diff options
| author |   Krzysztof Kuzmicki <krzysztof.kuzmicki@nokia.com> | 2022-01-24 08:52:51 +0100 |
|---|---|---|
| committer | Krzysztof Kuzmicki <krzysztof.kuzmicki@nokia.com> | 2022-01-24 07:59:25 +0000 |
| commit | a90de0bd08de449a3b988efbdcb66a66973d1e0f (patch) | |
| tree | e1d3d226766c7ffa4da3a3019053a9bfd3b240c5 /helm/netconf/templates/deployment.yaml | |
| parent | f739bd6b7e48edad36966a00894dc08de0c4de21 (diff) | |
Add cert manager support to netconf simulator
Issue-ID: INT-2051
Signed-off-by: Krzysztof Kuzmicki <krzysztof.kuzmicki@nokia.com>
Change-Id: Iebae4cdce78744492a5a7fb53ddcd1db7fd2585d
Diffstat (limited to 'helm/netconf/templates/deployment.yaml')
| -rw-r--r-- | helm/netconf/templates/deployment.yaml | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/helm/netconf/templates/deployment.yaml b/helm/netconf/templates/deployment.yaml index 4a4663a..0b1af99 100644 --- a/helm/netconf/templates/deployment.yaml +++ b/helm/netconf/templates/deployment.yaml @@ -1,7 +1,22 @@ +# Copyright © 2022 Nokia. All rights reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "netconf-server.fullname" . }} + namespace: {{ include "netconf.namespace" . }} labels: {{- include "netconf-server.labels" . | nindent 4 }} spec: @@ -28,6 +43,8 @@ spec: - env: - name: KAFKA_HOST_NAME value: {{ .Values.config.kafka_hostname | quote }} + - name: ENABLE_TLS + value: {{ .Values.config.tls.enabled | quote }} name: {{ .Chart.Name }} securityContext: {{- toYaml .Values.securityContext | nindent 12 }} @@ -41,6 +58,14 @@ spec: httpGet: path: /readiness port: {{ .Values.service.port }} + {{- if .Values.config.certService.enabled }} + volumeMounts: + - name: certstore + mountPath: {{ .Values.certsDir }} + - name: prep-certs + mountPath: /scripts/set-up-netopeer.sh + subPath: set-up-netopeer.sh + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} @@ -53,4 +78,33 @@ spec: tolerations: {{- toYaml . | nindent 8 }} {{- end }} + {{- if .Values.config.certService.enabled }} + volumes: + - name: certstore + projected: + sources: + - secret: + name: '{{.Values.clientCertificates.name}}-secret' + items: + - key: tls.key + path: client.key + - key: tls.crt + path: client.crt + - key: ca.crt + path: ca.crt + - secret: + name: '{{.Values.serverCertificates.name}}-secret' + items: + - key: tls.key + path: server.key + - key: tls.crt + path: server.crt + - name: prep-certs + configMap: + name: {{ include "netconf-server.fullname" . }}-prep-certs + defaultMode: 0777 + {{- end }} + + + |