Merge "[SDC] use of certInitializer template"
diff --git a/kubernetes/sdc/Makefile b/kubernetes/sdc/Makefile
new file mode 100644
index 0000000..f2670c5
--- /dev/null
+++ b/kubernetes/sdc/Makefile
@@ -0,0 +1,50 @@
+# Copyright © 2020 Samsung Electronics, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES := dist resources templates charts docker
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+	@echo "\n[$@]"
+	@make package-$@
+
+make-%:
+	@if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+	@if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+	@if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+	@mkdir -p $(PACKAGE_DIR)
+	@if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+	@helm repo index $(PACKAGE_DIR)
+
+clean:
+	@rm -f */requirements.lock
+	@rm -f *tgz */charts/*tgz
+	@rm -rf $(PACKAGE_DIR)
+%:
+	@:
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml
deleted file mode 100644
index bc110c3..0000000
--- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pv.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# ================================================================================
-# Copyright (C) 2019, Nordix Foundation. All rights reserved.
-# ================================================================================
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
-    release: "{{ include "common.release" . }}"
-    heritage: "{{ .Release.Service }}"
-    name: {{ include "common.fullname" . }}
-spec:
-  capacity:
-    storage: {{ .Values.cert.persistence.size}}
-  accessModes:
-    - {{ .Values.cert.persistence.accessMode }}
-  persistentVolumeReclaimPolicy: {{ .Values.cert.persistence.volumeReclaimPolicy }}
-  storageClassName: "{{ include "common.fullname" . }}-data"
-  hostPath:
-    path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.cert.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml b/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml
deleted file mode 100644
index 006d736..0000000
--- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/pvc.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# ================================================================================
-# Copyright (C) 2019, Nordix Foundation. All rights reserved.
-# ================================================================================
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.cert.persistence.enabled (not .Values.cert.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
-  name: {{ include "common.fullname" . }}-cert
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
-    release: "{{ include "common.release" . }}"
-    heritage: "{{ .Release.Service }}"
-{{- if .Values.cert.persistence.annotations }}
-  annotations:
-{{ toYaml .Values.cert.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
-  accessModes:
-    - {{ .Values.cert.persistence.accessMode }}
-  storageClassName: {{ include "common.storageClass" . }}
-  resources:
-    requests:
-      storage: {{ .Values.cert.persistence.size }}
-{{- end -}}
diff --git a/kubernetes/sdc/components/Makefile b/kubernetes/sdc/components/Makefile
new file mode 100644
index 0000000..8d3bf2b
--- /dev/null
+++ b/kubernetes/sdc/components/Makefile
@@ -0,0 +1,50 @@
+# Copyright © 2020 Samsung Electronics, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
+OUTPUT_DIR := $(ROOT_DIR)/../../dist
+PACKAGE_DIR := $(OUTPUT_DIR)/packages
+SECRET_DIR := $(OUTPUT_DIR)/secrets
+
+EXCLUDES :=
+HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
+
+.PHONY: $(EXCLUDES) $(HELM_CHARTS)
+
+all: $(HELM_CHARTS)
+
+$(HELM_CHARTS):
+	@echo "\n[$@]"
+	@make package-$@
+
+make-%:
+	@if [ -f $*/Makefile ]; then make -C $*; fi
+
+dep-%: make-%
+	@if [ -f $*/requirements.yaml ]; then helm dep up $*; fi
+
+lint-%: dep-%
+	@if [ -f $*/Chart.yaml ]; then helm lint $*; fi
+
+package-%: lint-%
+	@mkdir -p $(PACKAGE_DIR)
+	@if [ -f $*/Chart.yaml ]; then helm package -d $(PACKAGE_DIR) $*; fi
+	@helm repo index $(PACKAGE_DIR)
+
+clean:
+	@rm -f */requirements.lock
+	@rm -f *tgz */charts/*tgz
+	@rm -rf $(PACKAGE_DIR)
+%:
+	@:
diff --git a/kubernetes/sdc/charts/sdc-be/.helmignore b/kubernetes/sdc/components/sdc-be/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/.helmignore
rename to kubernetes/sdc/components/sdc-be/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-be/Chart.yaml b/kubernetes/sdc/components/sdc-be/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/Chart.yaml
rename to kubernetes/sdc/components/sdc-be/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-be/requirements.yaml b/kubernetes/sdc/components/sdc-be/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-be/requirements.yaml
@@ -0,0 +1,23 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#   Modifications Copyright © 2020 AT&T. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+dependencies:
+  - name: certInitializer
+    version: ~6.x-0
+    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-be/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-be/templates/NOTES.txt b/kubernetes/sdc/components/sdc-be/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-be/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-be/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-be/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
similarity index 82%
rename from kubernetes/sdc/charts/sdc-be/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-be/templates/deployment.yaml
index 78f2912..e2329d7 100644
--- a/kubernetes/sdc/charts/sdc-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/deployment.yaml
@@ -22,7 +22,7 @@
   template:
     metadata: {{- include "common.templateMetadata" . | nindent 6 }}
     spec:
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       - name: {{ include "common.name" . }}-readiness
         command:
         - /app/ready.py
@@ -51,34 +51,46 @@
             fieldRef:
               apiVersion: v1
               fieldPath: metadata.namespace
+      {{- if .Values.global.aafEnabled }}
       - name: {{ include "common.name" . }}-update-config
         image: "{{ .Values.global.envsubstImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         command:
         - sh
         args:
-        - -c
-        - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
-        env:
-        - name: KEYSTORE_PASS
-          valueFrom:
-            secretKeyRef:
-              name: {{ include "common.release" . }}-sdc-cs-secrets
-              key: keystore_password
-        - name: TRUSTSTORE_PASS
-          valueFrom:
-            secretKeyRef:
-              name: {{ include "common.release" . }}-sdc-cs-secrets
-              key: truststore_password
-        volumeMounts:
+        - "-c"
+        - |
+          export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+          export KEYSTORE_PASS=$cadi_keystore_password_p12
+          export KEYMANAGER_PASS=$cadi_keystore_password_p12
+          export TRUSTSTORE_PASS=$cadi_truststore_password
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+          cd /config-input && \
+          for PFILE in `find . -not -type d | grep -v -F ..`
+          do
+            envsubst <${PFILE} >/config-output/${PFILE}
+            chmod 0755 /config-output/${PFILE}
+          done
+        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
         - name: {{ include "common.fullname" . }}-environments
           mountPath: /config-input/
         - name: sdc-environments-output
           mountPath: /config-output/
+      {{- end }}
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          {{- if .Values.global.aafEnabled }}
+          command:
+          - sh
+          args:
+          - "-c"
+          - |
+            sed -i '/trustStorePassword/d' ${JETTY_BASE}/startup.sh
+            ${JETTY_BASE}/startup.sh
+          {{- end }}
           ports: {{ include "common.containerPorts" . | nindent 10  }}
           {{ if eq .Values.liveness.enabled true }}
           livenessProbe:
@@ -100,7 +112,7 @@
           resources: {{ include "common.resources" . | nindent 12 }}
           env:
           - name: ENVNAME
-            value: {{ .Values.global.env.name }}
+            value: {{ .Values.env.name }}
           - name: JAVA_OPTIONS
             value: {{ .Values.config.javaOptions }}
           - name: cassandra_ssl_enabled
@@ -112,10 +124,10 @@
           volumeMounts:
           - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/environments/
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.p12
             subPath: org.onap.sdc.p12
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-be/files/default/org.onap.sdc.trust.jks
             subPath: org.onap.sdc.trust.jks
           - name: {{ include "common.fullname" . }}-localtime
@@ -142,13 +154,10 @@
             mountPath: /var/log/onap
           - name: {{ include "common.fullname" . }}-data-filebeat
             mountPath: /usr/share/filebeat/data
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
       - name: {{ include "common.fullname" . }}-localtime
         hostPath:
           path: /etc/localtime
-      - name: sdc-cert
-        secret:
-          secretName: sdc-cert
       - name: {{ include "common.fullname" . }}-filebeat-conf
         configMap:
           name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-be/templates/ingress.yaml b/kubernetes/sdc/components/sdc-be/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-be/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-be/templates/job.yaml b/kubernetes/sdc/components/sdc-be/templates/job.yaml
similarity index 97%
rename from kubernetes/sdc/charts/sdc-be/templates/job.yaml
rename to kubernetes/sdc/components/sdc-be/templates/job.yaml
index 8a5f2fa..d9c3e51 100644
--- a/kubernetes/sdc/charts/sdc-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-be/templates/job.yaml
@@ -56,7 +56,7 @@
           mountPath: /var/lib/jetty/logs
         env:
         - name: ENVNAME
-          value: {{ .Values.global.env.name }}
+          value: {{ .Values.env.name }}
         - name: HOST_IP
           valueFrom:
             fieldRef:
diff --git a/kubernetes/sdc/charts/sdc-be/templates/service.yaml b/kubernetes/sdc/components/sdc-be/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-be/templates/service.yaml
rename to kubernetes/sdc/components/sdc-be/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-be/values.yaml b/kubernetes/sdc/components/sdc-be/values.yaml
similarity index 68%
rename from kubernetes/sdc/charts/sdc-be/values.yaml
rename to kubernetes/sdc/components/sdc-be/values.yaml
index a2f1f0c..0389486 100644
--- a/kubernetes/sdc/charts/sdc-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-be/values.yaml
@@ -21,6 +21,18 @@
   readinessImage: onap/oom/readiness:3.0.1
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  aafEnabled: true
+  cassandra:
+    #This flag allows SDC to instantiate its own cluster, serviceName
+    #should be sdc-cs if this flag is enabled
+    localCluster: false
+    #The cassandra service name to connect to (default: shared cassandra service)
+    serviceName: cassandra
+    #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
+    #to match with its own cluster replica
+    replicaCount: 3
+    clusterName: cassandra
+    dataCenter: Pod
 
