apiVersion: apps/v1 kind: Deployment metadata: name: "{{ .Release.Name }}-connect" spec: replicas: 1 selector: matchLabels: app: "{{ .Release.Name }}-connect" template: metadata: labels: app: "{{ .Release.Name }}-connect" spec: hostAliases: - ip: "{{ .Values.sharedService.keycloak.host.ip }}" hostnames: - "{{ .Values.sharedService.keycloak.host.name }}" volumes: - name: elastic-client-cert secret: secretName: elastic-client-cert containers: - name: "{{ .Release.Name }}-connect" image: "{{ .Values.harbor.host.name }}/{{ .Values.connect.image.name }}:{{ .Values.connect.image.version }}" imagePullPolicy: Always volumeMounts: - name: elastic-client-cert mountPath: '/usr/share/smardigo/' readOnly: true env: - name: TENANT_ID value: "" - name: ADMIN_LOGIN value: "{{ .Values.connect.admin.username }}" - name: ADMIN_PASSWORD value: "{{ .Values.connect.admin.password }}" - name: SMA_JWT_ENABLED value: "True" - name: SMA_JWT_SECRET valueFrom: secretKeyRef: name: "{{ .Release.Name }}-connect-secrets" key: JWT_SECRET - name: SPRING_PROFILES_INCLUDE value: "prod,postgres,elastic,swagger" - name: DATASOURCE_URL value: "jdbc:postgresql://{{ .Values.connect.datasource.host }}:{{ .Values.connect.datasource.port }}/{{ .Values.connect.datasource.database }}" - name: DATASOURCE_USERNAME value: "{{ .Values.connect.datasource.username }}" - name: DATASOURCE_PASSWORD value: "{{ .Values.connect.datasource.password }}" - name: ELASTIC_HOST value: "{{ .Values.connect.elastic.host }}" - name: ELASTIC_PREFIX value: "{{ .Release.Name }}-connect" - name: ELASTIC_USERNAME value: "{{ .Values.connect.elastic.username }}" - name: ELASTIC_PASSWORD value: "{{ .Values.connect.elastic.password }}" - name: ELASTIC_CA value: "file:/usr/share/smardigo/ca.crt" - name: AUTH_MODULE value: "oidc" - name: OIDC_CLIENT_ID value: "{{ .Values.connect.oidc.client_id }}" - name: OIDC_CLIENT_SECRET value: "{{ .Values.connect.oidc.client_secret }}" - name: OIDC_REGISTRATION_ID value: "{{ .Values.connect.oidc.registration_id }}" - name: OIDC_ISSUER_URI value: "https://{{ .Values.connect.oidc.issuer_host }}/auth/realms/{{ .Values.connect.oidc.realm }}" - name: IAM_MODULE value: "external" - name: IAM_CLIENT_ENABLED value: "true" - name: EXTERNAL_IAM_SERVER_URL value: "http://{{ .Release.Name }}-iam:8080" - name: MAIL_PROTOCOL value: "smtp" - name: MAIL_HOST value: "{{ .Values.connect.mail.host }}" - name: MAIL_PORT value: "{{ .Values.connect.mail.post }}" - name: MAIL_USER value: "{{ .Values.connect.mail.username }}" - name: MAIL_PASSWORD value: "{{ .Values.connect.mail.password }}" - name: MAIL_PROPERTIES_SIMULATION value: "{{ .Values.connect.mail.properties.simulation }}" - name: MAIL_PROPERTIES_BASE_URL value: "{{ .Values.connect.mail.properties.base_url }}" - name: MAIL_PROPERTIES_BASE_URL_EXTERN value: "{{ .Values.connect.mail.properties.base_url_extern }}" - name: MAIL_PROPERTIES_SENDER value: "{{ .Values.connect.mail.properties.sender }}" - name: MAIL_PROPERTIES_SENDER_ALIAS value: "{{ .Values.connect.mail.properties.sender_alias }}" - name: PASSWORD_CHANGE_URL value: "https://{{ .Values.connect.oidc.issuer_host }}/auth/realms/{{ .Values.connect.oidc.realm }}/account/password" - name: USER_MANAGEMENT_URL value: "https://{{ .Values.connect.oidc.issuer_host }}/auth/admin/{{ .Values.connect.oidc.realm }}/console" - name: PROCESS_SEARCH_MODULE value: "external" - name: ELASTIC_SEARCH_INDEX value: "search" - name: ELASTIC_MESSAGE_INDEX value: "message" - name: ELASTIC_ANALYSIS_INDEX value: "analysis" - name: ELEMENT_TEMPLATE_ENABLED value: "true" ports: - containerPort: 8080 initContainers: - name: init-iam image: busybox:1.28 command: ['sh', '-c', "until nslookup {{ .Release.Name }}-iam; do echo waiting for iam; sleep 2; done"] - name: init-postgres image: busybox:1.28 command: ['sh', '-c', "until nslookup {{ .Values.connect.datasource.host }}; do echo waiting for postgres; sleep 2; done"] - name: init-elasticsearch image: busybox:1.28 command: ['sh', '-c', "until nslookup {{ .Values.connect.elastic.host }}; do echo waiting for elastic; sleep 2; done"] imagePullSecrets: - name: "{{ .Values.connect.pull_secret }}"