Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 3267293a468d65a8bae755da77d2a48a9e25663a^! / . / kubernetes / common / cmpv2Config / values.yaml
commit3267293a468d65a8bae755da77d2a48a9e25663a[log] [tgz]
authorPiotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>Fri Mar 26 13:06:35 2021 +0100
committerPiotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>Thu Apr 22 14:08:36 2021 +0000
tree542bc3419c8637b32baa7cb2b2db694b9cae10cd
parent1b162638763115959a0960a1195618f571d5499b [diff] [blame]
[PLATFORM] Generate Cert-Service certs with Cert-Manager

Utilize Cert-Manager to secure communication between
Cert-Service and its clients, adjust templates and
configs.

Issue-ID: OOM-2712
Signed-off-by: Piotr Marcinkiewicz <piotr.marcinkiewicz@nokia.com>
Change-Id: I96426b1a184b4d254575e76d29214d9deda08cce
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>

diff --git a/kubernetes/common/cmpv2Config/values.yaml b/kubernetes/common/cmpv2Config/values.yaml
index b6ee064..695e406 100644
--- a/kubernetes/common/cmpv2Config/values.yaml
+++ b/kubernetes/common/cmpv2Config/values.yaml

@@ -12,22 +12,40 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 global:
+
+  # Enabling CMPv2
+  cmpv2Enabled: true
+  CMPv2CertManagerIntegration: false
+
+  certificate:
+    default:
+      subject:
+        organization: "Linux-Foundation"
+        country: "US"
+        locality: "San-Francisco"
+        province: "California"
+        organizationalUnit: "ONAP"
+
   platform:
+    certificates:
+      clientSecretName: oom-cert-service-client-tls-secret
+      keystoreKeyRef: keystore.jks
+      truststoreKeyRef: truststore.jks
+      keystorePasswordSecretName: oom-cert-service-keystore-password
+      keystorePasswordSecretKey: password
+      truststorePasswordSecretName: oom-cert-service-truststore-password
+      truststorePasswordSecretKey: password
     certServiceClient:
       image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.3
-      secretName: oom-cert-service-client-tls-secret
+      certificatesSecretMountPath: /etc/onap/oom/certservice/certs/
       envVariables:
+        certPath: "/var/custom-certs"
         # Certificate related
-        cmpv2Organization: "Linux-Foundation"
-        cmpv2OrganizationalUnit: "ONAP"
-        cmpv2Location: "San-Francisco"
-        cmpv2State: "California"
-        cmpv2Country: "US"
+        caName: "RA"
         # Client configuration related
         requestURL: "https://oom-cert-service:8443/v1/certificate/"
         requestTimeout: "30000"
-        keystorePassword: "secret"
-        truststorePassword: "secret"
+        outputType: "P12"
     certPostProcessor:
       image: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.3.3