diff options
Diffstat (limited to 'kubernetes/so/charts')
-rw-r--r-- | kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks | bin | 0 -> 963 bytes | |||
-rw-r--r-- | kubernetes/so/charts/so-secrets/templates/secrets.yaml | 13 | ||||
-rwxr-xr-x | kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml | 12 |
3 files changed, 22 insertions, 3 deletions
diff --git a/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks b/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks Binary files differnew file mode 100644 index 0000000000..96931ce168 --- /dev/null +++ b/kubernetes/so/charts/so-secrets/resources/certs/org.onap.so.trust.jks diff --git a/kubernetes/so/charts/so-secrets/templates/secrets.yaml b/kubernetes/so/charts/so-secrets/templates/secrets.yaml index 9a749638f0..5be2cc7c41 100644 --- a/kubernetes/so/charts/so-secrets/templates/secrets.yaml +++ b/kubernetes/so/charts/so-secrets/templates/secrets.yaml @@ -25,3 +25,16 @@ data: trustStorePassword: {{ .Values.global.client.certs.trustStorePassword }} keyStorePassword: {{ .Values.global.client.certs.keyStorePassword}} type: Opaque +--- +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.release" . }}-so-truststore-secret + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml index 00b36a838e..a720753f47 100755 --- a/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml +++ b/kubernetes/so/charts/so-vnfm-adapter/templates/deployment.yaml @@ -40,17 +40,17 @@ spec: image: {{ include "common.repository" . }}/{{ .Values.image }} resources: {{ include "common.resources" . | indent 12 }} - {{- if eq .Values.global.security.aaf.enabled true }} env: - name: TRUSTSTORE - value: /app/org.onap.so.trust.jks + value: {{ .Values.global.client.certs.truststore }} - name: TRUSTSTORE_PASSWORD valueFrom: secretKeyRef: name: {{ .Release.Name}}-so-client-certs-secret key: trustStorePassword + {{ if eq .Values.global.security.aaf.enabled true }} - name: KEYSTORE - value: /app/org.onap.so.jks + value: {{ .Values.global.client.certs.keystore }} - name: KEYSTORE_PASSWORD valueFrom: secretKeyRef: @@ -67,6 +67,9 @@ spec: - name: config mountPath: /app/config readOnly: true + - name: {{ include "common.fullname" . }}-truststore + mountPath: /app/client + readonly: true livenessProbe: tcpSocket: port: {{ index .Values.livenessProbe.port }} @@ -84,5 +87,8 @@ spec: - name: config configMap: name: {{ include "common.fullname" . }}-app-configmap + - name: {{ include "common.fullname" . }}-truststore + secret: + secretName: {{ include "common.release" . }}-so-truststore-secret imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" |