From d54223e7cd3026e260e06df39dd52c4368e7053d Mon Sep 17 00:00:00 2001 From: awudzins Date: Wed, 19 Feb 2020 13:34:32 +0100 Subject: Load CMP Servers config from volume Create Kubernetes secret to store Cmp Server config file and mount it to container as volume Issue-ID: AAF-997 Signed-off-by: Adam Wudzinski Change-Id: I163b720ce14729328af34dd61e6eb0108c76d58b --- .../aaf-cert-service/resources/cmpServers.json | 24 ++++++++++++++++++++++ .../aaf-cert-service/templates/deployment.yaml | 8 ++++++++ .../helm/aaf-cert-service/templates/secret.yaml | 7 +++++++ certService/helm/aaf-cert-service/values.yaml | 8 +++++++- 4 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 certService/helm/aaf-cert-service/resources/cmpServers.json create mode 100644 certService/helm/aaf-cert-service/templates/secret.yaml (limited to 'certService/helm/aaf-cert-service') diff --git a/certService/helm/aaf-cert-service/resources/cmpServers.json b/certService/helm/aaf-cert-service/resources/cmpServers.json new file mode 100644 index 00000000..ee9e72b9 --- /dev/null +++ b/certService/helm/aaf-cert-service/resources/cmpServers.json @@ -0,0 +1,24 @@ +{ + "cmpv2Servers": [ + { + "caName": "TEST", + "url": "http://127.0.0.1/ejbca/publicweb/cmp/cmp", + "issuerDN": "CN=ManagementCA", + "caMode": "CLIENT", + "authentication": { + "iak": "xxx", + "rv": "yyy" + } + }, + { + "caName": "TEST2", + "url": "http://127.0.0.1/ejbca/publicweb/cmp/cmpRA", + "issuerDN": "CN=ManagementCA2", + "caMode": "RA", + "authentication": { + "iak": "xxx", + "rv": "yyy" + } + } + ] +} \ No newline at end of file diff --git a/certService/helm/aaf-cert-service/templates/deployment.yaml b/certService/helm/aaf-cert-service/templates/deployment.yaml index 0b64d730..2e16cbca 100644 --- a/certService/helm/aaf-cert-service/templates/deployment.yaml +++ b/certService/helm/aaf-cert-service/templates/deployment.yaml @@ -12,6 +12,10 @@ spec: labels: app: {{ .Values.appLabel }} spec: + volumes: + - name: {{ .Values.volume.name }} + secret: + secretName: {{ .Values.secret.name }} containers: - name: aaf-cert-service image: {{ .Values.repository }}/{{ .Values.image }} @@ -30,5 +34,9 @@ spec: path: {{ .Values.healthcheck.path }} initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - name: {{ .Values.volume.name }} + mountPath: {{ .Values.volume.mountPath }} + readOnly: true resources: {{ toYaml .Values.resources }} diff --git a/certService/helm/aaf-cert-service/templates/secret.yaml b/certService/helm/aaf-cert-service/templates/secret.yaml new file mode 100644 index 00000000..77b25f4e --- /dev/null +++ b/certService/helm/aaf-cert-service/templates/secret.yaml @@ -0,0 +1,7 @@ +apiVersion: v1 +kind: Secret +metadata: + name: {{ .Values.secret.name }} +type: Opaque +data: + {{ (.Files.Glob "resources/cmpServers.json").AsSecrets }} \ No newline at end of file diff --git a/certService/helm/aaf-cert-service/values.yaml b/certService/helm/aaf-cert-service/values.yaml index 9ec51c85..a971edd4 100644 --- a/certService/helm/aaf-cert-service/values.yaml +++ b/certService/helm/aaf-cert-service/values.yaml @@ -14,6 +14,9 @@ readiness: periodSeconds: 10 healthcheck: path: /actuator/health +volume: + name: aaf-cert-service-volume + mountPath: /etc/onap/aaf/certservice resources: limits: @@ -21,4 +24,7 @@ resources: memory: 2Gi requests: cpu: 1 - memory: 1Gi \ No newline at end of file + memory: 1Gi + +secret: + name: aaf-cert-service-secret -- cgit 1.2.3-korg