aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-03-08 16:52:20 +0000
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-04-04 07:42:24 +0000
commit375d0eaa1368368df3c2b9512d9ac8ee6056c63d (patch)
tree35e6c2dbbe78cb8ba714eb03038ec10e3948894a /kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml
parent333281b85d86c356ab0f09caab82890fce0442fb (diff)
[AAI][SPARKY] Automatically retrieve certs
Instead of using hardcoded certificates, use certInitializer in order to retrieve them automatically. Issue-ID: OOM-2683 Change-Id: I1bd3fe575c1d3450905bdc5876b442fdb43660a9 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Diffstat (limited to 'kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml')
-rw-r--r--kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml123
1 files changed, 64 insertions, 59 deletions
diff --git a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml
index 6e74526ddc..45ff270047 100644
--- a/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-sparky-be/templates/deployment.yaml
@@ -38,7 +38,34 @@ spec:
release: {{ include "common.release" . }}
name: {{ include "common.name" . }}
spec:
- initContainers:
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
+ - command:
+ - sh
+ args:
+ - -c
+ - |
+ echo "*** retrieve Truststore and Keystore password"
+ export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop \
+ | xargs -0)
+ if [ -z "$KEYSTORE_PASSWORD" ]
+ then
+ echo " /!\ certificates retrieval failed"
+ exit 1
+ fi
+ echo "*** write them in portal part"
+ cd /config-input
+ for PFILE in `ls -1 .`
+ do
+ envsubst <${PFILE} >/config/${PFILE}
+ done
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
+ - mountPath: /config-input
+ name: portal-config-input
+ - mountPath: /config
+ name: portal-config
+ image: {{ include "repositoryGenerator.image.envsubst" . }}
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}-update-config
- command:
- /app/ready.py
args:
@@ -57,68 +84,56 @@ spec:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-
- volumeMounts:
+ command:
+ - sh
+ args:
+ - -c
+ - |
+ echo "*** retrieve Truststore and Keystore password"
+ export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop \
+ | xargs -0)
+ echo "*** actual launch of AAI Sparky BE"
+ /opt/app/sparky/bin/start.sh
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12
- name: {{ include "common.fullname" . }}-auth-config
- subPath: client-cert-onap.p12
-
- mountPath: /opt/app/sparky/config/auth/csp-cookie-filter.properties
- name: {{ include "common.fullname" . }}-auth-config
+ name: auth-config
subPath: csp-cookie-filter.properties
-
- - mountPath: /opt/app/sparky/config/auth/org.onap.aai.p12
- name: {{ include "common.fullname" . }}-auth-config
- subPath: org.onap.aai.p12
-
- - mountPath: /opt/app/sparky/config/auth/truststoreONAPall.jks
- name: aai-common-aai-auth-mount
- subPath: truststoreONAPall.jks
-
- mountPath: /opt/app/sparky/config/portal/
- name: {{ include "common.fullname" . }}-portal-config
-
+ name: portal-config
- mountPath: /opt/app/sparky/config/portal/BOOT-INF/classes/
- name: {{ include "common.fullname" . }}-portal-config-props
-
+ name: portal-config-props
- mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-logs
-
+ name: logs
- mountPath: /opt/app/sparky/config/application.properties
- name: {{ include "common.fullname" . }}-properties
+ name: config
subPath: application.properties
-
- mountPath: /opt/app/sparky/config/application-resources.properties
- name: {{ include "common.fullname" . }}-properties
+ name: config
subPath: application-resources.properties
-
- mountPath: /opt/app/sparky/config/application-ssl.properties
- name: {{ include "common.fullname" . }}-properties
+ name: config
subPath: application-ssl.properties
-
- mountPath: /opt/app/sparky/config/application-oxm-default.properties
- name: {{ include "common.fullname" . }}-properties
+ name: config
subPath: application-oxm-default.properties
-
- mountPath: /opt/app/sparky/config/application-oxm-override.properties
- name: {{ include "common.fullname" . }}-properties
+ name: config
subPath: application-oxm-override.properties
-
- mountPath: /opt/app/sparky/config/application-oxm-schema-prod.properties
- name: {{ include "common.fullname" . }}-properties
+ name: config
subPath: application-oxm-schema-prod.properties
-
- mountPath: /opt/app/sparky/config/roles.config
- name: {{ include "common.fullname" . }}-properties
+ name: config
subPath: roles.config
-
- mountPath: /opt/app/sparky/config/users.config
- name: {{ include "common.fullname" . }}-properties
+ name: config
subPath: users.config
-
+ - mountPath: /opt/app/sparky/config/logging/logback.xml
+ name: config
+ subPath: logback.xml
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
@@ -155,45 +170,35 @@ spec:
subPath: filebeat.yml
name: filebeat-conf
- mountPath: /var/log/onap
- name: {{ include "common.fullname" . }}-logs
+ name: logs
- mountPath: /usr/share/filebeat/data
name: aai-sparky-filebeat
resources:
{{ include "common.resources" . }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
- name: localtime
hostPath:
path: /etc/localtime
-
- - name: {{ include "common.fullname" . }}-properties
- configMap:
- name: {{ include "common.fullname" . }}-prop
-
- - name: {{ include "common.fullname" . }}-config
+ - name: config
configMap:
name: {{ include "common.fullname" . }}
-
- - name: {{ include "common.fullname" . }}-portal-config
+ - name: portal-config
+ emptyDir:
+ medium: Memory
+ - name: portal-config-input
configMap:
name: {{ include "common.fullname" . }}-portal
-
- - name: {{ include "common.fullname" . }}-portal-config-props
+ - name: portal-config-props
configMap:
name: {{ include "common.fullname" . }}-portal-props
-
- - name: {{ include "common.fullname" . }}-auth-config
+ - name: auth-config
secret:
secretName: {{ include "common.fullname" . }}
-
- - name: aai-common-aai-auth-mount
- secret:
- secretName: aai-common-aai-auth
-
- name: filebeat-conf
configMap:
name: aai-filebeat
- - name: {{ include "common.fullname" . }}-logs
+ - name: logs
emptyDir: {}
- name: aai-sparky-filebeat
emptyDir: {}