Age | Commit message (Collapse) | Author | Files | Lines |
|
certInitializer
ONAP deployments may require the use of custom certificates. Instead of
manually adding certificates to the truststore file, users can now add
their .pem certificates under certInitializer/resources and have them
imported automatically by an init container. The updated truststore can
then be mounted to a component by providing a truststoreMountpath.
Issue-ID: OOM-2509
Signed-off-by: Jozsef Csongvai <jozsef.csongvai@bell.ca>
Change-Id: I896c729143346738e91fa57f895ba48043b253c1
|
|
Instead of manually creating readiness init container let's use our
dedicated template for this.
Issue-ID: OOM-2511
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Idb112e864b7899e7a1e76d139c6cc6a94851a090
|
|
Not all components declare repository in the global section which may
lead to some error when processing just a single component instead of
whole onap. To avoid this let's make sure that cerInitializer sets
repository url internally.
Issue-ID: OOM-2416
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I4fd2a235b188c7ee09d0173dbaa873141187a077
|
|
Create a template in order to have same readiness check everywhere.
Issue-ID: OOM-1971
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If3297184564a8e763110a79ff89eb07dfbc9e630
|
|
One of reasons why certInitializer is a proper chart that you need to
put in your requirements.yaml is to avoid copy-pasting the same global
values among different charts. As it turned out in tests we've been
not "mangling" global values properly while creating
$subchartDot. This patch fixes the issue.
Issue-ID: AAF-1134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I630154c4eedd7192ebb1881e5899c8df495d988b
|
|
By mistage aaf-agent-certs volume was created only if aaf_add_config
option was set. This is incorrect as it should be created always.
Issue-ID: AAF-1134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: I6172d2cbb781db4a26e09b7c4c324e985978b31e
|
|
aaf_agent image currently contains hardcoded truststores in order to
be able to connect to certman to retrieve certificate for given
component.
The goal is to remove hardcoded truststore from aaf_agent immage but
first we need to be sure that all its users are able to provide the
truststore to the pod as a configmap.
Issue-ID: AAF-1134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ibe9de6ad7264c05aeca2af858918fc2b4d3a772b
|
|
Add new template that can be used to obtain certificate by
component. Make also a PoC with NBI.
Strongly based on aaf-config template.
Issue-ID: AAF-1134
Change-Id: I10cb2a7b36a8dc436be337518cc15431aabbbc5d
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
|