From 2774ab11649e08d79afe67ebfcdddf68f0a2ab84 Mon Sep 17 00:00:00 2001 From: "k.kedron" Date: Thu, 26 Mar 2020 11:13:46 +0100 Subject: Updated sdc cert. Updated truststore/keystore password for sdc cert. Added truststore/keystore password to chef AUTO.json. Updated deployment.yaml files to mount the cert files. Issue-ID: SDC-2855 Signed-off-by: Krystian Kedron Change-Id: Ifd0d45cc591a0624005f86d2e67e3c0bc490efd3 --- .../charts/sdc-dcae-be/templates/deployment.yaml | 40 ++++++++++++++++++++-- 1 file changed, 37 insertions(+), 3 deletions(-) (limited to 'kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml') diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml index 6072148d07..de80c7a0de 100644 --- a/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml @@ -59,7 +59,30 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace - + - name: {{ include "common.name" . }}-update-config + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done" + env: + - name: KEYSTORE_PASS + valueFrom: + secretKeyRef: + name: {{ include "common.release" . }}-sdc-cs-secrets + key: keystore_password + - name: TRUSTSTORE_PASS + valueFrom: + secretKeyRef: + name: {{ include "common.release" . }}-sdc-cs-secrets + key: truststore_password + volumeMounts: + - name: {{ include "common.fullname" . }}-environments + mountPath: /config-input/ + - name: sdc-environments-output + mountPath: /config-output/ containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -91,8 +114,14 @@ spec: fieldRef: fieldPath: status.podIP volumeMounts: - - name: {{ include "common.fullname" . }}-environments + - name: sdc-environments-output mountPath: /var/lib/jetty/chef-solo/environments/ + - name: sdc-cert + mountPath: /var/lib/jetty/chef-solo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.p12 + subPath: org.onap.sdc.p12 + - name: sdc-cert + mountPath: /var/lib/jetty/chef-solo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.trust.jks + subPath: org.onap.sdc.trust.jks - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true @@ -132,6 +161,9 @@ spec: - name: {{ include "common.fullname" . }}-localtime hostPath: path: /etc/localtime + - name: sdc-cert + secret: + secretName: sdc-cert - name: {{ include "common.fullname" . }}-filebeat-conf configMap: name: {{ include "common.release" . }}-sdc-filebeat-configmap @@ -144,7 +176,9 @@ spec: configMap: name: {{ include "common.release" . }}-sdc-environments-configmap defaultMode: 0755 - - name: {{ include "common.fullname" . }}-logs + - name: sdc-environments-output + emptyDir: { medium: "Memory" } + - name: {{ include "common.fullname" . }}-logs emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" -- cgit 1.2.3-korg