aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/msb
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-02-23 16:47:56 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2021-05-02 21:25:38 +0000
commit02f8a81382f039b249fa083cc46030c49512ce3a (patch)
treef3c3368d0cf88fa95802381cd70473a4a196737d /kubernetes/msb
parente8c5c68a932eb38b2d9f8ef8160ccffdc7a00a89 (diff)
[MSB] Simplify cert retrieval script
As retrieving values is now done via a generic script, let's clean a little bit cert retrieval in order to remove unneeded part. Issue-ID: OOM-2688 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib53df46942e96a9ed9fb60a423eb4307f0b29988
Diffstat (limited to 'kubernetes/msb')
-rw-r--r--kubernetes/msb/components/msb-eag/values.yaml33
-rw-r--r--kubernetes/msb/components/msb-iag/values.yaml33
2 files changed, 24 insertions, 42 deletions
diff --git a/kubernetes/msb/components/msb-eag/values.yaml b/kubernetes/msb/components/msb-eag/values.yaml
index ff158b592c..3629eb43ec 100644
--- a/kubernetes/msb/components/msb-eag/values.yaml
+++ b/kubernetes/msb/components/msb-eag/values.yaml
@@ -35,27 +35,18 @@ certInitializer:
app_ns: org.osaaf.aaf
credsPath: /opt/app/osaaf/local
aaf_add_config: |
- echo "*** retrieving passwords for certificates"
- export $(/opt/app/aaf_config/bin/agent.sh local showpass \
- {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c')
- if [ -z "$cadi_keystore_password_p12" ]
- then
- echo " /!\ certificates retrieval failed"
- exit 1
- else
- mkdir -p {{ .Values.credsPath }}/certs
- echo "*** retrieve certificate from pkcs12"
- openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
- -out {{ .Values.credsPath }}/certs/cert.crt -nokeys \
- -passin pass:$cadi_keystore_password_p12 \
- -passout pass:$cadi_keystore_password_p12
- echo "*** copy key to relevant place"
- cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key {{ .Values.credsPath }}/certs/cert.key
- echo "*** change ownership and read/write attributes"
- chown -R 1000 {{ .Values.credsPath }}/certs
- chmod 600 {{ .Values.credsPath }}/certs/cert.crt
- chmod 600 {{ .Values.credsPath }}/certs/cert.key
- fi
+ mkdir -p {{ .Values.credsPath }}/certs
+ echo "*** retrieve certificate from pkcs12"
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -out {{ .Values.credsPath }}/certs/cert.crt -nokeys \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** copy key to relevant place"
+ cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key {{ .Values.credsPath }}/certs/cert.key
+ echo "*** change ownership and read/write attributes"
+ chown -R 1000 {{ .Values.credsPath }}/certs
+ chmod 600 {{ .Values.credsPath }}/certs/cert.crt
+ chmod 600 {{ .Values.credsPath }}/certs/cert.key
#################################################################
# Application configuration defaults.
diff --git a/kubernetes/msb/components/msb-iag/values.yaml b/kubernetes/msb/components/msb-iag/values.yaml
index 51e78e1de3..b95a11914d 100644
--- a/kubernetes/msb/components/msb-iag/values.yaml
+++ b/kubernetes/msb/components/msb-iag/values.yaml
@@ -35,27 +35,18 @@ certInitializer:
app_ns: org.osaaf.aaf
credsPath: /opt/app/osaaf/local
aaf_add_config: |
- echo "*** retrieving passwords for certificates"
- export $(/opt/app/aaf_config/bin/agent.sh local showpass \
- {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c')
- if [ -z "$cadi_keystore_password_p12" ]
- then
- echo " /!\ certificates retrieval failed"
- exit 1
- else
- mkdir -p {{ .Values.credsPath }}/certs
- echo "*** retrieve certificate from pkcs12"
- openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
- -out {{ .Values.credsPath }}/certs/cert.crt -nokeys \
- -passin pass:$cadi_keystore_password_p12 \
- -passout pass:$cadi_keystore_password_p12
- echo "*** copy key to relevant place"
- cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key {{ .Values.credsPath }}/certs/cert.key
- echo "*** change ownership and read/write attributes"
- chown -R 1000 {{ .Values.credsPath }}/certs
- chmod 600 {{ .Values.credsPath }}/certs/cert.crt
- chmod 600 {{ .Values.credsPath }}/certs/cert.key
- fi
+ mkdir -p {{ .Values.credsPath }}/certs
+ echo "*** retrieve certificate from pkcs12"
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -out {{ .Values.credsPath }}/certs/cert.crt -nokeys \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** copy key to relevant place"
+ cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key {{ .Values.credsPath }}/certs/cert.key
+ echo "*** change ownership and read/write attributes"
+ chown -R 1000 {{ .Values.credsPath }}/certs
+ chmod 600 {{ .Values.credsPath }}/certs/cert.crt
+ chmod 600 {{ .Values.credsPath }}/certs/cert.key
#################################################################
# Application configuration defaults.