SDC Certificate location is configurable

Change-Id: I1512c47570a4cd8a739b3ce517ee6bf8c5544b18
Issue-ID: SDC-2195
Signed-off-by: kooper <sergey.sachkov@est.tech>
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml
index 87556b0..70895d3 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml
+++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml
@@ -88,6 +88,8 @@
           - name: SDC_PASSWORD
             valueFrom:
               secretKeyRef: {name: {{ .Release.Name }}-sdc-cs-secrets, key: sdc_password}
+          - name: SDC_CERT_DIR
+            value: {{ .Values.cert.certDir }}
           volumeMounts:
           - name: {{ include "common.fullname" . }}-environments
             mountPath: /root/chef-solo/environments/
@@ -99,6 +101,8 @@
           - name: {{ include "common.fullname" . }}-logback
             mountPath: /tmp/logback.xml
             subPath: logback.xml
+          - name: {{ include "common.fullname" . }}-cert-storage
+            mountPath: "{{ .Values.cert.certDir }}"
           lifecycle:
             postStart:
               exec:
@@ -133,5 +137,8 @@
           defaultMode: 0755
       - name:  {{ include "common.fullname" . }}-logs
         emptyDir: {}
+      - name:  {{ include "common.fullname" . }}-cert-storage
+        persistentVolumeClaim:
+          claimName: {{ include "common.fullname" . }}-cert
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml
new file mode 100644
index 0000000..b292ff9
--- /dev/null
+++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml
@@ -0,0 +1,38 @@
+{{/*
+# ================================================================================
+# Copyright (C) 2019, Nordix Foundation. All rights reserved.
+# ================================================================================
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: {{ include "common.fullname" . }}-cert
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    name: {{ include "common.fullname" . }}
+spec:
+  capacity:
+    storage: {{ .Values.cert.persistence.size}}
+  accessModes:
+    - {{ .Values.cert.persistence.accessMode }}
+  persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }}
+  hostPath:
+    path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.cert.persistence.mountSubPath }}
+{{- end -}}
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml
new file mode 100644
index 0000000..eb2c372
--- /dev/null
+++ b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml
@@ -0,0 +1,49 @@
+{{/*
+# ================================================================================
+# Copyright (C) 2019, Nordix Foundation. All rights reserved.
+# ================================================================================
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+{{- if and .Values.cert.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ include "common.fullname" . }}-cert
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+{{- if .Values.cert.persistence.annotations }}
+  annotations:
+{{ toYaml .Values.cert.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+  selector:
+    matchLabels:
+      name: {{ include "common.fullname" . }}
+  accessModes:
+    - {{ .Values.cert.persistence.accessMode }}
+  resources:
+    requests:
+      storage: {{ .Values.cert.persistence.size }}
+{{- if .Values.cert.persistence.storageClass }}
+{{- if (eq "-" .Values.cert.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.cert.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
index 4b09a11..2b7edd9 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
@@ -90,6 +90,18 @@
   mountPath: /dockerdata-nfs
   mountSubPath: /sdc/sdc-cs/CS
 
+##Certificate storage persistence
+##This is temporary solution for SDC-1980
+cert:
+  certDir: /var/lib/jetty/cert
+  persistence:
+    enabled: true
+    size: 10Mi
+    accessMode: ReadOnlyMany
+    volumeReclaimPolicy: Retain
+    mountSubPath: /sdc/onbaording/cert
+
+
 ingress:
   enabled: false