5 files changed, 28 insertions, 17 deletions

diff --git a/kubernetes/sdnc/requirements.yaml b/kubernetes/sdnc/requirements.yaml
index f58ecb16be..27b68df4ee 100644
--- a/kubernetes/sdnc/requirements.yaml
+++ b/kubernetes/sdnc/requirements.yaml
@@ -24,6 +24,9 @@ dependencies:
   - name: cmpv2Certificate
     version: ~7.x-0
     repository: '@local'
+  - name: certManagerCertificate
+    version: ~7.x-0
+    repository: '@local'
   - name: logConfiguration
     version: ~7.x-0
     repository: '@local'
diff --git a/kubernetes/sdnc/resources/config/conf/org.opendaylight.daexim.cfg b/kubernetes/sdnc/resources/config/conf/org.opendaylight.daexim.cfg
new file mode 100644
index 0000000000..20b794d21f
--- /dev/null
+++ b/kubernetes/sdnc/resources/config/conf/org.opendaylight.daexim.cfg
@@ -0,0 +1,4 @@
+# Daexim directory location
+# absolute path or path relative to Karaf home directory
+# property substitution (interpolation) currently only supported for "${karaf.home}", no others (hard-coded) -- M.
+daexim.dir={{ .Values.persistence.daeximPath }}
\ No newline at end of file
diff --git a/kubernetes/sdnc/templates/certificates.yaml b/kubernetes/sdnc/templates/certificates.yaml
index dda16176a5..c4eca61e35 100644
--- a/kubernetes/sdnc/templates/certificates.yaml
+++ b/kubernetes/sdnc/templates/certificates.yaml
@@ -1,5 +1,5 @@
 {{/*
-# Copyright © 2020 Nokia
+# Copyright © 2020-2021 Nokia
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -14,6 +14,6 @@
 # limitations under the License.
 */}}
 
-{{ if .Values.global.CMPv2CertManagerIntegration }}
-{{ include "common.certificate" . }}
+{{ if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "certManagerCertificate.certificate" . }}
 {{ end }}
diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index 2158fefe19..7441dacd23 100644
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml
@@ -114,7 +114,6 @@ spec:
         args:
         - -c
         - |
-           mkdir {{ .Values.persistence.mdsalPath }}/daexim
            mkdir {{ .Values.persistence.mdsalPath }}/journal
            mkdir {{ .Values.persistence.mdsalPath }}/snapshots
            chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
@@ -203,6 +202,9 @@ spec:
           volumeMounts:
 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
 {{ include "common.certServiceClient.volumeMounts" . | indent 10 }}
+{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certManager.volumeMounts" . | indent 10 }}
+{{- end }}
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
@@ -261,6 +263,9 @@ spec:
           - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties
             name: properties
             subPath: mountpoint-state-provider.properties
+          - mountPath: {{ .Values.config.odl.etcDir }}/org.opendaylight.daexim.cfg
+            name: properties
+            subPath: org.opendaylight.daexim.cfg
           resources:
 {{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}
@@ -317,6 +322,9 @@ spec:
   {{ else }}
 {{ include "common.certInitializer.volumes" . | nindent 8 }}
 {{ include "common.certServiceClient.volumes" . | nindent 8 }}
+{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certManager.volumes" . | nindent 8 }}
+{{- end }}
   volumeClaimTemplates:
   - metadata:
       name: {{ include "common.fullname" . }}-data
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index c02d5592e6..5a4d204c58 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -117,10 +117,6 @@ secrets:
     login: '{{ .Values.config.scaleoutUser }}'
     password: '{{ .Values.config.scaleoutPassword }}'
     passwordPolicy: required
-  - uid: keystore-password
-    type: password
-    password: secret
-    passwordPolicy: required
 #################################################################
 # Certificates
 #################################################################
@@ -129,16 +125,16 @@ certificates:
     commonName: sdnc.simpledemo.onap.org
     dnsNames:
         - sdnc.simpledemo.onap.org
-    p12Keystore:
-      create: true
-      passwordSecretRef:
-        name: keystore-password
-        key: password
-    jksKeystore:
-      create: true
+    keystore:
+      outputType:
+        - jks
       passwordSecretRef:
-        name: keystore-password
+        name: sdnc-cmpv2-keystore-password
         key: password
+    issuer:
+      group: certmanager.onap.org
+      kind: CMPv2Issuer
+      name: cmpv2-issuer-onap
 #################################################################
 # Application configuration defaults.
 #################################################################
@@ -464,7 +460,7 @@ persistence:
   mountPath: /dockerdata-nfs
   mountSubPath: sdnc/mdsal
   mdsalPath: /opt/opendaylight/mdsal
-  daeximPath: /opt/opendaylight/daexim
+  daeximPath: /opt/opendaylight/mdsal/daexim
   journalPath: /opt/opendaylight/journal
   snapshotsPath: /opt/opendaylight/snapshots