From 95a5f84069703c583e49028b37003c73c03cc07d Mon Sep 17 00:00:00 2001 From: Krzysztof Opasiak Date: Wed, 6 May 2020 23:27:18 +0200 Subject: [COMMON] Override truststore in aaf_agent image aaf_agent image currently contains hardcoded truststores in order to be able to connect to certman to retrieve certificate for given component. The goal is to remove hardcoded truststore from aaf_agent immage but first we need to be sure that all its users are able to provide the truststore to the pod as a configmap. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak Change-Id: Ibe9de6ad7264c05aeca2af858918fc2b4d3a772b --- .../common/certInitializer/templates/_certInitializer.yaml | 11 +++++++++++ kubernetes/common/certInitializer/templates/configmap.yaml | 9 ++++++++- 2 files changed, 19 insertions(+), 1 deletion(-) (limited to 'kubernetes/common/certInitializer/templates') diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml index e4a878b420..0e0f339e11 100644 --- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml +++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml @@ -67,6 +67,12 @@ volumeMounts: - mountPath: {{ $initRoot.mountPath }} name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }} + - mountPath: /opt/app/aaf_config/cert/truststoreONAPall.jks.b64 + name: aaf-agent-certs + subPath: truststoreONAPall.jks.b64 + - mountPath: /opt/app/aaf_config/cert/truststoreONAP.p12.b64 + name: aaf-agent-certs + subPath: truststoreONAP.p12.b64 {{- if $initRoot.aaf_add_config }} - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }} mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh @@ -127,6 +133,11 @@ configMap: name: {{ include "common.fullname" $subchartDot }}-add-config defaultMode: 0700 +- name: aaf-agent-certs + configMap: + name: {{ include "common.fullname" $subchartDot }}-certs + defaultMode: 0700 + {{- end -}} {{- end -}} diff --git a/kubernetes/common/certInitializer/templates/configmap.yaml b/kubernetes/common/certInitializer/templates/configmap.yaml index 640dafd67e..a89a33152b 100644 --- a/kubernetes/common/certInitializer/templates/configmap.yaml +++ b/kubernetes/common/certInitializer/templates/configmap.yaml @@ -22,4 +22,11 @@ metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . ) data: aaf-add-config.sh: | {{ tpl .Values.aaf_add_config . | indent 4 }} -{{- end -}} +{{- end }} +--- +apiVersion: v1 +kind: ConfigMap +{{- $suffix := "certs" }} +metadata: {{- include "common.resourceMetadata" (dict "suffix" $suffix "dot" . ) | nindent 2 }} +data: +{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }} -- cgit 1.2.3-korg