4 files changed, 30 insertions, 172 deletions

diff --git a/kubernetes/aai/templates/service.yaml b/kubernetes/aai/templates/service.yaml
index 750e1babc3..aecb687852 100644
--- a/kubernetes/aai/templates/service.yaml
+++ b/kubernetes/aai/templates/service.yaml
@@ -35,3 +35,25 @@ spec:
   type: {{ .Values.service.type }}
   selector:
     app: {{ include "common.name" . }}
+{{- if include "common.onServiceMesh" . }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.servicename" . }}-internal
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ include "common.release" . }}
+    heritage: {{ .Release.Service }}
+spec:
+  ports:
+    - name: {{ .Values.service.portName }}
+      port: {{ .Values.service.externalPlainPort }}
+      targetPort: {{ .Values.service.internalPlainPort }}
+  type: ClusterIP
+  selector:
+    app: {{ include "common.name" . }}
+{{- end }}
+
diff --git a/kubernetes/common/common/templates/_aafconfig.tpl b/kubernetes/common/common/templates/_aafconfig.tpl
deleted file mode 100644
index 930959337a..0000000000
--- a/kubernetes/common/common/templates/_aafconfig.tpl
+++ /dev/null
@@ -1,162 +0,0 @@
-{{/*
-# Copyright © 2020 Amdocs, Bell Canada, highstreet technologies GmbH
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{/*
-  common templates to enable aaf configs for applictaions
-
-  Parameter for aafConfig to be defined in values.yaml
-  aafConfig:   --> if a different key is used, call templates with argument (dict "aafRoot" .Values.<yourkey> "dot" .)
-    # additional scripts can be defined to handle certs
-    addconfig: true|false
-    fqdn: "sdnc"
-    app_ns: "org.osaaf.aaf"
-    fqi: "sdnc@sdnc.onap.org"
-    fqi_namespace: org.onap.sdnc
-    public_fqdn: "aaf.osaaf.org"
-    aafDeployFqi: "deployer@people.osaaf.org"
-    aafDeployPass: demo123456!
-    cadi_latitude: "38.0"
-    cadi_longitude: "-72.0"
-    secret_uid: &aaf_secret_uid my-component-aaf-deploy-creds
-
-  # secrets configuration, Note: create a secrets template
-  secrets:
-    - uid: *aaf_secret_uid
-      type: basicAuth
-      externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}'
-      login: '{{ .Values.aafConfig.aafDeployFqi }}'
-      password: '{{ .Values.aafConfig.aafDeployPass }}'
-      passwordPolicy: required
-
-  In deployments/jobs/stateful include:
-  initContainers:
-    {{ include "common.aaf-config" . | nindent XX}}
-
-  containers:
-    volumeMounts:
-    {{- if .Values.global.aafEnabled }}
-     - mountPath: "/opt/app/osaaf"
-       name: {{ include "common.fullname" . }}-aaf-config
-       {{- end }}
-  volumes:
-  {{- include "common.aaf-config-volumes" . | nindent XX}}
-*/}}
-{{- define "common.aaf-config" -}}
-{{-   $dot := default . .dot -}}
-{{-   $aafRoot := default $dot.Values.aafConfig .aafRoot -}}
-{{-   if $dot.Values.global.aafEnabled -}}
-- name: {{ include "common.name" $dot }}-aaf-readiness
-  image: {{ include "common.repository" $dot }}/{{ $dot.Values.global.readinessImage }}
-  imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
-  command:
-  - /app/ready.py
-  args:
-  - --container-name
-  - aaf-locate
-  - --container-name
-  - aaf-cm
-  - --container-name
-  - aaf-service
-  env:
-  - name: NAMESPACE
-    valueFrom:
-      fieldRef:
-        apiVersion: v1
-        fieldPath: metadata.namespace
-  resources:
-    limits:
-      cpu: 100m
-      memory: 100Mi
-    requests:
-      cpu: 3m
-      memory: 20Mi
-- name: {{ include "common.name" $dot }}-aaf-config
-  image: {{ (default $dot.Values.repository $dot.Values.global.repository) }}/{{ $dot.Values.global.aafAgentImage }}
-  imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $dot.Values.pullPolicy }}
-  volumeMounts:
-  - mountPath: "/opt/app/osaaf"
-    name: {{ include "common.fullname" $dot }}-aaf-config
-{{-     if $aafRoot.addconfig }}
