summaryrefslogtreecommitdiffstats
path: root/kubernetes/common/certManagerCertificate/templates/_certificate.tpl
diff options
context:
space:
mode:
authorRemigiusz Janeczek <remigiusz.janeczek@nokia.com>2021-04-26 14:37:57 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>2021-05-10 09:26:39 +0000
commit9b00b56b7787992a15df2a11006828ca5a8f7046 (patch)
treea589483bbb634b89e364356702f2b07b2c523989 /kubernetes/common/certManagerCertificate/templates/_certificate.tpl
parentc1c900ea0cb6ae9d6991a17c82bcffeac2640f30 (diff)
[DCAEGEN2] Add CMPv2 support to dcaegen2-services
Add support for CMPv2 certificates in dcaegen2-services-common template Add CMPv2 certificates to HV-VES and VES charts Issue-ID: DCAEGEN2-2688 Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com> Change-Id: I6ade2c24f240872e78df92ca31b30c779f86e38b
Diffstat (limited to 'kubernetes/common/certManagerCertificate/templates/_certificate.tpl')
-rw-r--r--kubernetes/common/certManagerCertificate/templates/_certificate.tpl49
1 files changed, 48 insertions, 1 deletions
diff --git a/kubernetes/common/certManagerCertificate/templates/_certificate.tpl b/kubernetes/common/certManagerCertificate/templates/_certificate.tpl
index 108873b31d..6fc667429e 100644
--- a/kubernetes/common/certManagerCertificate/templates/_certificate.tpl
+++ b/kubernetes/common/certManagerCertificate/templates/_certificate.tpl
@@ -189,6 +189,8 @@ spec:
{{ end }}
{{- end -}}
+{{/*Using templates below allows read and write access to volume mounted at $mountPath*/}}
+
{{- define "common.certManager.volumeMounts" -}}
{{- $dot := default . .dot -}}
{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}}
@@ -248,4 +250,49 @@ spec:
{{- $certsLinkCommand = (printf "ln -s %s %s; %s" $sourcePath $destnationPath $certsLinkCommand) -}}
{{- end -}}
{{ $certsLinkCommand }}
-{{- end -}} \ No newline at end of file
+{{- end -}}
+
+{{/*Using templates below allows only read access to volume mounted at $mountPath*/}}
+
+{{- define "common.certManager.volumeMountsReadOnly" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
+ {{- range $i, $certificate := $dot.Values.certificates -}}
+ {{- $mountPath := $certificate.mountPath -}}
+- mountPath: {{ $mountPath }}
+ name: certmanager-certs-volume-{{ $i }}
+ {{- end -}}
+{{- end -}}
+
+{{- define "common.certManager.volumesReadOnly" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
+{{- $certificates := $dot.Values.certificates -}}
+ {{- range $i, $certificate := $certificates -}}
+ {{- $name := include "common.fullname" $dot -}}
+ {{- $certificatesSecretName := default (printf "%s-secret-%d" $name $i) $certificate.secretName -}}
+- name: certmanager-certs-volume-{{ $i }}
+ projected:
+ sources:
+ - secret:
+ name: {{ $certificatesSecretName }}
+ {{- if $certificate.keystore }}
+ items:
+ {{- range $outputType := $certificate.keystore.outputType }}
+ - key: keystore.{{ $outputType }}
+ path: keystore.{{ $outputType }}
+ - key: truststore.{{ $outputType }}
+ path: truststore.{{ $outputType }}
+ {{- end }}
+ - secret:
+ name: {{ $certificate.keystore.passwordSecretRef.name }}
+ items:
+ - key: {{ $certificate.keystore.passwordSecretRef.key }}
+ path: keystore.pass
+ - key: {{ $certificate.keystore.passwordSecretRef.key }}
+ path: truststore.pass
+ {{- end }}
+ {{- end -}}
+{{- end -}}