Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 88cf4965828fa7f17e413a4465844e200d1358df^! / . / kubernetes / msb / charts
commit88cf4965828fa7f17e413a4465844e200d1358df[log] [tgz]
authorHuabing Zhao <zhao.huabing@zte.com.cn>Thu May 14 09:17:52 2020 +0800
committerKrzysztof Opasiak <k.opasiak@samsung.com>Fri May 22 10:43:35 2020 +0000
tree0c2e23de4abe4e3ef4ec1f78865d631c501bb525
parent810b0a1880a9ba897f0698ef5f7f69b2df33d893 [diff]
Set certificate SAN as msb-iag

Also add helm certificate to be used within deployments.

Issue-ID: MSB-467
Signed-off-by: Huabing Zhao <zhao.huabing@zte.com.cn>
Signed-off-by: Konrad Bańka <k.banka@samsung.com>
Change-Id: I1dabc31275edebd4a01be658e462a7d45497ce46

diff --git a/kubernetes/msb/charts/msb-eag/templates/deployment.yaml b/kubernetes/msb/charts/msb-eag/templates/deployment.yaml
index fd16a0c..95f0e34 100644
--- a/kubernetes/msb/charts/msb-eag/templates/deployment.yaml
+++ b/kubernetes/msb/charts/msb-eag/templates/deployment.yaml

@@ -81,6 +81,14 @@
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
+          - name: {{ include "common.fullname" . }}-cert
+            mountPath: /usr/local/openresty/nginx/ssl/cert/cert.crt
+            readOnly: true
+            subPath: "cert.crt"
+          - name: {{ include "common.fullname" . }}-cert
+            mountPath: /usr/local/openresty/nginx/html/cert/ca.crt
+            readOnly: true
+            subPath: "ca.crt"
           - mountPath: /usr/local/apiroute-works/logs
             name: {{ include "common.fullname" . }}-logs
           resources:
@@ -109,6 +117,9 @@
             name: {{ include "common.fullname" . }}-log-conf
             subPath: logback.xml
       volumes:
+        - name: {{ include "common.fullname" . }}-cert
+          secret:
+            secretName: {{ include "common.release" . }}-msb-https-cert
         - name: {{ include "common.fullname" . }}-log-conf
           configMap:
             name: {{ include "common.fullname" . }}-log

diff --git a/kubernetes/msb/charts/msb-iag/templates/deployment.yaml b/kubernetes/msb/charts/msb-iag/templates/deployment.yaml
index 8975a32..f95f105 100644
--- a/kubernetes/msb/charts/msb-iag/templates/deployment.yaml
+++ b/kubernetes/msb/charts/msb-iag/templates/deployment.yaml

@@ -81,6 +81,14 @@
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
+          - name: {{ include "common.fullname" . }}-cert
+            mountPath: /usr/local/openresty/nginx/ssl/cert/cert.crt
+            readOnly: true
+            subPath: "cert.crt"
+          - name: {{ include "common.fullname" . }}-cert
+            mountPath: /usr/local/openresty/nginx/html/cert/ca.crt
+            readOnly: true
+            subPath: "ca.crt"
           - mountPath: /usr/local/apiroute-works/logs
             name: {{ include "common.fullname" . }}-logs
           resources:
@@ -109,6 +117,9 @@
             name: {{ include "common.fullname" . }}-log-conf
             subPath: logback.xml
       volumes:
+        - name: {{ include "common.fullname" . }}-cert
+          secret:
+            secretName: {{ include "common.release" . }}-msb-https-cert
         - name: {{ include "common.fullname" . }}-log-conf
           configMap:
             name: {{ include "common.fullname" . }}-log