 #################################################################
 # Application configuration defaults.
@@ -34,6 +46,33 @@
 # flag to enable debugging - application support required
 debugEnabled: false
 
+#environment file
+env:
+  name: AUTO
+
+certInitializer:
+  nameOverride: sdc-be-cert-init
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  fqdn: sdc
+  fqi: sdc@sdc.onap.org
+  public_fqdn: sdc.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  addconfig: true
+  keystoreFile: "org.onap.sdc.p12"
+  truststoreFile: "org.onap.sdc.trust.jks"
+  permission_user: 352070
+  permission_group: 35953
+  aaf_add_config: >
+    /opt/app/aaf_config/bin/agent.sh local showpass
+    {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
+
+#################################################################
+# SDC Config part
+#################################################################
 config:
   javaOptions: "-Xmx1536m -Xms1536m"
   cassandraSslEnabled: "false"
diff --git a/kubernetes/sdc/charts/sdc-cs/.helmignore b/kubernetes/sdc/components/sdc-cs/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-cs/.helmignore
rename to kubernetes/sdc/components/sdc-cs/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-cs/Chart.yaml b/kubernetes/sdc/components/sdc-cs/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-cs/Chart.yaml
rename to kubernetes/sdc/components/sdc-cs/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-cs/requirements.yaml b/kubernetes/sdc/components/sdc-cs/requirements.yaml
new file mode 100644
index 0000000..5969143
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-cs/requirements.yaml
@@ -0,0 +1,23 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#   Modifications Copyright © 2020 AT&T. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+dependencies:
+  - name: common
+    version: ~6.x-0
+    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-cs/templates/NOTES.txt b/kubernetes/sdc/components/sdc-cs/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-cs/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-cs/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-cs/templates/job.yaml b/kubernetes/sdc/components/sdc-cs/templates/job.yaml
similarity index 98%
rename from kubernetes/sdc/charts/sdc-cs/templates/job.yaml
rename to kubernetes/sdc/components/sdc-cs/templates/job.yaml
index ff32a87..0c98d67 100644
--- a/kubernetes/sdc/charts/sdc-cs/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-cs/templates/job.yaml
@@ -62,7 +62,7 @@
           mountPath: /home/sdc/chef-solo/cache
         env:
         - name: ENVNAME
-          value: {{ .Values.global.env.name }}
+          value: {{ .Values.env.name }}
         - name: RELEASE
           value: {{ .Values.config.release }}
         - name: SDC_USER
diff --git a/kubernetes/sdc/charts/sdc-cs/values.yaml b/kubernetes/sdc/components/sdc-cs/values.yaml
similarity index 85%
rename from kubernetes/sdc/charts/sdc-cs/values.yaml
rename to kubernetes/sdc/components/sdc-cs/values.yaml
index 5cf3065..0738ca7 100644
--- a/kubernetes/sdc/charts/sdc-cs/values.yaml
+++ b/kubernetes/sdc/components/sdc-cs/values.yaml
@@ -21,6 +21,17 @@
   readinessImage: onap/oom/readiness:3.0.1
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  cassandra:
+    #This flag allows SDC to instantiate its own cluster, serviceName
+    #should be sdc-cs if this flag is enabled
+    localCluster: false
+    #The cassandra service name to connect to (default: shared cassandra service)
+    serviceName: cassandra
+    #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
+    #to match with its own cluster replica
+    replicaCount: 3
+    clusterName: cassandra
+    dataCenter: Pod
 
 #################################################################
 # Application configuration defaults.
@@ -37,6 +48,10 @@
   maxHeapSize: "1536M"
   heapNewSize: "512M"
 
+#environment file
+env:
+  name: AUTO
+
 # default number of instances
 replicaCount: 1
 
