From d1ca1ee8e3816ca94621f4f9c619ee7c9d52b353 Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Tue, 7 Apr 2020 14:52:20 +0200 Subject: [Contrib] Add EJBCA Server EJBCA Server is used to test that CMPv2 Certificate handling is well done in ONAP. Issue-ID: AAF-1083 Signed-off-by: Sylvain Desbureaux Change-Id: I5e2d25b68b5cd80d3c7bf282ce871dd81e711ff6 --- kubernetes/contrib/components/ejbca/values.yaml | 105 ++++++++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100644 kubernetes/contrib/components/ejbca/values.yaml (limited to 'kubernetes/contrib/components/ejbca/values.yaml') diff --git a/kubernetes/contrib/components/ejbca/values.yaml b/kubernetes/contrib/components/ejbca/values.yaml new file mode 100644 index 0000000000..0db7ca14be --- /dev/null +++ b/kubernetes/contrib/components/ejbca/values.yaml @@ -0,0 +1,105 @@ +# Copyright © 2020, Nordix Foundation, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +global: + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.1 + mariadbGalera: &mariadbGalera + #This flag allows EJBCA to instantiate its own mariadb-galera cluster + localCluster: false + service: mariadb-galera + internalPort: 3306 + nameOverride: mariadb-galera + +secrets: + - uid: ejbca-db-secret + name: &ejbca-db-secret '{{ include "common.release" . }}-ejbca-db-secret' + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}' + login: '{{ .Values.config.db.userName }}' + password: '{{ .Values.config.db.userPassword }}' + - uid: ejbca-server-ra-iak + name: '{{ include "common.release" . }}-ejbca-ra-iak' + type: password + password: '{{ .Values.config.ejbca.raIak }}' + - uid: ejbca-server-client-iak + name: '{{ include "common.release" . }}-ejbca-client-iak' + type: password + password: '{{ .Values.config.ejbca.clientIak }}' + +# application configuration +config: + db: + userName: ejbca + # userPassword: password + # userCredentialsExternalSecret: some-secret + ejbca: {} + # raIak: mypassword + # clientIak: mypassword + +mysqlDatabase: &dbName ejbca + +################################################################# +# Application configuration defaults. +################################################################# +# application configuration +replicaCount: 1 + +ejbca: + image: primekey/ejbca-ce:6.15.2.5 +pullPolicy: Always + +mariadb-galera: + # '&mariadbConfig' means we "store" the values for later use in the file + # with '*mariadbConfig' pointer. + config: &mariadbConfig + userCredentialsExternalSecret: *ejbca-db-secret + mysqlDatabase: *dbName + nameOverride: ejbca-galera + service: + name: ejbca-galera + portName: ejbca-galera + internalPort: 3306 + replicaCount: 1 + persistence: + enabled: true + mountSubPath: ejbca/maria/data + +mariadb-init: + config: *mariadbConfig + nameOverride: ejbca-config + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + path: /ejbca/publicweb/healthcheck/ejbcahealth + port: api + initialDelaySeconds: 30 + periodSeconds: 30 + +readiness: + path: /ejbca/publicweb/healthcheck/ejbcahealth + port: api + initialDelaySeconds: 30 + periodSeconds: 30 + +service: + type: ClusterIP + ports: + - name: api + port: 8443 + plain_port: 8080 + port_protocol: http -- cgit 1.2.3-korg