Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 5fa2433aff588a48707ce9bbd842ddcc436eea81 / . / kubernetes / so / components / soHelpers / templates / _certificates.tpl
blob: cc22dc97c364815bcd0c935fdcbd13b97573c229 [file] [log] [blame]
seshukm0df1f8e2020-08-17 21:45:49 +0530[diff] [blame]1{{- define "so.certificate.container_importer" -}}
2{{- $dot := default . .dot -}}
3{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
4{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
5{{ include "common.certInitializer.initContainer" $subchartDot }}
6{{- if $dot.Values.global.aafEnabled }}
7- name: {{ include "common.name" $dot }}-msb-cert-importer
Sylvain Desbureaux747982c2020-11-19 17:40:05 +0100[diff] [blame]8 image: {{ include "repositoryGenerator.repository" $subchartDot }}/{{ $dot.Values.global.aafAgentImage }}
seshukm0df1f8e2020-08-17 21:45:49 +0530[diff] [blame]9 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
10 command:
11 - "/bin/sh"
12 args:
13 - "-c"
14 - |
15 export $(grep '^c' {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
16 keytool -import -trustcacerts -alias msb_root -file \
17 /certificates/msb-ca.crt -keystore \
18 "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
Sylvain Desbureaux29548232020-10-21 18:15:08 +0200[diff] [blame]19 -storepass $cadi_truststore_password -noprompt
Sylvain Desbureaux5fa24332020-11-30 09:30:16 +0100[diff] [blame^]20 export EXIT_VALUE=$?
21 if [ "${EXIT_VALUE}" != "0" ]
22 then
23 echo "issue with password: $cadi_truststore_password"
24 exit $EXIT_VALUE
25 else
26 keytool -importkeystore -srckeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/truststoreONAPall.jks" \
27 -srcstorepass {{ $subchartDot.Values.certInitializer.trustStoreAllPass }} \
28 -destkeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
29 -deststorepass $cadi_truststore_password -noprompt
30 export EXIT_VALUE=$?
31 fi
32 exit $EXIT_VALUE
seshukm0df1f8e2020-08-17 21:45:49 +0530[diff] [blame]33 volumeMounts:
34 {{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }}
35 - name: {{ include "common.name" $dot }}-msb-certificate
36 mountPath: /certificates
37{{- end }}
38{{- end -}}
39
40{{- define "so.certificate.volumes" -}}
41{{- $dot := default . .dot -}}
42{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
43{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
44{{ include "common.certInitializer.volumes" $subchartDot }}
45{{- if $dot.Values.global.aafEnabled }}
46- name: {{ include "common.name" $dot }}-msb-certificate
47 secret:
48 secretName: {{ include "common.secret.getSecretNameFast" (dict "global" $subchartDot "uid" "so-onap-certs") }}
49{{- end }}
50{{- end -}}
51
52{{- define "so.certificate.volumeMount" -}}
53{{- $dot := default . .dot -}}
54{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
55{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
56{{ include "common.certInitializer.volumeMount" $subchartDot }}
57{{- end -}}
58
59{{- define "so.certificates.env" -}}
60{{- $dot := default . .dot -}}
61{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
62{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
63{{- if $dot.Values.global.aafEnabled }}
64- name: TRUSTSTORE
65 value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}
66{{- if $dot.Values.global.security.aaf.enabled }}
67- name: KEYSTORE
Sylvain Desbureauxa1bbe5c2020-10-28 16:55:18 +0100[diff] [blame]68 value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.p12
seshukm0df1f8e2020-08-17 21:45:49 +0530[diff] [blame]69{{- end }}
70{{- end }}
71{{- end -}}