diff options
author | awudzins <adam.wudzinski@nokia.com> | 2020-02-19 13:34:32 +0100 |
---|---|---|
committer | awudzins <adam.wudzinski@nokia.com> | 2020-02-20 12:43:59 +0100 |
commit | d54223e7cd3026e260e06df39dd52c4368e7053d (patch) | |
tree | 8501ab3942fa88201f468a05bf84b600e24c7740 /certService/helm/aaf-cert-service | |
parent | e93c679bc9c22e034ba93a48460830716e1f7457 (diff) |
Load CMP Servers config from volume
Create Kubernetes secret to store Cmp Server config file and mount it to container as volume
Issue-ID: AAF-997
Signed-off-by: Adam Wudzinski <adam.wudzinski@nokia.com>
Change-Id: I163b720ce14729328af34dd61e6eb0108c76d58b
Diffstat (limited to 'certService/helm/aaf-cert-service')
4 files changed, 46 insertions, 1 deletions
diff --git a/certService/helm/aaf-cert-service/resources/cmpServers.json b/certService/helm/aaf-cert-service/resources/cmpServers.json new file mode 100644 index 00000000..ee9e72b9 --- /dev/null +++ b/certService/helm/aaf-cert-service/resources/cmpServers.json @@ -0,0 +1,24 @@ +{ + "cmpv2Servers": [ + { + "caName": "TEST", + "url": "http://127.0.0.1/ejbca/publicweb/cmp/cmp", + "issuerDN": "CN=ManagementCA", + "caMode": "CLIENT", + "authentication": { + "iak": "xxx", + "rv": "yyy" + } + }, + { + "caName": "TEST2", + "url": "http://127.0.0.1/ejbca/publicweb/cmp/cmpRA", + "issuerDN": "CN=ManagementCA2", + "caMode": "RA", + "authentication": { + "iak": "xxx", + "rv": "yyy" + } + } + ] +}
\ No newline at end of file diff --git a/certService/helm/aaf-cert-service/templates/deployment.yaml b/certService/helm/aaf-cert-service/templates/deployment.yaml index 0b64d730..2e16cbca 100644 --- a/certService/helm/aaf-cert-service/templates/deployment.yaml +++ b/certService/helm/aaf-cert-service/templates/deployment.yaml @@ -12,6 +12,10 @@ spec: labels: app: {{ .Values.appLabel }} spec: + volumes: + - name: {{ .Values.volume.name }} + secret: + secretName: {{ .Values.secret.name }} containers: - name: aaf-cert-service image: {{ .Values.repository }}/{{ .Values.image }} @@ -30,5 +34,9 @@ spec: path: {{ .Values.healthcheck.path }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ .Values.volume.name }} + mountPath: {{ .Values.volume.mountPath }} + readOnly: true resources: {{ toYaml .Values.resources }} diff --git a/certService/helm/aaf-cert-service/templates/secret.yaml b/certService/helm/aaf-cert-service/templates/secret.yaml new file mode 100644 index 00000000..77b25f4e --- /dev/null +++ b/certService/helm/aaf-cert-service/templates/secret.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.secret.name }} +type: Opaque +data: + {{ (.Files.Glob "resources/cmpServers.json").AsSecrets }}
\ No newline at end of file diff --git a/certService/helm/aaf-cert-service/values.yaml b/certService/helm/aaf-cert-service/values.yaml index 9ec51c85..a971edd4 100644 --- a/certService/helm/aaf-cert-service/values.yaml +++ b/certService/helm/aaf-cert-service/values.yaml @@ -14,6 +14,9 @@ readiness: periodSeconds: 10 healthcheck: path: /actuator/health +volume: + name: aaf-cert-service-volume + mountPath: /etc/onap/aaf/certservice resources: limits: @@ -21,4 +24,7 @@ resources: memory: 2Gi requests: cpu: 1 - memory: 1Gi
\ No newline at end of file + memory: 1Gi + +secret: + name: aaf-cert-service-secret |