diff options
| author |   Krzysztof Opasiak <k.opasiak@samsung.com> | 2021-05-10 20:08:44 +0000 |
|---|---|---|
| committer |   Gerrit Code Review <gerrit@onap.org> | 2021-05-10 20:08:44 +0000 |
| commit | 7782c3e8da81539a348a5fd18c44dcc6a1983dc3 (patch) | |
| tree | 89c50adbb4204f2df449fcee2346a9b20b06f800 /kubernetes/common/certManagerCertificate/templates/_certificate.tpl | |
| parent | 3e773c05f34e96547adc9ddde6fc40df19227dec (diff) | |
| parent | 9b00b56b7787992a15df2a11006828ca5a8f7046 (diff) | |
Merge "[DCAEGEN2] Add CMPv2 support to dcaegen2-services"
Diffstat (limited to 'kubernetes/common/certManagerCertificate/templates/_certificate.tpl')
| -rw-r--r-- | kubernetes/common/certManagerCertificate/templates/_certificate.tpl | 49 |
1 files changed, 48 insertions, 1 deletions
diff --git a/kubernetes/common/certManagerCertificate/templates/_certificate.tpl b/kubernetes/common/certManagerCertificate/templates/_certificate.tpl index 108873b31d..6fc667429e 100644 --- a/kubernetes/common/certManagerCertificate/templates/_certificate.tpl +++ b/kubernetes/common/certManagerCertificate/templates/_certificate.tpl @@ -189,6 +189,8 @@ spec: {{ end }} {{- end -}} +{{/*Using templates below allows read and write access to volume mounted at $mountPath*/}} + {{- define "common.certManager.volumeMounts" -}} {{- $dot := default . .dot -}} {{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}} @@ -248,4 +250,49 @@ spec: {{- $certsLinkCommand = (printf "ln -s %s %s; %s" $sourcePath $destnationPath $certsLinkCommand) -}} {{- end -}} {{ $certsLinkCommand }} -{{- end -}}
\ No newline at end of file +{{- end -}} + +{{/*Using templates below allows only read access to volume mounted at $mountPath*/}} + +{{- define "common.certManager.volumeMountsReadOnly" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}} +{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}} + {{- range $i, $certificate := $dot.Values.certificates -}} + {{- $mountPath := $certificate.mountPath -}} +- mountPath: {{ $mountPath }} + name: certmanager-certs-volume-{{ $i }} + {{- end -}} +{{- end -}} + +{{- define "common.certManager.volumesReadOnly" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}} +{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}} +{{- $certificates := $dot.Values.certificates -}} + {{- range $i, $certificate := $certificates -}} + {{- $name := include "common.fullname" $dot -}} + {{- $certificatesSecretName := default (printf "%s-secret-%d" $name $i) $certificate.secretName -}} +- name: certmanager-certs-volume-{{ $i }} + projected: + sources: + - secret: + name: {{ $certificatesSecretName }} + {{- if $certificate.keystore }} + items: + {{- range $outputType := $certificate.keystore.outputType }} + - key: keystore.{{ $outputType }} + path: keystore.{{ $outputType }} + - key: truststore.{{ $outputType }} + path: truststore.{{ $outputType }} + {{- end }} + - secret: + name: {{ $certificate.keystore.passwordSecretRef.name }} + items: + - key: {{ $certificate.keystore.passwordSecretRef.key }} + path: keystore.pass + - key: {{ $certificate.keystore.passwordSecretRef.key }} + path: truststore.pass + {{- end }} + {{- end -}} +{{- end -}} |