summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/components/aai-babel/values.yaml
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-02-28 14:59:22 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-11-10 08:31:39 +0000
commit1e99719c0224863cf26c5362243a4fa1b955c362 (patch)
tree4cb228fdce7a331a4c16afe3ae24da79a2020f9e /kubernetes/aai/components/aai-babel/values.yaml
parent8e67e73081c7ca3b7a0236c8f6cd291f18f69de7 (diff)
[AAI][BABEL] Remove Hardcoded certificates
Use Certinitializer in order to retrieve needed certificates. Change ModelLoader also as it needs valid certificate to communicate with Babel. Issue-ID: OOM-2693 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I64b8ede24643f942dc99956030c202c50d41ad1e
Diffstat (limited to 'kubernetes/aai/components/aai-babel/values.yaml')
-rw-r--r--kubernetes/aai/components/aai-babel/values.yaml40
1 files changed, 35 insertions, 5 deletions
diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml
index 0c34deae13..3b68f4defe 100644
--- a/kubernetes/aai/components/aai-babel/values.yaml
+++ b/kubernetes/aai/components/aai-babel/values.yaml
@@ -20,6 +20,41 @@
global: {}
#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+ nameOverride: aai-babel-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: aai
+ fqi: aai@aai.onap.org
+ public_fqdn: aai.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ fqi_namespace: org.onap.aai
+ aaf_add_config: |
+ echo "*** changing them into shell safe ones"
+ export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+ export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+ cd {{ .Values.credsPath }}
+ keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
+ -storepass "${cadi_keystore_password_p12}" \
+ -keystore {{ .Values.fqi_namespace }}.p12
+ keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
+ -storepass "${cadi_truststore_password}" \
+ -keystore {{ .Values.fqi_namespace }}.trust.jks
+ echo "*** writing passwords into prop file"
+ echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
+ echo "KEY_STORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
+ echo "KEY_MANAGER_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
+ echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 1000 {{ .Values.credsPath }}
+
+#################################################################
# Application configuration defaults.
#################################################################
@@ -29,11 +64,6 @@ image: onap/babel:1.9.1
flavor: small
flavorOverride: small
-# application configuration
-config:
- keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
- keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-
# default number of instances
replicaCount: 1