From 27578339f9152a1a1ea24f01cdd3b83e95287685 Mon Sep 17 00:00:00 2001
From: egernug <gerard.nugent@est.tech>
Date: Thu, 26 Mar 2020 10:27:55 +0000
Subject: [SDNC] Deploy external TLC cert in ODL

Changes for 111973

Issue-ID: SDNC-1136
Signed-off-by: esobmar <mariusz.sobucki@est.tech>
Change-Id: If185ee3658b8f51a969bb3505f8bfb163cfea2a3
Signed-off-by: egernug <gerard.nugent@est.tech>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
[Access EJBCA secret from cert service]
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
---
 kubernetes/sdnc/values.yaml | 41 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 41 insertions(+)

(limited to 'kubernetes/sdnc/values.yaml')

diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 244a7d5d9a..8745c0a1dc 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -35,6 +35,31 @@ global:
     service: mariadb-galera
     internalPort: 3306
     nameOverride: mariadb-galera
+  # Enabling CMPv2
+  cmpv2Enabled: true
+  platform:
+    certServiceClient:
+      image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.0.0
+      secret:
+        name: oom-cert-service-client-tls-secret
+        mountPath: /etc/onap/oom/certservice/certs/
+      envVariables:
+        # Certificate related
+        cert_path: /var/custom-certs
+        cmpv2Organization: "Linux-Foundation"
+        cmpv2OrganizationalUnit: "ONAP"
+        cmpv2Location: "San-Francisco"
+        cmpv2Country: "US"
+        # Client configuration related
+        caName: "RA"
+        common_name: "sdnc.simpledemo.onap.org"
+        requestURL: "https://oom-cert-service:8443/v1/certificate/"
+        requestTimeout: "30000"
+        keystorePath: "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks"
+        outputType: "P12"
+        keystorePassword: "secret"
+        truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks"
+        truststorePassword: "secret"
 
 #################################################################
 # Secrets metaconfig
@@ -406,6 +431,22 @@ persistence:
   mountSubPath: sdnc/mdsal
   mdsalPath: /opt/opendaylight/current/daexim
 
+certpersistence:
+  enabled: true
+
+  ## A manually managed Persistent Volume and Claim
+  ## Requires persistence.enabled: true
+  ## If defined, PVC must be created manually before volume will be bound
+  # existingClaim:
+
+  volumeReclaimPolicy: Retain
+  accessMode: ReadWriteOnce
+  size: 50Mi
+  mountPath: /dockerdata-nfs
+  mountSubPath: sdnc/certs
+  certPath: /opt/app/osaaf
+  ##storageClass: "manual"
+
 ingress:
   enabled: false
   service:
-- 
cgit 1.2.3-korg