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/.helmignore b/kubernetes/sdc/components/sdc-dcae-be/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/.helmignore
rename to kubernetes/sdc/components/sdc-dcae-be/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/Chart.yaml b/kubernetes/sdc/components/sdc-dcae-be/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/Chart.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-dcae-be/requirements.yaml b/kubernetes/sdc/components/sdc-dcae-be/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-dcae-be/requirements.yaml
@@ -0,0 +1,23 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#   Modifications Copyright © 2020 AT&T. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+dependencies:
+  - name: certInitializer
+    version: ~6.x-0
+    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-dcae-be/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-dcae-be/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/NOTES.txt b/kubernetes/sdc/components/sdc-dcae-be/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-dcae-be/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-dcae-be/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-dcae-be/templates/deployment.yaml
similarity index 82%
rename from kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/templates/deployment.yaml
index a8e9403..4ddb229 100644
--- a/kubernetes/sdc/charts/sdc-dcae-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-be/templates/deployment.yaml
@@ -33,7 +33,7 @@
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       - name: {{ include "common.name" . }}-readiness
         command:
         - /app/ready.py
@@ -62,34 +62,46 @@
             fieldRef:
               apiVersion: v1
               fieldPath: metadata.namespace
+      {{- if .Values.global.aafEnabled }}
       - name: {{ include "common.name" . }}-update-config
         image: "{{ .Values.global.envsubstImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         command:
-          - sh
+        - sh
         args:
-          - -c
-          - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
-        env:
-          - name: KEYSTORE_PASS
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "common.release" . }}-sdc-cs-secrets
-                key: keystore_password
-          - name: TRUSTSTORE_PASS
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "common.release" . }}-sdc-cs-secrets
-                key: truststore_password
-        volumeMounts:
+        - "-c"
+        - |
+          export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+          export KEYSTORE_PASS=$cadi_keystore_password_p12
+          export KEYMANAGER_PASS=$cadi_keystore_password_p12
+          export TRUSTSTORE_PASS=$cadi_truststore_password
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+          cd /config-input && \
+          for PFILE in `find . -not -type d | grep -v -F ..`
+          do
+            envsubst <${PFILE} >/config-output/${PFILE}
+            chmod 0755 /config-output/${PFILE}
+          done
+        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - name: {{ include "common.fullname" . }}-environments
             mountPath: /config-input/
           - name: sdc-environments-output
             mountPath: /config-output/
+      {{- end }}
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          {{- if .Values.global.aafEnabled }}
+          command:
+          - sh
+          args:
+          - "-c"
+          - |
+            sed -i '/trustStorePassword/d' ${JETTY_BASE}/startup.sh
+            ${JETTY_BASE}/startup.sh
+          {{- end }}
           ports:
           - containerPort: {{ .Values.service.internalPort }}
           - containerPort: {{ .Values.service.internalPort2 }}
@@ -109,7 +121,7 @@
             periodSeconds: {{ .Values.readiness.periodSeconds }}
           env:
           - name: ENVNAME
-            value: {{ .Values.global.env.name }}
+            value: {{ .Values.env.name }}
           - name: JAVA_OPTIONS
             value: {{ .Values.config.javaOptions }}
           - name: HOST_IP
@@ -119,10 +131,10 @@
           volumeMounts:
           - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/environments/
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.p12
             subPath: org.onap.sdc.p12
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.trust.jks
             subPath: org.onap.sdc.trust.jks
           - name: {{ include "common.fullname" . }}-localtime
@@ -160,13 +172,10 @@
             mountPath: /var/log/onap
           - name: {{ include "common.fullname" . }}-data-filebeat
             mountPath: /usr/share/filebeat/data
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
       - name: {{ include "common.fullname" . }}-localtime
         hostPath:
           path: /etc/localtime
-      - name: sdc-cert
-        secret:
-          secretName: sdc-cert
       - name: {{ include "common.fullname" . }}-filebeat-conf
         configMap:
           name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/job.yaml b/kubernetes/sdc/components/sdc-dcae-be/templates/job.yaml
similarity index 97%
rename from kubernetes/sdc/charts/sdc-dcae-be/templates/job.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/templates/job.yaml
index 5be29ee..d85c6bf 100644
--- a/kubernetes/sdc/charts/sdc-dcae-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-be/templates/job.yaml
@@ -55,7 +55,7 @@
           mountPath: /var/lib/jetty/chef-solo/environments
         env:
         - name: ENVNAME
-          value: {{ .Values.global.env.name }}
+          value: {{ .Values.env.name }}
         - name: HOST_IP
           valueFrom:
             fieldRef:
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/templates/service.yaml b/kubernetes/sdc/components/sdc-dcae-be/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-be/templates/service.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml b/kubernetes/sdc/components/sdc-dcae-be/values.yaml
similarity index 76%
rename from kubernetes/sdc/charts/sdc-dcae-be/values.yaml
rename to kubernetes/sdc/components/sdc-dcae-be/values.yaml
index ece8ed5..351c88c 100644
--- a/kubernetes/sdc/charts/sdc-dcae-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-be/values.yaml
@@ -20,6 +20,30 @@
   readinessImage: onap/oom/readiness:3.0.1
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  aafEnabled: true
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+  nameOverride: sdc-dcae-be-cert-init
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  fqdn: sdc
+  fqi: sdc@sdc.onap.org
+  public_fqdn: sdc.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  addconfig: true
+  keystoreFile: "org.onap.sdc.p12"
+  truststoreFile: "org.onap.sdc.trust.jks"
+  permission_user: 352070
+  permission_group: 35953
+  aaf_add_config: >
+    /opt/app/aaf_config/bin/agent.sh local showpass
+    {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
 
 #################################################################
 # Application configuration defaults.
@@ -33,6 +57,10 @@
 # flag to enable debugging - application support required
 debugEnabled: false
 
+#environment file
+env:
+  name: AUTO
+
 config:
   javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-be/logback-spring.xml
   cassandraSslEnabled: "false"
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml b/kubernetes/sdc/components/sdc-dcae-dt/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/Chart.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-dcae-dt/requirements.yaml b/kubernetes/sdc/components/sdc-dcae-dt/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-dcae-dt/requirements.yaml
@@ -0,0 +1,23 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#   Modifications Copyright © 2020 AT&T. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+dependencies:
+  - name: certInitializer
+    version: ~6.x-0
+    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-dcae-dt/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-dcae-dt/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/NOTES.txt b/kubernetes/sdc/components/sdc-dcae-dt/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-dcae-dt/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml b/kubernetes/sdc/components/sdc-dcae-dt/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/deployment.yaml b/kubernetes/sdc/components/sdc-dcae-dt/templates/deployment.yaml
similarity index 84%
rename from kubernetes/sdc/charts/sdc-dcae-dt/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/templates/deployment.yaml
index e3f1b5d..58410ec 100644
--- a/kubernetes/sdc/charts/sdc-dcae-dt/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-dt/templates/deployment.yaml
@@ -33,7 +33,7 @@
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       - name: {{ include "common.name" . }}-readiness
         command:
         - /app/ready.py
@@ -62,30 +62,33 @@
             fieldRef:
               apiVersion: v1
               fieldPath: metadata.namespace
+      {{- if .Values.global.aafEnabled }}
       - name: {{ include "common.name" . }}-update-config
         image: "{{ .Values.global.envsubstImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         command:
-          - sh
+        - sh
         args:
-          - -c
-          - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
-        env:
-          - name: KEYSTORE_PASS
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "common.release" . }}-sdc-cs-secrets
-                key: keystore_password
-          - name: TRUSTSTORE_PASS
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "common.release" . }}-sdc-cs-secrets
-                key: truststore_password
-        volumeMounts:
+        - "-c"
+        - |
+          export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+          export KEYSTORE_PASS=$cadi_keystore_password_p12
+          export KEYMANAGER_PASS=$cadi_keystore_password_p12
+          export TRUSTSTORE_PASS=$cadi_truststore_password
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+          cd /config-input && \
+          for PFILE in `find . -not -type d | grep -v -F ..`
+          do
+            envsubst <${PFILE} >/config-output/${PFILE}
+            chmod 0755 /config-output/${PFILE}
+          done
+        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - name: {{ include "common.fullname" . }}-environments
             mountPath: /config-input/
           - name: sdc-environments-output
             mountPath: /config-output/
+      {{- end }}
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -108,7 +111,7 @@
             periodSeconds: {{ .Values.readiness.periodSeconds }}
           env:
           - name: ENVNAME
-            value: {{ .Values.global.env.name }}
+            value: {{ .Values.env.name }}
           - name: JAVA_OPTIONS
             value: {{ .Values.config.javaOptions }}
           - name: HOST_IP
@@ -118,10 +121,10 @@
           volumeMounts:
           - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/environments/
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/dcae-dt/files/default/org.onap.sdc.p12
             subPath: org.onap.sdc.p12
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/dcae-dt/files/default/org.onap.sdc.trust.jks
             subPath: org.onap.sdc.trust.jks
           - name: {{ include "common.fullname" . }}-localtime
@@ -155,13 +158,10 @@
             mountPath: /var/log/onap
           - name: {{ include "common.fullname" . }}-data-filebeat
             mountPath: /usr/share/filebeat/data
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
         - name: {{ include "common.fullname" . }}-localtime
           hostPath:
             path: /etc/localtime
-        - name: sdc-cert
-          secret:
-            secretName: sdc-cert
         - name: {{ include "common.fullname" . }}-filebeat-conf
           configMap:
             name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml b/kubernetes/sdc/components/sdc-dcae-dt/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/templates/service.yaml b/kubernetes/sdc/components/sdc-dcae-dt/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-dt/templates/service.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml b/kubernetes/sdc/components/sdc-dcae-dt/values.yaml
similarity index 73%
rename from kubernetes/sdc/charts/sdc-dcae-dt/values.yaml
rename to kubernetes/sdc/components/sdc-dcae-dt/values.yaml
index 96ba894..1782671 100644
--- a/kubernetes/sdc/charts/sdc-dcae-dt/values.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-dt/values.yaml
@@ -20,6 +20,30 @@
   readinessImage: onap/oom/readiness:3.0.1
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  aafEnabled: true
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+  nameOverride: sdc-dcae-dt-cert-init
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  fqdn: sdc
+  fqi: sdc@sdc.onap.org
+  public_fqdn: sdc.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  addconfig: true
+  keystoreFile: "org.onap.sdc.p12"
+  truststoreFile: "org.onap.sdc.trust.jks"
+  permission_user: 352070
+  permission_group: 35953
+  aaf_add_config: >
+    /opt/app/aaf_config/bin/agent.sh local showpass
+    {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
 
 #################################################################
 # Application configuration defaults.
@@ -31,6 +55,10 @@
 config:
   javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-dt/logback-spring.xml
 
+#environment file
+env:
+  name: AUTO
+
 # default number of instances
 replicaCount: 1
 
