summaryrefslogtreecommitdiffstats
path: root/kubernetes/so/templates
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-04-01 09:59:56 +0000
committerGerrit Code Review <gerrit@onap.org>2020-04-01 09:59:56 +0000
commiteac393265c9e926a3e18b1d4ede82c5c442eb65a (patch)
treeb435097825a806944ca29adcaa272aebaa59d099 /kubernetes/so/templates
parentbf1af5c0a0caad1830bd2f56dded7d8d7fe35b3e (diff)
parentaadf545643827a440b082f4dcf6afdfd1c2012e2 (diff)
Merge "[SO] Onboard ONAP CA during init phase"
Diffstat (limited to 'kubernetes/so/templates')
-rw-r--r--kubernetes/so/templates/_certificates.tpl32
-rwxr-xr-xkubernetes/so/templates/deployment.yaml9
-rw-r--r--kubernetes/so/templates/secret.yaml3
3 files changed, 39 insertions, 5 deletions
diff --git a/kubernetes/so/templates/_certificates.tpl b/kubernetes/so/templates/_certificates.tpl
new file mode 100644
index 0000000000..8bd25d27a1
--- /dev/null
+++ b/kubernetes/so/templates/_certificates.tpl
@@ -0,0 +1,32 @@
+{{- define "so.certificate.container_importer" -}}
+- name: {{ include "common.name" . }}-certs-importer
+ image: "{{ include "common.repository" . }}/{{ .Values.global.soBaseImage }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ command:
+ - "/bin/sh"
+ args:
+ - "-c"
+ - "update-ca-certificates --fresh && \
+ cp -r {{ .Values.global.certificates.path }}/* /certificates"
+ volumeMounts:
+ - name: {{ include "common.name" . }}-certificates
+ mountPath: /certificates
+ - name: {{ include "common.name" . }}-onap-certificates
+ mountPath: {{ .Values.global.certificates.share_path }}
+{{- end -}}
+
+{{- define "so.certificate.volume-mounts" -}}
+- name: {{ include "common.name" . }}-certificates
+ mountPath: {{ .Values.global.certificates.path }}
+- name: {{ include "common.name" . }}-onap-certificates
+ mountPath: {{ .Values.global.certificates.share_path }}
+{{- end -}}
+
+{{- define "so.certificate.volumes" -}}
+- name: {{ include "common.name" . }}-certificates
+ emptyDir:
+ medium: Memory
+- name: {{ include "common.name" . }}-onap-certificates
+ secret:
+ secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "so-onap-certs") }}
+{{- end -}}
diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml
index ca6be72273..07390097e7 100755
--- a/kubernetes/so/templates/deployment.yaml
+++ b/kubernetes/so/templates/deployment.yaml
@@ -34,8 +34,9 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers:
- - command:
+ initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
+ - name: {{ include "common.name" . }}-readiness
+ command:
- /root/job_complete.py
args:
- --job-name
@@ -93,7 +94,7 @@ spec:
- configMapRef:
name: {{ include "common.fullname" . }}-configmap
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts:
+ volumeMounts: {{ include "so.certificate.volume-mounts" . | nindent 8 }}
- name: logs
mountPath: /app/logs
- name: config
@@ -120,7 +121,7 @@ spec:
mountPath: /var/log/onap/so
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap
- volumes:
+ volumes: {{ include "so.certificate.volumes" . | nindent 6 }}
- name: logs
emptyDir: {}
- name: config
diff --git a/kubernetes/so/templates/secret.yaml b/kubernetes/so/templates/secret.yaml
index bd7eb8ea40..bdcecddfa3 100644
--- a/kubernetes/so/templates/secret.yaml
+++ b/kubernetes/so/templates/secret.yaml
@@ -1,4 +1,5 @@
# Copyright © 2020 Samsung Electronics
+# Modifications Copyright © 2020 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -12,4 +13,4 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-{{ include "common.secretFast" . }}
+{{ include "common.secret" . }}