aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/common/certInitializer/templates/configmap.yaml
AgeCommit message (Collapse)AuthorFilesLines
2021-05-06[COMMON][CERTINIT] Generate cert with certInitSylvain Desbureaux1-1/+14
Some components are http based but want to be usable from outside world. Instead of dealing with TLS part on the component itself, let's use certInitializer to generate a secret with the certs which will be usable by Ingress Issue-ID: SO-3078 Issue-ID: SO-3237 Issue-ID: CPS-281 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: If166716d159586b1eb94c111e9d3d82a54c2fd6e
2021-02-27[COMMON][CERTINIT] Fail if cert retrieval failsSylvain Desbureaux1-1/+2
Current script that retrieve certificates can fail but exit code will be 0. We then add a check in the script in order to avoid such issue Issue-ID: OOM-2688 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib41c66a4de46db8752f68ef35a2bfb67ca575246
2020-10-26[COMMON] allow multiline config for aaf add configSylvain Desbureaux1-1/+1
Use trim function in order to remove the 4 first spaces that breaks configuration when aaf add config is a multiline (a.k.a uses `|`) YAML entry. Issue-ID: OOM-2611 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Ib53a8a87f896a66ba613d542cfca833804ef1d7a
2020-10-20[COMMON] Move onap truststore to cert-wrapperKrzysztof Opasiak1-9/+0
certInitializer is included multiple times in number of different projects. If it contains the truststore then under if it is not used it increases the size of the chart itself so that it our final ONAP chart does not fit into default 20 Mb chartmuseum limit. Let's resolve this by moving the configmap and its content to the cert-wrapper which is included only once per onap instance. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I654d9158e7b776c012653dbef2c8091a393635f0
2020-10-20[COMMON] Make certInitializer share truststore among instancesKrzysztof Opasiak1-0/+2
Truststore is quite heavy. If it is included several times in the component it can easily cross helm chart size limit. To fix this issue let's make sure that the truststore is created only once and then shared among all certInitializer instances. Issue-ID: AAF-1134 Change-Id: I546a88fea3fe869748194682e7dcf3ad566282ab Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
2020-05-06[COMMON] Override truststore in aaf_agent imageKrzysztof Opasiak1-1/+8
aaf_agent image currently contains hardcoded truststores in order to be able to connect to certman to retrieve certificate for given component. The goal is to remove hardcoded truststore from aaf_agent immage but first we need to be sure that all its users are able to provide the truststore to the pod as a configmap. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: Ibe9de6ad7264c05aeca2af858918fc2b4d3a772b
2020-05-06[COMMON] Add new template for obtaining certificateKrzysztof Opasiak1-0/+25
Add new template that can be used to obtain certificate by component. Make also a PoC with NBI. Strongly based on aaf-config template. Issue-ID: AAF-1134 Change-Id: I10cb2a7b36a8dc436be337518cc15431aabbbc5d Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>