--- /dev/null
+apiVersion: extensions/v1beta1\r
+kind: Deployment\r
+metadata:\r
+ name: {{ .Values.appName}}\r
+ namespace: {{.Values.namespace}}\r
+ labels:\r
+ app: {{ .Values.appName}}\r
+ version: {{.Values.version}}\r
+spec:\r
+ {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}}\r
+ replicas: {{ .Values.replicas.prod}}\r
+ {{ else if eq .Values.env "st"}}\r
+ replicas: {{ .Values.replicas.st}}\r
+ {{ else }}\r
+ replicas: {{ .Values.replicas.dev}}\r
+ {{ end }}\r
+ selector:\r
+ matchLabels:\r
+ app: {{ .Values.appName}}\r
+ version: {{.Values.version}}\r
+ template:\r
+ metadata:\r
+ labels:\r
+ app: {{ .Values.appName}}\r
+ version: {{.Values.version}}\r
+ spec:\r
+ revisionHistoryLimit: 1 # keep one replica set to allow rollback\r
+ minReadySeconds: 10\r
+ strategy:\r
+ # indicate which strategy we want for rolling update\r
+ type: RollingUpdate\r
+ rollingUpdate:\r
+ maxSurge: 1\r
+ maxUnavailable: 1\r
+ serviceAccount: default\r
+ volumes:\r
+ - name: {{ .Values.appName}}-aaf-volume\r
+ secret:\r
+ secretName: {{.Values.sharedSecret}}\r
+ - name: {{ .Values.appName}}-keyfile-volume\r
+ secret:\r
+ secretName: {{.Values.sharedSecret}}\r
+ optional: true\r
+ items:\r
+ - key: cadi_keyfile\r
+ path: keyfile\r
+ - name: {{ .Values.appName}}-cert-volume\r
+ secret:\r
+ secretName: {{.Values.sharedCert}}\r
+ optional: true\r
+ items:\r
+ - key: PKCS12_CERT\r
+ {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}}\r
+ path: {{ .Values.cert.prod.name | quote }}\r
+ {{ else if eq .Values.env "st" }}\r
+ path: {{ .Values.cert.st.name | quote }}\r
+ {{ else }}\r
+ path: {{ .Values.cert.dev.name | quote }}\r
+ {{ end }} \r
+ {{ if or (eq .Values.env "st") (eq .Values.env "prod-dr")}}\r
+ {{else}}\r
+ - name: logging-pvc\r
+ persistentVolumeClaim:\r
+ {{if eq .Values.env "prod"}}\r
+ claimName: {{ .Values.pvc.prod | quote }}\r
+ {{ else }}\r
+ claimName: {{ .Values.pvc.dev | quote }}\r
+ {{ end }}\r
+ {{end}}\r
+ containers:\r
+ - name: {{ .Values.appName}}\r
+ image: {{ .Values.image}}\r
+ imagePullPolicy: Always\r
+ ports:\r
+ - name: https\r
+ containerPort: 8443\r
+ nodePort: {{.Values.nodePort}}\r
+ protocol: TCP\r
+ {{ if eq .Values.env "st"}}\r
+ resources:\r
+ limits: \r
+ memory: "3Gi"\r
+ cpu: "1.8"\r
+ requests:\r
+ memory: "2Gi"\r
+ cpu: "1"\r
+ {{else}} \r
+ resources:\r
+ limits:\r
+ memory: "6Gi"\r
+ cpu: "4"\r
+ requests:\r
+ memory: "2Gi"\r
+ cpu: "1.5"\r
+ {{ end }}\r
+ env:\r
+ - name: NAMESPACE\r
+ value: {{.Values.namespace}}\r
+ - name: APP_NAME\r
+ value: {{ .Values.appName}}\r
+ - name: AAF_PERM_TYPE\r
+ {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}}\r
+ value: {{ .Values.aafPermType.prod | quote }}\r
+ {{ else if eq .Values.env "st"}}\r
+ value: {{ .Values.aafPermType.st | quote }}\r
+ {{ else }}\r
+ value: {{ .Values.aafPermType.dev | quote }}\r
+ {{ end }} \r
+ - name: AAF_ID\r
+ valueFrom:\r
+ secretKeyRef:\r
