Gitiles
Code Review Sign In
review.vexxhost.dev / atmosphere / refs/heads/stable/2023.1 / . / charts / heat / templates / deployment-cfn.yaml
blob: 84015438d88c1f0a8bce4bfef7a9c3496bb8d300 [file] [log] [blame]
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]1{{/*
2Licensed under the Apache License, Version 2.0 (the "License");
3you may not use this file except in compliance with the License.
4You may obtain a copy of the License at
5
6 http://www.apache.org/licenses/LICENSE-2.0
7
8Unless required by applicable law or agreed to in writing, software
9distributed under the License is distributed on an "AS IS" BASIS,
10WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
11See the License for the specific language governing permissions and
12limitations under the License.
13*/}}
14
15{{- if .Values.manifests.deployment_cfn }}
16{{- $envAll := . }}
17
18{{- $mounts_heat_cfn := .Values.pod.mounts.heat_cfn.heat_cfn }}
19{{- $mounts_heat_cfn_init := .Values.pod.mounts.heat_cfn.init_container }}
20
21{{- $serviceAccountName := "heat-cfn" }}
22{{ tuple $envAll "cfn" $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }}
23---
24apiVersion: apps/v1
25kind: Deployment
26metadata:
27 name: heat-cfn
28 annotations:
29 {{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" }}
30 labels:
31{{ tuple $envAll "heat" "cfn" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }}
32spec:
33 replicas: {{ .Values.pod.replicas.cfn }}
34 selector:
35 matchLabels:
36{{ tuple $envAll "heat" "cfn" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 6 }}
37{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }}
38 template:
39 metadata:
40 labels:
41{{ tuple $envAll "heat" "cfn" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }}
42 annotations:
43{{ tuple $envAll | include "helm-toolkit.snippets.release_uuid" | indent 8 }}
44 configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }}
45 configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }}
46{{ dict "envAll" $envAll "podName" "heat-cfn" "containerNames" (list "heat-cfn" "init" ) | include "helm-toolkit.snippets.kubernetes_mandatory_access_control_annotation" | indent 8 }}
47 spec:
48 serviceAccountName: {{ $serviceAccountName }}
49{{ dict "envAll" $envAll "application" "heat" | include "helm-toolkit.snippets.kubernetes_pod_security_context" | indent 6 }}
50 affinity:
51{{ tuple $envAll "heat" "cfn" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }}
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]52{{ if $envAll.Values.pod.tolerations.heat.enabled }}
53{{ tuple $envAll "heat" | include "helm-toolkit.snippets.kubernetes_tolerations" | indent 6 }}
54{{ end }}
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]55 nodeSelector:
56 {{ .Values.labels.cfn.node_selector_key }}: {{ .Values.labels.cfn.node_selector_value }}
57 terminationGracePeriodSeconds: {{ .Values.pod.lifecycle.termination_grace_period.cfn.timeout | default "30" }}
58 initContainers:
59{{ tuple $envAll "cfn" $mounts_heat_cfn_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }}
60 containers:
61 - name: heat-cfn
62{{ tuple $envAll "heat_cfn" | include "helm-toolkit.snippets.image" | indent 10 }}
63{{ tuple $envAll $envAll.Values.pod.resources.cfn | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }}
64{{ dict "envAll" $envAll "application" "heat" "container" "heat_cfn" | include "helm-toolkit.snippets.kubernetes_container_security_context" | indent 10 }}
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]65{{- if or .Values.manifests.certificates .Values.tls.identity }}
66 env:
67 - name: REQUESTS_CA_BUNDLE
68 value: "/etc/heat/certs/ca.crt"
69{{- end }}
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]70 command:
