aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/cds/components/cds-ui/templates
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-02-08 15:29:05 +0100
committerKrzysztof Opasiak <k.opasiak@samsung.com>2021-03-02 19:32:10 +0000
commit1d7647e027a74726e2ce0dea3e0c24933a38a9de (patch)
treeb1d72c7e4819f28b8cd23f2288dd3e870bfe491c /kubernetes/cds/components/cds-ui/templates
parent4487c4e27d5bd309165a8ea25e4afc58dac72504 (diff)
[CDS] Retrieve certificates automatically
Today, CDS UI is using an hardcoded certificate, which is not the right way to do. This patch is using certInitializer in order to do it automatically. Issue-ID: CCSDK-3141 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I5f2e564abd15f685df03be130b3969cad867b0b5
Diffstat (limited to 'kubernetes/cds/components/cds-ui/templates')
-rw-r--r--kubernetes/cds/components/cds-ui/templates/deployment.yaml13
1 files changed, 11 insertions, 2 deletions
diff --git a/kubernetes/cds/components/cds-ui/templates/deployment.yaml b/kubernetes/cds/components/cds-ui/templates/deployment.yaml
index 1c88f56d99..359c713ed4 100644
--- a/kubernetes/cds/components/cds-ui/templates/deployment.yaml
+++ b/kubernetes/cds/components/cds-ui/templates/deployment.yaml
@@ -37,6 +37,9 @@ spec:
release: {{ include "common.release" . }}
name: {{ include "common.fullname" . }}
spec:
+ {{- if .Values.global.aafEnabled }}
+ initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
+ {{- end }}
containers:
- name: {{ include "common.name" . }}
image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
@@ -71,12 +74,18 @@ spec:
value: "{{ .Values.config.api.processor.grpc.port }}"
- name: API_BLUEPRINT_PROCESSOR_GRPC_AUTH_TOKEN
value: {{ .Values.config.api.processor.grpc.authToken }}
+ {{- if .Values.global.aafEnabled }}
+ - name: KEYSTORE
+ value: "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.fqi_namespace }}.p12"
+ - name: PASSPHRASE
+ value: "{{ .Values.certInitializer.credsPath }}/mycreds.prop"
+ {{- end }}
readinessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
- volumeMounts:
+ volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 12 }}
- mountPath: /etc/localtime
name: localtime
readOnly: true
@@ -90,7 +99,7 @@ spec:
affinity:
{{ toYaml .Values.affinity | indent 10 }}
{{- end }}
- volumes:
+ volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
- name: localtime
hostPath:
path: /etc/localtime