summaryrefslogtreecommitdiffstats
path: root/kubernetes/so/templates
diff options
context:
space:
mode:
authorseshukm <seshu.kumar.m@huawei.com>2020-08-17 21:45:49 +0530
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-10-12 12:44:09 +0000
commit0df1f8ec5332651b5ce2731dd25ee2319f393b4f (patch)
treecda805d85588b153ca2b80807cc0355f95c07ab8 /kubernetes/so/templates
parent7ba9cb9f6e9dd62210d42eb19e693293bab52042 (diff)
[SO] move subcharts to components folder
Move subcharts to components folder in order to be able to enable/disable them one by one. Also use certInitializer to retrieve truststore in order to be able to discuss with other ONAP components. Issue-ID: SO-2046 Change-Id: Ia5c2a590a2ad75e4b69be0748e9d79fda996af37 Signed-off-by: seshukm <seshu.kumar.m@huawei.com> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Diffstat (limited to 'kubernetes/so/templates')
-rw-r--r--kubernetes/so/templates/_cadiValues.tpl19
-rw-r--r--kubernetes/so/templates/_certificates.tpl32
-rw-r--r--kubernetes/so/templates/_livenessProbe.tpl17
-rw-r--r--kubernetes/so/templates/_profileProperty.tpl3
-rwxr-xr-xkubernetes/so/templates/configmap.yaml2
-rwxr-xr-xkubernetes/so/templates/deployment.yaml41
6 files changed, 20 insertions, 94 deletions
diff --git a/kubernetes/so/templates/_cadiValues.tpl b/kubernetes/so/templates/_cadiValues.tpl
deleted file mode 100644
index 426facc4b1..0000000000
--- a/kubernetes/so/templates/_cadiValues.tpl
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- define "cadi.keys" -}}
-cadiLoglevel: DEBUG
-cadiKeyFile: /org.onap.so.keyfile
-cadiTrustStore: /app/org.onap.so.trust.jks
-cadiTruststorePassword: {{ .Values.global.app.cadi.cadiTruststorePassword }}
-cadiLatitude: {{ .Values.global.app.cadi.cadiLatitude }}
-cadiLongitude: {{ .Values.global.app.cadi.cadiLongitude }}
-aafEnv: {{ .Values.global.app.cadi.aafEnv }}
-aafApiVersion: 2.0
-aafRootNs: {{ .Values.global.app.cadi.aafRootNs }}
-aafId: {{ .Values.mso.config.cadi.aafId }}
-aafPassword: {{ .Values.mso.config.cadi.aafPassword }}
-aafLocateUrl: {{ .Values.global.app.cadi.aafLocateUrl }}
-aafUrl: {{ .Values.global.app.cadi.aafUrl }}
-apiEnforcement: {{ .Values.mso.config.cadi.apiEnforcement }}
-{{- if (.Values.global.app.cadi.noAuthn) }}
-noAuthn: {{ .Values.mso.config.cadi.noAuthn }}
-{{- end }}
-{{- end }}
diff --git a/kubernetes/so/templates/_certificates.tpl b/kubernetes/so/templates/_certificates.tpl
deleted file mode 100644
index 8bd25d27a1..0000000000
--- a/kubernetes/so/templates/_certificates.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{- define "so.certificate.container_importer" -}}
-- name: {{ include "common.name" . }}-certs-importer
- image: "{{ include "common.repository" . }}/{{ .Values.global.soBaseImage }}"
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- command:
- - "/bin/sh"
- args:
- - "-c"
- - "update-ca-certificates --fresh && \
- cp -r {{ .Values.global.certificates.path }}/* /certificates"
- volumeMounts:
- - name: {{ include "common.name" . }}-certificates
- mountPath: /certificates
- - name: {{ include "common.name" . }}-onap-certificates
- mountPath: {{ .Values.global.certificates.share_path }}
-{{- end -}}
-
-{{- define "so.certificate.volume-mounts" -}}
-- name: {{ include "common.name" . }}-certificates
- mountPath: {{ .Values.global.certificates.path }}
-- name: {{ include "common.name" . }}-onap-certificates
- mountPath: {{ .Values.global.certificates.share_path }}
-{{- end -}}
-
-{{- define "so.certificate.volumes" -}}
-- name: {{ include "common.name" . }}-certificates
- emptyDir:
- medium: Memory
-- name: {{ include "common.name" . }}-onap-certificates
- secret:
- secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "so-onap-certs") }}
-{{- end -}}
diff --git a/kubernetes/so/templates/_livenessProbe.tpl b/kubernetes/so/templates/_livenessProbe.tpl
deleted file mode 100644
index 4181beb1f8..0000000000
--- a/kubernetes/so/templates/_livenessProbe.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- define "helpers.livenessProbe" -}}
-livenessProbe:
- httpGet:
