diff options
| author |   Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2021-02-25 18:13:19 +0100 |
|---|---|---|
| committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2021-03-20 19:41:45 +0000 |
| commit | 554bc6b6d540810be1fd2c4fa1117719c21527de (patch) | |
| tree | e8e503ed7c29217a5bd4951a222681f3d64d8c00 /kubernetes/vnfsdk/values.yaml | |
| parent | fde94076e689727e8a2c3c5147ce1242dc225f87 (diff) | |
[VNFSDK] Automatically retrieve certificates
Instead of using hardcoded certificates, let's use certInitializer in
order to retrieve them.
Issue-ID: OOM-2696
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6ed12dda660647cd0990c34f51e6c05ed533774a
Diffstat (limited to 'kubernetes/vnfsdk/values.yaml')
| -rw-r--r-- | kubernetes/vnfsdk/values.yaml | 33 |
1 files changed, 32 insertions, 1 deletions
diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml index 28a2ac419e..0fbee4c07f 100644 --- a/kubernetes/vnfsdk/values.yaml +++ b/kubernetes/vnfsdk/values.yaml @@ -34,6 +34,37 @@ secrets: passwordPolicy: generate ################################################################# +# AAF part +################################################################# +certInitializer: + nameOverride: refrepo-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: refrepo + fqi: refrepo@refrepo.onap.org + fqi_namespace: org.onap.refrepo + public_fqdn: refrepo.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + aaf_add_config: | + echo "*** transform AAF certs into pem files" + mkdir -p {{ .Values.credsPath }}/certs + echo "keystore password: $$cadi_keystore_password_p12" + openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \ + -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \ + -passin pass:$cadi_keystore_password_p12 \ + -passout pass:$cadi_keystore_password_p12 + echo "*** copy key" + cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \ + {{ .Values.credsPath }}/certs/cert.key + echo "*** change ownership of certificates to targeted user" + chown -R 999 {{ .Values.credsPath }}/certs + + +################################################################# # Application configuration defaults. ################################################################# # application image @@ -102,7 +133,7 @@ readiness: service: type: NodePort name: refrepo - portName: refrepo + portName: https nodePort: 97 internalPort: 8703 |