{{/*
# Copyright © 2020 Samsung Electronics
# Copyright © 2017 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
*/}}

apiVersion: apps/v1
kind: StatefulSet
metadata: {{- include "common.resourceMetadata" . | nindent 2 }}
spec:
  selector:
    matchLabels:
      app: {{ include "common.name" . }}
  serviceName: {{ include "common.servicename" . }}-cluster
  replicas: {{ .Values.replicaCount }}
  selector: {{- include "common.selectors" . | nindent 4 }}
  podManagementPolicy: Parallel
  template:
    metadata: {{- include "common.templateMetadata" . | nindent 6 }}
    spec:
      initContainers:
      - command:
        - sh
        args:
        - -c
        - "cd /config-input && for PFILE in `ls -1 .`; do envsubst <${PFILE} >/config/${PFILE}; done"
        env:
        - name: AAI_CLIENT_NAME
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "login") | indent 10 }}
        - name: AAI_CLIENT_PASSWORD
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "aai-user-creds" "key" "password") | indent 10 }}
        - name: MODELSERVICE_USER
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "login") | indent 10 }}
        - name: MODELSERVICE_PASSWORD
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "modeling-user-creds" "key" "password") | indent 10 }}
        - name: RESTCONF_USER
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "login") | indent 10 }}
        - name: RESTCONF_PASSWORD
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restconf-creds" "key" "password") | indent 10 }}
        - name: ANSIBLE_USER
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "login") | indent 10 }}
        - name: ANSIBLE_PASSWORD
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ansible-creds" "key" "password") | indent 10 }}
        - name: SCALEOUT_USER
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "login") | indent 10 }}
        - name: SCALEOUT_PASSWORD
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "scaleout-creds" "key" "password") | indent 10 }}
        - name: NETBOX_APIKEY
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "netbox-apikey" "key" "password") | indent 10 }}
        - name: SDNC_DB_USER
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }}
        - name: SDNC_DB_PASSWORD
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }}
        - name: ODL_ADMIN_USERNAME
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 10 }}
        - name: ODL_ADMIN_PASSWORD
          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 10 }}

        volumeMounts:
        - mountPath: /config-input
          name: config-input
        - mountPath: /config
          name: properties
        image: "{{ .Values.global.envsubstImage }}"
        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
        name: {{ include "common.name" . }}-update-config
      {{ if .Values.dgbuilder.enabled -}}
      - command:
        - /app/ready.py
        args:
        {{ if or .Values.dgbuilder.enabled .Values.config.sdnr.enabled -}}
        - --container-name
        - {{ include "common.mariadbService" . }}
        {{ end -}}
        {{ if .Values.config.sdnr.enabled -}}
        - --container-name
        - {{ include "common.name" . }}-sdnrdb-init-job
        {{ end -}}
        env:
        - name: NAMESPACE
          valueFrom:
            fieldRef:
              apiVersion: v1
              fieldPath: metadata.namespace
        image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
        name: {{ include "common.name" . }}-readiness
        {{ end -}}
{{ include "common.certInitializer.initContainer" . | indent 6 }}

      {{ if .Values.global.cmpv2Enabled }}
      - name: certs-init
        image: "{{ .Values.global.repository }}/{{ .Values.global.platform.certServiceClient.image }}"
        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
        env:
          - name: REQUEST_URL
            value: {{ .Values.global.platform.certServiceClient.envVariables.requestURL }}
          - name: REQUEST_TIMEOUT
            value: "30000"
          - name: OUTPUT_PATH
            value: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
          - name: CA_NAME
            value: {{ .Values.global.platform.certServiceClient.envVariables.caName }}
          - name: COMMON_NAME
            value: {{ .Values.global.platform.certServiceClient.envVariables.common_name }}
          - name: ORGANIZATION
            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Organization }}
          - name: ORGANIZATION_UNIT
            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }}
          - name: LOCATION
            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Location }}
          - name: STATE
            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2State }}
          - name: COUNTRY
            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Country }}
          - name: KEYSTORE_PATH
            value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePath }}
          - name: KEYSTORE_PASSWORD
            value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePassword }}
          - name: TRUSTSTORE_PATH
            value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePath }}
          - name: TRUSTSTORE_PASSWORD
            value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePassword }}
        terminationMessagePath: /dev/termination-log
        terminationMessagePolicy: File
        volumeMounts:
          - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
            name: certs
          - mountPath: {{ .Values.global.platform.certServiceClient.secret.mountPath }}
            name: certservice-tls-volume
      {{ end }}

