| {{/* |
| # Copyright © 2020 Samsung Electronics |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| */}} |
| |
| |
| |
| {{- define "common.certInitializer._aafConfigVolumeName" -}} |
| {{ include "common.fullname" . }}-aaf-config |
| {{- end -}} |
| |
| {{- define "common.certInitializer._aafAddConfigVolumeName" -}} |
| {{ print "aaf-add-config" }} |
| {{- end -}} |
| |
| {{/* |
| common templates to enable cert initialization for applictaions |
| |
| In deployments/jobs/stateful include: |
| initContainers: |
| {{ include "common.certInitializer.initContainer" . | nindent XX }} |
| |
| containers: |
| volumeMounts: |
| {{- include "common.certInitializer.volumeMount" . | nindent XX }} |
| volumes: |
| {{- include "common.certInitializer.volume" . | nindent XX}} |
| */}} |
| {{- define "common.certInitializer._initContainer" -}} |
| {{- $dot := default . .dot -}} |
| {{- $initRoot := default $dot.Values.certInitializer .initRoot -}} |
| {{- $initName := default "certInitializer" -}} |
| {{/* Our version of helm doesn't support deepCopy so we need this nasty trick */}} |
| {{- $subchartDot := mergeOverwrite (deepCopy (omit $dot "Values")) (dict "Chart" (set (fromJson (toJson $dot.Chart)) "Name" $initRoot.nameOverride) "Values" (mergeOverwrite (deepCopy $initRoot) (dict "global" $dot.Values.global))) }} |
| - name: {{ include "common.name" $dot }}-aaf-readiness |
| image: "{{ $subchartDot.Values.global.readinessRepository }}/{{ $subchartDot.Values.global.readinessImage }}" |
| imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} |
| command: |
| - /root/ready.py |
| args: |
| - --container-name |
| - aaf-locate |
| - --container-name |
| - aaf-cm |
| - --container-name |
| - aaf-service |
| env: |
| - name: NAMESPACE |
| valueFrom: |
| fieldRef: |
| apiVersion: v1 |
| fieldPath: metadata.namespace |
| - name: {{ include "common.name" $dot }}-aaf-config |
| image: {{ (default $subchartDot.Values.repository $subchartDot.Values.global.repository) }}/{{ $subchartDot.Values.global.aafAgentImage }} |
| imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} |
| volumeMounts: |
| - mountPath: {{ $initRoot.mountPath }} |
| name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }} |
| - mountPath: /opt/app/aaf_config/cert/truststoreONAPall.jks.b64 |
| name: aaf-agent-certs |
| subPath: truststoreONAPall.jks.b64 |
| - mountPath: /opt/app/aaf_config/cert/truststoreONAP.p12.b64 |
| name: aaf-agent-certs |
| subPath: truststoreONAP.p12.b64 |
| {{- if $initRoot.aaf_add_config }} |
| - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }} |
| mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh |
| subPath: aaf-add-config.sh |
| {{- end }} |
| command: |
| - sh |
| - -c |
| - | |
| #!/usr/bin/env bash |
| /opt/app/aaf_config/bin/agent.sh |
| {{- if $initRoot.aaf_add_config }} |
| /opt/app/aaf_config/bin/aaf-add-config.sh |
| {{- end }} |
| env: |
| - name: APP_FQI |
| value: "{{ $initRoot.fqi }}" |
| - name: aaf_locate_url |
| value: "https://aaf-locate.{{ $dot.Release.Namespace}}:8095" |
| - name: aaf_locator_container |
| value: "oom" |
| - name: aaf_locator_container_ns |
| value: "{{ $dot.Release.Namespace }}" |
| - name: aaf_locator_fqdn |
| value: "{{ $initRoot.fqdn }}" |
| - name: aaf_locator_app_ns |
| value: "{{ $initRoot.app_ns }}" |
| - name: DEPLOY_FQI |
| {{- include "common.secret.envFromSecretFast" (dict "global" $subchartDot "uid" "deployer-creds" "key" "login") | indent 6 }} |
| - name: DEPLOY_PASSWORD |
| {{- include "common.secret.envFromSecretFast" (dict "global" $subchartDot "uid" "deployer-creds" "key" "password") | indent 6 }} |
| #Note: want to put this on Nodes, eventually |
| - name: cadi_longitude |
| value: "{{ default "52.3" $initRoot.cadi_longitude }}" |
| - name: cadi_latitude |
| value: "{{ default "13.2" $initRoot.cadi_latitude }}" |
| #Hello specific. Clients don't don't need this, unless Registering with AAF Locator |
| - name: aaf_locator_public_fqdn |
| value: "{{ $initRoot.public_fqdn | default "" }}" |
| {{- end -}} |
| |
| {{- define "common.certInitializer._volumeMount" -}} |
| {{- $dot := default . .dot -}} |
| {{- $initRoot := default $dot.Values.certInitializer .initRoot -}} |
| - mountPath: {{ $initRoot.mountPath }} |
| name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }} |
| {{- end -}} |
| |
| {{- define "common.certInitializer._volumes" -}} |
| {{- $dot := default . .dot -}} |
| {{- $initRoot := default $dot.Values.certInitializer .initRoot -}} |
| {{- $subchartDot := mergeOverwrite (deepCopy (omit $dot "Values")) (dict "Chart" (set (fromJson (toJson $dot.Chart)) "Name" $initRoot.nameOverride) "Values" (mergeOverwrite (deepCopy $initRoot) (dict "global" $dot.Values.global))) }} |
| - name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }} |
| emptyDir: |
| medium: Memory |
| - name: aaf-agent-certs |
| configMap: |
| name: {{ include "common.fullname" $subchartDot }}-certs |
| defaultMode: 0700 |
| |
| {{- if $initRoot.aaf_add_config }} |
| - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }} |
| configMap: |
| name: {{ include "common.fullname" $subchartDot }}-add-config |
| defaultMode: 0700 |
| {{- end -}} |
| {{- end -}} |
| |
| {{- define "common.certInitializer.initContainer" -}} |
| {{- $dot := default . .dot -}} |
| {{- if $dot.Values.global.aafEnabled }} |
| {{ include "common.certInitializer._initContainer" . }} |
| {{- end -}} |
| {{- end -}} |
| |
| {{- define "common.certInitializer.volumeMount" -}} |
| {{- $dot := default . .dot -}} |
| {{- if $dot.Values.global.aafEnabled }} |
| {{- include "common.certInitializer._volumeMount" . }} |
| {{- end -}} |
| {{- end -}} |
| |
| {{- define "common.certInitializer.volumes" -}} |
| {{- $dot := default . .dot -}} |
| {{- if $dot.Values.global.aafEnabled }} |
| {{- include "common.certInitializer._volumes" . }} |
| {{- end -}} |
| {{- end -}} |