[CLI] Simplify cert retrieval script
As retrieving values is now done via a generic script, let's clean a
little bit cert retrieval in order to remove unneeded part.
Issue-ID: OOM-2688
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I47fe8224ce471a2b17f7fc376b4b1e2e1d6331fc
diff --git a/kubernetes/cli/values.yaml b/kubernetes/cli/values.yaml
index c521fb8..4dcee45 100644
--- a/kubernetes/cli/values.yaml
+++ b/kubernetes/cli/values.yaml
@@ -35,33 +35,24 @@
cadi_latitude: "0.0"
credsPath: /opt/app/osaaf/local
aaf_add_config: |
- echo "*** retrieving password for keystore and trustore"
- export $(/opt/app/aaf_config/bin/agent.sh local showpass \
- {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
- if [ -z "$cadi_keystore_password_p12" ]
- then
- echo " /!\ certificates retrieval failed"
- exit 1
- else
- echo "*** transform AAF certs into pem files"
- mkdir -p {{ .Values.credsPath }}/certs
- keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
- -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
- -alias ca_local_0 \
- -storepass $cadi_truststore_password
- openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
- -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
- -passin pass:$cadi_keystore_password_p12 \
- -passout pass:$cadi_keystore_password_p12
- echo "*** generating needed file"
- cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
- {{ .Values.credsPath }}/certs/cert.pem \
- {{ .Values.credsPath }}/certs/cacert.pem \
- > {{ .Values.credsPath }}/certs/fullchain.pem;
- cat {{ .Values.credsPath }}/certs/fullchain.pem
- echo "*** change ownership of certificates to targeted user"
- chown -R 33 {{ .Values.credsPath }}
- fi
+ echo "*** transform AAF certs into pem files"
+ mkdir -p {{ .Values.credsPath }}/certs
+ keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
+ -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
+ -alias ca_local_0 \
+ -storepass $cadi_truststore_password
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** generating needed file"
+ cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+ {{ .Values.credsPath }}/certs/cert.pem \
+ {{ .Values.credsPath }}/certs/cacert.pem \
+ > {{ .Values.credsPath }}/certs/fullchain.pem;
+ cat {{ .Values.credsPath }}/certs/fullchain.pem
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 33 {{ .Values.credsPath }}
#################################################################