From 2774ab11649e08d79afe67ebfcdddf68f0a2ab84 Mon Sep 17 00:00:00 2001 From: "k.kedron" Date: Thu, 26 Mar 2020 11:13:46 +0100 Subject: Updated sdc cert. Updated truststore/keystore password for sdc cert. Added truststore/keystore password to chef AUTO.json. Updated deployment.yaml files to mount the cert files. Issue-ID: SDC-2855 Signed-off-by: Krystian Kedron Change-Id: Ifd0d45cc591a0624005f86d2e67e3c0bc490efd3 --- .../sdc/charts/sdc-fe/templates/deployment.yaml | 39 ++++++++++++++++++++-- 1 file changed, 37 insertions(+), 2 deletions(-) (limited to 'kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml') diff --git a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml index 8e19489f9a..7a11ef927e 100644 --- a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml +++ b/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml @@ -46,6 +46,30 @@ spec: fieldRef: apiVersion: v1 fieldPath: metadata.namespace + - name: {{ include "common.name" . }}-update-config + image: "{{ .Values.global.envsubstImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - sh + args: + - -c + - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done" + env: + - name: KEYSTORE_PASS + valueFrom: + secretKeyRef: + name: {{ include "common.release" . }}-sdc-cs-secrets + key: keystore_password + - name: TRUSTSTORE_PASS + valueFrom: + secretKeyRef: + name: {{ include "common.release" . }}-sdc-cs-secrets + key: truststore_password + volumeMounts: + - name: {{ include "common.fullname" . }}-environments + mountPath: /config-input/ + - name: sdc-environments-output + mountPath: /config-output/ containers: - name: {{ include "common.name" . }} image: "{{ include "common.repository" . }}/{{ .Values.image }}" @@ -79,8 +103,14 @@ spec: - name: JAVA_OPTIONS value: {{ .Values.config.javaOptions }} volumeMounts: - - name: {{ include "common.fullname" . }}-environments + - name: sdc-environments-output mountPath: /var/lib/jetty/chef-solo/environments/ + - name: sdc-cert + mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12 + subPath: org.onap.sdc.p12 + - name: sdc-cert + mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks + subPath: org.onap.sdc.trust.jks - name: {{ include "common.fullname" . }}-localtime mountPath: /etc/localtime readOnly: true @@ -112,6 +142,9 @@ spec: - name: {{ include "common.fullname" . }}-localtime hostPath: path: /etc/localtime + - name: sdc-cert + secret: + secretName: sdc-cert - name: {{ include "common.fullname" . }}-filebeat-conf configMap: name: {{ include "common.release" . }}-sdc-filebeat-configmap @@ -128,7 +161,9 @@ spec: configMap: name: {{ include "common.release" . }}-sdc-environments-configmap defaultMode: 0755 - - name: {{ include "common.fullname" . }}-logs + - name: sdc-environments-output + emptyDir: { medium: "Memory" } + - name: {{ include "common.fullname" . }}-logs emptyDir: {} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" -- cgit 1.2.3-korg