diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2021-05-11 16:10:20 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2021-05-11 16:10:20 +0000 |
commit | 580328b0b20218706ea0748088510e7e24ddacda (patch) | |
tree | 24c154e891ad8dc0b9a1b5d82228d3c217271da4 | |
parent | ff4d7e578224ca533f3cfda71220000a2a0f4dbf (diff) | |
parent | 7062518d303da3de71d3f424bea5d2a87a5fc516 (diff) |
Merge "[DCAEGEN2] Add pem support in CMPv2 for dcaegen2-services"
4 files changed, 23 insertions, 6 deletions
diff --git a/kubernetes/common/certManagerCertificate/templates/_certificate.tpl b/kubernetes/common/certManagerCertificate/templates/_certificate.tpl index 6fc667429e..2b9461e50e 100644 --- a/kubernetes/common/certManagerCertificate/templates/_certificate.tpl +++ b/kubernetes/common/certManagerCertificate/templates/_certificate.tpl @@ -219,8 +219,14 @@ spec: sources: - secret: name: {{ $certificatesSecretName }} - {{- if $certificate.keystore }} items: + - key: tls.key + path: key.pem + - key: tls.crt + path: cert.pem + - key: ca.crt + path: cacert.pem + {{- if $certificate.keystore }} {{- range $outputType := $certificate.keystore.outputType }} - key: keystore.{{ $outputType }} path: keystore.{{ $outputType }} @@ -278,8 +284,14 @@ spec: sources: - secret: name: {{ $certificatesSecretName }} - {{- if $certificate.keystore }} items: + - key: tls.key + path: key.pem + - key: tls.crt + path: cert.pem + - key: ca.crt + path: cacert.pem + {{- if $certificate.keystore }} {{- range $outputType := $certificate.keystore.outputType }} - key: keystore.{{ $outputType }} path: keystore.{{ $outputType }} diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl index db58726893..10a63ebbcf 100644 --- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl +++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl @@ -3,6 +3,7 @@ # ================================================================================ # Copyright (c) 2021 J. F. Lucas. All rights reserved. # Copyright (c) 2021 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2021 Nokia. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -295,7 +296,7 @@ spec: name: onap-policy-xacml-pdp-api-creds key: password - name: POLICY_SYNC_PDP_URL - value : http{{ if (include "common.needTLS" .) }}s{{ end }}://policy-xacml-pdp:6969 + value : http{{ if (include "common.needTLS" .) }}s{{ end }}://policy-xacml-pdp:6969 - name: POLICY_SYNC_OUTFILE value : "/etc/policies/policies.json" - name: POLICY_SYNC_V1_DECISION_ENDPOINT @@ -370,9 +371,9 @@ spec: {{- if $cmpv2Certificate.keystore -}} {{- $certType = (index $cmpv2Certificate.keystore.outputType 0) -}} {{- end -}} - {{- $truststoresPaths := printf "%s/%s:%s/%s" $certDir "cacert.pem" $cmpv2CertificateDir "ca.crt" -}} - {{- $truststoresPasswordPaths := "" -}} - {{- $keystoreSourcePaths := printf "%s/%s:%s/%s" $cmpv2CertificateDir "tls.crt" $cmpv2CertificateDir "tls.key" -}} + {{- $truststoresPaths := printf "%s/%s:%s/%s" $certDir "cacert.pem" $cmpv2CertificateDir "cacert.pem" -}} + {{- $truststoresPasswordPaths := ":" -}} + {{- $keystoreSourcePaths := printf "%s/%s:%s/%s" $cmpv2CertificateDir "cert.pem" $cmpv2CertificateDir "key.pem" -}} {{- $keystoreDestinationPaths := printf "%s/%s:%s/%s" $certDir "cert.pem" $certDir "key.pem" -}} {{- if not (eq $certType "pem") -}} {{- $truststoresPaths = printf "%s/%s:%s/%s.%s" $certDir "trust.jks" $cmpv2CertificateDir "truststore" $certType -}} diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index 502e3a89dc..bb65f37f73 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -65,6 +65,8 @@ secrets: passwordPolicy: required # CMPv2 certificate +# It is used only when global parameter cmpv2Enabled is true +# Disabled by default certificates: - mountPath: /etc/ves-hv/ssl/external commonName: dcae-hv-ves-collector diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml index 263715650e..081bcdcc1a 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml @@ -58,6 +58,8 @@ certDirectory: /opt/app/dcae-certificate tlsServer: true # CMPv2 certificate +# It is used only when global parameter cmpv2Enabled is true +# Disabled by default certificates: - mountPath: /opt/app/dcae-certificate/external commonName: dcae-ves-collector |