Make scb volume mount optional

k8s_helm_charts/zdm/templates/_helpers.tpl

@@ -78,4 +78,11 @@ Determine whether CDM should be created
 */}}
 {{- define "cdm.enabled" -}}
 {{- .Values.cdm.enabled | default "true" | toString }}
+{{- end }}
+
+{{/*
+Determine whether SCB volume & mounts should be created from expected secret
+*/}}
+{{- define "scb.enabled" -}}
+{{- .Values.scb.enabled | default "true" | toString }}
 {{- end }}

k8s_helm_charts/zdm/templates/cdm.yaml

@@ -1,7 +1,9 @@
 {{ $zdm_secretName := include "zdm.secretName" . -}}
 {{- $zdm_secretScbName := include "zdm.secretScbName" . -}}
+{{- $cdm_enabled := include "cdm.enabled" . -}}
+{{- $scb_enabled := include "scb.enabled" . -}}
 
-{{- if eq (include "cdm.enabled" .) "true" }}
+{{- if eq $cdm_enabled "true" }}
 apiVersion: apps/v1
 kind: Deployment
 metadata:
@@ -33,8 +35,16 @@ spec:
         - configMapRef:
             name: {{ include "zdm.fullname" . }}
         env:
+        {{- if eq ($scb_enabled) "true" }}
         - name: ZDM_TARGET_SECURE_CONNECT_BUNDLE_PATH
           value: /tmp/scb/target.zip
+        {{- else }}
+        - name: ZDM_TARGET_CONTACT_POINTS
+          valueFrom:
+            secretKeyRef:
+              name: {{ $zdm_secretName }}
+              key: target_contact_points
+        {{- end }}
         - name: ZDM_ORIGIN_CONTACT_POINTS
           valueFrom:
             secretKeyRef:
@@ -65,6 +75,7 @@ spec:
             secretKeyRef:
               name: {{ $zdm_secretName }}
               key: target_password
+      {{- if eq ($scb_enabled) "true" }}
         volumeMounts:
         - name: scb
           mountPath: "/tmp/scb"
@@ -76,4 +87,5 @@ spec:
           items:
           - key: secure-connect-target.zip
             path: target.zip
+      {{- end }}
 {{- end -}}

k8s_helm_charts/zdm/templates/deployment.yaml

@@ -4,6 +4,7 @@
 {{- $zdm_selectorLabels := include "zdm.selectorLabels" . -}}
 {{- $zdm_secretName := include "zdm.secretName" . -}}
 {{- $zdm_secretScbName := include "zdm.secretScbName" . -}}
+{{- $scb_enabled := include "scb.enabled" . -}}
 
 # calculate a variable that contains all proxy service addresses
 {{ $service_addresses := "" -}}
@@ -63,8 +64,16 @@ spec:
           value: {{ $index | quote }}
         - name: ZDM_PROXY_TOPOLOGY_ADDRESSES
           value: {{ $service_addresses }}
+        {{- if eq ($scb_enabled) "true" }}
         - name: ZDM_TARGET_SECURE_CONNECT_BUNDLE_PATH
           value: /tmp/scb/target.zip
+        {{- else }}
+        - name: ZDM_TARGET_CONTACT_POINTS
+          valueFrom:
+            secretKeyRef:
+              name: {{ $zdm_secretName }}
+              key: target_contact_points
+        {{- end }}
         - name: ZDM_ORIGIN_CONTACT_POINTS
           valueFrom:
             secretKeyRef:
@@ -97,16 +106,18 @@ spec:
               key: target_password
         ports:
         - containerPort: 9042
+      {{- if eq ($scb_enabled) "true" }}
         volumeMounts:
-        - name: scb
-          mountPath: "/tmp/scb"
-          readOnly: true
+          - name: scb
+            mountPath: "/tmp/scb"
+            readOnly: true
       volumes:
-      - name: scb
-        secret:
-          secretName: {{ $zdm_secretScbName }}
-          items:
-          - key: secure-connect-target.zip
-            path: target.zip
+        - name: scb
+          secret:
+            secretName: {{ $zdm_secretScbName }}
+            items:
+              - key: secure-connect-target.zip
+                path: target.zip
+      {{- end }}
 ---
-{{- end -}}
+{{- end -}}

k8s_helm_charts/zdm/values.yaml

@@ -42,6 +42,10 @@ cdm:
 nameOverride: ""
 fullnameOverride: ""
 
+# Enables connection via expected Secure Connect Bundle secret
+scb:
+  enabled: "true"
+
 # Overrides expected secret name "zdmproxy"
 secretNameOverride: ""
 # Overrides expected secret name "zdmproxy-scb"