1 # Copyright © 2017 Amdocs, Bell Canada
3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
7 # http://www.apache.org/licenses/LICENSE-2.0
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
15 #################################################################
16 # Global configuration defaults.
17 #################################################################
21 #################################################################
22 # Certificate configuration
23 #################################################################
25 nameOverride: cli-cert-initializer
26 aafDeployFqi: deployer@people.osaaf.org
27 aafDeployPass: demo123456!
28 # aafDeployCredsExternalSecret: some secret
30 app_ns: "org.osaaf.aaf"
31 fqi_namespace: "org.onap.cli"
32 fqi: "cli@cli.onap.org"
33 public_fqdn: "aaf.osaaf.org"
36 credsPath: /opt/app/osaaf/local
38 echo "*** retrieving password for keystore and trustore"
39 export $(/opt/app/aaf_config/bin/agent.sh local showpass \
40 {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
41 if [ -z "$cadi_keystore_password_p12" ]
43 echo " /!\ certificates retrieval failed"
46 echo "*** transform AAF certs into pem files"
47 mkdir -p {{ .Values.credsPath }}/certs
48 keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
49 -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
51 -storepass $cadi_truststore_password
52 openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
53 -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
54 -passin pass:$cadi_keystore_password_p12 \
55 -passout pass:$cadi_keystore_password_p12
56 echo "*** generating needed file"
57 cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
58 {{ .Values.credsPath }}/certs/cert.pem \
59 {{ .Values.credsPath }}/certs/cacert.pem \
60 > {{ .Values.credsPath }}/certs/fullchain.pem;
61 cat {{ .Values.credsPath }}/certs/fullchain.pem
62 echo "*** change ownership of certificates to targeted user"
63 chown -R 33 {{ .Values.credsPath }}
67 #################################################################
68 # Application configuration defaults.
69 #################################################################
75 # application configuration
79 # default number of instances
86 # probe configuration parameters
88 initialDelaySeconds: 10
90 # necessary to disable liveness probe when setting breakpoints
91 # in debugger so K8s doesn't restart unresponsive container
95 initialDelaySeconds: 10
111 - baseaddr: "cli.api"
114 - baseaddr: "cli2.api"
120 # Configure resource requests and limits
121 # ref: http://kubernetes.io/docs/user-guide/compute-resources/