[AAI][TRAVERSAL] Remove Hardcoded certificates

Use Certinitializer in order to retrieve needed certificates.

Issue-ID: OOM-2680
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: I1ec295d863f8f6c0d11e64173b474e82f63e6b17
diff --git a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml
index 6f5ac82..2362149 100644
--- a/kubernetes/aai/components/aai-traversal/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-traversal/templates/deployment.yaml
@@ -91,31 +91,28 @@
       {{- end }}
     spec:
       hostname: aai-traversal
-    {{ if .Values.global.initContainers.enabled }}
-      initContainers:
+      initContainers: {{ include "common.certInitializer.initContainer" . | nindent 6 }}
       - command:
-      {{ if .Values.global.jobs.migration.enabled }}
         - /app/ready.py
         args:
+      {{- if .Values.global.jobs.migration.enabled }}
         - --job-name
         - {{ include "common.release" . }}-aai-graphadmin-migration
-      {{  else if .Values.global.jobs.createSchema.enabled  }}
-        - /app/ready.py
-        args:
+      {{- else  }}
+        {{- if .Values.global.jobs.createSchema.enabled  }}
         - --job-name
         - {{ include "common.release" . }}-aai-graphadmin-create-db-schema
-      {{  else }}
-        - /app/ready.py
-        args:
-        - --container-name
-        {{- if .Values.global.cassandra.localCluster }}
-        - aai-cassandra
         {{- else }}
+        - --container-name
+          {{- if .Values.global.cassandra.localCluster }}
+        - aai-cassandra
+          {{- else }}
         - cassandra
-        {{- end }}
+          {{- end }}
         - --container-name
         - aai-schema-service
-      {{ end }}
+        {{- end }}
+      {{- end }}
         env:
         - name: NAMESPACE
           valueFrom:
@@ -125,19 +122,29 @@
         image: {{ include "repositoryGenerator.image.readiness" . }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-readiness
-    {{ end }}
       containers:
       - name: {{ include "common.name" . }}
         image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        command:
+        - sh
+        args:
+        - -c
+        - |
+          echo "*** retrieve Truststore and Keystore password"
+          export $(cat {{ .Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
+          echo "*** actual launch of AAI Resources"
+          /bin/bash /opt/app/aai-traversal/docker-entrypoint.sh
         env:
+        - name: TRUSTORE_ALL_PASSWORD
+          value: {{ .Values.certInitializer.truststoreAllPassword }}
         - name: DISABLE_UPDATE_QUERY
           value: {{ .Values.config.disableUpdateQuery | quote }}
         - name: LOCAL_USER_ID
           value: {{ .Values.global.config.userId | quote }}
         - name: LOCAL_GROUP_ID
           value: {{ .Values.global.config.groupId | quote }}
-        volumeMounts:
+        volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 8 }}
         - mountPath: /etc/localtime
           name: localtime
           readOnly: true
@@ -163,9 +170,6 @@
         - mountPath: /opt/app/aai-traversal/resources/etc/auth/realm.properties
           name: {{ include "common.fullname" . }}-config
           subPath: realm.properties
-        - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.keyfile
-          name: {{ include "common.fullname" . }}-aaf-certs
-          subPath: org.onap.aai.keyfile
         - mountPath: /opt/app/aai-traversal/resources/aaf/bath_config.csv
           name: {{ include "common.fullname" . }}-aaf-certs
           subPath: bath_config.csv
@@ -181,21 +185,9 @@
         - mountPath: /opt/app/aai-traversal/resources/cadi.properties
           name: {{ include "common.fullname" . }}-aaf-properties
           subPath: cadi.properties
-        - mountPath: /opt/app/aai-traversal/resources/aaf/org.onap.aai.p12
-          name: {{ include "common.fullname" . }}-aaf-certs
-          subPath: org.onap.aai.p12
-        - mountPath: /opt/app/aai-traversal/resources/aaf/truststoreONAPall.jks
-          name: aai-common-aai-auth-mount
-          subPath: truststoreONAPall.jks
         - mountPath: /opt/app/aai-traversal/resources/application.properties
           name: {{ include "common.fullname" . }}-config
           subPath: application.properties
-          {{ $global := . }}
-          {{ range $job := .Values.global.config.auth.files }}
-        - mountPath: /opt/app/aai-traversal/resources/etc/auth/{{ . }}
-          name: {{ include "common.fullname" $global }}-auth-truststore-sec
-          subPath: {{ . }}
-          {{ end }}
         ports:
         - containerPort: {{ .Values.service.internalPort }}
         - containerPort: {{ .Values.service.internalPort2 }}
@@ -218,7 +210,7 @@
       {{- if .Values.nodeSelector }}
       nodeSelector:
 {{ toYaml .Values.nodeSelector | indent 8 }}
-      {{- end -}}
+      {{- end }}
       {{- if .Values.affinity }}
       affinity:
 {{ toYaml .Values.affinity | indent 8 }}
@@ -238,7 +230,7 @@
           name: {{ include "common.fullname" . }}-filebeat
         resources:
 {{ include "common.resources" . }}
-      volumes:
+      volumes: {{ include "common.certInitializer.volumes" . | nindent 6 }}
       - name: localtime
         hostPath:
           path: /etc/localtime
@@ -253,24 +245,16 @@
         emptyDir: {}
       - name: {{ include "common.fullname" . }}-config
         configMap:
-          name: {{ include "common.fullname" . }}-configmap
+          name: {{ include "common.fullname" . }}
       - name: {{ include "common.fullname" . }}-aaf-properties
         configMap:
           name: {{ include "common.fullname" . }}-aaf-props
       - name: {{ include "common.fullname" . }}-aaf-certs
         secret:
-          secretName: {{ include "common.fullname" . }}-aaf-keys
+          secretName: {{ include "common.fullname" . }}-aaf
       - name: aai-common-aai-auth-mount
         secret:
           secretName: aai-common-aai-auth
-      - name: {{ include "common.fullname" . }}-auth-truststore-sec
-        secret:
-          secretName: aai-common-truststore
-          items:
-            {{ range $job := .Values.global.config.auth.files }}
-            - key: {{ . }}
-              path: {{ . }}
-            {{ end }}
       restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"