From 95dc1c9693b60b828fe5d6884933c2054d815e6a Mon Sep 17 00:00:00 2001
From: Ramesh Parthasarathy <ramesh.parthasarathy@att.com>
Date: Wed, 5 Feb 2020 17:02:28 +0000
Subject: These OOM changes are related AAF Integration

Here we have the ability to optionally disable AAF integration.
A global variable global.security.aaf.enabled=true
will turn on AAF security. with global.security.aaf.enabled=false
it will use spring.security to ensure backward compatibilty. updated
based on review comments

Issue-ID: SO-2452
Signed-off-by: Ramesh Parthasarathy(rp6768)<ramesh.parthasarathy@att.com>
Change-Id: Ia83622ad681cfd122ee906ccd1654b10b5e31fe4
---
 .../so-sdnc-adapter/templates/deployment.yaml      | 27 ++++++++++++++--------
 1 file changed, 17 insertions(+), 10 deletions(-)

(limited to 'kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml')

diff --git a/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml b/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml
index ab489160fc..5c7f3ab0ca 100755
--- a/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml
+++ b/kubernetes/so/charts/so-sdnc-adapter/templates/deployment.yaml
@@ -70,6 +70,22 @@ spec:
             secretKeyRef:
               name: {{ include "common.release" . }}-so-db-secrets
               key: mariadb.admin.password
+         {{- if eq .Values.global.security.aaf.enabled true }}
+        - name: TRUSTSTORE
+          value: /app/org.onap.so.trust.jks
+        - name: TRUSTSTORE_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name}}-so-client-certs-secret
+              key: trustStorePassword
+        - name: KEYSTORE
+          value: /app/org.onap.so.jks
+        - name: KEYSTORE_PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: {{ .Release.Name}}-so-client-certs-secret
+              key: keyStorePassword
+        {{- end }}
         envFrom:
         - configMapRef:
             name: {{ include "common.fullname" . }}-configmap
@@ -80,16 +96,7 @@ spec:
         - name: config
           mountPath: /app/config
           readOnly: true
-        livenessProbe:
-          httpGet:
-            path: {{- index .Values.livenessProbe.path|indent 2}}
-            port: {{ index .Values.containerPort }}
-            scheme: {{- index .Values.livenessProbe.scheme| indent 2}}
-          initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
-          periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
-          timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}}
-          successThreshold: {{ index .Values.livenessProbe.successThreshold}}
-          failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
+{{ include "helpers.livenessProbe" .| indent 8 }}
         ports:
         - containerPort: {{ index .Values.containerPort }}
           name: {{ .Values.service.portName }}
-- 
cgit 1.2.3-korg