summaryrefslogtreecommitdiffstats
path: root/kubernetes/common/certInitializer/templates/_certInitializer.yaml
AgeCommit message (Collapse)AuthorFilesLines
2021-01-19[COMMON][CERTS] Use sh to onboard custom certsSylvain Desbureaux1-1/+1
Today, onboarding custom certificates relies on `bash`. But image used for that doesn't have bash. Therefore, we need to use `sh` in order to onboard the certs. Issue-ID: OOM-2666 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ia8087bd9484a013ac76044681059f634a4e45eb8
2020-10-20[COMMON] Make certInitializer share truststore among instancesKrzysztof Opasiak1-1/+1
Truststore is quite heavy. If it is included several times in the component it can easily cross helm chart size limit. To fix this issue let's make sure that the truststore is created only once and then shared among all certInitializer instances. Issue-ID: AAF-1134 Change-Id: I546a88fea3fe869748194682e7dcf3ad566282ab Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-09-12[common] Add application mount path to cert initializerkrishnaa961-1/+1
Add new mount path value in values.yaml to specify app mount path Issue-ID: OPTFRA-803 Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com> Change-Id: I70771e0ab6ec16f7f4cfadcb8448ecfdfb6e8f4b
2020-08-25[COMMON] Enable importing custom certificates to truststore using ↵Jozsef Csongvai1-2/+72
certInitializer ONAP deployments may require the use of custom certificates. Instead of manually adding certificates to the truststore file, users can now add their .pem certificates under certInitializer/resources and have them imported automatically by an init container. The updated truststore can then be mounted to a component by providing a truststoreMountpath. Issue-ID: OOM-2509 Signed-off-by: Jozsef Csongvai <jozsef.csongvai@bell.ca> Change-Id: I896c729143346738e91fa57f895ba48043b253c1
2020-07-16[COMMON] Use readinessCheck template inside certInitializerKrzysztof Opasiak1-18/+1
Instead of manually creating readiness init container let's use our dedicated template for this. Issue-ID: OOM-2511 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Idb112e864b7899e7a1e76d139c6cc6a94851a090
2020-06-02[common] Make sure that we declare repository in certInitializerKrzysztof Opasiak1-1/+1
Not all components declare repository in the global section which may lead to some error when processing just a single component instead of whole onap. To avoid this let's make sure that cerInitializer sets repository url internally. Issue-ID: OOM-2416 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I4fd2a235b188c7ee09d0173dbaa873141187a077
2020-05-20[COMMON] Templates for readinessSylvain Desbureaux1-2/+1
Create a template in order to have same readiness check everywhere. Issue-ID: OOM-1971 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If3297184564a8e763110a79ff89eb07dfbc9e630
2020-05-19[COMMON] Fix certInitializer to use proper global valuesKrzysztof Opasiak1-6/+6
One of reasons why certInitializer is a proper chart that you need to put in your requirements.yaml is to avoid copy-pasting the same global values among different charts. As it turned out in tests we've been not "mangling" global values properly while creating $subchartDot. This patch fixes the issue. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I630154c4eedd7192ebb1881e5899c8df495d988b
2020-05-14[COMMON] Fix certInitializerKrzysztof Opasiak1-5/+5
By mistage aaf-agent-certs volume was created only if aaf_add_config option was set. This is incorrect as it should be created always. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I6172d2cbb781db4a26e09b7c4c324e985978b31e
2020-05-06[COMMON] Override truststore in aaf_agent imageKrzysztof Opasiak1-0/+11
aaf_agent image currently contains hardcoded truststores in order to be able to connect to certman to retrieve certificate for given component. The goal is to remove hardcoded truststore from aaf_agent immage but first we need to be sure that all its users are able to provide the truststore to the pod as a configmap. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ibe9de6ad7264c05aeca2af858918fc2b4d3a772b
2020-05-06[COMMON] Add new template for obtaining certificateKrzysztof Opasiak1-0/+152
Add new template that can be used to obtain certificate by component. Make also a PoC with NBI. Strongly based on aaf-config template. Issue-ID: AAF-1134 Change-Id: I10cb2a7b36a8dc436be337518cc15431aabbbc5d Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>