summaryrefslogtreecommitdiffstats
path: root/kubernetes/policy/charts/policy-distribution
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/policy/charts/policy-distribution')
-rw-r--r--kubernetes/policy/charts/policy-distribution/templates/deployment.yaml5
-rw-r--r--kubernetes/policy/charts/policy-distribution/values.yaml13
2 files changed, 18 insertions, 0 deletions
diff --git a/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml b/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml
index b3b017acd3..b0dbac9526 100644
--- a/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml
+++ b/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml
@@ -53,6 +53,11 @@ spec:
imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
command: ["/opt/app/policy/distribution/bin/policy-dist.sh"]
args: ["/opt/app/policy/distribution/etc/mounted/config.json"]
+ env:
+ - name: KEYSTORE_PASSWD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
+ - name: TRUSTSTORE_PASSWD
+ {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-password" "key" "password") | indent 12 }}
ports:
- containerPort: {{ .Values.service.internalPort }}
# disable liveness probe when breakpoints set in debugger
diff --git a/kubernetes/policy/charts/policy-distribution/values.yaml b/kubernetes/policy/charts/policy-distribution/values.yaml
index 73c9e99e61..dfed7648d4 100644
--- a/kubernetes/policy/charts/policy-distribution/values.yaml
+++ b/kubernetes/policy/charts/policy-distribution/values.yaml
@@ -45,6 +45,16 @@ secrets:
login: '{{ .Values.sdcBe.user }}'
password: '{{ .Values.sdcBe.password }}'
passwordPolicy: required
+ - uid: keystore-password
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.certStores.keyStorePasswordExternalSecret) . }}'
+ password: '{{ .Values.certStores.keyStorePassword }}'
+ passwordPolicy: required
+ - uid: truststore-password
+ type: password
+ externalSecret: '{{ tpl (default "" .Values.certStores.trustStorePasswordExternalSecret) . }}'
+ password: '{{ .Values.certStores.trustStorePassword }}'
+ passwordPolicy: required
#################################################################
# Global configuration defaults.
@@ -78,6 +88,9 @@ papParameters:
sdcBe:
user: policy
password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+certStores:
+ keyStorePassword: Pol1cy_0nap
+ trustStorePassword: Pol1cy_0nap
# default number of instances
replicaCount: 1