summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/components/aai-traversal/values.yaml
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-02-15 10:14:22 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-02-22 15:55:10 +0100
commita41dfc0f083a27f3063c6b68b82918df3ba67a1f (patch)
tree4362b6575bcae5c498ac3189c153700920a90cc9 /kubernetes/aai/components/aai-traversal/values.yaml
parentb4e038d2e2e7f39fc69a234bb132f43ff6a69712 (diff)
[AAI][TRAVERSAL] Remove Hardcoded certificates
Use Certinitializer in order to retrieve needed certificates. Issue-ID: OOM-2680 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I1ec295d863f8f6c0d11e64173b474e82f63e6b17
Diffstat (limited to 'kubernetes/aai/components/aai-traversal/values.yaml')
-rw-r--r--kubernetes/aai/components/aai-traversal/values.yaml49
1 files changed, 32 insertions, 17 deletions
diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index 0242cedd0b..69222db8d8 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -26,8 +26,6 @@ global: # global defaults
#Override it to aai-cassandra if localCluster is enabled.
serviceName: cassandra
- initContainers:
- enabled: true
# Specifies a list of jobs to be run
jobs:
# When enabled, it will create the schema based on oxm and edge rules
@@ -104,25 +102,42 @@ global: # global defaults
edge:
label: v12
- # Keystore configuration password and filename
- keystore:
- filename: aai_keystore
- passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
-
- # Truststore configuration password and filename
- truststore:
- filename: aai_keystore
- passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0
-
- # Specifies a list of files to be included in auth volume
- auth:
- files:
- - aai_keystore
-
# Specifies which clients should always default to realtime graph connection
realtime:
clients: SDNC,MSO,SO,robot-ete
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+ nameOverride: aai-traversal-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: aai-traversal
+ fqi: aai-traversal@aai-traversal.onap.org
+ public_fqdn: aai-traversal.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ fqi_namespace: org.onap.aai-traversal
+ aaf_add_config: |
+ echo "*** retrieving password for keystore and trustore"
+ export $(/opt/app/aaf_config/bin/agent.sh local showpass \
+ {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
+ if [ -z "$cadi_keystore_password_p12" ]
+ then
+ echo " /!\ certificates retrieval wasn't good"
+ exit 1
+ else
+ echo "*** writing passwords into prop file"
+ echo "KEYSTORE_PASSWORD=${cadi_keystore_password_p12}" > {{ .Values.credsPath }}/mycreds.prop
+ echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> {{ .Values.credsPath }}/mycreds.prop
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 1000 {{ .Values.credsPath }}
+ fi
+ truststoreAllPassword: changeit
# application image
image: onap/aai-traversal:1.7.2