diff options
Diffstat (limited to 'kubernetes/contrib/components/ejbca')
9 files changed, 0 insertions, 2121 deletions
diff --git a/kubernetes/contrib/components/ejbca/Chart.yaml b/kubernetes/contrib/components/ejbca/Chart.yaml deleted file mode 100644 index 5c7ec253ed..0000000000 --- a/kubernetes/contrib/components/ejbca/Chart.yaml +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright © 2020 Nokia -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v2 -description: ONAP EJBCA test server -name: ejbca -version: 12.0.0 - -dependencies: - - name: common - version: ~12.x-0 - repository: '@local' - - name: mariadb-galera - version: ~12.x-0 - repository: '@local' - condition: global.mariadbGalera.localCluster - - name: mariadb-init - version: ~12.x-0 - repository: '@local' - condition: global.mariadbGalera.globalCluster - - name: repositoryGenerator - version: ~12.x-0 - repository: '@local' - - name: cmpv2Config - version: ~12.x-0 - repository: '@local' - - name: serviceAccount - version: ~12.x-0 - repository: '@local'
\ No newline at end of file diff --git a/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml b/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml deleted file mode 100644 index e163aed82a..0000000000 --- a/kubernetes/contrib/components/ejbca/resources/certprofile_CUSTOM_ENDUSER-1834889499.xml +++ /dev/null @@ -1,595 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<java version="1.8.0_242" class="java.beans.XMLDecoder"> - <object class="java.util.LinkedHashMap"> - <void method="put"> - <string>version</string> - <float>46.0</float> - </void> - <void method="put"> - <string>type</string> - <int>1</int> - </void> - <void method="put"> - <string>certversion</string> - <string>X509v3</string> - </void> - <void method="put"> - <string>encodedvalidity</string> - <string>2y</string> - </void> - <void method="put"> - <string>usecertificatevalidityoffset</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>certificatevalidityoffset</string> - <string>-10m</string> - </void> - <void method="put"> - <string>useexpirationrestrictionforweekdays</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>expirationrestrictionforweekdaysbefore</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>expirationrestrictionweekdays</string> - <object class="java.util.ArrayList"> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>true</boolean> - </void> - </object> - </void> - <void method="put"> - <string>allowvalidityoverride</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>allowextensionoverride</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>allowdnoverride</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>allowdnoverridebyeei</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>allowbackdatedrevokation</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecertificatestorage</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>storecertificatedata</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>storesubjectaltname</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>usebasicconstrants</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>basicconstraintscritical</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>usesubjectkeyidentifier</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>subjectkeyidentifiercritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useauthoritykeyidentifier</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>authoritykeyidentifiercritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usesubjectalternativename</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>subjectalternativenamecritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useissueralternativename</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>issueralternativenamecritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecrldistributionpoint</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usedefaultcrldistributionpoint</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>crldistributionpointcritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>crldistributionpointuri</string> - <string></string> - </void> - <void method="put"> - <string>usefreshestcrl</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecadefinedfreshestcrl</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>freshestcrluri</string> - <string></string> - </void> - <void method="put"> - <string>crlissuer</string> - <string></string> - </void> - <void method="put"> - <string>usecertificatepolicies</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>certificatepoliciescritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>certificatepolicies</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>availablekeyalgorithms</string> - <object class="java.util.ArrayList"> - <void method="add"> - <string>DSA</string> - </void> - <void method="add"> - <string>ECDSA</string> - </void> - <void method="add"> - <string>RSA</string> - </void> - </object> - </void> - <void method="put"> - <string>availableeccurves</string> - <object class="java.util.ArrayList"> - <void method="add"> - <string>ANY_EC_CURVE</string> - </void> - </object> - </void> - <void method="put"> - <string>availablebitlengths</string> - <object class="java.util.ArrayList"> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>192</int> - </void> - <void method="add"> - <int>224</int> - </void> - <void method="add"> - <int>239</int> - </void> - <void method="add"> - <int>256</int> - </void> - <void