From 0df1f8ec5332651b5ce2731dd25ee2319f393b4f Mon Sep 17 00:00:00 2001
From: seshukm <seshu.kumar.m@huawei.com>
Date: Mon, 17 Aug 2020 21:45:49 +0530
Subject: [SO] move subcharts to components folder

Move subcharts to components folder in order to be able to
enable/disable them one by one.
Also use certInitializer to retrieve truststore in order to be able to
discuss with other ONAP components.

Issue-ID: SO-2046
Change-Id: Ia5c2a590a2ad75e4b69be0748e9d79fda996af37
Signed-off-by: seshukm <seshu.kumar.m@huawei.com>
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
---
 kubernetes/so/templates/_cadiValues.tpl      | 19 -------------
 kubernetes/so/templates/_certificates.tpl    | 32 ----------------------
 kubernetes/so/templates/_livenessProbe.tpl   | 17 ------------
 kubernetes/so/templates/_profileProperty.tpl |  3 --
 kubernetes/so/templates/configmap.yaml       |  2 +-
 kubernetes/so/templates/deployment.yaml      | 41 +++++++++++++---------------
 6 files changed, 20 insertions(+), 94 deletions(-)
 delete mode 100644 kubernetes/so/templates/_cadiValues.tpl
 delete mode 100644 kubernetes/so/templates/_certificates.tpl
 delete mode 100644 kubernetes/so/templates/_livenessProbe.tpl
 delete mode 100644 kubernetes/so/templates/_profileProperty.tpl

(limited to 'kubernetes/so/templates')

diff --git a/kubernetes/so/templates/_cadiValues.tpl b/kubernetes/so/templates/_cadiValues.tpl
deleted file mode 100644
index 426facc4b1..0000000000
--- a/kubernetes/so/templates/_cadiValues.tpl
+++ /dev/null
@@ -1,19 +0,0 @@
-{{- define "cadi.keys" -}}
-cadiLoglevel: DEBUG
-cadiKeyFile: /org.onap.so.keyfile
-cadiTrustStore: /app/org.onap.so.trust.jks
-cadiTruststorePassword: {{ .Values.global.app.cadi.cadiTruststorePassword }}
-cadiLatitude: {{ .Values.global.app.cadi.cadiLatitude }}
-cadiLongitude: {{ .Values.global.app.cadi.cadiLongitude }}
-aafEnv: {{ .Values.global.app.cadi.aafEnv }}
-aafApiVersion: 2.0
-aafRootNs: {{ .Values.global.app.cadi.aafRootNs }}
-aafId: {{ .Values.mso.config.cadi.aafId }}
-aafPassword: {{ .Values.mso.config.cadi.aafPassword }}
-aafLocateUrl: {{ .Values.global.app.cadi.aafLocateUrl }}
-aafUrl: {{ .Values.global.app.cadi.aafUrl }}
-apiEnforcement: {{ .Values.mso.config.cadi.apiEnforcement }}
-{{- if (.Values.global.app.cadi.noAuthn) }}
-noAuthn: {{ .Values.mso.config.cadi.noAuthn }}
-{{- end }}
-{{- end }}
diff --git a/kubernetes/so/templates/_certificates.tpl b/kubernetes/so/templates/_certificates.tpl
deleted file mode 100644
index 8bd25d27a1..0000000000
--- a/kubernetes/so/templates/_certificates.tpl
+++ /dev/null
@@ -1,32 +0,0 @@
-{{- define "so.certificate.container_importer" -}}
-- name: {{ include "common.name" . }}-certs-importer
-  image: "{{ include "common.repository" . }}/{{ .Values.global.soBaseImage }}"
-  imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-  command:
-  - "/bin/sh"
-  args:
-  - "-c"
-  - "update-ca-certificates --fresh && \
-    cp -r {{ .Values.global.certificates.path }}/* /certificates"
-  volumeMounts:
-  - name: {{ include "common.name" . }}-certificates
-    mountPath: /certificates
-  - name: {{ include "common.name" . }}-onap-certificates
-    mountPath: {{ .Values.global.certificates.share_path }}
-{{- end -}}
-
-{{- define "so.certificate.volume-mounts" -}}
-- name: {{ include "common.name" . }}-certificates
-  mountPath: {{ .Values.global.certificates.path }}
-- name: {{ include "common.name" . }}-onap-certificates
-  mountPath: {{ .Values.global.certificates.share_path }}
-{{- end -}}
-
-{{- define "so.certificate.volumes" -}}
-- name: {{ include "common.name" . }}-certificates
-  emptyDir:
-    medium: Memory
-- name: {{ include "common.name" . }}-onap-certificates
-  secret:
-    secretName: {{ include "common.secret.getSecretNameFast" (dict "global" . "uid" "so-onap-certs") }}
-{{- end -}}
diff --git a/kubernetes/so/templates/_livenessProbe.tpl b/kubernetes/so/templates/_livenessProbe.tpl
deleted file mode 100644
index 4181beb1f8..0000000000
--- a/kubernetes/so/templates/_livenessProbe.tpl
+++ /dev/null
@@ -1,17 +0,0 @@
-{{- define "helpers.livenessProbe" -}} 
-livenessProbe:
-  httpGet:
-    path: {{- index .Values.livenessProbe.path|indent 2}}
-    port: {{ index .Values.containerPort }}
-    scheme: {{- index .Values.livenessProbe.scheme| indent 2}}
-    {{- if eq .Values.global.security.aaf.enabled true }}
-    httpHeaders:
-    - name: Authorization
-      value: {{ index .Values.global.aaf.auth.header }}
-    {{- end }}
-  initialDelaySeconds: {{ index .Values.livenessProbe.initialDelaySeconds}}
-  periodSeconds: {{ index .Values.livenessProbe.periodSeconds}}
-  timeoutSeconds: {{ index .Values.livenessProbe.timeoutSeconds}}
-  successThreshold: {{ index .Values.livenessProbe.successThreshold}}
-  failureThreshold: {{ index .Values.livenessProbe.failureThreshold}}
-{{- end -}}
diff --git a/kubernetes/so/templates/_profileProperty.tpl b/kubernetes/so/templates/_profileProperty.tpl
deleted file mode 100644
index 113bc343d0..0000000000
--- a/kubernetes/so/templates/_profileProperty.tpl
+++ /dev/null
@@ -1,3 +0,0 @@
-{{- define "helpers.profileProperty" -}}
-  {{ if eq .condition true }}{{.value1}}{{else}}{{.value2}} {{ end }}
-{{- end -}}
diff --git a/kubernetes/so/templates/configmap.yaml b/kubernetes/so/templates/configmap.yaml
index 6aa4b5f4f0..ab7b5f3624 100755
--- a/kubernetes/so/templates/configmap.yaml
+++ b/kubernetes/so/templates/configmap.yaml
@@ -15,7 +15,7 @@ apiVersion: v1
 data:
   LOG_PATH: {{ index .Values.logPath }}
   APP: {{ index .Values.app }}
-  ACTIVE_PROFILE: {{ include "helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
+  ACTIVE_PROFILE: {{ include "so.helpers.profileProperty" (dict "condition" .Values.global.security.aaf.enabled "value1" "aaf" "value2" "basic")}}
 kind: ConfigMap
 metadata:
   name: {{ include "common.fullname" . }}-configmap
diff --git a/kubernetes/so/templates/deployment.yaml b/kubernetes/so/templates/deployment.yaml
index 83452ccba8..d378cae606 100755
--- a/kubernetes/so/templates/deployment.yaml
+++ b/kubernetes/so/templates/deployment.yaml
@@ -37,7 +37,8 @@ spec:
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
-      initContainers: {{ include "so.certificate.container_importer" . | nindent 6 }}
+      initContainers:
+      {{ include "so.certificate.container_importer" . | indent 6 | trim }}
       - name: {{ include "common.name" . }}-readiness
         command:
         - /app/ready.py
@@ -52,12 +53,23 @@ spec:
               fieldPath: metadata.namespace
         image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
       containers:
       - name: {{ include "common.name" . }}
         image: {{ include "common.repository" . }}/{{ .Values.image }}
-        resources:
-{{ include "common.resources" . | indent 12 }}
+        resources: {{ include "common.resources" . | nindent 12 }}
+        {{- if .Values.global.aafEnabled }}
+        command:
+        - sh
+        args:
+        - -c
+        - |
+          export $(grep '^c' {{ .Values.soHelpers.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+          export TRUSTSTORE_PASSWORD="${cadi_truststore_password}"
+          {{- if .Values.global.security.aaf.enabled }}
+          export KEYSTORE_PASSWORD="${cadi_keystore_password}"
+          {{- end }}
+          /app/start-app.sh
+        {{- end }}
         env:
         - name: DB_HOST
           valueFrom:
@@ -77,27 +89,12 @@ spec:
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "login") | indent 10 }}
         - name: DB_ADMIN_PASSWORD
           {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-admin-creds" "key" "password") | indent 10 }}
-         {{- if eq .Values.global.security.aaf.enabled true }}
-        - name: TRUSTSTORE
-          value: /app/org.onap.so.trust.jks
-        - name: TRUSTSTORE_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ .Release.Name}}-so-client-certs-secret
-              key: trustStorePassword
-        - name: KEYSTORE
-          value: /app/org.onap.so.jks
-        - name: KEYSTORE_PASSWORD
-          valueFrom:
-            secretKeyRef:
-              name: {{ .Release.Name}}-so-client-certs-secret
-              key: keyStorePassword
-        {{- end }}
+        {{ include "so.certificates.env" . | indent 8 | trim }}
         envFrom:
         - configMapRef:
             name: {{ include "common.fullname" . }}-configmap
         imagePullPolicy:  {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        volumeMounts: {{ include "so.certificate.volume-mounts" . | nindent 8 }}
+        volumeMounts: {{ include "so.certificate.volumeMount" . | nindent 8 }}
         - name: logs
           mountPath: /app/logs
         - name: config
@@ -105,7 +102,7 @@ spec:
           readOnly: true
         - name: {{ include "common.fullname" . }}-logs
           mountPath: /var/log/onap
-{{ include "helpers.livenessProbe" .| indent 8 }}
+{{ include "so.helpers.livenessProbe" .| indent 8 }}
         ports:
         - containerPort: {{ index .Values.containerPort }}
           name: {{ .Values.service.portName }}
-- 
cgit 1.2.3-korg