diff options
author | Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com> | 2021-09-04 11:08:36 +0200 |
---|---|---|
committer | Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com> | 2021-09-16 23:43:40 +0200 |
commit | 822eb097fc30cd687de96a1fe78b2dab24332e39 (patch) | |
tree | c5e1b5939b087420bf926dbb82a1c24bac5634b7 /kubernetes/cds/components/cds-blueprints-processor/templates | |
parent | 3980a8cbeb63c885b123ac50033e32ed996bb39a (diff) |
[OOM] Use cert-initializer truststore instead of hard-coded ONAP Root CA
By adding the certInitializer directives in cds blueprint processor
deployment, we get access to the AAF ONAP Root CA, instead of static file.
Issue-ID: CCSDK-3356
Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
Change-Id: Ifc3d1797905868b268cbfd06237866bf8dc3d3f5
Diffstat (limited to 'kubernetes/cds/components/cds-blueprints-processor/templates')
-rwxr-xr-x | kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml index fd5265d2ce..d92f09a4c8 100755 --- a/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml +++ b/kubernetes/cds/components/cds-blueprints-processor/templates/deployment.yaml @@ -48,7 +48,7 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: + initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }} - command: - sh args: @@ -113,6 +113,8 @@ spec: value: {{ if (gt (int (.Values.replicaCount)) 2) }} {{ .Values.cluster.enabled | quote }} {{ else }} "false" {{ end }} - name: CLUSTER_ID value: {{ .Values.cluster.clusterName }} + - name: AAF_CREDSPATH + value: {{ .Values.certInitializer.credsPath }} - name: CLUSTER_NODE_ID valueFrom: fieldRef: @@ -157,7 +159,7 @@ spec: initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} timeoutSeconds: {{ .Values.readiness.timeoutSeconds }} - volumeMounts: + volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }} - mountPath: /etc/localtime name: localtime readOnly: true @@ -191,7 +193,7 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: + volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }} - name: localtime hostPath: path: /etc/localtime |