summaryrefslogtreecommitdiffstats
path: root/kubernetes/so/components/soHelpers/templates/_certificates.tpl
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/so/components/soHelpers/templates/_certificates.tpl')
-rw-r--r--kubernetes/so/components/soHelpers/templates/_certificates.tpl58
1 files changed, 58 insertions, 0 deletions
diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl
new file mode 100644
index 0000000000..fa25ba5177
--- /dev/null
+++ b/kubernetes/so/components/soHelpers/templates/_certificates.tpl
@@ -0,0 +1,58 @@
+{{- define "so.certificate.container_importer" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
+{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
+{{ include "common.certInitializer.initContainer" $subchartDot }}
+{{- if $dot.Values.global.aafEnabled }}
+- name: {{ include "common.name" $dot }}-msb-cert-importer
+ image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.aafAgentImage }}"
+ imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
+ command:
+ - "/bin/sh"
+ args:
+ - "-c"
+ - |
+ export $(grep '^c' {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ keytool -import -trustcacerts -alias msb_root -file \
+ /certificates/msb-ca.crt -keystore \
+ "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
+ -keypass $cadi_truststore_password -noprompt
+ volumeMounts:
+ {{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }}
+ - name: {{ include "common.name" $dot }}-msb-certificate
+ mountPath: /certificates
+{{- end }}
+{{- end -}}
+
+{{- define "so.certificate.volumes" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
+{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
+{{ include "common.certInitializer.volumes" $subchartDot }}
+{{- if $dot.Values.global.aafEnabled }}
+- name: {{ include "common.name" $dot }}-msb-certificate
+ secret:
+ secretName: {{ include "common.secret.getSecretNameFast" (dict "global" $subchartDot "uid" "so-onap-certs") }}
+{{- end }}
+{{- end -}}
+
+{{- define "so.certificate.volumeMount" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
+{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
+{{ include "common.certInitializer.volumeMount" $subchartDot }}
+{{- end -}}
+
+{{- define "so.certificates.env" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
+{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
+{{- if $dot.Values.global.aafEnabled }}
+- name: TRUSTSTORE
+ value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}
+{{- if $dot.Values.global.security.aaf.enabled }}
+- name: KEYSTORE
+ value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.jks
+{{- end }}
+{{- end }}
+{{- end -}}