summaryrefslogtreecommitdiffstats
path: root/kubernetes/common/certInitializer
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common/certInitializer')
-rw-r--r--kubernetes/common/certInitializer/Chart.yaml34
-rw-r--r--kubernetes/common/certInitializer/resources/ingress/onboard.sh35
-rw-r--r--kubernetes/common/certInitializer/resources/retrieval/retrieval_check.sh27
-rw-r--r--kubernetes/common/certInitializer/resources/retrieval/tls_certs_configure.sh32
-rw-r--r--kubernetes/common/certInitializer/templates/_certInitializer.yaml253
-rw-r--r--kubernetes/common/certInitializer/templates/configmap.yaml39
-rw-r--r--kubernetes/common/certInitializer/templates/job.yaml49
-rw-r--r--kubernetes/common/certInitializer/templates/secret.yaml17
-rw-r--r--kubernetes/common/certInitializer/values.yaml78
9 files changed, 0 insertions, 564 deletions
diff --git a/kubernetes/common/certInitializer/Chart.yaml b/kubernetes/common/certInitializer/Chart.yaml
deleted file mode 100644
index d70b1de52b..0000000000
--- a/kubernetes/common/certInitializer/Chart.yaml
+++ /dev/null
@@ -1,34 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2021 Orange
-# Modifications Copyright © 2021 Nordix Foundation
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v2
-description: Template used to obtain certificates in onap
-name: certInitializer
-version: 13.0.0
-
-dependencies:
- - name: common
- version: ~13.x-0
- repository: 'file://../common'
- - name: readinessCheck
- version: ~13.x-0
- repository: 'file://../readinessCheck'
- - name: repositoryGenerator
- version: ~13.x-0
- repository: 'file://../repositoryGenerator'
- - name: serviceAccount
- version: ~13.x-0
- repository: '@local'
diff --git a/kubernetes/common/certInitializer/resources/ingress/onboard.sh b/kubernetes/common/certInitializer/resources/ingress/onboard.sh
deleted file mode 100644
index 9cc5ec580e..0000000000
--- a/kubernetes/common/certInitializer/resources/ingress/onboard.sh
+++ /dev/null
@@ -1,35 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2020 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/ -}}
-
-echo "*** retrieving certificates and keys"
-export CRT=$(cat {{ .Values.credsPath }}/certs/tls.crt | base64 -w 0)
-export KEY=$(cat {{ .Values.credsPath }}/certs/tls.key | base64 -w 0)
-export CACERT=$(cat {{ .Values.credsPath }}/certs/cacert.pem | base64 -w 0)
-echo "*** creating tls secret"
-cat <<EOF | kubectl apply -f -
-apiVersion: v1
-kind: Secret
-metadata:
- name: {{ tpl .Values.ingressTlsSecret . }}
- namespace: {{ include "common.namespace" . }}
-data:
- ca.crt: "${CACERT}"
- tls.crt: "${CRT}"
- tls.key: '${KEY}'
-type: kubernetes.io/tls
-EOF
diff --git a/kubernetes/common/certInitializer/resources/retrieval/retrieval_check.sh b/kubernetes/common/certInitializer/resources/retrieval/retrieval_check.sh
deleted file mode 100644
index 76f384502f..0000000000
--- a/kubernetes/common/certInitializer/resources/retrieval/retrieval_check.sh
+++ /dev/null
@@ -1,27 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2021 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/ -}}
-
-echo "*** retrieving passwords for certificates"
-export $(/opt/app/aaf_config/bin/agent.sh local showpass \
- {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
-if [ -z "${{ .Values.envVarToCheck }}" ]
-then
- echo " /!\ certificates retrieval failed"
- exit 1
-fi
-echo "*** password retrieval succeeded"
diff --git a/kubernetes/common/certInitializer/resources/retrieval/tls_certs_configure.sh b/kubernetes/common/certInitializer/resources/retrieval/tls_certs_configure.sh
deleted file mode 100644
index f201eadd0a..0000000000
--- a/kubernetes/common/certInitializer/resources/retrieval/tls_certs_configure.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/sh
-
-{{/*
-# Copyright © 2021 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/ -}}
-
-echo "--- Cert transformation for use with Ingress"
-echo "*** transform AAF certs into pem files"
-mkdir -p {{ .Values.credsPath }}/certs
-keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
- -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
- -alias ca_local_0 \
- -storepass $cadi_truststore_password
-openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
- -out {{ .Values.credsPath }}/certs/tls.crt -nokeys \
- -passin pass:$cadi_keystore_password_p12 \
- -passout pass:$cadi_keystore_password_p12
-cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
- {{ .Values.credsPath }}/certs/tls.key
-echo "--- Done"
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
deleted file mode 100644
index 1312d98009..0000000000
--- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml
+++ /dev/null
@@ -1,253 +0,0 @@
-{{/*
-# Copyright © 2020 Bell Canada, Samsung Electronics
-# Copyright © 2021 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-
-
-{{- define "common.certInitializer._aafConfigVolumeName" -}}
- {{ include "common.fullname" . }}-aaf-config
-{{- end -}}
-
-{{- define "common.certInitializer._aafAddConfigVolumeName" -}}
- {{ print "aaf-add-config" }}
-{{- end -}}
-
-{{/*
- common templates to enable cert initialization for applictaions
-
- In deployments/jobs/stateful include:
- initContainers:
- {{ include "common.certInitializer.initContainer" . | nindent XX }}
-
- containers:
- volumeMounts:
- {{- include "common.certInitializer.volumeMount" . | nindent XX }}
- volumes:
- {{- include "common.certInitializer.volume" . | nindent XX}}
-*/}}
-{{- define "common.certInitializer._initContainer" -}}
-{{- $dot := default . .dot -}}
-{{- $initRoot := default $dot.Values.certInitializer .initRoot -}}
-{{- $initName := default "certInitializer" -}}
-{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
-{{ include "common.readinessCheck.waitFor" $subchartDot }}
-- name: {{ include "common.name" $dot }}-aaf-config
- image: {{ include "repositoryGenerator.repository" $subchartDot }}/{{ $subchartDot.Values.global.aafAgentImage }}
- imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
- securityContext:
- runAsUser: 0
- volumeMounts:
- - mountPath: {{ $initRoot.mountPath }}
- name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }}
- - mountPath: /opt/app/aaf_config/cert/truststoreONAPall.jks.b64
- name: aaf-agent-certs
- subPath: truststoreONAPall.jks.b64
- - mountPath: /opt/app/aaf_config/cert/truststoreONAP.p12.b64
- name: aaf-agent-certs
- subPath: truststoreONAP.p12.b64
- - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
- mountPath: /opt/app/aaf_config/bin/retrieval_check.sh
- subPath: retrieval_check.sh
-{{- if hasKey $initRoot "ingressTlsSecret" }}
- - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
- mountPath: /opt/app/aaf_config/bin/tls_certs_configure.sh
- subPath: tls_certs_configure.sh
-{{- end }}
-{{- if $initRoot.aaf_add_config }}
- - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
- mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh
- subPath: aaf-add-config.sh
-{{- end }}
- command:
- - sh
- - -c
- - |
- /opt/app/aaf_config/bin/agent.sh
- . /opt/app/aaf_config/bin/retrieval_check.sh
-{{- if hasKey $initRoot "ingressTlsSecret" }}
- /opt/app/aaf_config/bin/tls_certs_configure.sh
-{{- end -}}
-{{- if $initRoot.aaf_add_config }}
- /opt/app/aaf_config/bin/aaf-add-config.sh
-{{- end }}
- env:
- - name: APP_FQI
- value: "{{ $initRoot.fqi }}"
- {{- if $initRoot.aaf_namespace }}
- - name: aaf_locate_url
- value: "https://aaf-locate.{{ $initRoot.aaf_namespace }}:8095"
- - name: aaf_locator_container_ns
- value: "{{ $initRoot.aaf_namespace }}"
- {{- else }}
- - name: aaf_locate_url
- value: "https://aaf-locate.{{ $dot.Release.Namespace }}:8095"
- - name: aaf_locator_container_ns
- value: "{{ $dot.Release.Namespace }}"
- {{- end }}
- - name: aaf_locator_container
- value: "oom"
- - name: aaf_locator_fqdn
- value: "{{ $initRoot.fqdn }}"
- - name: aaf_locator_app_ns
- value: "{{ $initRoot.app_ns }}"
- - name: DEPLOY_FQI
- {{- include "common.secret.envFromSecretFast" (dict "global" $subchartDot "uid" "deployer-creds" "key" "login") | indent 6 }}
- - name: DEPLOY_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" $subchartDot "uid" "deployer-creds" "key" "password") | indent 6 }}
- #Note: want to put this on Nodes, eventually
- - name: cadi_longitude
- value: "{{ default "52.3" $initRoot.cadi_longitude }}"
- - name: cadi_latitude
- value: "{{ default "13.2" $initRoot.cadi_latitude }}"
- #Hello specific. Clients don't don't need this, unless Registering with AAF Locator
- - name: aaf_locator_public_fqdn
- value: "{{ $initRoot.public_fqdn | default "" }}"
-{{- end -}}
-
-{{/*
- This init container will import custom .pem certificates to truststoreONAPall.jks
- Custom certificates must be placed in common/certInitializer/resources directory.
