summaryrefslogtreecommitdiffstats
path: root/kubernetes/common
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/common')
-rw-r--r--kubernetes/common/Makefile6
-rw-r--r--kubernetes/common/cert-wrapper/Chart.yaml18
-rw-r--r--kubernetes/common/cert-wrapper/requirements.yaml18
-rwxr-xr-xkubernetes/common/cert-wrapper/resources/import-custom-certs.sh (renamed from kubernetes/common/certInitializer/resources/import-custom-certs.sh)0
-rw-r--r--kubernetes/common/cert-wrapper/resources/truststoreONAP.p12.b64 (renamed from kubernetes/common/certInitializer/resources/truststoreONAP.p12.b64)0
-rw-r--r--kubernetes/common/cert-wrapper/resources/truststoreONAPall.jks.b64 (renamed from kubernetes/common/certInitializer/resources/truststoreONAPall.jks.b64)0
-rw-r--r--kubernetes/common/cert-wrapper/templates/configmap.yaml22
-rw-r--r--kubernetes/common/cert-wrapper/values.yaml17
-rw-r--r--kubernetes/common/certInitializer/templates/_certInitializer.yaml2
-rw-r--r--kubernetes/common/certInitializer/templates/configmap.yaml7
-rw-r--r--kubernetes/common/certInitializer/values.yaml6
11 files changed, 86 insertions, 10 deletions
diff --git a/kubernetes/common/Makefile b/kubernetes/common/Makefile
index 58125f8506..817a2e24bc 100644
--- a/kubernetes/common/Makefile
+++ b/kubernetes/common/Makefile
@@ -20,12 +20,14 @@ SECRET_DIR := $(OUTPUT_DIR)/secrets
COMMON_CHARTS_DIR := common
EXCLUDES :=
+PROCESSED_LAST := cert-wrapper
+TO_FILTER := $(EXCLUDES) $(PROCESSED_LAST)
HELM_BIN := helm
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+HELM_CHARTS := $(filter-out $(TO_FILTER), $(sort $(patsubst %/.,%,$(wildcard */.)))) $(PROCESSED_LAST)
HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+.PHONY: $(HELM_CHARTS) $(TO_FILTER)
all: $(COMMON_CHARTS_DIR) $(HELM_CHARTS)
diff --git a/kubernetes/common/cert-wrapper/Chart.yaml b/kubernetes/common/cert-wrapper/Chart.yaml
new file mode 100644
index 0000000000..68d5400743
--- /dev/null
+++ b/kubernetes/common/cert-wrapper/Chart.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+description: Wrapper chart to allow truststore to be shared among cert-initializer instances
+name: cert-wrapper
+version: 6.0.0
diff --git a/kubernetes/common/cert-wrapper/requirements.yaml b/kubernetes/common/cert-wrapper/requirements.yaml
new file mode 100644
index 0000000000..b6a667e448
--- /dev/null
+++ b/kubernetes/common/cert-wrapper/requirements.yaml
@@ -0,0 +1,18 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+dependencies:
+ - name: certInitializer
+ version: ~6.x-0
+ repository: 'file://../certInitializer'
diff --git a/kubernetes/common/certInitializer/resources/import-custom-certs.sh b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
index dd311830e7..dd311830e7 100755
--- a/kubernetes/common/certInitializer/resources/import-custom-certs.sh
+++ b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
diff --git a/kubernetes/common/certInitializer/resources/truststoreONAP.p12.b64 b/kubernetes/common/cert-wrapper/resources/truststoreONAP.p12.b64
index 71b6782c58..71b6782c58 100644
--- a/kubernetes/common/certInitializer/resources/truststoreONAP.p12.b64
+++ b/kubernetes/common/cert-wrapper/resources/truststoreONAP.p12.b64
diff --git a/kubernetes/common/certInitializer/resources/truststoreONAPall.jks.b64 b/kubernetes/common/cert-wrapper/resources/truststoreONAPall.jks.b64
index 17b051268f..17b051268f 100644
--- a/kubernetes/common/certInitializer/resources/truststoreONAPall.jks.b64
+++ b/kubernetes/common/cert-wrapper/resources/truststoreONAPall.jks.b64
diff --git a/kubernetes/common/cert-wrapper/templates/configmap.yaml b/kubernetes/common/cert-wrapper/templates/configmap.yaml
new file mode 100644
index 0000000000..117a4ab718
--- /dev/null
+++ b/kubernetes/common/cert-wrapper/templates/configmap.yaml
@@ -0,0 +1,22 @@
+{{/*
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+{{- $suffix := "certs" }}
+metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . ) | nindent 2 }}
+data:
+{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/cert-wrapper/values.yaml b/kubernetes/common/cert-wrapper/values.yaml
new file mode 100644
index 0000000000..fcece0e3f5
--- /dev/null
+++ b/kubernetes/common/cert-wrapper/values.yaml
@@ -0,0 +1,17 @@
+# Copyright © 2020 Samsung Electronics
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+certInitializer:
+ nameOverride: cert-initializer
+ createCertsCM: true
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
index 6734e0be81..800364f1a2 100644
--- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml
+++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
@@ -172,7 +172,7 @@
medium: Memory
- name: aaf-agent-certs
configMap:
- name: {{ include "common.fullname" $subchartDot }}-certs
+ name: {{ tpl $subchartDot.Values.certsCMName $subchartDot }}
defaultMode: 0700
{{- if $initRoot.aaf_add_config }}
diff --git a/kubernetes/common/certInitializer/templates/configmap.yaml b/kubernetes/common/certInitializer/templates/configmap.yaml
index a89a33152b..7abbf9c7d8 100644
--- a/kubernetes/common/certInitializer/templates/configmap.yaml
+++ b/kubernetes/common/certInitializer/templates/configmap.yaml
@@ -23,10 +23,3 @@ data:
aaf-add-config.sh: |
{{ tpl .Values.aaf_add_config . | indent 4 }}
{{- end }}
----
-apiVersion: v1
-kind: ConfigMap
-{{- $suffix := "certs" }}
-metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . ) | nindent 2 }}
-data:
-{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/common/certInitializer/values.yaml b/kubernetes/common/certInitializer/values.yaml
index 642fe7799b..66251fa29a 100644
--- a/kubernetes/common/certInitializer/values.yaml
+++ b/kubernetes/common/certInitializer/values.yaml
@@ -56,3 +56,9 @@ importCustomCertsEnabled: false
truststoreMountpath: ""
truststoreOutputFileName: truststore.jks
truststorePassword: changeit
+
+# This introduces implicit dependency on cert-wrapper
+# if you are using cert initializer cert-wrapper has to be also deployed.
+# We had to move this CM to a separate chart to reduce the total size of our charts
+# as it exceeds the default helm limits.
+certsCMName: '{{ include "common.release" . }}-cert-wrapper-certs'