aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/vid
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/vid')
-rw-r--r--kubernetes/vid/templates/deployment.yaml2
-rw-r--r--kubernetes/vid/values.yaml4
2 files changed, 4 insertions, 2 deletions
diff --git a/kubernetes/vid/templates/deployment.yaml b/kubernetes/vid/templates/deployment.yaml
index 8872863e42..d1b4bcdbf2 100644
--- a/kubernetes/vid/templates/deployment.yaml
+++ b/kubernetes/vid/templates/deployment.yaml
@@ -63,6 +63,8 @@ spec:
- -c
- |
export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+ export VID_TRUSTSTORE_PLAIN_PASSWORD=${VID_TRUSTSTORE_PASSWORD}
+ export VID_TRUSTSTORE_PASSWORD=`java -cp /usr/local/tomcat/webapps/vid/WEB-INF/lib/jetty-util-9.4.20.v20190813.jar org.eclipse.jetty.util.security.Password ${VID_TRUSTSTORE_PLAIN_PASSWORD} 2>&1 | grep "OBF:"`
/tmp/vid/localize.sh
{{- end }}
ports:
diff --git a/kubernetes/vid/values.yaml b/kubernetes/vid/values.yaml
index 6b323a4a17..91132e276c 100644
--- a/kubernetes/vid/values.yaml
+++ b/kubernetes/vid/values.yaml
@@ -64,7 +64,7 @@ certInitializer:
else
echo "*** changing them into shell safe ones"
export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
- export TRUSTORE_PASSWD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
cd {{ .Values.credsPath }}
keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
-storepass "${cadi_keystore_password_jks}" \
@@ -79,7 +79,7 @@ certInitializer:
-storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
echo "*** save the generated passwords"
echo "VID_KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
- echo "VID_TRUSTSTORE_PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp" >> mycreds.prop
+ echo "VID_TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop
echo "*** change ownership of certificates to targeted user"
chown -R 1000 .
fi