Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 41cf72f18803970b7dfb91d2537dd35a4342ac36 / . / kubernetes / common / certInitializer / templates / _certInitializer.yaml
blob: eddc7bc1241c43469e8157e79c123db88c908292 [file] [log] [blame]
Krzysztof Opasiak020cdb92020-05-01 01:46:37 +0200[diff] [blame]1{{/*
2# Copyright © 2020 Samsung Electronics
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15*/}}
16
17
18
19{{- define "common.certInitializer._aafConfigVolumeName" -}}
20 {{ include "common.fullname" . }}-aaf-config
21{{- end -}}
22
23{{- define "common.certInitializer._aafAddConfigVolumeName" -}}
24 {{ print "aaf-add-config" }}
25{{- end -}}
26
27{{/*
28 common templates to enable cert initialization for applictaions
29
30 In deployments/jobs/stateful include:
31 initContainers:
32 {{ include "common.certInitializer.initContainer" . | nindent XX }}
33
34 containers:
35 volumeMounts:
36 {{- include "common.certInitializer.volumeMount" . | nindent XX }}
37 volumes:
38 {{- include "common.certInitializer.volume" . | nindent XX}}
39*/}}
40{{- define "common.certInitializer._initContainer" -}}
41{{- $dot := default . .dot -}}
42{{- $initRoot := default $dot.Values.certInitializer .initRoot -}}
43{{- $initName := default "certInitializer" -}}
Sylvain Desbureaux41cf72f2020-05-15 17:25:52 +0200[diff] [blame^]44{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
Krzysztof Opasiak020cdb92020-05-01 01:46:37 +0200[diff] [blame]45- name: {{ include "common.name" $dot }}-aaf-readiness
Krzysztof Opasiak3e5fa9a2020-05-19 00:44:12 +0200[diff] [blame]46 image: "{{ $subchartDot.Values.global.readinessRepository }}/{{ $subchartDot.Values.global.readinessImage }}"
47 imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
Krzysztof Opasiak020cdb92020-05-01 01:46:37 +0200[diff] [blame]48 command:
49 - /root/ready.py
50 args:
51 - --container-name
52 - aaf-locate
53 - --container-name
54 - aaf-cm
55 - --container-name
56 - aaf-service
57 env:
58 - name: NAMESPACE
59 valueFrom:
60 fieldRef:
61 apiVersion: v1
62 fieldPath: metadata.namespace
63- name: {{ include "common.name" $dot }}-aaf-config
Krzysztof Opasiak3e5fa9a2020-05-19 00:44:12 +0200[diff] [blame]64 image: {{ (default $subchartDot.Values.repository $subchartDot.Values.global.repository) }}/{{ $subchartDot.Values.global.aafAgentImage }}
65 imagePullPolicy: {{ $subchartDot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
Krzysztof Opasiak020cdb92020-05-01 01:46:37 +0200[diff] [blame]66 volumeMounts:
67 - mountPath: {{ $initRoot.mountPath }}
68 name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }}
Krzysztof Opasiak95a5f842020-05-06 23:27:18 +0200[diff] [blame]69 - mountPath: /opt/app/aaf_config/cert/truststoreONAPall.jks.b64
70 name: aaf-agent-certs
71 subPath: truststoreONAPall.jks.b64
72 - mountPath: /opt/app/aaf_config/cert/truststoreONAP.p12.b64
73 name: aaf-agent-certs
74 subPath: truststoreONAP.p12.b64
Krzysztof Opasiak020cdb92020-05-01 01:46:37 +0200[diff] [blame]75{{- if $initRoot.aaf_add_config }}
76 - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
77 mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh
78 subPath: aaf-add-config.sh
79{{- end }}
80 command:
81 - sh
82 - -c
83 - |
84 #!/usr/bin/env bash
85 /opt/app/aaf_config/bin/agent.sh
86{{- if $initRoot.aaf_add_config }}