+ name: {{ .Values.sharedSecret}}\r
+ key: aaf_id\r
+ optional: true\r
+ - name: AAF_MECH_PASSWORD\r
+ valueFrom:\r
+ secretKeyRef:\r
+ name: {{ .Values.sharedSecret}}\r
+ key: aaf_mech_password\r
+ optional: true\r
+ - name: AAF_PASSWORD\r
+ valueFrom:\r
+ secretKeyRef:\r
+ name: {{ .Values.sharedSecret}}\r
+ key: aaf_password\r
+ optional: true\r
+ - name: CADI_KEYFILE\r
+ valueFrom:\r
+ secretKeyRef:\r
+ name: {{ .Values.sharedSecret}}\r
+ key: keyfile_secret_path\r
+ optional: true\r
+ - name: CADI_HOSTNAME\r
+ {{if eq .Values.env "prod"}}\r
+ value: {{ .Values.cadiHostname.prod | quote }}\r
+ {{else if eq .Values.env "prod-dr"}}\r
+ value: {{ .Values.cadiHostname.prod_dr | quote }}\r
+ {{else if eq .Values.env "st"}}\r
+ value: {{ .Values.cadiHostname.st | quote }} \r
+ {{ else }}\r
+ value: {{ .Values.cadiHostname.dev | quote }}\r
+ {{ end }}\r
+ - name: APP_VERSION\r
+ value: {{.Values.version}}\r
+ - name: OTF_MONGO_HOSTS\r
+ {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}}\r
+ value: {{ .Values.otf.mongo.prod.host | quote }}\r
+ {{ else if eq .Values.env "st" }}\r
+ value: {{ .Values.otf.mongo.st.host | quote }}\r
+ {{ else }}\r
+ value: {{ .Values.otf.mongo.dev.host | quote }}\r
+ {{ end }}\r
+ - name: OTF_MONGO_USERNAME\r
+ valueFrom:\r
+ secretKeyRef:\r
+ name: {{ .Values.appName}}\r
+ key: mongo_username\r
+ optional: true\r
+ - name: OTF_MONGO_PASSWORD\r
+ valueFrom:\r
+ secretKeyRef:\r
+ name: {{ .Values.appName}}\r
+ key: mongo_password\r
+ optional: true\r
+ - name: OTF_MONGO_REPLICASET\r
+ {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}}\r
+ value: {{ .Values.otf.mongo.prod.replicaSet | quote }}\r
+ {{else if eq .Values.env "st"}}\r
+ value: {{ .Values.otf.mongo.st.replicaSet | quote }}\r
+ {{ else }}\r
+ value: {{ .Values.otf.mongo.dev.replicaSet | quote }}\r
+ {{ end }}\r
+ - name: OTF_MONGO_DATABASE\r
+ {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}}\r
+ value: {{ .Values.otf.mongo.prod.database | quote }}\r
+ {{else if eq .Values.env "st"}}\r
+ value: {{ .Values.otf.mongo.st.database | quote }}\r
+ {{ else }}\r
+ value: {{ .Values.otf.mongo.dev.database | quote }}\r
+ {{ end }}\r
+ - name: otf.camunda.host\r
+ {{if eq .Values.env "prod"}}\r
+ value: {{ .Values.otf.camunda.prod.host | quote }}\r
+ {{ else if eq .Values.env "prod-dr" }}\r
+ value: {{ .Values.otf.camunda.prod_dr.host | quote }}\r
+ {{ else if eq .Values.env "st" }}\r
+ value: {{ .Values.otf.camunda.st.host | quote }}\r
+ {{ else }}\r
+ value: {{ .Values.otf.camunda.dev.host | quote }}\r
+ {{ end }}\r
+ - name: otf.camunda.port\r
+ {{if eq .Values.env "prod"}}\r
+ value: {{ .Values.otf.camunda.prod.port | quote }}\r
+ {{ else if eq .Values.env "prod-dr" }}\r
+ value: {{ .Values.otf.camunda.prod_dr.port | quote }}\r
+ {{ else if eq .Values.env "st"}}\r
+ value: {{ .Values.otf.camunda.st.port | quote }}\r
+ {{ else }}\r
+ value: {{ .Values.otf.camunda.dev.port | quote }}\r
