false - hosts: ~ + service: + - baseaddr: "sdcwfdfe" + name: "sdc-wfd-fe" + port: 8443 annotations: ingress.kubernetes.io/secure-backends: "false" nginx.ingress.kubernetes.io/secure-backends: "false" nginx.ingress.kubernetes.io/proxy-body-size: "0" nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/backend-protocol: "HTTP" - nginx.ingress.kubernetes.io/rewrite-target: /workflows/ - nginx.ingress.kubernetes.io/server-snippet: | - underscores_in_headers on; + nginx.ingress.kubernetes.io/rewrite-target: "/workflows/" resources: {} # We usually recommend not to specify default resources and to leave this as a conscious |