cscott/apigateway-ocp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated to 7.7.0.20250830-3-BN0276-ubi

Browse Source 
Updated ANM destinationCertCA for 7.7.0.20250830-3-BN0276-ubi
This commit is contained in:
Conan Scott
2025-11-20 15:56:45 +08:00
parent 0a203fc035
commit 555c441ad1
79 changed files with 8102 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
apigateway/templates/anm/anm-configmap.yaml Normal file
View File

@@ -0,0 +1,12 @@
{{- if and .Values.anm.enabled .Values.anm.license }}
---
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ .Release.Name }}-anm-license-config
data:
{{- range $path, $config := .Values.anm.license }}
{{ $path }}: |
{{ $config | indent 4 -}}
{{- end -}}
{{- end -}}

162
apigateway/templates/anm/anm-deployment.yaml Normal file
View File

@@ -0,0 +1,162 @@
{{- if .Values.anm.enabled }}
apiVersion: apps/v1
kind: Deployment
metadata:
name: "{{ include "gateway.fullname" . }}-anm"
labels:
{{- include "gateway.labels" . | nindent 4 }}
app.kubernetes.io/component: anm
spec:
{{- if not .Values.anm.autoscaling.enabled }}
replicas: {{ .Values.anm.replicaCount }}
{{- end }}
strategy:
{{- if eq (default .Values.global.updateStrategy.type .Values.anm.updateStrategy.type) "RollingUpdate" }}
rollingUpdate:
maxSurge: {{ default .Values.global.updateStrategy.rollingUpdate.maxSurge .Values.anm.updateStrategy.rollingUpdate.maxSurge }}
maxUnavailable: {{ default .Values.global.updateStrategy.rollingUpdate.maxUnavailable .Values.anm.updateStrategy.rollingUpdate.maxUnavailable }}
{{- end }}
type: {{ default .Values.global.updateStrategy.type .Values.anm.updateStrategy.type }}
selector:
matchLabels:
{{- include "gateway.selectorLabels" . | nindent 6 }}
app.kubernetes.io/component: anm
{{- with .Values.anm.podLabels }}
{{- toYaml . | nindent 6 }}
{{- end }}
template:
metadata:
{{- with .Values.anm.podAnnotations }}
annotations:
{{- toYaml . | nindent 8 }}
{{- end }}
labels:
{{- include "gateway.selectorLabels" . | nindent 8 }}
app.kubernetes.io/component: anm
{{- with .Values.anm.podLabels }}
{{- toYaml . | nindent 8 }}
{{- end }}
spec:
{{- with .Values.global.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "gateway.anm.serviceAccountName" . }}
securityContext:
{{- toYaml .Values.anm.podSecurityContext | nindent 8 }}
containers:
- name: {{ .Chart.Name }}
securityContext:
{{- toYaml .Values.anm.securityContext | nindent 12 }}
image: "{{ default .Values.global.defaultRegistry .Values.anm.image.registry }}/{{ .Values.anm.image.repository }}:{{ .Values.anm.image.tag | default .Chart.AppVersion }}"
imagePullPolicy: {{ .Values.global.imagePullPolicy }}
ports:
- containerPort: {{ .Values.anm.service.ports.traffic.port }}
protocol: {{ .Values.anm.service.ports.traffic.protocol }}
- containerPort: {{ .Values.anm.service.ports.ui.port }}
protocol: {{ .Values.anm.service.ports.ui.protocol }}
{{- with .Values.anm.livenessProbe }}
livenessProbe:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.anm.readinessProbe }}
readinessProbe:
{{- toYaml . | nindent 12 }}
{{- end }}
resources:
{{- toYaml .Values.anm.resources | nindent 12 }}
env:
{{- with .Values.anm.extraEnvVars }}
{{ toYaml . | nindent 12 }}
{{- end }}
{{- if .Values.anm.FIPS.enabled }}
- name: EMT_FIPS_MODE
value: {{ .Values.anm.FIPS.enabled | quote }}
{{- end }}
{{- if .Values.anm.jvmHeapSize }}
- name: EMT_HEAP_SIZE_MB
value: {{ .Values.anm.jvmHeapSize | quote }}
{{- end }}
{{- if .Values.anm.logs.trace.level }}
- name: EMT_TRACE_LEVEL
value: {{ .Values.anm.logs.trace.level | quote }}
{{- end }}
{{- if .Values.anm.logs.trace.disk }}
- name: APIGW_LOG_TRACE_TO_FILE
value: {{ .Values.anm.logs.trace.disk | quote }}
{{- end }}
- name: APIGW_LOG_TRACE_JSON_TO_STDOUT
value: {{ default .Values.anm.logs.trace.stdoutJSON false | quote }}
{{- if .Values.global.domainkeypassphrase }}
- name: DOMAIN_KEY_PASSPHRASE
valueFrom:
secretKeyRef:
name: {{ include "gateway.domainkeypassphrase.secretName" . }}
key: passphrase
{{- end }}
{{- if .Values.global.database.metrics.enabled }}
- name: METRICS_DB_URL
value: {{ tpl .Values.global.database.metrics.url . | quote }}
- name: METRICS_DB_USERNAME
valueFrom:
secretKeyRef:
name: {{ include "gateway.metrics-db.secretName" . }}
key: {{ with .Values.global.database.metrics.existingSecret.keyMapping }}{{- default "username" .username }}{{- else -}}"username"{{- end }}
- name: METRICS_DB_PASS
valueFrom:
secretKeyRef:
name: {{ include "gateway.metrics-db.secretName" . }}
key: {{ with .Values.global.database.metrics.existingSecret.keyMapping }}{{- default "password" .password }}{{- else -}}"password"{{- end }}
{{- end }}
{{- if .Values.anm.image.generalConditions }}
- name: ACCEPT_GENERAL_CONDITIONS
value: {{ .Values.anm.image.generalConditions.accept | quote }}
{{- end }}
{{- if .Values.anm.extraVolumeMounts }}
volumeMounts:
{{- if .Values.anm.license }}
- name: license
mountPath: "/opt/Axway/apigateway/conf/licenses/license.lic"
subPath: "license.lic"
{{- end }}
{{- toYaml ( .Values.anm.extraVolumeMounts ) | nindent 12 }}
{{- end }}
{{- if .Values.anm.extraVolumes }}
volumes:
{{- if .Values.anm.license }}
- name: license
configMap:
name: {{ .Release.Name }}-anm-license-config
{{- end }}
{{ toYaml ( .Values.anm.extraVolumes ) | indent 8 }}
{{- end }}
initContainers:
{{- if .Values.global.database.metrics.enabled }}
- name: init-mysql
image: {{ .Values.global.initContainers.image | quote }}
command: ['sh', '-c', 'until nc -w 3 -v {{ tpl .Values.global.database.host . }} {{ .Values.global.database.port | int }}; do echo waiting for mysql; sleep 2; done;']
{{- with .Values.global.initContainers.resources }}
resources:
{{ toYaml . | nindent 12 }}
{{- end }}
{{- with .Values.global.initContainers.securityContext }}
securityContext:
{{- toYaml . | nindent 12 }}
{{- end }}
{{- end }}
{{- with .Values.anm.extraInitContainers }}
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.anm.nodeSelector }}
nodeSelector:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.anm.affinity }}
affinity:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- with .Values.anm.tolerations }}
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- end }}