-
- The feature is enabled by setting Values.global.importCustomCertsEnabled = true
- It can be used independently of aafEnabled, however it requires the same includes
- as describe above for _initContainer.
-
- When AAF is enabled the truststoreONAPAll.jks (which contains AAF CA) will be used
- to import custom certificates, otherwise the default java keystore will be used.
-
- The updated truststore file will be placed in /updatedTruststore and can be mounted per component
- to a specific path by defining Values.certInitializer.truststoreMountpath (see _trustStoreVolumeMount)
- The truststore file will be available to mount even if no custom certificates were imported.
-*/}}
-{{- define "common.certInitializer._initImportCustomCertsContainer" -}}
-{{- $dot := default . .dot -}}
-{{- $initRoot := default $dot.Values.certInitializer .initRoot -}}
-{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
-- name: {{ include "common.name" $dot }}-import-custom-certs
- image: {{ include "repositoryGenerator.image.jre" $subchartDot }}
- imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
- securityContext:
- runAsUser: 0
- command:
- - /bin/sh
- - -c
- - /root/import-custom-certs.sh
- env:
- - name: AAF_ENABLED
- value: "{{ $subchartDot.Values.global.aafEnabled }}"
- - name: TRUSTSTORE_OUTPUT_FILENAME
- value: "{{ $initRoot.truststoreOutputFileName }}"
- - name: TRUSTSTORE_PASSWORD
- {{- include "common.secret.envFromSecretFast" (dict "global" $subchartDot "uid" "truststore-creds" "key" "password") | indent 6 }}
- volumeMounts:
- - mountPath: /certs
- name: aaf-agent-certs
- - mountPath: /more_certs
- name: provided-custom-certs
- - mountPath: /root/import-custom-certs.sh
- name: aaf-agent-certs
- subPath: import-custom-certs.sh
- - mountPath: /updatedTruststore
- name: updated-truststore
-{{- end -}}
-
-{{- define "common.certInitializer._volumeMount" -}}
-{{- $dot := default . .dot -}}
-{{- $initRoot := default $dot.Values.certInitializer .initRoot -}}
-- mountPath: {{ $initRoot.appMountPath }}
- name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }}
-{{- end -}}
-
-{{/*
- This is used together with _initImportCustomCertsContainer
- It mounts the updated truststore (with imported custom certificates) to the
- truststoreMountpath defined in the values file for the component.
