diff options
author | seshukm <seshu.kumar.m@huawei.com> | 2020-08-17 21:45:49 +0530 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-10-12 12:44:09 +0000 |
commit | 0df1f8ec5332651b5ce2731dd25ee2319f393b4f (patch) | |
tree | cda805d85588b153ca2b80807cc0355f95c07ab8 /kubernetes/so/components/soHelpers/templates/_certificates.tpl | |
parent | 7ba9cb9f6e9dd62210d42eb19e693293bab52042 (diff) |
[SO] move subcharts to components folder
Move subcharts to components folder in order to be able to
enable/disable them one by one.
Also use certInitializer to retrieve truststore in order to be able to
discuss with other ONAP components.
Issue-ID: SO-2046
Change-Id: Ia5c2a590a2ad75e4b69be0748e9d79fda996af37
Signed-off-by: seshukm <seshu.kumar.m@huawei.com>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Diffstat (limited to 'kubernetes/so/components/soHelpers/templates/_certificates.tpl')
-rw-r--r-- | kubernetes/so/components/soHelpers/templates/_certificates.tpl | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl new file mode 100644 index 0000000000..fa25ba5177 --- /dev/null +++ b/kubernetes/so/components/soHelpers/templates/_certificates.tpl @@ -0,0 +1,58 @@ +{{- define "so.certificate.container_importer" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} +{{ include "common.certInitializer.initContainer" $subchartDot }} +{{- if $dot.Values.global.aafEnabled }} +- name: {{ include "common.name" $dot }}-msb-cert-importer + image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.aafAgentImage }}" + imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} + command: + - "/bin/sh" + args: + - "-c" + - | + export $(grep '^c' {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) + keytool -import -trustcacerts -alias msb_root -file \ + /certificates/msb-ca.crt -keystore \ + "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \ + -keypass $cadi_truststore_password -noprompt + volumeMounts: + {{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }} + - name: {{ include "common.name" $dot }}-msb-certificate + mountPath: /certificates +{{- end }} +{{- end -}} + +{{- define "so.certificate.volumes" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} +{{ include "common.certInitializer.volumes" $subchartDot }} +{{- if $dot.Values.global.aafEnabled }} +- name: {{ include "common.name" $dot }}-msb-certificate + secret: + secretName: {{ include "common.secret.getSecretNameFast" (dict "global" $subchartDot "uid" "so-onap-certs") }} +{{- end }} +{{- end -}} + +{{- define "so.certificate.volumeMount" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} +{{ include "common.certInitializer.volumeMount" $subchartDot }} +{{- end -}} + +{{- define "so.certificates.env" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} +{{- if $dot.Values.global.aafEnabled }} +- name: TRUSTSTORE + value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }} +{{- if $dot.Values.global.security.aaf.enabled }} +- name: KEYSTORE + value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.jks +{{- end }} +{{- end }} +{{- end -}} |