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/.helmignore b/kubernetes/sdc/components/sdc-dcae-fe/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/.helmignore
rename to kubernetes/sdc/components/sdc-dcae-fe/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml b/kubernetes/sdc/components/sdc-dcae-fe/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/Chart.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-dcae-fe/requirements.yaml b/kubernetes/sdc/components/sdc-dcae-fe/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-dcae-fe/requirements.yaml
@@ -0,0 +1,23 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#   Modifications Copyright © 2020 AT&T. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+dependencies:
+  - name: certInitializer
+    version: ~6.x-0
+    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-dcae-fe/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-dcae-fe/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/NOTES.txt b/kubernetes/sdc/components/sdc-dcae-fe/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-dcae-fe/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml b/kubernetes/sdc/components/sdc-dcae-fe/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-dcae-fe/templates/deployment.yaml
similarity index 84%
rename from kubernetes/sdc/charts/sdc-dcae-fe/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/templates/deployment.yaml
index 4f3f700..f916ce5 100644
--- a/kubernetes/sdc/charts/sdc-dcae-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-fe/templates/deployment.yaml
@@ -33,7 +33,7 @@
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       - name: {{ include "common.name" . }}-readiness
         command:
         - /app/ready.py
@@ -62,30 +62,33 @@
             fieldRef:
               apiVersion: v1
               fieldPath: metadata.namespace
+      {{- if .Values.global.aafEnabled }}
       - name: {{ include "common.name" . }}-update-config
         image: "{{ .Values.global.envsubstImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         command:
-          - sh
+        - sh
         args:
-          - -c
-          - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
-        env:
-          - name: KEYSTORE_PASS
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "common.release" . }}-sdc-cs-secrets
-                key: keystore_password
-          - name: TRUSTSTORE_PASS
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "common.release" . }}-sdc-cs-secrets
-                key: truststore_password
-        volumeMounts:
+        - "-c"
+        - |
+          export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+          export KEYSTORE_PASS=$cadi_keystore_password_p12
+          export KEYMANAGER_PASS=$cadi_keystore_password_p12
+          export TRUSTSTORE_PASS=$cadi_truststore_password
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+          cd /config-input && \
+          for PFILE in `find . -not -type d | grep -v -F ..`
+          do
+            envsubst <${PFILE} >/config-output/${PFILE}
+            chmod 0755 /config-output/${PFILE}
+          done
+        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - name: {{ include "common.fullname" . }}-environments
             mountPath: /config-input/
           - name: sdc-environments-output
             mountPath: /config-output/
+      {{- end }}
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -108,7 +111,7 @@
             periodSeconds: {{ .Values.readiness.periodSeconds }}
           env:
           - name: ENVNAME
-            value: {{ .Values.global.env.name }}
+            value: {{ .Values.env.name }}
           - name: JAVA_OPTIONS
             value: {{ .Values.config.javaOptions }}
           - name: HOST_IP
@@ -118,10 +121,10 @@
           volumeMounts:
           - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/environments/
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.p12
             subPath: org.onap.sdc.p12
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/Deploy-DCAE/files/default/org.onap.sdc.trust.jks
             subPath: org.onap.sdc.trust.jks
           - name: {{ include "common.fullname" . }}-localtime
@@ -159,13 +162,10 @@
             mountPath: /var/log/onap
           - name: {{ include "common.fullname" . }}-data-filebeat
             mountPath: /usr/share/filebeat/data
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
         - name: {{ include "common.fullname" . }}-localtime
           hostPath:
             path: /etc/localtime
-        - name: sdc-cert
-          secret:
-            secretName: sdc-cert
         - name: {{ include "common.fullname" . }}-filebeat-conf
           configMap:
             name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml b/kubernetes/sdc/components/sdc-dcae-fe/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-dcae-fe/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-fe/templates/service.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml b/kubernetes/sdc/components/sdc-dcae-fe/values.yaml
similarity index 75%
rename from kubernetes/sdc/charts/sdc-dcae-fe/values.yaml
rename to kubernetes/sdc/components/sdc-dcae-fe/values.yaml
index f4a9dfb..f4d0645 100644
--- a/kubernetes/sdc/charts/sdc-dcae-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-fe/values.yaml
@@ -20,6 +20,30 @@
   readinessImage: onap/oom/readiness:3.0.1
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  aafEnabled: true
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+  nameOverride: sdc-dcae-fe-cert-init
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  fqdn: sdc
+  fqi: sdc@sdc.onap.org
+  public_fqdn: sdc.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  addconfig: true
+  keystoreFile: "org.onap.sdc.p12"
+  truststoreFile: "org.onap.sdc.trust.jks"
+  permission_user: 352070
+  permission_group: 35953
+  aaf_add_config: >
+    /opt/app/aaf_config/bin/agent.sh local showpass
+    {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
 
 #################################################################
 # Application configuration defaults.
@@ -31,6 +55,10 @@
 config:
   javaOptions: -XX:MaxPermSize=256m -Xmx1024m -Dconfig.home=config -Dlog.home=/var/lib/jetty/logs/ -Dlogging.config=config/dcae-fe/logback-spring.xml
 
+#environment file
+env:
+  name: AUTO
+
 # default number of instances
 replicaCount: 1
 
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/.helmignore b/kubernetes/sdc/components/sdc-dcae-tosca-lab/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/.helmignore
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml b/kubernetes/sdc/components/sdc-dcae-tosca-lab/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/Chart.yaml
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-dcae-tosca-lab/requirements.yaml b/kubernetes/sdc/components/sdc-dcae-tosca-lab/requirements.yaml
new file mode 100644
index 0000000..5969143
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-dcae-tosca-lab/requirements.yaml
@@ -0,0 +1,23 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#   Modifications Copyright © 2020 AT&T. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+dependencies:
+  - name: common
+    version: ~6.x-0
+    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/NOTES.txt b/kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/deployment.yaml b/kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/deployment.yaml
similarity index 98%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/deployment.yaml
index 0c886a0..6eb1b3b 100644
--- a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/deployment.yaml
@@ -71,7 +71,7 @@
             periodSeconds: {{ .Values.readiness.periodSeconds }}
           env:
           - name: ENVNAME
-            value: {{ .Values.global.env.name }}
+            value: {{ .Values.env.name }}
           - name: JAVA_OPTIONS
             value: {{ .Values.config.javaOptions }}
           - name: HOST_IP
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/service.yaml b/kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/templates/service.yaml
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml b/kubernetes/sdc/components/sdc-dcae-tosca-lab/values.yaml
similarity index 98%
rename from kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml
rename to kubernetes/sdc/components/sdc-dcae-tosca-lab/values.yaml
index ec5dc98..c714ec8 100644
--- a/kubernetes/sdc/charts/sdc-dcae-tosca-lab/values.yaml
+++ b/kubernetes/sdc/components/sdc-dcae-tosca-lab/values.yaml
@@ -36,6 +36,10 @@
   javaOptions: -XX:MaxPermSize=256m -Xmx1024m
   cassandraSslEnabled: "false"
 
