From 3267293a468d65a8bae755da77d2a48a9e25663a Mon Sep 17 00:00:00 2001 From: Piotr Marcinkiewicz Date: Fri, 26 Mar 2021 13:06:35 +0100 Subject: [PLATFORM] Generate Cert-Service certs with Cert-Manager Utilize Cert-Manager to secure communication between Cert-Service and its clients, adjust templates and configs. Issue-ID: OOM-2712 Signed-off-by: Piotr Marcinkiewicz Change-Id: I96426b1a184b4d254575e76d29214d9deda08cce Signed-off-by: Remigiusz Janeczek --- .../resources/config/plugins/k8s-plugin.json | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) (limited to 'kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/plugins') diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/plugins/k8s-plugin.json b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/plugins/k8s-plugin.json index 6018abe309..3c769fca5f 100644 --- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/plugins/k8s-plugin.json +++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/resources/config/plugins/k8s-plugin.json @@ -44,14 +44,18 @@ "image_tag": "{{ include "repositoryGenerator.repository" . }}/{{ .Values.cmpv2Config.global.platform.certServiceClient.image }}", "request_url": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.requestURL }}", "timeout": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.requestTimeout }}", - "country": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.cmpv2Country }}", - "organization": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.cmpv2Organization }}", - "state": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.cmpv2State }}", - "organizational_unit": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }}", - "location": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.cmpv2Location }}", - "cert_secret_name": "{{ .Values.cmpv2Config.global.platform.certServiceClient.secretName }}", - "keystore_password": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.keystorePassword }}", - "truststore_password": "{{ .Values.cmpv2Config.global.platform.certServiceClient.envVariables.truststorePassword }}" + "country": "{{ .Values.cmpv2Config.global.certificate.default.subject.country }}", + "organization": "{{ .Values.cmpv2Config.global.certificate.default.subject.organization }}", + "state": "{{ .Values.cmpv2Config.global.certificate.default.subject.province }}", + "organizational_unit": "{{ .Values.cmpv2Config.global.certificate.default.subject.organizationalUnit }}", + "location": "{{ .Values.cmpv2Config.global.certificate.default.subject.locality }}", + "cert_secret_name": "{{ .Values.cmpv2Config.global.platform.certificates.clientSecretName }}", + "keystore_secret_key": "{{ .Values.cmpv2Config.global.platform.certificates.keystoreKeyRef }}", + "truststore_secret_key": "{{ .Values.cmpv2Config.global.platform.certificates.truststoreKeyRef }}", + "keystore_password_secret_name": "{{ .Values.cmpv2Config.global.platform.certificates.keystorePasswordSecretName }}", + "keystore_password_secret_key": "{{ .Values.cmpv2Config.global.platform.certificates.keystorePasswordSecretKey }}", + "truststore_password_secret_name": "{{ .Values.cmpv2Config.global.platform.certificates.truststorePasswordSecretName }}", + "truststore_password_secret_key": "{{ .Values.cmpv2Config.global.platform.certificates.truststorePasswordSecretKey }}" }, "cert_post_processor": { "image_tag": "{{ include "repositoryGenerator.repository" . }}/{{ .Values.cmpv2Config.global.platform.certPostProcessor.image }}" -- cgit 1.2.3-korg