method="add"> - <int>384</int> - </void> - <void method="add"> - <int>512</int> - </void> - <void method="add"> - <int>521</int> - </void> - <void method="add"> - <int>1024</int> - </void> - <void method="add"> - <int>1536</int> - </void> - <void method="add"> - <int>2048</int> - </void> - <void method="add"> - <int>3072</int> - </void> - <void method="add"> - <int>4096</int> - </void> - <void method="add"> - <int>6144</int> - </void> - <void method="add"> - <int>8192</int> - </void> - </object> - </void> - <void method="put"> - <string>minimumavailablebitlength</string> - <int>0</int> - </void> - <void method="put"> - <string>maximumavailablebitlength</string> - <int>8192</int> - </void> - <void method="put"> - <string>signaturealgorithm</string> - <null/> - </void> - <void method="put"> - <string>usekeyusage</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>keyusage</string> - <object class="java.util.ArrayList"> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>true</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - <void method="add"> - <boolean>false</boolean> - </void> - </object> - </void> - <void method="put"> - <string>allowkeyusageoverride</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>keyusagecritical</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>useextendedkeyusage</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>extendedkeyusage</string> - <object class="java.util.ArrayList"> - <void method="add"> - <string>1.3.6.1.5.5.7.3.2</string> - </void> - <void method="add"> - <string>1.3.6.1.5.5.7.3.4</string> - </void> - <void method="add"> - <string>1.3.6.1.5.5.7.3.1</string> - </void> - </object> - </void> - <void method="put"> - <string>extendedkeyusagecritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usedocumenttypelist</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>documenttypelistcritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>documenttypelist</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>availablecas</string> - <object class="java.util.ArrayList"> - <void method="add"> - <int>-1</int> - </void> - </object> - </void> - <void method="put"> - <string>usedpublishers</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>useocspnocheck</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useldapdnorder</string> - <boolean>true</boolean> - </void> - <void method="put"> - <string>usecustomdnorder</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usemicrosofttemplate</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>microsofttemplate</string> - <string></string> - </void> - <void method="put"> - <string>usecardnumber</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecnpostfix</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>cnpostfix</string> - <string></string> - </void> - <void method="put"> - <string>usesubjectdnsubset</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>subjectdnsubset</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>usesubjectaltnamesubset</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>subjectaltnamesubset</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>usepathlengthconstraint</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>pathlengthconstraint</string> - <int>0</int> - </void> - <void method="put"> - <string>useqcstatement</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usepkixqcsyntaxv2</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useqcstatementcritical</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useqcstatementraname</string> - <string></string> - </void> - <void method="put"> - <string>useqcsematicsid</string> - <string></string> - </void> - <void method="put"> - <string>useqcetsiqccompliance</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useqcetsisignaturedevice</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useqcetsivaluelimit</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>qcetsivaluelimit</string> - <int>0</int> - </void> - <void method="put"> - <string>qcetsivaluelimitexp</string> - <int>0</int> - </void> - <void method="put"> - <string>qcetsivaluelimitcurrency</string> - <string></string> - </void> - <void method="put"> - <string>useqcetsiretentionperiod</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>qcetsiretentionperiod</string> - <int>0</int> - </void> - <void method="put"> - <string>useqccustomstring</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>qccustomstringoid</string> - <string></string> - </void> - <void method="put"> - <string>qccustomstringtext</string> - <string></string> - </void> - <void method="put"> - <string>qcetsipds</string> - <null/> - </void> - <void method="put"> - <string>qcetsitype</string> - <null/> - </void> - <void method="put"> - <string>usecertificatetransparencyincerts</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecertificatetransparencyinocsp</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecertificatetransparencyinpublisher</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usesubjectdirattributes</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usenameconstraints</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useauthorityinformationaccess</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>caissuers</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>usedefaultcaissuer</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usedefaultocspservicelocator</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>ocspservicelocatoruri</string> - <string></string> - </void> - <void