diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2021-09-22 14:49:18 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2021-09-22 14:49:18 +0000 |
commit | 4e047995fd6c7a0e3804a4412d91aa093f6f8441 (patch) | |
tree | 79f610f9ba9e02b3a06d1de7db941d87f1ad1d1c /kubernetes | |
parent | b62b9cf9e7e5248972baa619c6d015459187cd64 (diff) | |
parent | c9f47135f5820c423ed0b6cf295be5a98624a73c (diff) |
Merge "[SO] Add TLS configuration for SO API Ingress"
Diffstat (limited to 'kubernetes')
-rw-r--r-- | kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat | 2 | ||||
-rw-r--r-- | kubernetes/common/certInitializer/templates/job.yaml | 4 | ||||
-rwxr-xr-x | kubernetes/so/components/soHelpers/values.yaml | 2 | ||||
-rwxr-xr-x | kubernetes/so/requirements.yaml | 3 | ||||
-rwxr-xr-x | kubernetes/so/values.yaml | 21 |
5 files changed, 28 insertions, 4 deletions
diff --git a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat index 84bd723aad..298274ed0f 100644 --- a/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat +++ b/kubernetes/aaf/components/aaf-cass/resources/cass-init-dats/artifact.dat @@ -62,7 +62,7 @@ so@so.onap.org|sdc-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|roo so@so.onap.org|sdnc-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'localhost', 'sdnc-simulator'}|aaf_admin@osaaf.org|{'pkcs12'} so@so.onap.org|so-apih|local|/opt/app/osaaf/local||mailto:rp6768@att.com|org.onap.so|root|30|{'mso-asdc-controller-svc', 'mso-bpmn-infra-svc', 'mso-catalog-db-adapter-svc', 'mso-openstack-adapter-svc', 'mso-request-db-adapter-svc', 'mso-sdnc-adapter-svc'}|mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'} so@so.onap.org|so-client|local|/opt/app/osaaf/local||mailto:rp6768@att.com|org.onap.so|root|30||mmanager@osaaf.org|{'file', 'jks', 'pkcs12', 'script'} -so@so.onap.org|so|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'so.api.simpledemo.onap.org', 'so.onap'}|aaf_admin@osaaf.org|{'pkcs12', 'script'} +so@so.onap.org|so|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'so.api.simpledemo.onap.org', 'so.onap'}|aaf_admin@osaaf.org|{'file', 'pkcs12', 'script'} so@so.onap.org|so-vnfm-adapter|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'so-vnfm-adapter', 'so-vnfm-adapter.onap'}|aaf_admin@osaaf.org|{'pkcs12'} so@so.onap.org|so-vnfm-simulator|local|/opt/app/osaaf/local||mailto:|org.onap.so|root|30|{'so-vnfm-simulator', 'so-vnfm-simulator.onap'}|aaf_admin@osaaf.org|{'pkcs12'} tester1@test.portal.onap.org|tester1|aaf|/||mailto:|org.onap.portal.test|root|30||@osaaf.org|{'file', 'jks', 'pkcs12', 'script'} diff --git a/kubernetes/common/certInitializer/templates/job.yaml b/kubernetes/common/certInitializer/templates/job.yaml index 331a58c310..2acb423511 100644 --- a/kubernetes/common/certInitializer/templates/job.yaml +++ b/kubernetes/common/certInitializer/templates/job.yaml @@ -20,12 +20,13 @@ kind: Job {{- $suffix := "set-tls-secret" }} metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )| nindent 2 }} spec: + backoffLimit: 20 template: metadata: {{- include "common.templateMetadata" . | nindent 6 }} spec: initContainers: {{ include "common.certInitializer.initContainer" (dict "dot" . "initRoot" .Values) | nindent 6 }} containers: - - name: create tls secret + - name: create-tls-secret command: - /ingress/onboard.sh image: {{ include "repositoryGenerator.image.kubectl" . }} @@ -41,4 +42,5 @@ spec: configMap: name: {{ include "common.fullname" . }}-ingress defaultMode: 0777 + restartPolicy: Never {{- end}} diff --git a/kubernetes/so/components/soHelpers/values.yaml b/kubernetes/so/components/soHelpers/values.yaml index 938a6f9d00..2417d2553c 100755 --- a/kubernetes/so/components/soHelpers/values.yaml +++ b/kubernetes/so/components/soHelpers/values.yaml @@ -34,11 +34,11 @@ certInitializer: fqdn: so fqi: so@so.onap.org public_fqdn: so.onap.org + fqi_namespace: org.onap.so cadi_longitude: '0.0' cadi_latitude: '0.0' app_ns: org.osaaf.aaf credsPath: /opt/app/osaaf/local - qi_namespace: org.onap.so aaf_add_config: | echo "cadi_truststore_password=$cadi_truststore_password" > {{ .Values.credsPath }}/mycreds.prop echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" >> {{ .Values.credsPath }}/mycreds.prop diff --git a/kubernetes/so/requirements.yaml b/kubernetes/so/requirements.yaml index f2fc70c1f9..af95ab85ce 100755 --- a/kubernetes/so/requirements.yaml +++ b/kubernetes/so/requirements.yaml @@ -18,6 +18,9 @@ dependencies: # a part of this chart's package and will not # be published independently to a repo (at this point) repository: '@local' + - name: certInitializer + version: ~8.x-0 + repository: '@local' - name: readinessCheck version: ~8.x-0 repository: '@local' diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index ca2fe07b22..064415927f 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -151,6 +151,24 @@ aaf: trustore: org.onap.so.trust.jks ################################################################# +# AAF part for Ingress +################################################################# +certInitializer: + nameOverride: so-tls-cert + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: so + fqi: so@so.onap.org + public_fqdn: so.onap.org + fqi_namespace: org.onap.so + cadi_longitude: '0.0' + cadi_latitude: '0.0' + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + ingressTlsSecret: '{{ include "common.release" . }}-so-ingress-certs' + +################################################################# # Application configuration defaults. ################################################################# @@ -263,7 +281,8 @@ ingress: name: 'so' port: 8080 config: - ssl: 'none' + tls: + secret: '{{ include "common.release" . }}-so-ingress-certs' mso: adapters: |