diff options
author | Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> | 2020-07-09 16:44:29 +0200 |
---|---|---|
committer | Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> | 2020-07-30 08:39:36 +0200 |
commit | a16144f739f578da8fd0e712ea3bd482b0941db0 (patch) | |
tree | b23f90b97c88c5e9c68284a332193cb70b8eeead | |
parent | b57170364c0c11db35058e876d9dbd78c0983fee (diff) |
[DCAEGEN2] Add config supporting request CMPv2 certs
Add configuration supporting dealing with CMPv2 certs in K8s plugin.
Remove outputType from global values to allow it be specific for service.
Issue-ID: DCAEGEN2-2252
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: Iedb9c3f63a539a386b9abd5d257c54f5ce023662
-rw-r--r-- | kubernetes/common/cmpv2Config/Chart.yaml | 18 | ||||
-rw-r--r-- | kubernetes/common/cmpv2Config/requirements.yaml | 18 | ||||
-rw-r--r-- | kubernetes/common/cmpv2Config/values.yaml | 29 | ||||
-rw-r--r-- | kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml | 4 | ||||
-rw-r--r-- | kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json | 14 | ||||
-rwxr-xr-x | kubernetes/onap/values.yaml | 3 |
6 files changed, 84 insertions, 2 deletions
diff --git a/kubernetes/common/cmpv2Config/Chart.yaml b/kubernetes/common/cmpv2Config/Chart.yaml new file mode 100644 index 0000000000..816fcc79a5 --- /dev/null +++ b/kubernetes/common/cmpv2Config/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2020 Nokia +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Template used to store cmpv2 configuration in onap +name: cmpv2Config +version: 6.0.0 diff --git a/kubernetes/common/cmpv2Config/requirements.yaml b/kubernetes/common/cmpv2Config/requirements.yaml new file mode 100644 index 0000000000..c9c16a95ec --- /dev/null +++ b/kubernetes/common/cmpv2Config/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2020 Nokia +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~6.x-0 + repository: 'file://../common' diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml new file mode 100644 index 0000000000..cf866571c7 --- /dev/null +++ b/kubernetes/common/cmpv2Config/values.yaml @@ -0,0 +1,29 @@ +# Copyright © 2020 Nokia +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +global: + aaf: + certServiceClient: + image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.2.0 + envVariables: + # Certificate related + cmpv2Organization: "Linux-Foundation" + cmpv2OrganizationalUnit: "ONAP" + cmpv2Location: "San-Francisco" + cmpv2State: "California" + cmpv2Country: "US" + # Client configuration related + requestURL: "https://aaf-cert-service:8443/v1/certificate/" + requestTimeout: "30000" + keystorePassword: "secret" + truststorePassword: "secret" diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml index baef8a0c55..e917e900c7 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml @@ -2,6 +2,7 @@ #================================================================================= # Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada +# Modifications (c) 2020 Nokia. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -27,3 +28,6 @@ dependencies: - name: mongo version: ~6.x-0 repository: '@local' + - name: cmpv2Config + version: ~6.x-0 + repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json index a0ec3b4a6d..6de75c96d7 100644 --- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json +++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json @@ -2,6 +2,7 @@ #================================================================================= # Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved. # Modifications Copyright © 2018 Amdocs, Bell Canada +# Modifications (c) 2020 Nokia. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -37,5 +38,18 @@ "component_cert_dir": "/opt/dcae/cacert", "component_ca_cert_path": "/opt/dcae/cacert/cacert.pem", "ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert" + }, + "external_cert": + { + "image_tag": "{{ .Values.global.tlsRepository }}/{{ .Values.cmpv2Config.global.aaf.certServiceClient.image }}", + "request_url": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.requestURL }}", + "timeout": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.requestTimeout }}", + "country": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Country }}", + "organization": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Organization }}", + "state": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2State }}", + "organizational_unit": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2OrganizationalUnit }}", + "location": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Location }}", + "keystore_password": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.keystorePassword }}", + "truststore_password": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.truststorePassword }}" } } diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index b562beb732..b96385cf07 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -127,8 +127,7 @@ global: # Client configuration related caName: "RA" requestURL: "https://aaf-cert-service:8443/v1/certificate/" - outputType: "P12" - requestTimeout: "20000" + requestTimeout: "30000" keystorePath: "/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks" keystorePassword: "secret" truststorePath: "/etc/onap/aaf/certservice/certs/truststore.jks" |