{{- if .Values.anm.enabled }} apiVersion: apps/v1 kind: Deployment metadata: name: "{{ include "gateway.fullname" . }}-anm" labels: {{- include "gateway.labels" . | nindent 4 }} app.kubernetes.io/component: anm spec: {{- if not .Values.anm.autoscaling.enabled }} replicas: {{ .Values.anm.replicaCount }} {{- end }} strategy: {{- if eq (default .Values.global.updateStrategy.type .Values.anm.updateStrategy.type) "RollingUpdate" }} rollingUpdate: maxSurge: {{ default .Values.global.updateStrategy.rollingUpdate.maxSurge .Values.anm.updateStrategy.rollingUpdate.maxSurge }} maxUnavailable: {{ default .Values.global.updateStrategy.rollingUpdate.maxUnavailable .Values.anm.updateStrategy.rollingUpdate.maxUnavailable }} {{- end }} type: {{ default .Values.global.updateStrategy.type .Values.anm.updateStrategy.type }} selector: matchLabels: {{- include "gateway.selectorLabels" . | nindent 6 }} app.kubernetes.io/component: anm {{- with .Values.anm.podLabels }} {{- toYaml . | nindent 6 }} {{- end }} template: metadata: {{- with .Values.anm.podAnnotations }} annotations: {{- toYaml . | nindent 8 }} {{- end }} labels: {{- include "gateway.selectorLabels" . | nindent 8 }} app.kubernetes.io/component: anm {{- with .Values.anm.podLabels }} {{- toYaml . | nindent 8 }} {{- end }} spec: {{- with .Values.global.imagePullSecrets }} imagePullSecrets: {{- toYaml . | nindent 8 }} {{- end }} serviceAccountName: {{ include "gateway.anm.serviceAccountName" . }} securityContext: {{- toYaml .Values.anm.podSecurityContext | nindent 8 }} containers: - name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.anm.securityContext | nindent 12 }} image: "{{ default .Values.global.defaultRegistry .Values.anm.image.registry }}/{{ .Values.anm.image.repository }}:{{ .Values.anm.image.tag | default .Chart.AppVersion }}" imagePullPolicy: {{ .Values.global.imagePullPolicy }} ports: - containerPort: {{ .Values.anm.service.ports.traffic.port }} protocol: {{ .Values.anm.service.ports.traffic.protocol }} - containerPort: {{ .Values.anm.service.ports.ui.port }} protocol: {{ .Values.anm.service.ports.ui.protocol }} {{- with .Values.anm.livenessProbe }} livenessProbe: {{- toYaml . | nindent 12 }} {{- end }} {{- with .Values.anm.readinessProbe }} readinessProbe: {{- toYaml . | nindent 12 }} {{- end }} resources: {{- toYaml .Values.anm.resources | nindent 12 }} env: {{- with .Values.anm.extraEnvVars }} {{ toYaml . | nindent 12 }} {{- end }} {{- if .Values.anm.FIPS.enabled }} - name: EMT_FIPS_MODE value: {{ .Values.anm.FIPS.enabled | quote }} {{- end }} {{- if .Values.anm.jvmHeapSize }} - name: EMT_HEAP_SIZE_MB value: {{ .Values.anm.jvmHeapSize | quote }} {{- end }} {{- if .Values.anm.logs.trace.level }} - name: EMT_TRACE_LEVEL value: {{ .Values.anm.logs.trace.level | quote }} {{- end }} {{- if .Values.anm.logs.trace.disk }} - name: APIGW_LOG_TRACE_TO_FILE value: {{ .Values.anm.logs.trace.disk | quote }} {{- end }} - name: APIGW_LOG_TRACE_JSON_TO_STDOUT value: {{ default .Values.anm.logs.trace.stdoutJSON false | quote }} {{- if .Values.global.domainkeypassphrase }} - name: DOMAIN_KEY_PASSPHRASE valueFrom: secretKeyRef: name: {{ include "gateway.domainkeypassphrase.secretName" . }} key: passphrase {{- end }} {{- if .Values.global.database.metrics.enabled }} - name: METRICS_DB_URL value: {{ tpl .Values.global.database.metrics.url . | quote }} - name: METRICS_DB_USERNAME valueFrom: secretKeyRef: name: {{ include "gateway.metrics-db.secretName" . }} key: {{ with .Values.global.database.metrics.existingSecret.keyMapping }}{{- default "username" .username }}{{- else -}}"username"{{- end }} - name: METRICS_DB_PASS valueFrom: secretKeyRef: name: {{ include "gateway.metrics-db.secretName" . }} key: {{ with .Values.global.database.metrics.existingSecret.keyMapping }}{{- default "password" .password }}{{- else -}}"password"{{- end }} {{- end }} {{- if .Values.anm.image.generalConditions }} - name: ACCEPT_GENERAL_CONDITIONS value: {{ .Values.anm.image.generalConditions.accept | quote }} {{- end }} {{- if .Values.anm.extraVolumeMounts }} volumeMounts: {{- if .Values.anm.license }} - name: license mountPath: "/opt/Axway/apigateway/conf/licenses/license.lic" subPath: "license.lic" {{- end }} {{- toYaml ( .Values.anm.extraVolumeMounts ) | nindent 12 }} {{- end }} {{- if .Values.anm.extraVolumes }} volumes: {{- if .Values.anm.license }} - name: license configMap: name: {{ .Release.Name }}-anm-license-config {{- end }} {{ toYaml ( .Values.anm.extraVolumes ) | indent 8 }} {{- end }} initContainers: {{- if .Values.global.database.metrics.enabled }} - name: init-mysql image: {{ .Values.global.initContainers.image | quote }} command: ['sh', '-c', 'until nc -w 3 -v {{ tpl .Values.global.database.host . }} {{ .Values.global.database.port | int }}; do echo waiting for mysql; sleep 2; done;'] {{- with .Values.global.initContainers.resources }} resources: {{ toYaml . | nindent 12 }} {{- end }} {{- with .Values.global.initContainers.securityContext }} securityContext: {{- toYaml . | nindent 12 }} {{- end }} {{- end }} {{- with .Values.anm.extraInitContainers }} {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.anm.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.anm.affinity }} affinity: {{- toYaml . | nindent 8 }} {{- end }} {{- with .Values.anm.tolerations }} tolerations: {{- toYaml . | nindent 8 }} {{- end }} {{- end }}