Code Review / oom.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "[DCAEGEN2] Update HV-VES version to 1.9.1"
[oom.git] / kubernetes / common / certInitializer / templates / _certInitializer.yaml
diff --git a/kubernetes/common/certInitializer/templates/_certInitializer.yaml b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
index 5a8e84c..32bba45 100644 (file)
--- a/kubernetes/common/certInitializer/templates/_certInitializer.yaml
+++ b/kubernetes/common/certInitializer/templates/_certInitializer.yaml
@@ -1,5 +1,6 @@
 {{/*
 # Copyright © 2020 Bell Canada, Samsung Electronics
+# Copyright © 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -55,6 +56,14 @@
   - mountPath: /opt/app/aaf_config/cert/truststoreONAP.p12.b64
     name: aaf-agent-certs
     subPath: truststoreONAP.p12.b64
+  - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
+    mountPath: /opt/app/aaf_config/bin/retrieval_check.sh
+    subPath: retrieval_check.sh
+{{-     if hasKey $initRoot "ingressTlsSecret" }}
+  - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
+    mountPath: /opt/app/aaf_config/bin/tls_certs_configure.sh
+    subPath: tls_certs_configure.sh
+{{-     end }}
 {{-     if $initRoot.aaf_add_config }}
   - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
     mountPath: /opt/app/aaf_config/bin/aaf-add-config.sh
@@ -64,8 +73,11 @@
     - sh
     - -c
     - |
-      #!/usr/bin/env bash
       /opt/app/aaf_config/bin/agent.sh
+      . /opt/app/aaf_config/bin/retrieval_check.sh
+{{-     if hasKey $initRoot "ingressTlsSecret" }}
+      /opt/app/aaf_config/bin/tls_certs_configure.sh
+{{-     end -}}
 {{-     if $initRoot.aaf_add_config }}
       /opt/app/aaf_config/bin/aaf-add-config.sh
 {{-     end }}
@@ -134,6 +146,8 @@
   volumeMounts:
     - mountPath: /certs
       name: aaf-agent-certs
+    - mountPath: /more_certs
+      name: provided-custom-certs
     - mountPath: /root/import-custom-certs.sh
       name: aaf-agent-certs
       subPath: import-custom-certs.sh
@@ -160,6 +174,9 @@
 - mountPath: {{ $initRoot.truststoreMountpath }}/{{ $initRoot.truststoreOutputFileName }}
   name: updated-truststore
   subPath: {{ $initRoot.truststoreOutputFileName }}
+- mountPath: /etc/ssl/certs/ca-certificates.crt
+  name: updated-truststore
+  subPath: ca-certificates.crt
 {{- end -}}
 {{- end -}}
 
@@ -174,13 +191,25 @@
   configMap:
     name: {{ tpl $subchartDot.Values.certsCMName $subchartDot }}
     defaultMode: 0700
-
-{{-     if $initRoot.aaf_add_config }}
+{{- if $dot.Values.global.importCustomCertsEnabled }}
+- name: provided-custom-certs
+{{-   if $dot.Values.global.customCertsSecret }}
+  secret:
+    secretName: {{ $dot.Values.global.customCertsSecret }}
+{{-   else }}
+{{-     if $dot.Values.global.customCertsConfigMap }}
+  configMap:
+    name: {{ $dot.Values.global.customCertsConfigMap }}
+{{-     else }}
+  emptyDir:
+    medium: Memory
+{{-     end }}
+{{-   end }}
+{{- end }}
 - name: {{ include "common.certInitializer._aafAddConfigVolumeName" $dot }}
   configMap:
     name: {{ include "common.fullname" $subchartDot }}-add-config
     defaultMode: 0700
-{{-     end -}}
 {{-     if $dot.Values.global.importCustomCertsEnabled }}
 - name: updated-truststore
   emptyDir: {}
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).