#################################################################
global:
nodePortPrefix: 302
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
+
+#################################################################
+# Certificate configuration
+#################################################################
+certInitializer:
+ nameOverride: cli-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: "cli"
+ app_ns: "org.osaaf.aaf"
+ fqi_namespace: "org.onap.cli"
+ fqi: "cli@cli.onap.org"
+ public_fqdn: "aaf.osaaf.org"
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: |
+ echo "*** transform AAF certs into pem files"
+ mkdir -p {{ .Values.credsPath }}/certs
+ keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
+ -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
+ -alias ca_local_0 \
+ -storepass $cadi_truststore_password
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** generating needed file"
+ cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+ {{ .Values.credsPath }}/certs/cert.pem \
+ {{ .Values.credsPath }}/certs/cacert.pem \
+ > {{ .Values.credsPath }}/certs/fullchain.pem;
+ cat {{ .Values.credsPath }}/certs/fullchain.pem
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 33 {{ .Values.credsPath }}
+
+
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
-image: onap/cli:2.0.2
+image: onap/cli:6.0.1
pullPolicy: Always
flavor: small
service:
type: NodePort
name: cli
- externalPort: 8080
- externalPort1: 9090
- internalPort: "80"
- internalPort1: 8080
+ externalPort: 443
+ externalPort1: 9443
+ internalPort: "443"
+ internalPort1: 9443
nodePort: "60"
nodePort1: "71"
ingress:
enabled: false
+ service:
+ - baseaddr: "cli.api"
+ name: "cli"
+ port: 443
+ - baseaddr: "cli2.api"
+ name: cli
+ port: 9443
+ config:
+ ssl: "redirect"
# Configure resource requests and limits
# ref: http://kubernetes.io/docs/user-guide/compute-resources/
requests:
cpu: 2
memory: 4Gi
- unlimited: {}
\ No newline at end of file
+ unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: cli
+ roles:
+ - read