From af331643dc0af5e3fb8bebfa9efb2682e46451b8 Mon Sep 17 00:00:00 2001 From: "Areli, Fuss (af732p)" Date: Thu, 24 May 2018 11:24:40 +0300 Subject: Alignment of VVP devkit Alignment of VVP devkit Change-Id: I7c6dae29faf0a14dce4d40114bd0bc4be8e23e42 Issue-ID: VVP-60 Signed-off-by: Areli, Fuss (af732p) --- .../configmaps/site-certificate-configmap.yaml.j2 | 30 ++++++++++++++++++++++ 1 file changed, 30 insertions(+) create mode 100644 ansible/roles/ansible-vvp-templates/templates/configmaps/site-certificate-configmap.yaml.j2 (limited to 'ansible/roles/ansible-vvp-templates/templates/configmaps/site-certificate-configmap.yaml.j2') diff --git a/ansible/roles/ansible-vvp-templates/templates/configmaps/site-certificate-configmap.yaml.j2 b/ansible/roles/ansible-vvp-templates/templates/configmaps/site-certificate-configmap.yaml.j2 new file mode 100644 index 0000000..2d56741 --- /dev/null +++ b/ansible/roles/ansible-vvp-templates/templates/configmaps/site-certificate-configmap.yaml.j2 @@ -0,0 +1,30 @@ +--- +kind: ConfigMap +apiVersion: v1 +metadata: + name: site-certificate + namespace: default +data: + site.crt: | + {{ site_pem_cert|indent }} + wrapper.sh: | + #!/bin/sh + # This script is meant to be used as a wrapper, so that it can be easily + # used with docker or kubernetes' container command specification. + # + # Kubernetes' volumeMount creates symlinks for configMapped files at the + # target directory. + # Alpine's update-ca-certificates ignores symlinks. + # So we must contrive to copy the contents of the mounted cert (a symlink) + # into place as a normal file. + dev_cert="${0%/*}/site.crt" + echo >&2 "$0: Checking for site CA certificate at $dev_cert..." + if [ -s "$dev_cert" ]; then + echo >&2 "$0: Updating container CA certificate bundle with site certificate..." + cp -L "$dev_cert" /usr/local/share/ca-certificates/ + update-ca-certificates + else + echo >&2 "$0: No site CA certificate found." + fi + echo >&2 "$0: Launching command: $@" + exec "$@" -- cgit 1.2.3-korg