[COMMON] Override truststore in aaf_agent image
aaf_agent image currently contains hardcoded truststores in order to
be able to connect to certman to retrieve certificate for given
component.
The goal is to remove hardcoded truststore from aaf_agent immage but
first we need to be sure that all its users are able to provide the
truststore to the pod as a configmap.
Issue-ID: AAF-1134
Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com>
Change-Id: Ibe9de6ad7264c05aeca2af858918fc2b4d3a772b
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
index e4a878b..0e0f339 100644
--- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml
+++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
@@ -67,6 +67,12 @@
volumeMounts:
- mountPath: {{ $initRoot.mountPath }}
name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }}
+ - mountPath: /opt/app/aaf_config/cert/truststoreONAPall.jks.b64
+ name: aaf-agent-certs
+ subPath: truststoreONAPall.jks.b64
+ - mountPath: /opt/app/aaf_config/cert/truststoreONAP.p12.b64
+ name: aaf-agent-certs
+ subPath: truststoreONAP.p12.b64
{{- if $initRoot.aaf_add_config }}
- name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh
@@ -127,6 +133,11 @@
configMap:
name: {{ include "common.fullname" $subchartDot }}-add-config
defaultMode: 0700
+- name: aaf-agent-certs
+ configMap:
+ name: {{ include "common.fullname" $subchartDot }}-certs
+ defaultMode: 0700
+
{{- end -}}
{{- end -}}