[AAI][BABEL] Remove Hardcoded certificates

Use Certinitializer in order to retrieve needed certificates.
Change ModelLoader also as it needs valid certificate to communicate
with Babel.

Issue-ID: OOM-2693
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I64b8ede24643f942dc99956030c202c50d41ad1e
diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml
index 443bf40..95eae6a 100644
--- a/kubernetes/aai/components/aai-modelloader/values.yaml
+++ b/kubernetes/aai/components/aai-modelloader/values.yaml
@@ -1,5 +1,5 @@
 # Copyright © 2018 Amdocs, Bell Canada, AT&T
-# Modifications Copyright © 2020 Orange
+# Modifications Copyright © 2020-2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -19,6 +19,42 @@
 global: # global defaults
   nodePortPrefix: 302
 
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+  nameOverride: aai-ml-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: aai
+  fqi: aai@aai.onap.org
+  public_fqdn: aai.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  appMountPath: /opt/app/model-loader/config/auth/aaf
+  fqi_namespace: org.onap.aai
+  user_id: &user_id 1000
+  group_id: &group_id 1000
+  aaf_add_config: |
+    echo "*** changing them into shell safe ones"
+    export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    cd {{ .Values.credsPath }}
+    keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \
+      -storepass "${cadi_keystore_password_p12}" \
+      -keystore {{ .Values.fqi_namespace }}.p12
+    keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \
+      -storepass "${cadi_truststore_password}" \
+      -keystore {{ .Values.fqi_namespace }}.trust.jks
+    echo "*** writing passwords into prop file"
+    echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
+    echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
+    echo "*** change ownership of certificates to targeted user"
+    chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
+
 # application image
 image: onap/model-loader:1.9.1
 pullPolicy: Always
@@ -47,26 +83,6 @@
   initialDelaySeconds: 10
   periodSeconds: 10
 
-service:
-  type: NodePort
-  portName: http
-  externalPort: 8080
-  internalPort: 8080
-  nodePort: 10
-  portName2: https
-  externalPort2: 8443
-  internalPort2: 8443
-  nodePort2: 29
-
-ingress:
-  enabled: false
-  service:
-    - baseaddr: "aaimodelloader"
-      name: "aai-modelloader"
-      port: 8443
-  config:
-    ssl: "redirect"
-
 resources:
   small:
     limits:
@@ -90,6 +106,11 @@
   roles:
     - read
 
+# Not fully used for now
+securityContext:
+  user_id: *user_id
+  group_id: *group_id
+
 #Log configuration
 log:
   path: /var/log/onap