diff options
author | Remigiusz Janeczek <remigiusz.janeczek@nokia.com> | 2021-04-26 14:37:57 +0200 |
---|---|---|
committer | Krzysztof Opasiak <k.opasiak@samsung.com> | 2021-05-10 09:26:39 +0000 |
commit | 9b00b56b7787992a15df2a11006828ca5a8f7046 (patch) | |
tree | a589483bbb634b89e364356702f2b07b2c523989 /kubernetes/common | |
parent | c1c900ea0cb6ae9d6991a17c82bcffeac2640f30 (diff) |
[DCAEGEN2] Add CMPv2 support to dcaegen2-services
Add support for CMPv2 certificates in dcaegen2-services-common
template
Add CMPv2 certificates to HV-VES and VES charts
Issue-ID: DCAEGEN2-2688
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I6ade2c24f240872e78df92ca31b30c779f86e38b
Diffstat (limited to 'kubernetes/common')
-rw-r--r-- | kubernetes/common/certManagerCertificate/templates/_certificate.tpl | 49 |
1 files changed, 48 insertions, 1 deletions
diff --git a/kubernetes/common/certManagerCertificate/templates/_certificate.tpl b/kubernetes/common/certManagerCertificate/templates/_certificate.tpl index 108873b31d..6fc667429e 100644 --- a/kubernetes/common/certManagerCertificate/templates/_certificate.tpl +++ b/kubernetes/common/certManagerCertificate/templates/_certificate.tpl @@ -189,6 +189,8 @@ spec: {{ end }} {{- end -}} +{{/*Using templates below allows read and write access to volume mounted at $mountPath*/}} + {{- define "common.certManager.volumeMounts" -}} {{- $dot := default . .dot -}} {{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}} @@ -248,4 +250,49 @@ spec: {{- $certsLinkCommand = (printf "ln -s %s %s; %s" $sourcePath $destnationPath $certsLinkCommand) -}} {{- end -}} {{ $certsLinkCommand }} -{{- end -}}
\ No newline at end of file +{{- end -}} + +{{/*Using templates below allows only read access to volume mounted at $mountPath*/}} + +{{- define "common.certManager.volumeMountsReadOnly" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}} +{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}} + {{- range $i, $certificate := $dot.Values.certificates -}} + {{- $mountPath := $certificate.mountPath -}} +- mountPath: {{ $mountPath }} + name: certmanager-certs-volume-{{ $i }} + {{- end -}} +{{- end -}} + +{{- define "common.certManager.volumesReadOnly" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}} +{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}} +{{- $certificates := $dot.Values.certificates -}} + {{- range $i, $certificate := $certificates -}} + {{- $name := include "common.fullname" $dot -}} + {{- $certificatesSecretName := default (printf "%s-secret-%d" $name $i) $certificate.secretName -}} +- name: certmanager-certs-volume-{{ $i }} + projected: + sources: + - secret: + name: {{ $certificatesSecretName }} + {{- if $certificate.keystore }} + items: + {{- range $outputType := $certificate.keystore.outputType }} + - key: keystore.{{ $outputType }} + path: keystore.{{ $outputType }} + - key: truststore.{{ $outputType }} + path: truststore.{{ $outputType }} + {{- end }} + - secret: + name: {{ $certificate.keystore.passwordSecretRef.name }} + items: + - key: {{ $certificate.keystore.passwordSecretRef.key }} + path: keystore.pass + - key: {{ $certificate.keystore.passwordSecretRef.key }} + path: truststore.pass + {{- end }} + {{- end -}} +{{- end -}} |