summaryrefslogtreecommitdiffstats
path: root/kubernetes/so/charts
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/so/charts')
-rw-r--r--kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jksbin0 -> 963 bytes
-rw-r--r--kubernetes/so/charts/so-secrets/templates/secrets.yaml13
-rwxr-xr-xkubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml12
3 files changed, 22 insertions, 3 deletions
diff --git a/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks b/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks
new file mode 100644
index 0000000000..96931ce168
--- /dev/null
+++ b/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks
Binary files differ
diff --git a/kubernetes/so/charts/so-secrets/templates/secrets.yaml b/kubernetes/so/charts/so-secrets/templates/secrets.yaml
index 9a749638f0..5be2cc7c41 100644
--- a/kubernetes/so/charts/so-secrets/templates/secrets.yaml
+++ b/kubernetes/so/charts/so-secrets/templates/secrets.yaml
@@ -25,3 +25,16 @@ data:
trustStorePassword: {{ .Values.global.client.certs.trustStorePassword }}
keyStorePassword: {{ .Values.global.client.certs.keyStorePassword}}
type: Opaque
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.release" . }}-so-truststore-secret
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml
index 00b36a838e..a720753f47 100755
--- a/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml
+++ b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml
@@ -40,17 +40,17 @@ spec:
image: {{ include "common.repository" . }}/{{ .Values.image }}
resources:
{{ include "common.resources" . | indent 12 }}
- {{- if eq .Values.global.security.aaf.enabled true }}
env:
- name: TRUSTSTORE
- value: /app/org.onap.so.trust.jks
+ value: {{ .Values.global.client.certs.truststore }}
- name: TRUSTSTORE_PASSWORD
valueFrom:
secretKeyRef:
name: {{ .Release.Name}}-so-client-certs-secret
key: trustStorePassword
+ {{ if eq .Values.global.security.aaf.enabled true }}
- name: KEYSTORE
- value: /app/org.onap.so.jks
+ value: {{ .Values.global.client.certs.keystore }}
- name: KEYSTORE_PASSWORD
valueFrom:
secretKeyRef:
@@ -67,6 +67,9 @@ spec:
- name: config
mountPath: /app/config
readOnly: true
+ - name: {{ include "common.fullname" . }}-truststore
+ mountPath: /app/client
+ readonly: true
livenessProbe:
tcpSocket:
port: {{ index .Values.livenessProbe.port }}
@@ -84,5 +87,8 @@ spec:
- name: config
configMap:
name: {{ include "common.fullname" . }}-app-configmap
+ - name: {{ include "common.fullname" . }}-truststore
+ secret:
+ secretName: {{ include "common.release" . }}-so-truststore-secret
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"