From bc1f4be02ce5478762261e63a624e946b6f23629 Mon Sep 17 00:00:00 2001
From: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Date: Tue, 16 Feb 2021 11:51:30 +0100
Subject: [CLI] Retrieve certificates automatically

Instead of having hardocoded certificates, use certManager in order to
retrieve them.

Issue-ID: OOM-2684
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I20df713b7552b27392407db985fd402c259874e4
---
 kubernetes/cli/templates/configmap.yaml  | 28 ++++++++++++++++++++++++++++
 kubernetes/cli/templates/deployment.yaml | 17 +++++++++--------
 kubernetes/cli/templates/secrets.yaml    | 31 -------------------------------
 3 files changed, 37 insertions(+), 39 deletions(-)
 create mode 100644 kubernetes/cli/templates/configmap.yaml
 delete mode 100644 kubernetes/cli/templates/secrets.yaml

(limited to 'kubernetes/cli/templates')

diff --git a/kubernetes/cli/templates/configmap.yaml b/kubernetes/cli/templates/configmap.yaml
new file mode 100644
index 0000000000..ae515a0ec5
--- /dev/null
+++ b/kubernetes/cli/templates/configmap.yaml
@@ -0,0 +1,28 @@
+{{/*
+# Copyright © 2021 Orange
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-lighttpd
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ include "common.release" . }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/configuration/*").AsConfig . | indent 2 }}
\ No newline at end of file
diff --git a/kubernetes/cli/templates/deployment.yaml b/kubernetes/cli/templates/deployment.yaml
index 74b2d2df37..735308754f 100644
--- a/kubernetes/cli/templates/deployment.yaml
+++ b/kubernetes/cli/templates/deployment.yaml
@@ -35,6 +35,7 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       containers:
         - name: {{ include "common.name" . }}
           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
@@ -56,10 +57,10 @@ spec:
               port: {{ .Values.service.internalPort }}
             initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
             periodSeconds: {{ .Values.readiness.periodSeconds }}
-          volumeMounts:
-          - name: ocomp-pem
-            mountPath: "/etc/lighttpd/ocomp.pem"
-            subPath: ocomp.pem
+          volumeMounts: {{- include "common.certInitializer.volumeMount" . | nindent 10 }}
+          - name: lighttpd
+            mountPath: "/etc/lighttpd/lighttpd.conf"
+            subPath: lighttpd.conf
             readOnly: true
           env:
             - name: OPEN_CLI_MODE
@@ -74,9 +75,9 @@ spec:
         affinity:
 {{ toYaml .Values.affinity | indent 10 }}
         {{- end }}
-      volumes:
-      - name: ocomp-pem
-        secret:
-          secretName: ocomp-pem
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
+      - name: lighttpd
+        configMap:
+          name: {{ include "common.fullname" . }}-lighttpd
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/cli/templates/secrets.yaml b/kubernetes/cli/templates/secrets.yaml
deleted file mode 100644
index 213b709026..0000000000
--- a/kubernetes/cli/templates/secrets.yaml
+++ /dev/null
@@ -1,31 +0,0 @@
-{{/*
-# Copyright 2020 Huawei Technologies Co., Ltd.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Secret
-metadata:
-  name: ocomp-pem
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-  ocomp.pem:
-{{ tpl (.Files.Glob "resources/certificates/ocomp.pem").AsSecrets . | indent 2 }}
-
-- 
cgit 1.2.3-korg