[PLATFORM] Generate Cert-Service certs with Cert-Manager

Utilize Cert-Manager to secure communication between
Cert-Service and its clients, adjust templates and
configs.

Issue-ID: OOM-2712
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I96426b1a184b4d254575e76d29214d9deda08cce
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>

1 files changed, 32 insertions, 0 deletions

diff --git a/kubernetes/platform/components/oom-cert-service/templates/issuer.yaml b/kubernetes/platform/components/oom-cert-service/templates/issuer.yaml
new file mode 100644
index 0000000000..9047ab73d3
--- /dev/null
+++ b/kubernetes/platform/components/oom-cert-service/templates/issuer.yaml
@@ -0,0 +1,32 @@
+{{/*
+  # Copyright © 2021, Nokia
+  #
+  # Licensed under the Apache License, Version 2.0 (the "License");
+  # you may not use this file except in compliance with the License.
+  # You may obtain a copy of the License at
+  #
+  #       http://www.apache.org/licenses/LICENSE-2.0
+  #
+  # Unless required by applicable law or agreed to in writing, software
+  # distributed under the License is distributed on an "AS IS" BASIS,
+  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  # See the License for the specific language governing permissions and
+  # limitations under the License.
+*/}}
+
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ .Values.tls.issuer.selfsigning.name }}
+  namespace: {{ include "common.namespace" . }}
+spec:
+  selfSigned: {}
+---
+apiVersion: cert-manager.io/v1
+kind: Issuer
+metadata:
+  name: {{ .Values.tls.issuer.ca.name }}
+  namespace: {{ include "common.namespace" . }}
+spec:
+  ca:
+    secretName: {{ .Values.tls.issuer.ca.secret.name }}
\ No newline at end of file