From 595710111489903aa963c028c364584cb5bebaa4 Mon Sep 17 00:00:00 2001
From: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Date: Tue, 12 Jan 2021 17:37:08 +0100
Subject: [COMMON] Create certManagerCertificate chart

- Create certManagerCertificate chart for Certificate template
- Change default values for duration and renewBefore
- Add creation Secret with keystore password
- Use template in SDNC (add volumes and volumesMounts)

Issue-ID: OOM-2568
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: Ib70d91b599fa6813ed0a6d5b96206508f2fdafcf
---
 kubernetes/sdnc/requirements.yaml           |  3 +++
 kubernetes/sdnc/templates/certificates.yaml |  6 +++---
 kubernetes/sdnc/templates/statefulset.yaml  |  6 ++++++
 kubernetes/sdnc/values.yaml                 | 20 ++++++++------------
 4 files changed, 20 insertions(+), 15 deletions(-)

(limited to 'kubernetes/sdnc')

diff --git a/kubernetes/sdnc/requirements.yaml b/kubernetes/sdnc/requirements.yaml
index f58ecb16be..27b68df4ee 100644
--- a/kubernetes/sdnc/requirements.yaml
+++ b/kubernetes/sdnc/requirements.yaml
@@ -24,6 +24,9 @@ dependencies:
   - name: cmpv2Certificate
     version: ~7.x-0
     repository: '@local'
+  - name: certManagerCertificate
+    version: ~7.x-0
+    repository: '@local'
   - name: logConfiguration
     version: ~7.x-0
     repository: '@local'
diff --git a/kubernetes/sdnc/templates/certificates.yaml b/kubernetes/sdnc/templates/certificates.yaml
index dda16176a5..c4eca61e35 100644
--- a/kubernetes/sdnc/templates/certificates.yaml
+++ b/kubernetes/sdnc/templates/certificates.yaml
@@ -1,5 +1,5 @@
 {{/*
-# Copyright © 2020 Nokia
+# Copyright © 2020-2021 Nokia
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -14,6 +14,6 @@
 # limitations under the License.
 */}}
 
-{{ if .Values.global.CMPv2CertManagerIntegration }}
-{{ include "common.certificate" . }}
+{{ if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "certManagerCertificate.certificate" . }}
 {{ end }}
diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index 2158fefe19..51c50e4fec 100644
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml
@@ -203,6 +203,9 @@ spec:
           volumeMounts:
 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
 {{ include "common.certServiceClient.volumeMounts" . | indent 10 }}
+{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certManager.volumeMounts" . | indent 10 }}
+{{- end }}
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
@@ -317,6 +320,9 @@ spec:
   {{ else }}
 {{ include "common.certInitializer.volumes" . | nindent 8 }}
 {{ include "common.certServiceClient.volumes" . | nindent 8 }}
+{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certManager.volumes" . | nindent 8 }}
+{{- end }}
   volumeClaimTemplates:
   - metadata:
       name: {{ include "common.fullname" . }}-data
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index c02d5592e6..efc13e92e6 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -117,10 +117,6 @@ secrets:
     login: '{{ .Values.config.scaleoutUser }}'
     password: '{{ .Values.config.scaleoutPassword }}'
     passwordPolicy: required
-  - uid: keystore-password
-    type: password
-    password: secret
-    passwordPolicy: required
 #################################################################
 # Certificates
 #################################################################
@@ -129,16 +125,16 @@ certificates:
     commonName: sdnc.simpledemo.onap.org
     dnsNames:
         - sdnc.simpledemo.onap.org
-    p12Keystore:
-      create: true
-      passwordSecretRef:
-        name: keystore-password
-        key: password
-    jksKeystore:
-      create: true
+    keystore:
+      outputType:
+        - jks
       passwordSecretRef:
-        name: keystore-password
+        name: sdnc-cmpv2-keystore-password
         key: password
+    issuer:
+      group: certmanager.onap.org
+      kind: CMPv2Issuer
+      name: cmpv2-issuer-onap
 #################################################################
 # Application configuration defaults.
 #################################################################
-- 
cgit 1.2.3-korg