summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPiotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>2020-07-09 16:44:29 +0200
committerPiotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>2020-07-30 08:39:36 +0200
commita16144f739f578da8fd0e712ea3bd482b0941db0 (patch)
treeb23f90b97c88c5e9c68284a332193cb70b8eeead
parentb57170364c0c11db35058e876d9dbd78c0983fee (diff)
[DCAEGEN2] Add config supporting request CMPv2 certs
Add configuration supporting dealing with CMPv2 certs in K8s plugin. Remove outputType from global values to allow it be specific for service. Issue-ID: DCAEGEN2-2252 Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> Change-Id: Iedb9c3f63a539a386b9abd5d257c54f5ce023662
-rw-r--r--kubernetes/common/cmpv2Config/Chart.yaml18
-rw-r--r--kubernetes/common/cmpv2Config/requirements.yaml18
-rw-r--r--kubernetes/common/cmpv2Config/values.yaml29
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml4
-rw-r--r--kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json14
-rwxr-xr-xkubernetes/onap/values.yaml3
6 files changed, 84 insertions, 2 deletions
diff --git a/kubernetes/common/cmpv2Config/Chart.yaml b/kubernetes/common/cmpv2Config/Chart.yaml
new file mode 100644
index 0000000000..816fcc79a5
--- /dev/null
+++ b/kubernetes/common/cmpv2Config/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Template used to store cmpv2 configuration in onap
+name: cmpv2Config
+version: 6.0.0
diff --git a/kubernetes/common/cmpv2Config/requirements.yaml b/kubernetes/common/cmpv2Config/requirements.yaml
new file mode 100644
index 0000000000..c9c16a95ec
--- /dev/null
+++ b/kubernetes/common/cmpv2Config/requirements.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: common
+ version: ~6.x-0
+ repository: 'file://../common'
diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml
new file mode 100644
index 0000000000..cf866571c7
--- /dev/null
+++ b/kubernetes/common/cmpv2Config/values.yaml
@@ -0,0 +1,29 @@
+# Copyright © 2020 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+global:
+ aaf:
+ certServiceClient:
+ image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.2.0
+ envVariables:
+ # Certificate related
+ cmpv2Organization: "Linux-Foundation"
+ cmpv2OrganizationalUnit: "ONAP"
+ cmpv2Location: "San-Francisco"
+ cmpv2State: "California"
+ cmpv2Country: "US"
+ # Client configuration related
+ requestURL: "https://aaf-cert-service:8443/v1/certificate/"
+ requestTimeout: "30000"
+ keystorePassword: "secret"
+ truststorePassword: "secret"
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml
index baef8a0c55..e917e900c7 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/requirements.yaml
@@ -2,6 +2,7 @@
#=================================================================================
# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Modifications (c) 2020 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -27,3 +28,6 @@ dependencies:
- name: mongo
version: ~6.x-0
repository: '@local'
+ - name: cmpv2Config
+ version: ~6.x-0
+ repository: '@local'
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
index a0ec3b4a6d..6de75c96d7 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/resources/config/k8s-plugin.json
@@ -2,6 +2,7 @@
#=================================================================================
# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Modifications (c) 2020 Nokia. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -37,5 +38,18 @@
"component_cert_dir": "/opt/dcae/cacert",
"component_ca_cert_path": "/opt/dcae/cacert/cacert.pem",
"ca_cert_configmap": "{{ include "common.fullname" . }}-dcae-cacert"
+ },
+ "external_cert":
+ {
+ "image_tag": "{{ .Values.global.tlsRepository }}/{{ .Values.cmpv2Config.global.aaf.certServiceClient.image }}",
+ "request_url": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.requestURL }}",
+ "timeout": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.requestTimeout }}",
+ "country": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Country }}",
+ "organization": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Organization }}",
+ "state": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2State }}",
+ "organizational_unit": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2OrganizationalUnit }}",
+ "location": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.cmpv2Location }}",
+ "keystore_password": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.keystorePassword }}",
+ "truststore_password": "{{ .Values.cmpv2Config.global.aaf.certServiceClient.envVariables.truststorePassword }}"
}
}
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index b562beb732..b96385cf07 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -127,8 +127,7 @@ global:
# Client configuration related
caName: "RA"
requestURL: "https://aaf-cert-service:8443/v1/certificate/"
- outputType: "P12"
- requestTimeout: "20000"
+ requestTimeout: "30000"
keystorePath: "/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks"
keystorePassword: "secret"
truststorePath: "/etc/onap/aaf/certservice/certs/truststore.jks"