aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common/cert-wrapper
AgeCommit message (Collapse)AuthorFilesLines
2021-10-01[COMMON] Update root certificatesSylvain Desbureaux1-2172/+2719
ONAP truststore is outdated so let's use one from Java 17 + add ONAP root CA. Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If8a7dbf4c876ce89cf04080a97a7f67803d66c5f
2021-09-09Merge "[OOM] Update Linux SSL Truststore /etc/ssl"Sylvain Desbureaux1-0/+13
2021-09-07[COMMON] Fix bashisms in import-custom-certguillaume.lambert1-5/+4
Bashisms of type (should be 'b = a') were all fixed previously but a new one was reintroduced during the fixes of other types. Also commit f79b6676cfdc380e004f184a21bb969b2824c06e moved import-custom-cert shebang from bash to sh but substring syntaxes similar to ${f: -4} and only supported by bash were not migrated. Let's fix that alltogether before enforcing the checkbashisms tox profile. Issue-ID: OOM-2643 Issue-ID: POLICY-3232 Signed-off-by: guillaume.lambert <guillaume.lambert@orange.com> Change-Id: Ie9b5ac1c2edd9ddf3574f09c77ca8734f2311d1d
2021-09-05[OOM] Update Linux SSL Truststore /etc/sslAbdelmuhaimen Seaudi1-0/+13
Add update for /etc/ssl/cacerts/ca-certificates.crt Issue-ID: CCSDK-3356 Change-Id: I797aea054bb80db805f4791a288e89b102e1d662 Signed-off-by: Abdelmuhaimen Seaudi <abdelmuhaimen.seaudi@orange.com>
2021-05-19[COMMON] Change import-custom-cert from bash to sha.sreekumar1-2/+2
As part of removing GPLv3 license, policy components have moved from bash to sh. This change is required in import-custom-certs script so that custom certificates can be imported into components that try to import them. Without this change, the init containers of the components will just fail. Change-Id: I6c5028428d4cd7c8baf3e96cb16a3cd91db57f9e Issue-ID: POLICY-3232 Signed-off-by: a.sreekumar <ajith.sreekumar@bell.ca>
2021-05-11Merge "[COMMON] Add custom certs into AAF truststore"Krzysztof Opasiak1-1/+2
2021-05-06[COMMON][CERTS] Allow to provide custom certs easilySylvain Desbureaux1-0/+8
Instead of mandating to provide custom certificates before creation of helm packages, let's propose to include certificates from a known secret or configmap. The current implementation will first search for secret and if not provided will look for configmap. Issue-ID: OOM-2731 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If2f90adc18efe59c0516db9409964a236bd17a66
2021-04-19[COMMON] Add custom certs into AAF truststoreSylvain Desbureaux1-1/+2
Instead of creating a truststore nobody is using when using AAF, let's reuse AAF truststore and onboard certs in it. Issue-ID: OOM-2730 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Idb1af0357e286d9536c5d16f592068b61f885b0a
2021-04-16[COMMON] Fix condition equality bashismsGuillaume Lambert1-6/+6
pointed out by checkbashisms. $ mycmd=$(tox -e checkbashisms | grep "(should be 'b = a')" | sed -e "s@^[^.]*\(.[^ ]*\) line \([0-9]*\) .*@sed -i -e '\2s/==/=/g' \1;@") $ eval $mycmd Issue-ID: OOM-2643 Signed-off-by: Guillaume Lambert <guillaume.lambert@orange.com> Change-Id: I9032130bc4717e111de11a73187c2f1052376e45
2021-03-24[DOC][COMMON] Prepare Honolulu releaseSylvain Desbureaux2-2/+2
Updating the documentation and bumping version to 8.0.0 Issue-ID: OOM-1 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I6f942f1466fed64264c44fb8fc0e1ffc93a98f18
2021-01-19[COMMON][CERTS] Use sh to onboard custom certsSylvain Desbureaux1-6/+12
Today, onboarding custom certificates relies on `bash`. But image used for that doesn't have bash. Therefore, we need to use `sh` in order to onboard the certs. Issue-ID: OOM-2666 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ia8087bd9484a013ac76044681059f634a4e45eb8
2020-11-30[COMMON][DOC] Bump version GuilinSylvain Desbureaux2-2/+2
Update charts and requirements to 7.0.0. Create release notes for Guilin Update documentation Issue-ID: OOM-2638 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I965ed6b6ebb7d74bfddaff73edd3dd55a657841c
2020-10-22[COMMON] change comment styleJakub Latusek1-0/+2
Signed-off-by: Jakub Latusek <j.latusek@samsung.com> Change-Id: I21ea78c96ff8bd5e729f2228f761df534f515358 Issue-ID: OOM-2562
2020-10-20[COMMON] Move onap truststore to cert-wrapperKrzysztof Opasiak4-0/+2299
certInitializer is included multiple times in number of different projects. If it contains the truststore then under if it is not used it increases the size of the chart itself so that it our final ONAP chart does not fit into default 20 Mb chartmuseum limit. Let's resolve this by moving the configmap and its content to the cert-wrapper which is included only once per onap instance. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I654d9158e7b776c012653dbef2c8091a393635f0
2020-10-20[COMMON] Make certInitializer share truststore among instancesKrzysztof Opasiak3-0/+53
Truststore is quite heavy. If it is included several times in the component it can easily cross helm chart size limit. To fix this issue let's make sure that the truststore is created only once and then shared among all certInitializer instances. Issue-ID: AAF-1134 Change-Id: I546a88fea3fe869748194682e7dcf3ad566282ab Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>