1 files changed, 24 insertions, 0 deletions

diff --git a/k8s/configure/configure.py b/k8s/configure/configure.py
index d51b87b..c0dcd3f 100644
--- a/k8s/configure/configure.py
+++ b/k8s/configure/configure.py
@@ -3,6 +3,7 @@
 # ================================================================================
 # Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
 # Copyright (c) 2019 Pantheon.tech. All rights reserved.
+# Copyright (c) 2020 Nokia. All rights reserved.
 # ================================================================================
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -38,6 +39,17 @@ TLS_IMAGE = "nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.tls-init-c
 TLS_COMP_CERT_PATH = "/opt/dcae/cacert"
 TLS_CA_CONFIGMAP = "dcae-cacert-configmap"
 
+EXT_TLS_IMAGE = "nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:1.2.0"
+EXT_TLS_REQUEST_URL = "https://aaf-cert-service:8443/v1/certificate/"
+EXT_TLS_TIMEOUT = "30000"
+EXT_TLS_COUNTRY = "US"
+EXT_TLS_ORGANIZATION = "Linux-Foundation"
+EXT_TLS_STATE = "California"
+EXT_TLS_ORGANIZATIONAL_UNIT = "ONAP"
+EXT_TLS_LOCATION = "San-Francisco"
+EXT_TLS_KEYSTORE_PASSWORD = "secret"
+EXT_TLS_TRUSTSTORE_PASSWORD = "secret"
+
 CBS_BASE_URL = "https://config-binding-service:10443/service_component_all"
 
 def _set_defaults():
@@ -61,6 +73,18 @@ def _set_defaults():
             "image": TLS_IMAGE,                         # Docker image to use for TLS init container
             "component_cert_dir": TLS_COMP_CERT_PATH    # default mount point for certificate volume in component container
         },
+        "external_cert": {
+            "image_tag": EXT_TLS_IMAGE,                           # Docker image to use for external TLS init container
+            "request_url" : EXT_TLS_REQUEST_URL,                  # URL to Cert Service API
+            "timeout" : EXT_TLS_TIMEOUT,                          # Request timeout
+            "country" : EXT_TLS_COUNTRY,                          # Country name in ISO 3166-1 alpha-2 format, for which certificate will be created
+            "organization" : EXT_TLS_ORGANIZATION,                # Organization name, for which certificate will be created
+            "state" : EXT_TLS_STATE,                              # State name, for which certificate will be created
+            "organizational_unit" : EXT_TLS_ORGANIZATIONAL_UNIT,  # Organizational unit name, for which certificate will be created
+            "location" : EXT_TLS_LOCATION,                        # Location name, for which certificate will be created
+            "keystore_password" : EXT_TLS_KEYSTORE_PASSWORD,      # Password to keystore file
+            "truststore_password" : EXT_TLS_TRUSTSTORE_PASSWORD   # Password to truststore file
+        },
         "cbs": {
             "base_url" : CBS_BASE_URL                   # URL prefix for accessing config binding service
         }