Update the keystore for resources and traversal

to use the aaf generated keystore for our apps

Issue-ID: AAI-1101
Change-Id: I5a5642f86e8bb924f2c01fa685a0493abf500623
Signed-off-by: Kajur, Harish (vk250x) <vk250x@att.com>

10 files changed, 24 insertions, 23 deletions

diff --git a/kubernetes/aai/charts/aai-resources/resources/config/aai_keystore b/kubernetes/aai/charts/aai-resources/resources/config/aai_keystore
deleted file mode 100644
index 1ddef0c9bd..0000000000
--- a/kubernetes/aai/charts/aai-resources/resources/config/aai_keystore
+++ /dev/null
diff --git a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
index 5e371ea5bf..373819e39e 100644
--- a/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-resources/templates/configmap.yaml
@@ -53,12 +53,3 @@ metadata:
   namespace: {{ include "common.namespace" . }}
 data:
 {{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-auth-secret
-  namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/config/aai_keystore").AsSecrets . | indent 2 }}
diff --git a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
index 6c65bce4cc..72c7bc0379 100644
--- a/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-resources/templates/deployment.yaml
@@ -542,7 +542,7 @@ spec:
          name: {{ include "common.fullname" . }}-realm-configmap
       - name: {{ include "common.fullname" . }}-auth-sec
         secret:
-         secretName: {{ include "common.fullname" . }}-auth-secret
+         secretName: aai-auth-secret
       restartPolicy: {{ .Values.restartPolicy }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/charts/aai-traversal/resources/config/aai_keystore b/kubernetes/aai/charts/aai-traversal/resources/config/aai_keystore
deleted file mode 100644
index 1ddef0c9bd..0000000000
--- a/kubernetes/aai/charts/aai-traversal/resources/config/aai_keystore
+++ /dev/null
diff --git a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
index cc88444ae2..373819e39e 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/configmap.yaml
@@ -53,12 +53,3 @@ metadata:
   namespace: {{ include "common.namespace" . }}
 data:
 {{ tpl (.Files.Glob "resources/config/realm.properties").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-auth-secret
-  namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/config/aai_keystore").AsSecrets . | indent 2 }}
\ No newline at end of file
diff --git a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
index bda80a0483..b1b6f74d3f 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/deployment.yaml
@@ -375,7 +375,7 @@ spec:
          name: {{ include "common.fullname" . }}-realm-configmap
       - name: {{ include "common.fullname" . }}-auth-sec
         secret:
-         secretName: {{ include "common.fullname" . }}-auth-secret
+         secretName: aai-auth-secret
       restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/charts/aai-traversal/templates/job.yaml b/kubernetes/aai/charts/aai-traversal/templates/job.yaml
index b9b2501304..9d0acf6a63 100644
--- a/kubernetes/aai/charts/aai-traversal/templates/job.yaml
+++ b/kubernetes/aai/charts/aai-traversal/templates/job.yaml
@@ -125,7 +125,7 @@ spec:
          name: {{ include "common.fullname" . }}-realm-configmap
       - name: {{ include "common.fullname" . }}-auth-sec
         secret:
-         secretName: {{ include "common.fullname" . }}-auth-secret
+         secretName: aai-auth-secret
       restartPolicy: OnFailure
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/resources/config/aai/aai_keystore b/kubernetes/aai/resources/config/aai/aai_keystore
new file mode 100644
index 0000000000..16d93a7e9f
--- /dev/null
+++ b/kubernetes/aai/resources/config/aai/aai_keystore
diff --git a/kubernetes/aai/templates/configmap.yaml b/kubernetes/aai/templates/configmap.yaml
index 592e4129d1..00d2a80d9c 100644
--- a/kubernetes/aai/templates/configmap.yaml
+++ b/kubernetes/aai/templates/configmap.yaml
@@ -13,6 +13,25 @@ metadata:
   name: aai-deployment-configmap
   namespace: {{ include "common.namespace" . }}
 data:
-{{ tpl (.Files.Glob "resources/config/haproxy/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/haproxy/haproxy.cfg").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: aai-haproxy-secret
+  namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/haproxy/aai.pem").AsSecrets . | indent 2 }}
+# This is a shared key for both resources and traversal
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: aai-auth-secret
+  namespace: {{ include "common.namespace" . }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/aai/aai_keystore").AsSecrets . | indent 2 }}
 
 
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index e8798186ed..b29f8a2b13 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -57,7 +57,7 @@ global: # global defaults
 
 # application image
 dockerhubRepository: registry.hub.docker.com
-image: aaionap/haproxy:1.1.0
+image: aaionap/haproxy:1.2.1
 pullPolicy: Always
 
 # flag to enable debugging - application support required