diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-04-01 09:59:56 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-04-01 09:59:56 +0000 |
commit | eac393265c9e926a3e18b1d4ede82c5c442eb65a (patch) | |
tree | b435097825a806944ca29adcaa272aebaa59d099 /kubernetes/so/templates | |
parent | bf1af5c0a0caad1830bd2f56dded7d8d7fe35b3e (diff) | |
parent | aadf545643827a440b082f4dcf6afdfd1c2012e2 (diff) |
Merge "[SO] Onboard ONAP CA during init phase"
Diffstat (limited to 'kubernetes/so/templates')
-rw-r--r-- | kubernetes/so/templates/_certificates.tpl | 32 | ||||
-rwxr-xr-x | kubernetes/so/templates/deployment.yaml | 9 | ||||
-rw-r--r-- | kubernetes/so/templates/secret.yaml | 3 |
3 files changed, 39 insertions, 5 deletions
diff --git a/kubernetes/so/templates/_certificates.tpl b/kubernetes/so/templates/_certificates.tpl new file mode 100644 index 0000000000..8bd25d27a1 --- /dev/null +++ b/kubernetes/so/templates/_certificates.tpl @@ -0,0 +1,32 @@ +{{- define "so.certificate.container_importer" -}} +- name: {{ include "common.name" . }}-certs-importer + image: "{{ include "common.repository" . }}/{{ .Values.global.soBaseImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - "/bin/sh" + args: + - "-c" + - "update-ca-certificates --fresh && \ + cp -r {{ .Values.global.certificates.path }}/* /certificates" + volumeMounts: + - name: {{ include "common.name" . }}-certificates + mountPath: /certificates + - name: {{ include "common.name" . }}-onap-certificates + mountPath: {{ .Values.global.certificates.share_path }} +{{- end -}} + +{{- define "so.certificate.volume-mounts" -}} +- name: {{ include "common.name" . }}-certificates + mountPath: {{ .Values.global.certificates.path }} +- name: {{ include "common.name" . }}-onap-certificates + mountPath: {{ .Values.global.certificates.share_path }} +{{- end -}} + +{{- define "so.certificate.volumes" -}} +- name: {{ include "common.name" . }}-certificates + emptyDir: + medium: Memory +- name: {{ include "common.name" . }}-onap-certificates + secret: + secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "so-onap-certs") }} +{{- end -}} diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml index ca6be72273..07390097e7 100755 --- a/kubernetes/so/templates/deployment.yaml +++ b/kubernetes/so/templates/deployment.yaml @@ -34,8 +34,9 @@ spec: app: {{ include "common.name" . }} release: {{ include "common.release" . }} spec: - initContainers: - - command: + initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }} + - name: {{ include "common.name" . }}-readiness + command: - /root/job_complete.py args: - --job-name @@ -93,7 +94,7 @@ spec: - configMapRef: name: {{ include "common.fullname" . }}-configmap imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: + volumeMounts: {{ include "so.certificate.volume-mounts" . | nindent 8 }} - name: logs mountPath: /app/logs - name: config @@ -120,7 +121,7 @@ spec: mountPath: /var/log/onap/so - name: {{ include "common.fullname" . }}-logs mountPath: /var/log/onap - volumes: + volumes: {{ include "so.certificate.volumes" . | nindent 6 }} - name: logs emptyDir: {} - name: config diff --git a/kubernetes/so/templates/secret.yaml b/kubernetes/so/templates/secret.yaml index bd7eb8ea40..bdcecddfa3 100644 --- a/kubernetes/so/templates/secret.yaml +++ b/kubernetes/so/templates/secret.yaml @@ -1,4 +1,5 @@ # Copyright © 2020 Samsung Electronics +# Modifications Copyright © 2020 Orange # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -12,4 +13,4 @@ # See the License for the specific language governing permissions and # limitations under the License. -{{ include "common.secretFast" . }} +{{ include "common.secret" . }} |