diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-05-06 23:27:18 +0200 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-05-29 01:22:26 +0200 |
commit | 1ecc6dbce1c00ef33d6361d23ed25203fc25e724 (patch) | |
tree | 39b7d241ad352a435baef2dced8b0abf7af3beb4 /kubernetes/common/certInitializer/templates | |
parent | 65d0f6903bc2b759c4eb02605cf5c10e597632fb (diff) |
[COMMON] Override truststore in aaf_agent image
aaf_agent image currently contains hardcoded truststores in order to
be able to connect to certman to retrieve certificate for given
component.
The goal is to remove hardcoded truststore from aaf_agent immage but
first we need to be sure that all its users are able to provide the
truststore to the pod as a configmap.
Issue-ID: AAF-1134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ibe9de6ad7264c05aeca2af858918fc2b4d3a772b
(cherry picked from commit 95a5f84069703c583e49028b37003c73c03cc07d)
Diffstat (limited to 'kubernetes/common/certInitializer/templates')
-rw-r--r-- | kubernetes/common/certInitializer/templates/_certInitializer.yaml | 11 | ||||
-rw-r--r-- | kubernetes/common/certInitializer/templates/configmap.yaml | 9 |
2 files changed, 19 insertions, 1 deletions
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml index e4a878b420..0e0f339e11 100644 --- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml +++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml @@ -67,6 +67,12 @@ volumeMounts: - mountPath: {{ $initRoot.mountPath }} name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }} + - mountPath: /opt/app/aaf_config/cert/truststoreONAPall.jks.b64 + name: aaf-agent-certs + subPath: truststoreONAPall.jks.b64 + - mountPath: /opt/app/aaf_config/cert/truststoreONAP.p12.b64 + name: aaf-agent-certs + subPath: truststoreONAP.p12.b64 {{- if $initRoot.aaf_add_config }} - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }} mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh @@ -127,6 +133,11 @@ configMap: name: {{ include "common.fullname" $subchartDot }}-add-config defaultMode: 0700 +- name: aaf-agent-certs + configMap: + name: {{ include "common.fullname" $subchartDot }}-certs + defaultMode: 0700 + {{- end -}} {{- end -}} diff --git a/kubernetes/common/certInitializer/templates/configmap.yaml b/kubernetes/common/certInitializer/templates/configmap.yaml index 640dafd67e..a89a33152b 100644 --- a/kubernetes/common/certInitializer/templates/configmap.yaml +++ b/kubernetes/common/certInitializer/templates/configmap.yaml @@ -22,4 +22,11 @@ metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . ) data: aaf-add-config.sh: | {{ tpl .Values.aaf_add_config . | indent 4 }} -{{- end -}} +{{- end }} +--- +apiVersion: v1 +kind: ConfigMap +{{- $suffix := "certs" }} +metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . ) | nindent 2 }} +data: +{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }} |