summaryrefslogtreecommitdiffstats
path: root/certService/helm/aaf-cert-service/templates/deployment.yaml
diff options
context:
space:
mode:
authorawudzins <adam.wudzinski@nokia.com>2020-03-13 16:54:18 +0100
committerawudzins <adam.wudzinski@nokia.com>2020-04-03 11:29:59 +0200
commitb81c681cb6be761a2abb5e2f5af1b923bef1f6b4 (patch)
tree9e0712775bee897d3c0156a8fa6bf9d69846f2ed /certService/helm/aaf-cert-service/templates/deployment.yaml
parentfa33d3f9cf9b613968bf277284841164d392fc21 (diff)
Switch client and server to communicate over TLS
Issue-ID: AAF-1084 Signed-off-by: Adam WudziƄski <adam.wudzinski@nokia.com> Change-Id: I7f11b27c7dcdf4fc3eba2d5e64b6dc775c80dd74
Diffstat (limited to 'certService/helm/aaf-cert-service/templates/deployment.yaml')
-rw-r--r--certService/helm/aaf-cert-service/templates/deployment.yaml37
1 files changed, 31 insertions, 6 deletions
diff --git a/certService/helm/aaf-cert-service/templates/deployment.yaml b/certService/helm/aaf-cert-service/templates/deployment.yaml
index f8b2d43f..f4a28f46 100644
--- a/certService/helm/aaf-cert-service/templates/deployment.yaml
+++ b/certService/helm/aaf-cert-service/templates/deployment.yaml
@@ -16,27 +16,52 @@ spec:
- name: {{ .Values.volume.name }}
secret:
secretName: {{ .Values.secret.name }}
+ - name: {{ .Values.tls.server.volume.name }}
+ secret:
+ secretName: {{ .Values.tls.server.secret.name }}
containers:
- name: aaf-cert-service
image: {{ .Values.repository }}/{{ .Values.image }}
imagePullPolicy: {{ .Values.pullPolicy }}
ports:
- containerPort: {{ .Values.containerPort }}
+ env:
+ - name: HTTPS_PORT
+ value: "{{ .Values.containerPort }}"
+ - name: KEYSTORE_PATH
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.jksName }}"
+ - name: KEYSTORE_P12_PATH
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.p12Name }}"
+ - name: TRUSTSTORE_PATH
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.jksName }}"
+ - name: ROOT_CERT
+ value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.crtName }}"
+ - name: KEYSTORE_PASSWORD
+ value: "{{ .Values.envs.keystore.password }}"
+ - name: TRUSTSTORE_PASSWORD
+ value: "{{ .Values.envs.truststore.password }}"
livenessProbe:
- httpGet:
- port: {{ .Values.containerPort }}
- path: {{ .Values.liveness.path }}
+ exec:
+ command:
+ - /bin/bash
+ - -c
+ - {{ .Values.liveness.command }}
initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
periodSeconds: {{ .Values.liveness.periodSeconds }}
readinessProbe:
- httpGet:
- port: {{ .Values.containerPort }}
- path: {{ .Values.readiness.path }}
+ exec:
+ command:
+ - /bin/bash
+ - -c
+ - {{ .Values.readiness.command }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
volumeMounts:
- name: {{ .Values.volume.name }}
mountPath: {{ .Values.volume.mountPath }}
readOnly: true
+ - name: {{ .Values.tls.server.volume.name }}
+ mountPath: {{ .Values.tls.server.volume.mountPath }}
+ readOnly: true
resources:
{{ toYaml .Values.resources }}