diff options
author | Ravi Geda <gravik@amdocs.com> | 2018-11-07 22:37:16 +0000 |
---|---|---|
committer | Alexis de Talhouƫt <alexis.de_talhouet@bell.ca> | 2018-12-04 13:00:09 +0000 |
commit | 2578aa1bb72e71823df701aa10a3b87dcce66202 (patch) | |
tree | 36d6c8e268803d67ef6ee50e1774c582aaf1c106 /kubernetes/aai/templates | |
parent | 693bc2491bb1249f3e0313a31c4240f5f65e3ba3 (diff) |
Add Pluggable Security to aai-resources
Note that by default this feature is turned off. To enable update the
installSidecarSecurity in aai/values.yaml to true.
Change-Id: If5d2be859ead2f0bd81aabb4fde749f105974bcf
Issue-ID: AAF-616
Signed-off-by: Ravi Geda <gravik@amdocs.com>
Diffstat (limited to 'kubernetes/aai/templates')
-rw-r--r-- | kubernetes/aai/templates/configmap.yaml | 4 | ||||
-rw-r--r-- | kubernetes/aai/templates/deployment.yaml | 8 |
2 files changed, 12 insertions, 0 deletions
diff --git a/kubernetes/aai/templates/configmap.yaml b/kubernetes/aai/templates/configmap.yaml index 212f9cdc4c..a23ed5fdc7 100644 --- a/kubernetes/aai/templates/configmap.yaml +++ b/kubernetes/aai/templates/configmap.yaml @@ -37,7 +37,11 @@ metadata: release: {{ .Release.Name }} heritage: {{ .Release.Service }} data: +{{ if .Values.global.installSidecarSecurity }} +{{ tpl (.Files.Glob "resources/config/haproxy/haproxy-pluggable-security.cfg").AsConfig . | indent 2 }} +{{ else }} {{ tpl (.Files.Glob "resources/config/haproxy/haproxy.cfg").AsConfig . | indent 2 }} +{{ end }} --- apiVersion: v1 kind: Secret diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml index 3f16e25ffd..1f337e4374 100644 --- a/kubernetes/aai/templates/deployment.yaml +++ b/kubernetes/aai/templates/deployment.yaml @@ -64,7 +64,11 @@ spec: - mountPath: /dev/log name: aai-service-log - mountPath: /usr/local/etc/haproxy/haproxy.cfg + {{ if .Values.global.installSidecarSecurity }} + subPath: haproxy-pluggable-security.cfg + {{ else }} subPath: haproxy.cfg + {{ end }} name: haproxy-cfg ports: - containerPort: {{ .Values.service.internalPort }} @@ -86,6 +90,10 @@ spec: httpHeaders: - name: X-FromAppId value: OOM_ReadinessCheck + {{ if .Values.global.installSidecarSecurity }} + - name: Authorization + value: Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ== + {{ end }} - name: X-TransactionId value: {{ uuidv4 }} - name: Accept |