diff options
author | awudzins <adam.wudzinski@nokia.com> | 2020-03-13 16:54:18 +0100 |
---|---|---|
committer | awudzins <adam.wudzinski@nokia.com> | 2020-04-03 11:29:59 +0200 |
commit | b81c681cb6be761a2abb5e2f5af1b923bef1f6b4 (patch) | |
tree | 9e0712775bee897d3c0156a8fa6bf9d69846f2ed /certService/helm/aaf-cert-service/templates/deployment.yaml | |
parent | fa33d3f9cf9b613968bf277284841164d392fc21 (diff) |
Switch client and server to communicate over TLS
Issue-ID: AAF-1084
Signed-off-by: Adam WudziĆski <adam.wudzinski@nokia.com>
Change-Id: I7f11b27c7dcdf4fc3eba2d5e64b6dc775c80dd74
Diffstat (limited to 'certService/helm/aaf-cert-service/templates/deployment.yaml')
-rw-r--r-- | certService/helm/aaf-cert-service/templates/deployment.yaml | 37 |
1 files changed, 31 insertions, 6 deletions
diff --git a/certService/helm/aaf-cert-service/templates/deployment.yaml b/certService/helm/aaf-cert-service/templates/deployment.yaml index f8b2d43f..f4a28f46 100644 --- a/certService/helm/aaf-cert-service/templates/deployment.yaml +++ b/certService/helm/aaf-cert-service/templates/deployment.yaml @@ -16,27 +16,52 @@ spec: - name: {{ .Values.volume.name }} secret: secretName: {{ .Values.secret.name }} + - name: {{ .Values.tls.server.volume.name }} + secret: + secretName: {{ .Values.tls.server.secret.name }} containers: - name: aaf-cert-service image: {{ .Values.repository }}/{{ .Values.image }} imagePullPolicy: {{ .Values.pullPolicy }} ports: - containerPort: {{ .Values.containerPort }} + env: + - name: HTTPS_PORT + value: "{{ .Values.containerPort }}" + - name: KEYSTORE_PATH + value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.jksName }}" + - name: KEYSTORE_P12_PATH + value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.keystore.p12Name }}" + - name: TRUSTSTORE_PATH + value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.jksName }}" + - name: ROOT_CERT + value: "{{ .Values.tls.server.volume.mountPath }}/{{ .Values.envs.truststore.crtName }}" + - name: KEYSTORE_PASSWORD + value: "{{ .Values.envs.keystore.password }}" + - name: TRUSTSTORE_PASSWORD + value: "{{ .Values.envs.truststore.password }}" livenessProbe: - httpGet: - port: {{ .Values.containerPort }} - path: {{ .Values.liveness.path }} + exec: + command: + - /bin/bash + - -c + - {{ .Values.liveness.command }} initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} periodSeconds: {{ .Values.liveness.periodSeconds }} readinessProbe: - httpGet: - port: {{ .Values.containerPort }} - path: {{ .Values.readiness.path }} + exec: + command: + - /bin/bash + - -c + - {{ .Values.readiness.command }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} volumeMounts: - name: {{ .Values.volume.name }} mountPath: {{ .Values.volume.mountPath }} readOnly: true + - name: {{ .Values.tls.server.volume.name }} + mountPath: {{ .Values.tls.server.volume.mountPath }} + readOnly: true resources: {{ toYaml .Values.resources }} |