Add sms preload job that preloads secrets

Add a preload job that loads secrets from config
files into secret management service after it comes up.
P1: Includes osdf.json which contains secrets for oof-osdf
P2: Add has.json for oof-has

Issue-ID: AAF-548
Change-Id: Ib03cf6771a445be8ab00621cf26ca0e902af4ab3
Signed-off-by: Kiran Kamineni <kiran.k.kamineni@intel.com>
diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/has.json b/kubernetes/aaf/charts/aaf-sms/resources/config/has.json
new file mode 100644
index 0000000..9d017f9
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-sms/resources/config/has.json
@@ -0,0 +1,36 @@
+{
+    "domain": {
+        "name": "has",
+        "secrets": [
+            {
+                "name": "aai",
+                "values": {
+                    "username": "OOF",
+                    "password": "OOF"
+                }
+            },
+            {
+                "name": "conductor_api",
+                "values": {
+                    "username": "admin1",
+                    "password": "plan.15"
+                }
+            },
+            {
+                "name": "sdnc",
+                "values": {
+                    "username": "admin",
+                    "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U"
+                }
+            },
+            {
+                "name": "music_api",
+                "values": {
+                    "aafuser": "conductor",
+                    "aafpass": "c0nduct0r",
+                    "aafns": "conductor"
+                }
+            }
+        ]
+    }
+}
diff --git a/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json b/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json
new file mode 100644
index 0000000..0950957
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-sms/resources/config/osdf.json
@@ -0,0 +1,98 @@
+{
+    "domain": {
+        "name": "osdf",
+        "secrets": [
+            {
+                "name": "so",
+                "values": {
+                    "UserName": "",
+                    "Password": ""
+                }
+            },
+            {
+                "name": "conductor",
+                "values": {
+                    "UserName": "admin1",
+                    "Password": "plan.15"
+                }
+            },
+            {
+                "name": "policyPlatform",
+                "values": {
+                    "UserName": "testpdp",
+                    "Password": "alpha123"
+                }
+            },
+            {
+                "name": "policyClient",
+                "values": {
+                    "UserName": "python",
+                    "Password": "test"
+                }
+            },
+            {
+                "name": "dmaap",
+                "values": {
+                    "UserName": "NA",
+                    "Password": "NA"
+                }
+            },
+            {
+                "name": "sdc",
+                "values": {
+                    "UserName": "NA",
+                    "Password": "NA"
+                }
+            },
+            {
+                "name": "osdfPlacement",
+                "values": {
+                    "UserName": "test",
+                    "Password": "testpwd"
+                }
+            },
+            {
+                "name": "osdfPlacementSO",
+                "values": {
+                    "UserName": "so_test",
+                    "Password": "so_testpwd"
+                }
+            },
+            {
+                "name": "osdfPlacementVFC",
+                "values": {
+                    "UserName": "vfc_test",
+                    "Password": "vfc_testpwd"
+                }
+            },
+            {
+                "name": "osdfCMScheduler",
+                "values": {
+                    "UserName": "test1",
+                    "Password": "testpwd1"
+                }
+            },
+            {
+                "name": "configDb",
+                "values": {
+                    "UserName": "osdf",
+                    "Password": "passwd"
+                }
+            },
+            {
+                "name": "pciHMS",
+                "values": {
+                    "UserName": "",
+                    "Password": ""
+                }
+            },
+            {
+                "name": "osdfPCIOpt",
+                "values": {
+                    "UserName": "pci_test",
+                    "Password": "pci_testpwd"
+                }
+            }
+        ]
+    }
+}
\ No newline at end of file
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml b/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml
index 72ce6fb..b513d99 100644
--- a/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml
+++ b/kubernetes/aaf/charts/aaf-sms/templates/configmap.yaml
@@ -1,3 +1,4 @@
+{{/*
 # Copyright 2018 Intel Corporation, Inc
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -11,6 +12,7 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
+*/}}
 
 apiVersion: v1
 kind: ConfigMap
@@ -25,3 +27,16 @@
 data:
   smsconfig.json: |
     {{ .Values.config | toJson }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-preload
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}-preload
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+data:
+{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/aaf/charts/aaf-sms/templates/job.yaml b/kubernetes/aaf/charts/aaf-sms/templates/job.yaml
new file mode 100644
index 0000000..2cee8d5
--- /dev/null
+++ b/kubernetes/aaf/charts/aaf-sms/templates/job.yaml
@@ -0,0 +1,92 @@
+{{/*
+# Copyright 2018 Intel Corporation, Inc
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ include "common.fullname" . }}-preload
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - image:  "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+        command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - "aaf-sms"
+        - --container-name
+        - "aaf-sms-quorumclient"
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+      containers:
+      - image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+        imagePullPolicy: {{ .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-preload
+        command:
+          - "/sms/bin/preload"
+          - "-cacert"
+          - "/sms/certs/aaf_root_ca.cer"
+          - "-jsondir"
+          - "/preload/config"
+          - "-serviceport"
+          - "{{ .Values.service.internalPort }}"
+          - "-serviceurl"
+          - "https://aaf-sms.{{ include "common.namespace" . }}"
+        workingDir: /sms
+        volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          - mountPath: /preload/config
+            name: {{ include "common.name" . }}-preload
+        resources:
+{{ include "common.resources" . | indent 10 }}
+        {{- if .Values.nodeSelector }}
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+      - name: localtime
+        hostPath:
+          path: /etc/localtime
+      - name : {{ include "common.name" . }}-preload
+        configMap:
+          name: {{ include "common.fullname" . }}-preload
+      restartPolicy: OnFailure
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"