+#environment file
+env:
+  name: AUTO
+
 # default number of instances
 replicaCount: 1
 
diff --git a/kubernetes/sdc/charts/sdc-fe/.helmignore b/kubernetes/sdc/components/sdc-fe/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/.helmignore
rename to kubernetes/sdc/components/sdc-fe/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-fe/Chart.yaml b/kubernetes/sdc/components/sdc-fe/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/Chart.yaml
rename to kubernetes/sdc/components/sdc-fe/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-fe/requirements.yaml b/kubernetes/sdc/components/sdc-fe/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-fe/requirements.yaml
@@ -0,0 +1,23 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#   Modifications Copyright © 2020 AT&T. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+dependencies:
+  - name: certInitializer
+    version: ~6.x-0
+    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-fe/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-fe/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-fe/resources/config/plugins/plugins-configuration.yaml b/kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/resources/config/plugins/plugins-configuration.yaml
rename to kubernetes/sdc/components/sdc-fe/resources/config/plugins/plugins-configuration.yaml
diff --git a/kubernetes/sdc/charts/sdc-fe/templates/NOTES.txt b/kubernetes/sdc/components/sdc-fe/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-fe/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-fe/templates/configmap.yaml b/kubernetes/sdc/components/sdc-fe/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-fe/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
similarity index 82%
rename from kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
index 8b3d4e7..0571f4b 100644
--- a/kubernetes/sdc/charts/sdc-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-fe/templates/deployment.yaml
@@ -34,7 +34,7 @@
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       - name: {{ include "common.name" . }}-job-completion
         image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
@@ -49,34 +49,46 @@
             fieldRef:
               apiVersion: v1
               fieldPath: metadata.namespace
+      {{- if .Values.global.aafEnabled }}
       - name: {{ include "common.name" . }}-update-config
         image: "{{ .Values.global.envsubstImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         command:
-          - sh
+        - sh
         args:
-          - -c
-          - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
-        env:
-          - name: KEYSTORE_PASS
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "common.release" . }}-sdc-cs-secrets
-                key: keystore_password
-          - name: TRUSTSTORE_PASS
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "common.release" . }}-sdc-cs-secrets
-                key: truststore_password
-        volumeMounts:
+        - "-c"
+        - |
+          export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+          export KEYSTORE_PASS=$cadi_keystore_password_p12
+          export KEYMANAGER_PASS=$cadi_keystore_password_p12
+          export TRUSTSTORE_PASS=$cadi_truststore_password
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+          cd /config-input && \
+          for PFILE in `find . -not -type d | grep -v -F ..`
+          do
+            envsubst <${PFILE} >/config-output/${PFILE}
+            chmod 0755 /config-output/${PFILE}
+          done
+        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - name: {{ include "common.fullname" . }}-environments
             mountPath: /config-input/
           - name: sdc-environments-output
             mountPath: /config-output/
+      {{- end }}
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          {{- if .Values.global.aafEnabled }}
+          command:
+          - sh
+          args:
+          - "-c"
+          - |
+            sed -i '/trustStorePassword/d' ${JETTY_BASE}/startup.sh
+            ${JETTY_BASE}/startup.sh
+          {{- end }}
           ports:
           - containerPort: {{ .Values.service.internalPort }}
           - containerPort: {{ .Values.service.internalPort2 }}
@@ -98,7 +110,7 @@
 {{ include "common.resources" . | indent 12 }}
           env:
           - name: ENVNAME
-            value: {{ .Values.global.env.name }}
+            value: {{ .Values.env.name }}
           - name: HOST_IP
             valueFrom:
               fieldRef:
@@ -108,10 +120,10 @@
           volumeMounts:
           - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/environments/
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.p12
             subPath: org.onap.sdc.p12
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-catalog-fe/files/default/org.onap.sdc.trust.jks
             subPath: org.onap.sdc.trust.jks
           - name: {{ include "common.fullname" . }}-localtime
@@ -141,13 +153,10 @@
             mountPath: /var/log/onap
           - name: {{ include "common.fullname" . }}-data-filebeat
             mountPath: /usr/share/filebeat/data
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
         - name: {{ include "common.fullname" . }}-localtime
           hostPath:
             path: /etc/localtime
-        - name: sdc-cert
-          secret:
-            secretName: sdc-cert
         - name: {{ include "common.fullname" . }}-filebeat-conf
           configMap:
             name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml b/kubernetes/sdc/components/sdc-fe/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-fe/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-fe/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-fe/templates/service.yaml
similarity index 97%
rename from kubernetes/sdc/charts/sdc-fe/templates/service.yaml
rename to kubernetes/sdc/components/sdc-fe/templates/service.yaml
index 2133990..efcde57 100644
--- a/kubernetes/sdc/charts/sdc-fe/templates/service.yaml
+++ b/kubernetes/sdc/components/sdc-fe/templates/service.yaml
@@ -37,7 +37,7 @@
 spec:
   type: {{ .Values.service.type }}
   ports:
-    {{ if not .Values.global.security.disableHttp }}
+    {{ if not .Values.security.disableHttp }}
     # setting http port only if enabled
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
diff --git a/kubernetes/sdc/charts/sdc-fe/values.yaml b/kubernetes/sdc/components/sdc-fe/values.yaml
similarity index 78%
rename from kubernetes/sdc/charts/sdc-fe/values.yaml
rename to kubernetes/sdc/components/sdc-fe/values.yaml
index 63c8ce7..e9ff284 100644
--- a/kubernetes/sdc/charts/sdc-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-fe/values.yaml
@@ -21,6 +21,30 @@
   readinessImage: onap/oom/readiness:3.0.1
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  aafEnabled: true
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+  nameOverride: sdc-fe-cert-init
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  fqdn: sdc
+  fqi: sdc@sdc.onap.org
+  public_fqdn: sdc.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  addconfig: true
+  keystoreFile: "org.onap.sdc.p12"
+  truststoreFile: "org.onap.sdc.trust.jks"
+  permission_user: 352070
+  permission_group: 35953
+  aaf_add_config: >
+    /opt/app/aaf_config/bin/agent.sh local showpass
+    {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
 
 #################################################################
 # Application configuration defaults.
@@ -40,6 +64,13 @@
     workflow_discovery_url: "https://sdc-wfd-fe:8443/workflows"
     workflow_source_url: "https://sdc.workflow.plugin.simpledemo.onap.org:30256/workflows/"
 
+#environment file
+env:
+  name: AUTO
+
+security:
+  disableHttp: true
+
 # default number of instances
 replicaCount: 1
 
