diff options
| author |   Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-10-28 16:55:18 +0100 |
|---|---|---|
| committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-11-02 16:30:57 +0100 |
| commit | a1bbe5c43828e8d54a7b43fde0d14834318c192e (patch) | |
| tree | edf33565e80919662953d786a98c4fe120cfa68c /kubernetes/so/components/so-vnfm-adapter | |
| parent | c071ab6e0b6116d4d203cff9548aac1a9b2377cf (diff) | |
[SO] Remove so-secret component
SO secret was used to give truststore to SO components.
As we're using dynamic certificate retrieval, it's not needed anymore.
Issue-ID: OOM-2534
Issue-ID: SO-3348
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I0eb2e052096923fc69bf5f1a1876d9a76a22102b
Diffstat (limited to 'kubernetes/so/components/so-vnfm-adapter')
| -rwxr-xr-x | kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml | 10 | ||||
| -rwxr-xr-x | kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml | 11 |
2 files changed, 7 insertions, 14 deletions
diff --git a/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml b/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml index 7fc4b95b27..9d98803c8e 100755 --- a/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml +++ b/kubernetes/so/components/so-vnfm-adapter/resources/config/overrides/override.yaml @@ -30,14 +30,14 @@ server: port: {{ index .Values.containerPort }} ssl: key-alias: so@so.onap.org - key--store-password: 'ywsqCy:EEo#j}HJHM7z^Rk[L' - key-store: classpath:so-vnfm-adapter.p12 + key-store-password: ${KEYSTORE_PASSWORD} + key-store: file:${KEYSTORE} key-store-type: PKCS12 http: client: ssl: - trust-store: classpath:org.onap.so.trust.jks - trust-store-password: ',sx#.C*W)]wVgJC6ccFHI#:H' + trust-store: file:${TRUSTSTORE} + trust-store-password: ${TRUSTSTORE_PASSWORD} mso: key: {{ .Values.mso.key }} site-name: localSite @@ -60,7 +60,7 @@ etsi-catalog-manager: http: client: ssl: - trust-store: ${TRUSTSTORE} + trust-store: file:${TRUSTSTORE} trust-store-password: ${TRUSTSTORE_PASSWORD} {{- else }} endpoint: http://modeling-etsicatalog.{{ include "common.namespace" . }}:8806/api/vnfpkgm/v1 diff --git a/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml index 4f73fb39e7..24dd3d6d21 100755 --- a/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml +++ b/kubernetes/so/components/so-vnfm-adapter/templates/deployment.yaml @@ -52,9 +52,8 @@ spec: - | export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0) export TRUSTSTORE_PASSWORD="${cadi_truststore_password}" - {{- if .Values.global.security.aaf.enabled }} - export KEYSTORE_PASSWORD="${cadi_keystore_password}" - {{- end }} + export KEYSTORE_PASSWORD="${cadi_keystore_password_p12}" + export KEYSTORE="{{ .Values.soHelpers.certInitializer.credsPath }}/org.onap.so.p12" /app/start-app.sh {{- end }} env: @@ -69,9 +68,6 @@ spec: - name: config mountPath: /app/config readOnly: true - - name: {{ include "common.fullname" . }}-truststore - mountPath: /app/client - readOnly: true livenessProbe: tcpSocket: port: {{ index .Values.livenessProbe.port }} @@ -89,8 +85,5 @@ spec: - name: config configMap: name: {{ include "common.fullname" . }}-app-configmap - - name: {{ include "common.fullname" . }}-truststore - secret: - secretName: {{ include "common.release" . }}-so-truststore-secret imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" |