| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Instead of mandating to provide custom certificates before creation of
helm packages, let's propose to include certificates from a known
secret or configmap.
The current implementation will first search for secret and if not
provided will look for configmap.
Issue-ID: OOM-2731
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If2f90adc18efe59c0516db9409964a236bd17a66
|
|
Some components are http based but want to be usable from outside world.
Instead of dealing with TLS part on the component itself, let's use
certInitializer to generate a secret with the certs which will be usable
by Ingress
Issue-ID: SO-3078
Issue-ID: SO-3237
Issue-ID: CPS-281
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If166716d159586b1eb94c111e9d3d82a54c2fd6e
|
|
Current script that retrieve certificates can fail but exit code will be
0. We then add a check in the script in order to avoid such issue
Issue-ID: OOM-2688
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Ib41c66a4de46db8752f68ef35a2bfb67ca575246
|
|
This commit makes CertInitializer template to use the new generator for
repositories and images.
Issue-ID: OOM-2364
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I5efa37225bfe05e2c7be7b8d2420ccaeb10afe62
|
|
certInitializer is included multiple times in number of different
projects. If it contains the truststore then under if it is not used
it increases the size of the chart itself so that it our final ONAP
chart does not fit into default 20 Mb chartmuseum limit.
Let's resolve this by moving the configmap and its content to the
cert-wrapper which is included only once per onap instance.
Issue-ID: AAF-1134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I654d9158e7b776c012653dbef2c8091a393635f0
|
|
Truststore is quite heavy. If it is included several times in the
component it can easily cross helm chart size limit.
To fix this issue let's make sure that the truststore is created only
once and then shared among all certInitializer instances.
Issue-ID: AAF-1134
Change-Id: I546a88fea3fe869748194682e7dcf3ad566282ab
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
|
Add new mount path value in values.yaml to
specify app mount path
Issue-ID: OPTFRA-803
Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com>
Change-Id: I70771e0ab6ec16f7f4cfadcb8448ecfdfb6e8f4b
|
|
certInitializer
ONAP deployments may require the use of custom certificates. Instead of
manually adding certificates to the truststore file, users can now add
their .pem certificates under certInitializer/resources and have them
imported automatically by an init container. The updated truststore can
then be mounted to a component by providing a truststoreMountpath.
Issue-ID: OOM-2509
Signed-off-by: Jozsef Csongvai <jozsef.csongvai@bell.ca>
Change-Id: I896c729143346738e91fa57f895ba48043b253c1
|
|
Instead of manually creating readiness init container let's use our
dedicated template for this.
Issue-ID: OOM-2511
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Idb112e864b7899e7a1e76d139c6cc6a94851a090
|
|
Not all components declare repository in the global section which may
lead to some error when processing just a single component instead of
whole onap. To avoid this let's make sure that cerInitializer sets
repository url internally.
Issue-ID: OOM-2416
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I4fd2a235b188c7ee09d0173dbaa873141187a077
|
|
Add new template that can be used to obtain certificate by
component. Make also a PoC with NBI.
Strongly based on aaf-config template.
Issue-ID: AAF-1134
Change-Id: I10cb2a7b36a8dc436be337518cc15431aabbbc5d
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|
Krzysztof Opasiak
Sylvain Desbureaux
krishnaa96
Jozsef Csongvai