+ {{ end }}\r
+ - name: otf.camunda.executionUri\r
+ value: {{.Values.otf.camunda.executionUri | quote }}\r
+ - name: otf.camunda.pollingUri\r
+ value: {{.Values.otf.camunda.pollingUri | quote }}\r
+ - name: otf.camunda.deploymentUri\r
+ value: {{.Values.otf.camunda.deploymentUri | quote }}\r
+ - name: otf.camunda.processDefinitionKeyUri\r
+ value: {{.Values.otf.camunda.processDefinitionKeyUri | quote }}\r
+ - name: otf.camunda.deploymentDeletionUri\r
+ value: {{.Values.otf.camunda.deploymentDeletionUri | quote }}\r
+ - name: otf.camunda.testDefinitionDeletionUri\r
+ value: {{.Values.otf.camunda.testDefinitionDeletionUri | quote }}\r
+\r
+ - name: otf.camunda.uri.execute-test\r
+ value: {{.Values.otf.camunda.uri.execute_test | quote }}\r
+ - name: otf.camunda.uri.process-instance-completion-check\r
+ value: {{.Values.otf.camunda.uri.process_instance_completion_check | quote }}\r
+ - name: otf.camunda.uri.deploy-test-strategy-zip\r
+ value: {{.Values.otf.camunda.uri.deploy_test_strategy_zip | quote }}\r
+ - name: otf.camunda.uri.process-definition\r
+ value: {{.Values.otf.camunda.uri.process_definition | quote }}\r
+ - name: otf.camunda.uri.delete-test-strategy\r
+ value: {{.Values.otf.camunda.uri.delete_test_strategy | quote }}\r
+ - name: otf.camunda.uri.delete-test-strategy-test-definition-id\r
+ value: {{.Values.otf.camunda.uri.delete_test_strategy_test_definition_id | quote }}\r
+ - name: otf.camunda.uri.health\r
+ value: {{.Values.otf.camunda.uri.health | quote }}\r
+\r
+ - name: otf.api.poll-interval\r
+ value: {{.Values.otf.api.poll_interval | quote}}\r
+ - name: otf.api.poll-attempts\r
+ value: {{.Values.otf.api.poll_attempts | quote}}\r
+\r
+ - name: OTF_CERT_PATH\r
+ {{if or (eq .Values.env "prod") (eq .Values.env "prod-dr")}}\r
+ value: {{ .Values.cert.prod.path | quote }}\r
+ {{ else if eq .Values.env "st"}}\r
+ value: {{ .Values.cert.st.path | quote }}\r
+ {{ else }}\r
+ value: {{ .Values.cert.dev.path | quote }}\r
+ {{ end }} \r
+ - name: OTF_CERT_PASS\r
+ valueFrom:\r
+ secretKeyRef:\r
+ name: {{ .Values.sharedCert}}\r
+ key: PKCS12_KEY\r
+ optional: true \r
+ volumeMounts:\r
+ - name: {{.Values.appName}}-keyfile-volume\r
+ mountPath: /opt/secret\r
+ - name: {{.Values.appName}}-cert-volume\r
+ mountPath: /opt/cert\r
+ {{ if or (eq .Values.env "st") (eq .Values.env "prod-dr")}}\r
+ {{else}}\r
+ - name: logging-pvc\r
+ mountPath: "/otf/logs"\r
+ {{end}} \r
+ livenessProbe:\r
+ httpGet:\r
+ path: /otf/api/health/v1\r
+ port: https\r
+ scheme: HTTPS\r
+ httpHeaders:\r
+ - name: X-Custom-Header\r
+ value: Alive\r
+ initialDelaySeconds: 30\r
+ timeoutSeconds: 30\r
+ periodSeconds: 30\r
+ readinessProbe:\r
+ httpGet:\r
+ path: /otf/api/health/v1\r
+ port: https\r
+ scheme: HTTPS\r
+ httpHeaders:\r
+ - name: X-Custom-Header\r
+ value: Ready\r
+ initialDelaySeconds: 30\r
+ timeoutSeconds: 30\r
+ periodSeconds: 30\r
+ restartPolicy: Always\r