diff options
author | Borislav Glozman <Borislav.Glozman@amdocs.com> | 2019-02-10 10:59:25 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2019-02-10 10:59:25 +0000 |
commit | 8719c9de7b732ce4c9249d42adc0f33e2365a4fb (patch) | |
tree | 26716acf048618e7056a1e3f37ac8e55cec49069 /kubernetes/aai/charts/aai-champ/templates/deployment.yaml | |
parent | c0302566e649066e7afa28a58aae1154b9d45849 (diff) | |
parent | fd8e7fbf73b93b2dd302108c7a1bcebb132647cd (diff) |
Merge "Update Gizmo and Champ security config"
Diffstat (limited to 'kubernetes/aai/charts/aai-champ/templates/deployment.yaml')
-rw-r--r-- | kubernetes/aai/charts/aai-champ/templates/deployment.yaml | 36 |
1 files changed, 19 insertions, 17 deletions
diff --git a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml index aa9157fe47..537763a6db 100644 --- a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml +++ b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml @@ -31,12 +31,6 @@ spec: app: {{ include "common.name" . }} release: {{ .Release.Name }} spec: - {{ if .Values.global.installSidecarSecurity }} - hostAliases: - - ip: {{ .Values.global.aaf.serverIp }} - hostnames: - - {{ .Values.global.aaf.serverHostname }} - {{ end }} initContainers: - command: - /root/ready.py @@ -163,18 +157,18 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-log-config mountPath: /opt/app/rproxy/config/logback-spring.xml subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs mountPath: /opt/app/rproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs mountPath: /opt/app/rproxy/config/auth/client-cert.p12 subPath: client-cert.p12 + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12 + subPath: org.onap.aai.p12 - name: {{ include "common.fullname" . }}-rproxy-auth-config mountPath: /opt/app/rproxy/config/auth/uri-authorization.json subPath: uri-authorization.json - #- name: {{ include "common.fullname" . }}-rproxy-auth-config - # mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks - # subPath: aaf_truststore.jks - name: {{ include "common.fullname" . }}-rproxy-security-config mountPath: /opt/app/rproxy/config/security/keyfile subPath: keyfile @@ -189,7 +183,9 @@ spec: - name: CONFIG_HOME value: "/opt/app/fproxy/config" - name: KEY_STORE_PASSWORD - value: {{ .Values.config.keyStorePassword }} + value: {{ .Values.config.keyStorePassword }} + - name: TRUST_STORE_PASSWORD + value: {{ .Values.config.trustStorePassword }} - name: spring_profiles_active value: {{ .Values.global.fproxy.activeSpringProfiles }} volumeMounts: @@ -199,10 +195,13 @@ spec: - name: {{ include "common.fullname" . }}-fproxy-log-config mountPath: /opt/app/fproxy/config/logback-spring.xml subPath: logback-spring.xml - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs mountPath: /opt/app/fproxy/config/auth/tomcat_keystore subPath: tomcat_keystore - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs + mountPath: /opt/app/fproxy/config/auth/fproxy_truststore + subPath: fproxy_truststore + - name: {{ include "common.fullname" . }}-fproxy-auth-certs mountPath: /opt/app/fproxy/config/auth/client-cert.p12 subPath: client-cert.p12 ports: @@ -251,18 +250,21 @@ spec: - name: {{ include "common.fullname" . }}-rproxy-auth-config secret: secretName: {{ include "common.fullname" . }}-rproxy-auth-config + - name: {{ include "common.fullname" . }}-rproxy-auth-certs + secret: + secretName: aai-rproxy-auth-certs - name: {{ include "common.fullname" . }}-rproxy-security-config secret: - secretName: {{ include "common.fullname" . }}-rproxy-security-config + secretName: aai-rproxy-security-config - name: {{ include "common.fullname" . }}-fproxy-config configMap: name: {{ include "common.fullname" . }}-fproxy-config - name: {{ include "common.fullname" . }}-fproxy-log-config configMap: name: {{ include "common.fullname" . }}-fproxy-log-config - - name: {{ include "common.fullname" . }}-fproxy-auth-config + - name: {{ include "common.fullname" . }}-fproxy-auth-certs secret: - secretName: {{ include "common.fullname" . }}-fproxy-auth-config + secretName: aai-fproxy-auth-certs {{ end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" |