summaryrefslogtreecommitdiffstats
path: root/kubernetes/aai/templates
diff options
context:
space:
mode:
authorRavi Geda <gravik@amdocs.com>2018-11-07 22:37:16 +0000
committerAlexis de Talhouƫt <alexis.de_talhouet@bell.ca>2018-12-04 13:00:09 +0000
commit2578aa1bb72e71823df701aa10a3b87dcce66202 (patch)
tree36d6c8e268803d67ef6ee50e1774c582aaf1c106 /kubernetes/aai/templates
parent693bc2491bb1249f3e0313a31c4240f5f65e3ba3 (diff)
Add Pluggable Security to aai-resources
Note that by default this feature is turned off. To enable update the installSidecarSecurity in aai/values.yaml to true. Change-Id: If5d2be859ead2f0bd81aabb4fde749f105974bcf Issue-ID: AAF-616 Signed-off-by: Ravi Geda <gravik@amdocs.com>
Diffstat (limited to 'kubernetes/aai/templates')
-rw-r--r--kubernetes/aai/templates/configmap.yaml4
-rw-r--r--kubernetes/aai/templates/deployment.yaml8
2 files changed, 12 insertions, 0 deletions
diff --git a/kubernetes/aai/templates/configmap.yaml b/kubernetes/aai/templates/configmap.yaml
index 212f9cdc4c..a23ed5fdc7 100644
--- a/kubernetes/aai/templates/configmap.yaml
+++ b/kubernetes/aai/templates/configmap.yaml
@@ -37,7 +37,11 @@ metadata:
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
data:
+{{ if .Values.global.installSidecarSecurity }}
+{{ tpl (.Files.Glob "resources/config/haproxy/haproxy-pluggable-security.cfg").AsConfig . | indent 2 }}
+{{ else }}
{{ tpl (.Files.Glob "resources/config/haproxy/haproxy.cfg").AsConfig . | indent 2 }}
+{{ end }}
---
apiVersion: v1
kind: Secret
diff --git a/kubernetes/aai/templates/deployment.yaml b/kubernetes/aai/templates/deployment.yaml
index 3f16e25ffd..1f337e4374 100644
--- a/kubernetes/aai/templates/deployment.yaml
+++ b/kubernetes/aai/templates/deployment.yaml
@@ -64,7 +64,11 @@ spec:
- mountPath: /dev/log
name: aai-service-log
- mountPath: /usr/local/etc/haproxy/haproxy.cfg
+ {{ if .Values.global.installSidecarSecurity }}
+ subPath: haproxy-pluggable-security.cfg
+ {{ else }}
subPath: haproxy.cfg
+ {{ end }}
name: haproxy-cfg
ports:
- containerPort: {{ .Values.service.internalPort }}
@@ -86,6 +90,10 @@ spec:
httpHeaders:
- name: X-FromAppId
value: OOM_ReadinessCheck
+ {{ if .Values.global.installSidecarSecurity }}
+ - name: Authorization
+ value: Basic YWFpQGFhaS5vbmFwLm9yZzpkZW1vMTIzNDU2IQ==
+ {{ end }}
- name: X-TransactionId
value: {{ uuidv4 }}
- name: Accept