seshukm | 0df1f8e | 2020-08-17 21:45:49 +0530 | [diff] [blame] | 1 | {{- define "so.certificate.container_importer" -}} |
| 2 | {{- $dot := default . .dot -}} |
| 3 | {{- $initRoot := default $dot.Values.soHelpers .initRoot -}} |
| 4 | {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} |
| 5 | {{ include "common.certInitializer.initContainer" $subchartDot }} |
| 6 | {{- if $dot.Values.global.aafEnabled }} |
| 7 | - name: {{ include "common.name" $dot }}-msb-cert-importer |
Sylvain Desbureaux | 747982c | 2020-11-19 17:40:05 +0100 | [diff] [blame] | 8 | image: {{ include "repositoryGenerator.repository" $subchartDot }}/{{ $dot.Values.global.aafAgentImage }} |
seshukm | 0df1f8e | 2020-08-17 21:45:49 +0530 | [diff] [blame] | 9 | imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }} |
| 10 | command: |
| 11 | - "/bin/sh" |
| 12 | args: |
| 13 | - "-c" |
| 14 | - | |
| 15 | export $(grep '^c' {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop | xargs -0) |
| 16 | keytool -import -trustcacerts -alias msb_root -file \ |
| 17 | /certificates/msb-ca.crt -keystore \ |
| 18 | "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \ |
Sylvain Desbureaux | 2954823 | 2020-10-21 18:15:08 +0200 | [diff] [blame] | 19 | -storepass $cadi_truststore_password -noprompt |
| 20 | keytool -importkeystore -srckeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/truststoreONAPall.jks" \ |
| 21 | -srcstorepass {{ $subchartDot.Values.certInitializer.trustStoreAllPass }} \ |
| 22 | -destkeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \ |
| 23 | -deststorepass $cadi_truststore_password -noprompt |
seshukm | 0df1f8e | 2020-08-17 21:45:49 +0530 | [diff] [blame] | 24 | volumeMounts: |
| 25 | {{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }} |
| 26 | - name: {{ include "common.name" $dot }}-msb-certificate |
| 27 | mountPath: /certificates |
| 28 | {{- end }} |
| 29 | {{- end -}} |
| 30 | |
| 31 | {{- define "so.certificate.volumes" -}} |
| 32 | {{- $dot := default . .dot -}} |
| 33 | {{- $initRoot := default $dot.Values.soHelpers .initRoot -}} |
| 34 | {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} |
| 35 | {{ include "common.certInitializer.volumes" $subchartDot }} |
| 36 | {{- if $dot.Values.global.aafEnabled }} |
| 37 | - name: {{ include "common.name" $dot }}-msb-certificate |
| 38 | secret: |
| 39 | secretName: {{ include "common.secret.getSecretNameFast" (dict "global" $subchartDot "uid" "so-onap-certs") }} |
| 40 | {{- end }} |
| 41 | {{- end -}} |
| 42 | |
| 43 | {{- define "so.certificate.volumeMount" -}} |
| 44 | {{- $dot := default . .dot -}} |
| 45 | {{- $initRoot := default $dot.Values.soHelpers .initRoot -}} |
| 46 | {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} |
| 47 | {{ include "common.certInitializer.volumeMount" $subchartDot }} |
| 48 | {{- end -}} |
| 49 | |
| 50 | {{- define "so.certificates.env" -}} |
| 51 | {{- $dot := default . .dot -}} |
| 52 | {{- $initRoot := default $dot.Values.soHelpers .initRoot -}} |
| 53 | {{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }} |
| 54 | {{- if $dot.Values.global.aafEnabled }} |
| 55 | - name: TRUSTSTORE |
| 56 | value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }} |
| 57 | {{- if $dot.Values.global.security.aaf.enabled }} |
| 58 | - name: KEYSTORE |
Sylvain Desbureaux | a1bbe5c | 2020-10-28 16:55:18 +0100 | [diff] [blame] | 59 | value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.p12 |
seshukm | 0df1f8e | 2020-08-17 21:45:49 +0530 | [diff] [blame] | 60 | {{- end }} |
| 61 | {{- end }} |
| 62 | {{- end -}} |