71 - /tmp/heat-cfn.sh
72 - start
73 lifecycle:
74 preStop:
75 exec:
76 command:
77 - /tmp/heat-cfn.sh
78 - stop
79 ports:
80 - name: h-cfn
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]81 containerPort: {{ tuple "cloudformation" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]82 readinessProbe:
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]83 httpGet:
84 scheme: {{ tuple "cloudformation" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
85 path: /
86 port: {{ tuple "cloudformation" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]87 livenessProbe:
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]88 httpGet:
89 scheme: {{ tuple "cloudformation" "service" "api" . | include "helm-toolkit.endpoints.keystone_endpoint_scheme_lookup" | upper }}
90 path: /
91 port: {{ tuple "cloudformation" "service" "api" . | include "helm-toolkit.endpoints.endpoint_port_lookup" }}
Oleksandr Kozachenko92a39f12023-10-03 15:25:15 +0200[diff] [blame]92 initialDelaySeconds: 10
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]93 volumeMounts:
94 - name: pod-tmp
95 mountPath: /tmp
96 - name: pod-etc-heat
97 mountPath: /etc/heat
98 - name: wsgi-heat
99 mountPath: /var/www/cgi-bin/heat
100 - name: heat-bin
101 mountPath: /tmp/heat-cfn.sh
102 subPath: heat-cfn.sh
103 readOnly: true
104 - name: heat-etc
Oleksandr Kozachenko92a39f12023-10-03 15:25:15 +0200[diff] [blame]105 mountPath: /etc/heat/heat-api-cfn-uwsgi.ini
106 subPath: heat-api-cfn-uwsgi.ini
107 readOnly: true
108 - name: heat-etc
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]109 mountPath: /etc/heat/heat.conf
110 subPath: heat.conf
111 readOnly: true
112 {{ if .Values.conf.heat.DEFAULT.log_config_append }}
113 - name: heat-etc
114 mountPath: {{ .Values.conf.heat.DEFAULT.log_config_append }}
115 subPath: {{ base .Values.conf.heat.DEFAULT.log_config_append }}
116 readOnly: true
117 {{ end }}
118 - name: heat-etc
119 mountPath: /etc/heat/api-paste.ini
120 subPath: api-paste.ini
121 readOnly: true
122 - name: heat-etc
123 mountPath: /etc/heat/policy.yaml
124 subPath: policy.yaml
125 readOnly: true
126 - name: heat-etc
127 mountPath: /etc/heat/api_audit_map.conf
128 subPath: api_audit_map.conf
129 readOnly: true
130 {{- if .Values.manifests.certificates }}
131 - name: heat-etc
132 mountPath: {{ .Values.conf.software.apache2.site_dir }}/heat-api-cfn.conf
133 subPath: wsgi-cnf.conf
134 readOnly: true
135 - name: heat-etc
136 mountPath: {{ .Values.conf.software.apache2.mods_dir }}/mpm_event.conf
137 subPath: mpm_event.conf
138 readOnly: true
139 {{- end }}
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]140{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.cloudformation.cfn.internal "path" "/etc/heat/certs" | include "helm-toolkit.snippets.tls_volume_mount" | indent 12 }}
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]141{{ if $mounts_heat_cfn.volumeMounts }}{{ toYaml $mounts_heat_cfn.volumeMounts | indent 12 }}{{ end }}
142 volumes:
143 - name: pod-tmp
144 emptyDir: {}
145 - name: pod-etc-heat
146 emptyDir: {}
147 - name: wsgi-heat
148 emptyDir: {}
149 - name: heat-bin
150 configMap:
151 name: heat-bin
152 defaultMode: 0555
153 - name: heat-etc
154 secret:
155 secretName: heat-etc
156 defaultMode: 0444
Mohammed Naserbcdd25c2023-01-18 03:38:47 +0000[diff] [blame]157{{- dict "enabled" (or .Values.manifests.certificates .Values.tls.identity) "name" .Values.secrets.tls.cloudformation.cfn.internal | include "helm-toolkit.snippets.tls_volume" | indent 8 }}
Mohammed Naserf3f59a72023-01-15 21:02:04 -0500[diff] [blame]158{{ if $mounts_heat_cfn.volumes }}{{ toYaml $mounts_heat_cfn.volumes | indent 8 }}{{ end }}
159{{- end }}