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/.helmignore b/kubernetes/sdc/components/sdc-onboarding-be/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/.helmignore
rename to kubernetes/sdc/components/sdc-onboarding-be/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/Chart.yaml b/kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/Chart.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-onboarding-be/requirements.yaml b/kubernetes/sdc/components/sdc-onboarding-be/requirements.yaml
new file mode 100644
index 0000000..aad984e
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-onboarding-be/requirements.yaml
@@ -0,0 +1,23 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#   Modifications Copyright © 2020 AT&T. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+dependencies:
+  - name: certInitializer
+    version: ~6.x-0
+    repository: '@local'
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/resources/config/logging/logback.xml b/kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/resources/config/logging/logback.xml
rename to kubernetes/sdc/components/sdc-onboarding-be/resources/config/logging/logback.xml
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/NOTES.txt b/kubernetes/sdc/components/sdc-onboarding-be/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-onboarding-be/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/configmap.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/templates/configmap.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/templates/configmap.yaml
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
similarity index 79%
rename from kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
index f2baa1f..6f1e2a9 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/deployment.yaml
@@ -34,7 +34,7 @@
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       - name: {{ include "common.name" . }}-job-completion
         image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}"
@@ -49,43 +49,33 @@
             fieldRef:
               apiVersion: v1
               fieldPath: metadata.namespace
+      {{- if .Values.global.aafEnabled }}
       - name: {{ include "common.name" . }}-update-config
         image: "{{ .Values.global.envsubstImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         command:
-          - sh
+        - sh
         args:
-          - -c
-          - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config-output/${PFILE}; chmod 0755 /config-output/${PFILE}; done"
-        env:
-          - name: KEYSTORE_PASS
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "common.release" . }}-sdc-cs-secrets
-                key: keystore_password
-          - name: TRUSTSTORE_PASS
-            valueFrom:
-              secretKeyRef:
-                name: {{ include "common.release" . }}-sdc-cs-secrets
-                key: truststore_password
-        volumeMounts:
+        - "-c"
+        - |
+          export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+          export KEYSTORE_PASS=$cadi_keystore_password_p12
+          export KEYMANAGER_PASS=$cadi_keystore_password_p12
+          export TRUSTSTORE_PASS=$cadi_truststore_password
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /config-output
+          cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /config-output
+          cd /config-input && \
+          for PFILE in `find . -not -type d | grep -v -F ..`
+          do
+            envsubst <${PFILE} >/config-output/${PFILE}
+            chmod 0755 /config-output/${PFILE}
+          done
+        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - name: {{ include "common.fullname" . }}-environments
             mountPath: /config-input/
           - name: sdc-environments-output
             mountPath: /config-output/
-      - name: volume-permissions
-        image: {{ .Values.global.busyboxRepository | default .Values.busyboxRepository }}/{{ .Values.global.busyboxImage | default .Values.busyboxImage }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        command:
-          - /bin/sh
-          - -c
-          - |
-            chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} //onboard/cert
-        securityContext:
-          runAsUser: 0
-        volumeMounts:
-          - name: {{ include "common.fullname" . }}-cert-storage
-            mountPath: "/onboard/cert"
+      {{- end }}
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
@@ -113,11 +103,11 @@
 {{ include "common.resources" . | indent 12 }}
           env:
           - name: ENVNAME
-            value: {{ .Values.global.env.name }}
+            value: {{ .Values.env.name }}
           - name: JAVA_OPTIONS
             value: {{ .Values.config.javaOptions }}
           - name: SDC_CLUSTER_NAME
-            value: "SDC-CS-{{ .Values.global.env.name }}"
+            value: "SDC-CS-{{ .Values.env.name }}"
           - name: cassandra_ssl_enabled
             value: {{ .Values.config.cassandraSslEnabled | quote }}
           - name: HOST_IP
@@ -135,10 +125,10 @@
           volumeMounts:
           - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/environments/
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.p12
             subPath: org.onap.sdc.p12
-          - name: sdc-cert
+          - name: sdc-environments-output
             mountPath: /var/lib/jetty/chef-solo/cookbooks/sdc-onboard-backend/files/default/org.onap.sdc.trust.jks
             subPath: org.onap.sdc.trust.jks
           - name: {{ include "common.fullname" . }}-localtime
@@ -149,8 +139,6 @@
           - name: {{ include "common.fullname" . }}-logback
             mountPath: /tmp/logback.xml
             subPath: logback.xml
-          - name: {{ include "common.fullname" . }}-cert-storage
-            mountPath: "{{ .Values.cert.certDir }}"
           lifecycle:
             postStart:
               exec:
@@ -167,13 +155,10 @@
             mountPath: /var/log/onap
           - name: {{ include "common.fullname" . }}-data-filebeat
             mountPath: /usr/share/filebeat/data
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
       - name: {{ include "common.fullname" . }}-localtime
         hostPath:
           path: /etc/localtime
-      - name: sdc-cert
-        secret:
-          secretName: sdc-cert
       - name: {{ include "common.fullname" . }}-filebeat-conf
         configMap:
           name: {{ include "common.release" . }}-sdc-filebeat-configmap
@@ -190,8 +175,5 @@
         emptyDir: { medium: "Memory" }
       - name:  {{ include "common.fullname" . }}-logs
         emptyDir: {}
-      - name:  {{ include "common.fullname" . }}-cert-storage
-        persistentVolumeClaim:
-          claimName: {{ include "common.fullname" . }}-cert
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
similarity index 98%
rename from kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
index 39758bc..936c7c4 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/templates/job.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/templates/job.yaml
@@ -56,7 +56,7 @@
           mountPath: /home/sdc/chef-solo/environments/
         env:
         - name: ENVNAME
-          value: {{ .Values.global.env.name }}
+          value: {{ .Values.env.name }}
         - name: HOST_IP
           valueFrom:
             fieldRef:
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/templates/service.yaml b/kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-onboarding-be/templates/service.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
similarity index 73%
rename from kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
rename to kubernetes/sdc/components/sdc-onboarding-be/values.yaml
index f42b500..2e5d91e 100644
--- a/kubernetes/sdc/charts/sdc-onboarding-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-onboarding-be/values.yaml
@@ -21,6 +21,42 @@
   readinessImage: onap/oom/readiness:3.0.1
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  aafEnabled: true
+  persistence: {}
+  cassandra:
+    #This flag allows SDC to instantiate its own cluster, serviceName
+    #should be sdc-cs if this flag is enabled
+    localCluster: false
+    #The cassandra service name to connect to (default: shared cassandra service)
+    serviceName: cassandra
+    #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
+    #to match with its own cluster replica
+    replicaCount: 3
+    clusterName: cassandra
+    dataCenter: Pod
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+  nameOverride: sdc-onboarding-be-cert-init
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  fqdn: sdc
+  fqi: sdc@sdc.onap.org
+  public_fqdn: sdc.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  addconfig: true
+  keystoreFile: "org.onap.sdc.p12"
+  truststoreFile: "org.onap.sdc.trust.jks"
+  permission_user: 352070
+  permission_group: 35953
+  aaf_add_config: >
+    /opt/app/aaf_config/bin/agent.sh local showpass
+    {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
 
 #################################################################
 # Application configuration defaults.
@@ -38,6 +74,10 @@
   javaOptions: "-Xmx1g -Xms1g"
   cassandraSslEnabled: "false"
 
+#environment file
+env:
+  name: AUTO
+
 # default number of instances
 replicaCount: 1
 
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/.helmignore b/kubernetes/sdc/components/sdc-wfd-be/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/.helmignore
rename to kubernetes/sdc/components/sdc-wfd-be/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/Chart.yaml b/kubernetes/sdc/components/sdc-wfd-be/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/Chart.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-wfd-be/requirements.yaml b/kubernetes/sdc/components/sdc-wfd-be/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-wfd-be/requirements.yaml
@@ -0,0 +1,23 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#   Modifications Copyright © 2020 AT&T. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+dependencies:
+  - name: certInitializer
+    version: ~6.x-0
+    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/NOTES.txt b/kubernetes/sdc/components/sdc-wfd-be/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-wfd-be/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl b/kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/_helper.tpl
rename to kubernetes/sdc/components/sdc-wfd-be/templates/_helper.tpl
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
similarity index 82%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
index 92fe5f2..b188cda 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/templates/deployment.yaml
@@ -34,7 +34,7 @@
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       {{- if .Values.initJob.enabled }}
       - name: {{ include "common.name" . }}-job-completion
         image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
@@ -55,6 +55,20 @@
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          {{- if .Values.global.aafEnabled }}
+          command:
+          - sh
+          args:
+          - "-c"
+          - |
+            export $(grep '^c' {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+            export SERVER_SSL_KEY_PASSWORD=$cadi_keystore_password_p12
+            export KEYMANAGER_PASS=$cadi_keystore_password_p12
+            export SERVER_SSL_TRUST_PASSWORD=$cadi_truststore_password
+            export SERVER_SSL_KEYSTORE_PATH={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }}
+            export SERVER_SSL_TRUSTSTORE_PATH={{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }}
+            ./startup.sh
+          {{- end }}
           ports:
           - containerPort: {{ template "wfd-be.internalPort" . }}
           # disable liveness probe when breakpoints set in debugger
@@ -106,28 +120,9 @@
             value: "{{ .Values.config.serverSSLEnabled }}"
           - name: SERVER_SSL_KEYSTORE_TYPE
             value: "{{ .Values.config.serverSSLKeyStoreType }}"
-          - name: SERVER_SSL_KEYSTORE_PATH
-            value: "{{ .Values.config.serverSSLKeyStorePath }}"
-          - name: SERVER_SSL_KEY_PASSWORD
-            valueFrom:
-              secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: keystore_password}
           - name: SERVER_SSL_TRUSTSTORE_TYPE
             value: "{{ .Values.config.serverSSLTrustStoreType }}"
-          - name: SERVER_SSL_TRUSTSTORE_PATH
-            value: "{{ .Values.config.serverSSLTrustStorePath }}"
-          - name: SERVER_SSL_TRUST_PASSWORD
-            valueFrom:
-              secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: truststore_password}
-          volumeMounts:
-          - name: sdc-cert
-            mountPath: /keystore
-            subPath: org.onap.sdc.p12
-          - name: sdc-cert
-            mountPath: /truststore
-            subPath: org.onap.sdc.trust.jks
-      volumes:
-        - name: sdc-cert
-          secret:
-            secretName: sdc-cert
+          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/job.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/templates/job.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml b/kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-be/templates/service.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml
similarity index 71%
rename from kubernetes/sdc/charts/sdc-wfd-be/values.yaml
rename to kubernetes/sdc/components/sdc-wfd-be/values.yaml
index 4ab9504..da5ae38 100644
--- a/kubernetes/sdc/charts/sdc-wfd-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml
@@ -21,6 +21,41 @@
   readinessImage: onap/oom/readiness:3.0.1
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  aafEnabled: true
+  cassandra:
+    #This flag allows SDC to instantiate its own cluster, serviceName
+    #should be sdc-cs if this flag is enabled
+    localCluster: false
+    #The cassandra service name to connect to (default: shared cassandra service)
+    serviceName: cassandra
+    #Shared cassandra cluster replicaCount, should be changed if localCluster is enabled
+    #to match with its own cluster replica
+    replicaCount: 3
+    clusterName: cassandra
+    dataCenter: Pod
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+  nameOverride: sdc-wfd-be-cert-init
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  fqdn: sdc
+  fqi: sdc@sdc.onap.org
+  public_fqdn: sdc.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  addconfig: true
+  keystoreFile: "org.onap.sdc.p12"
+  truststoreFile: "org.onap.sdc.trust.jks"
+  permission_user: 352070
+  permission_group: 35953
+  aaf_add_config: >
+    /opt/app/aaf_config/bin/agent.sh local showpass
+    {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
 
