Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 0df1f8ec5332651b5ce2731dd25ee2319f393b4f / . / kubernetes / so / components / soHelpers / templates / _certificates.tpl
blob: fa25ba51776c493a43c3ea7aa358e183bba69c96 [file] [log] [blame]
seshukm0df1f8e2020-08-17 21:45:49 +0530[diff] [blame^]1{{- define "so.certificate.container_importer" -}}
2{{- $dot := default . .dot -}}
3{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
4{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
5{{ include "common.certInitializer.initContainer" $subchartDot }}
6{{- if $dot.Values.global.aafEnabled }}
7- name: {{ include "common.name" $dot }}-msb-cert-importer
8 image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.aafAgentImage }}"
9 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
10 command:
11 - "/bin/sh"
12 args:
13 - "-c"
14 - |
15 export $(grep '^c' {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
16 keytool -import -trustcacerts -alias msb_root -file \
17 /certificates/msb-ca.crt -keystore \
18 "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
19 -keypass $cadi_truststore_password -noprompt
20 volumeMounts:
21 {{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }}
22 - name: {{ include "common.name" $dot }}-msb-certificate
23 mountPath: /certificates
24{{- end }}
25{{- end -}}
26
27{{- define "so.certificate.volumes" -}}
28{{- $dot := default . .dot -}}
29{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
30{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
31{{ include "common.certInitializer.volumes" $subchartDot }}
32{{- if $dot.Values.global.aafEnabled }}
33- name: {{ include "common.name" $dot }}-msb-certificate
34 secret:
35 secretName: {{ include "common.secret.getSecretNameFast" (dict "global" $subchartDot "uid" "so-onap-certs") }}
36{{- end }}
37{{- end -}}
38
39{{- define "so.certificate.volumeMount" -}}
40{{- $dot := default . .dot -}}
41{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
42{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
43{{ include "common.certInitializer.volumeMount" $subchartDot }}
44{{- end -}}
45
46{{- define "so.certificates.env" -}}
47{{- $dot := default . .dot -}}
48{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
49{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
50{{- if $dot.Values.global.aafEnabled }}
51- name: TRUSTSTORE
52 value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}
53{{- if $dot.Values.global.security.aaf.enabled }}
54- name: KEYSTORE
55 value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.jks
56{{- end }}
57{{- end }}
58{{- end -}}