diff options
| author |   Krzysztof Opasiak <k.opasiak@samsung.com> | 2021-03-04 22:14:51 +0100 |
|---|---|---|
| committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2021-03-04 22:19:00 +0100 |
| commit | 12e6aba510f0ccb2ea21ea87ba77a08bc044cd0a (patch) | |
| tree | 99ac1294ff317e57bfe3fc9ab42a6c898e1bb36a /kubernetes/aai/components/aai-sparky-be/values.yaml | |
| parent | f7f76dfb521917298fbaf320d6fa3d56e3ea462e (diff) | |
Revert "[AAI][SPARKY] Automatically retrieve certs"
This reverts commit a9a41d84026f059aae70f9042c0b99af5b72e619.
aai-sparky-be with this patch fails often in the gate.
I expect this to be related to this patch as the stack trace contains
below error message:
java.io.IOException: keystore password was incorrect
Issue-ID: OOM-2683
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I53650671eae700ef553b2f9158744ab72d881820
Diffstat (limited to 'kubernetes/aai/components/aai-sparky-be/values.yaml')
| -rw-r--r-- | kubernetes/aai/components/aai-sparky-be/values.yaml | 45 |
1 files changed, 6 insertions, 39 deletions
diff --git a/kubernetes/aai/components/aai-sparky-be/values.yaml b/kubernetes/aai/components/aai-sparky-be/values.yaml index 147feb13c8..ed21030dc8 100644 --- a/kubernetes/aai/components/aai-sparky-be/values.yaml +++ b/kubernetes/aai/components/aai-sparky-be/values.yaml @@ -27,45 +27,6 @@ global: # global defaults searchData: serviceName: aai-search-data - -################################################################# -# Certificate configuration -################################################################# -certInitializer: - nameOverride: aai-sparky-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: "aai" - app_ns: "org.osaaf.aaf" - fqi_namespace: "org.onap.aai" - fqi: "aai@aai.onap.org" - public_fqdn: "aaf.osaaf.org" - cadi_longitude: "0.0" - cadi_latitude: "0.0" - credsPath: /opt/app/osaaf/local - aaf_add_config: | - echo "*** changing passwords into shell safe ones" - export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - cd {{ .Values.credsPath }} - keytool -storepasswd -new "${KEYSTORE_PASSWD}" \ - -storepass "${cadi_keystore_password_jks}" \ - -keystore {{ .Values.fqi_namespace }}.jks - keytool -storepasswd -new "${TRUSTORE_PASSWD}" \ - -storepass "${cadi_truststore_password}" \ - -keystore {{ .Values.fqi_namespace }}.trust.jks - echo "*** set key password as same password as keystore password" - keytool -keypasswd -new "${KEYSTORE_PASSWD}" \ - -keystore {{ .Values.fqi_namespace }}.jks \ - -keypass "${cadi_keystore_password_jks}" \ - -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }} - echo "*** save the generated passwords" - echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop - echo "TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop - echo "*** change ownership of certificates to targeted user" - chown -R 1000 {{ .Values.credsPath }} - # application image image: onap/sparky-be:2.0.2 pullPolicy: Always @@ -83,7 +44,13 @@ config: portalPassword: OBF:1t2v1vfv1unz1vgz1t3b portalCookieName: UserId portalAppRoles: ui_view + aafUsername: aai@aai.onap.org + aafNamespace: org.onap.aai + aafPassword: enc:xxYw1FqXU5UpianbPeH5Rezg0YfjzuwQrSiLcCmJGfz + cadiKeyFile: /opt/app/sparky/config/portal/keyFile + cadiTrustStore: /opt/app/sparky/config/auth/truststoreONAPall.jks cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties + cadiTrustStorePassword: changeit cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor # ONAP Cookie Processing - During initial development, the following flag, if true, will |