-  - name: aaf-add-config
-    mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh
-    subPath: aaf-add-config.sh
-{{-     end }}
-  command:
-    - sh
-    - -c
-    - |
-      #!/usr/bin/env bash
-      /opt/app/aaf_config/bin/agent.sh
-{{-     if $aafRoot.addconfig }}
-      /opt/app/aaf_config/bin/aaf-add-config.sh
-{{-     end }}
-  env:
-    - name: APP_FQI
-      value: "{{ $aafRoot.fqi }}"
-    - name: aaf_locate_url
-      value: "https://aaf-locate.{{ $dot.Release.Namespace}}:8095"
-    - name: aaf_locator_container
-      value: "oom"
-    - name: aaf_locator_container_ns
-      value: "{{ $dot.Release.Namespace }}"
-    - name: aaf_locator_fqdn
-      value: "{{ $aafRoot.fqdn }}"
-    - name: aaf_locator_app_ns
-      value: "{{ $aafRoot.app_ns }}"
-    - name: DEPLOY_FQI
-    {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "login") | indent 6 }}
-    - name: DEPLOY_PASSWORD
-    {{- include "common.secret.envFromSecretFast" (dict "global" $dot "uid" $aafRoot.secret_uid "key" "password") | indent 6 }}
-  #Note: want to put this on Nodes, eventually
-    - name: cadi_longitude
-      value: "{{ default "52.3" $aafRoot.cadi_longitude }}"
-    - name: cadi_latitude
-      value: "{{ default "13.2" $aafRoot.cadi_latitude }}"
-  #Hello specific.  Clients don't don't need this, unless Registering with AAF Locator
-    - name: aaf_locator_public_fqdn
-      value: "{{ $aafRoot.public_fqdn | default "" }}"
-  resources:
-    limits:
-      cpu: 100m
-      memory: 100Mi
-    requests:
-      cpu: 3m
-      memory: 20Mi
-{{-   end -}}
-{{- end -}}
-
-{{- define "common.aaf-config-volume-mountpath" -}}
-{{-   if .Values.global.aafEnabled -}}
-- mountPath: "/opt/app/osaaf"
-  name: {{ include "common.fullname" . }}-aaf-config
-{{-   end -}}
-{{- end -}}
-
-{{- define "common.aaf-config-volumes" -}}
-{{-   $dot := default . .dot -}}
-{{-   $aafRoot := default $dot.Values.aafConfig .aafRoot -}}
-{{-   if $dot.Values.global.aafEnabled -}}
-- name: {{ include "common.fullname" $dot }}-aaf-config
-  emptyDir:
-    medium: Memory
-{{-     if $aafRoot.addconfig }}
-- name: aaf-add-config
-  configMap:
-    name: {{ include "common.fullname" $dot }}-aaf-add-config
-    defaultMode: 0700
-{{-     end -}}
-{{-   end -}}
-{{- end -}}
diff --git a/kubernetes/sdnc/components/sdnc-web/values.yaml b/kubernetes/sdnc/components/sdnc-web/values.yaml
index e838fb7e79..979698ffef 100644
--- a/kubernetes/sdnc/components/sdnc-web/values.yaml
+++ b/kubernetes/sdnc/components/sdnc-web/values.yaml
@@ -69,14 +69,13 @@ certInitializer:
   cadi_latitude: "38.0"
   cadi_longitude: "-72.0"
   credsPath: /opt/app/osaaf/local
-  aaf_add_config: >
-    cd /opt/app/osaaf/local;
-    mkdir -p certs;
-    export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
-    keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password;
-    openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12;
-    cp {{ .Values.fqi_namespace }}.key certs/key.pem;
-    chmod -R 755 certs;
+  aaf_add_config: |
+    cd /opt/app/osaaf/local
+    mkdir -p certs
+    keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password
+    openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12
+    cp {{ .Values.fqi_namespace }}.key certs/key.pem
+    chmod -R 755 certs
 
 # default number of instances
 replicaCount: 1
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 1e0da8aeb4..1fd5bf3363 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -386,8 +386,7 @@ certInitializer:
   cadi_longitude: "-72.0"
   credsPath: /opt/app/osaaf/local
   aaf_add_config: >
-    cd /opt/app/osaaf/local;
-    /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1
+    echo "$cadi_keystore_password" > {{ .Values.credsPath }}/.pass 2>&1
 
 # dependency / sub-chart configuration
 network-name-gen: