# Copyright © Microsoft Corporation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ .Release.Name }}
namespace: osdu
spec:
replicas: {{ .Values.global.replicaCount }}
selector:
matchLabels:
app: {{ .Chart.Name }}
template:
metadata:
labels:
app: {{ .Chart.Name }}
aadpodidbinding: osdu-identity
spec:
{{- if .Values.global.isAutoscalingEnabled }}
nodeSelector:
nodepool: {{ .Values.global.nodepool }}
{{- end }}
volumes:
- name: azure-keyvault
csi:
driver: secrets-store.csi.k8s.io
readOnly: true
volumeAttributes:
secretProviderClass: azure-keyvault
containers:
- name: {{ .Chart.Name }}
image: {{ .Values.image.repository }}/{{ .Chart.Name }}-{{ .Values.image.branch }}:{{ .Values.image.tag | default .Chart.AppVersion }}
imagePullPolicy: Always
ports:
- containerPort: 80
resources:
requests:
cpu: "100m"
limits:
cpu: "300m"
readinessProbe:
httpGet:
path: /actuator/health
port: 8081
livenessProbe:
httpGet:
path: /actuator/health
port: 8081
initialDelaySeconds: 250
periodSeconds: 10
volumeMounts:
- name: azure-keyvault
mountPath: "/mnt/azure-keyvault"
readOnly: true
env:
- name: spring_application_name
value: legal
- name: server.servlet.contextPath
value: /api/legal/v1/
- name: server_port
value: "80"
- name: ACCEPT_HTTP # TEMPORARY UNTIL HTTPS
value: "true"
- name: KEYVAULT_URI
valueFrom:
configMapKeyRef:
name: osdu-svc-properties
key: ENV_KEYVAULT
- name: AZURE_CLIENT_ID
valueFrom:
secretKeyRef:
name: active-directory
key: principal-clientid
- name: AZURE_CLIENT_SECRET
valueFrom:
secretKeyRef:
name: active-directory
key: principal-clientpassword
- name: AZURE_TENANT_ID
valueFrom:
secretKeyRef:
name: active-directory
key: tenantid
- name: aad_client_id
valueFrom:
secretKeyRef:
name: active-directory
key: application-appid
- name: appinsights_key
valueFrom:
secretKeyRef:
name: central-logging
key: appinsights
- name: REDIS_DATABASE
valueFrom:
configMapKeyRef:
name: redis-configmap
key: legal
- name: cosmosdb_database
value: osdu-db
- name: LOG_PREFIX
value: legal
- name: azure_storage_container_name
value: legal-service-azure-configuration
- name: azure_storage_enable_https
value: "true"
- name: legal_service_region
value: us
- name: servicebus_topic_name
value: legaltags
- name: entitlements_service_endpoint
value: http://entitlements/api/entitlements/v2
- name: entitlements_service_api_key
value: "OBSOLETE"
- name: partition_service_endpoint
value: http://partition/api/partition/v1
- name: azure_istioauth_enabled
value: "true"
- name: SPRING_CONFIG_NAME
value: "common,application"
- name: azure_activedirectory_AppIdUri
value: "api://$(aad_client_id)"