- path: {{- index .Values.livenessProbe.path|indent 2}}
- port: {{ index .Values.containerPort }}
- scheme: {{- index .Values.livenessProbe.scheme| indent 2}}
- {{- if eq .Values.global.security.aaf.enabled true }}
- httpHeaders:
- - name: Authorization
- value: {{ index .Values.global.aaf.auth.header }}
- {{- end }}
- initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
- periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
- timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}}
- successThreshold: {{ index .Values.livenessProbe.successThreshold}}
- failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
-{{- end -}}
diff --git a/kubernetes/so/templates/_profileProperty.tpl b/kubernetes/so/templates/_profileProperty.tpl
deleted file mode 100644
index 113bc343d0..0000000000
--- a/kubernetes/so/templates/_profileProperty.tpl
+++ /dev/null
@@ -1,3 +0,0 @@
-{{- define "helpers.profileProperty" -}}
- {{ if eq .condition true }}{{.value1}}{{else}}{{.value2}} {{ end }}
-{{- end -}}
diff --git a/kubernetes/so/templates/configmap.yaml b/kubernetes/so/templates/configmap.yaml
index 6aa4b5f4f0..ab7b5f3624 100755
--- a/kubernetes/so/templates/configmap.yaml
+++ b/kubernetes/so/templates/configmap.yaml
@@ -15,7 +15,7 @@ apiVersion: v1
data:
LOG_PATH: {{ index .Values.logPath }}
APP: {{ index .Values.app }}
- ACTIVE_PROFILE: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
+ ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
kind: ConfigMap
metadata:
name: {{ include "common.fullname" . }}-configmap
diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml
index 83452ccba8..d378cae606 100755
--- a/kubernetes/so/templates/deployment.yaml
+++ b/kubernetes/so/templates/deployment.yaml
@@ -37,7 +37,8 @@ spec:
app: {{ include "common.name" . }}
release: {{ include "common.release" . }}
spec:
- initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
+ initContainers:
+ {{ include "so.certificate.container_importer" . | indent 6 | trim }}
- name: {{ include "common.name" . }}-readiness
command:
- /app/ready.py
@@ -52,12 +53,23 @@ spec:
fieldPath: metadata.namespace
image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- name: {{ include "common.name" . }}-readiness
containers:
- name: {{ include "common.name" . }}
image: {{ include "common.repository" . }}/{{ .Values.image }}
- resources:
-{{ include "common.resources" . | indent 12 }}
+ resources: {{ include "common.resources" . | nindent 12 }}
+ {{- if .Values.global.aafEnabled }}
+ command:
+ - sh
+ args:
+ - -c
+ - |
+ export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
+ {{- if .Values.global.security.aaf.enabled }}
+ export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+ {{- end }}
+ /app/start-app.sh
+ {{- end }}
env:
- name: DB_HOST
valueFrom:
@@ -77,27 +89,12 @@ spec:
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
- name: DB_ADMIN_PASSWORD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
- {{- if eq .Values.global.security.aaf.enabled true }}
- - name: TRUSTSTORE
- value: /app/org.onap.so.trust.jks
- - name: TRUSTSTORE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ .Release.Name}}-so-client-certs-secret
- key: trustStorePassword
- - name: KEYSTORE
- value: /app/org.onap.so.jks
- - name: KEYSTORE_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ .Release.Name}}-so-client-certs-secret
- key: keyStorePassword
- {{- end }}
+ {{ include "so.certificates.env" . | indent 8 | trim }}
envFrom:
- configMapRef:
name: {{ include "common.fullname" . }}-configmap
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts: {{ include "so.certificate.volume-mounts" . | nindent 8 }}
+ volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }}
- name: logs
mountPath: /app/logs
- name: config
@@ -105,7 +102,7 @@ spec:
readOnly: true
- name: {{ include "common.fullname" . }}-logs
mountPath: /var/log/onap
-{{ include "helpers.livenessProbe" .| indent 8 }}
+{{ include "so.helpers.livenessProbe" .| indent 8 }}
ports:
- containerPort: {{ index .Values.containerPort }}
name: {{ .Values.service.portName }}