method="put"> - <string>cvcaccessrights</string> - <int>3</int> - </void> - <void method="put"> - <string>usedcertificateextensions</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <string>approvals</string> - <object class="java.util.LinkedHashMap"> - <void method="put"> - <object class="java.lang.Enum" method="valueOf"> - <class>org.cesecore.certificates.ca.ApprovalRequestType</class> - <string>REVOCATION</string> - </object> - <int>-1</int> - </void> - <void method="put"> - <object class="java.lang.Enum" method="valueOf"> - <class>org.cesecore.certificates.ca.ApprovalRequestType</class> - <string>KEYRECOVER</string> - </object> - <int>-1</int> - </void> - <void method="put"> - <object class="java.lang.Enum" method="valueOf"> - <class>org.cesecore.certificates.ca.ApprovalRequestType</class> - <string>ADDEDITENDENTITY</string> - </object> - <int>-1</int> - </void> - </object> - </void> - <void method="put"> - <string>useprivkeyusageperiodnotbefore</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useprivkeyusageperiod</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>useprivkeyusageperiodnotafter</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>privkeyusageperiodstartoffset</string> - <long>0</long> - </void> - <void method="put"> - <string>privkeyusageperiodlength</string> - <long>63072000</long> - </void> - <void method="put"> - <string>usesingleactivecertificateconstraint</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>overridableextensionoids</string> - <object class="java.util.LinkedHashSet"/> - </void> - <void method="put"> - <string>nonoverridableextensionoids</string> - <object class="java.util.LinkedHashSet"/> - </void> - <void method="put"> - <string>allowcertsnoverride</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>usecustomdnorderldap</string> - <boolean>false</boolean> - </void> - </object> -</java> diff --git a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh b/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh deleted file mode 100755 index a538238151..0000000000 --- a/kubernetes/contrib/components/ejbca/resources/ejbca-config.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/sh - -waitForEjbcaToStart() { - until $(curl -kI https://localhost:8443/ejbca/publicweb/healthcheck/ejbcahealth --output /dev/null --silent --head --fail) - do - sleep 5 - done -} - -configureEjbca() { - ejbca.sh ca init \ - --caname ManagementCA \ - --dn "O=EJBCA Container Quickstart,CN=ManagementCA,UID=12345" \ - --tokenType soft \ - --keyspec 3072 \ - --keytype RSA \ - -v 3652 \ - --policy null \ - -s SHA256WithRSA \ - -type "x509" - ejbca.sh config cmp addalias --alias cmpRA - ejbca.sh config cmp updatealias --alias cmpRA --key operationmode --value ra - ejbca.sh ca editca --caname ManagementCA --field cmpRaAuthSecret --value ${RA_IAK} - ejbca.sh config cmp updatealias --alias cmpRA --key responseprotection --value signature - ejbca.sh config cmp updatealias --alias cmpRA --key authenticationmodule --value 'HMAC;EndEntityCertificate' - ejbca.sh config cmp updatealias --alias cmpRA --key authenticationparameters --value '-;ManagementCA' - ejbca.sh config cmp updatealias --alias cmpRA --key allowautomatickeyupdate --value true - #Custom EJBCA cert profile and endentity are imported to allow issuing certificates with correct extended usage (containing serverAuth) - ejbca.sh ca importprofiles -d /opt/primekey/custom_profiles - #Profile name taken from certprofile filename (certprofile_<profile-name>-<id>.xml) - ejbca.sh config cmp updatealias --alias cmpRA --key ra.certificateprofile --value CUSTOM_ENDUSER - #ID taken from entityprofile filename (entityprofile_<profile-name>-<id>.xml) - ejbca.sh config cmp updatealias --alias cmpRA --key ra.endentityprofileid --value 1356531849 - caSubject=$(ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout | grep 'Subject' | sed -e "s/^Subject: //" | sed -n '1p') - ejbca.sh config cmp updatealias --alias cmpRA --key defaultca --value "$caSubject" - ejbca.sh config cmp dumpalias --alias cmpRA - ejbca.sh config cmp addalias --alias cmp - ejbca.sh config cmp updatealias --alias cmp --key allowautomatickeyupdate --value true - ejbca.sh config cmp updatealias --alias cmp --key responseprotection --value pbe - ejbca.sh ra addendentity --username Node123 --dn "CN=Node123" --caname ManagementCA --password ${CLIENT_IAK} --type 1 --token USERGENERATED - ejbca.sh ra setclearpwd --username Node123 --password ${CLIENT_IAK} - ejbca.sh config cmp updatealias --alias cmp --key extractusernamecomponent --value CN - ejbca.sh config cmp dumpalias --alias cmp - ejbca.sh ca getcacert --caname ManagementCA -f /dev/stdout > cacert.pem - #Add "Certificate Update Admin" role to allow performing KUR/CR for certs within specific organization (e.g. Linux-Foundation) - ejbca.sh roles addrole "Certificate Update Admin" - ejbca.sh roles changerule "Certificate Update Admin" /ca/ManagementCA/ ACCEPT - ejbca.sh roles changerule "Certificate Update Admin" /ca_functionality/create_certificate/ ACCEPT - ejbca.sh roles changerule "Certificate Update Admin" /endentityprofilesrules/Custom_EndEntity/ ACCEPT - ejbca.sh roles changerule "Certificate Update Admin" /ra_functionality/edit_end_entity/ ACCEPT - ejbca.sh roles addrolemember "Certificate Update Admin" ManagementCA WITH_ORGANIZATION --value "{{ .Values.cmpv2Config.global.certificate.default.subject.organization }}" - # workarround to exit successfully, as a reexecution of "addrolemember" returns an error - exit 0 -} - - -waitForEjbcaToStart -configureEjbca diff --git a/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml b/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml deleted file mode 100644 index ec51a80d5e..0000000000 --- a/kubernetes/contrib/components/ejbca/resources/entityprofile_Custom_EndEntity-1356531849.xml +++ /dev/null @@ -1,1107 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<java version="1.8.0_242" class="java.beans.XMLDecoder"> - <object class="java.util.LinkedHashMap"> - <void method="put"> - <string>version</string> - <float>14.0</float> - </void> - <void method="put"> - <string>NUMBERARRAY</string> - <object class="java.util.ArrayList"> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>3</int> - </void> - <void method="add"> - <int>3</int> - </void> - <void method="add"> - <int>3</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>3</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>1</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - <void method="add"> - <int>0</int> - </void> - </object> - </void> - <void method="put"> - <string>SUBJECTDNFIELDORDER</string> - <object class="java.util.ArrayList"> - <void method="add"> - <int>500</int> - </void> - <void method="add"> - <int>1100</int> - </void> - <void method="add"> - <int>1200</int> - </void> - <void method="add"> - <int>1300</int> - </void> - <void method="add"> - <int>1400</int> - </void> - <void method="add"> - <int>1600</int> - </void> - </object> - </void> - <void method="put"> - <string>SUBJECTALTNAMEFIELDORDER</string> - <object class="java.util.ArrayList"> - <void method="add"> - <int>1800</int> - </void> - <void method="add"> - <int>1801</int> - </void> - <void method="add"> - <int>1802</int> - </void> - <void method="add"> - <int>1700</int> - </void> - <void method="add"> - <int>1701</int> - </void> - <void method="add"> - <int>1702</int> - </void> - <void method="add"> - <int>1900</int> - </void> - <void method="add"> - <int>1901</int> - </void> - <void method="add"> - <int>1902</int> - </void> - <void method="add"> - <int>2100</int> - </void> - <void method="add"> - <int>2101</int> - </void> - <void method="add"> - <int>2102</int> - </void> - </object> - </void> - <void method="put"> - <string>SUBJECTDIRATTRFIELDORDER</string> - <object class="java.util.ArrayList"/> - </void> - <void method="put"> - <int>0</int> - <string></string> - </void> - <void method="put"> - <int>20000</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10000</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30000</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>1</int> - <string></string> - </void> - <void method="put"> - <int>20001</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10001</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30001</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>95</int> - <string></string> - </void> - <void method="put"> - <int>20095</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10095</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30095</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>96</int> - <string></string> - </void> - <void method="put"> - <int>20096</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10096</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30096</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>5</int> - <string></string> - </void> - <void method="put"> - <int>20005</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10005</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30005</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>26</int> - <string></string> - </void> - <void method="put"> - <int>20026</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10026</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30026</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>29</int> - <string>1834889499</string> - </void> - <void method="put"> - <int>20029</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10029</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30029</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30</int> - <string>1834889499</string> - </void> - <void method="put"> - <int>20030</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10030</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30030</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>31</int> - <string>1</string> - </void> - <void method="put"> - <int>20031</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10031</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30031</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>32</int> - <string>1;2;3;4</string> - </void> - <void method="put"> - <int>20032</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10032</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30032</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>33</int> - <string></string> - </void> - <void method="put"> - <int>20033</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10033</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30033</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>34</int> - <string></string> - </void> - <void method="put"> - <int>20034</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10034</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30034</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>38</int> - <string>1</string> - </void> - <void