summaryrefslogtreecommitdiffstats
path: root/kubernetes/so/components/so-monitoring/templates/deployment.yaml
diff options
context:
space:
mode:
authorKrzysztof Gajewski <krzysztof.gajewski@nokia.com>2020-10-15 20:33:34 +0200
committerKrzysztof Gajewski <krzysztof.gajewski@nokia.com>2020-10-29 14:14:10 +0000
commitcd2e66f770d8778dbd5c95a73fa810b9ee0ee779 (patch)
tree2ae935051ea2ff955dcf7efc6c5dd2dca1fe3cd2 /kubernetes/so/components/so-monitoring/templates/deployment.yaml
parent3ed223d7f77b43033fa97d584246db4a386d6b0c (diff)
[SO] Enable SO-Monitoring - use HTTPS and certInitializer
- SO-Monitoring service exposed as NodePort - Certs are retrieved dynamically using certInitializer Issue-ID: SO-2920 Signed-off-by: Krzysztof Gajewski <krzysztof.gajewski@nokia.com> Change-Id: I04e6556bcddc3c67afc2a76c5b4fecb59a134911
Diffstat (limited to 'kubernetes/so/components/so-monitoring/templates/deployment.yaml')
-rw-r--r--kubernetes/so/components/so-monitoring/templates/deployment.yaml27
1 files changed, 24 insertions, 3 deletions
diff --git a/kubernetes/so/components/so-monitoring/templates/deployment.yaml b/kubernetes/so/components/so-monitoring/templates/deployment.yaml
index f5969738f6..9463b28271 100644
--- a/kubernetes/so/components/so-monitoring/templates/deployment.yaml
+++ b/kubernetes/so/components/so-monitoring/templates/deployment.yaml
@@ -1,5 +1,6 @@
# ============LICENSE_START=======================================================
# Copyright (C) 2018 Ericsson. All rights reserved.
+# Modifications Copyright © 2020 Nokia
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -42,7 +43,7 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
+ initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
- name: so-chown
image: alpine:3.6
volumeMounts:
@@ -55,6 +56,21 @@ spec:
- name: {{ include "common.name" . }}
image: {{ include "common.repository" . }}/{{ .Values.image }}
resources: {{ include "common.resources" . | nindent 12 }}
+ command:
+ - /bin/sh
+ args:
+ - -c
+ - |
+ export SO_MONITORING_PASSWORD=`htpasswd -bnBC 10 "" $SO_MON_PASS | tr -d ':\n' | sed 's/\$2y/\$2a/'`
+ {{- if .Values.global.aafEnabled }}
+ export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/org.onap.so.cred.props | xargs -0)
+ export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export KEYSTORE=file://$cadi_keystore
+ export KEYSTORE_PASSWORD=$cadi_keystore_password_p12
+ export TRUSTSTORE=file://$cadi_truststore
+ export TRUSTSTORE_PASSWORD=$cadi_truststore_password
+ {{- end }}
+ /app/start-app.sh
env:
- name: DB_HOST
valueFrom:
@@ -74,11 +90,16 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
- name: DB_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
+ - name: SO_MONITORING_USERNAME
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "login") | indent 10 }}
+ - name: SO_MON_PASS
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "app-user-creds" "key" "password") | indent 10 }}
+
envFrom:
- configMapRef:
name: {{ include "common.fullname" . }}-configmap
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
+ volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }}
- name: logs
mountPath: /app/logs
- name: config
@@ -101,7 +122,7 @@ spec:
- containerPort: {{ index .Values.containerPort }}
name: {{ .Values.service.portName }}
protocol: TCP
- volumes:
+ volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
- name: logs
emptyDir: {}
- name: config