 #################################################################
 # Application configuration defaults.
@@ -38,22 +73,19 @@
   javaOptions: "-Xmx1536m -Xms1536m"
   cassandraAuthenticationEnabled: true
   cassandraClientPort: 9042
-
   sdcProtocol: HTTPS
   sdcEndpoint: sdc-be:8443
   sdcExternalUser: workflow
-
   serverSSLEnabled: true
-
   serverSSLKeyStoreType: jks
-  serverSSLKeyStorePath: /home/sdc/etc/keystore
-
   serverSSLTrustStoreType: jks
-  serverSSLTrustStorePath: /home/sdc/etc/truststore
-
   cassandraSSLEnabled: false
   cassandraTrustStorePath: /home/sdc/etc/truststore
 
+# environment file
+env:
+  name: AUTO
+
 # default number of instances
 replicaCount: 1
 
@@ -82,7 +114,6 @@
   externalPort2: 8443
   nodePort: "57" # only one node port. set to http or https port depending on isHttpsEnabled property
 
-
 ingress:
   enabled: false
   service:
@@ -91,7 +122,7 @@
       port: 8443
   config:
     ssl: "redirect"
-    
+
 resources: {}
   # We usually recommend not to specify default resources and to leave this as a conscious
   # choice for the user. This also increases chances charts run on environments with little
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/.helmignore b/kubernetes/sdc/components/sdc-wfd-fe/.helmignore
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/.helmignore
rename to kubernetes/sdc/components/sdc-wfd-fe/.helmignore
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/Chart.yaml b/kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/Chart.yaml
rename to kubernetes/sdc/components/sdc-wfd-fe/Chart.yaml
diff --git a/kubernetes/sdc/components/sdc-wfd-fe/requirements.yaml b/kubernetes/sdc/components/sdc-wfd-fe/requirements.yaml
new file mode 100644
index 0000000..b1d52ae
--- /dev/null
+++ b/kubernetes/sdc/components/sdc-wfd-fe/requirements.yaml
@@ -0,0 +1,23 @@
+#  ============LICENSE_START=======================================================
+#   Copyright (C) 2018 Ericsson. All rights reserved.
+#   Modifications Copyright © 2020 AT&T. All rights reserved.
+#  ================================================================================
+#  Licensed under the Apache License, Version 2.0 (the "License");
+#  you may not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+#  SPDX-License-Identifier: Apache-2.0
+#  ============LICENSE_END=========================================================
+
+dependencies:
+  - name: certInitializer
+    version: ~6.x-0
+    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/NOTES.txt b/kubernetes/sdc/components/sdc-wfd-fe/templates/NOTES.txt
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/templates/NOTES.txt
rename to kubernetes/sdc/components/sdc-wfd-fe/templates/NOTES.txt
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl b/kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/templates/_helper.tpl
rename to kubernetes/sdc/components/sdc-wfd-fe/templates/_helper.tpl
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
similarity index 66%
rename from kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml
rename to kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
index 061b765..ad10480 100644
--- a/kubernetes/sdc/charts/sdc-wfd-fe/templates/deployment.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/templates/deployment.yaml
@@ -33,7 +33,7 @@
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       - name: {{ include "common.name" . }}-readiness
         command:
         - /app/ready.py
@@ -48,10 +48,39 @@
               fieldPath: metadata.namespace
         image: "{{ include "common.repository" . }}/{{ .Values.global.readinessImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+      {{- if .Values.global.aafEnabled }}
+      - name: {{ include "common.fullname" . }}-move-cert
+        command:
+          - /bin/sh
+        args:
+          - -c
+          - |
+            cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.keystoreFile }} /sdc-certs/{{ .Values.certInitializer.keystoreFile }}
+            cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.truststoreFile }} /sdc-certs/{{ .Values.certInitializer.truststoreFile }}
+            cp {{ .Values.certInitializer.credsPath }}/mycreds.prop /sdc-certs/mycreds.prop
+        image: "{{ .Values.global.busyboxRepository }}/{{ .Values.global.busyboxImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
+          - name: sdc-certs
+            mountPath: /sdc-certs
+      {{- end }}
       containers:
         - name: {{ include "common.name" . }}
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          {{- if .Values.global.aafEnabled }}
+          command:
+          - sh
+          args:
+          - "-c"
+          - |
+            export $(grep '^c' /sdc-certs/mycreds.prop | xargs -0)
+            export KEYSTORE_PASS=$cadi_keystore_password_p12
+            export TRUSTSTORE_PASS=$cadi_truststore_password
+            export KEYSTORE_PATH=/etc/{{ .Values.certInitializer.keystoreFile }}
+            export TRUSTSTORE_PATH=/etc/{{ .Values.certInitializer.truststoreFile }}
+            ./startup.sh
+          {{- end }}
           ports:
           - containerPort: {{ template "wfd-fe.internalPort" . }}
           {{ if .Values.liveness.enabled }}
@@ -68,7 +97,7 @@
             periodSeconds: {{ .Values.readiness.periodSeconds }}
           env:
           - name: ENVNAME
-            value: {{ .Values.global.env.name }}
+            value: {{ .Values.env.name }}
           - name: JAVA_OPTIONS
             value: {{ .Values.config.javaOptions }}
           - name: BACKEND
@@ -76,16 +105,6 @@
           - name: IS_HTTPS
             value: "{{ .Values.config.isHttpsEnabled}}"
             {{ if and .Values.config.isHttpsEnabled (eq .Values.security.isDefaultStore false) }}
-          - name: KEYSTORE_PASS
-            valueFrom:
-              secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: keystore_password}
-          - name: TRUSTSTORE_PASS
-            valueFrom:
-              secretKeyRef: {name: {{ include "common.release" . }}-sdc-cs-secrets, key: truststore_password}
-          - name: TRUSTSTORE_PATH
-            value: "{{ .Values.security.storePath }}/{{ .Values.security.truststoreFilename }}"
-          - name: KEYSTORE_PATH
-            value: "{{ .Values.security.storePath }}/{{ .Values.security.keystoreFilename }}"
           - name: TRUST_ALL
             value: "{{ .Values.config.isTrustAll}}"
             {{ end }}
@@ -93,12 +112,17 @@
           - name: {{ include "common.fullname" . }}-localtime
             mountPath: /etc/localtime
             readOnly: true
-          - name: sdc-cert
-            mountPath: /var/lib/jetty/etc/org.onap.sdc.p12
-            subPath: org.onap.sdc.p12
-          - name: sdc-cert
-            mountPath: /var/lib/jetty/etc/org.onap.sdc.trust.jks
-            subPath: org.onap.sdc.trust.jks
+          {{- if .Values.global.aafEnabled }}
+          - name: sdc-certs
+            mountPath: /sdc-certs
+            subpath: mycreds.prop
+          - name: sdc-certs
+            mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.keystoreFile }}
+            subPath: {{ .Values.certInitializer.keystoreFile }}
+          - name: sdc-certs
+            mountPath: /var/lib/jetty/etc/{{ .Values.certInitializer.truststoreFile }}
+            subPath: {{ .Values.certInitializer.truststoreFile }}
+          {{ end }}
           resources:
 {{ include "common.resources" . | indent 12 }}
         {{- if .Values.nodeSelector }}
@@ -121,13 +145,15 @@
             mountPath: /var/log/onap
           - name: {{ include "common.fullname" . }}-data-filebeat
             mountPath: /usr/share/filebeat/data
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
         - name: {{ include "common.fullname" . }}-localtime
           hostPath:
             path: /etc/localtime
-        - name: sdc-cert
-          secret:
-            secretName: sdc-cert
+        {{- if .Values.global.aafEnabled }}
+        - name: sdc-certs
+          emptyDir:
+            medium: "Memory"
+        {{- end }}
         - name: {{ include "common.fullname" . }}-filebeat-conf
           configMap:
             name: {{ include "common.release" . }}-sdc-filebeat-configmap
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/ingress.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/templates/ingress.yaml
rename to kubernetes/sdc/components/sdc-wfd-fe/templates/ingress.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml b/kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
similarity index 100%
rename from kubernetes/sdc/charts/sdc-wfd-fe/templates/service.yaml
rename to kubernetes/sdc/components/sdc-wfd-fe/templates/service.yaml
diff --git a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
similarity index 81%
rename from kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
rename to kubernetes/sdc/components/sdc-wfd-fe/values.yaml
index 1e6e3fe..7bb1b24 100644
--- a/kubernetes/sdc/charts/sdc-wfd-fe/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-fe/values.yaml
@@ -21,6 +21,30 @@
   readinessImage: onap/oom/readiness:3.0.1
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  aafEnabled: true
+
+#################################################################
+# AAF Part
+#################################################################
+certInitializer:
+  nameOverride: sdc-wfd-fe-cert-init
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  fqdn: sdc
+  fqi: sdc@sdc.onap.org
+  public_fqdn: sdc.onap.org
+  cadi_longitude: "0.0"
+  cadi_latitude: "0.0"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  addconfig: true
+  keystoreFile: "org.onap.sdc.p12"
+  truststoreFile: "org.onap.sdc.trust.jks"
+  permission_user: 352070
+  permission_group: 35953
+  aaf_add_config: >
+    /opt/app/aaf_config/bin/agent.sh local showpass
+    {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
 
