[MSB] Use certInitializer for MSB

MSB is currently using an hardcoded certificate. In order to follow
SECOMMON requirements, let's use a freshly generated certificate instead

Issue-ID: MSB-521
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I157e44a6e30391c36c0142acfa08604c37b79cc4

2 files changed, 28 insertions, 40 deletions

diff --git a/kubernetes/msb/components/msb-iag/resources/config/log/logback.xml b/kubernetes/msb/components/msb-iag/resources/config/log/logback.xml
deleted file mode 100644
index 680cb7357a..0000000000
--- a/kubernetes/msb/components/msb-iag/resources/config/log/logback.xml
+++ /dev/null
@@ -1,40 +0,0 @@
-<!--# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License. -->
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration debug="true" scan="true" scanPeriod="3 seconds">
-   <!--<jmxConfigurator /> -->
-   <!--  specify the base path of the log directory -->
-   <property name="logDir" value="/var/log/onap" />
-   <!--  specify the component name -->
-   <property name="componentName" value="msb" />
-   <!-- specify the sub component name -->
-   <property name="subComponentName" value="discovery" />
-   <!-- The directories where logs are written -->
-   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
-   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
-   <!--  log file names -->
-   <property name="errorLogName" value="error" />
-   <property name="metricsLogName" value="metrics" />
-   <property name="auditLogName" value="audit" />
-   <property name="debugLogName" value="debug" />
-   <property name="queueSize" value="256" />
-   <property name="maxFileSize" value="50MB" />
-   <property name="maxHistory" value="30" />
-   <property name="totalSizeCap" value="10GB" />
-   <!-- Example evaluator filter applied against console appender -->
-   <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
-      <encoder>
-         <pattern>${pattern}</pattern>
-      </encoder>
-   </appender>
diff --git a/kubernetes/msb/components/msb-iag/resources/config/nginx/msbhttps.conf b/kubernetes/msb/components/msb-iag/resources/config/nginx/msbhttps.conf
new file mode 100644
index 0000000000..70125753ed
--- /dev/null
+++ b/kubernetes/msb/components/msb-iag/resources/config/nginx/msbhttps.conf
@@ -0,0 +1,28 @@
+{{/*
+#
+# Copyright (C) 2017-2018 ZTE, Inc. and others. All rights reserved. (ZTE)
+# Copyright © 2021 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+*/}}
+server {
+  listen 443 ssl;
+  ssl_certificate {{ .Values.certInitializer.credsPath }}/certs/cert.crt;
+  ssl_certificate_key {{ .Values.certInitializer.credsPath }}/certs/cert.key;
+  ssl_protocols TLSv1.1 TLSv1.2;
+  ssl_dhparam ../ssl/dh-pubkey/dhparams.pem;
+  include ../msb-enabled/location-default/msblocations.conf;
+  # Add below settings for making SDC to work
+  underscores_in_headers on;
+}
\ No newline at end of file