diff --git a/k8s_helm_charts/zdm/templates/_helpers.tpl b/k8s_helm_charts/zdm/templates/_helpers.tpl index 7ae5c2dc..a4df6958 100644 --- a/k8s_helm_charts/zdm/templates/_helpers.tpl +++ b/k8s_helm_charts/zdm/templates/_helpers.tpl @@ -58,3 +58,31 @@ Create the name of the service account to use {{- default "default" .Values.serviceAccount.name }} {{- end }} {{- end }} + +{{/* +Create name of the secret from which container environment variables will be populated +*/}} +{{- define "zdm.secretName" -}} +{{- .Values.secretNameOverride | default "zdmproxy" }} +{{- end }} + +{{/* +Create name of the secret from which containers will be configured with SCB values +*/}} +{{- define "zdm.secretScbName" -}} +{{- .Values.secretScbNameOverride | default "zdmproxy-scb" }} +{{- end }} + +{{/* +Determine whether CDM should be created +*/}} +{{- define "cdm.enabled" -}} +{{- .Values.cdm.enabled | default "true" | toString }} +{{- end }} + +{{/* +Determine whether SCB volume & mounts should be created from expected secret +*/}} +{{- define "scb.enabled" -}} +{{- .Values.scb.enabled | default "true" | toString }} +{{- end }} \ No newline at end of file diff --git a/k8s_helm_charts/zdm/templates/cdm.yaml b/k8s_helm_charts/zdm/templates/cdm.yaml index 81f972e7..35d90846 100644 --- a/k8s_helm_charts/zdm/templates/cdm.yaml +++ b/k8s_helm_charts/zdm/templates/cdm.yaml @@ -1,3 +1,9 @@ +{{ $zdm_secretName := include "zdm.secretName" . -}} +{{- $zdm_secretScbName := include "zdm.secretScbName" . -}} +{{- $cdm_enabled := include "cdm.enabled" . -}} +{{- $scb_enabled := include "scb.enabled" . -}} + +{{- if eq $cdm_enabled "true" }} apiVersion: apps/v1 kind: Deployment metadata: @@ -29,38 +35,47 @@ spec: - configMapRef: name: {{ include "zdm.fullname" . }} env: + {{- if eq ($scb_enabled) "true" }} - name: ZDM_TARGET_SECURE_CONNECT_BUNDLE_PATH value: /tmp/scb/target.zip + {{- else }} + - name: ZDM_TARGET_CONTACT_POINTS + valueFrom: + secretKeyRef: + name: {{ $zdm_secretName }} + key: target_contact_points + {{- end }} - name: ZDM_ORIGIN_CONTACT_POINTS valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: origin_contact_points - name: ZDM_ORIGIN_PORT valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: origin_port - name: ZDM_ORIGIN_USERNAME valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: origin_username - name: ZDM_ORIGIN_PASSWORD valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: origin_password - name: ZDM_TARGET_USERNAME valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: target_username - name: ZDM_TARGET_PASSWORD valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: target_password + {{- if eq ($scb_enabled) "true" }} volumeMounts: - name: scb mountPath: "/tmp/scb" @@ -68,7 +83,9 @@ spec: volumes: - name: scb secret: - secretName: zdmproxy-scb + secretName: {{ $zdm_secretScbName }} items: - key: secure-connect-target.zip path: target.zip + {{- end }} +{{- end -}} \ No newline at end of file diff --git a/k8s_helm_charts/zdm/templates/deployment.yaml b/k8s_helm_charts/zdm/templates/deployment.yaml index a00f4e77..73bb0574 100644 --- a/k8s_helm_charts/zdm/templates/deployment.yaml +++ b/k8s_helm_charts/zdm/templates/deployment.yaml @@ -2,6 +2,9 @@ {{ $zdm_fullname := include "zdm.fullname" . -}} {{- $zdm_labels := include "zdm.labels" . -}} {{- $zdm_selectorLabels := include "zdm.selectorLabels" . -}} +{{- $zdm_secretName := include "zdm.secretName" . -}} +{{- $zdm_secretScbName := include "zdm.secretScbName" . -}} +{{- $scb_enabled := include "scb.enabled" . -}} # calculate a variable that contains all proxy service addresses {{ $service_addresses := "" -}} @@ -61,50 +64,60 @@ spec: value: {{ $index | quote }} - name: ZDM_PROXY_TOPOLOGY_ADDRESSES value: {{ $service_addresses }} + {{- if eq ($scb_enabled) "true" }} - name: ZDM_TARGET_SECURE_CONNECT_BUNDLE_PATH value: /tmp/scb/target.zip + {{- else }} + - name: ZDM_TARGET_CONTACT_POINTS + valueFrom: + secretKeyRef: + name: {{ $zdm_secretName }} + key: target_contact_points + {{- end }} - name: ZDM_ORIGIN_CONTACT_POINTS valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: origin_contact_points - name: ZDM_ORIGIN_PORT valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: origin_port - name: ZDM_ORIGIN_USERNAME valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: origin_username - name: ZDM_ORIGIN_PASSWORD valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: origin_password - name: ZDM_TARGET_USERNAME valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: target_username - name: ZDM_TARGET_PASSWORD valueFrom: secretKeyRef: - name: zdmproxy + name: {{ $zdm_secretName }} key: target_password ports: - containerPort: 9042 + {{- if eq ($scb_enabled) "true" }} volumeMounts: - - name: scb - mountPath: "/tmp/scb" - readOnly: true + - name: scb + mountPath: "/tmp/scb" + readOnly: true volumes: - - name: scb - secret: - secretName: zdmproxy-scb - items: - - key: secure-connect-target.zip - path: target.zip + - name: scb + secret: + secretName: {{ $zdm_secretScbName }} + items: + - key: secure-connect-target.zip + path: target.zip + {{- end }} --- -{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/k8s_helm_charts/zdm/values.yaml b/k8s_helm_charts/zdm/values.yaml index ded8d0ef..2708a6f0 100644 --- a/k8s_helm_charts/zdm/values.yaml +++ b/k8s_helm_charts/zdm/values.yaml @@ -27,6 +27,7 @@ proxy: tag: "" cdm: + enabled: "true" resources: limits: cpu: 16000m @@ -41,6 +42,15 @@ cdm: nameOverride: "" fullnameOverride: "" +# Enables connection via expected Secure Connect Bundle secret +scb: + enabled: "true" + +# Overrides expected secret name "zdmproxy" +secretNameOverride: "" +# Overrides expected secret name "zdmproxy-scb" +secretScbNameOverride: "" + service: type: ClusterIP port: 9942