summaryrefslogtreecommitdiffstats
path: root/kubernetes/common/certInitializer/templates
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-05-06 23:27:18 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>2020-05-29 01:22:26 +0200
commit1ecc6dbce1c00ef33d6361d23ed25203fc25e724 (patch)
tree39b7d241ad352a435baef2dced8b0abf7af3beb4 /kubernetes/common/certInitializer/templates
parent65d0f6903bc2b759c4eb02605cf5c10e597632fb (diff)
[COMMON] Override truststore in aaf_agent image
aaf_agent image currently contains hardcoded truststores in order to be able to connect to certman to retrieve certificate for given component. The goal is to remove hardcoded truststore from aaf_agent immage but first we need to be sure that all its users are able to provide the truststore to the pod as a configmap. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ibe9de6ad7264c05aeca2af858918fc2b4d3a772b (cherry picked from commit 95a5f84069703c583e49028b37003c73c03cc07d)
Diffstat (limited to 'kubernetes/common/certInitializer/templates')
-rw-r--r--kubernetes/common/certInitializer/templates/_certInitializer.yaml11
-rw-r--r--kubernetes/common/certInitializer/templates/configmap.yaml9
2 files changed, 19 insertions, 1 deletions
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
index e4a878b420..0e0f339e11 100644
--- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml
+++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
@@ -67,6 +67,12 @@
volumeMounts:
- mountPath: {{ $initRoot.mountPath }}
name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }}
+ - mountPath: /opt/app/aaf_config/cert/truststoreONAPall.jks.b64
+ name: aaf-agent-certs
+ subPath: truststoreONAPall.jks.b64
+ - mountPath: /opt/app/aaf_config/cert/truststoreONAP.p12.b64
+ name: aaf-agent-certs
+ subPath: truststoreONAP.p12.b64
{{- if $initRoot.aaf_add_config }}
- name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh
@@ -127,6 +133,11 @@
configMap:
name: {{ include "common.fullname" $subchartDot }}-add-config
defaultMode: 0700
+- name: aaf-agent-certs
+ configMap:
+ name: {{ include "common.fullname" $subchartDot }}-certs
+ defaultMode: 0700
+
{{- end -}}
{{- end -}}
diff --git a/kubernetes/common/certInitializer/templates/configmap.yaml b/kubernetes/common/certInitializer/templates/configmap.yaml
index 640dafd67e..a89a33152b 100644
--- a/kubernetes/common/certInitializer/templates/configmap.yaml
+++ b/kubernetes/common/certInitializer/templates/configmap.yaml
@@ -22,4 +22,11 @@ metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )
data:
aaf-add-config.sh: |
{{ tpl .Values.aaf_add_config . | indent 4 }}
-{{- end -}}
+{{- end }}
+---
+apiVersion: v1
+kind: ConfigMap
+{{- $suffix := "certs" }}
+metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . ) | nindent 2 }}
+data:
+{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }}