diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2020-10-21 18:24:50 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-10-21 18:24:50 +0000 |
commit | aea88e49e5b3b8205b957dd089282d4f789dc53e (patch) | |
tree | e97cde6f79668bd476f4f5af7d5d4ef6eeaf63e7 /kubernetes | |
parent | 65c2c270679f5ebb1cff99a3061fbf58b62a7623 (diff) | |
parent | 75f18758d0cc3e14ec5dd4fd61ee9a46a838a272 (diff) |
Merge "[COMMON] Make certInitializer share truststore among instances"
Diffstat (limited to 'kubernetes')
-rw-r--r-- | kubernetes/common/Makefile | 6 | ||||
-rw-r--r-- | kubernetes/common/cert-wrapper/Chart.yaml | 18 | ||||
-rw-r--r-- | kubernetes/common/cert-wrapper/requirements.yaml | 18 | ||||
-rw-r--r-- | kubernetes/common/cert-wrapper/values.yaml | 17 | ||||
-rw-r--r-- | kubernetes/common/certInitializer/templates/_certInitializer.yaml | 2 | ||||
-rw-r--r-- | kubernetes/common/certInitializer/templates/configmap.yaml | 2 | ||||
-rw-r--r-- | kubernetes/common/certInitializer/values.yaml | 3 | ||||
-rwxr-xr-x | kubernetes/onap/requirements.yaml | 4 | ||||
-rwxr-xr-x | kubernetes/onap/values.yaml | 3 |
9 files changed, 70 insertions, 3 deletions
diff --git a/kubernetes/common/Makefile b/kubernetes/common/Makefile index 58125f8506..817a2e24bc 100644 --- a/kubernetes/common/Makefile +++ b/kubernetes/common/Makefile @@ -20,12 +20,14 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets COMMON_CHARTS_DIR := common EXCLUDES := +PROCESSED_LAST := cert-wrapper +TO_FILTER := $(EXCLUDES) $(PROCESSED_LAST) HELM_BIN := helm -HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.)))) +HELM_CHARTS := $(filter-out $(TO_FILTER), $(sort $(patsubst %/.,%,$(wildcard */.)))) $(PROCESSED_LAST) HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}") -.PHONY: $(EXCLUDES) $(HELM_CHARTS) +.PHONY: $(HELM_CHARTS) $(TO_FILTER) all: $(COMMON_CHARTS_DIR) $(HELM_CHARTS) diff --git a/kubernetes/common/cert-wrapper/Chart.yaml b/kubernetes/common/cert-wrapper/Chart.yaml new file mode 100644 index 0000000000..68d5400743 --- /dev/null +++ b/kubernetes/common/cert-wrapper/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Wrapper chart to allow truststore to be shared among cert-initializer instances +name: cert-wrapper +version: 6.0.0 diff --git a/kubernetes/common/cert-wrapper/requirements.yaml b/kubernetes/common/cert-wrapper/requirements.yaml new file mode 100644 index 0000000000..b6a667e448 --- /dev/null +++ b/kubernetes/common/cert-wrapper/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: certInitializer + version: ~6.x-0 + repository: 'file://../certInitializer' diff --git a/kubernetes/common/cert-wrapper/values.yaml b/kubernetes/common/cert-wrapper/values.yaml new file mode 100644 index 0000000000..fcece0e3f5 --- /dev/null +++ b/kubernetes/common/cert-wrapper/values.yaml @@ -0,0 +1,17 @@ +# Copyright © 2020 Samsung Electronics +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +certInitializer: + nameOverride: cert-initializer + createCertsCM: true diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml index 6734e0be81..800364f1a2 100644 --- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml +++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml @@ -172,7 +172,7 @@ medium: Memory - name: aaf-agent-certs configMap: - name: {{ include "common.fullname" $subchartDot }}-certs + name: {{ tpl $subchartDot.Values.certsCMName $subchartDot }} defaultMode: 0700 {{- if $initRoot.aaf_add_config }} diff --git a/kubernetes/common/certInitializer/templates/configmap.yaml b/kubernetes/common/certInitializer/templates/configmap.yaml index a89a33152b..69d74e1ca7 100644 --- a/kubernetes/common/certInitializer/templates/configmap.yaml +++ b/kubernetes/common/certInitializer/templates/configmap.yaml @@ -23,6 +23,7 @@ data: aaf-add-config.sh: | {{ tpl .Values.aaf_add_config . | indent 4 }} {{- end }} +{{- if .Values.createCertsCM }} --- apiVersion: v1 kind: ConfigMap @@ -30,3 +31,4 @@ kind: ConfigMap metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . ) | nindent 2 }} data: {{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }} +{{- end -}} diff --git a/kubernetes/common/certInitializer/values.yaml b/kubernetes/common/certInitializer/values.yaml index 642fe7799b..00e74c46d6 100644 --- a/kubernetes/common/certInitializer/values.yaml +++ b/kubernetes/common/certInitializer/values.yaml @@ -56,3 +56,6 @@ importCustomCertsEnabled: false truststoreMountpath: "" truststoreOutputFileName: truststore.jks truststorePassword: changeit + +createCertsCM: false +certsCMName: '{{ include "common.release" . }}-cert-initializer-certs' diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index 9143c1feff..7110117442 100755 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -162,3 +162,7 @@ dependencies: version: ~6.x-0 repository: '@local' condition: a1policymanagement.enabled + - name: cert-wrapper + version: ~6.x-0 + repository: '@local' + condition: cert-wrapper.enabled diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 3413c3840e..2791f0fab0 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -313,3 +313,6 @@ platform: enabled: false a1policymanagement: enabled: false + +cert-wrapper: + enabled: true |