diff options
author | Taka Cho <takamune.cho@att.com> | 2020-03-31 13:52:56 -0400 |
---|---|---|
committer | Takamune Cho <takamune.cho@att.com> | 2020-03-31 17:56:07 +0000 |
commit | c6559a91495469d62d73761c022bba47a245d9fc (patch) | |
tree | 40a4e91dabc59f981e0d4a816acbd0f6fbd99049 | |
parent | 8b0a6c11bb7c82411efdea28615320c1fbf24019 (diff) |
move AAF cert to APPC helm chart
move AAF cert out of APPC docker to
APPC helm chart
new AAF cert:
Validity
Not Before: Mar 27 18:03:32 2020 GMT
Not After : Mar 27 18:03:32 2021 GMT
Issue-ID: APPC-1857
Change-Id: I25adc3fce2bed234c6748a87d975c46f1e607260
Signed-off-by: Taka Cho <takamune.cho@att.com>
-rw-r--r-- | kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties | 4 | ||||
-rw-r--r-- | kubernetes/appc/resources/config/certs/org.onap.appc.keyfile | 27 | ||||
-rw-r--r-- | kubernetes/appc/resources/config/certs/org.onap.appc.p12 | bin | 0 -> 4143 bytes | |||
-rw-r--r-- | kubernetes/appc/templates/secrets.yaml | 14 | ||||
-rw-r--r-- | kubernetes/appc/templates/statefulset.yaml | 12 |
5 files changed, 55 insertions, 2 deletions
diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties index e7399f6f04..2986ee9e5b 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties @@ -29,11 +29,11 @@ cadi_bath_convert=/opt/onap/appc/data/properties/bath_config.csv cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US cadi_keyfile=/opt/onap/appc/data/stores/org.onap.appc.keyfile cadi_keystore=/opt/onap/appc/data/stores/org.onap.appc.p12 -cadi_keystore_password=enc:tQTHVtbdCuzqrQY1TBRt9SkFL9tCY3OzwbsfaVyAa2dOfZlI0krFOJSBnkm1WdGr +cadi_keystore_password=enc:j5wAY4JjI6Gg8KbPRT3CK55kCaBZcrSq9XMe0vU2Hj3_TWfhln414p_og8-0u4EV #cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)> cadi_alias=appc@appc.onap.org cadi_truststore=/opt/onap/appc/data/stores/truststoreONAPall.jks -cadi_truststore_password=enc:O3Vtv5e77OQWJ_OiLC9Atj3ngyYfulRK519JYFmbKl7 +cadi_truststore_password=enc:9WJ6CRlrFmHiQrFlckhHybFXOwPW3tRetofp3AZ5nyt ## ## org.osaaf.location.props diff --git a/kubernetes/appc/resources/config/certs/org.onap.appc.keyfile b/kubernetes/appc/resources/config/certs/org.onap.appc.keyfile new file mode 100644 index 0000000000..b7dd5ff9e7 --- /dev/null +++ b/kubernetes/appc/resources/config/certs/org.onap.appc.keyfile @@ -0,0 +1,27 @@ +EVYIj42lKzRyMicebf8OOUa9CVwvaKie3N7fTGeDT-GjiR6M6AHQCwBD9Bj95VxgVWOyXGAYy7eT +SSfnkVBgcdZWXlRL7HSUocs52DneRTGYcYGIBGz24O6EpmeZQyWluCKBcVCALKClPzqBNsHa2W06 +XwAccZzYPkDV-taGqF5kP10RiYvKe5YoZEQYBfauS3lDqf47AP-Dh1wLUIpvTSAUfBgDW9FBx9Ay +8Wy2geTuAXcPduBtTGIj3law-5ePDFRqwVVkXmSaEmEn34NvJ4z6Ww7VHqzqBxKAvLErV-KCEHEa +L3L1CCqNCXjUUa_D8CReDA-LPAG_v0yrjQxrdqzcYJ76Q0uIlNmEi_85AlAUXx6KGC03TqaGqICW +nNs4ouxM6U4ekiDi9qbFh7RlTEXw6bHhJPCq-G5ID-crWDHSarQ3IUR5qOmgIFIxpkPksBSGmUI4 +OIScgb2TtqG94EAZ3qu3PmzVlJrxbHYHVFlNLEecu7tGtiQJTLUHpJ0Z8O2GOc8bBz6o6NBT72Pv +i068VkLyUyrSNnVo9rNVFWAc3HREFi85KszBdk58kPTr2AQFH9iK2hmrXTdnPMjhmQgRh4xiAn4J +v5Gsb4DL2si3ZjD2E36Fy5XlPhyFFc8gdB6-v-Et1XJTU6mwV5DgKgg5o3WdHTuHZjYgWmcATZiQ +yLOQ6ZdjTF_004yOSkUzHbArOEmS6LIPTuLibvN6CY1Q0u_ucl5iaIbcwo_sVFisnVXQBHYXblBm +MgZZFg0n5ugL-bdUSdJtU7yIU5t79n0aMxnN84QhuREMSvCUioCrBD5c5H22iqbY7UCPO9Yy7lM- +aPVDRPwHAKEVjYqf4Z4k0Jthn7wqWS2iAKVOEi4R1oniAuuIcM9xoha0-LdRe8hWTV-qXDbtCVDz +h6Rw3dqtS5mCGBMC0TCrLJzG5n3Ed_4kGl5Emb3SXHWNqI_BuIalU4uot7seCv464E3QWQgAkv8w +wTk_IEWIFZhKJIcy5Brsw7Fz-XWQWkExEU3xKButC9hFXpdszF0y8CYUI6EPt2mPqaxB6zu3s4Bv +bKrVxFPX97mOeD8TpmxElmF0vpdhJ9Ee8clvBrGtLl1UIP6B80PrAPEZMLNhLV8S-ZJMKL5PTZh0 +_HNpj1EfiXnBz02cbes5Fuq9M8Dk7f16tP8prYzJ1JbnLTNHHcW4Z1quKrN8RIoYw3qzlXuYRm6Y +8rbuPlZ1wTllIxf00omnonJw8Fx9XzArv_UvqTvAYrv22YliUSl-lcFi8cOK58bmM5rBmkWoFObK +DsCMicfyPWhKf3DEwg1Y0j0qKppFqtKcSxnIbQ-VPRCrRv2yTjauEW6iNlq3RQKSJqFjUVmSUn2w +7tYQzeNv0tYgfRtHgSy_CA9q_ANJFFlxDtqtrFTsgrEH4jOlLs2_UN96RNUhVqSu95X5hEukI574 +kQBUMc5gGQvQ2_Xug15O_-cFfhtalI7NBZkGNNPY5K8h7xYZp2aAl-pNPwKHAmrOWAvFwy64A1NT +_RrZxrtVkj-k3f8Mv_p56yChUpujZ_ZDwLgYKWraqDxyEctpXyMMgjOYRy2CZ6oZfuAygrN5Gw4k +zMKBDkz_5LO_rYU2RUa2NRDLlh2Y47Gxt90IEw_i8y7nxn7K6y3nApI11tfsiiotYq8DLk6jYh07 +mJg-D8lb0q9JRYmnJcNkIQNVJ06bmJnaJQZ7GXUz9MF8_zuTdm4D8m_Ly2Ai4KFq_lw5CBVrLM5k +pfJveSw_6_uF5pda_EZoR4bBoWdrFvLNwob3lsdgiIYGTafQx2SFfQiiEB_CwpGuj4_Dv-TkUT2O +Ui2UWI9Gr-HxSITnvUR0UHStrDb5miXEr8E_Znwc4Db2juh30L57aEtl5N0TYwKI925qLNLHbFg0 +FKEvIt-o7HmvPY6UqajwAtIAdKpxWpWD-hl-eNVNsT4mVzdegIrM2wzzKIcLOvCEEvyWei_E8mIp +nqYw9LoFrQf3dCh8XeamqYkbPE00E8p1zXPNRow5iz9NQ-BNksp1e-ghqF_xr3L4eh7BkEu2
\ No newline at end of file diff --git a/kubernetes/appc/resources/config/certs/org.onap.appc.p12 b/kubernetes/appc/resources/config/certs/org.onap.appc.p12 Binary files differnew file mode 100644 index 0000000000..352c4f562a --- /dev/null +++ b/kubernetes/appc/resources/config/certs/org.onap.appc.p12 diff --git a/kubernetes/appc/templates/secrets.yaml b/kubernetes/appc/templates/secrets.yaml index 075c24a064..c6aeb1e102 100644 --- a/kubernetes/appc/templates/secrets.yaml +++ b/kubernetes/appc/templates/secrets.yaml @@ -13,3 +13,17 @@ # limitations under the License. {{ include "common.secretFast" . }} +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-certs + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/config/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/appc/templates/statefulset.yaml b/kubernetes/appc/templates/statefulset.yaml index 68e108d9b7..5fd34ece79 100644 --- a/kubernetes/appc/templates/statefulset.yaml +++ b/kubernetes/appc/templates/statefulset.yaml @@ -190,6 +190,12 @@ spec: - mountPath: /opt/onap/appc/data/org.ops4j.pax.logging.cfg name: log-config subPath: org.ops4j.pax.logging.cfg + - mountPath: /opt/onap/appc/data/stores/org.onap.appc.p12 + name: p12-certs + subPath: org.onap.appc.p12 + - mountPath: /opt/onap/appc/data/stores/org.onap.appc.keyfile + name: keyfile-certs + subPath: org.onap.appc.keyfile resources: {{ include "common.resources" . | indent 12 }} {{- if .Values.nodeSelector }} @@ -214,6 +220,12 @@ spec: - mountPath: /usr/share/filebeat/data name: data-filebeat volumes: + - name: keyfile-certs + secret: + secretName: {{ include "common.fullname" . }}-certs + - name: p12-certs + secret: + secretName: {{ include "common.fullname" . }}-certs - name: localtime hostPath: path: /etc/localtime |