-*/}}
-{{- define "common.certInitializer._trustStoreVolumeMount" -}}
-{{- $dot := default . .dot -}}
-{{- $initRoot := default $dot.Values.certInitializer .initRoot -}}
-{{- if gt (len $initRoot.truststoreMountpath) 0 }}
-- mountPath: {{ $initRoot.truststoreMountpath }}/{{ $initRoot.truststoreOutputFileName }}
- name: updated-truststore
- subPath: {{ $initRoot.truststoreOutputFileName }}
-- mountPath: /etc/ssl/certs/ca-certificates.crt
- name: updated-truststore
- subPath: ca-certificates.crt
-{{- end -}}
-{{- end -}}
-
-{{- define "common.certInitializer._volumes" -}}
-{{- $dot := default . .dot -}}
-{{- $initRoot := default $dot.Values.certInitializer .initRoot -}}
-{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot))}}
-- name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }}
- emptyDir:
- medium: Memory
-- name: aaf-agent-certs
- configMap:
- name: {{ tpl $subchartDot.Values.certsCMName $subchartDot }}
- defaultMode: 0700
-{{- if $dot.Values.global.importCustomCertsEnabled }}
-- name: provided-custom-certs
-{{- if $dot.Values.global.customCertsSecret }}
- secret:
- secretName: {{ $dot.Values.global.customCertsSecret }}
-{{- else }}
-{{- if $dot.Values.global.customCertsConfigMap }}
- configMap:
- name: {{ $dot.Values.global.customCertsConfigMap }}
-{{- else }}
- emptyDir:
- medium: Memory
-{{- end }}
-{{- end }}
-{{- end }}
-- name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
- configMap:
- name: {{ include "common.fullname" $subchartDot }}-add-config
- defaultMode: 0700
-{{- if $dot.Values.global.importCustomCertsEnabled }}
-- name: updated-truststore
- emptyDir: {}
-{{- end -}}
-{{- end -}}
-
-{{- define "common.certInitializer.initContainer" -}}
-{{- $dot := default . .dot -}}
- {{- if $dot.Values.global.importCustomCertsEnabled }}
- {{ include "common.certInitializer._initImportCustomCertsContainer" . }}
- {{- end -}}
- {{- if $dot.Values.global.aafEnabled }}
- {{ include "common.certInitializer._initContainer" . }}
- {{- end -}}
-{{- end -}}
-
-{{- define "common.certInitializer.volumeMount" -}}
-{{- $dot := default . .dot -}}
- {{- if $dot.Values.global.aafEnabled }}
- {{- include "common.certInitializer._volumeMount" . }}
- {{- end -}}
- {{- if $dot.Values.global.importCustomCertsEnabled }}
- {{- include "common.certInitializer._trustStoreVolumeMount" . }}
- {{- end -}}
-{{- end -}}
-
-{{- define "common.certInitializer.volumes" -}}
-{{- $dot := default . .dot -}}
- {{- if or ($dot.Values.global.aafEnabled ) ($dot.Values.global.importCustomCertsEnabled) }}
- {{- include "common.certInitializer._volumes" . }}
- {{- end -}}
-{{- end -}}
diff --git a/kubernetes/common/certInitializer/templates/configmap.yaml b/kubernetes/common/certInitializer/templates/configmap.yaml
deleted file mode 100644
index abd1575774..0000000000
--- a/kubernetes/common/certInitializer/templates/configmap.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-# Copyright © 2020 Samsung Electronics
-# Copyright © 2021 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-{{- $suffix := "add-config" }}
-metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )| nindent 2 }}
-data:
-{{ tpl (.Files.Glob "resources/retrieval/retrieval_check.sh").AsConfig . | indent 2 }}
-{{- if hasKey .Values "ingressTlsSecret" }}
-{{ tpl (.Files.Glob "resources/retrieval/tls_certs_configure.sh").AsConfig . | indent 2 }}
-{{- end }}
-{{ if .Values.aaf_add_config }}
- aaf-add-config.sh: |
- {{ tpl .Values.aaf_add_config . | indent 4 | trim }}
-{{- end }}
-{{- if hasKey .Values "ingressTlsSecret" }}
----
-apiVersion: v1
-kind: ConfigMap
-{{- $suffix := "ingress" }}
-metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )| nindent 2 }}
-data:
-{{ tpl (.Files.Glob "resources/ingress/onboard.sh").AsConfig . | indent 2 }}
-{{- end }}
diff --git a/kubernetes/common/certInitializer/templates/job.yaml b/kubernetes/common/certInitializer/templates/job.yaml
deleted file mode 100644
index 3120455300..0000000000
--- a/kubernetes/common/certInitializer/templates/job.yaml