method="put"> - <int>20038</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10038</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30038</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>37</int> - <string>-29939301</string> - </void> - <void method="put"> - <int>20037</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10037</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30037</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>98</int> - <string></string> - </void> - <void method="put"> - <int>20098</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10098</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30098</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>99</int> - <string></string> - </void> - <void method="put"> - <int>20099</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10099</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30099</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>97</int> - <string></string> - </void> - <void method="put"> - <int>20097</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10097</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30097</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>91</int> - <string>false</string> - </void> - <void method="put"> - <int>20091</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10091</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30091</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>94</int> - <string>-1</string> - </void> - <void method="put"> - <int>20094</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10094</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30094</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>93</int> - <string>-1</string> - </void> - <void method="put"> - <int>20093</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10093</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30093</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>89</int> - <string></string> - </void> - <void method="put"> - <int>20089</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10089</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30089</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>88</int> - <string></string> - </void> - <void method="put"> - <int>20088</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10088</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30088</int> - <boolean>true</boolean> - </void> - <void method="put"> - <string>ALLOW_MERGEDN_WEBSERVICES</string> - <boolean>false</boolean> - </void> - <void method="put"> - <int>2</int> - <string></string> - </void> - <void method="put"> - <int>20002</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10002</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10090</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>90</int> - <string>0</string> - </void> - <void method="put"> - <string>REVERSEFFIELDCHECKS</string> - <boolean>false</boolean> - </void> - <void method="put"> - <int>28</int> - <string>false</string> - </void> - <void method="put"> - <int>20028</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10028</int> - <boolean>false</boolean> - </void> - <void method="put"> - <string>REUSECERTIFICATE</string> - <boolean>false</boolean> - </void> - <void method="put"> - <int>35</int> - <string>false</string> - </void> - <void method="put"> - <int>20035</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10035</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10092</int> - <boolean>false</boolean> - </void> - <void method="put"> - <string>USEEXTENSIONDATA</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>PRINTINGUSE</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>PRINTINGDEFAULT</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>PRINTINGREQUIRED</string> - <boolean>false</boolean> - </void> - <void method="put"> - <string>PRINTINGCOPIES</string> - <int>1</int> - </void> - <void method="put"> - <string>PRINTINGPRINTERNAME</string> - <string></string> - </void> - <void method="put"> - <string>PRINTINGSVGDATA</string> - <string></string> - </void> - <void method="put"> - <string>PRINTINGSVGFILENAME</string> - <string></string> - </void> - <void method="put"> - <int>11</int> - <string></string> - </void> - <void method="put"> - <int>20011</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10011</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30011</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>12</int> - <string></string> - </void> - <void method="put"> - <int>20012</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10012</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30012</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>13</int> - <string></string> - </void> - <void method="put"> - <int>20013</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10013</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30013</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>14</int> - <string></string> - </void> - <void method="put"> - <int>20014</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10014</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30014</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>16</int> - <string></string> - </void> - <void method="put"> - <int>20016</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>10016</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30016</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>18</int> - <string></string> - </void> - <void