diff options
author | Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> | 2021-02-11 11:23:31 +0100 |
---|---|---|
committer | Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com> | 2021-02-19 15:33:21 +0000 |
commit | af82e2bec90f84bdfcda11ff7c240985b6ab8201 (patch) | |
tree | a1c1885dad1ff402c5f9639e58680135369898c2 /kubernetes/common/cmpv2Certificate/templates | |
parent | 69e8c90cb3c8171d397319b4339b3ce79da07b9c (diff) |
[SDNC] Fix issue with certs from CMPv2 by Netconf (TLS)
- correct cmpv2Certificate to take outputType from 'certificates'
- add postStart hook for CertManagerIntegration to make cert dir writable
- add setting ODL_CERT_DIR env
Issue-ID: SDNC-1477
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I4531392cc4f113b173d10a27b98b1fe97d6faa4d
Diffstat (limited to 'kubernetes/common/cmpv2Certificate/templates')
-rw-r--r-- | kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl b/kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl index 57e6c69b1f..58cc9c7249 100644 --- a/kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl +++ b/kubernetes/common/cmpv2Certificate/templates/_certServiceClient.tpl @@ -27,7 +27,9 @@ Full example (other fields are ignored): certificates: - mountPath: /var/custom-certs caName: RA - outputType: JKS + keystore: + outputType: + - jks commonName: common-name dnsNames: - dns-name-1 @@ -65,7 +67,7 @@ There also need to be some includes used in a target component deployment (inden {{- if and $subchartGlobal.cmpv2Enabled (not $subchartGlobal.CMPv2CertManagerIntegration) -}} {{- range $index, $certificate := $dot.Values.certificates -}} {{/*# General certifiacate attributes #*/}} -{{- $commonName := $certificate.commonName -}} +{{- $commonName := (required "'commonName' for Certificate is required." $certificate.commonName) -}} {{/*# SAN's #*/}} {{- $dnsNames := default (list) $certificate.dnsNames -}} {{- $ipAddresses := default (list) $certificate.ipAddresses -}} @@ -87,7 +89,11 @@ There also need to be some includes used in a target component deployment (inden {{- $orgUnit := $certificate.subject.organizationalUnit -}} {{- end -}} {{- $caName := default $subchartGlobal.platform.certServiceClient.envVariables.caName $certificate.caName -}} -{{- $outputType := default $subchartGlobal.platform.certServiceClient.envVariables.outputType $certificate.outputType -}} +{{- $outputType := $subchartGlobal.platform.certServiceClient.envVariables.outputType -}} +{{- if $certificate.keystore -}} +{{- $outputTypeList := (required "'outputType' in 'keystore' section is required." $certificate.keystore.outputType) -}} +{{- $outputType = mustFirst ($outputTypeList) | upper -}} +{{- end -}} {{- $requestUrl := $subchartGlobal.platform.certServiceClient.envVariables.requestURL -}} {{- $certPath := $subchartGlobal.platform.certServiceClient.envVariables.certPath -}} {{- $requestTimeout := $subchartGlobal.platform.certServiceClient.envVariables.requestTimeout -}} |