diff options
Diffstat (limited to 'kubernetes/platform/components/cmpv2-cert-provider')
5 files changed, 9 insertions, 80 deletions
diff --git a/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml b/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml index 0bc24afe86..e8418355d3 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/crds/cmpv2issuer.yaml @@ -56,7 +56,10 @@ spec: description: Path of health check endpoint. type: string certEndpoint: - description: Path of cerfificate signing enpoint. + description: Path of cerfificate signing endpoint. + type: string + updateEndpoint: + description: Path of certificate update endpoint. type: string caName: description: Name of the external CA server configured on CertService API side. diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml index ae4ae81f02..52e35375d3 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/configuration.yaml @@ -25,6 +25,7 @@ spec: url: {{ .Values.cmpv2issuer.url }} healthEndpoint: {{ .Values.cmpv2issuer.healthcheckEndpoint }} certEndpoint: {{ .Values.cmpv2issuer.certEndpoint }} + updateEndpoint: {{ .Values.cmpv2issuer.updateEndpoint }} caName: {{ .Values.cmpv2issuer.caName }} certSecretRef: name: {{ .Values.cmpv2issuer.certSecretRef.name }} diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml index c5f289f2d9..c49762202b 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/templates/deployment.yaml @@ -1,7 +1,7 @@ {{ if .Values.global.cmpv2Enabled }} # ============LICENSE_START======================================================= -# Copyright (c) 2020 Nokia +# Copyright (c) 2020-2021 Nokia # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -38,24 +38,6 @@ spec: initContainers: {{ include "common.readinessCheck.waitFor" . | indent 6 | trim }} containers: - - name: {{ .Values.deploymentProxy.name }} - image: {{ .Values.deploymentProxy.image }} - imagePullPolicy: {{ .Values.deploymentProxy.pullPolicy }} - args: - - --secure-listen-address=0.0.0.0:8443 - - --upstream=http://127.0.0.1:8080/ - - --logtostderr=true - - --v=10 - ports: - - containerPort: 8443 - name: https - resources: - limits: - cpu: {{ .Values.deploymentProxy.resources.limits.cpu }} - memory: {{ .Values.deploymentProxy.resources.limits.memory }} - requests: - cpu: {{ .Values.deploymentProxy.resources.requests.cpu }} - memory: {{ .Values.deploymentProxy.resources.requests.memory }} - name: provider image: {{ .Values.global.repository }}{{if .Values.global.repository }}/{{ end }}{{ .Values.deployment.image }} imagePullPolicy: {{ .Values.deployment.pullPolicy }} diff --git a/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml b/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml deleted file mode 100644 index bc689cc68f..0000000000 --- a/kubernetes/platform/components/cmpv2-cert-provider/templates/service.yaml +++ /dev/null @@ -1,38 +0,0 @@ -{{ if .Values.global.cmpv2Enabled }} - -# ============LICENSE_START======================================================= -# Copyright (c) 2020 Nokia -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -apiVersion: v1 -kind: Service -metadata: - annotations: - prometheus.io/port: "8443" - prometheus.io/scheme: https - prometheus.io/scrape: "true" - labels: - control-plane: controller-manager - name: {{ .Values.service.name }} - namespace: {{ include "common.namespace" . }} -spec: - type: {{ .Values.service.type }} - ports: - - name: {{ .Values.service.ports.name }} - port: {{ .Values.service.ports.port }} - targetPort: {{ .Values.service.ports.targetPort }} - selector: - control-plane: controller-manager -{{ end }} diff --git a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml index 55c4d0beac..2237811465 100644 --- a/kubernetes/platform/components/cmpv2-cert-provider/values.yaml +++ b/kubernetes/platform/components/cmpv2-cert-provider/values.yaml @@ -1,4 +1,4 @@ -# Copyright © 2020, Nokia +# Copyright © 2020-2021, Nokia # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -25,19 +25,10 @@ global: namespace: onap -# Service configuration -service: - name: oom-certservice-cmpv2issuer-metrics-service - type: ClusterIP - ports: - name: https - port: 8443 - targetPort: https - # Deployment configuration deployment: name: oom-certservice-cmpv2issuer - image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.3.2 + image: onap/org.onap.oom.platform.cert-service.oom-certservice-k8s-external-provider:2.4.0 proxyImage: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 # fol local development use IfNotPresent pullPolicy: Always @@ -49,17 +40,6 @@ deployment: requests: cpu: 100m memory: 64Mi -deploymentProxy: - name: kube-rbac-proxy - image: gcr.io/kubebuilder/kube-rbac-proxy:v0.4.0 - pullPolicy: IfNotPresent - resources: - limits: - cpu: 250m - memory: 128Mi - requests: - cpu: 50m - memory: 32Mi readinessCheck: wait_for: - oom-cert-service @@ -70,6 +50,7 @@ cmpv2issuer: url: https://oom-cert-service:8443 healthcheckEndpoint: actuator/health certEndpoint: v1/certificate + updateEndpoint: v1/certificate-update caName: RA certSecretRef: name: oom-cert-service-client-tls-secret |