Update Gizmo and Champ security config

- Update rProxy to use AAF geo-locate endpoint rather than hard coded IP
address
- Update fProxy to use separate truststore
- Restructure charts to reduce certificate duplication

Change-Id: I1e63ceb0ebabd8bb3dfacc71dac841858279b6f1
Issue-ID: AAF-718
Signed-off-by: Lee, Tian (tl5884) <TianL@amdocs.com>
diff --git a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml
index aa9157f..537763a 100644
--- a/kubernetes/aai/charts/aai-champ/templates/deployment.yaml
+++ b/kubernetes/aai/charts/aai-champ/templates/deployment.yaml
@@ -31,12 +31,6 @@
         app: {{ include "common.name" . }}
         release: {{ .Release.Name }}
     spec:
-    {{ if .Values.global.installSidecarSecurity }}
-      hostAliases:
-      - ip: {{ .Values.global.aaf.serverIp }}
-        hostnames:
-        - {{ .Values.global.aaf.serverHostname }}
-    {{ end }}
       initContainers:
         - command:
           - /root/ready.py
@@ -163,18 +157,18 @@
           - name: {{ include "common.fullname" . }}-rproxy-log-config
             mountPath: /opt/app/rproxy/config/logback-spring.xml
             subPath: logback-spring.xml
-          - name: {{ include "common.fullname" . }}-rproxy-auth-config
+          - name: {{ include "common.fullname" . }}-rproxy-auth-certs
             mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
             subPath: tomcat_keystore
-          - name: {{ include "common.fullname" . }}-rproxy-auth-config
+          - name: {{ include "common.fullname" . }}-rproxy-auth-certs
             mountPath: /opt/app/rproxy/config/auth/client-cert.p12
             subPath: client-cert.p12
+          - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+            mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
+            subPath: org.onap.aai.p12
           - name: {{ include "common.fullname" . }}-rproxy-auth-config
             mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
             subPath: uri-authorization.json
-          #- name: {{ include "common.fullname" . }}-rproxy-auth-config
-          #  mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
-          #  subPath: aaf_truststore.jks
           - name: {{ include "common.fullname" . }}-rproxy-security-config
             mountPath: /opt/app/rproxy/config/security/keyfile
             subPath: keyfile
@@ -189,7 +183,9 @@
           - name: CONFIG_HOME
             value: "/opt/app/fproxy/config"
           - name: KEY_STORE_PASSWORD
-            value: {{ .Values.config.keyStorePassword }} 
+            value: {{ .Values.config.keyStorePassword }}
+          - name: TRUST_STORE_PASSWORD
+            value: {{ .Values.config.trustStorePassword }}
           - name: spring_profiles_active
             value: {{ .Values.global.fproxy.activeSpringProfiles }}
           volumeMounts:
@@ -199,10 +195,13 @@
           - name: {{ include "common.fullname" . }}-fproxy-log-config
             mountPath: /opt/app/fproxy/config/logback-spring.xml
             subPath: logback-spring.xml
-          - name: {{ include "common.fullname" . }}-fproxy-auth-config
+          - name: {{ include "common.fullname" . }}-fproxy-auth-certs
             mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
             subPath: tomcat_keystore
-          - name: {{ include "common.fullname" . }}-fproxy-auth-config
+          - name: {{ include "common.fullname" . }}-fproxy-auth-certs
+            mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
+            subPath: fproxy_truststore
+          - name: {{ include "common.fullname" . }}-fproxy-auth-certs
             mountPath: /opt/app/fproxy/config/auth/client-cert.p12
             subPath: client-cert.p12
           ports:
@@ -251,18 +250,21 @@
         - name: {{ include "common.fullname" . }}-rproxy-auth-config
           secret:
             secretName: {{ include "common.fullname" . }}-rproxy-auth-config
+        - name: {{ include "common.fullname" . }}-rproxy-auth-certs
+          secret:
+            secretName: aai-rproxy-auth-certs
         - name: {{ include "common.fullname" . }}-rproxy-security-config
           secret:
-            secretName: {{ include "common.fullname" . }}-rproxy-security-config
+            secretName: aai-rproxy-security-config
         - name: {{ include "common.fullname" . }}-fproxy-config
           configMap:
             name: {{ include "common.fullname" . }}-fproxy-config
         - name: {{ include "common.fullname" . }}-fproxy-log-config
           configMap:
             name: {{ include "common.fullname" . }}-fproxy-log-config
-        - name: {{ include "common.fullname" . }}-fproxy-auth-config
+        - name: {{ include "common.fullname" . }}-fproxy-auth-certs
           secret:
-            secretName: {{ include "common.fullname" . }}-fproxy-auth-config
+            secretName: aai-fproxy-auth-certs
     {{ end }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"