method="put"> - <int>20018</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10018</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30018</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>118</int> - <string></string> - </void> - <void method="put"> - <int>20118</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10118</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30118</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>218</int> - <string></string> - </void> - <void method="put"> - <int>20218</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10218</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30218</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>17</int> - <string></string> - </void> - <void method="put"> - <int>20017</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10017</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30017</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>117</int> - <string></string> - </void> - <void method="put"> - <int>20117</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10117</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30117</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>217</int> - <string></string> - </void> - <void method="put"> - <int>20217</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10217</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>30217</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>19</int> - <string></string> - </void> - <void method="put"> - <int>20019</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10019</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30019</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>119</int> - <string></string> - </void> - <void method="put"> - <int>20119</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10119</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30119</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>219</int> - <string></string> - </void> - <void method="put"> - <int>20219</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10219</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30219</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>21</int> - <string></string> - </void> - <void method="put"> - <int>20021</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10021</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30021</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>121</int> - <string></string> - </void> - <void method="put"> - <int>20121</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10121</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30121</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>221</int> - <string></string> - </void> - <void method="put"> - <int>20221</int> - <boolean>false</boolean> - </void> - <void method="put"> - <int>10221</int> - <boolean>true</boolean> - </void> - <void method="put"> - <int>30221</int> - <boolean>true</boolean> - </void> - </object> -</java> diff --git a/kubernetes/contrib/components/ejbca/templates/configmap.yaml b/kubernetes/contrib/components/ejbca/templates/configmap.yaml deleted file mode 100644 index 093657dfe0..0000000000 --- a/kubernetes/contrib/components/ejbca/templates/configmap.yaml +++ /dev/null @@ -1,30 +0,0 @@ -{{/* -# Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: v1 -kind: ConfigMap -metadata: - name: "{{ include "common.fullname" . }}-config-script" -data: -{{ tpl (.Files.Glob "resources/ejbca-config.sh").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: "{{ include "common.fullname" . }}-profiles" -data: -{{ tpl (.Files.Glob "resources/certprofile_CUSTOM_ENDUSER-1834889499.xml").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/entityprofile_Custom_EndEntity-1356531849.xml").AsConfig . | indent 2 }} diff --git a/kubernetes/contrib/components/ejbca/templates/deployment.yaml b/kubernetes/contrib/components/ejbca/templates/deployment.yaml deleted file mode 100644 index a36dcacb23..0000000000 --- a/kubernetes/contrib/components/ejbca/templates/deployment.yaml +++ /dev/null @@ -1,120 +0,0 @@ -{{/* -# Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: {{- include "common.resourceMetadata" . | nindent 2 }} -spec: - replicas: {{ .Values.replicaCount }} - selector: {{- include "common.selectors" . | nindent 4 }} - template: - metadata: {{- include "common.templateMetadata" . | nindent 6 }} - {{- if (include "common.onServiceMesh" . ) }} - annotations: - {{- if eq ( .Values.global.serviceMesh.engine ) "linkerd" }} - linkerd.io/inject: disabled - {{- end }} - {{- if eq ( .Values.global.serviceMesh.engine ) "istio" }} - sidecar.istio.io/rewriteAppHTTPProbers: "false" - proxy.istio.io/config: '{ "holdApplicationUntilProxyStarts": true }' - {{- end }} - {{- end }} - spec: - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" - initContainers: - - name: {{ include "common.name" . }}-db-readiness - command: - - /app/ready.py - args: - - --container-name - {{- if .Values.global.mariadbGalera.localCluster }} - - ejbca-galera - {{- else }} - - ejbca-config - {{- end }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - containers: - - name: {{ include "common.name" . }}-ejbca - image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.ejbca.image }} - imagePullPolicy: {{ .Values.pullPolicy }} - lifecycle: - postStart: - exec: - command: - - sh - - -c - - | - sleep 60; /opt/primekey/scripts/ejbca-config.sh - volumeMounts: - - name: "{{ include "common.fullname" . }}-volume" - mountPath: /opt/primekey/scripts/ - - name: "{{ include "common.fullname" . }}-profiles-volume" - mountPath: /opt/primekey/custom_profiles/ - ports: {{ include "common.containerPorts" . | nindent 10 }} - env: - - name: INITIAL_ADMIN - value: ";PublicAccessAuthenticationToken:TRANSPORT_ANY;" - - name: NO_CREATE_CA - value: "true" - - name: DATABASE_JDBC_URL - value: jdbc:mariadb://{{ include "common.mariadbService" . }}:{{ include "common.mariadbPort" . }}/{{ .Values.mysqlDatabase }} - - name: DATABASE_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-db-secret" "key" "login") | indent 10 }} - - name: DATABASE_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-db-secret" "key" "password") | indent 10 }} - - name: RA_IAK - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-ra-iak" "key" "password") | indent 10 }} - - name: CLIENT_IAK - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "ejbca-server-client-iak" "key" "password") | indent 10 }} - livenessProbe: - httpGet: - port: {{ .Values.liveness.port }} - path: {{ .Values.liveness.path }} - scheme: HTTPS - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - readinessProbe: - httpGet: - port: {{ .Values.readiness.port }} - path: {{ .Values.readiness.path }} - scheme: HTTPS - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - {{- if .Values.nodeSelector }} - nodeSelector: {{ toYaml .Values.nodeSelector | nindent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: {{ toYaml .Values.affinity | nindent 10 }} - {{- end }} - resources: {{ include "common.resources" . | nindent 10 }} - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: - - configMap: - name: "{{ include "common.fullname" . }}-config-script" - defaultMode: 0755 - name: "{{ include "common.fullname" . }}-volume" - - configMap: - name: "{{ include "common.fullname" . }}-profiles" - defaultMode: 0755 - name: "{{ include "common.fullname" . }}-profiles-volume" diff --git a/kubernetes/contrib/components/ejbca/templates/secret.yaml b/kubernetes/contrib/components/ejbca/templates/secret.yaml deleted file mode 100644 index 837da0959b..0000000000 --- a/kubernetes/contrib/components/ejbca/templates/secret.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/contrib/components/ejbca/templates/service.yaml b/kubernetes/contrib/components/ejbca/templates/service.yaml deleted file mode 100644 index 46eed4264c..0000000000 --- a/kubernetes/contrib/components/ejbca/templates/service.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020, Nordix Foundation -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.service" . }} diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml deleted file mode 100644 index c223f41f79..0000000000 --- a/kubernetes/contrib/components/ejbca/values.yaml +++ /dev/null @@ -1,135 +0,0 @@ -# Copyright © 2020, Nordix Foundation, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -global: - mariadbGalera: &mariadbGalera - #This flag allows SO to instantiate its own mariadb-galera cluster - #When changing it to "true", also set "globalCluster: false" - #as the dependency check will not work otherwise (Chart.yaml) - localCluster: false - globalCluster: true - service: mariadb-galera - internalPort: 3306 - nameOverride: mariadb-galera - -secrets: - - uid: ejbca-db-secret - name: &ejbca-db-secret '{{ include "common.release" . }}-ejbca-db-secret' - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}' - login: '{{ .Values.config.db.userName }}' - password: '{{ .Values.config.db.userPassword }}' - - uid: ejbca-server-ra-iak - name: '{{ include "common.release" . }}-ejbca-ra-iak' - type: password - password: '{{ .Values.config.ejbca.raIak }}' - - uid: ejbca-server-client-iak - name: '{{ include "common.release" . }}-ejbca-client-iak' - type: password - password: '{{ .Values.config.ejbca.clientIak }}' - -# application configuration -config: - db: - userName: ejbca - # userPassword: password - # userCredentialsExternalSecret: some-secret - ejbca: {} - # raIak: mypassword - # clientIak: mypassword - -mysqlDatabase: &dbName ejbca - -################################################################# -# Application configuration defaults. -################################################################# -# application configuration -replicaCount: 1 - -ejbca: - image: primekey/ejbca-ce:7.4.3.2 -pullPolicy: Always - -mariadb-galera: - db: - externalSecret: *ejbca-db-secret - name: *dbName - nameOverride: &ejbca-galera ejbca-galera - service: - name: ejbca-galera - portName: ejbca-galera - internalPort: 3306 - replicaCount: 1 - persistence: - enabled: true - mountSubPath: ejbca/maria/data - serviceAccount: - nameOverride: *ejbca-galera - -mariadb-init: - config: - userCredentialsExternalSecret: *ejbca-db-secret - mysqlDatabase: *dbName - nameOverride: ejbca-config - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - path: /ejbca/publicweb/healthcheck/ejbcahealth - port: 8443 - initialDelaySeconds: 180 - periodSeconds: 30 - -readiness: - path: /ejbca/publicweb/healthcheck/ejbcahealth - port: 8443 - initialDelaySeconds: 180 - periodSeconds: 30 - -service: - type: ClusterIP - both_tls_and_plain: true - ports: - - name: api - port: 8443 - plain_port: 8080 - port_protocol: http - -# Resource Limit flavor -By Default using small -flavor: unlimited -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1500m - memory: 1536Mi - requests: - cpu: 10m - memory: 750Mi - large: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 20m - memory: 1Gi - unlimited: {} - -#Pods Service Account -serviceAccount: - nameOverride: ejbca - roles: - - read |