summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-05-28 19:52:04 +0000
committerGerrit Code Review <gerrit@onap.org>2021-05-28 19:52:04 +0000
commit84b962398213641e656e8d1750b83f480f531563 (patch)
treea084aa3af8166515aeef8103d6714a8270d61df8
parent11c87298fa0e735756eacf6384a358b96d50af5c (diff)
parent7b09503a8bfcf128c021b6072bec24a1cc93317a (diff)
Merge "[DCAEGEN2] Update CMPv2 certs usage in dcaegen2-services"
-rw-r--r--kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl19
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml2
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml7
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml2
-rw-r--r--kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml7
5 files changed, 30 insertions, 7 deletions
diff --git a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
index 4554b50de8..310d9ae662 100644
--- a/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
+++ b/kubernetes/dcaegen2-services/common/dcaegen2-services-common/templates/_deployment.tpl
@@ -330,7 +330,7 @@ spec:
{{- if $certDir }}
- mountPath: {{ $certDir }}
name: tls-info
- {{- if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+ {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{- include "common.certManager.volumeMountsReadOnly" . | nindent 8 -}}
{{- end -}}
{{- end }}
@@ -428,7 +428,7 @@ spec:
{{- if $certDir }}
- emptyDir: {}
name: tls-info
- {{ if and .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+ {{ if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{ include "common.certManager.volumesReadOnly" . | nindent 6 }}
{{- end }}
{{- end }}
@@ -449,7 +449,7 @@ spec:
*/}}
{{- define "dcaegen2-services-common._certPostProcessor" -}}
{{- $certDir := default "" .Values.certDirectory . -}}
- {{- if and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration -}}
+ {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{- $cmpv2Certificate := (index .Values.certificates 0) -}}
{{- $cmpv2CertificateDir := $cmpv2Certificate.mountPath -}}
{{- $certType := "pem" -}}
@@ -486,3 +486,16 @@ spec:
value: {{ $keystoreDestinationPaths | quote }}
{{- end }}
{{- end -}}
+
+{{/*
+ Template returns string "true" if CMPv2 certificates should be used and nothing (so it can be used in with statements)
+ when they shouldn't. Example use:
+ {{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
+
+*/}}
+{{- define "dcaegen2-services-common.shouldUseCmpv2Certificates" -}}
+ {{- $certDir := default "" .Values.certDirectory . -}}
+ {{- if (and $certDir .Values.certificates .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration .Values.useCmpv2Certificates) -}}
+ true
+ {{- end -}}
+{{- end -}}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml
index 0db2138a4f..12a05885ca 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/templates/certificates.yaml
@@ -14,6 +14,6 @@
# limitations under the License.
*/}}
-{{ if and .Values.certDirectory .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{ include "certManagerCertificate.certificate" . }}
{{ end }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index bb65f37f73..223789a75f 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -65,8 +65,13 @@ secrets:
passwordPolicy: required
# CMPv2 certificate
-# It is used only when global parameter cmpv2Enabled is true
+# It is used only when:
+# - certDirectory is set
+# - global cmpv2Enabled flag is set to true
+# - global CertManagerIntegration flag is set to true
+# - flag useCmpv2Certificates is set to true
# Disabled by default
+useCmpv2Certificates: false
certificates:
- mountPath: /etc/ves-hv/ssl/external
commonName: dcae-hv-ves-collector
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml
index 0db2138a4f..12a05885ca 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/templates/certificates.yaml
@@ -14,6 +14,6 @@
# limitations under the License.
*/}}
-{{ if and .Values.certDirectory .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{- if (include "dcaegen2-services-common.shouldUseCmpv2Certificates" .) -}}
{{ include "certManagerCertificate.certificate" . }}
{{ end }}
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
index a675db6797..9e08ea1a69 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
@@ -58,8 +58,13 @@ certDirectory: /opt/app/dcae-certificate
tlsServer: true
# CMPv2 certificate
-# It is used only when global parameter cmpv2Enabled is true
+# It is used only when:
+# - certDirectory is set
+# - global cmpv2Enabled flag is set to true
+# - global CertManagerIntegration flag is set to true
+# - flag useCmpv2Certificates is set to true
# Disabled by default
+useCmpv2Certificates: false
certificates:
- mountPath: /opt/app/dcae-certificate/external
commonName: dcae-ves-collector