diff options
Diffstat (limited to 'kubernetes/portal/charts/portal-app')
-rw-r--r-- | kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore | bin | 2228 -> 0 bytes | |||
-rw-r--r-- | kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks | bin | 0 -> 3629 bytes | |||
-rw-r--r-- | kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 | bin | 0 -> 4151 bytes | |||
-rw-r--r-- | kubernetes/portal/charts/portal-app/resources/server/server.xml | 2 | ||||
-rw-r--r-- | kubernetes/portal/charts/portal-app/templates/configmap.yaml | 1 | ||||
-rw-r--r-- | kubernetes/portal/charts/portal-app/templates/deployment.yaml | 11 | ||||
-rw-r--r-- | kubernetes/portal/charts/portal-app/templates/secret.yaml | 27 |
7 files changed, 35 insertions, 6 deletions
diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore Binary files differdeleted file mode 100644 index ff0f0d76a4..0000000000 --- a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore +++ /dev/null diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks Binary files differnew file mode 100644 index 0000000000..4b7e115d8c --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.jks diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 Binary files differnew file mode 100644 index 0000000000..df2f4f6cd3 --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 diff --git a/kubernetes/portal/charts/portal-app/resources/server/server.xml b/kubernetes/portal/charts/portal-app/resources/server/server.xml index 09c2f8405f..c87e6c377a 100644 --- a/kubernetes/portal/charts/portal-app/resources/server/server.xml +++ b/kubernetes/portal/charts/portal-app/resources/server/server.xml @@ -89,7 +89,7 @@ <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true" scheme="https" secure="true" - keystoreFile="keystoreONAP.keystore" keystorePass="{{ .Values.global.keypass }}" + keystoreFile="{{.Values.global.keystoreFile}}" keystorePass="{{.Values.global.keypass}}" clientAuth="false" sslProtocol="TLS" /> <!-- Define an AJP 1.3 Connector on port 8009 --> diff --git a/kubernetes/portal/charts/portal-app/templates/configmap.yaml b/kubernetes/portal/charts/portal-app/templates/configmap.yaml index d4ef698f71..28de588aa0 100644 --- a/kubernetes/portal/charts/portal-app/templates/configmap.yaml +++ b/kubernetes/portal/charts/portal-app/templates/configmap.yaml @@ -25,4 +25,3 @@ metadata: data: {{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTAL/*").AsConfig . | indent 2 }} {{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }} -{{ tpl (.Files.Glob "resources/certs/*").AsConfig . | indent 2 }} diff --git a/kubernetes/portal/charts/portal-app/templates/deployment.yaml b/kubernetes/portal/charts/portal-app/templates/deployment.yaml index 3fc2741556..fb9f35ba19 100644 --- a/kubernetes/portal/charts/portal-app/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-app/templates/deployment.yaml @@ -59,11 +59,11 @@ spec: - name: javax.net.ssl.keyStore value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} - name: javax.net.ssl.keyStorePassword - value: {{ .Values.global.keypass }} + value: {{ .Values.global.trustpass }} - name: javax.net.ssl.trustStore value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} - name: javax.net.ssl.trustStorePassword - value: {{ .Values.global.keypass }} + value: {{ .Values.global.trustpass }} ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} @@ -106,10 +106,10 @@ spec: - name: properties-onapportal mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml" subPath: server.xml - - name: properties-onapportal + - name: authz-onapportal mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.keystoreFile}}" subPath: {{ .Values.global.keystoreFile}} - - name: properties-onapportal + - name: authz-onapportal mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}" subPath: {{ .Values.global.truststoreFile}} - name: var-log-onap @@ -143,6 +143,9 @@ spec: configMap: name: {{ include "common.fullname" . }}-onapportal defaultMode: 0755 + - name: authz-onapportal + secret: + secretName: {{ include "common.fullname" . }}-authz-onapportal - name: filebeat-conf configMap: name: portal-filebeat diff --git a/kubernetes/portal/charts/portal-app/templates/secret.yaml b/kubernetes/portal/charts/portal-app/templates/secret.yaml new file mode 100644 index 0000000000..18f85c1698 --- /dev/null +++ b/kubernetes/portal/charts/portal-app/templates/secret.yaml @@ -0,0 +1,27 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-authz-onapportal + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} |