35
apigateway/templates/anm/anm-hpa.yaml Normal file
View File

@@ -0,0 +1,35 @@
{{- if .Values.anm.enabled }}
{{- if .Values.anm.autoscaling.enabled }}
apiVersion: autoscaling/v2
kind: HorizontalPodAutoscaler
metadata:
name: "{{ include "gateway.fullname" . }}-anm"
labels:
{{- include "gateway.labels" . | nindent 4 }}
app.kubernetes.io/component: anm
spec:
scaleTargetRef:
apiVersion: apps/v1
kind: Deployment
name: "{{ include "gateway.fullname" . }}-anm"
minReplicas: {{ .Values.anm.autoscaling.minReplicas }}
maxReplicas: {{ .Values.anm.autoscaling.maxReplicas }}
metrics:
{{- if .Values.anm.autoscaling.targetCPUUtilizationPercentage }}
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: {{ .Values.anm.autoscaling.targetCPUUtilizationPercentage }}
{{- end }}
{{- if .Values.anm.autoscaling.targetMemoryUtilizationPercentage }}
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: {{ .Values.anm.autoscaling.targetMemoryUtilizationPercentage }}
{{- end }}
{{- end }}
{{- end }}

97
apigateway/templates/anm/anm-ingress.yaml Normal file
View File

@@ -0,0 +1,97 @@
{{- if .Values.anm.ingress.enabled -}}
{{- $fullName := include "gateway.fullname" . -}}
{{- $svcPort := .Values.anm.service.ports.ui.port -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $fullName }}-anm
labels:
{{- include "gateway.labels" . | nindent 4 }}
{{- with .Values.anm.ingress.annotations }}
annotations:
{{- tpl (toYaml .) $ | nindent 4 }}
{{- end }}
spec:
{{- if .Values.anm.ingress.className }}
ingressClassName: {{ .Values.anm.ingress.className }}
{{- end }}
{{- if .Values.anm.ingress.tls }}
tls:
{{- range .Values.anm.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ tpl . $ | quote }}
{{- end }}
{{- if .secretName }}
secretName: {{ tpl (.secretName) $ }}
{{- end }}
{{- end }}
{{- end }}
rules:
{{- range .Values.anm.ingress.hosts }}
- host: {{ tpl .host $ | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if .pathType }}
pathType: {{ .pathType }}
{{- end }}
backend:
service:
name: {{ $fullName }}-anm
port:
number: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}
---
{{- if .Values.anm.extraIngress.enabled -}}
{{- $fullName := include "gateway.fullname" . -}}
{{- $svcPort := .Values.anm.service.ports.ui.port -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $fullName }}-anm-extra
labels:
{{- include "gateway.labels" . | nindent 4 }}
{{- with .Values.anm.extraIngress.annotations }}
annotations:
{{- tpl (toYaml .) $ | nindent 4 }}
{{- end }}
spec:
{{- if .Values.anm.extraIngress.className }}
ingressClassName: {{ .Values.anm.extraIngress.className }}
{{- end }}
{{- if .Values.anm.extraIngress.tls }}
tls:
{{- range .Values.anm.extraIngress.tls }}
- hosts:
{{- range .hosts }}
- {{ tpl . $ | quote }}
{{- end }}
{{- if .secretName }}
secretName: {{ tpl (.secretName) $ }}
{{- end }}
{{- end }}
{{- end }}
rules:
{{- range .Values.anm.extraIngress.hosts }}
- host: {{ tpl .host $ | quote }}
http:
paths:
{{- range .paths }}
- path: {{ .path }}
{{- if .pathType }}
pathType: {{ .pathType }}
{{- end }}
backend:
service:
name: {{ $fullName }}-anm
port:
number: {{ $svcPort }}
{{- end }}
{{- end }}
{{- end }}

42
apigateway/templates/anm/anm-routes.yaml Normal file
View File

@@ -0,0 +1,42 @@
{{- if .Values.anm.enabled }}
{{- if .Values.anm.route.enabled -}}
kind: Route
apiVersion: route.openshift.io/v1
metadata:
name: "{{ include "gateway.fullname" . }}-anm"
labels:
{{- include "gateway.labels" . | nindent 4 }}
app.kubernetes.io/component: anm
spec:
{{- if .Values.global.domainName }}
host: anm.{{ .Values.global.domainName }}
{{- end }}
port:
targetPort: {{ tpl .Values.anm.route.targetPort . }}
to:
kind: Service
name: "{{ include "gateway.fullname" . }}-anm"
{{- if .Values.anm.route.tls.enabled }}
tls:
termination: {{ .Values.anm.route.tls.termination }}
insecureEdgeTerminationPolicy: {{ .Values.anm.route.tls.insecureEdgeTerminationPolicy }}
{{- if .Values.anm.route.tls.key }}
key: |-
{{- .Values.anm.route.tls.key | nindent 6 }}
{{- end }}
{{- if .Values.anm.route.tls.destinationCACertificate }}
destinationCACertificate: |-
{{- .Values.anm.route.tls.destinationCACertificate | nindent 6 }}
{{- end }}
{{- if .Values.anm.route.tls.caCertificate }}
caCertificate: |-
{{- .Values.anm.route.tls.caCertificate | nindent 6 }}
{{- end }}
{{- if .Values.anm.route.tls.certificate }}
certificate: |-
{{- .Values.anm.route.tls.certificate | nindent 6 }}
{{- end }}
{{- end }}
wildcardPolicy: None
{{- end }}
{{- end }}

23
apigateway/templates/anm/anm-service.yaml Normal file
View File

@@ -0,0 +1,23 @@
{{- if .Values.anm.enabled }}
apiVersion: v1
kind: Service
metadata:
name: "{{ include "gateway.fullname" . }}-anm"
labels:
{{- include "gateway.labels" . | nindent 4 }}
app.kubernetes.io/component: anm
spec:
type: {{ .Values.anm.service.type }}
ports:
- port: {{ .Values.anm.service.ports.traffic.port }}
targetPort: {{ .Values.anm.service.ports.traffic.port }}
protocol: {{ .Values.anm.service.ports.traffic.protocol }}
name: gatewaymanager
- port: {{ .Values.anm.service.ports.ui.port }}
targetPort: {{ .Values.anm.service.ports.ui.port }}
protocol: {{ .Values.anm.service.ports.ui.protocol }}
name: gatewaymanagerui
selector:
{{- include "gateway.selectorLabels" . | nindent 4 }}
app.kubernetes.io/component: anm
{{- end }}

15
apigateway/templates/anm/anm-serviceaccount.yaml Normal file
View File

@@ -0,0 +1,15 @@
{{- if .Values.anm.enabled }}
{{- if .Values.anm.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: "{{ include "gateway.anm.serviceAccountName" . }}"
labels:
{{- include "gateway.labels" . | nindent 4 }}
app.kubernetes.io/component: anm
{{- with .Values.anm.serviceAccount.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}
{{- end }}