From 42177a154d827dd1fddea3a451597c7708b65b6e Mon Sep 17 00:00:00 2001
From: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Date: Thu, 10 Dec 2020 13:10:15 +0100
Subject: [COMMON] Add template for CertServiceClient

Create generic template to simplify CertServiceClient use

Issue-ID: OOM-2568
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Change-Id: I4fb9829b27b1dd13a9e7a098f807710cc5648438
---
 kubernetes/sdnc/templates/statefulset.yaml | 63 +++---------------------------
 1 file changed, 6 insertions(+), 57 deletions(-)

(limited to 'kubernetes/sdnc/templates')

diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index 63b56f87a9..b668fd8e4d 100644
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml
@@ -1,6 +1,7 @@
 {{/*
 # Copyright © 2020 Samsung Electronics
 # Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2021 Nokia
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -98,50 +99,8 @@ spec:
         name: {{ include "common.name" . }}-readiness
         {{ end -}}
 {{ include "common.certInitializer.initContainer" . | indent 6 }}
-
-      {{ if .Values.global.cmpv2Enabled }}
-      - name: certs-init
-        image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.platform.certServiceClient.image }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        env:
-          - name: REQUEST_URL
-            value: {{ .Values.global.platform.certServiceClient.envVariables.requestURL }}
-          - name: REQUEST_TIMEOUT
-            value: "30000"
-          - name: OUTPUT_PATH
-            value: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
-          - name: CA_NAME
-            value: {{ .Values.global.platform.certServiceClient.envVariables.caName }}
-          - name: COMMON_NAME
-            value: {{ .Values.global.platform.certServiceClient.envVariables.common_name }}
-          - name: ORGANIZATION
-            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Organization }}
-          - name: ORGANIZATION_UNIT
-            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }}
-          - name: LOCATION
-            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Location }}
-          - name: STATE
-            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2State }}
-          - name: COUNTRY
-            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Country }}
-          - name: KEYSTORE_PATH
-            value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePath }}
-          - name: KEYSTORE_PASSWORD
-            value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePassword }}
-          - name: TRUSTSTORE_PATH
-            value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePath }}
-          - name: TRUSTSTORE_PASSWORD
-            value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePassword }}
-        terminationMessagePath: /dev/termination-log
-        terminationMessagePolicy: File
-        volumeMounts:
-          - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
-            name: certs
-          - mountPath: {{ .Values.global.platform.certServiceClient.secret.mountPath }}
-            name: certservice-tls-volume
-      {{ end }}
-
-      - name: {{ include "common.name" . }}-init-files
+{{ include "common.certServiceClient.initContainer" . | indent 6 }}
+      - name: {{ include "common.name" . }}-chown
         image: {{ include "repositoryGenerator.image.busybox" . }}
         command:
         - sh
@@ -150,7 +109,7 @@ spec:
         - |
            mkdir {{ .Values.persistence.mdsalPath }}/daexim
            mkdir {{ .Values.persistence.mdsalPath }}/journal
-           mkdir {{ .Values.persistence.mdsalPath }}/snapshots 
+           mkdir {{ .Values.persistence.mdsalPath }}/snapshots
            chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.persistence.mdsalPath }}
 {{- if .Values.global.aafEnabled }}
            chown -R {{ .Values.config.odlUid }}:{{ .Values.config.odlGid}} {{ .Values.certInitializer.credsPath }}
@@ -236,6 +195,7 @@ spec:
 
           volumeMounts:
 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
+{{ include "common.certServiceClient.volumeMounts" . | indent 10 }}
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
@@ -294,10 +254,6 @@ spec:
           - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties
             name: properties
             subPath: mountpoint-state-provider.properties
-          {{ if .Values.global.cmpv2Enabled }}
-          - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
-            name: certs
-          {{- end }}
           resources:
 {{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}
@@ -348,19 +304,12 @@ spec:
         - name: properties
           emptyDir:
             medium: Memory
-        {{ if .Values.global.cmpv2Enabled }}
-        - name: certs
-          emptyDir:
-            medium: Memory
-        - name: certservice-tls-volume
-          secret:
-            secretName: {{ .Values.global.platform.certServiceClient.secret.name }}
-        {{- end }}
   {{ if not .Values.persistence.enabled }}
         - name: {{ include "common.fullname" . }}-data
           emptyDir: {}
   {{ else }}
 {{ include "common.certInitializer.volumes" . | nindent 8 }}
+{{ include "common.certServiceClient.volumes" . | nindent 8 }}
   volumeClaimTemplates:
   - metadata:
       name: {{ include "common.fullname" . }}-data
-- 
cgit 1.2.3-korg