[VNFSDK] Automatically retrieve certificates
Instead of using hardcoded certificates, let's use certInitializer in
order to retrieve them.
Issue-ID: OOM-2696
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I6ed12dda660647cd0990c34f51e6c05ed533774a
diff --git a/kubernetes/vnfsdk/values.yaml b/kubernetes/vnfsdk/values.yaml
index 28a2ac4..0fbee4c 100644
--- a/kubernetes/vnfsdk/values.yaml
+++ b/kubernetes/vnfsdk/values.yaml
@@ -34,6 +34,37 @@
passwordPolicy: generate
#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: refrepo-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: refrepo
+ fqi: refrepo@refrepo.onap.org
+ fqi_namespace: org.onap.refrepo
+ public_fqdn: refrepo.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: |
+ echo "*** transform AAF certs into pem files"
+ mkdir -p {{ .Values.credsPath }}/certs
+ echo "keystore password: $$cadi_keystore_password_p12"
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** copy key"
+ cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+ {{ .Values.credsPath }}/certs/cert.key
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 999 {{ .Values.credsPath }}/certs
+
+
+#################################################################
# Application configuration defaults.
#################################################################
# application image
@@ -102,7 +133,7 @@
service:
type: NodePort
name: refrepo
- portName: refrepo
+ portName: https
nodePort: 97
internalPort: 8703