+++ /dev/null
@@ -1,49 +0,0 @@
-{{/*
-# Copyright © 2021 Orange
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if hasKey .Values "ingressTlsSecret" }}
-apiVersion: batch/v1
-kind: Job
-{{- $suffix := "set-tls-secret" }}
-metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . )| nindent 2 }}
-spec:
- backoffLimit: 20
- template:
- metadata: {{- include "common.templateMetadata" . | nindent 6 }}
- spec:
- initContainers: {{ include "common.certInitializer.initContainer" (dict "dot" . "initRoot" .Values) | nindent 6 }}
- imagePullSecrets:
- - name: "{{ include "common.namespace" . }}-docker-registry-key"
- containers:
- - name: create-tls-secret
- command:
- - /ingress/onboard.sh
- image: {{ include "repositoryGenerator.image.kubectl" . }}
- imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
- volumeMounts: {{ include "common.certInitializer.volumeMount" (dict "dot" . "initRoot" .Values) | nindent 8 }}
- - name: ingress-scripts
- mountPath: /ingress
- serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}}
- volumes: {{ include "common.certInitializer.volumes" (dict "dot" . "initRoot" .Values) | nindent 6 }}
- - name: localtime
- hostPath:
- path: /etc/localtime
- - name: ingress-scripts
- configMap:
- name: {{ include "common.fullname" . }}-ingress
- defaultMode: 0777
- restartPolicy: Never
-{{- end}}
diff --git a/kubernetes/common/certInitializer/templates/secret.yaml b/kubernetes/common/certInitializer/templates/secret.yaml
deleted file mode 100644
index 34932b713d..0000000000
--- a/kubernetes/common/certInitializer/templates/secret.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-{{/*
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/common/certInitializer/values.yaml b/kubernetes/common/certInitializer/values.yaml
deleted file mode 100644
index 0fde2cf532..0000000000
--- a/kubernetes/common/certInitializer/values.yaml
+++ /dev/null
@@ -1,78 +0,0 @@
-# Copyright © 2020 Bell Canada, Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-global:
- aafAgentImage: onap/aaf/aaf_agent:2.1.20
- aafEnabled: true
- # Give the name of a config map where certInitializer will onboard all certs
- # given (certs must be in pem format)
- customCertsConfigMap:
- # Give the name of a secret where certInitializer will onboard all certs given
- # (certs must be in pem format)
- # this one superseedes previous one (so if both are given, only certs from
- # secret will be onboarded).
- customCertsSecret:
-
-
-pullPolicy: Always
-
-secrets:
- - uid: deployer-creds
- type: basicAuth
- externalSecret: '{{ ternary (tpl (default "" .Values.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}'
- login: '{{ .Values.aafDeployFqi }}'
- password: '{{ .Values.aafDeployPass }}'
- passwordPolicy: required
- - uid: truststore-creds
- type: password
- externalSecret: '{{ tpl (default "" .Values.truststoreCredsExternalSecret) . }}'
- password: '{{ .Values.truststorePassword }}'
- passwordPolicy: required
-
-readinessCheck:
- wait_for:
- - aaf-locate
- - aaf-cm
- - aaf-service
-
-fqdn: ""
-app_ns: "org.osaaf.aaf"
-fqi: ""
-fqi_namespace: ""
-public_fqdn: "aaf.osaaf.org"
-aafDeployFqi: "deployer@people.osaaf.org"
-aafDeployPass: demo123456!
-cadi_latitude: "38.0"
-cadi_longitude: "-72.0"
-aaf_add_config: ""
-mountPath: "/opt/app/osaaf"
-appMountPath: "/opt/app/osaaf"
-importCustomCertsEnabled: false
-truststoreMountpath: ""
-truststoreOutputFileName: truststore.jks
-truststorePassword: changeit
-envVarToCheck: cadi_keystore_password_p12
-# ingressTlsSecret:
-
-# This introduces implicit dependency on cert-wrapper
-# if you are using cert initializer cert-wrapper has to be also deployed.
-# We had to move this CM to a separate chart to reduce the total size of our charts
-# as it exceeds the default helm limits.
-certsCMName: '{{ include "common.release" . }}-cert-wrapper-certs'
-
-#Pods Service Account
-serviceAccount:
- nameOverride: certinitializer
- roles:
- - read \ No newline at end of file