87 /opt/app/aaf_config/bin/aaf-add-config.sh
88{{- end }}
89 env:
90 - name: APP_FQI
91 value: "{{ $initRoot.fqi }}"
92 - name: aaf_locate_url
93 value: "https://aaf-locate.{{ $dot.Release.Namespace}}:8095"
94 - name: aaf_locator_container
95 value: "oom"
96 - name: aaf_locator_container_ns
97 value: "{{ $dot.Release.Namespace }}"
98 - name: aaf_locator_fqdn
99 value: "{{ $initRoot.fqdn }}"
100 - name: aaf_locator_app_ns
101 value: "{{ $initRoot.app_ns }}"
102 - name: DEPLOY_FQI
103 {{- include "common.secret.envFromSecretFast" (dict "global" $subchartDot "uid" "deployer-creds" "key" "login") | indent 6 }}
104 - name: DEPLOY_PASSWORD
105 {{- include "common.secret.envFromSecretFast" (dict "global" $subchartDot "uid" "deployer-creds" "key" "password") | indent 6 }}
106 #Note: want to put this on Nodes, eventually
107 - name: cadi_longitude
108 value: "{{ default "52.3" $initRoot.cadi_longitude }}"
109 - name: cadi_latitude
110 value: "{{ default "13.2" $initRoot.cadi_latitude }}"
111 #Hello specific. Clients don't don't need this, unless Registering with AAF Locator
112 - name: aaf_locator_public_fqdn
113 value: "{{ $initRoot.public_fqdn | default "" }}"
114{{- end -}}
115
116{{- define "common.certInitializer._volumeMount" -}}
117{{- $dot := default . .dot -}}
118{{- $initRoot := default $dot.Values.certInitializer .initRoot -}}
119- mountPath: {{ $initRoot.mountPath }}
120 name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }}
121{{- end -}}
122
123{{- define "common.certInitializer._volumes" -}}
124{{- $dot := default . .dot -}}
125{{- $initRoot := default $dot.Values.certInitializer .initRoot -}}
Krzysztof Opasiak3e5fa9a2020-05-19 00:44:12 +0200[diff] [blame]126{{- $subchartDot := mergeOverwrite (deepCopy (omit $dot "Values")) (dict "Chart" (set (fromJson (toJson $dot.Chart)) "Name" $initRoot.nameOverride) "Values" (mergeOverwrite (deepCopy $initRoot) (dict "global" $dot.Values.global))) }}
Krzysztof Opasiak020cdb92020-05-01 01:46:37 +0200[diff] [blame]127- name: {{ include "common.certInitializer._aafConfigVolumeName" $dot }}
128 emptyDir:
129 medium: Memory
Krzysztof Opasiak95a5f842020-05-06 23:27:18 +0200[diff] [blame]130- name: aaf-agent-certs
131 configMap:
132 name: {{ include "common.fullname" $subchartDot }}-certs
133 defaultMode: 0700
134
Krzysztof Opasiak108483c2020-05-14 01:44:30 +0200[diff] [blame]135{{- if $initRoot.aaf_add_config }}
136- name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
137 configMap:
138 name: {{ include "common.fullname" $subchartDot }}-add-config
139 defaultMode: 0700
Krzysztof Opasiak020cdb92020-05-01 01:46:37 +0200[diff] [blame]140{{- end -}}
141{{- end -}}
142
143{{- define "common.certInitializer.initContainer" -}}
144{{- $dot := default . .dot -}}
145 {{- if $dot.Values.global.aafEnabled }}
146 {{ include "common.certInitializer._initContainer" . }}
147 {{- end -}}
148{{- end -}}
149
150{{- define "common.certInitializer.volumeMount" -}}
151{{- $dot := default . .dot -}}
152 {{- if $dot.Values.global.aafEnabled }}
153 {{- include "common.certInitializer._volumeMount" . }}
154 {{- end -}}
155{{- end -}}
156
157{{- define "common.certInitializer.volumes" -}}
158{{- $dot := default . .dot -}}
159 {{- if $dot.Values.global.aafEnabled }}
160 {{- include "common.certInitializer._volumes" . }}
161 {{- end -}}
162{{- end -}}