From c80bff934c950c2ad75fe06b0abcc91502f57fdf Mon Sep 17 00:00:00 2001
From: IlanaP <ilanap@amdocs.com>
Date: Mon, 18 Nov 2019 21:10:08 +0200
Subject: Secure FE communications to the workflow backend

Update of the workflow fe and be charts to secure the communications and to start the backend server is https mode with a secured connection to SDC

Issue-ID: OOM-1954

Signed-off-by: IlanaP <ilanap@amdocs.com>
Change-Id: Ia3c4c714e317b8f8b6b4ee9245daa50eea50275f
Signed-off-by: IlanaP <ilanap@amdocs.com>
---
 kubernetes/sdc/charts/sdc-wfd-be/values.yaml | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

(limited to 'kubernetes/sdc/charts/sdc-wfd-be/values.yaml')

diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
index 92903ba96a..68f487674d 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
+++ b/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
@@ -28,13 +28,10 @@ global:
 #################################################################
 # application image
 repository: nexus3.onap.org:10001
-image: onap/workflow-backend:1.5.2
-configInitImage: onap/workflow-init:1.5.2
+image: onap/workflow-backend:1.6.0
+configInitImage: onap/workflow-init:1.6.0
 pullPolicy: Always
 
-# flag to enable debugging - application support required
-debugEnabled: false
-
 initJob:
   enabled: true
 
@@ -43,17 +40,21 @@ config:
   cassandraAuthenticationEnabled: true
   cassandraThriftClientPort: 9160
   cassandraClientPort: 9042
+
   sdcProtocol: HTTPS
   sdcEndpoint: sdc-be:8443
   sdcExternalUser: workflow
-  sdcExternalUserPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-  serverSSLEnabled: false
+
+  serverSSLEnabled: true
+
   serverSSLKeyStoreType: jks
-  serverSSLKeyStorePath: etc/org.onap.sdc.p12
-  serverSSLKeyPassword: "!ppJ.JvWn0hGh)oVF]([Kv)^"
+  serverSSLKeyStorePath: /etc/keystore
+
+  serverSSLTrustStoreType: jks
+  serverSSLTrustStorePath: /etc/truststore
+
   cassandraSSLEnabled: false
-  cassandraTrustStorePath: /etc/cassandra-client-truststore/truststore
-  cassandraTrustStorePassword: password
+  cassandraTrustStorePath: /etc/truststore
 
 # default number of instances
 replicaCount: 1
@@ -76,12 +77,13 @@ readiness:
 
 service:
   type: NodePort
+  portName: sdc-wfd-be
   internalPort: 8080
   externalPort: 8080
   internalPort2: 8443
   externalPort2: 8443
-  portName: sdc-wfd-be
-  nodePort: "57"
+  nodePort: "57" # only one node port. set to http or https port depending on isHttpsEnabled property
+
 
 ingress:
   enabled: false
-- 
cgit 1.2.3-korg