      - name: {{ include "common.name" . }}-chown
        image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
        command:
        - sh
        args:
        - -c
        - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
{{- if .Values.global.aafEnabled }}
        - chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}
{{- end }}
        volumeMounts:
{{ include "common.certInitializer.volumeMount" . | indent 10 }}
          - mountPath: {{ .Values.persistence.mdsalPath }}
            name: {{ include "common.fullname" . }}-data
      containers:
        - name: {{ include "common.name" . }}
          image: "{{ include "common.repository" . }}/{{ .Values.image }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          command: ["/bin/bash"]
          args: ["-c", "/opt/onap/sdnc/bin/startODL.sh"]
          ports:
          - containerPort: {{ .Values.service.internalPort }}
          - containerPort: {{ .Values.service.internalPort2 }}
          - containerPort: {{ .Values.service.internalPort3 }}
          - containerPort: {{ .Values.service.clusterPort }}
          readinessProbe:
            tcpSocket:
              port: {{ .Values.service.internalPort }}
            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
            periodSeconds: {{ .Values.readiness.periodSeconds }}
          env:
          - name: MYSQL_ROOT_PASSWORD
            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-password" "key" "password") | indent 12 }}
          - name: ODL_ADMIN_USERNAME
            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "login") | indent 12 }}
          - name: ODL_ADMIN_PASSWORD
            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "odl-creds" "key" "password") | indent 12 }}
          - name: SDNC_DB_USER
            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
          - name: SDNC_DB_PASSWORD
            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
          - name: SDNC_CONFIG_DIR
            value: "{{ .Values.config.configDir }}"
          - name: ENABLE_ODL_CLUSTER
            value: "{{ .Values.config.enableClustering }}"
          - name: MY_ODL_CLUSTER
            value: "{{ .Values.config.myODLCluster }}"
          - name: PEER_ODL_CLUSTER
            value: "{{ .Values.config.peerODLCluster }}"
          - name: IS_PRIMARY_CLUSTER
            value: "{{ .Values.config.isPrimaryCluster }}"
          - name: GEO_ENABLED
            value: "{{ .Values.config.geoEnabled}}"
          - name: SDNC_AAF_ENABLED
            value: "{{ .Values.global.aafEnabled}}"
          - name: SDNC_REPLICAS
            value: "{{ .Values.replicaCount }}"
          - name: MYSQL_HOST
            value: {{ include "common.mariadbService" . }}
          - name: JAVA_HOME
            value: "{{ .Values.config.javaHome}}"
          - name: JAVA_OPTS
            value: "-Xms{{.Values.config.odl.javaOptions.minMemory}} -Xmx{{.Values.config.odl.javaOptions.maxMemory}}"
          - name: KARAF_CONSOLE_LOG_LEVEL
            value: "{{ include "common.log.level" . }}"
          - name: SDNRWT
            value: "{{ .Values.config.sdnr.enabled | default "false"}}"
          {{- if eq .Values.config.sdnr.mode "web" }}
          - name: SDNRDM
            value: "true"
          {{- end }}
          - name: SDNRONLY
            value: "{{ .Values.config.sdnr.sdnronly | default "false" }}"
          - name: SDNRDBURL
            {{- $prefix := ternary "https" "http" .Values.global.aafEnabled}}
            value: "{{$prefix}}://{{ .Values.elasticsearch.service.name | default "sdnrdb"}}.{{.Release.Namespace}}:{{.Values.elasticsearch.service.port | default "9200"}}"
          {{- if .Values.config.sdnr.sdnrdbTrustAllCerts }}
          - name: SDNRDBTRUSTALLCERTS
            value: "true"
          {{ end }}

          volumeMounts:
{{ include "common.certInitializer.volumeMount" . | indent 10 }}
          - mountPath: /etc/localtime
            name: localtime
            readOnly: true
          - mountPath: /opt/opendaylight/current/etc/org.ops4j.pax.logging.cfg
            name: sdnc-logging-cfg-config
            subPath: org.ops4j.pax.logging.cfg
          - mountPath: {{ .Values.config.binDir }}/installSdncDb.sh
            name: bin
            subPath: installSdncDb.sh
          - mountPath: {{ .Values.config.ccsdkConfigDir }}/aaiclient.properties
            name: properties
            subPath: aaiclient.properties
          - mountPath: {{ .Values.config.configDir }}/aaiclient.properties
            name: properties
            subPath: aaiclient.properties
          - mountPath: {{ .Values.config.configDir }}/dblib.properties
            name: properties
            subPath: dblib.properties
          - mountPath: {{ .Values.config.configDir }}/lcm-dg.properties
            name: properties
            subPath: lcm-dg.properties
          - mountPath: {{ .Values.config.configDir }}/svclogic.properties
            name: properties
            subPath: svclogic.properties
          - mountPath: /opt/onap/sdnc/svclogic/config/svclogic.properties
            name: properties
            subPath: svclogic.properties
          - mountPath: {{ .Values.config.configDir }}/netbox.properties
            name: properties
            subPath: netbox.properties
          - mountPath: {{ .Values.config.configDir }}/blueprints-processor-adaptor.properties
            name: properties
            subPath: blueprints-processor-adaptor.properties
          - mountPath: {{ .Values.persistence.mdsalPath }}
            name: {{ include "common.fullname" . }}-data
          - mountPath: /var/log/onap
            name: logs
          - mountPath: {{ .Values.config.odl.salConfigDir }}/{{ .Values.config.odl.salConfigVersion}}/sal-clustering-config-{{ .Values.config.odl.salConfigVersion}}-akkaconf.xml
            name: properties
            subPath: akka.conf
          - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.controller.cluster.datastore.cfg
            name: properties
            subPath: org.opendaylight.controller.cluster.datastore.cfg
          - mountPath: {{ .Values.config.odl.binDir }}/setenv
            name: properties
            subPath: setenv
          - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-registrar.properties
            name: properties
            subPath: mountpoint-registrar.properties
          - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties
            name: properties
            subPath: mountpoint-state-provider.properties
          {{ if .Values.global.cmpv2Enabled }}
          - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
            name: certs
          {{- end }}
          resources:
{{ include "common.resources" . | indent 12 }}
        {{- if .Values.nodeSelector }}
        nodeSelector:
{{ toYaml .Values.nodeSelector | indent 10 }}
        {{- end -}}
        {{- if .Values.affinity }}
        affinity:
{{ toYaml .Values.affinity | indent 10 }}
        {{- end }}

        # side car containers
        - name: filebeat-onap
          image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}"
          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
          volumeMounts:
          - mountPath: /usr/share/filebeat/filebeat.yml
            name: filebeat-conf
            subPath: filebeat.yml
          - mountPath: /var/log/onap
            name: logs
          - mountPath: /usr/share/filebeat/data
            name: data-filebeat
      imagePullSecrets:
      - name: "{{ include "common.namespace" . }}-docker-registry-key"
      volumes:
        - name: localtime
          hostPath:
            path: /etc/localtime
        - name: logs
          emptyDir: {}
        - name: data-filebeat
          emptyDir: {}
        - name: filebeat-conf
          configMap:
            name: {{ include "common.fullname" . }}-filebeat-configmap
        - name: sdnc-logging-cfg-config
          configMap:
            name: {{ include "common.fullname" . }}-log-configmap
        - name: bin
          configMap:
            name: {{ include "common.fullname" . }}-bin
            defaultMode: 0755
        - name: config-input
          configMap:
            name: {{ include "common.fullname" . }}-properties
            defaultMode: 0644
        - name: properties
          emptyDir:
            medium: Memory
        {{ if .Values.global.cmpv2Enabled }}
        - name: certs
          emptyDir:
            medium: Memory
        - name: certservice-tls-volume
          secret:
            secretName: {{ .Values.global.platform.certServiceClient.secret.name }}
        {{- end }}
  {{ if not .Values.persistence.enabled }}
        - name: {{ include "common.fullname" . }}-data
          emptyDir: {}
  {{ else }}
{{ include "common.certInitializer.volumes" . | nindent 8 }}
  volumeClaimTemplates:
  - metadata:
      name: {{ include "common.fullname" . }}-data
      labels:
        name: {{ include "common.fullname" . }}
        chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
        release: "{{ include "common.release" . }}"
        heritage: "{{ .Release.Service }}"
    spec:
      accessModes:
      - {{ .Values.persistence.accessMode }}
      storageClassName: {{ include "common.storageClass" . }}
      resources:
        requests:
          storage: {{ .Values.persistence.size }}
  {{- end }}