diff options
| author |   Krzysztof Opasiak <k.opasiak@samsung.com> | 2021-11-10 20:03:42 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2021-11-10 20:03:42 +0000 |
| commit | af3d4158481aa457d21b894865536e8d5bda1826 (patch) | |
| tree | 13f4635b3eac1272ee548d0a6a7f6ec7efd48662 /kubernetes/aai/components/aai-babel/values.yaml | |
| parent | c03c1f30a59b79e69997108be149340a15b5f855 (diff) | |
| parent | 1e99719c0224863cf26c5362243a4fa1b955c362 (diff) | |
Merge "[AAI][BABEL] Remove Hardcoded certificates"
Diffstat (limited to 'kubernetes/aai/components/aai-babel/values.yaml')
| -rw-r--r-- | kubernetes/aai/components/aai-babel/values.yaml | 40 |
1 files changed, 35 insertions, 5 deletions
diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml index 0c34deae13..3b68f4defe 100644 --- a/kubernetes/aai/components/aai-babel/values.yaml +++ b/kubernetes/aai/components/aai-babel/values.yaml @@ -20,6 +20,41 @@ global: {} ################################################################# +# Certificate configuration +################################################################# +certInitializer: + nameOverride: aai-babel-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: aai + fqi: aai@aai.onap.org + public_fqdn: aai.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + fqi_namespace: org.onap.aai + aaf_add_config: | + echo "*** changing them into shell safe ones" + export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + cd {{ .Values.credsPath }} + keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ + -storepass "${cadi_keystore_password_p12}" \ + -keystore {{ .Values.fqi_namespace }}.p12 + keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \ + -storepass "${cadi_truststore_password}" \ + -keystore {{ .Values.fqi_namespace }}.trust.jks + echo "*** writing passwords into prop file" + echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop + echo "KEY_STORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop + echo "KEY_MANAGER_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop + echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop + echo "*** change ownership of certificates to targeted user" + chown -R 1000 {{ .Values.credsPath }} + +################################################################# # Application configuration defaults. ################################################################# @@ -29,11 +64,6 @@ image: onap/babel:1.9.1 flavor: small flavorOverride: small -# application configuration -config: - keyStorePassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - keyManagerPassword: OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10 - # default number of instances replicaCount: 1 |