From 0df1f8ec5332651b5ce2731dd25ee2319f393b4f Mon Sep 17 00:00:00 2001 From: seshukm Date: Mon, 17 Aug 2020 21:45:49 +0530 Subject: [SO] move subcharts to components folder Move subcharts to components folder in order to be able to enable/disable them one by one. Also use certInitializer to retrieve truststore in order to be able to discuss with other ONAP components. Issue-ID: SO-2046 Change-Id: Ia5c2a590a2ad75e4b69be0748e9d79fda996af37 Signed-off-by: seshukm Signed-off-by: Sylvain Desbureaux --- .../components/soHelpers/templates/_cadiValues.tpl | 21 ++++++++ .../soHelpers/templates/_certificates.tpl | 58 ++++++++++++++++++++++ .../soHelpers/templates/_livenessProbe.tpl | 20 ++++++++ .../soHelpers/templates/_profileProperty.tpl | 3 ++ 4 files changed, 102 insertions(+) create mode 100644 kubernetes/so/components/soHelpers/templates/_cadiValues.tpl create mode 100644 kubernetes/so/components/soHelpers/templates/_certificates.tpl create mode 100644 kubernetes/so/components/soHelpers/templates/_livenessProbe.tpl create mode 100644 kubernetes/so/components/soHelpers/templates/_profileProperty.tpl (limited to 'kubernetes/so/components/soHelpers/templates') diff --git a/kubernetes/so/components/soHelpers/templates/_cadiValues.tpl b/kubernetes/so/components/soHelpers/templates/_cadiValues.tpl new file mode 100644 index 0000000000..d16b4f7cf8 --- /dev/null +++ b/kubernetes/so/components/soHelpers/templates/_cadiValues.tpl @@ -0,0 +1,21 @@ +{{- define "so.cadi.keys" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} +cadiLoglevel: {{ $initRoot.cadi.logLevel }} +cadiKeyFile: {{ $initRoot.certInitializer.credsPath }}/{{ $initRoot.aaf.keyFile }} +cadiTrustStore: {{ $initRoot.certInitializer.credsPath }}/{{ $initRoot.aaf.trustore }} +cadiTruststorePassword: ${TRUSTSTORE_PASSWORD} +cadiLatitude: {{ $initRoot.cadi.latitude }} +cadiLongitude: {{ $initRoot.cadi.longitude }} +aafEnv: {{ $initRoot.cadi.aafEnv }} +aafApiVersion: {{ $initRoot.cadi.aafApiVersion }} +aafRootNs: {{ $initRoot.cadi.aafRootNs }} +aafId: {{ $initRoot.cadi.aafId }} +aafPassword: {{ $initRoot.cadi.aafPassword }} +aafLocateUrl: {{ $initRoot.cadi.aafLocateUrl }} +aafUrl: {{ $initRoot.cadi.aafUrl }} +apiEnforcement: {{ $initRoot.cadi.apiEnforcement }} +{{- if ($initRoot.cadi.noAuthn) }} +noAuthn: {{ $initRoot.cadi.noAuthn }} +{{- end }} +{{- end }} diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl new file mode 100644 index 0000000000..fa25ba5177 --- /dev/null +++ b/kubernetes/so/components/soHelpers/templates/_certificates.tpl @@ -0,0 +1,58 @@ +{{- define "so.certificate.container_importer" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} +{{ include "common.certInitializer.initContainer" $subchartDot }} +{{- if $dot.Values.global.aafEnabled }} +- name: {{ include "common.name" $dot }}-msb-cert-importer + image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.aafAgentImage }}" + imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} + command: + - "/bin/sh" + args: + - "-c" + - | + export $(grep '^c' {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) + keytool -import -trustcacerts -alias msb_root -file \ + /certificates/msb-ca.crt -keystore \ + "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \ + -keypass $cadi_truststore_password -noprompt + volumeMounts: + {{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }} + - name: {{ include "common.name" $dot }}-msb-certificate + mountPath: /certificates +{{- end }} +{{- end -}} + +{{- define "so.certificate.volumes" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} +{{ include "common.certInitializer.volumes" $subchartDot }} +{{- if $dot.Values.global.aafEnabled }} +- name: {{ include "common.name" $dot }}-msb-certificate + secret: + secretName: {{ include "common.secret.getSecretNameFast" (dict "global" $subchartDot "uid" "so-onap-certs") }} +{{- end }} +{{- end -}} + +{{- define "so.certificate.volumeMount" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} +{{ include "common.certInitializer.volumeMount" $subchartDot }} +{{- end -}} + +{{- define "so.certificates.env" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} +{{- if $dot.Values.global.aafEnabled }} +- name: TRUSTSTORE + value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }} +{{- if $dot.Values.global.security.aaf.enabled }} +- name: KEYSTORE + value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.jks +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/so/components/soHelpers/templates/_livenessProbe.tpl b/kubernetes/so/components/soHelpers/templates/_livenessProbe.tpl new file mode 100644 index 0000000000..cde94742c6 --- /dev/null +++ b/kubernetes/so/components/soHelpers/templates/_livenessProbe.tpl @@ -0,0 +1,20 @@ +{{- define "so.helpers.livenessProbe" -}} +{{- $dot := default . .dot -}} +{{- $initRoot := default $dot.Values.soHelpers .initRoot -}} +{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} +livenessProbe: + httpGet: + path: {{ $subchartDot.Values.livenessProbe.path }} + port: {{ $subchartDot.Values.containerPort }} + scheme: {{ $subchartDot.Values.livenessProbe.scheme }} + {{- if $subchartDot.Values.global.security.aaf.enabled }} + httpHeaders: + - name: Authorization + value: {{ $subchartDot.Values.global.aaf.auth.header }} + {{- end }} + initialDelaySeconds: {{ $subchartDot.Values.livenessProbe.initialDelaySeconds }} + periodSeconds: {{ $subchartDot.Values.livenessProbe.periodSeconds }} + timeoutSeconds: {{ $subchartDot.Values.livenessProbe.timeoutSeconds }} + successThreshold: {{ $subchartDot.Values.livenessProbe.successThreshold }} + failureThreshold: {{ $subchartDot.Values.livenessProbe.failureThreshold }} +{{- end -}} diff --git a/kubernetes/so/components/soHelpers/templates/_profileProperty.tpl b/kubernetes/so/components/soHelpers/templates/_profileProperty.tpl new file mode 100644 index 0000000000..56910ebebd --- /dev/null +++ b/kubernetes/so/components/soHelpers/templates/_profileProperty.tpl @@ -0,0 +1,3 @@ +{{- define "so.helpers.profileProperty" -}} + {{ if .condition }}{{ .value1 }}{{ else }}{{ .value2 }}{{ end }} +{{- end -}} -- cgit 1.2.3-korg