1 # Copyright © 2018 Amdocs, Bell Canada , ZTE
2 # Copyright © 2021 Orange
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
15 #################################################################
16 # Global configuration defaults.
17 #################################################################
21 #################################################################
23 #################################################################
25 nameOverride: msb-iag-cert-initializer
26 aafDeployFqi: deployer@people.osaaf.org
27 aafDeployPass: demo123456!
28 # aafDeployCredsExternalSecret: some secret
30 fqi: msb-iag@msb-iag.onap.org
31 fqi_namespace: org.onap.msb-iag
32 public_fqdn: msb-iag.onap.org
36 credsPath: /opt/app/osaaf/local
38 echo "*** retrieving passwords for certificates"
39 export $(/opt/app/aaf_config/bin/agent.sh local showpass \
40 {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c')
41 if [ -z "$cadi_keystore_password_p12" ]
43 echo " /!\ certificates retrieval failed"
46 mkdir -p {{ .Values.credsPath }}/certs
47 echo "*** retrieve certificate from pkcs12"
48 openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
49 -out {{ .Values.credsPath }}/certs/cert.crt -nokeys \
50 -passin pass:$cadi_keystore_password_p12 \
51 -passout pass:$cadi_keystore_password_p12
52 echo "*** copy key to relevant place"
53 cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key {{ .Values.credsPath }}/certs/cert.key
54 echo "*** change ownership and read/write attributes"
55 chown -R 1000 {{ .Values.credsPath }}/certs
56 chmod 600 {{ .Values.credsPath }}/certs/cert.crt
57 chmod 600 {{ .Values.credsPath }}/certs/cert.key
60 #################################################################
61 # Application configuration defaults.
62 #################################################################
64 image: onap/msb/msb_apigateway:1.2.7
68 # application configuration
70 routeLabels: "visualRange:1"
72 # default number of instances
79 # probe configuration parameters
81 initialDelaySeconds: 10
83 # necessary to disable liveness probe when setting breakpoints
84 # in debugger so K8s doesn't restart unresponsive container
88 initialDelaySeconds: 10
97 externalPortHttps: 443
98 internalPortHttps: 443
110 # Resource Limit flavor -By Default using small
112 # Segregation for Different environment (Small and Large)