From ef766403ef1436c9462c2c00da83a8b29fca3b53 Mon Sep 17 00:00:00 2001
From: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Date: Thu, 11 Feb 2021 18:12:46 +0100
Subject: [AAF] Give `identities.dat` to working deployments

Today, `identities.dat` is put on cassandra deployment. But this file is
actually needed by "working" deployments (at least certman and service)
and not by cassandra.
This patch removes it from cassandra deployments and add it to the other
ones form "authz" family.

Issue-ID: OOM-2678
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I2a4b68f73797cd6c369060481e169525829a4217
---
 .../aaf/components/aaf-templates/templates/_deployment.tpl     |  7 +++++++
 .../aaf/components/aaf-templates/templates/_initContainers.tpl | 10 +++++++++-
 2 files changed, 16 insertions(+), 1 deletion(-)

(limited to 'kubernetes/aaf/components/aaf-templates')

diff --git a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
index afa5004a48..50da519a89 100644
--- a/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
+++ b/kubernetes/aaf/components/aaf-templates/templates/_deployment.tpl
@@ -40,6 +40,8 @@ spec:
         - mountPath: /opt/app/osaaf/etc/org.osaaf.aaf.log4j.props
           name: aaf-log
           subPath: org.osaaf.aaf.log4j.props
+        - mountPath: /opt/app/osaaf/data/
+          name: config-identity
         {{- if eq .Values.liveness.enabled true }}
         livenessProbe:
           tcpSocket:
@@ -68,6 +70,11 @@ spec:
       - name: aaf-log
         configMap:
           name: {{ include "common.release" . }}-aaf-log
+      - name: config-init-identity
+        configMap:
+          name: {{ include "common.release" . }}-aaf-identity
+      - name: config-identity
+        emptyDir: {}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
 {{- end -}}
diff --git a/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
index 7cdf4d072e..755315296d 100644
--- a/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
+++ b/kubernetes/aaf/components/aaf-templates/templates/_initContainers.tpl
@@ -15,12 +15,16 @@
 */}
 
 {{- define "aaf.permissionFixer" -}}
-- name: fix-permission
+- name: onboard-identity-and-fix-permission
   command:
   - /bin/sh
   args:
   - -c
   - |
+    echo "*** Move files from configmap to emptyDir"
+    cp -L /config-input-identity/* /config-identity/
+    echo "*** set righ user to the different folders"
+    chown -R 1000:1000 /config-identity
     chown -R 1000:1000 /opt/app/aaf
     chown -R 1000:1000 /opt/app/osaaf
   image: {{ include "repositoryGenerator.image.busybox" . }}
@@ -28,6 +32,10 @@
   volumeMounts:
   - mountPath: /opt/app/osaaf
     name: aaf-config-vol
+  - mountPath: /config-input-identity
+    name: config-init-identity
+  - mountPath: /config-identity
+    name: config-identity
   resources:
     limits:
       cpu: 100m
-- 
cgit 1.2.3-korg