aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common/certInitializer
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common/certInitializer')
-rw-r--r--kubernetes/common/certInitializer/templates/_certInitializer.yaml17
-rw-r--r--kubernetes/common/certInitializer/values.yaml10
2 files changed, 26 insertions, 1 deletions
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
index 414192e2bc..3b165a4c20 100644
--- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml
+++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
@@ -137,6 +137,8 @@
volumeMounts:
- mountPath: /certs
name: aaf-agent-certs
+ - mountPath: /more_certs
+ name: provided-custom-certs
- mountPath: /root/import-custom-certs.sh
name: aaf-agent-certs
subPath: import-custom-certs.sh
@@ -177,6 +179,21 @@
configMap:
name: {{ tpl $subchartDot.Values.certsCMName $subchartDot }}
defaultMode: 0700
+{{- if $dot.Values.global.importCustomCertsEnabled }}
+- name: provided-custom-certs
+{{- if $dot.Values.global.customCertsSecret }}
+ secret:
+ secretName: {{ $dot.Values.global.customCertsSecret }}
+{{- else }}
+{{- if $dot.Values.global.customCertsConfigMap }}
+ configMap:
+ name: {{ $dot.Values.global.customCertsConfigMap }}
+{{- else }}
+ emptyDir:
+ medium: Memory
+{{- end }}
+{{- end }}
+{{- end }}
- name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
configMap:
name: {{ include "common.fullname" $subchartDot }}-add-config
diff --git a/kubernetes/common/certInitializer/values.yaml b/kubernetes/common/certInitializer/values.yaml
index 52b2765329..74a2b37568 100644
--- a/kubernetes/common/certInitializer/values.yaml
+++ b/kubernetes/common/certInitializer/values.yaml
@@ -15,6 +15,15 @@
global:
aafAgentImage: onap/aaf/aaf_agent:2.1.20
aafEnabled: true
+ # Give the name of a config map where certInitializer will onboard all certs
+ # given (certs must be in pem format)
+ customCertsConfigMap:
+ # Give the name of a secret where certInitializer will onboard all certs given
+ # (certs must be in pem format)
+ # this one superseedes previous one (so if both are given, only certs from
+ # secret will be onboarded).
+ customCertsSecret:
+
pullPolicy: Always
@@ -37,7 +46,6 @@ readinessCheck:
- aaf-cm
- aaf-service
-aafDeployFqi: "changeme"
fqdn: ""
app_ns: "org.osaaf.aaf"
fqi: ""