diff options
| author |   Liam Fallon <liam.fallon@est.tech> | 2023-01-10 16:02:46 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2023-01-10 16:02:46 +0000 |
| commit | dc2af139e7d805f2a7330e9d4a3eb919c2482ef0 (patch) | |
| tree | 6afc593b75068930baa883c1d2db356cf09de0f9 /helm/policy/components/policy-clamp-runtime-acm/templates | |
| parent | 57328ba54f148a87a21e1cafcbef3aa5317dee6a (diff) | |
| parent | a1954d4a6b33c476b8e057137ae7df92902fa1c2 (diff) | |
Merge "Add helm charts for policy CSIT"
Diffstat (limited to 'helm/policy/components/policy-clamp-runtime-acm/templates')
6 files changed, 353 insertions, 0 deletions
diff --git a/helm/policy/components/policy-clamp-runtime-acm/templates/configmap.yaml b/helm/policy/components/policy-clamp-runtime-acm/templates/configmap.yaml new file mode 100644 index 00000000..309dc45e --- /dev/null +++ b/helm/policy/components/policy-clamp-runtime-acm/templates/configmap.yaml @@ -0,0 +1,37 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Chart.Name }}-configmap + namespace: default + labels: + app: {{ .Chart.Name }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + heritage: Helm +{{- with .Files.Glob "resources/config/*store" }} +binaryData: +{{- range $path, $bytes := . }} + {{ base $path }}: {{ $.Files.Get $path | b64enc | quote }} +{{- end }} +{{- end }} +data: +{{ tpl (.Files.Glob "resources/config/*.{json,xml,yaml}").AsConfig . | indent 2 }} diff --git a/helm/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml b/helm/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml new file mode 100644 index 00000000..ba192cb5 --- /dev/null +++ b/helm/policy/components/policy-clamp-runtime-acm/templates/deployment.yaml @@ -0,0 +1,153 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ .Chart.Name }} + namespace: default +spec: + selector: + matchLabels: + app.kubernetes.io/name: {{ .Chart.Name }} + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app.kubernetes.io/name: {{ .Chart.Name }} + helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + app.kubernetes.io/instance: RELEASE + app.kubernetes.io/managed-by: Helm + name: {{ .Chart.Name }} + spec: + initContainers: + - command: + - /app/ready.py + args: + - --job-name + - policy-galera-init + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: nexus3.onap.org:10001/onap/oom/readiness:3.0.1 + imagePullPolicy: {{ .Values.pullPolicy }} + name: {{ .Chart.Name }}-readiness + - command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done" + env: + - name: SQL_USER + valueFrom: + secretKeyRef: + name: {{ .Chart.Name }}-db-secret + key: login + + - name: SQL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Chart.Name }}-db-secret + key: password + + - name: RUNTIME_USER + valueFrom: + secretKeyRef: + name: {{ .Chart.Name }}-runtime-secret + key: login + + - name: RUNTIME_PASSWORD + valueFrom: + secretKeyRef: + name: {{ .Chart.Name }}-runtime-secret + key: password + +{{- if .Values.config.useStrimziKafka }} + - name: JAASLOGIN + valueFrom: + secretKeyRef: + name: {{ .Chart.Name }}-policy-kafka-user + key: sasl.jaas.config + +{{- end }} + volumeMounts: + - mountPath: /config-input + name: ac-runtime-config + - mountPath: /config + name: ac-runtime-config-processed + image: docker.io/dibi/envsubst:1 + imagePullPolicy: {{ .Values.pullPolicy }} + name: {{ .Chart.Name }}-update-config + containers: + - name: {{ .Chart.Name }} + image: {{ .Values.image }} + imagePullPolicy: {{ .Values.pullPolicy }} + command: ["/opt/app/policy/clamp/bin/acm-runtime.sh"] + args: ["/opt/app/policy/clamp/etc/mounted/acRuntimeParameters.yaml"] + ports: + - containerPort: 6969 + name: http-api + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.liveness.port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.readiness.port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/policy/clamp/etc/mounted + name: ac-runtime-config-processed + resources: +{{ toYaml .Values.resources.small | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + serviceAccountName: {{ .Chart.Name }}-read + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: ac-runtime-config + configMap: + name: {{ .Chart.Name }}-configmap + defaultMode: 0755 + - name: ac-runtime-config-processed + emptyDir: + medium: Memory + imagePullSecrets: + - name: "default-docker-registry-key" diff --git a/helm/policy/components/policy-clamp-runtime-acm/templates/role-binding.yaml b/helm/policy/components/policy-clamp-runtime-acm/templates/role-binding.yaml new file mode 100644 index 00000000..40f59aef --- /dev/null +++ b/helm/policy/components/policy-clamp-runtime-acm/templates/role-binding.yaml @@ -0,0 +1,33 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: {{ .Chart.Name }}-read + namespace: default +subjects: +- kind: ServiceAccount + name: {{ .Chart.Name }}-read +roleRef: + kind: Role + name: read + apiGroup: rbac.authorization.k8s.io + diff --git a/helm/policy/components/policy-clamp-runtime-acm/templates/secret.yaml b/helm/policy/components/policy-clamp-runtime-acm/templates/secret.yaml new file mode 100644 index 00000000..f761acd0 --- /dev/null +++ b/helm/policy/components/policy-clamp-runtime-acm/templates/secret.yaml @@ -0,0 +1,64 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Chart.Name }}-runtime-secret + namespace: default + labels: + app: {{ .Chart.Name }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + heritage: Helm +type: Opaque +stringData: + login: {{ .Values.config.policyAppUserName }} + password: {{ .Values.config.policyAppUserPassword }} + +--- + +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Chart.Name }}-db-secret + namespace: default + labels: + app: {{ .Chart.Name }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + heritage: Helm +type: Opaque +stringData: + login: {{ .Values.db.user }} + password: {{ .Values.db.password }} + +--- + +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Chart.Name }}-policy-kafka-user + namespace: default + labels: + app: {{ .Chart.Name }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + heritage: Helm +type: Opaque +stringData: + sasl.jaas.config: {{ .Values.config.jaas }} diff --git a/helm/policy/components/policy-clamp-runtime-acm/templates/service-account.yaml b/helm/policy/components/policy-clamp-runtime-acm/templates/service-account.yaml new file mode 100644 index 00000000..8bf00b02 --- /dev/null +++ b/helm/policy/components/policy-clamp-runtime-acm/templates/service-account.yaml @@ -0,0 +1,25 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ .Chart.Name }}-read + diff --git a/helm/policy/components/policy-clamp-runtime-acm/templates/service.yaml b/helm/policy/components/policy-clamp-runtime-acm/templates/service.yaml new file mode 100644 index 00000000..8daa872a --- /dev/null +++ b/helm/policy/components/policy-clamp-runtime-acm/templates/service.yaml @@ -0,0 +1,41 @@ +{{/* +# ============LICENSE_START======================================================= +# Copyright (C) 2022 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +*/}} + +apiVersion: v1 +kind: Service +metadata: + name: {{ .Chart.Name }} + namespace: default + labels: + app.kubernetes.io/name: {{ .Chart.Name }} + helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + app.kubernetes.io/managed-by: Helm + +spec: + ports: + - port: {{ .Values.service.ports.port }} + targetPort: {{ .Values.service.ports.port }} + nodePort: {{ .Values.service.ports.nodePort }} + protocol: TCP + name: {{ .Values.service.ports.name }} + type: {{ .Values.service.type }} + selector: + app.kubernetes.io/name: {{ .Chart.Name }} + |