/
deployment.yaml
96 lines (90 loc) · 3.21 KB
/
deployment.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
# SPDX-FileCopyrightText: Magenta ApS
#
# SPDX-License-Identifier: MPL-2.0
---
{{- if .Values.sql_export.enabled }}
{{- $keycloak_client_id := "integration_sql_export" }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: sql-export
labels:
app: sql-export
{{- with .Values.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
selector:
matchLabels:
app: sql-export
strategy:
type: Recreate
template:
metadata:
labels:
app: sql-export
spec:
containers:
- name: sql-export
image: "{{ .Values.sql_export.image.registry }}/{{ .Values.sql_export.image.repository }}:{{ .Values.sql_export.image.tag }}"
env:
- name: AUTH_SERVER
value: "http://keycloak-service:8080/auth"
- name: CLIENT_ID
value: "{{ $keycloak_client_id }}"
- name: CLIENT_SECRET
valueFrom:
secretKeyRef:
name: sql-export-client-secret
key: client_secret
{{- if not (empty .Values.sql_export.actual_state_secret_name) }}
- name: ACTUAL_STATE__PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.sql_export.actual_state_secret_name }}
key: password
{{- end }}
{{- if not (empty .Values.sql_export.historic_state_secret_name) }}
- name: HISTORIC_STATE__PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Values.sql_export.historic_state_secret_name }}
key: password
{{- end }}
{{- range $name, $value := .Values.sql_export.environment }}
- name: {{ $name }}
value: {{ $value | quote }}
{{- end }}
ports:
- containerPort: 8000
resources:
{{- toYaml .Values.sql_export.resources | nindent 12 }}
initContainers:
{{ include "os2mo.wait-for-keycloak" . | nindent 8 }}
{{ include "os2mo.wait-for-mo" . | nindent 8 }}
- name: create-client-secret
image: "{{ .Values.keycloak.integrationbuilder.image.registry }}/{{ .Values.keycloak.integrationbuilder.image.repository }}:{{ .Values.keycloak.integrationbuilder.image.tag }}"
env:
{{ include "os2mo.keycloak_terraform_db_connection" . | nindent 12 }}
- name: POSTGRES_SCHEMA_NAME
value: terraform_remote_state_sql_export
# Keycloak REST connection
- name: TF_VAR_admin_password
valueFrom:
secretKeyRef:
name: {{ include "os2mo.keycloak_admin_secret" . }}
key: admin_password
# Configuration of the client
- name: TF_VAR_client_name
value: "{{ $keycloak_client_id }}"
- name: TF_VAR_client_roles
value: '["admin"]'
- name: TF_VAR_client_secret
valueFrom:
secretKeyRef:
name: sql-export-client-secret
key: client_secret
resources:
{{- toYaml .Values.initContainers.resources | nindent 12 }}
{{- end }}