/
deployment.yaml
110 lines (99 loc) · 3.64 KB
/
deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
---
# SPDX-FileCopyrightText: Magenta ApS
#
# SPDX-License-Identifier: MPL-2.0
{{- if .Values.orgviewer.adm.enabled }}
{{- $keycloak_client_id := "orgviewer" }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: orgviewer-adm-deployment
labels:
app: orgviewer-adm
spec:
selector:
matchLabels:
app: orgviewer-adm
strategy:
type: Recreate
template:
metadata:
labels:
app: orgviewer-adm
spec:
containers:
- name: orgviewer-adm
image: "{{ .Values.orgviewer.image.registry }}/{{ .Values.orgviewer.image.repository }}:{{ .Values.orgviewer.image.tag }}"
env:
{{- if not .Values.orgviewer.adm.url }}
{{- fail ".Values.orgviewer.adm.url must be set" }}
{{- end }}
{{- if not .Values.orgviewer.adm.title }}
{{- fail ".Values.orgviewer.adm.title must be set" }}
{{- end }}
{{- if not .Values.orgviewer.adm.org_uuid }}
{{- fail ".Values.orgviewer.adm.org_uuid must be set" }}
{{- end }}
- name: GLOBAL_API_URL
value: https://{{ .Values.ingress.hostname }}
- name: GLOBAL_APP_TITLE
value: {{ .Values.orgviewer.adm.title }}
- name: GLOBAL_API_ROOT_UUID
value: {{ .Values.orgviewer.adm.org_uuid }}
- name: KEYCLOAK_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: orgviewer-client-secret
key: client_secret
- name: GLOBAL_ORG_PERSON_RELATION
value: "engagement"
- name: CUSTOMER
value: "default"
- name: VUE_APP_TREE_LAYOUT
value: "vertical"
{{- range $name, $value := .Values.orgviewer.environment }}
- name: {{ $name }}
value: {{ $value | quote }}
{{- end }}
envFrom:
- configMapRef:
name: orgviewer-adm-config
ports:
- containerPort: 80
resources:
{{- toYaml .Values.orgviewer.adm.resources | nindent 12 }}
initContainers:
{{ include "os2mo.wait-for-keycloak" . | nindent 8 }}
{{ include "os2mo.wait-for-mo" . | nindent 8 }}
- name: create-client-secret
image: "{{ .Values.keycloak.integrationbuilder.image.registry }}/{{ .Values.keycloak.integrationbuilder.image.repository }}:{{ .Values.keycloak.integrationbuilder.image.tag }}"
env:
{{ include "os2mo.keycloak_terraform_db_connection" . | nindent 12 }}
- name: POSTGRES_SCHEMA_NAME
value: terraform_remote_state_orgviewer
# Keycloak REST connection
- name: TF_VAR_admin_password
valueFrom:
secretKeyRef:
name: {{ include "os2mo.keycloak_admin_secret" . }}
key: admin_password
# Configuration of the client
- name: TF_VAR_client_name
value: {{ $keycloak_client_id }}
- name: TF_VAR_client_roles
value: '["reader"]'
- name: TF_VAR_client_standard_flow_enabled
value: 'true'
- name: TF_VAR_client_valid_redirect_urls
value: '["*"]'
- name: TF_VAR_client_web_origins
value: '["*"]'
- name: TF_VAR_client_secret
valueFrom:
secretKeyRef:
name: orgviewer-client-secret
key: client_secret
resources:
{{- toYaml .Values.initContainers.resources | nindent 12 }}
restartPolicy: Always
{{- end }}