From d311405bf25785e15b206f41eb98921713a990f3 Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Date: Tue, 23 Feb 2021 16:45:52 +0100 Subject: [SO] Simplify cert retrieval script As retrieving values is now done via a generic script, let's clean a little bit cert retrieval in order to remove unneeded part. Also, as MSB is now using certInitialize, we don't need to onboard it's certificate. Issue-ID: OOM-2688 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: I5b8ed861ab94b97f2de0d52a4e4385b97a4f5afc --- .../soHelpers/templates/_certificates.tpl | 39 ---------------------- 1 file changed, 39 deletions(-) (limited to 'kubernetes/so/components/soHelpers/templates') diff --git a/kubernetes/so/components/soHelpers/templates/_certificates.tpl b/kubernetes/so/components/soHelpers/templates/_certificates.tpl index c5232e8f48..f5b97d5c25 100644 --- a/kubernetes/so/components/soHelpers/templates/_certificates.tpl +++ b/kubernetes/so/components/soHelpers/templates/_certificates.tpl @@ -3,40 +3,6 @@ {{- $initRoot := default $dot.Values.soHelpers .initRoot -}} {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} {{ include "common.certInitializer.initContainer" $subchartDot }} -{{- if $dot.Values.global.aafEnabled }} -- name: {{ include "common.name" $dot }}-msb-cert-importer - image: {{ include "repositoryGenerator.repository" $subchartDot }}/{{ $dot.Values.global.aafAgentImage }} - imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} - command: - - "/bin/sh" - args: - - "-c" - - | - export $(grep '^c' {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) - keytool -import -trustcacerts -alias msb_root -file \ - /certificates/msb-ca.crt -keystore \ - "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \ - -storepass $cadi_truststore_password -noprompt - export EXIT_VALUE=$? - if [ "${EXIT_VALUE}" != "0" ] - then - echo "issue with password: $cadi_truststore_password" - ls -lh {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop - cat {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop - exit $EXIT_VALUE - else - keytool -importkeystore -srckeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/truststoreONAPall.jks" \ - -srcstorepass {{ $subchartDot.Values.certInitializer.trustStoreAllPass }} \ - -destkeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \ - -deststorepass $cadi_truststore_password -noprompt - export EXIT_VALUE=$? - fi - exit $EXIT_VALUE - volumeMounts: - {{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }} - - name: {{ include "common.name" $dot }}-msb-certificate - mountPath: /certificates -{{- end }} {{- end -}} {{- define "so.certificate.volumes" -}} @@ -44,11 +10,6 @@ {{- $initRoot := default $dot.Values.soHelpers .initRoot -}} {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} {{ include "common.certInitializer.volumes" $subchartDot }} -{{- if $dot.Values.global.aafEnabled }} -- name: {{ include "common.name" $dot }}-msb-certificate - secret: - secretName: {{ include "common.secret.getSecretNameFast" (dict "global" $subchartDot "uid" "so-onap-certs") }} -{{- end }} {{- end -}} {{- define "so.certificate.volumeMount" -}} -- cgit 1.2.3-korg