 #################################################################
 # Application configuration defaults.
@@ -40,11 +64,13 @@
   # following flag decides whether to check the certificate on the outgoing proxy request or whether to trust all parties
   isTrustAll: true
 # https relevant settings. Change in case you have other trust files then default ones.
+
+#environment file
+env:
+  name: AUTO
+
 security:
   isDefaultStore: false
-  truststoreFilename: "org.onap.sdc.trust.jks"
-  keystoreFilename: "org.onap.sdc.p12"
-  storePath: "etc"
 
 # default number of instances
 replicaCount: 1
diff --git a/kubernetes/sdc/requirements.yaml b/kubernetes/sdc/requirements.yaml
index 2ce7b9d..fc27a7b 100644
--- a/kubernetes/sdc/requirements.yaml
+++ b/kubernetes/sdc/requirements.yaml
@@ -14,15 +14,39 @@
 # limitations under the License.
 
 dependencies:
-  - name: common
+  - name: sdc-be
     version: ~6.x-0
-    repository: '@local'
-
-  - name: cassandra
+    repository: 'file://components/sdc-be'
+  - name: sdc-cs
     version: ~6.x-0
-    # local reference to common chart, as it is
-    # a part of this chart's package and will not
-    # be published independently to a repo (at this point)
-    repository: '@local'
-    condition: global.cassandra.localCluster
-
+    repository: 'file://components/sdc-cs'
+  - name: sdc-fe
+    version: ~6.x-0
+    repository: 'file://components/sdc-fe'
+  - name: sdc-onboarding-be
+    version: ~6.x-0
+    repository: 'file://components/sdc-onboarding-be'
+  - name: sdc-wfd-be
+    version: ~6.x-0
+    repository: 'file://components/sdc-wfd-be'
+    condition: sdc-wfd.enabled
+  - name: sdc-wfd-fe
+    version: ~6.x-0
+    repository: 'file://components/sdc-wfd-fe'
+    condition: sdc-wfd.enabled
+  - name: sdc-dcae-be
+    version: ~6.x-0
+    repository: 'file://components/sdc-dcae-be'
+    condition: sdc-dcaed.enabled
+  - name: sdc-dcae-dt
+    version: ~6.x-0
+    repository: 'file://components/sdc-dcae-dt'
+    condition: sdc-dcaed.enabled
+  - name: sdc-dcae-tosca-lab
+    version: ~6.x-0
+    repository: 'file://components/sdc-dcae-tosca-lab'
+    condition: sdc-dcaed.enabled
+  - name: sdc-dcae-fe
+    version: ~6.x-0
+    repository: 'file://components/sdc-dcae-fe'
+    condition: sdc-dcaed.enabled
\ No newline at end of file
diff --git a/kubernetes/sdc/resources/cert/org.onap.sdc.p12 b/kubernetes/sdc/resources/cert/org.onap.sdc.p12
deleted file mode 100644
index 4468560..0000000
--- a/kubernetes/sdc/resources/cert/org.onap.sdc.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/sdc/resources/cert/org.onap.sdc.trust.jks b/kubernetes/sdc/resources/cert/org.onap.sdc.trust.jks
deleted file mode 100644
index e6686cc..0000000
--- a/kubernetes/sdc/resources/cert/org.onap.sdc.trust.jks
+++ /dev/null
Binary files differ
diff --git a/kubernetes/sdc/resources/config/environments/AUTO.json b/kubernetes/sdc/resources/config/environments/AUTO.json
index 2bd165b..b38b1f6 100755
--- a/kubernetes/sdc/resources/config/environments/AUTO.json
+++ b/kubernetes/sdc/resources/config/environments/AUTO.json
@@ -1,6 +1,6 @@
 {
-    "name": "{{ .Values.global.env.name }}",
-    "description": "OpenSource-{{ .Values.global.env.name }}",
+    "name": "{{ .Values.env.name }}",
+    "description": "OpenSource-{{ .Values.env.name }}",
     "cookbook_versions": {
         "Deploy-SDandC": "= 1.0.0"
     },
@@ -107,7 +107,8 @@
       },
       "jetty": {
          "keystore_pwd": "${KEYSTORE_PASS}",
-         "truststore_pwd": "${TRUSTSTORE_PASS}"
+         "truststore_pwd": "${TRUSTSTORE_PASS}",
+         "keymanager_pwd": "${KEYMANAGER_PASS}"
       }
     }
 }
diff --git a/kubernetes/sdc/templates/secrets.yaml b/kubernetes/sdc/templates/secrets.yaml
index 6187104..dd61412 100644
--- a/kubernetes/sdc/templates/secrets.yaml
+++ b/kubernetes/sdc/templates/secrets.yaml
@@ -36,17 +36,3 @@
   keystore_password: "{{ .Values.global.secrets.keystore_password }}"
   # workflow
   wf_external_user_password: "{{ .Values.global.secrets.wf_external_user_password }}"
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: sdc-cert
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/cert/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/sdc/values.yaml b/kubernetes/sdc/values.yaml
index 2694b5d..af0d2a9 100644
--- a/kubernetes/sdc/values.yaml
+++ b/kubernetes/sdc/values.yaml
@@ -15,8 +15,6 @@
 
 global:
   persistence: {}
-  env:
-    name: AUTO
   secrets:
     sdc_user: YXNkY191c2Vy
     sdc_password: QWExMjM0JV4h
@@ -30,6 +28,7 @@
   ubuntuInitImage: ubuntu-init:1.0.0
   busyboxRepository: registry.hub.docker.com
   busyboxImage: library/busybox:latest
+  aafEnabled: true
   cassandra:
    #This flag allows SDC to instantiate its own cluster, serviceName
    #should be sdc-cs if this flag is enabled
@@ -44,6 +43,11 @@
   security:
     disableHttp: true
   envsubstImage: dibi/envsubst
+
+# Environment file
+env:
+  name: AUTO
+
 config:
   logstashServiceName: log-ls
   logstashPort: 5044
@@ -60,3 +64,9 @@
   persistence:
     mountSubPath: sdc/sdc-cs/CS
     enabled: true
+
+# dependency / sub-chart configuration
+sdc-wfd:
+  enabled: true
+sdc-dcaed:
+  enabled: true
\ No newline at end of file