Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / c071ab6e0b6116d4d203cff9548aac1a9b2377cf / . / kubernetes / so / components / soHelpers / templates / _certificates.tpl
blob: ef3b0768f550ca0e794cbd91165a1e9e4e2aa1f3 [file] [log] [blame]
seshukm0df1f8e2020-08-17 21:45:49 +0530[diff] [blame]1{{- define "so.certificate.container_importer" -}}
2{{- $dot := default . .dot -}}
3{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
4{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
5{{ include "common.certInitializer.initContainer" $subchartDot }}
6{{- if $dot.Values.global.aafEnabled }}
7- name: {{ include "common.name" $dot }}-msb-cert-importer
8 image: "{{ include "common.repository" $dot }}/{{ $dot.Values.global.aafAgentImage }}"
9 imagePullPolicy: {{ $dot.Values.global.pullPolicy | default $subchartDot.Values.pullPolicy }}
10 command:
11 - "/bin/sh"
12 args:
13 - "-c"
14 - |
15 export $(grep '^c' {{ $subchartDot.Values.certInitializer.credsPath }}/mycreds.prop | xargs -0)
16 keytool -import -trustcacerts -alias msb_root -file \
17 /certificates/msb-ca.crt -keystore \
18 "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
Sylvain Desbureaux29548232020-10-21 18:15:08 +0200[diff] [blame]19 -storepass $cadi_truststore_password -noprompt
20 keytool -importkeystore -srckeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/truststoreONAPall.jks" \
21 -srcstorepass {{ $subchartDot.Values.certInitializer.trustStoreAllPass }} \
22 -destkeystore "{{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}" \
23 -deststorepass $cadi_truststore_password -noprompt
seshukm0df1f8e2020-08-17 21:45:49 +0530[diff] [blame]24 volumeMounts:
25 {{ include "common.certInitializer.volumeMount" $subchartDot | indent 2 | trim }}
26 - name: {{ include "common.name" $dot }}-msb-certificate
27 mountPath: /certificates
28{{- end }}
29{{- end -}}
30
31{{- define "so.certificate.volumes" -}}
32{{- $dot := default . .dot -}}
33{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
34{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
35{{ include "common.certInitializer.volumes" $subchartDot }}
36{{- if $dot.Values.global.aafEnabled }}
37- name: {{ include "common.name" $dot }}-msb-certificate
38 secret:
39 secretName: {{ include "common.secret.getSecretNameFast" (dict "global" $subchartDot "uid" "so-onap-certs") }}
40{{- end }}
41{{- end -}}
42
43{{- define "so.certificate.volumeMount" -}}
44{{- $dot := default . .dot -}}
45{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
46{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
47{{ include "common.certInitializer.volumeMount" $subchartDot }}
48{{- end -}}
49
50{{- define "so.certificates.env" -}}
51{{- $dot := default . .dot -}}
52{{- $initRoot := default $dot.Values.soHelpers .initRoot -}}
53{{- $subchartDot := fromJson (include "common.subChartDot" (dict "dot" $dot "initRoot" $initRoot)) }}
54{{- if $dot.Values.global.aafEnabled }}
55- name: TRUSTSTORE
56 value: {{ $subchartDot.Values.certInitializer.credsPath }}/{{ $subchartDot.Values.aaf.trustore }}
57{{- if $dot.Values.global.security.aaf.enabled }}
58- name: KEYSTORE
59 value: {{ $subchartDot.Values.certInitializer.credsPath }}/org.onap.so.jks
60{{- end }}
61{{- end }}
62{{- end -}}