Merge "[DMAAP][MR] Retrieve certs automatically"

author: Krzysztof Opasiak <k.opasiak@samsung.com> 2021-03-26 13:19:25 +0000
committer: Gerrit Code Review <gerrit@onap.org> 2021-03-26 13:19:25 +0000
commit: 75a52ff6aa54884e3b79e538c77d64caacdce6ba (patch)
tree: 71aa517b1a975611cec3939e1187ac66264016dd /kubernetes/dmaap/components/message-router/values.yaml
parent: 08b973568127ca4cffbfdb86c3525a3a4addb188 (diff)
parent: e5b6ffc663a2314fd545aa540cbdee6380adf00b (diff)
1 files changed, 37 insertions, 0 deletions
diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml
index c4bab2350a..daca6215f7 100644
--- a/kubernetes/dmaap/components/message-router/values.yaml
+++ b/kubernetes/dmaap/components/message-router/values.yaml
@@ -19,6 +19,43 @@
 global:
   nodePortPrefix: 302
 
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+  nameOverride: dmaap-mr-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: dmaap-mr
+  fqi: dmaapmr@mr.dmaap.onap.org
+  public_fqdn: mr.dmaap.onap.org
+  cadi_longitude: "-122.26147"
+  cadi_latitude: "37.78187"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  appMountPath: /appl/dmaapMR1/bundleconfig/etc/sysprops
+  fqi_namespace: org.onap.dmaap.mr
+  aaf_add_config: |
+    cd {{ .Values.credsPath }}
+    echo "*** change jks password into shell safe one"
+    export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
+      -storepass "${cadi_keystore_password_jks}" \
+      -keystore {{ .Values.fqi_namespace }}.jks
+    echo "*** set key password as same password as jks keystore password"
+      keytool -keypasswd -new "${KEYSTORE_PASSWD}" \
+        -keystore {{ .Values.fqi_namespace }}.jks \
+        -keypass "${cadi_keystore_password_jks}" \
+        -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
+    echo "*** store the passwords"
+    echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
+    echo "KEYSTORE_PASSWORD_P12=${cadi_keystore_password_p12}" >> mycreds.prop
+    echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> mycreds.prop
+    echo "*** give ownership of files to the user"
+    chown -R 1000 .
+
 #################################################################
 # Application configuration defaults.
 #################################################################
author	Krzysztof Opasiak <k.opasiak@samsung.com>	2021-03-26 13:19:25 +0000
committer	Gerrit Code Review <gerrit@onap.org>	2021-03-26 13:19:25 +0000
commit	75a52ff6aa54884e3b79e538c77d64caacdce6ba (patch)
tree	71aa517b1a975611cec3939e1187ac66264016dd /kubernetes/dmaap/components/message-router/values.yaml
parent	08b973568127ca4cffbfdb86c3525a3a4addb188 (diff)
parent	e5b6ffc663a2314fd545aa540cbdee6380adf00b (diff)