diff options
-rw-r--r-- | kubernetes/vid/templates/deployment.yaml | 2 | ||||
-rw-r--r-- | kubernetes/vid/values.yaml | 4 |
2 files changed, 4 insertions, 2 deletions
diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml index 8872863e42..d1b4bcdbf2 100644 --- a/kubernetes/vid/templates/deployment.yaml +++ b/kubernetes/vid/templates/deployment.yaml @@ -63,6 +63,8 @@ spec: - -c - | export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) + export VID_TRUSTSTORE_PLAIN_PASSWORD=${VID_TRUSTSTORE_PASSWORD} + export VID_TRUSTSTORE_PASSWORD=`java -cp /usr/local/tomcat/webapps/vid/WEB-INF/lib/jetty-util-9.4.20.v20190813.jar org.eclipse.jetty.util.security.Password ${VID_TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"` /tmp/vid/localize.sh {{- end }} ports: diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml index 6b323a4a17..91132e276c 100644 --- a/kubernetes/vid/values.yaml +++ b/kubernetes/vid/values.yaml @@ -64,7 +64,7 @@ certInitializer: else echo "*** changing them into shell safe ones" export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - export TRUSTORE_PASSWD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) cd {{ .Values.credsPath }} keytool -storepasswd -new "${KEYSTORE_PASSWD}" \ -storepass "${cadi_keystore_password_jks}" \ @@ -79,7 +79,7 @@ certInitializer: -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }} echo "*** save the generated passwords" echo "VID_KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop - echo "VID_TRUSTSTORE_PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp" >> mycreds.prop + echo "VID_TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop echo "*** change ownership of certificates to targeted user" chown -R 1000 . fi |