From 8e9f8bda5bac4ea122f130de6a20fd3e179bb2b2 Mon Sep 17 00:00:00 2001 From: jhh Date: Fri, 10 Jul 2020 13:14:58 -0500 Subject: [POLICY] tomcat security upgrade legacy components Cert stores password support for APEX component in frankfurt (POLICY-2633). Issue-ID: POLICY-2678 Signed-off-by: jhh Change-Id: Ic7bda77f0ecc59109bc0263eeb1d7c630d326128 Signed-off-by: jhh --- .../policy/charts/policy-apex-pdp/templates/statefulset.yaml | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml') diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml index 35f8aacb40..2e6a08c487 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml @@ -1,5 +1,6 @@ # ============LICENSE_START======================================================= # Copyright (C) 2018 Ericsson. All rights reserved. +# Modifications Copyright (C) 2020 Nordix Foundation. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -43,10 +44,8 @@ spec: - sh args: - -c - - "export TRUSTSTORE_PASSWORD_BASE64=`echo -n ${TRUSTSTORE_PASSWORD} | base64`; cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done" + - "cd /config-input && for PFILE in `ls -1`; do envsubst <${PFILE} >/config/${PFILE}; done" env: - - name: TRUSTSTORE_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-pass" "key" "password") | indent 10 }} - name: RESTSERVER_USER {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "restserver-creds" "key" "login") | indent 10 }} - name: RESTSERVER_PASSWORD @@ -84,6 +83,10 @@ spec: env: - name: REPLICAS value: "{{ .Values.replicaCount }}" + - name: KEYSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-pass" "key" "password") | indent 12 }} + - name: TRUSTSTORE_PASSWORD + {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "truststore-pass" "key" "password") | indent 12 }} volumeMounts: - mountPath: /etc/localtime name: localtime -- cgit 1.2.3-korg