Merge branch 'feature/SIMPL-1042_allow_secret_injection_from_vault_to_pod' into 'develop'

SIMPL-1042 enabled secret injection from vault to pods

See merge request !4

deployment/sd/helm/sd-creation-wizard/templates/deployment.yaml

@@ -11,11 +11,24 @@ spec:
       app: sd-api
   template:
     metadata:
+      annotations:
+        vault.hashicorp.com/agent-inject: "true"
+        vault.hashicorp.com/role: "gaiax-edc_role"
+        vault.hashicorp.com/agent-inject-secret-config.txt: "dev/gaiax-edc-dev-sd-sd-creation-wizard-api"
+        vault.hashicorp.com/agent-inject-template-config.txt: |
+          {{`{{ with secret "dev/gaiax-edc-dev-sd-sd-creation-wizard-api" }}
+          {{ range $k, $v := .Data.data }}
+            export {{ $k }}={{ $v }}
+          {{ end }}
+          {{ end }}`}}
       labels:
         app: sd-api
     spec:
+      serviceAccountName: {{ .Release.Namespace }}
       containers:
         - name: {{ .Chart.Name }}-api
+          command: [ "/bin/sh" ]
+          args: [ "-c", "source /vault/secrets/config.txt && java -jar /app.jar" ]
           image: code.europa.eu:4567/simpl/simpl-open/development/data1/sdtooling-api-be:latest
           imagePullPolicy: Always
           ports:
@@ -36,15 +49,26 @@ spec:
       app: sd-frontend
   template:
     metadata:
+      annotations:
+        vault.hashicorp.com/agent-inject: "true"
+        vault.hashicorp.com/role: "gaiax-edc_role"
+        vault.hashicorp.com/agent-inject-secret-config.txt: "dev/gaiax-edc-dev-sd-sd-creation-wizard-frontend"
+        vault.hashicorp.com/agent-inject-template-config.txt: |
+          {{`{{ with secret "dev/gaiax-edc-dev-sd-sd-creation-wizard-frontend" }}
+          {{ range $k, $v := .Data.data }}
+            export {{ $k }}={{ $v }}
+          {{ end }}
+          {{ end }}`}}
       labels:
         app: sd-frontend
     spec:
+      serviceAccountName: {{ .Release.Namespace }}
       containers:
         - name: {{ .Chart.Name }}-frontend
+          command: [ "/bin/sh" ]
+          args: [ "-c", "source /vault/secrets/config.txt && envsubst < /usr/share/nginx/html/assets/env.template.js > /usr/share/nginx/html/assets/env.js && exec nginx -g 'daemon off;'" ]
           image: code.europa.eu:4567/simpl/simpl-open/development/data1/sdtooling-wizard-fe:latest
           imagePullPolicy: Always
           ports:
             - containerPort: {{ .Values.creationWizardFrontendContainerPort }}
-          env:
-            - name: API_URL
-              value:  https://creation-wizard-api.{{ .Values.domain }}
\ No newline at end of file
+

deployment/sd/helm/sd-creation-wizard/templates/serviceaccount.yaml

+apiVersion: v1
+kind: ServiceAccount
+metadata:
+  name: {{ .Release.Namespace }}
+  namespace: {{ .Release.Namespace }}
+  labels:
+    app: {{ .Release.Name }}