seshukm | 0df1f8e | 2020-08-17 21:45:49 +0530 | [diff] [blame] | 1 | {{- define "so.certificate.container_importer" -}} |
| 2 | {{- $dot := default . .dot -}} |
| 3 | {{- $initRoot := default $dot.Values.soHelpers .initRoot -}} |
| 4 | {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} |
| 5 | {{ include "common.certInitializer.initContainer" $subchartDot }} |
| 6 | {{- if $dot.Values.global.aafEnabled }} |
| 7 | - name: {{ include "common.name" $dot }}-msb-cert-importer |
| 8 | image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.aafAgentImage }}" |
| 9 | imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} |
| 10 | command: |
| 11 | - "/bin/sh" |
| 12 | args: |
| 13 | - "-c" |
| 14 | - | |
| 15 | export $(grep '^c' {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) |
| 16 | keytool -import -trustcacerts -alias msb_root -file \ |
| 17 | /certificates/msb-ca.crt -keystore \ |
| 18 | "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \ |
| 19 | -keypass $cadi_truststore_password -noprompt |
| 20 | volumeMounts: |
| 21 | {{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }} |
| 22 | - name: {{ include "common.name" $dot }}-msb-certificate |
| 23 | mountPath: /certificates |
| 24 | {{- end }} |
| 25 | {{- end -}} |
| 26 | |
| 27 | {{- define "so.certificate.volumes" -}} |
| 28 | {{- $dot := default . .dot -}} |
| 29 | {{- $initRoot := default $dot.Values.soHelpers .initRoot -}} |
| 30 | {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} |
| 31 | {{ include "common.certInitializer.volumes" $subchartDot }} |
| 32 | {{- if $dot.Values.global.aafEnabled }} |
| 33 | - name: {{ include "common.name" $dot }}-msb-certificate |
| 34 | secret: |
| 35 | secretName: {{ include "common.secret.getSecretNameFast" (dict "global" $subchartDot "uid" "so-onap-certs") }} |
| 36 | {{- end }} |
| 37 | {{- end -}} |
| 38 | |
| 39 | {{- define "so.certificate.volumeMount" -}} |
| 40 | {{- $dot := default . .dot -}} |
| 41 | {{- $initRoot := default $dot.Values.soHelpers .initRoot -}} |
| 42 | {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} |
| 43 | {{ include "common.certInitializer.volumeMount" $subchartDot }} |
| 44 | {{- end -}} |
| 45 | |
| 46 | {{- define "so.certificates.env" -}} |
| 47 | {{- $dot := default . .dot -}} |
| 48 | {{- $initRoot := default $dot.Values.soHelpers .initRoot -}} |
| 49 | {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} |
| 50 | {{- if $dot.Values.global.aafEnabled }} |
| 51 | - name: TRUSTSTORE |
| 52 | value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }} |
| 53 | {{- if $dot.Values.global.security.aaf.enabled }} |
| 54 | - name: KEYSTORE |
| 55 | value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.jks |
| 56 | {{- end }} |
| 57 | {{- end }} |
| 58 | {{- end -}} |