deployment.yaml 2.99 KB
Newer Older
Daniel Scholl's avatar
Daniel Scholl committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
#  Copyright © Microsoft Corporation
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.

apiVersion: apps/v1
kind: Deployment
metadata:
18
  name: {{ .Release.Name }}
Daniel Scholl's avatar
Daniel Scholl committed
19
20
21
22
23
  namespace: osdu
spec:
  replicas: {{ .Values.global.replicaCount }}
  selector:
    matchLabels:
24
      app: {{ .Chart.Name }}
Daniel Scholl's avatar
Daniel Scholl committed
25
26
27
  template:
    metadata:
      labels:
28
        app: {{ .Chart.Name }}
Daniel Scholl's avatar
Daniel Scholl committed
29
30
31
32
33
34
35
36
37
38
        aadpodidbinding: osdu-identity
    spec:
      volumes:
      - name: azure-keyvault
        csi:
          driver: secrets-store.csi.k8s.io
          readOnly: true
          volumeAttributes:
            secretProviderClass: azure-keyvault
      containers:
39
      - name: {{ .Chart.Name }}
Daniel Scholl's avatar
Daniel Scholl committed
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
        image: {{ .Values.image.repository }}/{{ .Chart.Name }}-{{ .Values.image.branch }}:{{ .Values.image.tag | default .Chart.AppVersion }}
        imagePullPolicy: Always
        ports:
        - containerPort: 80
        readinessProbe:
          httpGet:
            path: /entitlements/v1/swagger-ui.html
            port: 80
        volumeMounts:
        - name: azure-keyvault
          mountPath: "/mnt/azure-keyvault"
          readOnly: true
        env:
        - name: spring_application_name
          value: entitlements-azure
        - name: server.servlet.contextPath
          value: /entitlements/v1/
        - name: server_port
          value: "80"
        - name: KEYVAULT_URI
          valueFrom:
            configMapKeyRef:
              name: osdu-svc-properties
              key: ENV_KEYVAULT
        - name: AZURE_CLIENT_ID
          valueFrom:
            secretKeyRef:
              name: clientid
              key: clientid
        - name: AZURE_CLIENT_SECRET
          valueFrom:
            secretKeyRef:
              name: clientpassword
              key: clientpassword
        - name: AZURE_TENANT_ID
          valueFrom:
            configMapKeyRef:
              name: osdu-svc-properties
              key: ENV_TENANT_ID
        - name: aad_client_id
          valueFrom:
            secretKeyRef:
              name: appid
              key: appid
        - name: appinsights_key
          valueFrom:
            secretKeyRef:
              name: appinsights
              key: appinsights
        - name: azure_activedirectory_session_stateless
          value: "true"
        - name: azure_activedirectory_AppIdUri
          value: "api://$(aad_client_id)"
        - name: cosmosdb_database
          value: osdu-db
        - name: service_domain_name
          value: contoso.com
97
98
        - name: azure_istioauth_enabled
          value: "true"