summaryrefslogtreecommitdiffstats
path: root/certService/helm/aaf-cert-service
diff options
context:
space:
mode:
authorawudzins <adam.wudzinski@nokia.com>2020-02-19 13:34:32 +0100
committerawudzins <adam.wudzinski@nokia.com>2020-02-20 12:43:59 +0100
commitd54223e7cd3026e260e06df39dd52c4368e7053d (patch)
tree8501ab3942fa88201f468a05bf84b600e24c7740 /certService/helm/aaf-cert-service
parente93c679bc9c22e034ba93a48460830716e1f7457 (diff)
Load CMP Servers config from volume
Create Kubernetes secret to store Cmp Server config file and mount it to container as volume Issue-ID: AAF-997 Signed-off-by: Adam Wudzinski <adam.wudzinski@nokia.com> Change-Id: I163b720ce14729328af34dd61e6eb0108c76d58b
Diffstat (limited to 'certService/helm/aaf-cert-service')
-rw-r--r--certService/helm/aaf-cert-service/resources/cmpServers.json24
-rw-r--r--certService/helm/aaf-cert-service/templates/deployment.yaml8
-rw-r--r--certService/helm/aaf-cert-service/templates/secret.yaml7
-rw-r--r--certService/helm/aaf-cert-service/values.yaml8
4 files changed, 46 insertions, 1 deletions
diff --git a/certService/helm/aaf-cert-service/resources/cmpServers.json b/certService/helm/aaf-cert-service/resources/cmpServers.json
new file mode 100644
index 00000000..ee9e72b9
--- /dev/null
+++ b/certService/helm/aaf-cert-service/resources/cmpServers.json
@@ -0,0 +1,24 @@
+{
+ "cmpv2Servers": [
+ {
+ "caName": "TEST",
+ "url": "http://127.0.0.1/ejbca/publicweb/cmp/cmp",
+ "issuerDN": "CN=ManagementCA",
+ "caMode": "CLIENT",
+ "authentication": {
+ "iak": "xxx",
+ "rv": "yyy"
+ }
+ },
+ {
+ "caName": "TEST2",
+ "url": "http://127.0.0.1/ejbca/publicweb/cmp/cmpRA",
+ "issuerDN": "CN=ManagementCA2",
+ "caMode": "RA",
+ "authentication": {
+ "iak": "xxx",
+ "rv": "yyy"
+ }
+ }
+ ]
+} \ No newline at end of file
diff --git a/certService/helm/aaf-cert-service/templates/deployment.yaml b/certService/helm/aaf-cert-service/templates/deployment.yaml
index 0b64d730..2e16cbca 100644
--- a/certService/helm/aaf-cert-service/templates/deployment.yaml
+++ b/certService/helm/aaf-cert-service/templates/deployment.yaml
@@ -12,6 +12,10 @@ spec:
labels:
app: {{ .Values.appLabel }}
spec:
+ volumes:
+ - name: {{ .Values.volume.name }}
+ secret:
+ secretName: {{ .Values.secret.name }}
containers:
- name: aaf-cert-service
image: {{ .Values.repository }}/{{ .Values.image }}
@@ -30,5 +34,9 @@ spec:
path: {{ .Values.healthcheck.path }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ volumeMounts:
+ - name: {{ .Values.volume.name }}
+ mountPath: {{ .Values.volume.mountPath }}
+ readOnly: true
resources:
{{ toYaml .Values.resources }}
diff --git a/certService/helm/aaf-cert-service/templates/secret.yaml b/certService/helm/aaf-cert-service/templates/secret.yaml
new file mode 100644
index 00000000..77b25f4e
--- /dev/null
+++ b/certService/helm/aaf-cert-service/templates/secret.yaml
@@ -0,0 +1,7 @@
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ .Values.secret.name }}
+type: Opaque
+data:
+ {{ (.Files.Glob "resources/cmpServers.json").AsSecrets }} \ No newline at end of file
diff --git a/certService/helm/aaf-cert-service/values.yaml b/certService/helm/aaf-cert-service/values.yaml
index 9ec51c85..a971edd4 100644
--- a/certService/helm/aaf-cert-service/values.yaml
+++ b/certService/helm/aaf-cert-service/values.yaml
@@ -14,6 +14,9 @@ readiness:
periodSeconds: 10
healthcheck:
path: /actuator/health
+volume:
+ name: aaf-cert-service-volume
+ mountPath: /etc/onap/aaf/certservice
resources:
limits:
@@ -21,4 +24,7 @@ resources:
memory: 2Gi
requests:
cpu: 1
- memory: 1Gi \ No newline at end of file
+ memory: 1Gi
+
+secret:
+ name: aaf-cert-service-secret