Allow mounting of custom policies via a ConfigMap

gate-teamware/README.md

@@ -66,6 +66,7 @@ Things you will commonly need to override include:
     - `name` - admin organisation/individual's name.
     - `address` - physical address.
     - `contact` - a means of contact, supports HTML for e.g. email or contact form links.
+  - `customPoliciesConfigMap` - if any of the default policies are not suitable for your needs or not compatible with the law governing your location, then you will need to [provide your own custom policies](https://gatenlp.github.io/gate-teamware/development/developerguide/#including-a-custom-privacy-policy-and-or-terms-conditions) as Markdown files.  Create a ConfigMap with entries named `privacy-policy.md` and/or `terms-and-conditions.md` (whichever of the standard policies you want to override), provide the name of the ConfigMap in this setting, and Teamware will use your custom policy or policies in place of the standard ones.
 
 You can also set `resources`, `nodeSelector`, `affinity` and/or `tolerations` if required, under both the `backend` and `staticFiles` sections
 

gate-teamware/templates/deployment-backend.yaml

@@ -165,12 +165,19 @@ spec:
             {{- toYaml . | nindent 10 }}
           {{- end }}
 
-          {{- if and $.Values.email.smtp.security $.Values.email.smtp.clientCertSecret }}
+          {{- if or (and $.Values.email.smtp.security $.Values.email.smtp.clientCertSecret) $.Values.privacyPolicy.customPoliciesConfigMap }}
           volumeMounts:
+          {{- end }}
+          {{- if and $.Values.email.smtp.security $.Values.email.smtp.clientCertSecret }}
           - name: email-client-cert
             mountPath: /email-client-cert
             readOnly: true
           {{- end }}{{/* if smtp client cert */}}
+          {{- if $.Values.privacyPolicy.customPoliciesConfigMap }}
+          - name: custom-policies
+            mountPath: /app/custom-policies
+            readOnly: true
+          {{- end }}{{/* if custom policies */}}
           livenessProbe:
             httpGet:
               path: /
@@ -187,12 +194,20 @@ spec:
                 value: {{ $.Values.hostName | quote }}
           resources:
             {{- toYaml .resources | nindent 12 }}
-      {{- if and $.Values.email.smtp.security $.Values.email.smtp.clientCertSecret }}
+
+      {{- if or (and $.Values.email.smtp.security $.Values.email.smtp.clientCertSecret) $.Values.privacyPolicy.customPoliciesConfigMap }}
       volumes:
+      {{- end }}
+      {{- if and $.Values.email.smtp.security $.Values.email.smtp.clientCertSecret }}
       - name: email-client-cert
         secret:
           secretName: {{ $.Values.email.smtp.clientCertSecret | quote }}
       {{- end }}{{/* if smtp client cert */}}
+      {{- if $.Values.privacyPolicy.customPoliciesConfigMap }}
+        - name: custom-policies
+          configMap:
+            name: {{ $.Values.privacyPolicy.customPoliciesConfigMap }}
+      {{- end }}{{/* if custom policies */}}
       {{- with .nodeSelector }}
       nodeSelector:
         {{- toYaml . | nindent 8 }}

gate-teamware/values.yaml

@@ -317,6 +317,9 @@ email:
     secretName: ""
 
 privacyPolicy:
+  # name of a pre-existing ConfigMap containing entries for a custom privacy-policy.md
+  # and/or terms-and-conditions.md, which will override the default ones provided by Teamware
+  customPoliciesConfigMap: ""
   # Contact details of the host and administrator of the teamware instance
   host:
     # Name of the organization that hosts this teamware instance, e.g. "Annotation4U Ltd."