[SDNC] Deploy external TLC cert in ODL Changes for 111973 Issue-ID: SDNC-1136 Signed-off-by: esobmar <mariusz.sobucki@est.tech> Change-Id: If185ee3658b8f51a969bb3505f8bfb163cfea2a3 Signed-off-by: egernug <gerard.nugent@est.tech> Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> [Access EJBCA secret from cert service] Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>

commit: 27578339f9152a1a1ea24f01cdd3b83e95287685 [log] [tgz]
author: egernug <gerard.nugent@est.tech> Thu Mar 26 10:27:55 2020 +0000
committer: egernug <gerard.nugent@est.tech> Mon Sep 21 11:17:27 2020 +0100
tree: fc662fe55f329d42dd22ad7cb78025b95792a335
parent: 1d7d0e2834531a278b0c3af57ce4cc6e2b62b3ee [diff] [blame]
diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index b1da64a..454e3aa 100644
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml

@@ -1,5 +1,5 @@
 {{/*
-# Copyright © 2020 Samsung Electronics, highstreet technologies GmbH
+# Copyright © 2020 Samsung Electronics
 # Copyright © 2017 Amdocs, Bell Canada
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -94,6 +94,48 @@
         {{ end -}}
 {{ include "common.certInitializer.initContainer" . | indent 6 }}
 
+      {{ if .Values.global.cmpv2Enabled }}
+      - name: certs-init
+        image: "{{ .Values.global.repository }}/{{ .Values.global.platform.certServiceClient.image }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        env:
+          - name: REQUEST_URL
+            value: {{ .Values.global.platform.certServiceClient.envVariables.requestURL }}
+          - name: REQUEST_TIMEOUT
+            value: "30000"
+          - name: OUTPUT_PATH
+            value: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
+          - name: CA_NAME
+            value: {{ .Values.global.platform.certServiceClient.envVariables.caName }}
+          - name: COMMON_NAME
+            value: {{ .Values.global.platform.certServiceClient.envVariables.common_name }}
+          - name: ORGANIZATION
+            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Organization }}
+          - name: ORGANIZATION_UNIT
+            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2OrganizationalUnit }}
+          - name: LOCATION
+            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Location }}
+          - name: STATE
+            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2State }}
+          - name: COUNTRY
+            value: {{ .Values.global.platform.certServiceClient.envVariables.cmpv2Country }}
+          - name: KEYSTORE_PATH
+            value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePath }}
+          - name: KEYSTORE_PASSWORD
+            value: {{ .Values.global.platform.certServiceClient.envVariables.keystorePassword }}
+          - name: TRUSTSTORE_PATH
+            value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePath }}
+          - name: TRUSTSTORE_PASSWORD
+            value: {{ .Values.global.platform.certServiceClient.envVariables.truststorePassword }}
+        terminationMessagePath: /dev/termination-log
+        terminationMessagePolicy: File
+        volumeMounts:
+          - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
+            name: certs
+          - mountPath: {{ .Values.global.platform.certServiceClient.secret.mountPath }}
+            name: certservice-tls-volume
+      {{ end }}
+
       - name: {{ include "common.name" . }}-chown
         image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
         command:
@@ -238,6 +280,8 @@
           - mountPath: {{ .Values.config.odl.etcDir }}/mountpoint-state-provider.properties
             name: properties
             subPath: mountpoint-state-provider.properties
+          - mountPath: {{ .Values.global.platform.certServiceClient.envVariables.cert_path }}
+            name: certs
           resources:
 {{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}
@@ -288,6 +332,12 @@
         - name: properties
           emptyDir:
             medium: Memory
+        - name: certs
+          emptyDir:
+            medium: Memory
+        - name: certservice-tls-volume
+          secret:
+            secretName: {{ .Values.global.platform.certServiceClient.secret.name }}
   {{ if not .Values.persistence.enabled }}
         - name: {{ include "common.fullname" . }}-data
           emptyDir: {}
commit	27578339f9152a1a1ea24f01cdd3b83e95287685	[log] [tgz]
author	egernug <gerard.nugent@est.tech>	Thu Mar 26 10:27:55 2020 +0000
committer	egernug <gerard.nugent@est.tech>	Mon Sep 21 11:17:27 2020 +0100
tree	fc662fe55f329d42dd22ad7cb78025b95792a335
parent	1d7d0e2834531a278b0c3af57ce4cc6e2b62b3ee [diff] [blame]