[CCSDK] Configure dgbuilder to use certInitializer

This change makes the following fixes to dgbuilder:
   * Replace hard-coded certificate with certificate generated by
     certInitializer
   * Configure dgbuilder to use http instead of https if AAF is
     disabled (i.e. global aafEnabled property = false)
   * Add resource limits

Issue-ID: SDNC-1356
Signed-off-by: Dan Timoney <dtimoney@att.com>
Change-Id: I8ca97c6a44f62a0abe5b5a6f8564ebcd2e4addb1
diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml
index 57ce1e9..8b3ce26 100644
--- a/kubernetes/appc/values.yaml
+++ b/kubernetes/appc/values.yaml
@@ -133,6 +133,8 @@
 
 dgbuilder:
   nameOverride: appc-dgbuilder
+  certInitializer:
+    nameOverride: appc-dgbuilder-cert-initializer
   config:
     db:
       rootPasswordExternalSecret: '{{ include "common.release" . }}-appc-db-root-pass'
diff --git a/kubernetes/common/dgbuilder/requirements.yaml b/kubernetes/common/dgbuilder/requirements.yaml
index 4735901..cf305d4 100644
--- a/kubernetes/common/dgbuilder/requirements.yaml
+++ b/kubernetes/common/dgbuilder/requirements.yaml
@@ -16,3 +16,6 @@
   - name: common
     version: ~6.x-0
     repository: 'file://../common'
+  - name: certInitializer
+    version: ~6.x-0
+    repository: '@local'
diff --git a/kubernetes/common/dgbuilder/resources/config/customSettings.js b/kubernetes/common/dgbuilder/resources/config/customSettings.js
index 42c2e57..b6a1a86 100644
--- a/kubernetes/common/dgbuilder/resources/config/customSettings.js
+++ b/kubernetes/common/dgbuilder/resources/config/customSettings.js
@@ -54,6 +54,8 @@
     },
     "uiHost": "0.0.0.0",
     "version": "0.9.1",
-    "performGitPull": "N",
-    "enableHttps" : true
+    {{ if .Values.global.aafEnabled }}
+    "enableHttps" : true,
+    {{ end }}
+    "performGitPull": "N"
 }
diff --git a/kubernetes/common/dgbuilder/templates/deployment.yaml b/kubernetes/common/dgbuilder/templates/deployment.yaml
index 1c32e12..ec088e9 100644
--- a/kubernetes/common/dgbuilder/templates/deployment.yaml
+++ b/kubernetes/common/dgbuilder/templates/deployment.yaml
@@ -70,6 +70,7 @@
         image: "{{ .Values.global.envsubstImage }}"
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-update-config
+{{ include "common.certInitializer.initContainer" . | indent 6 }}
       - command:
         - /app/ready.py
         args:
@@ -89,7 +90,7 @@
           image: "{{ include "common.repository" . }}/{{ .Values.image }}"
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           command: ["/bin/bash"]
-          args: ["-c", "cd /opt/onap/ccsdk/dgbuilder/ && ./start.sh sdnc1.0 && wait"]
+          args: ["-c", "cd /opt/onap/ccsdk/dgbuilder/ && {{ if .Values.global.aafEnabled}} cp /opt/app/osaaf/local/node-*.pem certs && {{end}}./start.sh sdnc1.0 && wait"]
           ports:
           - containerPort: {{ .Values.service.internalPort }}
           readinessProbe:
@@ -101,6 +102,7 @@
           - name: SDNC_CONFIG_DIR
             value: /opt/onap/sdnc/data/properties
           volumeMounts:
+{{ include "common.certInitializer.volumeMount" . | indent 10 }}
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
@@ -127,6 +129,7 @@
 {{ toYaml .Values.affinity | indent 10 }}
         {{- end }}
       volumes:
+{{ include "common.certInitializer.volumes" . | nindent 8 }}
         - name: localtime
           hostPath:
             path: /etc/localtime
diff --git a/kubernetes/common/dgbuilder/values.yaml b/kubernetes/common/dgbuilder/values.yaml
index a7e6e24..cf88fe5 100644
--- a/kubernetes/common/dgbuilder/values.yaml
+++ b/kubernetes/common/dgbuilder/values.yaml
@@ -158,21 +158,45 @@
   config:
     ssl: "redirect"
 
-resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  #
-  # Example:
-  # Configure resource requests and limits
-  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
-  # Minimum memory for development is 2 CPU cores and 4GB memory
-  # Minimum memory for production is 4 CPU cores and 8GB memory
-#resources:
-#  limits:
-#    cpu: 2
-#    memory: 4Gi
-#  requests:
-#    cpu: 2
-#    memory: 4Gi
+ # dependency / sub-chart configuration
+certInitializer:
+  nameOverride: dgbuilder-cert-initializer
+  truststoreMountpath: /opt/onap/ccsdk/dgbuilder/certs
+  fqdn: "sdnc"
+  app_ns: "org.osaaf.aaf"
+  fqi: "sdnc@sdnc.onap.org"
+  fqi_namespace: org.onap.sdnc
+  public_fqdn: "dgbuilder.onap.org"
+  aafDeployFqi: "deployer@people.osaaf.org"
+  aafDeployPass: demo123456!
+  cadi_latitude: "38.0"
+  cadi_longitude: "-72.0"
+  credsPath: /opt/app/osaaf/local
+  aaf_add_config: >
+    cd /opt/app/osaaf/local;
+    /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1 ;
+    cp {{ .Values.fqi_namespace }}.crt node-cert.pem;
+    cp {{ .Values.fqi_namespace }}.key node-key.pem;
+    chmod go+r node-*.pem
+
+#Resource Limit flavor -By Default using small
+flavor: small
+#segregation for different envionment (Small and Large)
+
+resources:
+  small:
+    limits:
+      cpu: 2
+      memory: 4Gi
+    requests:
+      cpu: 1
+      memory: 2Gi
+  large:
+    limits:
+      cpu: 4
+      memory: 8Gi
+    requests:
+      cpu: 2
+      memory: 4Gi
+  unlimited: {}
+
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index aee6f25..f1e6821 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -283,6 +283,8 @@
 dgbuilder:
   enabled: true
   nameOverride: sdnc-dgbuilder
+  certInitializer:
+    nameOverride: sdnc-dgbuilder-cert-initializer
   config:
     db:
       dbName: *sdncDbName