From bd94a04227a235319b3246e52cadc7c1e96f9c22 Mon Sep 17 00:00:00 2001
From: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Date: Mon, 19 Apr 2021 16:00:49 +0200
Subject: [COMMON][CERTS] Allow to provide custom certs easily

Instead of mandating to provide custom certificates before creation of
helm packages, let's propose to include certificates from a known
secret or configmap.
The current implementation will first search for secret and if not
provided will look for configmap.

Issue-ID: OOM-2731
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: If2f90adc18efe59c0516db9409964a236bd17a66
---
 kubernetes/common/cert-wrapper/resources/import-custom-certs.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'kubernetes/common/cert-wrapper')

diff --git a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
index d955ecdf3c..ec1ce944c9 100755
--- a/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
+++ b/kubernetes/common/cert-wrapper/resources/import-custom-certs.sh
@@ -17,6 +17,7 @@
 */}}
 
 CERTS_DIR=${CERTS_DIR:-/certs}
+MORE_CERTS_DIR=${MORE_CERTS_DIR:-/more_certs}
 WORK_DIR=${WORK_DIR:-/updatedTruststore}
 ONAP_TRUSTSTORE=${ONAP_TRUSTSTORE:-truststoreONAPall.jks}
 JRE_TRUSTSTORE=${JRE_TRUSTSTORE:-$JAVA_HOME/lib/security/cacerts}
@@ -47,6 +48,13 @@ for f in $CERTS_DIR/*; do
   fi
 done
 
+for f in $MORE_CERTS_DIR/*; do
+  if [ ${f: -4} == ".pem" ]
+    then
+      cp $f $WORK_DIR/.
+  fi
+done
+
 # Prepare truststore output file
 if [ "$AAF_ENABLED" = "true" ]
   then
-- 
cgit 1.2.3-korg